You can embed the DAS console to a self-managed O&M platform in password-free access mode. Before you configure embedment, you must create a RAM user and grant permissions. This topic describes how to embed the DAS console.

Procedure

  1. Log on to the Resource Access Management console.
  2. In the left-side navigation pane, click RAM Roles.
  3. Click Create RAM Role. In the Select Role Type step, set Trusted entity type to Alibaba Cloud Account and then click Next.
  4. In the Configure Role step, configure the parameters and then click OK.
    Parameter Description
    RAM Role Name Specify the RAM role name. The name must be 1 to 64 characters in length and can contain letters, digits, and hyphens (-). For this example, it is ram-for-das.
    Note Optional. Specify the description for the RAM role.
    Select Trusted Alibaba Cloud Account Select Current Alibaba Cloud Account.
  5. After the role has been created, click Add Permissions to RAM Role.
  6. In the Add Permissions dialog box, configure the parameters.
    1. Set Select Policy to System Policy.
    2. In the System Policy field, enter AliyunHDMReadOnlyAccess.
    3. Click AliyunHDMReadOnlyAccess to add it to the Selected section on the right. Click OK.
  7. After you grant permissions to the RAM user to access DAS, you must create a RAM user to call the AssumeRole operation. For more information, see Create a RAM user.
    Note In the Access Mode section, select Programmatic Access for the RAM user to call the AssumeRole operation.
  8. After you create a RAM user, you must grant the AliyunSTSAssumeRoleAccess policy to the RAM user. For more information, see Authorize RAM users.
  9. After you grant permissions to the RAM user, you can embed the DAS console to a self-managed O&M platform. For more information, see Console sharing and embedded.