Updated on 2024-04-15 GMT+08:00

Step 2: Add a Whitelist Record

Scenarios

Permission management controls the access of a VPC endpoint in one account to a VPC endpoint service in another.

After a VPC endpoint service is created, you can add or delete an authorized account ID to and from the whitelist of the VPC endpoint service.

The following operations describe how to obtain your account ID and add it to the whitelist of another user's VPC endpoint services.

Prerequisites

The required VPC endpoint service is available.

Constraints

  • The VPC endpoint and the VPC endpoint service must be deployed in the same region.
  • Before you configure the whitelist for a VPC endpoint service, obtain the account ID of the associated VPC endpoint.

Obtain the ID of Your Own Account

  1. Log in to the management console.
  2. Click My Credentials under the account.

    The My Credentials page is displayed. You can view the account ID of VPC 1.

Add Account IDs to Be Authorized to the Whitelist of a VPC Endpoint Service

  1. Click in the upper left corner and select the required region and project.
  1. Click Service List and choose Networking > VPC Endpoint.
  1. In the navigation pane on the left, choose VPC Endpoint > VPC Endpoint Services.
  2. In the VPC endpoint service list, locate the target VPC endpoint service and click its name.
  3. On the displayed page, select the Permission Management tab and click Add to Whitelist.
  4. Enter an authorized account ID in the required format and click OK.
    • Your account is in the whitelist of your VPC endpoint service by default.
    • The authorized account ID is in the iam:domain::domain_id format.

      domain_id indicates the ID of the authorized account, for example, iam:domain::1564ec50ef2a47c791ea5536353ed4b9

    • Adding * to the whitelist means that all users can access the VPC endpoint service.