Scenario
This template provides the methods and principles for user management, resource grouping, permission configuration, and access control in a single account system. Taking an e-commerce website project as an example, this template uses Alibaba Cloud RAM to implement the best practices for resource grouping, account system construction, permission allocation, security hardening, and regular security check based on the business process and the division of development, testing, and production environments.
Procedures
The deployment instruction for the solution - Manage Account Permissions with RAM is following:
1. Check the alibaba cloud account permission, should include these services ECS, VPC, RDS, and OSS.
2. Click the Create Stack button/link, follow the wizard to specify parameters and etc.
3. Once the stack created, performs OSS directory creation, RAM user security and resource group permission settings.
Please check the best practice for detailed information.
Resources
Architecture Diagram
