Home PageApsaraDB for OceanBaseSupportFAQHow to create a service-linked role when a RAM user creates a tenant instance
Search for Help Content

How to create a service-linked role when a RAM user creates a tenant instance

Updated at: 2024-10-14 09:42
Community

Error

When creating a tenant instance, a RAM user needs to create a service-linked role. The system prompts that the currently logged-in user does not have the permission to create a service-linked role.

Solution

You can follow the steps below.

Create a custom policy

  1. Log on to the RAM console by using an Alibaba Cloud account.

  2. In the left-side navigation pane, choose Permissions > Policies.

  3. On the Policies page, click Create Policy.

  4. On the Create Policy page, click the JSON tab.

  5. On the JSON tab, copy the following script to the text box and click Next to edit policy information.

    {
  "Version": "1",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "ram:CreateServiceLinkedRole",
      "Resource": "*"
    }
  ]
}

  6. On the Create Policy page, specify the policy name and click OK.04

Grant the permission to a RAM user

  1. In the left-side navigation pane, choose Identities > Users.

  2. On the Users page, find the target RAM user, and click Add Permissions in the Actions column.

  3. On the Grant Permission panel, grant the permission for the custom policy "CreateServiceLinkedRole" to the RAM user.image

  4. Click Grant Permissions.

Previous: Add a data sourceNext: Create a VPC and a vSwitch
  • On this page (0)
  • Error
  • Solution
  • Create a custom policy
  • Grant the permission to a RAM user
Feedback