All Products
Search

This Product

    OpenSearch:Service-linked role for OpenSearch Vector Search Edition

    Document Center

    OpenSearch:Service-linked role for OpenSearch Vector Search Edition

    Last Updated:Aug 27, 2024

    This topic describes the scenarios of the service-linked role AliyunServiceRoleForSearchEngine for OpenSearch Vector Search Edition.

    Background information

    The service-linked role AliyunServiceRoleForSearchEngine is a Resource Access Management (RAM) role that OpenSearch Vector Search Edition can assume to access other Alibaba Cloud services. For more information, see Service-linked roles.

    Scenarios

    When you use the data source feature of OpenSearch Vector Search Edition, OpenSearch Vector Search Edition must be authorized to access the resources of Object Storage Service (OSS). In this case, you can use the AliyunServiceRoleForSearchEngine service-linked role to grant the access permissions.

    Description

    Role name: AliyunServiceRoleForSearchEngine

    Role policy: AliyunServiceRoleForSearchEngine Sample policy:

    {
    "Version": "1",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "oss:ListObjects",
            "Resource": "*",
            "Condition": {
                "StringLike": {
                    "oss:Prefix": [
                        "*opensearch*"
                    ]
                }
            }
        },
        {
            "Effect": "Allow",
            "Action": [
                "oss:GetObject",
                "oss:GetObjectAcl"
            ],
            "Resource": "acs:oss:*:*:*/*opensearch*/*"
        },
        {
            "Action": "ram:DeleteServiceLinkedRole",
            "Resource": "*",
            "Effect": "Allow",
            "Condition": {
                "StringEquals": {
                    "ram:ServiceName": "searchengine.aliyuncs.com"
                }
            }
        }
    ]
}