The Control Policy feature is disabled by default. You can use this feature after you enable it.
Background information
After the Control Policy feature is enabled, a resource directory has the following changes:
- The system automatically attaches the system access control policy FullAliyunAccess to folders and members in the resource directory. This policy allows all operations on all your cloud resources.
- When you create a folder or member, the system automatically attaches the system access control policy FullAliyunAccess to the folder or member.
- After an invited Alibaba Cloud account joins a resource directory, the system automatically attaches the system access control policy FullAliyunAccess to this member.
- When you remove a member, the system automatically detaches all access control policies that are attached to this member.
Procedure
- Log on to the Resource Management console.
- In the left-side navigation pane, choose .
- In the upper part of the Control Policy page, click Enable Control Policy.
- In the message that appears, click OK.
- Click the Refresh icon and view the status of the Control Policy feature.