Services that support RAM-Resource Access Management(RAM)-阿里云帮助中心

This topic lists the Alibaba Cloud services that support Resource Access Management (RAM), along with their authorization granularities, system policies, and related documentation.

Overview

Each table in this topic provides the following information:

Cloud service: The name of the cloud service that supports RAM.
Sub-service or sub-module: The sub-service or sub-module of the cloud service. A hyphen (-) is used if none is available.
RAM code: The unique code for the cloud service in RAM.
Console: Supported indicates that the cloud service supports access control in the console. Not supported indicates that it does not. A circle (○) indicates that the cloud service is not integrated with the console.
API: Specifies whether the cloud service supports access control via API. Supported indicates support, Not supported indicates no support, and ○ indicates that the service does not provide an API.
Authorization granularity: The finest level of authorization that the cloud service supports. A hyphen (-) indicates that no specific granularity is defined.
When a cloud service integrates with RAM, it defines different levels of authorization granularity for RAM users and RAM roles:
- Service level: Permissions apply to the cloud service as a whole, meaning a RAM user or RAM role has either all permissions for that service or none.
- Operation level: Also known as API-level authorization. You can grant a RAM user or RAM role permissions to perform specific operations on certain resource types.
- Resource level: The most granular level of authorization. You can grant permissions for specific operations on individual resources. For example, you can authorize a RAM user to restart only a specific ECS instance.
System policy: Predefined policies provided by RAM for the cloud service. A hyphen (-) indicates that no system policies are available.
References: Documentation on the cloud service's integration with RAM. A hyphen (-) indicates that no documentation is available.

Elastic compute

Service	Sub-service	RAM code	Console	API	Authorization granularity	System policies	Reference
ECS	-	ecs	Supported	Supported	resource-level	AliyunECSFullAccess AliyunECSReadOnlyAccess AliyunECSAssistantFullAccess AliyunECSAssistantReadonlyAccess AliyunECSNetworkInterfaceManagementAccess AliyunECSWorkbenchFullAccess	RAM authorization for ECS
ECS	Elastic Block Storage (EBS)	ecs	Supported	Supported	resource-level	AliyunECSFullAccess AliyunECSReadOnlyAccess AliyunECSAssistantFullAccess AliyunECSAssistantReadonlyAccess AliyunECSNetworkInterfaceManagementAccess	-
Elastic Block Storage (EBS)	-	ebs	Supported	Supported	resource-level	AliyunEBSFullAccess AliyunEBSReadOnlyAccess	-
ECS	Elastic GPU Service	ecs	Supported	Supported	resource-level	AliyunECSFullAccess AliyunECSReadOnlyAccess AliyunECSAssistantFullAccess AliyunECSAssistantReadonlyAccess AliyunECSNetworkInterfaceManagementAccess	RAM authorization for ECS
ECS	ECS Bare Metal Instance	ecs	Supported	Supported	resource-level	AliyunECSFullAccess AliyunECSReadOnlyAccess AliyunECSAssistantFullAccess AliyunECSAssistantReadonlyAccess AliyunECSNetworkInterfaceManagementAccess	RAM authorization for ECS
ECS	Dedicated Host (DDH)	ecs	Supported	Supported	resource-level	AliyunECSFullAccess AliyunECSReadOnlyAccess AliyunECSAssistantFullAccess AliyunECSAssistantReadonlyAccess AliyunECSNetworkInterfaceManagementAccess	RAM authorization for ECS
ECS	Alibaba Cloud Linux 2	ecs	Supported	Supported	resource-level	AliyunECSFullAccess AliyunECSReadOnlyAccess AliyunECSAssistantFullAccess AliyunECSAssistantReadonlyAccess AliyunECSNetworkInterfaceManagementAccess	RAM authorization for ECS
Auto Scaling	-	ess	Supported	Supported	operation-level	AliyunESSFullAccess AliyunESSReadOnlyAccess	Auto Scaling API usage notes
Container Service	-	cs	Supported	Supported	resource-level	AliyunCSFullAccess AliyunCSReadOnlyAccess	-
Container Service for Kubernetes (ACK)	-	cs	Supported	Supported	resource-level	AliyunCSFullAccess AliyunCSReadOnlyAccess	RAM authorization for ACK
Batch Compute	-	batchcompute	Supported	Supported	service-level	AliyunBatchComputeFullAccess	-
Resource Orchestration Service (ROS)	-	ros	Supported	Supported	resource-level	AliyunROSFullAccess AliyunROSReadOnlyAccess	RAM authorization for ROS
Function Compute	-	fc	Supported	Supported	resource-level	AliyunFCFullAccess AliyunFCReadOnlyAccess AliyunFCInvocationAccess	RAM authorization for Function Compute
Simple Application Server	-	swas	Supported	○	service-level	AliyunSWASFullAccess	-
Elastic High Performance Computing (E-HPC)	-	ehpc	Supported	Supported	service-level	AliyunEHPCFullAccess AliyunEHPCReadOnlyAccess	-
Container Registry	-	cr	Supported	Supported	resource-level	AliyunContainerRegistryFullAccess AliyunContainerRegistryReadOnlyAccess	RAM authorization for Container Registry
Cloud Desktop	-	gws	Supported	○	service-level	AliyunGwsFullAccess	-
Elastic Desktop Service (EDS)	-	ecd	Supported	Supported	operation-level	AliyunECDFullAccess AliyunECDReadOnlyAccess AliyunECDRamUserAccess AliyunECDTagFullAccess AliyunECDOfficeSiteFullAccess AliyunECDUserFullAccess AliyunECDPolicyGroupFullAccess AliyunECDDesktopFullAccess AliyunECDTechnicalSupportFullAccess	Authorize RAM users
Elastic Container Instance (ECI)	-	eci	Supported	Supported	resource-level	AliyunECIFullAccess AliyunECIReadOnlyAccess	Authorize RAM users
Serverless Workflow	-	fnf	Supported	Supported	resource-level	AliyunFnFFullAccess AliyunFnFReadOnlyAccess	RAM authorization for Serverless Workflow
Web App Service	-	webplus	Supported	Supported	operation-level	AliyunWebPlusFullAccess AliyunWebPlusReadOnlyAccess	-
Elastic Accelerator Instance	-	eais	Supported	Supported	resource-level	AliyunEAISFullAccess AliyunEAISReadOnlyAccess	-
Cloud Box	-	cloudbox	Supported	○	resource-level	AliyunCloudBoxFullAccess AliyunCloudBoxReadOnlyAccess	-
Cloud Phone	-	cloudphone	Supported	Supported	resource-level	AliyunCloudPhoneFullAccess AliyunCloudPhoneReadOnlyAccess	-
Compute Nest	-	computenest computenestsupplier	Supported	○	resource-level	AliyunComputeNestSupplierFullAccess AliyunComputeNestUserFullAccess AliyunComputeNestUserReadOnlyAccess AliyunComputeNestSupplierReadOnlyAccess	-
Apsara Cloud VMware Service	-	acvs	Supported	○	resource-level	AliyunACVSFullAccess AliyunACVSReadOnlyAccess	-
Distributed Cloud Container Platform for Kubernetes (ACK One)	-	adcp	Supported	Supported	operation-level	AliyunAdcpFullAccess AliyunAdcpReadOnlyAccess	-
Container Compute Service (ACS)	-	acc	Supported	Supported	resource-level	AliyunAccFullAccess AliyunAccReadOnlyAccess	Authorization overview
Serverless Devs	-	devs	Supported	Supported	operation-level	AliyunDevsFullAccess AliyunDevsReadOnlyAccess	-
License Manager	-	licensemanager	Supported	○	resource-level	AliyunLicenseManagerFullAccess AliyunLicenseManagerReadOnlyAccess	-

