forked from docs/doc-exports
Wei, Hongmin
25e8bdf969
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com> Co-authored-by: Wei, Hongmin <weihongmin1@huawei.com> Co-committed-by: Wei, Hongmin <weihongmin1@huawei.com>
29 lines
4.9 KiB
HTML
29 lines
4.9 KiB
HTML
<a name="iam_06_0004"></a><a name="iam_06_0004"></a>
|
|
|
|
|
|
|
|
|
|
<h1 class="topictitle1">Cloud Service Delegation</h1>
|
|
<div id="body0000001508162049"><p id="iam_06_0004__en-us_topic_0175653574_p1042135223415">Services on the cloud platform interwork with each other, and some cloud services are dependent on other services. To delegate a cloud service to access other services and perform resource O&M, create an agency for the service.</p>
|
|
<p id="iam_06_0004__en-us_topic_0175653574_p678627165114">IAM provides two methods to create a cloud service agency:</p>
|
|
<ol id="iam_06_0004__en-us_topic_0175653574_ol86339161512"><li id="iam_06_0004__en-us_topic_0175653574_li10633516195119"><a href="#iam_06_0004__en-us_topic_0175653574_section930952513442">Creating a cloud service agency on the IAM console</a><p id="iam_06_0004__en-us_topic_0175653574_p1989320316257">Take an OBS agency as an example. The agency allows OBS to call cloud services, for example, to read monitoring data from AOM.</p>
|
|
</li><li id="iam_06_0004__en-us_topic_0175653574_li158086177523">Automatically creating a cloud service agency to use certain resources<p id="iam_06_0004__en-us_topic_0175653574_p12955434175212"><a name="iam_06_0004__en-us_topic_0175653574_li158086177523"></a><a name="en-us_topic_0175653574_li158086177523"></a>The following takes Scalable File Service (SFS) as an example to describe the procedure for automatically creating a cloud service agency:</p>
|
|
<ol type="a" id="iam_06_0004__en-us_topic_0175653574_ol5494624194317"><li id="iam_06_0004__en-us_topic_0175653574_li124941244437">Go to the SFS console.</li><li id="iam_06_0004__en-us_topic_0175653574_li974319910443">On the <strong id="iam_06_0004__en-us_topic_0175653574_b1659811274313">Create File System</strong> page, enable static data encryption.</li><li id="iam_06_0004__en-us_topic_0175653574_li17760343134418">A dialog box is displayed requesting you to confirm the creation of an SFS agency. After you click <strong id="iam_06_0004__en-us_topic_0175653574_b66161733194510">OK</strong>, the system automatically creates an SFS agency with <strong id="iam_06_0004__en-us_topic_0175653574_b38971050102011">KMS CMKFullAccess</strong> permissions for the current project. With the agency, SFS can obtain KMS keys for encrypting or decrypting file systems.</li><li id="iam_06_0004__en-us_topic_0175653574_li97291277468">You can view the agency in the agency list on the IAM console.</li></ol>
|
|
</li></ol>
|
|
<div class="section" id="iam_06_0004__en-us_topic_0175653574_section930952513442"><a name="iam_06_0004__en-us_topic_0175653574_section930952513442"></a><a name="en-us_topic_0175653574_section930952513442"></a><h4 class="sectiontitle">Creating a Cloud Service Agency on the IAM Console</h4><ol id="iam_06_0004__en-us_topic_0175653574_ol49998812"><li id="iam_06_0004__en-us_topic_0175653574_li1780793672315"><span>Log in to the IAM console.</span></li><li id="iam_06_0004__en-us_topic_0175653574_li1546779817427"><span>On the IAM console, choose <strong id="iam_06_0004__en-us_topic_0175653574_b1336032311378">Agencies</strong> from the navigation pane, and click <strong id="iam_06_0004__en-us_topic_0175653574_b336472313374">Create Agency</strong>.</span></li><li id="iam_06_0004__en-us_topic_0175653574_li63471691104814"><span>Enter an agency name.</span><p><div class="fignone" id="iam_06_0004__en-us_topic_0175653574_fig103412552617"><span class="figcap"><b>Figure 1 </b>Cloud service agency name</span><br><span><img id="iam_06_0004__en-us_topic_0175653574_image8343551869" src="en-us_image_0000001562896221.png" height="314.795971" width="454.86" title="Click to enlarge" class="imgResize"></span></div>
|
|
</p></li><li id="iam_06_0004__en-us_topic_0175653574_li4558455145011"><span>Select the <strong id="iam_06_0004__en-us_topic_0175653574_b16137420231">Cloud service</strong> agency type, and then select a service.</span></li><li id="iam_06_0004__en-us_topic_0175653574_li21344527114840"><span>Select a validity period.</span></li><li id="iam_06_0004__en-us_topic_0175653574_li15518122905520"><span>(Optional) Enter a description for the agency to facilitate identification.</span></li><li id="iam_06_0004__en-us_topic_0175653574_li1694181217579"><span>Click <strong id="iam_06_0004__en-us_topic_0175653574_b22361648427">Next</strong>.</span></li><li id="iam_06_0004__en-us_topic_0175653574_li65324613265"><span>Select the permissions to be assigned to the agency, click <strong id="iam_06_0004__en-us_topic_0175653574_b35071599314">Next</strong>, and specify the authorization scope.</span></li><li id="iam_06_0004__en-us_topic_0175653574_li19340339165858"><span>Click <strong id="iam_06_0004__en-us_topic_0175653574_b648018182812">OK</strong>.</span></li></ol>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="en-us_topic_0079496986.html">Agencies</a></div>
|
|
</div>
|
|
</div>
|
|
|
|
|
|
<script language="JavaScript">
|
|
<!--
|
|
image_size('.imgResize');
|
|
var msg_imageMax = "view original image";
|
|
var msg_imageClose = "close";
|
|
//--></script> |