diff --git a/backend/apps/monitor/views.py b/backend/apps/monitor/views.py
index 56d6134..be08cb0 100644
--- a/backend/apps/monitor/views.py
+++ b/backend/apps/monitor/views.py
@@ -347,8 +347,8 @@ def iam_user_create_view(request):
             monitor_enabled=True,
         )
 
-    # 7. Create Deny policy (project isolation)
-    _update_deny_policy(obj)
+    # 7. Create Deny policy (project isolation) + refresh all users
+    _refresh_all_deny_policies()
 
     AlertRecord.objects.create(
         iam_user=obj,
@@ -948,8 +948,8 @@ def iam_user_project_add_view(request, pk):
         obj.attached_policies = attached
         obj.save(update_fields=['attached_policies'])
 
-    # 更新 Deny 策略（将新项目加入白名单）
-    _update_deny_policy(user)
+    # 更新所有子账号的 Deny 策略（新项目需要加入其他人的拒绝列表）
+    _refresh_all_deny_policies()
 
     AlertRecord.objects.create(
         iam_user=user,
@@ -1094,8 +1094,8 @@ def iam_user_project_delete_view(request, pk, pid):
 
     project.delete()
 
-    # 更新 Deny 策略（将移除的项目从白名单中删除）
-    _update_deny_policy(user)
+    # 更新所有子账号的 Deny 策略
+    _refresh_all_deny_policies()
 
     result = {'message': f'已移除项目 {name}，已回收权限: {detached}'}
     if detach_errors: