Updated on 2022-10-08 GMT+08:00

Service Authorization

CGS requires access permissions for Cloud Container Engine (CCE) to protect its clusters and Software Repository for Container (SWR) to scan its images.

Authorize CGS to access these services the first time you use it.

Constraints

  • CGS cannot be used across regions. The images to be scanned and the clusters to be protected must be in the same region as CGS.
  • You have obtained the account (with the global Security Administrator permission) and password for logging in to the management console.

Procedure

  1. Log in to the management console.
  2. In the upper part of the page, select a region, click , and choose Security & Compliance > Container Guard Service.
  3. Click Approve.

    Once service authorization has succeeded, an agency named cgs_admin_trust on CGS will be created and you can start to use CGS.

    After authorization, if the agency fails to be created for CGS, it is probably because the number of agencies already reaches the upper limit. In this case, log in to the IAM console and delete unnecessary agencies, or contact the system administrator to increase the agency quota.