本文介绍如何授予RAM用户操作自助分析的权限。
前提条件
已创建RAM用户。具体操作,请参见创建RAM用户。
操作步骤
使用阿里云账号登录RAM控制台。
创建权限策略。
在左侧导航栏中,选择
。单击创建权限策略。
在创建权限策略页面的脚本编辑页签中,将配置框中的原有脚本替换为如下内容,然后单击继续编辑基本信息。
每个动作的具体说明请参见动作列表。
{ "Version": "1", "Statement": [ { "Action": "log:CreateLogStore", "Resource": "acs:log:*:*:project/bill-analysis-*/logstore/*", "Effect": "Allow" }, { "Action": "log:CreateIndex", "Resource": "acs:log:*:*:project/bill-analysis-*/logstore/aliyun_bill", "Effect": "Allow" }, { "Action": "log:UpdateIndex", "Resource": "acs:log:*:*:project/bill-analysis-*/logstore/aliyun_bill", "Effect": "Allow" }, { "Action": "log:CreateDashboard", "Resource": "acs:log:*:*:project/bill-analysis-*/dashboard/*", "Effect": "Allow" }, { "Action": "log:UpdateDashboard", "Resource": "acs:log:*:*:project/bill-analysis-*/dashboard/*", "Effect": "Allow" }, { "Action": "log:CreateSavedSearch", "Resource": "acs:log:*:*:project/bill-analysis-*/savedsearch/*", "Effect": "Allow" }, { "Action": "log:UpdateSavedSearch", "Resource": "acs:log:*:*:project/bill-analysis-*/savedsearch/*", "Effect": "Allow" }, { "Action": "log:CreateJob", "Resource": "acs:log:*:*:project/bill-analysis-*/job/*", "Effect": "Allow" }, { "Action": "log:UpdateJob", "Resource": "acs:log:*:*:project/bill-analysis-*/job/*", "Effect": "Allow" }, { "Action": "log:CreateApp", "Resource": "acs:log:*:*:app/bill", "Effect": "Allow" }, { "Action": "log:UpdateApp", "Resource": "acs:log:*:*:app/bill", "Effect": "Allow" }, { "Action": "log:GetApp", "Resource": "acs:log:*:*:app/bill", "Effect": "Allow" }, { "Action": "log:DeleteApp", "Resource": "acs:log:*:*:app/bill", "Effect": "Allow" } ] }
设置名称,然后单击确定。
为RAM用户授权。
在左侧导航栏中,选择
。找到目标RAM用户,单击添加权限。
在新增授权面板的权限策略区域,在下拉列表选择自定义策略,然后选中您在步骤2中创建的权限策略,然后单击确认新增授权。
文档内容是否对您有帮助?