This topic describes how to authorize a Resource Access Management (RAM) user to use the features of Elastic Container Instance (ECI).

You can use an Alibaba Cloud account or a RAM user to manage ECI resources. However, when a RAM user is created, it has no permissions to manage the resources of the Alibaba Cloud account. Therefore, you need to grant permissions to the RAM user before you use it to manage ECI resources.

  1. Log on to the RAM console.

  2. Check whether you have RAM users on the Overview page of the RAM console. If you do not have any RAM users, create one. For more information, see Create a RAM user.

  3. If you have RAM users, click Users in the left-side navigation pane of the RAM console. On the page that appears, find the target RAM user to which you want to grant permissions, as shown in the following figure.
  4. Click Add Permissions in the Actions column. The Add Permissions pane appears, as shown in the following figure.
  5. In the Add Permissions pane, enter a keyword in the Select Policy search box to search for ECI authorization policies. Select an authorization policy as required to add it to the Selected section, as shown in the following figure.

    • To grant ECI read/write permissions to the RAM user, select AliyuECIFullAccess.
    • To grant ECI read-only permissions to the RAM user, select AliyunECIReadOnlyAccess.
  6. Click OK.