Alibaba Cloud’s permission management mechanism includes Resource Access Management (RAM) and Security Token Service (STS). This enables users to access OSS through subaccounts with different permissions and grants users temporary access authorization. Usage of RAM and STS can greatly improve management flexibility and security.
The following content is introduced in permission management:
- What is RAM and STS
- Access a bucket without using the primary account
- Read/Write permission separation
- Access control
- STS temporary access authorization
- The problem of OSS authority and Its Troubleshooting
- STS frequently asked questions and troubleshooting
- OSS sub-account setup Frequently Asked Questions
Click RAM Policy Editor Online Editing allows you to generate authorization policies.