Add Role

Last Updated: Jun 23, 2016

Scenario: Jack is the owner of the project prj1. There are three new project members Alice, Bob and Charlie, whose role is data reviewer. They will apply for the following privileges: viewing the Table list, submitting a job and reading a table userprofile.

For this scenario, the project administrator can use the object-based ACL Authorization mechanism to grant privileges.

Operation Methods:

  1. use prj1;
  2. add user aliyun$alice@aliyun.com; --Add a user.
  3. add user aliyun$bob@aliyun.com;
  4. add user aliyun$charlie@aliyun.com;
  5. create role tableviewer; --Create a role.
  6. grant List, CreateInstance on project prj1 to role tableviewer; --Grant privileges to a role.
  7. grant Describe, Select on table userprofile to role tableviewer;
  8. grant tableviewer to aliyun$alice@aliyun.com; --Grant the role 'tableviewer' to a user.
  9. grant tableviewer to aliyun$bob@aliyun.com;
  10. grant tableviewer to aliyun$charlie@aliyun.com;
Thank you! We've received your feedback.