Enterprise Distributed Application Service (EDAS) supports the account system of Alibaba Cloud Resource Access Management (RAM). You can create RAM users within your Alibaba Cloud account to avoid sharing your AccessKey pair with other users. You can also assign minimum permissions to RAM users as needed to complete different types of jobs by using different user identities for efficient enterprise management.

Introduction to RAM users

When you use your Alibaba Cloud account in EDAS, you can complete different types of jobs by using different user identities. For example, you can assume the role of an application administrator to create, start, query, and delete applications. In addition, you can assume the role of an operations administrator to view resources, check application monitoring data, manage alert rules, and manage throttling and degradation rules. You can allocate different roles and resources to RAM users of an Alibaba Cloud account to complete different types of jobs by using different user identities. This permission management mode is similar to that in Linux. System users can manage permissions of normal users.

Take note of the following rules for RAM users:

  • RAM users are created by an Alibaba Cloud account in the RAM console. Validity check is not required for RAM users, but the name of each RAM user must be unique within the Alibaba Cloud account.
  • Unlike Alibaba Cloud accounts, RAM users have an independent logon portal https://signin.aliyun.com.

Log on to the EDAS console by using a RAM user

  1. Use an Alibaba Cloud account to log on to the RAM console.
  2. On the Overview page, click the URL below RAM user logon in the Account Management section.
    Note The RAM user logon URL varies with the Alibaba Cloud account.
  3. On the RAM Account Login page, enter the logon name of the RAM user and click Next.
  4. Enter the logon password and click Login.
    Note If Required at Next Logon is selected for Password Reset, the RAM user is required to reset the password after its first logon to the console.
  5. Log on to the Alibaba Cloud Management Console as a RAM user EDAS console.

Remove a permission granted to a RAM user

  1. Use an Alibaba Cloud account to log on to the RAM console.
  2. In the left-side navigation pane, choose Identities > Users.
  3. On the Users page, click the logon name of the user from which you want to remove a permission.
  4. On the Basic Information tab, click the Permissions tab.
  5. On the Permissions tab, click Remove Permission in the Actions column. In the message that appears, click OK.

Delete a RAM user

  1. Log on to the RAM console by using an Alibaba Cloud account.
  2. In the left-side navigation pane, choose Identities > Users.
  3. On the Users page, find the RAM user that you want to delete, and click Delete in the Actions column.
  4. In the Delete User dialog box, view the impact of deleting the user. When you confirm that you want to delete the RAM user, click Aware of the Risk and Confirm Delete.