Help Center/ SecMaster/ FAQs/ Purchase Consulting/ How Do I Obtain Permissions to Purchase SecMaster?

Updated on 2024-11-06 GMT+08:00

View PDF

How Do I Obtain Permissions to Purchase SecMaster?

If a message indicating insufficient permission is displayed when you purchase SecMaster, obtain the permission by following the procedure below.

Procedure

Log in to the management console.
Click in the upper left corner of the page and choose Management & Governance > Identity and Access Management.
(Optional) Create a user group.
If the SecMaster_ops user group has been created, skip this step.
1. In the navigation pane on the left, choose User Groups. On the displayed page, click Create User Group in the upper right corner.
2. On the Create User Group page, specify user group name and description.
  - Name: Set this parameter to SecMaster_ops.
  - Description: Enter a description.
3. Click OK.

Assign permissions to the user group.

Add global permissions.

In the navigation pane on the left, choose Permissions > Policies. In the upper right corner of the displayed page, click Create Custom Policy.

Configure a policy.

Policy Name: Enter a policy name.
Policy View: Select JSON.

Policy Content: Copy the following content and paste it in the text box.

{
    "Version": "1.1",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:permissions:checkRoleForAgency",
                "iam:agencies:listAgencies",
                "iam:permissions:grantRoleToAgencyOnDomain",
                "iam:agencies:createAgency",
                "iam:permissions:grantRoleToAgency",
                "iam:permissions:grantRoleToAgencyOnProject"
            ]
        }
    ]
}

Click OK.

Add project-level permissions.

In the navigation pane on the left, choose Permissions > Policies. In the upper right corner of the displayed page, click Create Custom Policy.

Configure a policy.

Policy Name: Enter a policy name.
Policy View: Select JSON.

Policy Content: Copy the following content and paste it in the text box.

{
    "Version": "1.1",
    "Statement": [
        {
            "Action": [
                "bss:order:pay",
                "bss:unsubscribe:update",
                "bss:order:view",
                "bss:balance:view",
                "bss:order:update",
                "ecs:cloudServers:list",
                "bss:renewal:view",
                "bss:renewal:update",
                "secmaster:*:*"
            ],
            "Effect": "Allow"
        }
    ]
}

Click OK.

Assign permissions to the created user group.
1. In the navigation pane on the left, choose User Groups. On the displayed page, click SecMaster_ops.
2. On the Permissions tab page, click Authorize.
3. On the Select Policy/Role page, search for and select the policy added in 4 and click Next.
4. Set the minimum authorization scope. Select All resources for Scope. After the setting is complete, click OK.
5. Verify the authorization. The policy will be listed on the page.
Add the operation account to the user group.
1. In the navigation pane on the left, choose User Groups.
2. Locate the row that contains the SecMaster_ops user group, and click Manage User the Operation column.
3. In the displayed Manage User dialog box, select users you want to add.
4. Click OK.

Parent topic: Purchase Consulting

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel