tencent cloud

Feedback

Role Authorization

Last updated: 2022-08-08 11:04:31

    When using the EMR service, you need to authorize the default system role EMR_QCSRole for the service account. Only after the role is authorized successfully can EMR call relevant services such as CVM and COS to create clusters and store logs.

    Note:

    When you activate the EMR service for the first time, you must use the root account to complete role authorization; otherwise, neither sub-accounts nor the root account can use EMR.

    Role authorization process

    1. When you create a cluster or a scheduled plan, if the EMR_QCSRole role fails to be authorized for the service account and the following prompt is displayed, you need to click Go to CAM to complete role authorization.
    2. Click Grant to authorize the default role EMR_QCSRole for the EMR service account.
    3. After the authorization, you need to refresh the EMR console or the purchase page. For more information on the policies related to EMR_QCSRole, log in to the CAM console. For more information on the permissions included in EMR_QCSRole, see Collaborator/Sub-account Permissions.

    Notes on rule authorization for container-based EMR

    1. Before creating a container-based EMR cluster, you need to check whether the CVM_QCSRole role exists.

    2. If the CVM_QCSRole role does not exist, you need to create it in advance. Log in to the CAM console, create a role, and select Tencent Cloud Product Service.
    3. Select CVM and associate the QcloudCOSDataWriteOnly and QcloudKMSAccessForCVMRole policies.

    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support