This topic describes the AliyunServiceRoleForDBS service-linked role for Database Backup (DBS) and how to create, view, and delete the service-linked role.
Background information
AliyunServiceRoleForDBS is a Resource Access Management (RAM) role that allows DBS to access other cloud services. Before DBS accesses your Alibaba Cloud databases such as ApsaraDB RDS, ApsaraDB for MongoDB, ApsaraDB for Redis, and PolarDB databases or self-managed databases hosted on Elastic Compute Service (ECS), DBS must assume the AliyunServiceRoleForDBS role to obtain the required permissions.
For more information, see Service-linked roles.
Create the service-linked role
When you use DBS for the first time, the system automatically creates the AliyunServiceRoleForDBS role. Before you use DBS, you must assign the AliyunServiceRoleForDBS role to DBS to ensure that DBS has the permissions to access your databases.
You can assign the AliyunServiceRoleForDBS role to DBS by using the DBS console or calling an API operation. For more information, see How do I activate DBS? or InitializeDbsServiceLinkedRole.
View the service-linked role
After the AliyunServiceRoleForDBS role is created, you can view the role in the RAM console. You can view the basic information, trust policy, and permission policy of the role.
Delete the service-linked role
You can manually delete the AliyunServiceRoleForDBS role in the RAM console. For more information, see Delete a RAM role.