Aliyun OSS
In Aliyun Console, to create an IAM user that has only programmatic access (no Console login) attached with AliyunOSSFullAccess permissions, with Access Key/Secret Key to go with Mapfs Pro.
Create the IAM user (programmatic-only)
- Sign in to the Aliyun Console https://ram.console.aliyun.com/users with an account that can manage IAM.
- Open IAM → Users → "Create user".
- User name: choose a descriptive name (e.g., mapfs-developer).
- Access Mode: uncheck "Console Access" and "Using permanent AccessKey to access".
- Click "OK".
Attach permissions
- Click the new created user.
- On "Add permissions", choose "Attach policies directly".
- Search for and select AliyunOSSFullAccess.
- Click "OK".
Generate access keys
- After the user is created, open the new user
- Under "AccessKey", choose "Create AccessKey".
- When prompted for the use case, pick "Third-party service" (or the equivalent option).
- Check the "I confirm that it is necessary to create an AccessKey" option.
- Click "Continue" to generate the key pairs
- Download the .csv or copy the Access Key ID and Secret Access Key; the secret cannot be retrieved later.
Store and share securely
- Pass the Access Key ID and Secret Access Key to mapfs through "$ mapfs add ...".
- Consider rotating keys periodically and deleting unused keys.
Region
Aliyun Console:
- Click "Storage" → "Object Storage Service"
- In the left nav sidebar, Click Buckets
- In the right side of the same page, read the "Region" value for the BucketName
- Choose the corresponding Region-ID through Get Region ID
e.g. Region Name: China (Beijing)
Then, the Region-ID is "cn-beijing".