What Should I Do If the Agency List Fails to Be Obtained During Agency Configuration?

When a workspace- or job-level agency is configured, the following error is reported when the agency list is viewed:

Policy doesn't allow iam:agencies:listAgencies to be performed.

Add the View Agency List policy for the current user.

You can create a custom policy (query the agency list based on specified conditions) and assign it to a user group for refined access control.

1. Log in to the management console.
2. On the management console, hover the mouse pointer over the username in the upper right corner, and choose Identity and Access Management from the drop-down list.
3. In the navigation pane, choose Permissions. Then, click Create Custom Policy.
4. Enter a policy name.

   

5. Set Scope to Global services. The scope you set is where the custom policy takes effect. In this example, the custom policy has the permissions required to view the agency lists based on specified conditions.
6. Set Policy View to Visual editor.
7. Configure a policy in Policy Content.
   1. Select Allow.
   2. Select Identity and Access Management (IAM) for Select service.
   3. Select iam:agencies:listAgencies for Select action.

8. Click OK.
9. Add the policy defined in 7 to the group to which the current user belongs. For details, see .

   The current user can log out of the system and then log in again to obtain the agency list.