All Products
Search

This Product

    Data Management:Integration by using ROS

    Document Center

    Data Management:Integration by using ROS

    Last Updated:Oct 14, 2024

    This topic describes how to add a user in Data Management (DMS) as a Resource Access Management (RAM) user by using Resource Orchestration Service (ROS).

    Create a RAM user and grant permissions to the RAM user

    1. Create a RAM user.

      1. Go to the Users page in the RAM console and click Create User.

      2. Enter dms_test in the Logon Name field and select OpenAPI Access for the Access Mode parameter.

      3. Click OK. Record the UID of the RAM user.

    2. Grant permissions to the RAM user.

      1. Go to the Users page, find the RAM user that you created, and then click Add Permissions in the Actions column.

      2. In the Policy section of the Grant Permission panel, enter AliyunDMSFullAccess in the search box and select the policy. Repeat this step to select the AliyunROSFullAccess policy.

        Note

        In this example, the AliyunDMSFullAccess policy is attached to the RAM user to authorize the RAM user to manage DMS resources.

        In actual projects, you can select policies as needed or customize more fine-grained policies. For more information, see Identity management.

      3. Click Grant permissions.

    Procedure

    1. Log on to the ROS console. In the top navigation bar, select a region in the region drop-down list.

    2. In the left-side navigation pane, choose Deployment > Stacks. On the Stacks page, click Create Stack and select Use ROS.

      • Specify Template: Select Select an Existing Template.

      • Template Import Method: Select Enter Template Content.

    3. In the Template Content section, click the ROS tab and enter code in the JSON or YAML format.

      For more information about the parameters in the template, see ALIYUN::DMS::User.

      YAML format

      ROSTemplateFormatVersion: '2015-09-01'
Parameters:
 Status:
  Type: String
  Description: UserStatus
 Uid:
  Type: String
  Description: UserAliYunUid
 UserName:
  Type: String
  Description: UserNickName
 RoleNames:
  Type: Json
  Description: UserRole
 Mobile:
  Type: String
  Description: UserMobile
 Tid:
  Type: String
  Description: ''
Resources:
 DMSEnterpriseUser:
  Type: 'ALIYUN::DMS::User'
  Properties:
   Status:
    Ref: Status
   Uid:
    Ref: Uid
   UserName:
    Ref: UserName
   RoleNames:
    Ref: RoleNames
   Mobile:
    Ref: Mobile
   Tid:
    Ref: Tid
Outputs:
 Uid:
  Description: UserAliYunUid
  Value:
   'Fn::GetAtt':
    - DMSEnterpriseUser
    - Uid
 UserName:
  Description: UserNickName
  Value:
   'Fn::GetAtt':
    - DMSEnterpriseUser
    - UserName
 RoleNames:
  Description: UserRole
  Value:
   'Fn::GetAtt':
    - DMSEnterpriseUser
    - RoleNames
 UserId:
  Description: UserId
  Value:
   'Fn::GetAtt':
    - DMSEnterpriseUser
    - UserId
 RoleIds:
  Description: UserRoleId
  Value:
   'Fn::GetAtt':
    - DMSEnterpriseUser
    - RoleIds
 Mobile:
  Description: UserMobile
  Value:
   'Fn::GetAtt':
    - DMSEnterpriseUser
    - Mobile
 ParentUid:
  Description: ParentAliYunUid
  Value:
   'Fn::GetAtt':
    - DMSEnterpriseUser
    - ParentUid

      JSON format

      {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "Status": {
      "Type": "String",
      "Description": "UserStatus"
    },
    "Uid": {
      "Type": "String",
      "Description": "UserAliYunUid"
    },
    "UserName": {
      "Type": "String",
      "Description": "UserNickName"
    },
    "RoleNames": {
      "Type": "Json",
      "Description": "UserRole"
    },
    "Mobile": {
      "Type": "String",
      "Description": "UserMobile"
    },
    "Tid": {
      "Type": "String",
      "Description": ""
    }
  },
  "Resources": {
    "DMSEnterpriseUser": {
      "Type": "ALIYUN::DMS::User",
      "Properties": {
        "Status": {
          "Ref": "Status"
        },
        "Uid": {
          "Ref": "Uid"
        },
        "UserName": {
          "Ref": "UserName"
        },
        "RoleNames": {
          "Ref": "RoleNames"
        },
        "Mobile": {
          "Ref": "Mobile"
        },
        "Tid": {
          "Ref": "Tid"
        }
      }
    }
  },
  "Outputs": {
    "Uid": {
      "Description": "UserAliYunUid",
      "Value": {
        "Fn::GetAtt": [
          "DMSEnterpriseUser",
          "Uid"
        ]
      }
    },
    "UserName": {
      "Description": "UserNickName",
      "Value": {
        "Fn::GetAtt": [
          "DMSEnterpriseUser",
          "UserName"
        ]
      }
    },
    "RoleNames": {
      "Description": "UserRole",
      "Value": {
        "Fn::GetAtt": [
          "DMSEnterpriseUser",
          "RoleNames"
        ]
      }
    },
    "UserId": {
      "Description": "UserId",
      "Value": {
        "Fn::GetAtt": [
          "DMSEnterpriseUser",
          "UserId"
        ]
      }
    },
    "RoleIds": {
      "Description": "UserRoleId",
      "Value": {
        "Fn::GetAtt": [
          "DMSEnterpriseUser",
          "RoleIds"
        ]
      }
    },
    "Mobile": {
      "Description": "UserMobile",
      "Value": {
        "Fn::GetAtt": [
          "DMSEnterpriseUser",
          "Mobile"
        ]
      }
    },
    "ParentUid": {
      "Description": "ParentAliYunUid",
      "Value": {
        "Fn::GetAtt": [
          "DMSEnterpriseUser",
          "ParentUid"
        ]
      }
    }
  }
}

    4. Click Next. Configure the parameters and click Create.

    5. After the stack is created, you can view the status of the stack and the outputs on the Stack Information and Outputs tabs of the stack details page.

    6. After the stack is created, you can view the added user by calling an API operation, using an SDK, or in the DMS console. For more information about how to view users in the DMS console, see Manage users.