Help Center/ EventGrid/ User Guide/ Authorization
Updated on 2023-10-26 GMT+08:00

Authorization

Some functions of EG require your authorization and an agency will be automatically created. For details, see Table 1.

Table 1 Agency information

Agency Name

Authorizer

Authorized

Service to Access and Required Permission

Function

EG_DELEGATE_FG_AGENCY

User

FunctionGraph

VPC: VPC Administrator

DNS: DNS ReadOnlyAccess

  • Create RabbitMQ and RocketMQ custom event sources
  • Create subscriptions with a private HTTPS endpoint.

EG_AGENCY

User

EventGrid

EG: EG Publisher

Create RabbitMQ and RocketMQ custom event sources

Authorization Scenarios

  1. When you create your first connection, your authorization will be required. If you agree to authorize, an agency named EG_DELEGATE_FG_AGENCY will be automatically created in IAM. View this agency on the IAM console.
    Table 2 Permissions of EG_DELEGATE_FG_AGENCY

    Permission

    Description

    VPC Administrator

    Required for FunctionGraph to connect to VPC when you create a connection.

    DNS ReadOnlyAccess

    Required for FunctionGraph to connect to VPC when you create a connection.

  2. When you create your first DMS for RabbitMQ or DMS for RocketMQ event source, your authorization will be required. If you agree to authorize, agencies named EG_DELEGATE_FG_AGENCY and EG_AGENCY will be automatically created in IAM. View these agencies on the IAM console.
    Table 3 Permissions of EG_DELEGATE_FG_AGENCY and EG_AGENCY

    Permission

    Description

    VPC Administrator

    Required for FunctionGraph to connect to VPC when you create a DMS event source.

    DNS ReadOnlyAccess

    Required for FunctionGraph to connect to VPC when you create a DMS event source.

    EG Publisher

    Required for EG to publish messages to a channel when you create a DMS event source.