Grant permissions to an account

Background information

• Fully managed Flink allows you to authorize other Alibaba Cloud accounts or RAM users to use the fully managed Flink service. If an Alibaba Cloud account or a RAM user is not granted the permissions to use fully managed Flink by the Alibaba Cloud account that purchases the fully managed Flink service, the Namespace List page is empty after you log on to the console of fully managed Flink by using the Alibaba Cloud account or RAM user. As a result, you cannot perform operations such as developing a job.
• The features that an Alibaba Cloud account or a RAM user can use vary based on the role that is assigned to the Alibaba Cloud account or RAM user. The following table describes the features that are supported by different roles.

  Feature	Owner	Editor	Viewer
  View jobs	Y	Y	Y
  Start and cancel a job	Y	Y	N
  Modify job configurations	Y	Y	N
  View resources	Y	Y	Y
  Upload resources	Y	Y	N
  Write SQL statements	Y	Y	N
  Create a user-defined function (UDF)	Y	Y	N
  Register metadata	Y	Y	N
  View a job template	Y	Y	Y
  Add, delete, and modify a job template	Y	N	N
  Manage members of a workspace	Y	N	N

Grant permissions to an account

1. Create an Alibaba Cloud account or a RAM user.
   • Go to the Sign up to Alibaba Cloud page and enter the information of the Alibaba Cloud account that you want to create.
   • For more information about how to create a RAM user, see Create a RAM user.
2. Grant permissions to the Alibaba Cloud account or RAM user in the console of fully managed Flink.
   1. Log on to the Realtime Compute for Apache Flink console by using your Alibaba Cloud account.
   2. On the Fully Managed Flink tab, find the workspace that you want to manage and click Console in the Actions column.
   3. In the left-side navigation pane, choose Administration > Members.
   4. Click Add Member.
   5. Specify Role and Member.
      

      • Role: For more information about the features that are supported by different roles, see Background information.
      • Member: Enter the ID or name of an Alibaba Cloud account or a RAM user.

        Account	How to obtain
        Alibaba Cloud account	To obtain the ID or the name of an Alibaba Cloud account, perform the following steps: In the upper-right corner of the Realtime Compute for Apache Flink console, move the pointer over the profile picture and click Basic Information to view the ID or the name of the Alibaba Cloud account.
        RAM user	To obtain the ID or the name of a RAM user, perform operations by following the instructions provided in View the basic information about a RAM user group.

   6. Click OK.
3. Log on to the console of fully managed Flink by using the newly created Alibaba Cloud account or RAM user.
   For more information about how to log on to the console of fully managed Flink by using a RAM user, see Log on to the Alibaba Cloud Management Console as a RAM user.

   Notice If you have logged on to the console of fully managed Flink by using the newly created Alibaba Cloud account or RAM user, you must log on to the console again by using the Alibaba Cloud account or RAM user after the Alibaba Cloud account or RAM user is authorized to use fully managed Flink. Otherwise, you cannot view project information.