All Products
Search

This Product

    Cloud Architect Design Tools:Full permissions

    Document Center

    Cloud Architect Design Tools:Full permissions

    Last Updated:Aug 06, 2024

    Overview

    To grant full permissions on Cloud Architect Design Tools (CADT) and related Alibaba Cloud resources to a Resource Access Management (RAM) user, you must grant the following permissions to the RAM user:

    • AliyunCADTFullAccess

    • AliyunConfigFullAccess

    • AliyunResourceDirectoryReadOnlyAccess

    • AliyunRAMReadOnlyAccess

    • AliyunQuotasReadOnlyAccess

    • Full permissions on the cloud services to manage

    Note

    If you want to use a subscription instance, you must add AliyunBSSRefundAccess

    Grant permissions to a RAM user

    1. Log on to the RAM console. On the Users page, find the RAM user to which you want to grant permissions, and click Add Permissions in the Actions column. In this example, the cadt-user user is used.image

    2. In the Add Permissions panel, grant the following permissions to the cadt-user user and click OK.

      In this example, a test application named CADT-Test is used. The CADT-Test application contains a Virtual Private Cloud (VPC), an Elastic Compute Service (ECS) instance, and an Elastic IP Address (EIP). Therefore, you must grant the AliyunCADTFullAccess and AliyunConfigFullAccess permissions and full permissions on VPC, ECS, and EIP to the cadt-user user.

      • AliyunCADTFullAccess

      • AliyunConfigFullAccess

      • AliyunResourceDirectoryReadOnlyAccess

      • AliyunRAMReadOnlyAccess

      • AliyunQuotasReadOnlyAccess

      • AliyunVPCFullAccess

      • AliyunECSFullAccess

      • AliyunEIPFullAccessimageimage

    • Click Complete. The following figures show the permissions that are granted to the cart-user user.imageimage

    Verify permissions

    After the preceding permissions are granted to the cadt-user user, the cadt-user user has full permissions on CADT and the corresponding Alibaba Cloud resources.

    1. Open a browser in incognito mode, and log on to the Alibaba Cloud Management Console as the cadt-user user. Then, log on to the CADT console.imageimageimage

    2. In the top navigation bar, choose Application > My Applications. On the My Applications page, find the test application, move the pointer over the application, and then click Copy Architecture to create an application that is the same as the test application.imageimageimageimage

    3. Click Save to save the application.image

    4. Click Deploy Application to deploy the application.image

    5. Follow the instructions to verify the availability of resources, confirm the prices and the order, and then deploy the application.imageimageimage

    6. Wait until the application is deployed. The following figure shows the page that is displayed after successful deployment.image

    7. Click Resource List in the lower part of the canvas, and click Remove All Resources to verify the permissions to release resources.image

      Wait until all resources in the application are released.

      image

    8. Use the preceding method to verify the permissions that are granted to the RAM user on other CADT features.imageimage