This topic describes how to use Resource Access Management (RAM) to limit the time of access to Alibaba Cloud resources. This ensures a higher level of data security.
Prerequisites
- An Alibaba Cloud account is created. To create an Alibaba Cloud account, visit the account registration page.
- You have a basic knowledge of policy elements, structure, and syntax before you create a custom policy. For more information, see Policy elements and Policy structure and syntax.
Background information
An enterprise has purchased multiple types of Alibaba Cloud resources, such as Elastic Compute Service (ECS) instances, ApsaraDB for RDS instances, Server Load Balancer (SLB) instances, and Object Storage Service (OSS) buckets. To ensure business and data security, this enterprise requires RAM users to access Alibaba Cloud resources only during working hours.
Solution
To allow a RAM user to access Alibaba Cloud resources only during a specified period, create a custom policy and attach the policy to the RAM user.
- Create a RAM user. For more information, see Create a RAM user.
- Create a custom policy. For more information, see Create a custom policy.
- Attach the policy to the RAM user. For more information, see Grant permissions to a RAM user.