Help Center> Data Admin Service> FAQ> Usage> How Do I Grant Only the Permission to Use DAS to an IAM Account?

How Do I Grant Only the Permission to Use DAS to an IAM Account?

Create a user-defined policy for DAS.

On the management console, choose Service List > Management & Deployment > Identity and Access Management. On the displayed page, select Permissions and click Create Custom Policy.

Figure 1 Identity and Access Management (IAM)

As shown in the following figure, the rds:instance:list permission of RDS and das:connection:list permission of DAS are granted.

Figure 2 Creating a Custom Policy
You can also select JSON for Policy View and enter the following statements in Policy Content.
Figure 3 JSON
```
{
    "Version": "1.1",
    "Statement": [
        {
            "Action": [
                "rds:instance:list"
            ],
            "Effect": "Allow"
        },
        {
            "Action": [
                "das:connections:list"
            ],
            "Effect": "Allow"
        }
    ]
}
```
Create a DAS user group. Then, click Manage Permissions in the Operation column to select the custom permissions.

Figure 4 Creating a DAS user group

Figure 5 Selecting custom permissions
Create an IAM account and add it to the user group.

Figure 6 Creating a user

Parent topic: Usage

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Help Center