Databases

Service	Sub-service	RAM code	Console	API	Authorization granularity	System policy	References
ApsaraDB RDS	ApsaraDB RDS	rds	Supported	Supported	resource-level	AliyunRDSFullAccess AliyunRDSReadOnlyAccess AliyunRDSGADFullAccess AliyunRDSGADReadOnlyAccess AliyunRDSReadOnlyWithSQLLogArchiveAccess	RAM authorization for RDS
ApsaraDB RDS	ApsaraDB RDS for MySQL	rds	Supported	Supported	resource-level	AliyunRDSFullAccess AliyunRDSReadOnlyAccess	RAM authorization for RDS
ApsaraDB RDS	ApsaraDB RDS for SQL Server	rds	Supported	Supported	resource-level	AliyunRDSFullAccess AliyunRDSReadOnlyAccess	RAM authorization for RDS
ApsaraDB RDS	ApsaraDB RDS for PostgreSQL	rds	Supported	Supported	resource-level	AliyunRDSFullAccess AliyunRDSReadOnlyAccess	RAM authorization for RDS
ApsaraDB RDS	ApsaraDB for MyBase	rds	Supported	Supported	resource-level	AliyunRDSFullAccess AliyunRDSReadOnlyAccess	-
Tair	-	kvstore	Supported	Supported	resource-level	AliyunKvstoreFullAccess AliyunKvstoreReadOnlyAccess	RAM authorization for Tair
ApsaraDB for MongoDB	-	dds	Supported	Supported	resource-level	AliyunMongoDBFullAccess AliyunMongoDBReadOnlyAccess	RAM authorization for ApsaraDB for MongoDB
AnalyticDB for PostgreSQL	-	gpdb	Supported	Supported	resource-level	AliyunGPDBFullAccess AliyunGPDBReadOnlyAccess	RAM authorization for AnalyticDB for PostgreSQL
Data Transmission Service (DTS)	-	dts	Supported	Supported	operation-level	AliyunDTSFullAccess AliyunDTSReadOnlyAccess	Authorize a RAM user to manage DTS
Data Management (DMS)	-	dms	Supported	Supported	service-level	AliyunDMSFullAccess AliyunDMSReadOnlyAccess	Authorize DMS to access cloud resources
AnalyticDB for MySQL	-	adb	Supported	Supported	operation-level	AliyunADBFullAccess AliyunADBReadOnlyAccess AliyunADBDeveloperAccess	RAM authorization for AnalyticDB for MySQL
PolarDB-X	-	drds polardbx	Supported	Supported	resource-level	AliyunDRDSReadOnlyAccess AliyunDRDSFullAccess AliyunDRDSReadOnlyWithSQLLogArchiveAccess	RAM authorization for PolarDB-X
ApsaraDB for HBase	-	hbase	Supported	Supported	resource-level	AliyunHBaseFullAccess AliyunHBaseReadOnlyAccess	Create custom RAM authorization policies
Advanced Database & Application Migration (ADAM)	-	adam	Supported	○	service-level	AliyunADAMReadOnlyAccess AliyunADAMFullAccess	RAM authorization for ADAM
PolarDB	-	polardb	Supported	Supported	operation-level	AliyunPolardbReadOnlyAccess AliyunPolardbFullAccess AliyunPolardbReadOnlyWithSQLLogArchiveAccess	Create a RAM user
Database Backup Service (DBS)	-	dbs	Supported	Supported	service-level	AliyunDBSFullAccess AliyunDBSReadOnlyAccess	-
Database Autonomy Service (DAS)	-	hdm	Supported	Supported	service-level	AliyunHDMReadOnlyAccess AliyunHDMFullAccess AliyunHDMReadOnlyWithSQLLogArchiveAccess	Use DAS as a RAM user
Graph Database (GDB)	-	gdb	Supported	Supported	resource-level	AliyunGDBFullAccess AliyunGDBReadOnlyAccess	RAM authorization for Graph Database
Database Expert Service (DBES)	-	dbes	Supported	○	service-level	AliyunDBESFullAccess	-
ApsaraDB for OceanBase	-	oceanbase	Supported	○	service-level	AliyunOceanBaseFullAccess AliyunOceanBaseReadOnlyAccess	-
ApsaraDB for Cassandra	-	cassandra	Supported	Supported	resource-level	AliyunCassandraFullAccess AliyunCassandraReadOnlyAccess	Manage RAM users
ApsaraDB for ClickHouse	-	clickhouse	Supported	Supported	resource-level	AliyunClickHouseFullAccess AliyunClickHouseReadOnlyAccess	Grant permissions to RAM users
Database Gateway (DG)	-	dg	Supported	Supported	resource-level	AliyunDGFullAccess AliyunDGReadOnlyAccess	-
ApsaraDB for SelectDB	-	selectdb	Supported	Supported	operation-level	AliyunSelectDBFullAccess AliyunSelectDBReadOnlyAccess	RAM authorization for ApsaraDB for SelectDB

Storage

Service	Sub-service	RAM code	Console	API	Authorization granularity	System policies	References
Object Storage Service (OSS)	-	oss	Supported	Supported	resource level	AliyunOSSFullAccess AliyunOSSReadOnlyAccess AliyunOSSImportReadOnlyAccess AliyunOSSImportFullAccess	RAM authorization for OSS
NAS	-	nas	Supported	Supported	resource level	AliyunNASFullAccess AliyunNASReadOnlyAccess	Control NAS access with RAM policies
Tablestore	-	ots	Supported	Supported	resource level	AliyunOTSFullAccess AliyunOTSReadOnlyAccess AliyunOTSWriteOnlyAccess	RAM authorization for Tablestore
Cloud Storage Gateway (CSG)	-	hcs-sgw	Supported	Supported	service level	AliyunHCSSGWFullAccess	RAM authorization for Cloud Storage Gateway
Cloud Backup	-	hbr	Supported	Supported	resource level	AliyunHBRFullAccess AliyunHBRReadOnlyAccess	RAM authorization for Cloud Backup
Hybrid Disaster Recovery (HDR)	-	hdr	Supported	○	service level	AliyunHDRFullAccess	RAM authorization for Hybrid Disaster Recovery
Intelligent Media Management (IMM)	-	imm	Supported	Supported	service level	AliyunIMMReadOnlyAccess AliyunIMMFullAccess	RAM authorization for Intelligent Media Management
Apsara File Storage HDFS	-	dfs	Supported	Supported	resource level	AliyunHDFSFullAccess AliyunHDFSReadOnlyAccess	RAM authorization for Apsara File Storage HDFS
Database File System (DBFS)	-	dbfs	Supported	Supported	resource level	AliyunDBFSFullAccess AliyunDBFSReadOnlyAccess	RAM authorization for Database File System
Drive and Photo Service (PDS)	-	pds	Supported	Supported	resource level	AliyunPDSFullAccess AliyunPDSReadOnlyAccess	-
Hybrid Cloud Storage	Hybrid Cloud Storage	hgw	Supported	○	operation level	AliyunHgwFullAccess AliyunHgwReadOnlyAccess	-
Hybrid Cloud Storage	CloudBox OSS	oss-cloudbox	Supported	Supported	resource level	AliyunOSSCloudBoxFullAccess AliyunOSSCloudBoxReadOnlyAccess	-
Hybrid Cloud Storage	Remote Service	asrs	Supported	○	resource level	ASRSFullAccess ASRSReadOnlyAccess	-
Lightning Cube	-	mgw	Supported	○	operation level	AliyunMGWFullAccess	-

