Grant permissions on a Smart Access Gateway (SAG) instance to a peer Alibaba Cloud account so that account can attach your SAG instance to its Cloud Connect Network (CCN) or Virtual Border Router (VBR) instance to establish network communication.
Prerequisites
Before you begin, ensure that you have:
The UID of the peer Alibaba Cloud account
The ID of the peer CCN or VBR instance
Grant permissions
Log on to the Smart Access Gateway console.
In the top navigation bar, select the region.
On the Smart Access Gateway page, locate the target SAG instance.
Open the Network Configuration page of the target SAG instance using one of the following methods:
Click the ID of the SAG instance. On the instance details page, click Network Configuration.
Find the SAG instance and click Network Configuration in the Actions column.
Click the Network Instance Details tab.
In the Authorized Cross-account Instances section, click Authorize CCN Instance.
In the Authorize CCN Instance dialog box, configure the parameters and click OK.
Parameter Description Authorized Account UID The UID of the peer Alibaba Cloud account. Example: 168840159596****Network Type The type of network to attach the SAG instance to: Cloud Connect Network or Virtual Border Router Target CCN Instance ID The ID of the peer CCN instance. Example: ccn-6dhj3m2fz7p6og****. Required when Network Type is set to Cloud Connect NetworkRegion The region where the peer VBR is deployed. Required when Network Type is set to Virtual Border Router Peer VBR ID The ID of the peer VBR instance. Example: vbr-o6w14e21pzziti4tp****. Required when Network Type is set to Virtual Border RouterSecure Draining Whether to enable Secure Draining. Disabled by default
API reference
GrantSagInstanceToVbr: Grants permissions on an SAG instance to a VBR instance that belongs to another Alibaba Cloud account.
GrantSagInstanceToCcn: Grants permissions on an SAG instance to a CCN instance that belongs to another Alibaba Cloud account.