Updated on 2024-10-31 GMT+08:00

Cloud Service Agency

Huawei Cloud services interwork with each other, and some cloud services are dependent on other services. To delegate a cloud service to access other services and perform resource O&M, create an agency for the service.

IAM provides two methods to create a cloud service agency:

  1. Creating a cloud service agency on the IAM console

    For example, create an agency for Graph Engine Service (GES) and grant it permissions to bind your EIP to the primary load balancer if a failover occurs.

    Figure 1 Cloud service agency
  2. Automatically creating a cloud service agency to use certain resources

    The following takes Scalable File Service (SFS) as an example to describe the procedure for automatically creating a cloud service agency:

    1. Go to the SFS console.
    2. On the Create File System page, enable static data encryption.
    3. A dialog box is displayed requesting you to confirm the creation of an SFS agency. After you click OK, the system automatically creates an SFS agency with KMS CMKFullAccess permissions for the current project. With the agency, SFS can obtain KMS keys for encrypting or decrypting file systems.
    4. You can view the agency in the agency list on the IAM console.

Creating a Cloud Service Agency on the IAM Console

  1. Log in to the IAM console.
  2. On the IAM console, choose Agencies from the navigation pane, and click Create Agency.
  3. Enter an agency name.

    Figure 2 Cloud service agency name

  4. Select the Cloud service agency type, and then select a service.
  5. Select a validity period.
  6. (Optional) Enter a description for the agency to facilitate identification.
  7. Click Next.
  8. Select the permissions to be assigned to the agency, click Next, and specify the authorization scope.
  9. Click OK.