The ALIYUN::RAM::Group type is used to create a RAM user group.
Syntax
{"Type" : "ALIYUN::RAM::Group","Properties" : {"GroupName" : String,"Comments" : String,"Policies" : List}}
Attributes
| Attribute name | Type | Required | Description | Constraint |
|---|---|---|---|---|
| GroupName | string | Yes | Group name | The group name is a string of 1 to 64 characters including English letters, digits, and hyphens(-) |
| Comments | string | No | Group remarks | The remarks can contain a maximum of 128 characters |
| Policies | list | No | Group policy | N/A |
Policies syntax
"Policies" : [{"PolicyName" : String,"PolicyDocument" : {"Version": String,"Statement" : [{"Effect" : String,"Action" : List,"Resource" : List}]}}]
Policies attributes
| Attribute name | Type | Required | Description | Constraint |
|---|---|---|---|---|
| PolicyName | string | Yes | Policy name | The policy name can contain a maximum of 128 characters |
| PolicyDocument | map | No | Policy details | N/A |
| Version | string | No | Policy version | N/A |
| Statement | list | No | Policy rules | N/A |
| Action | list | No | Policy-specific operation | N/A |
| Resource | list | No | Resource to which the policy is applied | N/A |
| Effect | string | No | Whether the operation defined by the Action parameter can be performed on the resource defined by the Resource parameter | N/A |
Return values
Fn::GetAtt
GroupName: group name.
Example
{"ROSTemplateFormatVersion" : "2015-09-01","Resources" : {"RamGroup": {"Type": "ALIYUN::RAM::Group","Properties": {"GroupName": "RosTestGroup","Comments": "createdByRos","Policies" : [{"PolicyName" : "RosPolicy","PolicyDocument" : {"Version": "1","Statement" : [{"Effect" : "Allow","Action" : [ "oss:*" ],"Resource" : ["acs:oss:*:*:*"]}]}]}},"Outputs": {"GroupName": {"Value" : {"Fn::GetAtt": ["RamGroup", "GroupName"]}}}}