Cloud communication

Cloud service	Subservice / module	RAM code	Console	API	Authorization granularity	System policy	Related documentation
Short Message Service	-	dysms	Supported	Supported	service level	AliyunDysmsFullAccess AliyunDysmsReadOnlyAccess	RAM authorization for Short Message Service
Voice Messaging Service	-	dyvms	Supported	Supported	service level	AliyunDyvmsFullAccess AliyunDyvmsReadOnlyAccess	RAM authorization for Voice Messaging Service
Phone Number Protection	-	dypls	Supported	Supported	service level	AliyunDyplsFullAccess AliyunDyplsReadOnlyAccess	RAM authorization for Phone Number Protection
Phone Number Verification Service	-	dypns	Supported	Supported	action level	AliyunDypnsFullAccess AliyunDypnsReadOnlyAccess	RAM authorization for Phone Number Verification Service
Cloud Communication Network Acceleration	-	snsu	Supported	Supported	action level	AliyunSNSUFullAccess AliyunSNSUReadOnlyAccess	-
Alibaba Intelligent Contact Center Service	-	aiccs	Supported	Not supported	resource level	AliyunAiccsFullAccess AliyunAiccsReadOnlyAccess	-
Alibaba Cloud Conference	-	aliyuncvc	Supported	Not supported	resource level	AliyunCVCFullAccess AliyunCVCReadOnlyAccess	-
Phone Number Identity Service	-	dytns	Supported	Supported	action level	AliyunDytnsFullAccess AliyunDytnsReadOnlyAccess	RAM authorization for Phone Number Identity Service
Interactive Media Platform	-	imp	Supported	Supported	action level	AliyunIMPFullAccess AliyunIMPReadOnlyAccess	-

Networking

Cloud service	Sub-service/sub-module	RAM code	Console	API	Authorization granularity	System policy	Related documents
Virtual Private Cloud (VPC)	-	vpc	Supported	Supported	resource-level	AliyunVPCFullAccess AliyunVPCReadOnlyAccess AliyunVPCNetworkIntelligenceReadOnlyAccess AliyunVPCPrefixListAccess AliyunVPCPrefixListReadOnlyAccess AliyunVpcPeerFullAccess AliyunVpcPeerReadOnlyAccess	RAM authorization for VPC
Server Load Balancer (SLB)	Classic Load Balancer (CLB)	slb	Supported	Supported	resource-level	AliyunSLBReadOnlyAccess AliyunSLBFullAccess	RAM authorization for Classic Load Balancer (CLB)
Server Load Balancer (SLB)	Application Load Balancer (ALB)	alb	Supported	Supported	resource-level	AliyunALBFullAccess AliyunALBReadOnlyAccess	RAM authorization for Application Load Balancer (ALB)
Server Load Balancer (SLB)	Network Load Balancer (NLB)	nlb	Supported	Supported	resource-level	AliyunNLBFullAccess AliyunNLBReadOnlyAccess	RAM authorization for Network Load Balancer (NLB)
Server Load Balancer (SLB)	Gateway Load Balancer (GWLB)	gwlb	Supported	Supported	resource-level	AliyunGWLBFullAccess AliyunGWLBReadOnlyAccess	RAM authorization for Gateway Load Balancer (GWLB)
Express Connect	-	vpc	Supported	Supported	resource-level	AliyunExpressConnectFullAccess AliyunExpressConnectReadOnlyAccess	Policies and examples for Express Connect
Elastic IP Address (EIP)	Elastic IP Address (EIP)	vpc	Supported	Supported	resource-level	AliyunEIPFullAccess AliyunEIPReadOnlyAccess	RAM authorization for EIP
Elastic IP Address (EIP)	Anycast Elastic IP Address (Anycast EIP)	eipanycast	Supported	Supported	resource-level	AliyunAnycastEIPFullAccess AliyunAnycastEIPReadOnlyAccess	RAM authorization for Anycast EIP
Data Transfer Plan	-	-	Supported	Not supported	service-level	-	-
NAT Gateway	-	vpc	Supported	Supported	resource-level	AliyunNATGatewayReadOnlyAccess AliyunNATGatewayFullAccess	RAM authorization for NAT Gateway
VPN Gateway	-	vpc	Supported	Supported	resource-level	AliyunVPNGatewayFullAccess AliyunVPNGatewayReadOnlyAccess	RAM authorization for VPN Gateway
Internet Shared Bandwidth	-	vpc	Supported	Supported	resource-level	AliyunCommonBandwidthPackageReadOnlyAccess AliyunCommonBandwidthPackageFullAccess	-
Global Accelerator (GA)	-	ga	Supported	Supported	resource-level	AliyunGlobalAccelerationReadOnlyAccess AliyunGlobalAccelerationFullAccess	RAM authorization for Global Accelerator (GA)
Smart Access Gateway (SAG)	-	smartag	Supported	Supported	resource-level	AliyunSmartAccessGatewayFullAccess AliyunSmartAccessGatewayReadOnlyAccess	RAM authorization for Smart Access Gateway (SAG)
IPv6 Translation Service	-	vpc	Supported	Supported	resource-level	AliyunIPv6TranslationFullAccess AliyunIPv6TranslationReadOnlyAccess	-
Cloud Enterprise Network (CEN)	-	cen	Supported	Supported	resource-level	AliyunCENReadOnlyAccess AliyunCENFullAccess	RAM authorization for Cloud Enterprise Network (CEN)
PrivateLink	-	privatelink	Supported	Supported	resource-level	AliyunPrivateLinkFullAccess AliyunPrivateLinkReadOnlyAccess AliyunPrivatelinkEndpointServiceReadOnlyAccess AliyunPrivatelinkEndpointServiceFullAccess AliyunPrivatelinkEndpointReadOnlyAccess AliyunPrivatelinkEndpointFullAccess	RAM authorization for PrivateLink
Alibaba Cloud DNS PrivateZone	-	pvtz	Supported	Supported	resource-level	AliyunPvtzFullAccess AliyunPvtzReadOnlyAccess	RAM authorization for Alibaba Cloud DNS PrivateZone
Apsara Stack	-	-	Unsupported	Not supported	-	-	-
Cloud Connector	Cloud Connect IoT (CCIoT)	iotcc	Supported	Supported	resource-level	AliyunCCIoTFullAccess AliyunCCIoTReadOnlyAccess	-
Cloud Connector	Cloud Connect 5G (CC5G)	fivegcc	Supported	Supported	resource-level	AliyunFiveGCCFullAccess AliyunFiveGCCReadOnlyAccess	-
Network Intelligence Service (NIS)	-	nis	Supported	Not supported	operation-level	AliyunNISFullAccess AliyunNISReadOnlyAccess	-
Network Analytics (Netana)	-	netana	Supported	Supported	operation-level	AliyunNetanaFullAccess AliyunNetanaReadOnlyAccess	-
Cloud Data Transfer (CDT)	-	cdt	Supported	Supported	operation-level	AliyunCDTFullAccess AliyunCDTReadOnlyAccess	System policy reference for CDT
VPC peering connection	-	vpc	Supported	Supported	resource-level	AliyunVpcPeerFullAccess AliyunVpcPeerReadOnlyAccess	-
IPv6 Gateway	-	vpc	Supported	Supported	resource-level	AliyunIpv6FullAccess AliyunIpv6ReadOnlyAccess	-

