SCM Authorization
If your certificate has been uploaded to Cloud Certificate Manager (CCM) of Huawei Cloud, you can enable SCM authorization so that you can directly obtain the certificate content when configuring certificates on CDN.
Constraints
- IAM users can enable SCM authorization only when they have the following permissions.
Associated Cloud Service
Permission
IAM
- iam:roles:listRoles
- iam:roles:createRole
- iam:agencies:listAgencies
- iam:agencies:createAgency
- iam:permissions:grantRoleToAgencyOnDomain
CDN
- cdn:configuration:modifyChargeMode
- CDN ReadOnlyAccess
SCM
scm:cert:list
- After creating an agency, IAM users can configure certificates for domain names when they have the following permissions.
- cdn:configuration:modifyHttpsConf
- cdn:configuration:modifyOriginConfInfo
Enabling SCM Authorization
-
Log in to Huawei Cloud console. Choose .
The CDN console is displayed.
- In the navigation pane, choose .
- In the upper right corner of the page, click Enable SCM Authorization.
Figure 1 Cloud resource authorization
- Click OK. The system creates an agency named CDNAccessScm for you on the IAM console. CDN now has the permission to list your SCM certificates and export certificate details.
- Do not delete this agency. Otherwise, CDN cannot obtain certificate content when you configure an HTTPS certificate.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.