DATASOURCE::RAM::Policies - Resource Orchestration Service

DATASOURCE::RAM::Policies is used to query policies.

Syntax

{
  "Type": "DATASOURCE::RAM::Policies",
  "Properties": {
    "GroupName": String,
    "PolicyType": String,
    "RoleName": String,
    "UserName": String,
    "PolicyName": String,
    "RefreshOptions": String
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint

Property	Type	Required	Editable	Description	Constraint
GroupName	String	No	Yes	The name of the user group.	You must and can specify only one of the following properties: UserName, GroupName, and RoleName.
PolicyType	String	No	Yes	The policy type.	Valid values: System: system policy Custom: custom policy Note If you leave this property empty, all types of policies are returned.
RoleName	String	No	Yes	The name of the RAM role.	You must and can specify only one of the following properties: UserName, GroupName, and RoleName.
UserName	String	No	Yes	The name of the RAM user.	You must and can specify only one of the following properties: UserName, GroupName, and RoleName.
PolicyName	String	No	Yes	The policy name.	You can use the asterisk (`*`) and question mark (`?`) wildcard characters to perform a fuzzy match.
RefreshOptions	String	No	Yes	The refresh policy for data source resources when the stack is updated.	Valid values: Never (default): does not refresh data source resources when the stack is updated. Always: refreshes data source resources when the stack is updated.

Return values (Fn::GetAtt)

PolicyNames: the names of the policies.
Policies: details of the policies.

Property	Type	Description	Constraint
PolicyNames	List	The names of the policies.	None.
Policies	List	Details of the policies.	None.
DefaultVersion	String	The default version.	None.
Description	String	The description of the policy.	None.
PolicyName	String	The policy name.	None.
CreateDate	String	The creation time. The time is displayed in UTC.	None.
PolicyType	String	The policy type.	Valid values: System: system policy Custom: custom policy

Examples

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "GroupName": {
      "Type": "String",
      "Description": "The specific group to which policies attached.Only one of UserName, GroupName, and RoleName can be specified at most."
    },
    "PolicyType": {
      "Type": "String",
      "Description": "Filter the results by a specific policy type.",
      "AllowedValues": [
        "System",
        "Custom"
      ]
    },
    "RoleName": {
      "Type": "String",
      "Description": "The specific role to which policies attached.Only one of UserName, GroupName, and RoleName can be specified at most."
    },
    "UserName": {
      "Type": "String",
      "Description": "The specific user to which policies attached. Only one of UserName, GroupName, and RoleName can be specified at most."
    },
    "PolicyName": {
      "Type": "String",
      "Description": "Filter the results by a specific policy name. Supports using * and ?  to fuzzy match."
    }
  },
  "Resources": {
    "Policies": {
      "Type": "DATASOURCE::RAM::Policies",
      "Properties": {
        "GroupName": {
          "Ref": "GroupName"
        },
        "PolicyType": {
          "Ref": "PolicyType"
        },
        "RoleName": {
          "Ref": "RoleName"
        },
        "UserName": {
          "Ref": "UserName"
        },
        "PolicyName": {
          "Ref": "PolicyName"
        }
      }
    }
  },
  "Outputs": {
    "PolicyNames": {
      "Description": "The list of policy names.",
      "Value": {
        "Fn::GetAtt": [
          "Policies",
          "PolicyNames"
        ]
      }
    },
    "Policies": {
      "Description": "The list of policies.",
      "Value": {
        "Fn::GetAtt": [
          "Policies",
          "Policies"
        ]
      }
    }
  }
}