Authorization
Some functions of EG require your authorization and an agency will be automatically created. For details, see Table 1.
|
Agency Name |
Authorizer |
Authorized |
Assigning Permissions |
Description |
|---|---|---|---|---|
|
EG_DELEGATE_FG_AGENCY |
User |
FunctionGraph |
vpc:ports:delete vpc:ports:get vpc:ports:create vpc:vpcs:get vpc:subnets:get |
When creating a function in an event stream, you need to authorize FunctionGraph to query the VPC, subnet, and port to connect to the network. |
|
EG_AGENCY |
User |
EventGrid |
eg:channels:get eg:channels:list eg:channels:putEvents |
If the event source is DMS, you need to send events to the EG channel and authorize the channel permissions. |
|
EG_TARGET_AGENCY |
User |
EventGrid |
functiongraph:function:invoke functiongraph:function:invokeAsync eg:channels:get eg:channels:list eg:channels:putEvents smn:topic:publish |
Used for event sending to the subscription target (including FunctionGraph, EG, and SMN). |
|
EG_DEDICATED_EVENT_STREAM_AGENCY |
User |
EventGrid |
dcs:instance:list dcs:instance:get dms:instance:get dms:instance:list vpc:vpcs:get vpc:ports:create vpc:ports:delete vpc:ports:update vpc:ports:get vpc:subnets:get |
Used by the professional event stream to synchronize DMS and DCS data, check the status of scheduled tasks, and clear residual data. During creation, you need to attach NICs and enable the network. |
Authorization Scenarios
- When you create your first connection, your authorization will be required. If you agree to authorize, an agency named EG_DELEGATE_FG_AGENCY will be automatically created in IAM. View this agency on the IAM console.
- When you create your first DMS for RabbitMQ or DMS for RocketMQ event source, your authorization will be required. If you agree to authorize, agencies named EG_DELEGATE_FG_AGENCY and EG_AGENCY will be automatically created in IAM. View this agency on the IAM console.
- When you create an event subscription for the first time and set event target to EG, SMN, or FunctionGraph (for details, see 8), you need to create an agency and agree to the authorization. After the authorization is successful, EG creates an agency named EG_TARGET_AGENCY on the IAM console. View this agency on the IAM console.
- When you create your first professional event stream cluster, your authorization will be required. If you agree to authorize, an agency named EG_DEDICATED_EVENT_STREAM_AGENCY will be automatically created in IAM. View this agency on the IAM console.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
