DataHub-DataWorks Connection service-linked role
The DataHub-DataWorks Connection service-linked role (AliyunServiceRoleForDataHubDWConnection) allows DataHub to query and create DataWorks workspaces during real-time database imports. This topic covers the role's use cases, permissions, and deletion.
AliyunServiceRoleForDataHubDWConnection is a RAM role that grants DataHub the permissions to query and create DataWorks workspaces during real-time database imports. For more information, see Service-linked roles.
Scenarios
When you use DataHub to import data from a database in real time, this role grants DataHub the permissions to query and create DataWorks workspaces.
About AliyunServiceRoleForDataHubDWConnection
Role name: AliyunServiceRoleForDataHubDWConnection
Access policy: AliyunServiceRolePolicyForDataHubDWConnection
Permissions:
{
"Version": "1",
"Statement": [
{
"Action": [
"dataworks:QueryDataImportProcess",
"dataworks:QueryDataImportProcessStatus"
],
"Resource": "*",
"Effect": "Allow"
},
{
"Effect": "Allow",
"Action": "ram:DeleteServiceLinkedRole",
"Resource": "*",
"Condition": {
"StringEquals": {
"ram:ServiceName": "dwconnection.datahub.aliyuncs.com"
}
}
}
]
}
Delete the service-linked role
To delete this service-linked role, see Delete a service-linked role.
Create a service-linked role as a RAM user
To create this service-linked role, a RAM user must have the ram:CreateServiceLinkedRole permission. Ask the Alibaba Cloud account administrator to attach the following policy to the RAM user:
{
"Statement": [
{
"Action": "ram:CreateServiceLinkedRole",
"Resource": "*",
"Effect": "Allow",
"Condition": {
"StringEquals": {
"ram:ServiceName": [
"dwconnection.datahub.aliyuncs.com"
]
}
}
}
],
"Version": "1"
}