Overview
This document describes how to assign a custom RAM role to a Container Service for Kubernetes (ACK) cluster.
Details
You cannot assign a custom RAM role to an ACK cluster. However, you can attach custom policies to the worker role that is automatically created when you create a worker node in the cluster.
- Log on to the ACK console.
- In the left-side navigation pane, click Clusters. On the Clusters page, click the name or ID of the cluster that you require.
- On the details page of the cluster, click the Cluster Resources On the Cluster Resources tab, click the ID to the right of Worker RAM Role.
- On the RAM Roles page in the Resource Access Management (RAM) console, click the policy name on the Permissions tab.
- On the Policies page, click Modify Policy Document. In the Modify Policy Document panel, copy the following code to the Policy Document code editor and click OK.
Note: The code in this example is used to grant the role the permissions to scale and delete clusters. For information about more permissions, see Create a custom RAM policy.
{ "Action": [ "cs:ScaleCluster", "cs:DeleteCluster" ], "Resource": "*", "Effect": "Allow" }
Applicable scope
- ACK