O&M management

Cloud service	Sub-module	Code	Console	API	Authorization granularity	System policies	Documentation
Application Real-Time Monitoring Service (ARMS)	-	arms	Supported	Supported	service level	AliyunARMSFullAccess AliyunARMSReadOnlyAccess	RAM authentication for ARMS
CloudMonitor	-	cms	Supported	Supported	operation level	AliyunCloudMonitorFullAccess AliyunCloudMonitorReadOnlyAccess AliyunCloudMonitorMetricDataReadOnlyAccess	RAM authentication for CloudMonitor
Intelligent Advisor	-	advisor	Supported	Supported	operation level	AliyunAdvisorFullAccess AliyunAdvisorReadOnlyAccess	-
OpenAPI Explorer	OpenAPI Explorer	-	Supported	○	service level	-	-
OpenAPI Explorer	IaC service	iacservice	Supported	Supported	resource level	AliyunIaCServiceFullAccess AliyunIaCServiceReadOnlyAccess	-
Cloud Shell	-	cloudshell	Supported	○	operation level	AliyunCloudShellFullAccess	-
Cloud Config	-	config	Supported	Supported	operation level	AliyunConfigFullAccess AliyunConfigReadOnlyAccess	RAM authentication for Cloud Config
Logic Composer	-	composer	Supported	Supported	resource level	AliyunLogicComposerFullAccess AliyunLogicComposerReadOnlyAccess	RAM authentication for Logic Composer
CloudOps Orchestration Service (OOS)	-	oos	Supported	Supported	resource level	AliyunOOSFullAccess AliyunOOSReadOnlyAccess	RAM authentication for CloudOps Orchestration Service (OOS)
Cloud Management Network	-	cmn	Supported	Supported	resource level	AliyunCMNFullAccess AliyunCMNReadOnlyAccess	RAM authentication for Cloud Management Network
Cloud Governance Center (CGC)	Cloud Governance Center (CGC)	governance	Supported	○	operation level	AliyunGovernanceFullAccess AliyunGovernanceReadOnlyAccess	-
Cloud Governance Center (CGC)	Service Catalog	servicecatalog	Supported	Supported	resource level	AliyunServiceCatalogAdminFullAccess AliyunServiceCatalogEndUserFullAccess AliyunServiceCatalogAdminReadOnlyAccess AliyunServiceCatalogEndUserReadOnlyAccess	Grant end user permissions Grant administrator permissions

Middleware

Service	Sub-service or sub-module	RAM code	Console	API	Authorization granularity	System policy	Documentation
Enterprise Distributed Application Service (EDAS)	-	edas	Supported	Supported	resource level	AliyunEDASFullAccess AliyunEDASReadOnlyAccess AliyunEDASApplicationFullAccess AliyunEDASApplicationReadOnlyAccess AliyunEDASResourceReadOnlyAccess AliyunEDASResourceFullAccess	RAM authorization for EDAS
Message Queue	Message Queue for Apache RocketMQ	mq	Supported	Supported	resource level	AliyunMQFullAccess AliyunMQReadOnlyAccess AliyunMQPubOnlyAccess AliyunMQSubOnlyAccess	RAM authorization for Message Queue for Apache RocketMQ
Message Queue	Message Queue for MQTT	mq	Supported	Supported	resource level	AliyunMQFullAccess AliyunMQReadOnlyAccess AliyunMQPubOnlyAccess AliyunMQSubOnlyAccess	RAM authorization for Message Queue for MQTT
Message Queue	Message Queue for RabbitMQ	amqp	Supported	Supported	resource level	AliyunAMQPFullAccess AliyunAMQPReadOnlyAccess	RAM authorization for Message Queue for RabbitMQ
Performance Testing Service (PTS)	-	pts	Supported	Supported	service level	AliyunPTSFullAccess	-
Message Service (MNS)	-	mns	Supported	Supported	resource level	AliyunMNSFullAccess AliyunMNSReadOnlyAccess	RAM authorization for Message Service (MNS)
Message Queue for Apache Kafka	-	alikafka	Supported	Supported	resource level	AliyunKafkaFullAccess AliyunKafkaReadOnlyAccess	RAM authorization for Message Queue for Apache Kafka
Application High Availability Service (AHAS)	-	ahas	Supported	Supported	service level	AliyunAHASFullAccess AliyunAHASReadOnlyAccess	RAM authorization for AHAS
Serverless App Engine (SAE)	-	sae	Supported	Supported	service level	AliyunSAEFullAccess AliyunSAEReadOnlyAccess	RAM authorization for SAE
Alibaba Cloud Service Mesh (ASM)	-	servicemesh	Supported	Supported	resource level	AliyunASMFullAccess AliyunASMReadOnlyAccess	RAM authorization for Alibaba Cloud Service Mesh
EventBridge	-	eventbridge	Supported	Supported	resource level	AliyunEventBridgeFullAccess AliyunEventBridgeReadOnlyAccess AliyunEventBridgeResourceCreatePolicy AliyunEventBridgeResourceDeletePolicy AliyunEventBridgeResourceUpdatePolicy AliyunEventBridgePutEventsPolicy	RAM authorization for EventBridge
Global Transaction Service (GTS)	-	txc	Supported	Supported	service level	AliyunGTSFullAccess AliyunGTSReadOnlyAccess	RAM authorization for GTS
Managed Service for Grafana	-	arms	Supported	Not supported	service level	AliyunARMSFullAccess AliyunARMSReadOnlyAccess	-

Media and CDN

Service	Subservice or submodule	RAM code	Console	API	Authorization granularity	System policies	References
Alibaba Cloud CDN	-	cdn	Supported	Supported	resource-level	AliyunCDNFullAccess AliyunCDNReadOnlyAccess	RAM authorization for Alibaba Cloud CDN
ApsaraVideo for Media Processing (MPS)	-	mts	Supported	Supported	service-level	AliyunMTSFullAccess AliyunMTSPlayerAuth	RAM authorization for ApsaraVideo for Media Processing
ApsaraVideo for VOD	-	vod	Supported	Supported	action-level	AliyunVODFullAccess AliyunVODReadOnlyAccess AliyunVODPlayAuth AliyunVODUploadAuth	-
ApsaraVideo for Live	-	live	Supported	Supported	resource-level	AliyunLiveFullAccess AliyunLiveReadOnlyAccess	ApsaraVideo for Live RAM authorization
Real-Time Communication (RTC)	-	rtc	Supported	Supported	resource-level	AliyunRTCFullAccess AliyunRTCReadOnlyAccess	RAM authorization for Real-Time Communication (RTC)
Visual Compute Service	-	vs	Supported	Supported	action-level	AliyunVSFullAccess AliyunVSReadOnlyAccess	-
Dynamic Content Delivery Network (DCDN)	-	dcdn	Supported	Supported	resource-level	AliyunDCDNFullAccess AliyunDCDNReadOnlyAccess	-
Edge Node Service (ENS)	-	ens	Supported	Supported	resource-level	AliyunENSReadOnlyAccess AliyunENSFullAccess AliyunENSEOSFullAccess	-
Intelligent Media Management (IMM)	-	ice	Supported	Supported	resource-level	AliyunICEFullAccess AliyunICEReadOnlyAccess	-
Edge Security Acceleration (ESA)	-	esa	Supported	Supported	resource-level	AliyunESAFullAccess AliyunESAReadOnlyAccess	Edge Security Acceleration (ESA) RAM authorization

