You can grant permissions to a Resource Access Management (RAM) role that you created for a trusted Alibaba Cloud account, Alibaba Cloud service, or identity provider (IdP). This topic describes how to grant permissions to a RAM role.
Note You cannot grant permissions to service-linked roles by attaching policies to the
roles. This is because the policies that are attached to this type of role are defined
by the linked cloud services. For more information, see Service-linked roles.
Limits
You can attach up to 20 system policies and 5 custom policies to a RAM role.
Method 1: Grant permissions to a RAM role by clicking Add Permissions on the Roles page
- Log on to the RAM console by using your Alibaba Cloud account.
- In the left-side navigation pane, choose .
- On the Roles page, find the RAM role to which you want to grant permissions and click Add Permissions in the Actions column.
- In the Add Permissions panel, grant permissions to the RAM role.
- Click OK.
- Click Complete.
Method 2: Grant permissions to a RAM role by clicking Input and Attach on the Roles page
Method 3: Grant permissions to a RAM role on the Grants page
- Log on to the RAM console by using your Alibaba Cloud account.
- In the left-side navigation pane, choose .
- On the Grants page, click Grant Permission.
- On the Grant Permissions page, grant permissions to the RAM role.
- Click OK.
- Click Complete.