You can embed the DAS console to a self-managed O&M platform in password-free access mode. Before you configure embedment, you must create a RAM user and grant permissions. This topic describes how to embed the DAS console.
- Log on to the Resource Access Management console.
- In the left-side navigation pane, click RAM Roles.
- Click Create RAM Role. In the Select Role Type step, set Trusted entity type to Alibaba Cloud Account and then click Next.
- In the Configure Role step, configure the parameters and then click OK.
Parameter Description RAM Role Name Specify the RAM role name. The name must be 1 to 64 characters in length and can contain letters, digits, and hyphens (-). For this example, it is ram-for-das. Note Optional. Specify the description for the RAM role. Select Trusted Alibaba Cloud Account Select Current Alibaba Cloud Account.
- After the role has been created, click Add Permissions to RAM Role.
- In the Add Permissions dialog box, configure the parameters.
- Set Select Policy to System Policy.
- In the System Policy field, enter AliyunHDMReadOnlyAccess.
- Click AliyunHDMReadOnlyAccess to add it to the Selected section on the right. Click OK.
- After you grant permissions to the RAM user to access DAS, you must create a RAM user
to call the AssumeRole operation. For more information, see Create a RAM user.Note In the Access Mode section, select Programmatic Access for the RAM user to call the AssumeRole operation.
- After you create a RAM user, you must grant the AliyunSTSAssumeRoleAccess policy to the RAM user. For more information, see Authorize RAM users.
- After you grant permissions to the RAM user, you can embed the DAS console to a self-managed O&M platform. For more information, see Console sharing and embedded.