ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition is used to add a policy to an access configuration.
Syntax
{
"Type": "ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition",
"Properties": {
"InlinePolicyDocument": Map,
"DirectoryId": String,
"PermissionPolicyName": String,
"PermissionPolicyType": String,
"AccessConfigurationId": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
AccessConfigurationId | String | Yes | No | The ID of the access configuration. | None. |
DirectoryId | String | Yes | No | The directory ID. | None. |
PermissionPolicyName | String | Yes | No | The policy name. | Valid values:
|
PermissionPolicyType | String | Yes | No | The policy type. | Valid values:
|
InlinePolicyDocument | Map | No | No | The content of the inline policy. | The content can be up to 4,096 characters in length. You must specify this property when
|
Return values
Fn::GetAtt
None.
Examples
YAML
format
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
AccessConfigurationId:
Description:
en: The ID of the access configuration.
Required: true
Type: String
DirectoryId:
Description:
en: The ID of the directory.
Required: true
Type: String
InlinePolicyDocument:
Description:
en: 'The configurations of the inline policy.
The value can be up to 4,096 characters in length.
If you set PermissionPolicyType to Inline, you must specify this parameter.'
Required: false
Type: Json
PermissionPolicyName:
Description:
en: 'The name of the permission policy.
- If you set PermissionPolicyType to System, you must set this parameter to
the name of the system policy. You can obtain the name of the system policy
from RAM.
- If you set PermissionPolicyType to Inline, you must set this parameter to
the name of the inline policy. A custom value is supported.'
Required: true
Type: String
PermissionPolicyType:
AllowedValues:
- System
- Inline
Description:
en: 'The type of the permission policy. Valid values:
- System: system policy. Resource Access Management (RAM) system policies
are reused.
- Inline: inline policy. Inline policies are created based on the RAM policy
syntax and structure.'
Required: true
Type: String
Resources:
PermissionPolicy:
Properties:
AccessConfigurationId:
Ref: AccessConfigurationId
DirectoryId:
Ref: DirectoryId
InlinePolicyDocument:
Ref: InlinePolicyDocument
PermissionPolicyName:
Ref: PermissionPolicyName
PermissionPolicyType:
Ref: PermissionPolicyType
Type: ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition
JSON
format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"InlinePolicyDocument": {
"Type": "Json",
"Description": {
"en": "The configurations of the inline policy.\nThe value can be up to 4,096 characters in length.\nIf you set PermissionPolicyType to Inline, you must specify this parameter."
},
"Required": false
},
"DirectoryId": {
"Type": "String",
"Description": {
"en": "The ID of the directory."
},
"Required": true
},
"PermissionPolicyName": {
"Type": "String",
"Description": {
"en": "The name of the permission policy.\n- If you set PermissionPolicyType to System, you must set this parameter to the name of the system policy. You can obtain the name of the system policy from RAM.\n- If you set PermissionPolicyType to Inline, you must set this parameter to the name of the inline policy. A custom value is supported."
},
"Required": true
},
"PermissionPolicyType": {
"Type": "String",
"Description": {
"en": "The type of the permission policy. Valid values:\n- System: system policy. Resource Access Management (RAM) system policies are reused.\n- Inline: inline policy. Inline policies are created based on the RAM policy syntax and structure."
},
"AllowedValues": [
"System",
"Inline"
],
"Required": true
},
"AccessConfigurationId": {
"Type": "String",
"Description": {
"en": "The ID of the access configuration."
},
"Required": true
}
},
"Resources": {
"PermissionPolicy": {
"Type": "ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition",
"Properties": {
"InlinePolicyDocument": {
"Ref": "InlinePolicyDocument"
},
"DirectoryId": {
"Ref": "DirectoryId"
},
"PermissionPolicyName": {
"Ref": "PermissionPolicyName"
},
"PermissionPolicyType": {
"Ref": "PermissionPolicyType"
},
"AccessConfigurationId": {
"Ref": "AccessConfigurationId"
}
}
}
}
}