ApsaraMQ for MQTT:Activate ApsaraMQ for MQTT and authorize a RAM user to access ApsaraMQ for MQTT resources

Step 1: Activate ApsaraMQ for MQTT

1. Step 1: Go to the product page of ApsaraMQ for MQTT.

2. Click Log In in the upper-right corner of the page.

3. On the logon page, enter your Alibaba Cloud account and password, and click Sign In.

4. On the product page of ApsaraMQ for MQTT, click Buy Now.

   You are navigated to the ApsaraMQ for MQTT console.

5. On the Overview page, click Activate for Free.

6. On the service activation page, read the content of the order and the service agreement, select Message Queue for Apache RocketMQ Terms of Service, and then click Activate Now.

   Note

   ApsaraMQ for MQTT is one of the ApsaraMQ for RocketMQ services. After you activate ApsaraMQ for RocketMQ, ApsaraMQ for MQTT is activated. You can activate Message Queue for Apache RocketMQ for free.

Step 1: Grant permissions to a RAM user (Required for a RAM user)

If you activate ApsaraMQ for MQTT as a RAM user, you must use your Alibaba Cloud account to grant required permissions to the RAM user before you can access ApsaraMQ for MQTT resources as the RAM user. If you activate ApsaraMQ for MQTT by using an Alibaba Cloud account, you have the permissions to access ApsaraMQ for MQTT resources by default. In this case, skip this step.

1. Log on to the RAM console with an Alibaba Cloud account or a RAM user who has administrative rights.

2. In the left-side navigation pane, choose Identities > Users.

3. On the Users page, find the required RAM user and click Add Permissions in the Actions column.

4. In the Add Permissions panel, grant permissions to the RAM user.

   1. Select the authorization scope.

      • Alibaba Cloud Account: The authorization takes effect on the current Alibaba Cloud account.

      • Specific Resource Group: The authorization takes effect on a specific resource group.

        Note

        If you select Specific Resource Group for Authorized Scope, make sure that the required cloud service supports resource groups. For more information, see Services that work with Resource Group. For more information about how to grant permissions on a resource group, see Use a resource group to grant a RAM user the permissions to manage a specific ECS instance.

   2. Specify the principal.

      The principal is the RAM user to which you want to grant permissions.

   3. Select policies.

      A policy contains a set of permissions. Policies can be classified into system policies and custom policies:

      • System policies: policies that are created by Alibaba Cloud. You can use but cannot modify these policies. Version updates of the policies are maintained by Alibaba Cloud. For more information, see Services that work with RAM.

      • Custom policies: You can manage and update custom policies based on your business requirements. You can create, update, and delete custom policies. For more information, see Create a custom policy.

      Note

      You can attach a maximum of five policies to a RAM user at a time. If you want to attach more than five policies to a RAM user, perform the operation multiple times.

5. Click OK.

6. Click Complete.

ApsaraMQ for MQTT provides the following system policies. You can grant related permissions to the RAM user based on the permission scope.