Multi-Account Management Overview
CFW provides secure and reliable cross-account data aggregation and resource access capabilities. If the accounts in your organization are centrally managed, you can use CFW to protect the EIPs of all member accounts in the organization in a unified manner.
Assume that account A needs to manage the assets of account B. To use CFW to protect the assets of organization members, perform the following operations:
- If account A is an organization administrator, skip this step. If account A is not an organization administrator, the organization administrator should add account A as a delegated administrator. For details, see Specifying a Delegated Administrator.
- The organization administrator or delegated administrator invites account B to join the organization. For details, see Inviting an Account to Join Your Organization.
- In CFW, add account B to the list on the Multi-Account Management page. For details, see Adding an Account to an Organization.
For details about the organization service, see Overview of Organizations.
To request the EIP information of account B, CFW automatically creates a service agency in accounts A and B.
- The agency is a cloud service agency. Its permissions is CFWServiceLinkedAgencyPolicy name is ServiceLinkedAgencyForCloudFirewall, and Scope is All resources.
- If account B is deleted, CFW automatically deletes the agency associated with the service in account B.
- If you unsubscribe from CFW, CFW automatically deletes the agencies associated with account A and all member accounts.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
