授权RAM用户操作成本管家

本文介绍如何授予RAM用户操作成本管家的权限。

前提条件

已创建RAM用户。具体操作,请参见创建RAM用户

操作步骤

  1. 使用阿里云账号(主账号)或RAM管理员登录RAM控制台

  2. 创建一个自定义权限策略,其中在脚本编辑页签,请使用以下脚本替换配置框中的原有内容。具体操作,请参见通过脚本编辑模式创建自定义权限策略

    说明

    每个动作的具体说明请参见授权信息

    {
     "Version": "1",
     "Statement": [
      {
       "Action": "log:CreateLogStore",
       "Resource": "acs:log:*:*:project/bill-analysis-*/logstore/*",
       "Effect": "Allow"
      },
      {
       "Action": "log:CreateIndex",
       "Resource": "acs:log:*:*:project/bill-analysis-*/logstore/aliyun_bill",
       "Effect": "Allow"
      },
      {
       "Action": "log:UpdateIndex",
       "Resource": "acs:log:*:*:project/bill-analysis-*/logstore/aliyun_bill",
       "Effect": "Allow"
      },
      {
       "Action": "log:CreateDashboard",
       "Resource": "acs:log:*:*:project/bill-analysis-*/dashboard/*",
       "Effect": "Allow"
      },
     {
       "Action": "log:UpdateDashboard",
       "Resource": "acs:log:*:*:project/bill-analysis-*/dashboard/*",
       "Effect": "Allow"
      },
     {
       "Action": "log:CreateSavedSearch",
       "Resource": "acs:log:*:*:project/bill-analysis-*/savedsearch/*",
       "Effect": "Allow"
      },
     {
       "Action": "log:UpdateSavedSearch",
       "Resource": "acs:log:*:*:project/bill-analysis-*/savedsearch/*",
       "Effect": "Allow"
      },
    {
       "Action": "log:CreateJob",
       "Resource": "acs:log:*:*:project/bill-analysis-*/job/*",
       "Effect": "Allow"
      },
     {
       "Action": "log:UpdateJob",
       "Resource": "acs:log:*:*:project/bill-analysis-*/job/*",
       "Effect": "Allow"
      },
    {
       "Action": "log:CreateApp",
       "Resource": "acs:log:*:*:app/bill",
       "Effect": "Allow"
      },
    {
       "Action": "log:UpdateApp",
       "Resource": "acs:log:*:*:app/bill",
       "Effect": "Allow"
      },
    {
       "Action": "log:GetApp",
       "Resource": "acs:log:*:*:app/bill",
       "Effect": "Allow"
      },
    {
       "Action": "log:DeleteApp",
       "Resource": "acs:log:*:*:app/bill",
       "Effect": "Allow"
      }
     ]
    }
  3. RAM用户添加创建的自定义权限策略。具体操作,请参见RAM用户授权