Skip to content

Latest commit

 

History

History
49 lines (33 loc) · 1.99 KB

authorizations.md

File metadata and controls

49 lines (33 loc) · 1.99 KB
copyright lastupdated keywords subcollection
years
2017, 2019
2019-02-21
authorizations, service to service access, access between services
iam

{:shortdesc: .shortdesc} {:codeblock: .codeblock} {:screen: .screen} {:new_window: target="_blank"} {:tip: .tip} {:note: .note}

Granting access between services

{: #serviceauth}

Many of the capabilities of the {{site.data.keyword.Bluemix_notm}} Identity and Access Management (IAM) system are focused on managing and enforcing access to {{site.data.keyword.Bluemix_notm}} resources by users and their applications. However, there might be other scenarios in which you need to provide one service with access to a user's resource in another service. All users in your account can create an authorization, but only a user with the Administrator role can delete an authorization. You can set up and view authorizations within your account on the Authorizations page. {:shortdesc}

Create an authorization

{: #create-auth}

You can only grant the level of access that you have as a user of the target service. For example, if you have only viewer access on the service that is going to be accessed, then you can assign only the viewer role for the authorization.

  1. From the menu bar, click Manage > Access (IAM), and select Authorizations.
  2. Click Create.
  3. Select a source and target service for the authorization. The source service is given access to the selected target service.
  4. Select a role to assign access to the source service that accesses the target service.
  5. Click Authorize.

Only services that allow this type of access to be granted are available as options. {: note}

Remove an authorization

{: #remove-auth}

  1. From the menu bar, click Manage > Access (IAM), and select Authorizations.
  2. Identify the row for the authorization that you want to remove from the account.
  3. From the Actions List of actions icon menu, select Remove.
  4. Select Remove.