Enterprise applications

Service	Sub-service/sub-module	RAM code	Console	API	Authorization granularity	System policy	References
Direct Mail	-	dm	Supported	Supported	operation level	AliyunDirectMailFullAccess AliyunDirectMailReadOnlyAccess	-
API Gateway	-	apigateway	Supported	Supported	service level	AliyunApiGatewayFullAccess AliyunApiGatewayReadOnlyAccess	RAM authorization for API Gateway
API Gateway	Cloud Native API Gateway	apig	Supported	Supported	resource level	AliyunAPIGFullAccess AliyunAPIGReadOnlyAccess	RAM authorization for Cloud Native API Gateway
Alibaba Mail	-	alimail	Supported	○	operation level	AliyunAlimailFullAccess AliyunAlimailReadOnlyAccess	-
Cloud AP	-	-	Unsupported	Unsupported	-	-	-
Robotic Process Automation	-	rpa	Supported	○	operation level	-	-
Cloud Cast	-	itaas-cd	Supported	○	service level	AliyunWorkSuiteCDFullAccess	-
Resource Management	Resource Directory	resourcemanager	Supported	Supported	operation level	AliyunResourceDirectoryFullAccess AliyunResourceDirectoryReadOnlyAccess	RAM authorization for Resource Directory
Resource Management	Resource Sharing	resourcesharing	Supported	Supported	operation level	AliyunResourceSharingFullAccess AliyunResourceSharingReadOnlyAccess	-
Resource Management	tag	tag	Supported	Supported	operation level	AliyunTagManagerAccess AliyunTAGReadOnlyAccess AliyunTagAdministratorAccess	RAM authorization for tags
Resource Management	Resource Center	resourcecenter	Supported	Supported	operation level	AliyunResourceCenterFullAccess AliyunResourceCenterReadOnlyAccess	RAM authorization for Resource Center
Smart Conversation Analysis	-	sca	Supported	Supported	resource level	AliyunSCAFullAccess AliyunSCAReadOnlyAccess	-
Chatbot	-	chatbot	Supported	Supported	service level	AliyunChatbotFullAccess	-
Cloud Call Center	Cloud Call Center	ccc	Supported	Supported	service level	AliyunCCCFullAccess	-
Cloud Call Center	Intelligent Voice Bot	voicebot	Supported	Supported	operation level	AliyunVoiceNavigatorFullAccess AliyunVoiceNavigatorReadOnlyAccess	RAM authorization for Intelligent Voice Bot
Blockchain as a Service (BaaS)	Blockchain as a Service (BaaS)	baas	Supported	Supported	resource level	AliyunBaaSFullAccess AliyunBaaSReadOnlyAccess	RAM authorization for Hyperledger Fabric
Blockchain as a Service (BaaS)	Decentralized Identity Service	baasdis	Supported	Supported	resource level	AliyunBaasDisFullAccess AliyunBaasDisReadOnlyAccess	RAM authorization for Decentralized Identity Service
Blockchain as a Service (BaaS)	Trusted Execution Service	baascccs	Supported	Supported	resource level	AliyunBaasCccsFullAccess AliyunBaasCccsReadOnlyAccess	-
Yida	-	yida	Supported	○	service level	-	-
Outbound Bot	-	outboundbot	Supported	Supported	operation level	AliyunOutboundbotFullAccess AliyunOutboundbotReadOnlyAccess	-
CloudQuotation (CQ)	-	assettech	Supported	○	service level	AliyunCQCloudFullAccess AliyunCQCloudReadOnlyAccess	-
Intelligent D-Recording Service	-	idrsservice	Supported	Supported	service level	AliyunIdrsServiceFullAccess AliyunIdrsServiceReadOnlyAccess	-
Application Discovery Service	-	apds	Supported	○	service level	AliyunAPDSFullAccess AliyunAPDSReadOnlyAccess	-
Microservices Engine	Microservices Engine	mse	Supported	Supported	resource level	AliyunMSEFullAccess AliyunMSEReadOnlyAccess	Authorization for cloud native gateways
Teambition	-	teambition	Supported	○	service level	AliyunTeambitionFullAccess AliyunTeambitionReadOnlyAccess	-
Cloud Application Runtime (CAR)	-	sofa	Supported	○	service level	AliyunSOFAFullAccess AliyunSOFAReadOnlyAccess AliyunSOFAMiddlewareObserverAccess AliyunSOFAMiddlewareDeveloperAccess AliyunSOFAMiddlewareAdministratorAccess	-
Customer Service Workbench	-	-	Unsupported	○	-	-	-
Exclusive DingTalk	-	-	Unsupported	○	-	-	-
Government DingTalk	-	-	Unsupported	Unsupported	-	-	-
BizWorks	-	bizworks	Supported	○	service level	AliyunBizWorksFullAccess AliyunBizWorksReadOnlyAccess	-
Smart Assistant for New Retail	Smart Assistant for New Retail (SaaS)	retailbot	Supported	Supported	service level	AliyunRetailbotFullAccess AliyunRetailbotReadOnlyAccess	-
Linked Mall	-	linkedmall	Supported	○	service level	AliyunLinkedMallFullAccess	-
Energy Expert	-	energy	Supported	○	service level	AliyunEnergyFullAccess	-
Wuying Cloud Application	-	appstreaming	Supported	Supported	operation level	AliyunAppStreamingFullAccess AliyunAppStreamingReadOnlyAccess	RAM authorization for Wuying Cloud Desktop
Information Query Service	-	iqs	Supported	Supported	service level	AliyunIQSFullAccess AliyunIQSReadOnlyAccess	-

Mobile Cloud

Cloud service	Sub-service/Sub-module	RAM code	Console	API	Granularity	System policy	Reference
Mobile Feedback	-	feedback mhub	Supported	○	service level	AliyunFeedbackFullAccess AliyunFeedbackReadOnlyAccess	RAM authorization for Mobile Feedback
Mobile Hotfix	-	hotfix	Supported	Supported	service level	AliyunHotfixFullAccess AliyunHotfixReadOnlyAccess	RAM authorization for Mobile Hotfix
Mobile Push	-	mpush mhub	Supported	Supported	service level	AliyunMPushFullAccess AliyunMPushReadOnlyAccess	RAM authorization for Mobile Push
Mobile Analytics	-	man	Supported	○	service level	-	RAM authorization for Mobile Analytics
Enterprise Mobile Application Studio (EMAS)	-	emasdevops	Supported	Supported	resource level	AliyunEmasDevOpsFullAccess AliyunEmasDevOpsReadOnlyAccess	-
Mini Program Cloud	-	mpca	Supported	Supported	action level	AliyunMPCAFullAccess AliyunMPCAReadOnlyAccess	-

Domains and websites

Service	Sub-service or sub-module	RAM code	Console	API	Authorization granularity	System policies	References
Alibaba Cloud DNS	Alibaba Cloud DNS	alidns	Supported	Supported	resource-level	AliyunDNSFullAccess AliyunDNSReadOnlyAccess	Manage RAM user permissions RAM authorization for Alibaba Cloud DNS
Alibaba Cloud DNS	IP geolocation database	geoip	Supported	Supported	resource-level	AliyunGeoipFullAccess AliyunGeoipReadOnlyAccess	RAM authorization for IP geolocation database
Alibaba Cloud DNS	Alibaba Cloud Public DNS	pubdns	Supported	Supported	resource-level	AliyunPubDNSReadOnlyAccess AliyunPubDNSFullAccess	-
Alibaba Cloud Domains	-	domain	Supported	Supported	resource-level	AliyunDomainFullAccess AliyunDomainReadonlyAccess	RAM authorization for Alibaba Cloud Domains
Alibaba Cloud Trademark Service	-	trademark	Supported	Not supported	operation-level	-	-
Business and Tax Services	-	companyreg	Supported	Not supported	service-level	AliyunCompanyregFullAccess AliyunCompanyregReadOnlyAccess	-
HTTPDNS	-	httpdns	Supported	Supported	resource-level	AliyunHTTPDNSFullAccess AliyunHTTPDNSReadOnlyAccess	-
Copyright and Patent Service	-	copyright	Supported	Not supported	operation-level	AliyunCopyrightFullAccess AliyunCopyrightReadOnlyAccess	-
Premium Pics	-	premiumpics	Supported	Supported	service-level	AliyunPremiumpicsFullAccess AliyunPremiumpicsReadOnlyAccess AliyunPremiumpicsDesignerAccess	-

