IBM Cloud Docs
Using a custom image in a private catalog with an instance group

Using a custom image in a private catalog with an instance group

To use a custom image in a private catalog with an instance group, a service-to-service policy to globalcatalog-collection.instance.retrieve must be created first. This policy grants access to your custom image in a private catalog to be used when you provision instances for your instance groups. For more information about custom images that are shared to a private catalog, see Getting started with custom images and Onboarding a virtual server image for VPC.

This service-to-service policy applies only to custom images in a private catalog.

Creating globalcatalog-collection.instance.retrieve service-to-service policy

Use the following steps to create the globalcatalog-collection.instance.retrieve service-to-service policy.

  1. In IBM Cloud console, go to Manage > Access (IAM) > Authorizations
  2. Click Create.
  3. On the Grant a service authorization page, select VPC Infrastructure Services for Source service and then select All resources for How do you want to scope the access?
  4. For Target service, select Catalog Management > Resources based on selected attributes for How do you want to scope the access?.
  5. For Add attributes, click Catalog and then select string equals for the Operator.
  6. For Value, enter the UUID of the private catalog.
  7. For Platform access, click Viewer.
  8. Click Authorize.

Next steps

After the globalcatalog-collection.instance.retrieve service-to-service policy is created, you can set up your instance group. For more information, see Creating an instance group for auto scaling.