All Products
Search

This Product

    Alibaba Cloud Model Studio:Authorize a RAM user to manage services in Model Studio

    Document Center

    Alibaba Cloud Model Studio:Authorize a RAM user to manage services in Model Studio

    Last Updated:Nov 27, 2024

    After you create a Resource Access Management (RAM) user, you must authorize the RAM user to manage services in Alibaba Cloud Model Studio in the RAM console and the Model Studio console.

    Create a RAM user

    For more information about how to create a RAM user, see Create a RAM user.

    Authorize the RAM user in the RAM console

    1. Log on to the RAM console.

    2. In the left-side navigation pane, choose Identities > Users. On the Users page, find the RAM user that you want to authorize.image.png

    3. Click Add Permissions in the Actions column of the desired RAM user.

    4. On the Grant Permission pane that appears, search for and select the RAM permissions such as AliyunBailianFullAccess, AliyunBailianControlFullAccess, AliyunBailianDataFullAccess, and others.

      image

    5. Click Grant permissions.

    Authorize the RAM user in the Model Studio console

    1. Log on to the Model Studio console with your Alibaba Cloud account.

    2. In the left-side navigation pane, choose Permissions > User Management.

    3. On the User Management page, click Add user.

    4. Select the desired RAM user, specify a username, and then click Next.image

    5. Select Admin from the Role drop-down list and click Complete.

      image

    Authorize a sub-workspace to use models

    Models can be directly used in the default workspace. However, authorization is required to use models in sub-workspaces.

    For more information, see Authorize a sub-workspace to use models.

    Custom permission policy for knowledge indexes

    You can use a custom permission policy to grant RAM users the minimum set of permissions on knowledge indexes.

    Procedure

    1. Log on to the RAM console with an administrator account.

    2. In the left-side navigation pane, choose .

    3. Click Create Policy. On the page that appears, configure the following parameters.

      • Service: Select Alibaba Cloud Model Studio / SFM.

      • Action: Select sfm:GetIndexJobStatus, sfm:CreateIndex and, sfm:SubmitIndexJob. You can search by the names.

        • sfm:GetIndexJobStatus: Queries the status of an indexing job.

        • sfm:CreateIndex: Creates an indexing job.

        • sfm:SubmitIndexJob: Submits an indexing job.

          image

    4. Click OK. On the dialog box that appears, specify a name and description for the policy. Then, click OK.

    5. To authorize a RAM user, click Grant Permission or choose Permissions > Grants in the left-side navigation pane.

      image

    6. In the Grant Permission panel, select the RAM user in the Principal section and then select the custom policy that you created in the Policy section. Click Grant permissions.

      image