This topic describes how to grant access permissions for Cloud Architect Design Tools (CADT) to Resource Access Management (RAM) users, enabling the automatic creation of virtual private clouds (VPCs) when instance groups are created in the Cloud Phone console.
Background information
When you create an instance group, Cloud Phone automatically creates VPCs, eliminating the need for manual VPC creation. This automatic process relies on CADT capabilities. If you create an instance group as a RAM user in the Cloud Phone console, make sure that the RAM user has the required CADT access permissions. Without these permissions, the creation will fail.
Procedure
Perform the following steps to grant the required permissions to the RAM user:
Log on to the RAM console by using the Alibaba Cloud account to which the RAM user belongs.
In the left-side navigation pane, choose .
On the Users page, find the RAM user to which you want to grant the required permissions. Then, click Add Permissions in the Actions column.
In the Grant Permission panel, configure the following parameters based on your business requirements and click Grant Permissions.
Set the Resource Scope parameter to Account.
In the Policy section, select the
AliyunCADTFullAccesssystem policy.
Execution result
After authorization, when you create an instance group in the Cloud Phone console by using the RAM user and select the option to automatically create a VPC, the VPC will be created as expected.