This product(
Ram/2015-05-01) OpenAPI adopts RPC Signature style. See signature details in Description of the signature mechanism. We have packaged SDKs for common programming languages for developers. Developers can directly call the OpenAPI of this product by downloading the SDK without paying attention to the technical details. If the existing SDK cannot meet the usage requirements, you can connect through the signature mechanism. It will take about 5 working days. Therefore, it is recommended to join our DingTalk service group (11370001915) and sign under the guidance of experts. Before using the API, you need to prepare your identity account and access key (AccessKey) to effectively access the API through client tools (SDK, CLI, etc.). For details see getAccessKey.
User management
| API | Title | Description |
|---|---|---|
| RAM User | RAM User | |
| CreateUser | CreateUser | Creates a Resource Access Management (RAM) user. |
| GetUser | GetUser | Queries the information about a RAM user. |
| UpdateUser | UpdateUser | Modifies the information about a RAM user. |
| DeleteUser | DeleteUser | You can call this operation to delete a RAM user. |
| ListUsers | ListUsers | Queries the information about all RAM users. |
| Login Profile | Login Profile | |
| CreateLoginProfile | CreateLoginProfile | Enables console logon for a RAM user. |
| GetLoginProfile | GetLoginProfile | Queries the logon configurations of a RAM user. |
| UpdateLoginProfile | UpdateLoginProfile | Modifies the logon configurations of a RAM user. |
| DeleteLoginProfile | DeleteLoginProfile | Disables console logon for a RAM user. |
| ChangePassword | ChangePassword | Changes the password that is used to log on to the Alibaba Cloud Management Console. |
| AccessKey | AccessKey | |
| CreateAccessKey | CreateAccessKey | Creates an AccessKey pair for a RAM user. |
| UpdateAccessKey | UpdateAccessKey | Changes the status of an AccessKey that belongs to a RAM user. |
| DeleteAccessKey | DeleteAccessKey | Deletes an AccessKey pair of a RAM user. |
| ListAccessKeys | ListAccessKeys | Queries the list of all AccessKey pairs that belong to a RAM user. |
| MFA | MFA | |
| CreateVirtualMFADevice | CreateVirtualMFADevice | Creates a multi-factor authentication (MFA) device. |
| GetUserMFAInfo | GetUserMFAInfo | Queries the multi-factor authentication (MFA) device that is attached to a Resource Access Management (RAM) user. |
| DeleteVirtualMFADevice | DeleteVirtualMFADevice | Deletes a multi-factor authentication (MFA) device. |
| ListVirtualMFADevices | ListVirtualMFADevices | Queries the list of all multi-factor authentication (MFA) devices. |
| BindMFADevice | BindMFADevice | Attaches a multi-factor authentication (MFA) device to a RAM user. |
| UnbindMFADevice | UnbindMFADevice | Detaches a multi-factor authentication (MFA) device from a RAM user. |
User group management
| API | Title | Description |
|---|---|---|
| CreateGroup | CreateGroup | Creates a RAM user group. |
| GetGroup | GetGroup | Queries the information of a RAM user group. |
| UpdateGroup | UpdateGroup | Modifies a RAM user group. |
| DeleteGroup | DeleteGroup | Deletes a RAM user group. |
| ListGroups | ListGroups | Queries RAM user groups. |
| ListGroupsForUser | ListGroupsForUser | Queries the Resource Access Management (RAM) user groups to which a RAM user belongs. |
| ListUsersForGroup | ListUsersForGroup | Queries RAM users in a RAM user group. |
| AddUserToGroup | AddUserToGroup | Adds a RAM user to a RAM user group. |
| RemoveUserFromGroup | RemoveUserFromGroup | Removes a RAM user from a RAM user group. |
Role management
| API | Title | Description |
|---|---|---|
| CreateRole | CreateRole | Creates a RAM role. |
| DeleteRole | DeleteRole | Deletes a RAM role. |
| UpdateRole | UpdateRole | Changes the description of a RAM role. |
| GetRole | GetRole | Queries information of a RAM role. |
| ListRoles | ListRoles | Queries the list of all RAM roles. |
Permission management
| API | Title | Description |
|---|---|---|
| Permission Policy Management | Permission Policy Management | |
| CreatePolicy | CreatePolicy | Creates a custom policy. |
| GetPolicy | GetPolicy | Queries the information of a policy. |
| UpdatePolicyDescription | UpdatePolicyDescription | Modifies the description of a custom policy. |
| DeletePolicy | DeletePolicy | Deletes a policy. |
| ListPolicies | ListPolicies | Queries a list of policies. |
| CreatePolicyVersion | CreatePolicyVersion | Creates a version for a policy. |
| GetPolicyVersion | GetPolicyVersion | Queries the information of a policy version. |
| DeletePolicyVersion | DeletePolicyVersion | Deletes a policy version. |
| ListPolicyVersions | ListPolicyVersions | Queries the versions of a policy. |
| SetDefaultPolicyVersion | SetDefaultPolicyVersion | Sets the default version of a policy. |
| Authorization Management | Authorization Management | |
| AttachPolicyToUser | AttachPolicyToUser | Attaches a policy to a RAM user. |
| DetachPolicyFromUser | DetachPolicyFromUser | Detaches a policy from a RAM user. |
| AttachPolicyToGroup | AttachPolicyToGroup | Attaches a policy to a RAM user group. |
| DetachPolicyFromGroup | DetachPolicyFromGroup | Detaches a policy from a RAM user group. |
| AttachPolicyToRole | AttachPolicyToRole | Attaches a policy to a RAM role. |
| DetachPolicyFromRole | DetachPolicyFromRole | Detaches a policy from a RAM role. |
| ListPoliciesForUser | ListPoliciesForUser | Queries the policies that are attached to a RAM user. |
| ListPoliciesForGroup | ListPoliciesForGroup | Queries the policies that are attached to a RAM user group. |
| ListPoliciesForRole | ListPoliciesForRole | Queries the policies that are attached to a RAM role. |
| ListEntitiesForPolicy | ListEntitiesForPolicy | Queries the entities to which a policy is attached. |
Security management
| API | Title | Description |
|---|---|---|
| SetAccountAlias | SetAccountAlias | You can call this operation to specify an alias for an Alibaba Cloud account. |
| GetAccountAlias | GetAccountAlias | Queries the alias of an Alibaba Cloud account. |
| ClearAccountAlias | ClearAccountAlias | Deletes the alias of the Alibaba Cloud account. |
| SetPasswordPolicy | SetPasswordPolicy | Configures the password policy for RAM users, including the password strength. |
| GetPasswordPolicy | GetPasswordPolicy | Queries the password policy, including the password strength, of RAM users. |
| SetSecurityPreference | SetSecurityPreference | Configures the security preferences. |
| GetSecurityPreference | GetSecurityPreference | Queries the security preferences. |
Permission analysis and diagnostics
| API | Title | Description |
|---|---|---|
| DecodeDiagnosticMessage | DecodeDiagnosticMessage | Decodes the diagnostic information in the response that contains an access denied error. The error is caused by no RAM permissions. |