RAM User No Product Administrative Access

ID: rule:aliyun:ram-user-no-product-admin-access
Severity: medium

Description

Ensures that RAM users do not have full administrative access to cloud products unless necessary.

Reason for Violation

Granting administrative access to all users increases the risk of accidental or malicious configuration changes.

Recommendation

Follow the principle of least privilege and grant only necessary permissions to RAM users.

Resource Types

• ALIYUN::RAM::User