ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition类型用于为访问配置添加权限策略。
语法
{
"Type": "ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition",
"Properties": {
"InlinePolicyDocument": Map,
"DirectoryId": String,
"PermissionPolicyName": String,
"PermissionPolicyType": String,
"AccessConfigurationId": String
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
AccessConfigurationId | String | 是 | 否 | 访问配置ID。 | 无 |
DirectoryId | String | 是 | 否 | 目录ID。 | 无 |
PermissionPolicyName | String | 是 | 否 | 权限策略名称。 | 取值:
|
PermissionPolicyType | String | 是 | 否 | 权限策略类型。 | 取值:
|
InlinePolicyDocument | Map | 否 | 否 | 内置策略内容。 | 长度:最大4096个字符。 当 |
返回值
Fn::GetAtt
无
示例
YAML格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
AccessConfigurationId:
Description:
en: The ID of the access configuration.
Required: true
Type: String
DirectoryId:
Description:
en: The ID of the directory.
Required: true
Type: String
InlinePolicyDocument:
Description:
en: 'The configurations of the inline policy.
The value can be up to 4,096 characters in length.
If you set PermissionPolicyType to Inline, you must specify this parameter.'
Required: false
Type: Json
PermissionPolicyName:
Description:
en: 'The name of the permission policy.
- If you set PermissionPolicyType to System, you must set this parameter to
the name of the system policy. You can obtain the name of the system policy
from RAM.
- If you set PermissionPolicyType to Inline, you must set this parameter to
the name of the inline policy. A custom value is supported.'
Required: true
Type: String
PermissionPolicyType:
AllowedValues:
- System
- Inline
Description:
en: 'The type of the permission policy. Valid values:
- System: system policy. Resource Access Management (RAM) system policies
are reused.
- Inline: inline policy. Inline policies are created based on the RAM policy
syntax and structure.'
Required: true
Type: String
Resources:
PermissionPolicy:
Properties:
AccessConfigurationId:
Ref: AccessConfigurationId
DirectoryId:
Ref: DirectoryId
InlinePolicyDocument:
Ref: InlinePolicyDocument
PermissionPolicyName:
Ref: PermissionPolicyName
PermissionPolicyType:
Ref: PermissionPolicyType
Type: ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition
JSON格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"InlinePolicyDocument": {
"Type": "Json",
"Description": {
"en": "The configurations of the inline policy.\nThe value can be up to 4,096 characters in length.\nIf you set PermissionPolicyType to Inline, you must specify this parameter."
},
"Required": false
},
"DirectoryId": {
"Type": "String",
"Description": {
"en": "The ID of the directory."
},
"Required": true
},
"PermissionPolicyName": {
"Type": "String",
"Description": {
"en": "The name of the permission policy.\n- If you set PermissionPolicyType to System, you must set this parameter to the name of the system policy. You can obtain the name of the system policy from RAM.\n- If you set PermissionPolicyType to Inline, you must set this parameter to the name of the inline policy. A custom value is supported."
},
"Required": true
},
"PermissionPolicyType": {
"Type": "String",
"Description": {
"en": "The type of the permission policy. Valid values:\n- System: system policy. Resource Access Management (RAM) system policies are reused.\n- Inline: inline policy. Inline policies are created based on the RAM policy syntax and structure."
},
"AllowedValues": [
"System",
"Inline"
],
"Required": true
},
"AccessConfigurationId": {
"Type": "String",
"Description": {
"en": "The ID of the access configuration."
},
"Required": true
}
},
"Resources": {
"PermissionPolicy": {
"Type": "ALIYUN::CloudSSO::PermissionPolicyToAccessConfigurationAddition",
"Properties": {
"InlinePolicyDocument": {
"Ref": "InlinePolicyDocument"
},
"DirectoryId": {
"Ref": "DirectoryId"
},
"PermissionPolicyName": {
"Ref": "PermissionPolicyName"
},
"PermissionPolicyType": {
"Ref": "PermissionPolicyType"
},
"AccessConfigurationId": {
"Ref": "AccessConfigurationId"
}
}
}
}
}