RAM User Role No Product Admin Access

ID: rule:aliyun:ram-user-role-no-product-admin-access
Severity: medium

Description

Ensures RAM user-defined roles do not have product administrative permissions.

Reason for Violation

Custom roles with admin permissions increase security risks.

Recommendation

Review role permissions and remove excessive privileges.

Resource Types

• ALIYUN::RAM::Role