Importing Users from an Agency
In the following scenarios, add CodeArts project members by importing users from an agency.
- Scenario 1: When your enterprise needs to manage and access resources in multiple accounts, you can create users using IAM Identity Center, and add these users as CodeArts project members.
- Scenario 2: Assume that service A depends on service B to run. If you have permissions for service A but have no permissions for service B, you can create an agency to grant service A the permissions for service B.
For example, build tasks push images to SoftWare Repository for Container (SWR). If you have permissions to execute build tasks but are not authorized to upload images to SWR, your build tasks will fail. In this case, you can create an agency to grant CodeArts Build the required permissions to upload images to SWR.
Constraints
- In scenario 2, CodeArts allows you to add delegated objects to the following cloud services as project members:
- CodeArts Build
- CodeArts Deploy
- CodeArts Pipeline
- When the following dialog box shows up when you log in to CodeArts, select "I grant the above permissions." CodeArts automatically creates the relevant agencies and adds them to your project. So you do not need to create them by yourself.
Figure 1 Authorization dialog box
Procedure
|
Step |
Description |
|---|---|
|
Create an agency for your scenario. |
|
|
Import users from the agency as project members. Ensure that you have the General > project-role > userconfig permission. How Do I Check and Obtain Required Project Permissions? |
Step 1: Create an Agency
- Scenario 1: Create an agency by performing the following steps.
After completing the preceding operations, go to the IAM console. On the Agencies page, you will see an agency whose delegated party is Cloud Service - IAM Identity Center.
- Scenario 2: If you do not want to use the agencies created by CodeArts, create ones with the following settings by referring to Delegating Another Service for Resource Management.
Parameter
Description
Basic Information
Agency Type
Select Cloud service.
Cloud Service
Select CodeArts Build, CodeArts Deploy, or CodeArts Pipeline.
Authorization
Select Policy/Role
Select the required policies and roles. For example, select SWR Admin if you want to grant access to SWR.
Scope
Select All resources.
Step 2: Import Users from the Agency
- Go to the CodeArts homepage.
- Log in to the CodeArts console, click
, and select a region where you have enabled CodeArts. - Click Go to Workspace.
If your account uses the old billing mode (see Old Billing Modes), click Access Service.
- Log in to the CodeArts console, click
- Click the target project name to go to the project.
- In the navigation pane, choose Settings > Members.
- Click the Member View tab, choose Add Members, and select From Agencies.
- In the displayed dialog box, select users, specify a role for each user, and click Save.
Figure 2 Importing users from an agency
The new members are displayed in the list.
Helpful Links
- For details about the system roles in CodeArts projects, see built-in project roles in CodeArts.
- For details about how to edit and delete members, see Step 3: Manage Project Members.
- For details about how to configure permissions for each role in CodeArts, see Modifying Project Role Permissions.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
