Before creating a RAM user, you must set up initial RAM configurations.


To create a RAM user, follow these steps:

  1. Log on to the RAM Console .
  2. Choose Identities > Users. In the right pane, click Create User.
  3. Enter a logon name and display name. To create multiple RAM users at a time, click Add User.
  4. Select either Console Password Logon or Programmatic Access as the user access mode.
    Note We recommend that you select only one access mode.
    • If you select Console Password Logon, you can set basic access settings, such as whether to automatically generate a logon password or allow password customization, whether to require resetting the password after the first logon, and whether to enable MFA.
    • If you select Programmatic Access: An AccessKey (AK) is automatically generated for the user.
      • To maintain security of the AK, you can view or download its AccessKeySecret only during AK creation.
      • If an AK is lost or forgotten, you must create a new one. The new AK and original AK both represent the target user identity. Different AKs of a RAM user are equivalent in use.
      • We recommend that you change AKs for applications on a regular basis to prevent AK disclosure.

What to do next

Grant resource access permissions to specific RAM users.