All Products
Search

This Product

    Resource Management:List of operations by function

    Document Center

    Resource Management:List of operations by function

    Last Updated:Feb 10, 2026

    API standard and pre-built SDKs in multi-language

    This product (ResourceManager/2020-03-31) OpenAPI adopts an RPC-style signature mechanism. For implementation details, please refer to the Signature Mechanism documentation.
    To streamline development, we provide official SDKs for major programming languages. Using the SDK allows you to call APIs directly without worrying about low-level details such as request signatures, significantly lowering the barrier to entry and reducing integration complexity.

    Custom signature

    If your use case requires direct API integration with custom signatures, consult our technical support team first. Join our DingTalk support group (147535001692) to receive expert guidance.

    Before you begin

    An Alibaba Cloud account has full administrative privileges. A compromised AccessKey pair exposes all associated resources to unauthorized access, posing a significant security risk. To call APIs securely, create a Resource Access Management (RAM) user with API access only, configure its AccessKey pairs, and implement the principle of least privilege (PoLP) through RAM policies. Use the Alibaba Cloud account only when its permissions are explicitly required for specific scenarios.

    Resource directory

    APITitleDescription
    EnableResourceDirectoryEnableResourceDirectoryEnables a resource directory.
    SendVerificationCodeForEnableRDSendVerificationCodeForEnableRDSends a verification code to the mobile phone number bound to a newly created account when you use the account to enable a resource directory.
    GetResourceDirectoryGetResourceDirectoryQueries the information of a resource directory. If you use a management account to call this API operation, the system returns the information of the resource directory that is enabled by using the management account. If you use a member to call this operation, the system returns the information of
    DestroyResourceDirectoryDestroyResourceDirectoryDisables a resource directory. This operation cannot be undone. Therefore, exercise caution when you perform it.

    Folders

    APITitleDescription
    CreateFolderCreateFolderCreates a folder.
    GetFolderGetFolderQueries the information of a folder.
    UpdateFolderUpdateFolderChanges the name of a folder.
    DeleteFolderDeleteFolderDeletes a folder.
    ListFoldersForParentListFoldersForParentQueries the information of all subfolders of a folder.
    ListAncestorsListAncestorsQueries the information of all the parent folders of a specified folder. The system returns the information of the folders based on their top-down hierarchy.

    Members

    APITitleDescription
    CreateResourceAccountCreateResourceAccountCreates a member of the resource account type.
    UpdateAccountUpdateAccountChanges the display name of a member, or switches the type of a member.
    GetAccountGetAccountQueries the information of a member.
    GetPayerForAccountGetPayerForAccountQueries the information of a settlement account.
    ListAccountsListAccountsQueries all the members in a resource directory.
    ListAccountsForParentListAccountsForParentQueries the information of members in a folder.
    MoveAccountMoveAccountMoves a member account from a folder to another.
    RemoveCloudAccountRemoveCloudAccountRemoves a member of the cloud account type. After you remove a member of the cloud account type, the member is no longer managed by the management account of the resource directory to which the member belonged.
    BindSecureMobilePhoneBindSecureMobilePhoneBinds a mobile phone number to a member of the resource account type in a resource directory for security purposes.
    SendVerificationCodeForBindSecureMobilePhoneSendVerificationCodeForBindSecureMobilePhoneSends a verification code to the mobile phone number that you want to bind to a resource account in a resource directory for security purposes.
    ChangeAccountEmailChangeAccountEmailChanges the email address that is bound to a member.
    RetryChangeAccountEmailRetryChangeAccountEmailResends a verification email for the email address change of a member.
    CancelChangeAccountEmailCancelChangeAccountEmailCancels the email address change of a member.
    CheckAccountDeleteCheckAccountDeletePerforms a member deletion check.
    DeleteAccountDeleteAccountDeletes a member of the resource account type.
    SetMemberDeletionPermissionSetMemberDeletionPermissionEnables or disables the member deletion feature.
    GetAccountDeletionStatusGetAccountDeletionStatus
    GetAccountDeletionCheckResultGetAccountDeletionCheckResultQueries the result of a member deletion check.
    InviteAccountToResourceDirectoryInviteAccountToResourceDirectoryInvites an account to join a resource directory.
    GetHandshakeGetHandshakeQueries the information of an invitation.
    CancelHandshakeCancelHandshakeCancels an invitation.
    ListHandshakesForAccountListHandshakesForAccountQueries the invitations that are associated with an account.
    ListHandshakesForResourceDirectoryListHandshakesForResourceDirectoryQueries invitations in a resource directory.
    AcceptHandshakeAcceptHandshakeAccepts an invitation.
    DeclineHandshakeDeclineHandshakeRejects an invitation.

