This topic provides an example of the Resource Access Management (RAM) policy for resource groups.

The following policy defines that you are allowed to create and delete resource groups, and view and modify the basic information about resource groups in Resource Management.

    "Statement": [{
        "Action": "ram:*ResourceGroup*",
        "Effect": "Allow",
        "Resource": "*"
    "Version": "1"
Note If you want to authorize a RAM user to perform more group-related operations, such as managing resources in a resource group, granting permissions to a resource group, or migrating resources across resource groups, you must attach other policies to the RAM user. For more information, see Resource Group.