Background information
AliyunServiceRoleForSearchEngine is the Resource Access Management (RAM) role that is linked to OpenSearch Vector Search Edition. To use an OpenSearch Vector Search Edition feature, access to other cloud services may be required. Alibaba Cloud provides the AliyunServiceRoleForSearchEngine service-linked role that allows OpenSearch Vector Search Edition to access other cloud services. For more information, see Service-linked roles.
Scenarios
To use the data source feature of OpenSearch Vector Search Edition, you must be granted the permissions to access the resources of Object Storage Service (OSS). In this case, you can use the AliyunServiceRoleForSearchEngine service-linked role to obtain permissions to access the resources.
Role description
Role name: AliyunServiceRoleForSearchEngine.
Role policy: AliyunServiceRoleForSearchEngine.
Sample authorization policy:
{
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": "oss:ListObjects",
"Resource": "*",
"Condition": {
"StringLike": {
"oss:Prefix": [
"*opensearch*"
]
}
}
},
{
"Effect": "Allow",
"Action": [
"oss:GetObject",
"oss:GetObjectAcl"
],
"Resource": "acs:oss:*:*:*/*opensearch*/*"
},
{
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": "searchengine.aliyuncs.com"
}
}
}
]
}