Which Cloud Services Support the Global Condition Key G:CalledVia?

The following services support the global condition key g:CalledVia.

**Table 1** Cloud services that support g:CalledVia
Cloud Service Name	Principal
Anti-DDoS Service (AAD)	service.AAD
IAM Access Analyzer	service.AccessAnalyzer
Application Operations Management (AOM)	service.AOM
API Gateway (APIG)	service.APIG
Auto Scaling	service.AS
Billing Center	service.BILLING
Cloud Bastion Host (CBH)	service.CBH
Cloud Backup and Recovery (CBR)	service.CBR
Cloud Connect	service.CC
Cloud Container Engine (CCE)	service.CCE
Content Delivery Network (CDN)	service.CDN
Cloud Eye	service.CES
Cloud Firewall (CFW)	service.CFW
Cloud Native Anti-DDoS Advanced (CNAD)	service.CNAD
Cloud Operations Center (COC)	service.COC
CodeArts	service.CODEARTS
CodeArts Pipeline	service.CodeArtsPipeline
Cloud Service Engine (CSE)	service.CSE
Cloud Secret Management Service (CSMS)	service.CSMS
Cloud Search Service (CSS)	service.CSS
Cloud Trace Service (CTS)	service.CTS
DataArts Studio	service.DataArtsStudio
Database Security Service (DBSS)	service.DBSS
Direct Connect (DC)	service.DCAAS
Distributed Cache Service (DCS)	service.DCS
Document Database Service (DDS)	service.DDS
Dedicated Hardware Security Module (DHSM)	service.DHSM
Data Lake Insight (DLI)	service.DLI
Domain Name Service (DNS)	service.DNS
Data Replication Service (DRS)	service.DRS
Data Security Center (DSC)	service.DSC
GaussDB(DWS)	service.DWS
Elastic IP (EIP)	service.EIP
Elastic Load Balance (ELB)	service.ELB
Enterprise Project Management Service (EPS)	service.EPS
Enterprise Router	service.ER
Elastic Volume Service (EVS)	service.EVS
Global Accelerator	service.GA
GaussDB	service.GaussDB
TaurusDB	service.GaussDBforMySQL
Host Security Service (HSS)	service.HSS
Identity and Access Management (IAM)	service.IAM
IAM Identity Center	service.IdentityCenter
Image Management Service (IMS)	service.IMS
IoT Device Access (IoTDA)	service.IoTDA
Key Management Service (KMS)	service.KMS
Key Pair Service (KPS)	service.KPS
Log Tank Service (LTS)	service.LTS
MapReduce Service (MRS)	service.MRS
NAT Gateway	service.NAT
Object Storage Migration Service (OMS)	service.OMS
Organizations	service.Organizations
Private Certificate Authority (PCA)	service.PCA
Resource Access Manager (RAM)	service.RAM
Relational Database Service (RDS)	service.RDS
Resource Formation Service (RFS)	service.RF
	service.RFStackSets
	service.RFStackSetsOrgMember
Resource Governance Center (RGC)	service.RGC
Config	service.RMSMultiAccountSetup
	service.RMSConforms
	service.RMSRemediation
SSL Certificate Manager (SCM)	service.SCM
SecMaster	service.SecMaster
ServiceStage	service.ServiceStage
Simple Message Notification (SMN)	service.SMN
Server Migration Service (SMS)	service.SMS
Software Repository for Container (SWR)	service.swr
Tag Management Service (TMS)	service.TMS
Virtual Private Cloud (VPC)	service.VPC
VPC Endpoint (VPCEP)	service.VPCEP
Web Application Firewall (WAF)	service.WAF
Workspace	service.Workspace

RFS and Config each have multiple principals.

RFS:

You can use service.RF to assume a cloud service agency and create, update, or delete resources based on the cloud service defined in the template for cross-service access request forwarding.
You can use service.RFStackSets to assume a cloud service agency and query OU and member account information in Organizations. The administrator can obtain temporary credentials of the trust agencies assumed by member accounts in IAM.
You can use service.RFStackSetsOrgMember to assume a cloud service agency and create trust agencies for member accounts and add policies to the trust agencies in IAM for RFS management.

Config:

You can use service.RMSMultiAccountSetup to create a service-linked agency in IAM for creating or updating organization conformance rules and packages for cross-service access request forwarding. You can also use this principal to assume a cloud service agency and send resource change notifications through SMN or dump resource snapshots to OBS.
You can use service.RMSConforms to create a service-linked agency in IAM for creating or updating conformance packages for cross-service access request forwarding.
You can use service.RMSRemediation to create a service-linked agency in IAM for creating or updating remediation configurations for cross-service access request forwarding.

Parent topic: Permissions Management

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot