All Products
Search

This Product

    Artificial Intelligence Recommendation:Grant permissions on offline storage to AIRec

    Document Center

    Artificial Intelligence Recommendation:Grant permissions on offline storage to AIRec

    Last Updated:Jul 17, 2023

    Scenarios

    Use historical MaxCompute data to start an AIRec instance

    1. Log on to the Artificial Intelligence Recommendation (AIRec) console.

    2. Select the Historical Data-Based Start mode when you create an AIRec instance. For more information about how to configure data sources to start an AIRec instance, real-time data sources, and offline data sources, see Use historical data to start an instance.

    Important

    1. Before you configure data sources to start an AIRec instance, you must grant permissions to your openias account to read data from MaxCompute. For more information, see the following section "Grant permissions on MaxCompute to AIRec".

    2. Before you configure offline data sources, you must grant permissions to your openias account to read data from and write data to MaxCompute. For more information, see the following section "Grant permissions on MaxCompute to AIRec".

    Customize recall links and sorting models

    Before you customize recall links and sorting models including the feature, behavior, and sample data, you must grant permissions to your openias account to read data from MaxCompute.

    Grant permissions on MaxCompute to AIRec

    Grant permissions by using the MaxCompute console

    1. Create an ODPS SQL window.

    2. Perform the following operations to grant permissions to your openias account.

    Important

    If your DataWorks workspace is in standard mode, your workspace is associated with a MaxCompute project that serves as the development environment and another MaxCompute project that serves as the production environment by default. In this case, if you want to grant AIRec the permissions on the MaxCompute project that serves as the production environment, you must insert the following statement before the authorization statements and execute them together:

    use [project] ; // Specify the name of the project as the name of the project that serves as the production environment.

    a. Add a user

    // Add the openias account.
add user `ALIYUN$openias`; 
// Check whether the account is added by using the list users; statement.
list users;

    b. Grant read permissions to your openias account

    // Grant read permissions to your openias account.
// Replace [project] with your project.
// Replace [table] with your table.
grant Read ON PROJECT [project] to user `ALIYUN$openias`;
grant List ON PROJECT [project] to user `ALIYUN$openias`;
grant Describe ON TABLE [table] to user `ALIYUN$openias`;
grant Select ON TABLE [table] to user `ALIYUN$openias`;

    c. Grant write permissions to your openias account

    The write permissions are required only when you modify offline data sources.

    // Grant write permissions to your openias account.
// Replace [project] with your project.
// Replace [user] with the user that you added.
// Replace [table] with your table.
grant Read ON PROJECT [project] to user `ALIYUN$openias`;
grant List ON PROJECT [project] to user `ALIYUN$openias`;
grant CreateTable ON PROJECT [project] to user `ALIYUN$openias`;
grant CreateInstance ON PROJECT [project] to user `ALIYUN$openias`;

    Grant permissions by using the MaxCompute client

    1. Download and configure the MaxCompute client.

    2. Run the ./bin/odpscmd command to access the MaxCompute environment.

    3. Perform the following operations to grant permissions to your openias account.

    4. The following table describes the permissions that are required for AIRec.

    Object

    Action

    Description

    Project

    Read

    Views information about a project, such as the creation time. The information about objects in the project is excluded.

    Project

    List

    Queries all types of objects in a project.

    Project

    CreateInstance

    Creates an instance in a project.

    Project

    CreateTable

    Creates a table in a project.

    Table

    Describe

    Reads metadata from a table.

    Table

    Select

    Reads data from a table.

    Table

    Alter

    Modifies the metadata of a table or creates or deletes a partition.

    Table

    Update

    Overwrites data in a table or inserts data to a table.

    For more information about related operations, see MaxCompute permissions.

    a. Add a user

    // Add the openias account.
add user `ALIYUN$openias`; 
// Check whether the account is added by using the list users; statement.
list users;

    b. Grant read permissions to your openias account

    // Grant read permissions to your openias account.
// Replace [project] with your project.
// Replace [table] with your table.
grant Read ON PROJECT [project] to user `ALIYUN$openias`;
grant List ON PROJECT [project] to user `ALIYUN$openias`;
grant Describe ON TABLE [table] to user `ALIYUN$openias`;
grant Select ON TABLE [table] to user `ALIYUN$openias`;

    c. Grant write permissions to your openias account

    The write permissions are required only when you modify offline data sources.

    // Grant write permissions to your openias account.
// Replace [project] with your project.
// Replace [user] with the user that you added.
// Replace [table] with your table.
grant Read ON PROJECT [project] to user `ALIYUN$openias`;
grant List ON PROJECT [project] to user `ALIYUN$openias`;
grant CreateTable ON PROJECT [project] to user `ALIYUN$openias`;
grant CreateInstance ON PROJECT [project] to user `ALIYUN$openias`;