Resource Access Management (RAM) lets you create RAM users for employees, systems, and applications, and grant each user only the permissions they need — eliminating the need to share your Alibaba Cloud account's AccessKey pair and reducing security risks.
To authorize a RAM user to access CloudMonitor instead, see Authorize a RAM user to use CloudMonitor.
Prerequisites
Before you begin, ensure that you have:
A DashVector cluster — see Create a cluster
A RAM user — see Create a RAM user
Grant permissions to a RAM user
Log on to the RAM console.
In the left-side navigation pane, choose Identities > Users.
On the Users page, find the RAM user you want to authorize, then click Add Permissions in the Actions column.
In the Grant Permissions panel, set Resource Scope to Account, select one or more policies, then click Grant Permissions.
NoteDashVector supports account-level permissions only.
Choose the policy type that fits your needs:
System policy (recommended): Select a predefined policy from the list.
Policy name
Access level
AliyunDashvectorFullAccess
Full access to manage all DashVector resources
AliyunDashvectorReadOnlyAccess
Read-only access to all DashVector resources
Custom policy (when system policies don't meet your requirements): Select a custom policy from the list, or create one on the JSON tab.
Use the following format for the
Resourcefield:acs:dashvector:$regionid:$accountid:*Placeholder
Description
Example
$regionidRegion ID of the cluster, or
*to match all regionscn-hangzhou$accountidYour Alibaba Cloud account ID, or
*to match all accounts123456712****The following example grants a RAM user permission to list clusters, view cluster details, and release a cluster:
{ "Version": "1", "Statement": [ { "Effect": "Allow", "Action": [ "dashvector:ListClusters", "dashvector:GetCluster", "dashvector:DeleteCluster" ], "Resource": "*" } ] }Available actions, grouped by resource type:
API key management
Action
Description
CreateApiKey
Creates an API key
GetApiKey
Views an API key
DeleteApiKey
Deletes an API key
ListApiKeys
Views API keys
Cluster management
Action
Description
ListClusters
Views clusters
GetCluster
Views the details of a cluster
DeleteCluster
Releases a cluster
Collection management
Action
Description
GetCollectionCount
Views the number of collections
ListCollections
Views collections
GetCollection
Views the details of a collection
CheckCollectionName
Verifies a collection
CreateCollection
Creates a collection
DeleteCollection
Deletes a collection
Vector operations
Action
Description
SearchCollectionVector
Searches for similar vectors
AddCollectionVector
Creates a vector
FetchDoc
Queries a vector by primary key ID
UpdateCollectionVector
Updates a vector
DeleteCollectionVector
Deletes a vector
GetCollectionDoc
Views the number of documents in a collection
Partition management
Action
Description
ListPartition
Views partitions
GetPartitionNumber
Views the number of partitions
DeletePartition
Deletes a partition
CreatePartition
Creates a partition
Monitoring
Action
Description
SearchCollectionTotal
Queries the number of requests in a collection
SearchCollectionQueriesPerSecond
Queries the QPS of a collection
SearchCollectionDoc
Queries the number of vectors in a collection
SearchCollectionDelay
Queries the request latency of a collection
After the Succeed message appears, click Complete.