Artificial intelligence

Service	Module	RAM code	Console	API	Authorization granularity	System policies	References
3D Scene Reconstruction	-	tdsr	Supported	○	service level	AliyunTDSRFullAccess AliyunTDSRModellingAccess AliyunTDSRReadOnlyAccess AliyunTDSRDataCollectionAccess	-
AI Earth	-	rsimganalys	Supported	Supported	resource level	AliyunRsimganalysFullAccess AliyunRsimganalysReadOnlyAccess	-
Multimedia AI	Multimedia AI	multimediaai	Supported	Supported	operation level	AliyunMultimediaAIFullAccess AliyunMultimediaAIReadOnlyAccess	-
Multimedia AI	Intelligent Video Subtitling	ivst	Supported	Supported	operation level	AliyunIVSTFullAccess AliyunIVSTReadOnlyAccess	-
Multimedia AI	Short Video Production Platform	svgp	Supported	○	service level	AliyunSVGPFullAccess AliyunSVGPReadOnlyAccess	-
Vision Intelligence Platform	-	-	Supported	Supported	operation level	AliyunVIAPIFullAccess AliyunVIAPIReadOnlyAccess	-
Address Purification	-	address-purification	Supported	Supported	service level	AliyunAddrpReadOnlyAccess AliyunAddrpFullAccess	-
Intelligent Speech Interaction	Intelligent Speech Interaction	nls	Supported	Supported	service level	AliyunNLSFullAccess AliyunNLSReadOnlyAccess AliyunNLSSpeechServiceAccess AliyunNLSSlpAccess	-
Intelligent Speech Interaction	Tingwu	tingwu	Supported	Supported	operation level	AliyunTingwuFullAccess AliyunTingwuReadOnlyAccess AliyunTingwuTransServiceAccess	-
Platform for AI (PAI)	-	pai	Supported	Supported	service level	-	-
Platform for AI (PAI)	-	paiplugin	○	Supported	operation level	AliyunPaiPluginFullAccess AliyunPaiPluginReadOnlyAccess	-
Platform for AI (PAI)	Dataset Acceleration Service	datasetacc	Supported	Supported	operation level	AliyunDatasetAccFullAccess AliyunDatasetAccReadOnlyAccess	-
Natural Language Processing	AutoML platform	nlp-automl	Supported	Supported	service level	-	-
Natural Language Processing	Intelligent SMS Parsing	nlp-vision	Supported	○	service level	-	-
Natural Language Processing	Natural Language Processing 2.0	alinlp	Supported	Supported	service level	AliyunNLPFullAccess AliyunNLPReadOnlyAccess	RAM authorization for Natural Language Processing
Natural Language Processing	Tongyi Xingchen	xingchen	Supported	Unsupported	operation level	AliyunXingchenFullAccess AliyunXingchenReadOnlyAccess	RAM authorization for Tongyi Xingchen
Face Recognition	-	-	Supported	Supported	service level	-	-
Image Search	-	imagesearch	Supported	Supported	resource level	AliyunImagesearchReadOnlyAccess AliyunImagesearchFullAccess	RAM authorization for Image Search
Machine Translation	-	alimt	Supported	Supported	operation level	AliyunMTFullAccess AliyunMTReadOnlyAccess	-
Image Recognition	-	-	Supported	Supported	service level	-	-
Optical Character Recognition	-	ocr	Supported	Supported	operation level	AliyunOCRFullAccess AliyunOCRReadOnlyAccess	-
City Vision Intelligence Engine	-	-	Supported	Supported	resource level	-	-
Traffic Cloud Control Platform	-	ettraffic	Supported	Supported	service level	-	-
Visual Computing Service	-	vcs	Supported	Supported	resource level	AliyunVCSFullAccess	-
Intelligent Visual Production	-	ivpd	Supported	Supported	operation level	AliyunIVPDFullAccess	-
Holowatcher	-	holowatcher	Supported	○	operation level	-	-
Optimization Solver	-	opt	Supported	Supported	Resource level	AliyunOptFullAccess AliyunOptReadOnlyAccess	RAM authentication for Optimization Solver
Intelligent Video Production Platform	-	ive	Supported	○	Service level	AliyunIVEFullAccess	-
Avatar Open Platform	-	avatar	Supported	Supported	Service level	AliyunAvatarFullAccess AliyunAvatarReadOnlyAccess	-
Lingjun	-	eflo	Supported	○	Operation level	AliyunLINGJUNFullAccess AliyunLINGJUNReadOnlyAccess	-
DocMind	DocMind	docmind	Supported	Supported	Operation level	AliyunDocmindFullAccess AliyunDocmindReadOnlyAccess	-
Model Studio	-	sfm	Unsupported	Supported	resource level	AliyunSFMFullAccess AliyunSFMReadOnlyAccess AliyunBailianFullAccess AliyunBailianReadOnlyAccess	RAM authorization for Model Studio
Smart Education Platform	AIGC Lab	eduaiservice	Supported	Supported	resource level	AliyunIEPAIGCLabFullAccess AliyunIEPAIGCLabReadOnlyAccess	-
Model Studio	Alibaba Cloud Model Studio GBI	dataAnalysisGBI	Unsupported	Supported	operation level	AliyunDataAnalysisGBIFullAccess AliyunDataAnalysisGBIReadOnlyAccess	RAM authorization for Alibaba Cloud Model Studio GBI
Model Studio	Tongyi Photo Tutoring	edututor	Supported	Supported	resource level	AliyunEduTutorFullAccess	RAM authorization for Tongyi Photo Tutoring

IoT

Service	Sub-service or module	RAM code	Console	API	Authorization granularity	System policy	References
IoT Wireless Connection Service	IoT Wireless Connection Service	dyiot	Supported	Supported	service level	AliyunDyiotFullAccess AliyunDyiotReadOnly	RAM authorization for IoT Wireless Connection Service
IoT Wireless Connection Service	Link Card	linkcard	Supported	Supported	operation level	AliyunLinkCardFullAccess AliyunLinkCardReadOnlyAccess	-
IoT Platform	-	iot	Supported	Supported	resource level	AliyunIOTFullAccess AliyunIOTReadOnlyAccess AliyunIOTConsoleCommonAccess	RAM authorization for IoT Platform
Link WAN	-	linkwan	Supported	Supported	resource level	AliyunLinkWANFullAccess AliyunLinkWANReadOnlyAccess	RAM authorization for Link WAN
IoT ID²	IoT ID²	iotid	Supported	Supported	resource level	AliyunIOTIDFullAccess AliyunIOTIDReadOnlyAccess AliyunIOTIDVerifyAccess	-
IoT ID²	IoT Blockchain Hub	lto	Supported	Supported	operation level	AliyunLTOFullAccess AliyunLTOReadOnlyAccess	-
Link IoT Edge	-	iot	Supported	Supported	resource level	AliyunIOTFullAccess AliyunIOTReadOnlyAccess AliyunIOTConsoleCommonAccess	RAM authorization for Link IoT Edge
IoT Security Operations Center	IoT Security Operations Center	isoc	Supported	Supported	operation level	AliyunISOCFullAccess AliyunISOCReadOnlyAccess	-
IoT Security Operations Center	IoT Firmware Security Service (FSS)	fss	Supported	Supported	resource level	AliyunFSSFullAccess AliyunFssReadOnlyAccess	RAM authorization for FSS
IoT Data Analytics	-	iot	Supported	Supported	resource level	AliyunIOTFullAccess AliyunIOTReadOnlyAccess	-
Intelligent Vehicle Cloud Management Platform	-	iovcc	Supported	Supported	service level	AliyunIOVCCFullAccess AliyunIOVCCConfigAccess AliyunIOVCCReadOnlyAccess	-
Link Visual	-	linkvisual	Supported	Supported	operation level	AliyunLinkVisualFullAccess AliyunLinkVisualReadOnlyAccess	-
Cloud-native Multi-model Database Lindorm	Cloud-native Multi-model Database Lindorm	lindorm	Supported	Supported	resource level	AliyunLindormFullAccess AliyunLindormReadOnlyAccess	-
Cloud-native Multi-model Database Lindorm	Time Series Database (TSDB)	hitsdb	Supported	Supported	operation level	AliyunHiTSDBReadOnlyAccess AliyunHiTSDBFullAccess	-

