Before you use MNS, you must activate the service on the product page of MNS. If your account is a RAM user, you must grant permissions to the RAM user before you can use the console or API to manage MNS resources, and send or receive messages by using SDKs. This article describes how to activate MNS and authorize RAM users to access MNS.

Prerequisites

An Alibaba Cloud account is created.

Step 1: Activate MNS

  1. Go to the official website of Alibaba Cloud. Choose Products > Enterprise Applications > Message Queue > Message Service to open the product page.
    Log on to the official website of Alibaba Cloud
  2. On the product page, click Get it Free.
  3. Read MNS Agreement of Service, select I agree with MNS Agreement of Service, and then click Enable Now.
    The following message appears on the page: Congratulations. The service is activated.

Step 2: (Required for RAM users) Authorize RAM users to access MNS

  1. Log on to the RAM console by using your Alibaba Cloud account.
  2. In the left-side navigation pane, choose Identities > Users.
  3. On the Users page, find the RAM user to which you want to grant permissions and click Add Permissions in the Actions column.
  4. In the Add Permissions panel, grant permissions to the RAM user.
    1. Select the authorization scope.
      • Alibaba Cloud Account: The authorization takes effect on the current Alibaba Cloud account.
      • Specific Resource Group: The authorization takes effect on a specific resource group.
        Note If you select Specific Resource Group for Authorized Scope, make sure that the required cloud service supports resource groups. For more information, see Alibaba Cloud services that support resource groups.
    2. Specify the principal.
      The principal is the RAM user to which permissions are to be granted. By default, the current RAM user is specified. You can also specify another RAM user.
    3. Select policies.
      Note You can attach a maximum of five policies to a RAM user at a time. If you need to attach more than five policies to a RAM user, perform the operation multiple times.
  5. Click OK.
  6. Click Complete.

MNS provides the following system policies. You can grant related permissions to the RAM user based on the permission scope.

Policy Description
AliyunMNSFullAccess The permissions to manage MNS, which are equivalent to the permissions that the Alibaba Cloud account has. A RAM user to which this policy is attached can send and subscribe to all messages and use all the features of the console.
AliyunMNSReadOnlyAccess The read-only permissions on MNS. A RAM user to which this policy is attached can only read resource information in the console or by calling API operations.
Note System permissions cover a large permission scope. For example, after a RAM user is granted AliyunMNSFullAccess that represents full permissions, the RAM user can manage all resources of MNS. To grant fine-grained permissions, MNS provides custom policies. For more information, see Custom policies.

What to do next

You can click Console to create resources. For more information, see Quick start.