All Products
Search

This Product

    Cloud Governance Center:Check account eligibility

    Document Center

    Cloud Governance Center:Check account eligibility

    Last Updated:Jun 02, 2026

    Before you set up a landing zone, the system checks whether the current account qualifies as a management account.

    Management account overview

    A management account is the super administrator of a resource directory. It is used to enable a resource directory and has full control over the directory and its members. Only an enterprise account can enable a resource directory, and each directory has only one management account. Functions of a management account:

    • Manage compliance policies for all members.
    • Configure Alibaba Cloud services such as Security Center and CloudConfig for all members.
    • Manage billing and payments for all members.

    Checks

    On the Set up landing zone page, the system checks account eligibility and displays the results.

    Check item Description Check result
    Resource check

    Checks whether cloud resources exist in the current account.

    The management account is for member administration only. Do not deploy other cloud resources in it.
    • Pass: No cloud resources exist, except for the resource directory.
    • Fail: Cloud resources exist.
    AccessKey check

    Checks whether an AccessKey exists for the Alibaba Cloud account.

    Do not create an AccessKey for your Alibaba Cloud account. A leaked AccessKey poses a high security risk, especially for a management account with expanded control scope.

    Note This check is performed only when the logged-on account is an Alibaba Cloud account.
    • Pass: No AccessKey exists for the Alibaba Cloud account.
    • Fail: An AccessKey exists for the Alibaba Cloud account.
    RAM user check

    Checks the number of Resource Access Management (RAM) users in the current account.

    A high number of RAM users means more people can access the account, which may introduce permission management risks if this account becomes a management account.
    • Pass: The number of RAM users is less than 5.
    • Fail: The number of RAM users is 5 or more.
    Account overdue payment check

    Checks whether the current account has overdue payments.

    Overdue payments can affect the activation and use of Alibaba Cloud services.
    • Pass: No overdue payments.
    • Fail: Overdue payments exist.

    Recommended actions

    Select a management account based on the check results and recommended actions.

    Check result Recommended action
    All checks passed Use the current account as the management account.
    Some or all checks failed

    The Check Details dialog box shows the failed items. Take one of the following actions:

    • If a resource directory is already enabled, fix the failed items and use the current account as the management account.
    • If no resource directory is enabled, use one of the following methods:
      • Create a new Alibaba Cloud account as the management account. The new account inherits the identity verification of the current account and automatically enables a resource directory.
      • Use another Alibaba Cloud account from your enterprise that meets the requirements as the management account.
    Note You can proceed without fixing the failed items, but this poses security risks. We strongly recommend fixing all failed items.

    What to do next

    Set up a landing zone