Big data

Service	Sub-module	RAM code	Console	API	Granularity	System policies	References
DataWorks	-	dataworks	Supported	Supported	operation level	AliyunDataWorksFullAccess AliyunDataWorksReadOnlyAccess AliyunDataWorksExclusiveResourceGroupModify AliyunDataWorksAccessingRdsReadOnlyPolicy AliyunDataWorksAccessingDLFReadOnlyPolicy AliyunDataWorksAccessingEMRReadOnlyPolicy AliyunDataWorksAccessingAlikafkaPolicy	RAM policies for product and console permissions
Quick BI	-	-	Supported	Supported	service level	-	-
DataV	-	datav	Supported	○	service level	AliyunDataVFullAccess	-
Realtime Compute for Apache Flink	-	stream	Supported	Supported	resource level	AliyunStreamFullAccess AliyunStreamReadOnlyAccess	RAM authorization
Elasticsearch	-	elasticsearch	Supported	Supported	resource level	AliyunElasticsearchReadOnlyAccess AliyunElasticsearchFullAccess AliyunElasticsearchServerlessFullAccess AliyunElasticsearchServerlessReadOnlyAccess	RAM authorization
Intelligent User Growth	-	-	Unsupported	○	-	-	-
E-MapReduce	E-MapReduce	emr	Supported	Supported	service level	AliyunEMRFullAccess AliyunEMRFlowAdmin AliyunEMRDevelopAccess AliyunEMRDlsFullAccess AliyunEMRDlsReadOnlyAccess	Grant permissions to RAM users
E-MapReduce	EMR Serverless StarRocks	sr	Supported	Supported	resource level	AliyunEMRStarRocksFullAccess AliyunEMRStarRocksReadOnlyAccess AliyunEmrServerlessSparkReadOnlyAccess AliyunEMRServerlessSparkFullAccess	-
E-MapReduce	EMR Workflow	emrstudio	Supported	Supported	resource level	AliyunEMRWorkflowAdmin	Grant permissions to RAM users
E-MapReduce	EMR Notebook	emrstudio	Supported	Supported	resource level	AliyunEMRNotebookAdmin	RAM authorization
E-MapReduce	EMR Serverless Milvus	milvus	Supported	Supported	resource level	AliyunMilvusFullAccess AliyunMilvusReadOnlyAccess	-
Open Search	-	opensearch	Supported	Supported	resource level	AliyunOpenSearchFullAccess AliyunOpenSearchReadOnlyAccess	RAM authorization
Simple Log Service (SLS)	-	log	Supported	Supported	resource level	AliyunLogFullAccess AliyunLogReadOnlyAccess AliyunLogPutOpenEventPolicy AliyunLogInvokeFCAccess	RAM authorization
Recommendation Engine	-	airec	Supported	Supported	resource level	AliyunAIRecFullAccess AliyunAIRecReadOnlyAccess	-
Industrial Brain	-	brain-industrial	Supported	○	resource level	AliyunBrainIndustrialFullAccess AliyunBrainIndustrialReadOnlyAccess	-
Data Resource Platform	-	-	Supported	Supported	service level	-	-
Data Lake Formation (DLF)	-	dlf	Supported	Supported	operation level	AliyunDLFFullAccess AliyunDLFDssFullAccess AliyunDLFReadOnlyAccess AliyunDLFDssReadOnlyAccess AliyunDLADeveloperAccess	-
MaxCompute	-	odps	Supported	Supported	service level	AliyunMaxComputeFullAccess AliyunMaxComputeReadOnlyAccess	-
Graph Compute	-	graphcompute	Supported	Supported	resource level	AliyunGraphcomputeFullAccess AliyunGraphcomputeReadOnlyAccess	-
DataHub	-	dhs	Supported	Supported	resource level	AliyunDataHubFullAccess AliyunDataHubReadOnlyAccess AliyunDataHubSubscribeAccess AliyunDataHubPublishAccess	Permission control
Hologres	-	hologram	Supported	Supported	resource level	AliyunHologresFullAccess AliyunHologresReadOnlyAccess	Quick start to granting permissions to RAM users
Dataphin	-	-	Unsupported	Unsupported	-	-	-
Cloud Data Platform (CDP)	-	cdp	Supported	○	operation level	AliyunCDPFullAccess AliyunCDPReadOnlyAccess	-
DataQ	-	dataq	Supported	Supported	operation level	AliyunDataQFullAccess AliyunDataQReadOnlyAccess	-
Big Data Expert Service	-	bigdatacst	Supported	Unsupported	operation level	AliyunBigdatacstFullAccess AliyunBigdatacstReadOnlyAccess	-

Developer services

Cloud services	Sub-service	RAM codes	Console	API	Authorization granularity	System policies	References
Dragonwell	-	dragonwell	Unsupported	○	service level	-	-
CodePipeline	-	codepipeline	Supported	Supported	resource level	-	-
Alibaba Cloud DevOps	-	rdc	Supported	Supported	resource level	AliyunRDCFullAccess AliyunRDCReadOnlyAccess	-
Node.js Performance Platform	-	npp	Supported	○	service level	AliyunNPPFullAccess	Node.js Performance Platform RAM authorization
Tracing Analysis	-	xtrace	Supported	Supported	operation level	AliyunTracingAnalysisFullAccess AliyunTracingAnalysisReadOnlyAccess	-
Managed Service for Prometheus	-	arms	Supported	Supported	service level	AliyunARMSFullAccess AliyunARMSReadOnlyAccess	-
mPaaS	-	mpaas	Supported	Supported	service level	AliyunMPAASFullAccess AliyunMPAASReadOnlyAccess	-
Cloud Architect Design Tool (CADT)	-	bpstudio	Supported	○	service level	AliyunCADTFullAccess AliyunCADTReadOnlyAccess AliyunCADTImportAccess	-

