This topic describes how to create a RAM user, create an AccessKey pair for the RAM user, grant permissions to the RAM user, and allocate the RAM user to a person.
Background information
- If you use DTplus alone, you can skip this topic after you create an Alibaba Cloud account. For more information, see Prepare an Alibaba Cloud account.
- If you need to use DTplus together with others, follow the instructions in this topic to create RAM users.
Create a RAM user
Create an AccessKey pair for the RAM user
An AccessKey pair ensures that nodes created in your DataWorks workspace can be run. You must create an AccessKey pair for each RAM user.
If you grant a RAM user the permission to manage AccessKey pairs, the RAM user can create AccessKey pairs in the RAM console.
To create an AccessKey pair for a RAM user, perform the following steps:
Grant permissions to the RAM user
To allow a RAM user to create a DataWorks workspace, you must grant the AliyunDataWorksFullAccess permission to the RAM user.
Allocate the RAM user to a person
- A RAM user belongs to your Alibaba Cloud account and does not own resources, so the resource usage of a RAM user is not measured and billed to the RAM user.
- All charges generated for using Alibaba Cloud services by RAM users are paid by your Alibaba Cloud account.
- You must take note of the logon link for RAM users and the default domain or domain alias of your Alibaba Cloud account. Then, send them to the person to whom you want to allocate a RAM user.
- Logon link for RAM users
Log on to the RAM console with your Alibaba Cloud account and click Account Management section.
in the left-side navigation pane. View the logon link for RAM users in the - Domain alias or default domain of your Alibaba Cloud account
Log on to the RAM console with your Alibaba Cloud account and click Settings page, click the Advanced tab and view the default domain and domain alias in the Default Domain and Domain Alias sections.
in the left-side navigation pane. On the - Username and password of the RAM user
- AccessKey ID and AccessKey secret of the RAM user
- You grant the RAM user the permission to log on to the Alibaba Cloud Management Console.
- You grant the RAM user the permission to manage AccessKey pairs. For more information, see Set security policies for RAM users.