平安云|Ping An Cloud- Building Your Smart Future

Products
- Recommended
- Cloud Essential Products
- Big Data
- Enterprise Applications
- Developer Services
No results found. Please try re-entering the product name
Popular Products

Elastic Compute Service HOT

Machine Vision HOT

IoT Platform HOT

Dedicated Host

API Gateway

Data Transmission Service

Key Management Service

E-MapReduce

Application Management Service

Latest Products

Voiceprint Recognition NEW

Cloud Digital Signature Service

Resource Orchestration Service

DB Backup and Recovery Service

Database Management Service

Omni-Sinitic

Registration

Recommended Services

Documentation

Partners

Computing

Elastic Compute Service HOT

Elastic GPU Service

Dedicated Host

Auto Scaling

Bare Metal Service

Pingan Kubernetes cluster Service

Storage

Elastic Block Storage

Object Based Storage

CloudNAS

Backup

DB Backup and Recovery Service

Network&CDN

Virtual Private Cloud

Elastic Load Balancing

Internet Gateway

NAT Gateway

Express Connect

VPN Gateway

Content Distribution Network

Security

Ping An Host Security NEW

Web Scan

Web Application Firewall

Ping An Security Center (PSC)

Certificate Authority Service

Security Expert Service

Web Application Firewall ( New )

Mobile Security

Database

RDS-PostgreSQL

RDS-MySQL

Redis

Document Database Service

TiDB

Database Management Service

PingAn Database Audit Service

Data Transmission Service

Advanced Database Service

Big Data Computing

E-MapReduce

Big Data Search and Analysis

Ping An Brain

Log Service

Big Data Application

Nebula BI

Big Data Solutions

Facial Recognition

Fake ID Identification

Voiceprint-based Verification

Domain Name and Website

Domain Name Service

Domain Name Registration NEW

Platform

IoT Platform

Edge Node Service (Beta) NEW

Communications

Direct Mail

Short Message Service

PAVIDEO

Intelligent Management

AnBot

Office Automation

Electronic Voucher Platform Core

Digital Signatures Certification System

ZHI NIAO

RPA Robee

Unified Collaborative Office Platform

Auto Service

Ping An Drive

Management & Monitoring

Key Management Service

Argus

Resource Access Management

Operation System Platform

Middleware

API Gateway

Message Queue

Message Queue Kafka (Beta)

IT Management & Tools

Wizard

ServiceBot

D7 Extended Deployment Automation

LINKDO

Application Management Service

Dynamic Traffic Distribution Platform

WiseAPM

WiseAPM Mobile

WiseAPM Browser

WiseAPM DialTest

WiseAPM Database
Solutions
- Universal Solutions
- Industry Solutions
Enterprise Service Solutions

Unified Platform

Collaborative Office

Swift Website Deployment

Hybrid Cloud Solutions

Cloud Migration

Big Data Solutions

Facial Recognition

Fake ID Identification

AI Solutions

AI-Smart Home

Security Solutions

Universal Security

Financial Cloud Security

Private Cloud Solutions

Ping An Private Cloud NEW

Financial Solutions

Bank

Insurance

Investment

Internet Finance

Smart City Solutions

Smart Public Security

Smart Penitentiary

Smart Airport

Smart Port

Smart Traffic

Smart Higher Education

Smart Community

Smart Building

Smart Scenic Areas

Smart Environment Protection

Medical Solutions

Smart Medical Platform

PACS Cloud Solution for Medical Imagery

Medical Active-Standby Cloud system
Customers
Pricing
Partners
Documentation
About Us

Authorization Method

<p class="shortdesc"></p> <p class="p">The method of authorizing a RAM user is to bind one or multiple access policies to a sub-account (user) or user group by using a master account or sub-account with RAM operation permission. The bound access policy can be system access policy and custom access policy. If the bound access policy is updated, it will automatically take effect and there is no need to bind again. </p> <ul class="ul" id="Authorization_method__ul_lxq_1bd_flb"> <li class="li"><strong class="ph b">Master account (resource owner) controls all permission</strong>: each resource belongs to only one owner which must be a master account paying for the resource and having full control over the resources. Resource owner is not necessarily the creator of the resource. For example, if a RAM user is authorized with the permission of creating resource, resource created by the RAM user belongs to its master account. This RAM user is the resource creator but not the owner. </li> <li class="li"><strong class="ph b">RMA user (operator) has no permission by default</strong>: a RAM user is a RAM sub-account whose operation should have explicit authorization. A new RAM user has no operation permission by default. Only the RAM user is authorized can it access or operate resource via the Console or API request. </li> <li class="li"><strong class="ph b">Resource creator (RAM user) does not automatically have any permission of the resource it has created</strong>: if a RAM user is authorized with the permission of creating resource, it is able to create resource but does not automatically have any permission of the resource it has created unless it has explicit authorization from the resource owner. </li> </ul>

Did the above content solve your problem? Yes No

Please complete information！

Ok Cancel