This topic describes how to attach the AliyunOSSFullAccess and AliyunDLFFullAccess policies to a Resource Access Management (RAM) role. After these policies are attached to the RAM role that is assigned to your account, you can use Data Lake Formation (DLF) and access Object Storage Service (OSS) data without an AccessKey pair.
Prerequisites
A Container Service for Kubernetes (ACK) cluster is created. For more information, see Create an ACK dedicated cluster or Create an ACK managed cluster.
Procedure
Log on to the ACK console.
On the Clusters page, find the cluster that you want to manage and click Details in the Actions column.
On the Cluster Information page, click the Cluster Resources tab.
On the Cluster Resources tab, find Worker RAM Role and click the link.
Attach policies
On the Roles page, click Grant Permission.
In the Grant Permission panel, click AliyunOSSFullAccess and AliyunDLFFullAccess to add the policies to the Selected section.
Click OK.
Click Complete.