This topic describes how to authorize a RAM user account to use the features of ECI.
You can use an Alibaba Cloud account to manage ECI resources. However, when a RAM user account is created, it has no permissions to manage the resources of the Alibaba Cloud account. Therefore, you need to authorize the RAM user account before you use it to manage ECI resources.
Log on to the RAM console.
You can check whether you have RAM user accounts on the RAM Overview page of the RAM console. If you do not have any RAM user accounts, create a RAM user account. For more information, see Create RAM user accounts.
If you already have RAM user accounts, click Users in the left-side navigation pane in the RAM console and find the RAM user account to be authorized, as shown in the following figure.
In the Actions column of the user that you want to authorize, click Authorize to open the Edit User-Level Authorization dialog box, as shown in the following figure.
In the Edit User-Level Authorization dialog box that appears, select authorization policies as needed, and click > to add them to Selected Authorization Policy Name, as shown in the following figure.
- To grant ECI read/write permissions to the RAM user account, select AliyuECIFullAccess.
- To grant ECI read-only permissions to the RAM user account, select AliyunECIReadOnlyAccess.
Click OK to complete the authorization.