The content of this page has been automatically translated by AI. If you encounter any problems while reading, you can view the corresponding content in Chinese.
Help & Documentation>Web Application Firewall>FAQs>Permissions

Permissions

Last updated: 2024-11-26 10:04:29

On this page:

How to handle sub-account permission errors after enabling the log delivery service?

You can fix permission errors by creating a new custom policy in CAM > Policies. Specific examples are as follows:
Note:
For more details, refer to Creating Custom Policies and Sub-account Authorization Guide.
Please use the root account for authorization.
1. Log in to the CAM console, and in the left navigation menu, select Policies.
2. On the Policies page, click New Custom Policy and select Create by policy syntax.

3. On the Select policy template page, select Blank Template, then click Next.

4. On the Edit Policy page, enter the policy name and description, and input the following code in the policy content:
{
  "version": "2.0",
  "statement": [
 {
   "action": [
     "cls:DescribeTopics",
     "ckafka:DescribeInstanceAttributes",
     "ckafka:DescribeTopic",
     "ckafka:DescribeRoute",
     "ckafka:DescribeInstances",
     "ckafka:DescribeInstancesDetail"
   ],
   "resource": "*",
   "effect": "allow"
 }
  ]
}
5. Click Complete, return to the policies page, select the newly created policy, and click Associate Users/Groups in the actions column.

6. In the Associate Users/Groups pop-up window, check the required users/groups, and click Confirm.
中国站 - English