Log Service provides two system policies, including
AliyunLogFullAccess that specifies the management permission and
AliyunLogReadOnlyAccess that specifies the read-only permission. This topic describes how to attach the
AliyunLogReadOnlyAccess policy to RAM users.
You can also customize permission policies in the Resource Access Management (RAM) console. For more information, see Create a custom policy. You can view examples of permission policies in Use custom policies to grant permissions to a RAM user and Overview.
- Log on to the RAM console with your Alibaba Cloud account or as an authorized RAM user.
- In the left-side navigation pane, choose .
- On the Grants page, click Grant Permission.
- In the Add Permissions panel, enter the name of the RAM user in the Principal field and select the RAM user from the auto-complete results.
- In the Select Policy section, select System Policy and click
AliyunLogReadOnlyAccessin the Authorization Policy Name column.Note If you want to grant permissions of a custom policy, select Custom Policy.
- Click OK.
- Click Complete.