ALIYUN::DFS::AccessRule is used to create a rule for a permission group.
Syntax
{
"Type": "ALIYUN::DFS::AccessRule",
"Properties": {
"Description": String,
"Priority": Number,
"NetworkSegment": String,
"AccessGroupId": String,
"RWAccessType": String
}
}Properties
| Property | Type | Required | Editable | Description | Constraint |
|---|---|---|---|---|---|
| Description | String | No | Yes | The description of the rule. | None. |
| Priority | Number | No | Yes | The priority of the rule. | If an authorized object matches multiple rules, the rule with the highest priority
takes effect.
Valid values: 1 to 100. The value 1 indicates the highest priority. |
| NetworkSegment | String | Yes | Yes | The IP address or CIDR block of the authorized object. | None. |
| AccessGroupId | String | Yes | No | The ID of the permission group. | None. |
| RWAccessType | String | Yes | Yes | The permissions that you want to grant to the authorized object to access the file system. | Valid values:
|
Return values
Fn::GetAtt
AccessRuleId: the ID of the rule.
Examples
-
JSONformat{ "ROSTemplateFormatVersion": "2015-09-01", "Parameters": { "NetworkSegment": { "Type": "String", "Description": "The NetworkSegment of the Access Rule.", "MaxLength": 100 }, "AccessGroupId": { "Type": "String", "Description": "The resource ID of Access Group." }, "RWAccessType": { "Type": "String", "Description": "The read/write permission of the authorized object on the file system.\nValues:\nRDWR (default) : read and write.\nRDONLY: read-only", "AllowedValues": [ "RDWR", "RDONLY" ], "Default": "RDWR" } }, "Resources": { "AccessRule": { "Type": "ALIYUN::DFS::AccessRule", "Properties": { "NetworkSegment": { "Ref": "NetworkSegment" }, "AccessGroupId": { "Ref": "AccessGroupId" }, "RWAccessType": { "Ref": "RWAccessType" } } } }, "Outputs": { "AccessRuleId": { "Description": "The ID of the access_rule.", "Value": { "Fn::GetAtt": [ "AccessRule", "AccessRuleId" ] } } } }