Permission Dependency of the CNAD Console
When using CNAD, you may need to view resources of or use other cloud services. So you need to obtain required permissions for dependent services so that you can use the dependent services or view their resources. To that end, make sure you have the CNAD FullAccess or CNAD ReadOnlyAccess assigned first. For details, see Creating a User and Granting the CNAD Pro Access Permission.
Dependency Policy Configuration
If an IAM user needs to view or use related functions on the console, ensure that the CNAD FullAccess or CNAD ReadOnlyAccess has been assigned to the user group to which the user belongs. Then, add roles or policies of dependent services based on the following Table 1.
Console Function |
Dependent Service |
Roles or Policy |
|---|---|---|
Enabling LTS |
Log Tank Service (LTS) |
The LTS ReadOnlyAccess system policy is required to select log group and log stream names created in LTS. |
Enabling alarm notifications |
Simple Message Notification (SMN) |
The SMN ReadOnlyAccess system policy is required to obtain SMN topic groups. |
Configuring instance tags |
Tag Management Service (TMS) |
Tag keys can be created only after the TMS FullAccess system policy is added. |
Purchase an instance |
Enterprise Project Management Service (EPS) |
You can select an enterprise project when purchasing an instance only after adding the EPS ReadOnlyAccess system policy. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
