Help Center/ Organizations/ User Guide/ Managing Trusted Services/ Trusted Services for Organizations
Updated on 2024-08-23 GMT+08:00

Trusted Services for Organizations

Log in to Huawei Cloud as the organization administrator or using the management account, navigate to the Organizations console, and access the Services page to view the trusted services for Organizations.

The following table lists the cloud services that can be used with Huawei Cloud Organizations.

Table 1 Trusted services for Organizations

Service Name

Benefits of Using with Organizations

Delegated Administrator

Reference

Config

You can create compliance rules, conformance packages, and resource aggregators for a given organization. The organization administrator or the delegated Config administrator can perform unified configurations, which will be applied to all member accounts in the organization.

Supported

Resource Access Manager (RAM)

You can easily share resources within a given organization. When your account is managed by an organization, you can share resources with all accounts in the organization. Accounts in the same organization can use the shared resources without being invited.

Supported

Enabling Sharing with Organizations

Cloud Trace Service (CTS)

You can configure an organization tracker for a given organization. The organization administrator or delegated CTS administrator can apply the organization tracker to the entire organization for cloud audit, such as multi-account security audit.

Supported

Organization Trackers

Application Operations Management (AOM)

You can create Prometheus instances of the multi-account aggregation type.

With this function enabled for a given organization, the organization administrator or delegated AOM administrator can centrally monitor the cloud service metrics across multiple member accounts in the organization.

Supported

Prometheus for Multi-Account Aggregation

Cloud Backup and Recovery (CBR)

You can manage backup and replication policies for a given organization. The organization administrator or delegated CBR administrator can centrally create and configure organizational backup policies and replication policies for member accounts in the organization.

Supported

Organization Policy Management

Cloud Eye

You can view the dashboards across accounts in a given organization. The organization administrator or delegated Cloud Eye administrator can view the dashboards of all accounts in the organization.

Supported

Viewing Dashboards Across Accounts

Cloud Firewall (CFW)

You can securely and reliably aggregate data from and access resources across accounts. The organization administrator or delegated CFW administrator can protect the EIPs of all member accounts in the organization in a unified manner.

Supported

Multi-Account Management

Data Security Center (DSC)

You can securely and reliably aggregate data from and access resources across accounts. The organization administrator and delegated DSC administrator can protect the data security of all member accounts in the organization, without login using each account.

Supported

Multi-Account Management

Host Security Service (HSS)

You can securely and reliably aggregate data from and access resources across accounts. The organization administrator or delegated HSS administrator can protect the workloads of all member accounts in the organization in a unified manner.

Supported

Account Management

IAM Identity Center

You can use IAM Identity Center to centrally manage your workforce identities and their access to multiple accounts in your organization. You can create identities for your entire enterprise at one go and give them single sign-on (SSO) access with managed permissions.

Supported

What Is IAM Identity Center?

Log Tank Service (LTS)

You can deploy a log aggregation center to aggregate logs across accounts. The organization administrator or delegated LTS administrator can copy the log streams of specified account in the organization on the LTS console to centrally store and analyze multi-account logs. This can meet the scenario-specific requirements for security compliance and centralized analysis.

Supported

Multi-Account Log Center

SecMaster

You can apply workspace agencies to multiple accounts in a given organization. The organization administrator or delegated SecMaster administrator can create a workspace agency for one or more accounts in the organization.

Supported

Creating an Agency

IAM Access Analyzer

Access Analyzer provides organization-wide access analysis. The organization administrator or delegated administrator can create and manage access analyzers in a given organization, for example, to identify resources in the organization that are shared with external principals.

Supported

None

Cloud Operations Center (COC)

Working with cross-account management of Organizations, COC allows an organization administrator or delegated service administrator to view the O&M situation and resource status of members in the organization and also to perform operations across accounts.

Supported

None