All Products
Search
Document Center

Resource Access Management:Delete a RAM user

Last Updated:Feb 23, 2024

This topic describes how to delete a Resource Access Management (RAM) user. RAM supports the recycle bin feature. When you delete RAM users, the RAM users are first moved to the recycle bin. Then, the RAM users are automatically deleted from the recycle bin on a regular basis. You can also manually delete RAM users from the recycle bin. If you accidentally delete a RAM user, you can manually restore the RAM user. This helps minimize the adverse impacts that are caused by accidental deletion of RAM users.

Warning

Before you delete a RAM user, make sure that the RAM user is not used by systems or applications. If the RAM user is used by systems or applications, a service failure may occur after the RAM user is deleted.

Limits

The recycle bin can contain up to 1,000 RAM users. If the number of RAM users in the recycle bin exceeds 1,000, the system automatically deletes the earliest RAM users that are moved to the recycle bin. The quota of RAM users in the recycle bin is independent of the quota of RAM users.

Move a RAM user to the recycle bin

Impacts

  • After you move a RAM user the recycle bin, the console logon for the RAM user is disabled.

  • After you move a RAM user to the recycle bin, the AccessKey pairs of the RAM user are also moved to the recycle bin. You cannot use the AccessKey pairs to call API operations.

  • After you move a RAM user to the recycle bin, the permissions that are granted to the RAM user are revoked.

  • After you move a RAM user to the recycle bin, the multi-factor authentication (MFA) device that is bound to the RAM user is unbound.

Procedure

  1. Log on to the RAM console as a RAM user who has administrative rights.

  2. In the left-side navigation pane, choose Identities > Users.

  3. On the Users page, find the RAM user that you want to delete and click Delete in the Actions column.

    You can also select multiple RAM users and click Delete User below the RAM user list to move the RAM users to the recycle bin at a time.

  4. In the Delete User dialog box, read the impact of deletion, enter the name of the RAM user, and then click Move to Recycle Bin.

View RAM users and AccessKey pairs in the recycle bin

You can view the deleted RAM users and AccessKey pairs in the recycle bin. You can also search for the deleted RAM users and AccessKey pairs.

  1. On the Users page, click Recycle Bin in the upper-right corner.

  2. View RAM users and AccessKey pairs.

    • On the Users tab, view the deleted RAM users.

    • On the AccessKey tab, view the deleted AccessKey pairs.

Permanently delete a RAM user

Deletion methods

  • Automatic deletion: The retention period of RAM users in the recycle bin is 30 days. If the retention period ends, the system automatically deletes the RAM users.

  • Manual deletion: You can manually delete RAM users from the recycle bin. The following procedure describes how to manually delete a RAM user from the recycle bin.

Impact

If you delete a RAM user from the recycle bin, the RAM user is permanently deleted and all AccessKey pairs of the RAM user are also permanently deleted. You cannot restore information about the RAM user.

Procedure

  1. On the Users page, click Recycle Bin in the upper-right corner.

  2. On the Users tab, find the RAM user that you want to delete and click Delete in the Actions column.

  3. In the Delete User in Recycle Bin dialog box, enter the name of the RAM user and click Delete.

Restore a RAM user from the recycle bin

Scenario

If you accidentally delete a RAM user or if you no longer want to delete the RAM user, you can restore the RAM user from the recycle bin.

Impacts

  • If you restore a RAM user from the recycle bin, the basic information about the RAM user, such as the logon name, display name, UID, and creation time, is restored. If the password of the RAM user that is used to log on to the Alibaba Cloud Management Console is still valid, the password is also restored.

  • If you restore a RAM user from the recycle bin, the following information about the RAM user cannot be restored: the AccessKey pairs, the permissions that are granted to the RAM user, the user groups to which the RAM user belongs, the MFA device that is bound to the RAM user, the description of the RAM user, mobile phone number of the RAM user, email address of the RAM user, and the tags that are added to the RAM user.

    Important

    On the AccessKey tab of the Recycle Bin page, you can restore the AccessKey pairs of a RAM user only after you restore the RAM user.

Procedure

  1. On the Users page, click Recycle Bin in the upper-right corner.

  2. On the Users tab, find the RAM user that you want to restore and click Restore in the Actions column.

    You can also select multiple RAM users and click Restore User in Recycle Bin below the RAM user list to restore multiple RAM users at a time.

  3. In the Restore User in Recycle Bin message, click OK.