All Products
Search
Document Center

How Do I Assign a Custom RAM Role to an ACK Cluster?

Last Updated: May 10, 2021

Overview

This document describes how to assign a custom RAM role to a Container Service for Kubernetes (ACK) cluster.

Details

You cannot assign a custom RAM role to an ACK cluster. However, you can attach custom policies to the worker role that is automatically created when you create a worker node in the cluster.

  1. Log on to the ACK console.
  2. In the left-side navigation pane, click Clusters. On the Clusters page, click the name or ID of the cluster that you require.
  3. On the details page of the cluster, click the Cluster Resources On the Cluster Resources tab, click the ID to the right of Worker RAM Role.
  4. On the RAM Roles page in the Resource Access Management (RAM) console, click the policy name on the Permissions tab.
  5. On the Policies page, click Modify Policy Document. In the Modify Policy Document panel, copy the following code to the Policy Document code editor and click OK.
    Note: The code in this example is used to grant the role the permissions to scale and delete clusters. For information about more permissions, see Create a custom RAM policy.
    {
                "Action": [
                  "cs:ScaleCluster",
                  "cs:DeleteCluster"
                ],
                "Resource": "*",
                "Effect": "Allow"
             }

Applicable scope

  • ACK