Security

Service	Sub-service/sub-module	RAM code	Console	API	Authorization granularity	System policy	Documentation
Security Center	-	yundun-sas yundun-aegis	Supported	Supported	operation level	AliyunYundunSASFullAccess AliyunYundunSASReadOnlyAccess	-
Server Guard	-	yundun-aegis	Supported	Supported	service level	AliyunYundunAegisFullAccess AliyunYundunAegisReadOnlyAccess	-
Anti-DDoS	Anti-DDoS	yundun-ddos	Supported	Supported	service level	AliyunYundunDDosFullAccess AliyunYundunDDosReadOnlyAccess AliyunYundunDDoSRewardsReadOnlyAccess AliyunYundunDDoSRewardsFullAccess	-
Anti-DDoS	Anti-DDoS Origin	yundun-high yundun-ddoscoo	Supported	Supported	service level	AliyunYundunHighFullAccess AliyunYundunHighReadOnlyAccess	-
Web Application Firewall (WAF)	Web Application Firewall (WAF)	yundun-waf	Supported	Supported	operation level	AliyunYundunWAFFullAccess AliyunYundunWAFReadOnlyAccess AliyunYundunWAFv3FullAccess AliyunYundunWAFv3ReadOnlyAccess	-
Web Application Firewall (WAF)	CAPTCHA	yundun-afs	Supported	Supported	service level	AliyunYundunAFSFullAccess AliyunYundunAFSReadOnlyAccess	-
Certificate Management Service	-	yundun-cert	Supported	Supported	service level	AliyunYundunCertFullAccess AliyunYundunCertReadOnlyAccess	-
Security-Awareness Framework (SAF)	-	yundun-saf	Supported	Supported	service level	AliyunYundunSAFFullAccess AliyunYundunSAFReadOnlyAccess	-
Crowdtesting	-	yundun-xianzhi	Supported	○	service level	AliyunYundunXianzhiFullAccess AliyunYundunXianzhiReadOnlyAccess	-
Cloud Firewall	-	yundun-cloudfirewall	Supported	Supported	resource level	AliyunYundunCloudFirewallReadOnlyAccess AliyunYundunCloudFirewallFullAccess	RAM authorization for Cloud Firewall
CloudAuth	CloudAuth	yundun-cloudauth	Supported	Supported	operation level	AliyunYundunCloudAuthReadOnlyAccess AliyunYundunCloudAuthFullAccess	-
CloudAuth	Financial-grade Real Person Authentication	antcloudauth	Supported	Supported	resource level	AliyunAntCloudAuthFullAccess AliyunAntCloudAuthReadOnlyAccess	-
Managed Security Service (MSSP)	-	mssp	Supported	○	service level	-	-
Encryption Service	-	yundun-hsm	Supported	○	service level	AliyunYundunHSMFullAccess AliyunYundunHSMReadOnlyAccess	-
Content Moderation	-	yundun-greenweb	Supported	Supported	service level	AliyunYundunGreenWebFullAccess AliyunYundunGreenWebConsoleOnlyAccess AliyunYundunGreenWebReadOnlyAccess	-
Database Audit	-	yundun-dbaudit	Supported	Supported	service level	AliyunYundunDbAuditFullAccess AliyunYundunDbAuditReadOnlyAccess	-
Bastionhost	Bastionhost	yundun-bastionhost	Supported	○	service level	AliyunYundunBastionHostFullAccess AliyunYundunBastionHostReadOnlyAccess AliyunYundunBastionHostOperateOnlyAccess AliyunYundunBastionHostAuditOnlyAccess	-
Bastionhost	Privileged Access Management (PAM)	pam	Supported	○	operation level	AliyunBastionhostPamFullAccess AliyunBastionhostPamReadOnlyAccess AliyunBastionhostPamAuditorAccess	RAM authorization for Bastionhost
Data Security Center (DSC)	-	yundun-sddp	Supported	Supported	service level	AliyunYundunSDDPFullAccess AliyunYundunSDDPReadOnlyAccess AliyunYundunSDDPDataManager	-
Identity as a Service (IDaaS)	Identity as a Service (IDaaS)	yundun-idaas	Supported	○	operation level	AliyunYundunIdaasFullAccess AliyunYundunIdaasReadOnlyAccess	-
Identity as a Service (IDaaS)	Security Authentication Service (IDAAS-Doraemon)	idaas-doraemon	Supported	○	operation level	AliyunIDaaSDoraemonFullAccess AliyunIDaaSDoraemonReadOnlyAccess AliyunIDaaSDoraemonServiceInvokeAccess	-
Identity as a Service (IDaaS)	Identity as a Service (EIAM 2.0)	eiam	Supported	Supported	operation level	AliyunIDaaSEiamFullAccess AliyunIDaaSEiamReadOnlyAccess	-
Key Management Service (KMS)	-	kms	Supported	Supported	resource level	AliyunKMSFullAccess AliyunKMSReadOnlyAccess AliyunKMSSecretUserAccess AliyunKMSCryptoAdminAccess AliyunKMSCryptoUserAccess AliyunKMSSecretAdminAccess	RAM authorization for KMS
Resource Access Management (RAM)	Resource Access Management (RAM)	ram sts ims	Supported	Supported	resource level	AliyunRAMFullAccess AliyunRAMReadOnlyAccess	RAM authorization
Resource Access Management (RAM)	CloudSSO	cloudsso	Supported	○	resource level	AliyunCloudSSOReadOnlyAccess AliyunCloudSSOFullAccess	-
ActionTrail	-	actiontrail	Supported	Supported	operation level	AliyunActionTrailFullAccess AliyunActionTrailReadOnlyAccess	RAM authorization for ActionTrail
Unified Endpoint Management (UEM)	-	uem	Supported	○	operation level	AliyunUEMFullAccess AliyunUEMReadOnlyAccess AliyunUEMUninstallClientAccess AliyunUEMAccountDeviceAccess	-
Cloud Security Access Service (CSAS)	-	csas	Supported	○	service level	AliyunCSASFullAccess AliyunCSASReadOnlyAccess	-
CloudControl	-	cloudcontrol	○	Supported	operation level	AliyunCloudControlAPIFullAccess AliyunCloudControlAPIReadOnlyAccess	-

Support and services

Service	Sub-module	RAM code	Console	API	Authorization granularity	System policy	References
Ticket	-	support	Supported	Supported	service level	AliyunSupportFullAccess	-
Intelligent online support	-	-	Supported	Unsupported	action level	-	-
Cloud migration consulting service	-	-	Unsupported	Unsupported	-	-	-
Application architecture consulting service	-	-	Unsupported	Unsupported	-	-	-
Big data application consulting service	-	-	Unsupported	Unsupported	-	-	-
DevOps Consulting Service	-	-	Unsupported	Unsupported	-	-	-
Cloud strategy consulting service	-	-	Unsupported	Unsupported	-	-	-
Cloud migration implementation service	-	-	Unsupported	Unsupported	-	-	-
Big data application implementation service	-	-	Unsupported	Unsupported	-	-	-
Cloud-native delivery service	-	-	Unsupported	Unsupported	-	-	-
Cloud stability assurance service	-	-	Unsupported	Unsupported	-	-	-
On-cloud assurance service (premium edition) on-site package	-	-	Unsupported	Unsupported	-	-	-
GTS Expert Service	-	-	Unsupported	Unsupported	-	-	-
GTS Expert Service	Intelligent diagnosis	aiops	Supported	Unsupported	service level	AliyunIdiagsFullAccess AliyunIdiagsReadOnlyAccess	-
O&M Service	-	-	Unsupported	Unsupported	-	-	-
Cloud database optimization service	-	-	Unsupported	Unsupported	-	-	-
O&M Event Center	-	gemp	Supported	Supported	resource level	AliyunGEMPFullAccess AliyunGEMPReadOnlyAccess AliyunGEMPCoordinatorAccess	RAM user authorization

Alibaba Cloud Marketplace

Service	Sub-module	RAM code	Console	API	Authorization granularity	System policy	References
Alibaba Cloud Marketplace	-	acm	Supported	Unsupported	service level	AliyunMarketplaceFullAccess	-

Industry engine

Cloud service	Sub-module	RAM code	Console	API	Authorization granularity	System policy	Documentation
EasyGene	-	easygene	Supported	Supported	resource level	AliyunEasyGeneFullAccess AliyunEasyGeneReadOnlyAccess	RAM authorization

Other

Service	Sub-module	RAM code	Console	API	Authorization granularity	System policies	References
Billing Management	-	bss bssapi efc	Supported	Supported	operation level	AliyunBSSFullAccess AliyunBSSReadOnlyAccess AliyunBSSOrderAccess AliyunBSSRefundAccess AliyunBSSRenewReadOnlyAccess AliyunBSSRenewFullAccess AliyunBSSCartReadOnlyAccess AliyunBSSCartFullAccess AliyunBSSMyFreetierFullAccess	RAM authorization for Billing Management API call authorization
Quota Center	-	quotas	Supported	Supported	resource level	AliyunQuotasFullAccess AliyunQuotasReadOnlyAccess	RAM authorization for Quota Center
Distribution Platform	-	agency	Supported	Unsupported	service level	AliyunAgencyFullAccess AliyunAgencyEcoPickOrderFullAccess AliyunAgencyCustomerOrderAssociatedProjectFullAccess AliyunAgencyCustomerOrderAssociatedProjectReadOnlyAccess	-
Message Center	-	notifications	Supported	Unsupported	resource level	AliyunNotificationsFullAccess AliyunNotificationsReadOnlyAccess	-
ICP Filing	-	beian bsn	Supported	Unsupported	service level	AliyunBeianFullAccess	-
Yuanjing Cloud Game Platform	-	yuanjing	Supported	Unsupported	operation level	AliyunYuanJingFullAccess AliyunYuanJingReadOnlyAccess	-
Customer Self-service Tools	-	smartservice	Supported	Unsupported	operation level	AliyunMicroAppFullAccess	-