All Products
Document Center

Configure ECS instance RAM role

Last Updated: Mar 20, 2018

To improve the security and convenience of application deployment, Alibaba Cloud SDK supports using ECS Metadata Service to retrieve the authentication information of an ECS instance RAM role. Therefore, the applications deployed in the ECS instance can call APIs of other products without configuring credentials in the SDK. The SDK has the same permission as the RAM role attached to the ECS instance.

Note: Make sure that the ECS instance has configured a RAM role. For more information, see Access APIs of other cloud products by using the instance RAM role.

Code example

The following example shows how to configure the ECS instance RAM role in the Go SDK.

  • Do not use the custom configuration:

    1. // If you do not need to customize the config, we provide a shortcut to build a client
    2. client, err = ecs.NewClientWithEcsRamRole("region-id", "role-name")
  • Use the custom configuration:

    1. // If you need to customize the config, you can use the following codes to build a client
    2. config := sdk.NewConfig().WithEnableAsync(true)
    3. // Create the credential object
    4. credential := credentials.NewEcsRamRoleCredential("role-name")
    5. // Initialize the client
    6. client, err := ecs.NewClientWithOptions("region-id", config, credential)


  • role-name is the name of the RAM role associated with the ECS instance.

  • region-id is the ID of the region where the cloud service that the ECS RAM role is accessing is located.