If you want to perform extract, transform, load (ETL) operations from OSS data to ApsaraDB RDS data in Data Lake Analytics (DLA) during one-click data warehousing, you must authorize DLA to delete OSS data.

Step 1: Create a custom policy

  1. Log on to the RAM console with the Alibaba Cloud account to which the DLA instance belongs.
  2. In the left-side navigation pane, click Policies. On the Policies page, click Create Policy. On the Create Custom Policy page, configure the parameters.
    • Configuration Mode: Select Script.
    • Policy Document: Copy the following content and replace the bucket name in the code with your OSS bucket name. To impose finer-grained DLA permission control, enter the complete directory of the OSS file that you want to delete.
      {
        "Version": "1",
        "Statement": [
            {
                "Action": [
                    "oss:DeleteObject"
                ],
                "Resource": "acs:oss:*:*:<your-bucket-name>/*",
                "Effect": "Allow"
            }
        ]
      }

Step 2: Grant the policy to the role of DLA

  1. In the left-side navigation pane, click RAM Roles. On the RAM Roles page, find the RAM role AliyunOpenAnalyticsAccessingOSSRole in the RAM Role Name column of the role list.
  2. Click the role name. On the page that appears, click Add Permissions.
  3. In the Add Permissions panel, select Custom Policy in the Select Policy section, click the permission policy that you created in Step 1: Create a custom policy to grant this policy to the role of DLA, and then click OK.