Authorizing Event Notifications to access other services
Use IBM Cloud® Identity and Access Management (IAM) to create or remove an authorization that grants one service access to another service. You must grant Event Notifications the appropriate IAM service to service access for it to be able to send notifications and alerts to the various available destinations. You can find the list of available destinations here.
If the source service that needs access to the target service is in the same account, select This account. The service-to-service authorization is created when the integration is created from the console. If the integration is being created by using the API, the users need to create the service-to-service authorization manually.
Creating an authorization in the console
If the source and target services are in different accounts or if the authorization is created manually, complete the following steps:
-
In the IBM Cloud console, click Manage > Access (IAM), and select Authorizations.
-
Click Create.
-
Select a source account.
-
Select the Source service as Event Notifications.
-
Specify whether you want to authorize all Event Notifications resources, specific resource group, resource ID, or a service instance. If you select specific resource group, resource ID, or a service instance you need specify the resource group,resource ID or service instance under Add a condition.
-
Select a Target service.
-
For the target service, specify whether you want to give Event Notifications access to all resources of the target, only to a specific resource group, a region, a service instance, a resource type or a resource ID.
-
Select the appropriate roles to grant Event Notifications access to the target service.
-
Click Authorize.
To authorize a source service to access a target service, run the ibmcloud iam authorization-policy-create command.
For more information about all the parameters available for this command, see ibmcloud iam authorization-policy-create.