To use Container Service for Kubernetes (ACK) for the first time, you do not need to activate the service. However, you must assign default roles to the service account. After you perform this operation, the service account can be used to call services such as Elastic Compute Service (ECS), Object Storage Service (OSS), Apsara File Storage NAS, and Server Load Balancer (SLB), create clusters, and store logs. This topic describes how to assign roles to the service account.
Background information
Considerations
- If you used ACK before January 15, 2018, the system automatically assigns the default roles to the service account. For more information about role permissions, see Default roles. If you use a Resource Access Management (RAM) user to access ACK, you must upgrade the RAM policy that is attached to the RAM user. For more information, see Customize RAM policies.
- As of January 15, 2018, new users must assign their Alibaba Cloud accounts the default roles to use ACK. To authorize RAM users to use ACK, a new user must log on to the RAM console. For more information, see Overview.