This topic describes how to grant the AliyunOSSFullAccess and AliyunDLFFullAccess permissions. These permissions allow you to use the Data Lake Formation (DLF) service and authorize components to access Object Storage Service (OSS) without an AccessKey.
Prerequisites
A Container Service for Kubernetes (ACK) cluster is created. For more information, see Create an ACK dedicated cluster (discontinued) or Create an ACK managed cluster.
Procedure
Log on to the ACK console.
On the Clusters page, find the cluster that you want to manage and click Details in the Actions column.
On the Basic Information page, in the Cluster Resources area, click the link next to Worker RAM Role.
Grant permissions.
On the Roles page, click Grant Permission.
In the Grant Permission panel, select and add the AliyunOSSFullAccess and AliyunDLFFullAccess system policies.
Click Grant permissions.