ALIYUN:: RAM:: Group is used to create a RAM user Group.
Syntax
{
"Type": "ALIYUN::RAM::Group",
"Properties": {
"GroupName": String,
"Comments": String,
"Policies": List
}
}Properties
| Property Name | Type | Required | Update allowed | Description | Constraints |
|---|---|---|---|---|---|
| GroupName | String | Yes | No | The name of the user group. | It can be 1 to The name must be 64 characters in length and can contain letters, numbers, and hyphens (-). |
| Comments | String | No | No | The remarks. | It can be 1 to 128 characters. |
| Policies | List | No | No | The policy. | None. |
Policies syntax
"Policies": [
{
"PolicyName": String,
"PolicyDocument": {
"Version": String,
"Statement": [
{
"Effect": String,
"Action": List,
"Resource": List
}
]
}
}
] Policies properties
| Property Name | Type | Required | Update allowed | Description | Constraints |
|---|---|---|---|---|---|
| PolicyName | String | Yes | No | The name of the policy. | It can be 1 to 128 characters long and can contain letters, numbers, and hyphens (-). |
| PolicyDocument | Map | No | No | The policy content. | It can be 1 to 2048 bytes. |
| Version | String | No | No | The version of the policy. | None. |
| Statement | List | No | No | The specific rules of the policy. | None. |
| Action | List | No | No | The specific operations for the policy. | None. |
| Resource | List | No | No | The resources to which the policy is applied. | None. |
| Effect | String | No | No | Whether an operation can be performed on a resource. | None. |
Return value
Fn::GetAtt
GroupName: User group name.
Example
{
"ROSTemplateFormatVersion": "2015-09-01",
"Resources": {
"RamGroup": {
"Type": "ALIYUN::RAM::Group",
"Properties": {
"GroupName": "RosTestGroup",
"Comments": "createdByRos",
"Policies": [
{
"PolicyName": "RosPolicy",
"PolicyDocument": {
"Version": "1",
"Statement": [
{
"Effect": "Allow",
"Action": [
"oss:*"
],
"Resource": [
"acs:oss:*:*:*"
]
}
]
}
}
]
}
},
"Outputs": {
"GroupName": {
"Value": {
"Fn::GetAtt": [
"RamGroup",
"GroupName"
]
}
}
}
}
}