This topic describes how to add a user in Data Management (DMS) as a Resource Access Management (RAM) user by using Resource Orchestration Service (ROS).
Create a RAM user and grant permissions to the RAM user
Create a RAM user.
Go to the Users page in the RAM console and click Create User.
Enter
dms_test
in the Logon Name field and select Using permanent AccessKey to access for the Access Mode parameter.Click OK. Record the UID of the RAM user.
Grant permissions to the RAM user.
Go to the Users page, find the RAM user that you created, and then click Add Permissions in the Actions column.
In the Policy section of the Grant Permission panel, enter
AliyunDMSFullAccess
in the search box and select the policy. Repeat this step to select theAliyunROSFullAccess
policy.NoteIn this example, the AliyunDMSFullAccess policy is attached to the RAM user to authorize the RAM user to manage DMS resources.
In actual projects, you can select policies as needed or customize more fine-grained policies. For more information, see Identity management.
Click Grant permissions.
Procedure
Log on to the ROS console. In the top navigation bar, select a region in the region drop-down list.
In the left-side navigation pane, choose Deployment > Stacks. On the Stacks page, click Create Stack and select Use ROS.
Specify Template: Select Select an Existing Template.
Template Import Method: Select Enter Template Content.
In the Template Content section, click the ROS tab and enter code in the JSON or YAML format.
For more information about the parameters in the template, see ALIYUN::DMS::User.
Click Next. Configure the parameters and click Create.
After the stack is created, you can view the status of the stack and the outputs on the Stack Information and Outputs tabs of the stack details page.
After the stack is created, you can view the added user by calling an API operation, using an SDK, or in the DMS console. For more information about how to view users in the DMS console, see Manage users.