You can create a RAM user and grant STS permissions to the RAM user to embed the DAS console into a self-managed O&M platform in password-free access mode. This topic describes how to embed the DAS console.

Prerequisites

A RAM user is created and the STS permission policy is attached to the user. For more information, see Grant permissions to a RAM user.

Procedure

  1. Call the AssumeRole operation to obtain a temporary user identity for assuming a role.
    Note
    • For more information about how to obtain a temporary user identity, see AssumeRole.
    • For more information about instance RAM roles, see Overview.
  2. Use the security token to obtain a logon token. For more information about how to obtain a logon token, see GetSigninToken.
    Note The TicketType value can be normal or mini.
    • By default, this parameter is set to normal, and the DAS domain name is HDM Console.
    • If this parameter is set to mini for the partner BID, the DAS domain name is HDM Service Console.
  3. Generate a logon-free link to the DAS page.
    1. The URL is in the following format:
      https://signin.aliyun.com/federation?Action=Login                      
&LoginUrl=<Logon URL on the self-managed website that is configured to return the HTTP status code 302 to redirect to another page>                      
&Destination=<The DAS page to be actually accessed>                      
&SigninToken=<Logon token>
      Note The DAS page in the Destination field is determined by the TicketType parameter that is specified in Step 2.
      • If the parameter is set to normal, the DAS domain name is https://hdm.console.aliyun.com.
      • If the parameter is set to mini, the DAS domain name is https://hdm4service.console.aliyun.com.
    2. If you want to embed the DAS dashboard page, you can set the Destination field to https://hdm.console.aliyun.com/?hideTopbar=true&isShare=true&hideMenu=true#/dashboard/convoy.
      Note The isShare and hideTopbar parameters before # are required.
      Parameter Description
      isShare=true Specifies whether to embed the DAS console into an external console.
      hideTopbar=true Specifies whether to hide the top navigation bar of the DAS console.
      hideMenu=true Specifies whether to hide the DAS external menu.
      hideInstanceMenu=true Specifies whether to hide the sidebars of the DAS instance details page.
    3. Sample code:
      private static String getHdmLoginUrl(String pageUrl, String signInToken) throws URISyntaxException {  
URIBuilder builder = new URIBuilder(SIGN_IN_DOMAIN);  
builder.setParameter("Action", "Login");  
// Specify the logon URL on the self-managed website that is configured to return the HTTP status code 302 to redirect to another page.  
builder.setParameter("LoginUrl", "https://signin.aliyun.com/login.htm");  
// Specify the DAS page to be actually accessed, such as the global dashboard, real-time dashboard, or instance details page.  
builder.setParameter("Destination", pageUrl);  
builder.setParameter("SigninToken", signInToken);  
HttpGet request = new HttpGet(builder.build());  
return request.getURI().toString();}