edit-icon download-icon

ALIYUN::RAM::ManagedPolicy

Last Updated: Jun 13, 2018

The ALIYUN::RAM::ManagedPolicy type is used to create a RAM management policy.

Syntax

  1. {
  2. "Type" : "ALIYUN::RAM::ManagedPolicy",
  3. "Properties" : {
  4. "PolicyName" : String,
  5. "Description": String,
  6. "PolicyDocument" : Map,
  7. "Users" : List,
  8. "Groups" : List,
  9. "Roles" : List
  10. }
  11. }

Attributes

Attribute name Type Required Description Constraint
PolicyName string Yes Policy name The policy name can contain a maximum of 128 characters
Description string No Policy description The description can contain a maximum of 1,024 characters
PolicyDocument map Yes Policy details N/A
Users list No Users to which the policy is applied N/A
Groups list No Groups to which the policy is applied N/A
Roles list No Roles to which the policy is appliedN/A

PolicyDocument syntax

  1. "PolicyDocument" : {
  2. "Version": String,
  3. "Statement" : [
  4. {
  5. "Effect" : String,
  6. "Action" : List,
  7. "Resource" : List
  8. }
  9. ]
  10. }

PolicyDocument attributes

Attribute name Type Required? Description Constraint
Version string No Policy version N/A
Statement list No Policy rulesN/A
Action list No Policy-specific operation N/A
Resource list No Resource to which the policy is applied N/A
Effect string No Whether the operation defined by the Action parameter can be performed on the resource defined by the Resource parameterN/A

Return values

Fn::GetAtt

PolicyName: policy name.

Example

  1. {
  2. "ROSTemplateFormatVersion" : "2015-09-01",
  3. "Resources" : {
  4. "RamPolicy": {
  5. "Type": "ALIYUN::RAM::ManagedPolicy",
  6. "Properties": {
  7. "PolicyName": "RosTest",
  8. "Description": "createdByRos",
  9. "PolicyDocument" : {
  10. "Version": "1",
  11. "Statement" : [
  12. {
  13. "Effect" : "Allow",
  14. "Action" : [ "oss:*" ],
  15. "Resource" : ["acs:oss:*:*:*"]
  16. }
  17. ]
  18. },
  19. "Roles": ["RosRole"],
  20. "Groups": ["RosGroup"],
  21. "Users": ["RosUser"]
  22. }
  23. }
  24. },
  25. "Outputs": {
  26. "PolicyName": {
  27. "Value": {
  28. "Fn::GetAtt": ["RamPolicy","PolicyName"]
  29. }
  30. }
  31. }
  32. }
Thank you! We've received your feedback.