This topic describes some of the common application scenarios of Alibaba Cloud Resource Access Management (RAM).

Application scenario Description
User management and access control Enterprise A has bought several types of Alibaba Cloud resources, such as ECS instances, RDS instances, SLB instances, and OSS buckets for a project. During this project, many employees need to perform operations on these cloud resources, but different employees require different permissions to complete different operations.
Grant temporary permissions to mobile apps Enterprise A has developed a mobile app, which runs on users' own devices. Therefore, Enterprise A cannot manage these devices directly and wants to use Alibaba Cloud OSS so that the mobile app can upload data to or download data from OSS.
Cross-account resource authorization and access Enterprise A has bought various Alibaba Cloud resources (such as ECS instances, RDS instances, SLB instances, and OSS buckets) to support its business. Account A is the resource owner and wants to grant Account B the relevant permissions to perform operations on resources of Account A.
Use RAM to authorize applications to access Alibaba Cloud resources An enterprise has bought ECS instances and wants to deploy its applications in ECS. To allow the applications to access other Alibaba Cloud APIs by using access keys.