All Products
Search

This Product

    Resource Access Management:Grant permissions to a RAM user group

    Document Center

    Resource Access Management:Grant permissions to a RAM user group

    Last Updated:Nov 17, 2023

    If you grant permissions to a Resource Access Management (RAM) user group, all RAM users in the group have the permissions. This topic describes how to grant permissions to a RAM user group.

    Method 1: Grant permissions to a RAM user group on the Groups page

    1. Log on to the RAM console by using an Alibaba Cloud account or a RAM user that has administrative rights.

    2. In the left-side navigation pane, choose Identities > Groups.

    3. On the Groups page, find the RAM user group to which you want to grant permissions and click Add Permissions in the Actions column.

    4. In the Add Permissions panel, grant permissions to the RAM user group.

      1. Select the authorization scope.

        • Alibaba Cloud Account: The authorization takes effect on the current Alibaba Cloud account.

        • Specific Resource Group: The authorization takes effect on a specific resource group.

          Note

          If you select Specific Resource Group for Authorized Scope, make sure that the required cloud service supports resource groups. For more information, see Services that work with Resource Group.

      2. Specify the principal.

        The principal is the RAM user group to which permissions are granted. By default, the current RAM user group is specified. You can also specify a different RAM user group.

      3. Select policies.

        Note

        You can attach a maximum of five policies to a RAM user group at a time. If you need to attach more than five policies to a RAM user group, perform the operation multiple times.

    5. Click OK.

    6. Click Complete.

    Method 2: Grant permissions to a RAM user group on the Grants page

    1. Log on to the RAM console by using an Alibaba Cloud account or a RAM user that has administrative rights.

    2. In the left-side navigation pane, choose Permissions > Grants.

    3. On the Permission page, click Grant Permission.

    4. On the Grant Permission page, grant permissions to the RAM user group.

      1. Select the authorization scope.

        • Alibaba Cloud Account: The authorization takes effect on the current Alibaba Cloud account.

        • Specific Resource Group: The authorization takes effect on a specific resource group.

          Note

          If you select Specific Resource Group for Authorized Scope, make sure that the required cloud service supports resource groups. For more information, see Services that work with Resource Group.

      2. Specify the principal.

        The principal is the RAM user group to which permissions are granted.

      3. Select policies.

        Note

        You can attach a maximum of five policies to a RAM user group at a time. If you need to attach more than five policies to a RAM user group, perform the operation multiple times.

    5. Click OK.

    6. Click Complete.