Help Center> Image Management Service> FAQ> Accounts and Permissions> How Do I Create an IAM Agency?
View PDF

How Do I Create an IAM Agency?

Scenarios

During cross-region image replication, an agency is required to verify cloud service permissions in the destination region. Therefore, you need to create a cloud service agency in advance. This section describes how to create an IAM agency.

Background

An agency is a trust relationship established between you and other HUAWEI CLOUD accounts or cloud services. If you have purchased multiple types of cloud resources on HUAWEI CLOUD, you can create an agency through IAM to establish a trust relationship with a professional company or cloud service for secure and efficient O&M on certain types of your resources.

Procedure

  1. Log in to the management console.
  2. In the upper right corner of the page, click the username and select Identity and Access Management.
  3. In the navigation pane, choose Agencies.
  4. Click Create Agency.
  5. On the Create Agency page, set the following parameters:
    • Agency Name: Enter an agency name, such as ims_administrator_agency.
      Figure 1 Creating an agency
    • Agency Type: Select Cloud service.
    • Cloud Service: This parameter is available if you select Cloud service for Agency Type. Click Select. In the displayed Select Cloud Service dialog box, select Image Management Service (IMS) and click OK.
    • Validity Period: Select Unlimited.
    • Description: This parameter is optional. You can enter Agency with IMS Administrator privileges.
    • Permissions: Click Assign Permissions. By default, Policy View is displayed. Enter IMS Administrator in the search box, select the IMS Administrator check box, select the destination region or sub-project in the Project [Region] column, and click OK.

      Do not select All projects in the Project [Region] column. Otherwise, the created agency will be invalid.

      In cross-region image replication, the agency must have the administrator permissions in both the source and destination regions. For example, if you want to replicate an image from CN North-Beijing4 to CN East-Shanghai1, the agency must have the IMS Administrator permissions in both regions.

      Figure 2 Configuring permissions
  6. Click OK.
Parent topic: Accounts and Permissions