You can create RAM users and authorize them to use OpenSearch Vector Search Edition. For example, you can grant specific RAM users the permissions to create instances or view monitoring metrics. OpenSearch Vector Search Edition supports system policies and custom policies.
Create a RAM user
This topic describes how to create a RAM user. A RAM user is an entity that you create in Resource Access Management (RAM) to represent an O&M engineer or application. After you create a RAM user and grant the relevant permissions to the RAM user, the RAM user can access the specified Alibaba Cloud resources.
For more information about how to create a RAM user, see Create a RAM user.
Authorize a RAM user
After you grant permissions to a RAM user, the RAM user can access the relevant OpenSearch Vector Search Edition resources. You can attach system policies or custom policies to the RAM user. For more information, see Grant permissions to the RAM user and Create a custom policy.
Common permission policies
A system policy that grants management permissions on OpenSearch Vector Search Edition:
AliyunSearchEngineFullAccess
A system policy that grants read-only permissions on OpenSearch Vector Search Edition:
AliyunSearchEngineReadOnlyAccess
A custom policy that grants the permissions to view monitoring metrics of instances:
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": "elasticsearch:*",
"Resource": "acs:elasticsearch:*:*:emonProjects/*"
},
{
"Action": "ims:*",
"Effect": "Allow",
"Resource": "acs:ims:*:*:application/*"
}
]
}System policies that grant the permissions to view and configure alerting settings:
AliyunElasticsearchReadOnlyAccess and AliyunElasticsearchFullAccess