    Access control policies

    APITitleDescription
    EnableControlPolicyEnableControlPolicyEnables the Control Policy feature.
    GetControlPolicyEnablementStatusGetControlPolicyEnablementStatusQueries the status of the Control Policy feature.
    DisableControlPolicyDisableControlPolicyDisables the Control Policy feature.
    CreateControlPolicyCreateControlPolicyCreates a custom access control policy.
    GetControlPolicyGetControlPolicyQueries the details of an access control policy.
    UpdateControlPolicyUpdateControlPolicyUpdates a custom access control policy.
    DeleteControlPolicyDeleteControlPolicyDeletes a custom control policy.
    AttachControlPolicyAttachControlPolicyAttaches an access control policy.
    DetachControlPolicyDetachControlPolicyDetaches an access control policy.
    ListControlPoliciesListControlPoliciesQueries access control policies.
    ListControlPolicyAttachmentsForTargetListControlPolicyAttachmentsForTargetQueries the access control policies that are attached to a folder or member.
    ListTargetAttachmentsForControlPolicyListTargetAttachmentsForControlPolicyQueries the objects to which a specific control policy is attached.

    Trusted services

    APITitleDescription
    ListTrustedServiceStatusListTrustedServiceStatusQueries the trusted services that are enabled within an enterprise management account or delegated administrator account.
    RegisterDelegatedAdministratorRegisterDelegatedAdministratorSpecifies a member in a resource directory as a delegated administrator account of a trusted service.
    DeregisterDelegatedAdministratorDeregisterDelegatedAdministratorRemoves a delegated administrator account for a trusted service.
    ListDelegatedAdministratorsListDelegatedAdministratorsQueries delegated administrator accounts.
    ListDelegatedServicesForAccountListDelegatedServicesForAccountQueries the trusted services for which a member is specified as a delegated administrator account.

    Resource groups

    APITitleDescription
    ListAutoGroupingRemediationsListAutoGroupingRemediationsQueries a list of automatic grouping remediation records.
    GetResourceGroupAdminSettingGetResourceGroupAdminSettingQueries the configurations of a resource group administrator.
    UpdateResourceGroupAdminSettingUpdateResourceGroupAdminSettingUpdates the configurations of a resource group administrator.
    LookupResourceGroupEventsLookupResourceGroupEventsQueries the events of resource groups.
    EnableResourceGroupNotificationEnableResourceGroupNotificationEnables group event notification.
    DisableResourceGroupNotificationDisableResourceGroupNotificationDisables group event notification.
    GetResourceGroupNotificationSettingGetResourceGroupNotificationSettingQueries the notification settings of a resource group.
    ListResourceGroupCapabilityListResourceGroupCapabilityQueries whether a specific resource type or a given cloud service supports resource group events.
    ListResourceGroupsWithAuthDetailsListResourceGroupsWithAuthDetailsQueries resource groups and their user authorization information.

    Tag

    APITitleDescription
    TagResourcesTagResourcesAdds tags to resource groups or the members in a resource directory.
    UntagResourcesUntagResourcesRemoves tags from resource groups or the members in a resource directory.
    ListTagResourcesListTagResourcesQueries the tags that are added to resource groups or the members in a resource directory.
    ListTagKeysListTagKeysQueries tag keys.
    ListTagValuesListTagValuesQueries the tag values of a tag key.

    Others (not maintained)

    APITitleDescription
    InitResourceDirectoryInitResourceDirectoryEnables a resource directory. After you enable a resource directory, the system automatically creates a root folder and sets the current account as the enterprise management account of the resource directory. The enterprise management account has all administrative permissions on this resource direc
    CreateCloudAccountCreateCloudAccountCreates a cloud account.
    PromoteResourceAccountPromoteResourceAccountUpgrades a resource account to a cloud account.
    ResendPromoteResourceAccountEmailResendPromoteResourceAccountEmailResends an email that is used to confirm the upgrade from a resource account to a cloud account.
    ResendCreateCloudAccountEmailResendCreateCloudAccountEmailResends an email that is used to confirm the creation of a cloud account.
    CancelCreateCloudAccountCancelCreateCloudAccountCancels the creation of a cloud account.
    CancelPromoteResourceAccountCancelPromoteResourceAccountCancels the upgrade from a resource account to a cloud account.