All Products
Search

This Product

    Resource Orchestration Service:ALIYUN::RAM::Application

    Document Center

    Resource Orchestration Service:ALIYUN::RAM::Application

    Last Updated:Mar 07, 2024

    ALIYUN::RAM::Application is used to create an application.

    Syntax

    {
  "Type": "ALIYUN::RAM::Application",
  "Properties": {
    "PredefinedScopes": List,
    "SecretRequired": Boolean,
    "DisplayName": String,
    "IsMultiTenant": Boolean,
    "AccessTokenValidity": Integer,
    "RedirectUris": List,
    "RefreshTokenValidity": Integer,
    "AppType": String,
    "AppName": String,
    "RequiredScopes": List
  }
}

    Properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    PredefinedScopes

    List

    No

    Yes

    The permission scopes of the application.

    For more information about the valid values and description of the permission scopes, see Overview. You can also call the ListPredefinedScopes operation to query the permission scopes that are supported by different types of applications.

    If you specify multiple permission scopes, separate them with semicolons (;).

    SecretRequired

    Boolean

    No

    Yes

    Specifies whether a secret is required.

    Valid values:

    • true

    • false

    Note

    • For applications of the WebApp and ServerApp types, this property is forcefully set to true and cannot be changed.

    • For applications of the NativeApp type, this property can be set to true or false. If you leave this property empty, the default value is false. In most cases, applications of the NativeApp type run in untrusted environments, and the secrets of the applications may not be protected. Therefore, we recommend that you do not set this property to true unless otherwise specified. For more information, see Access Alibaba Cloud APIs from a native application.

    DisplayName

    String

    Yes

    Yes

    The display name of the application.

    The display name can be up to 24 characters in length.

    IsMultiTenant

    Boolean

    No

    Yes

    Specifies whether the application can be installed by using other Alibaba Cloud accounts.

    Valid values:

    • true: If you leave this property empty for applications of the NativeApp and ServerApp types, the default value is true.

    • false: If you leave this property empty for applications of the WebApp type, the default value is false.

    AccessTokenValidity

    Integer

    No

    Yes

    The validity period of the access token.

    Valid values: 900 to 10800. Unit: seconds.

    Default value: 3600.

    RedirectUris

    List

    No

    Yes

    The callback URLs.

    None

    RefreshTokenValidity

    Integer

    No

    Yes

    The validity period of the refreshed token.

    Valid values: 7200 to 31536000. Unit: seconds.

    Default value:

    • If you leave this property empty for applications of the NativeApp and ServerApp types, the default value is 2592000. A value of 2592000 specifies that the validity period of the refreshed token is 30 days.

    • If you leave this property empty for applications of the WebApp type, the default value is 7776000. A value of 7776000 specifies that the validity period of the refreshed token is 90 days.

    AppType

    String

    Yes

    No

    The application type.

    Valid values:

    • WebApp: a web application.

    • NativeApp: a native application that runs on an OS, such as a desktop OS or mobile OS.

    • ServerApp: an application that accesses Alibaba Cloud services without the need for manual user logon. Only applications that synchronize user information based on the System for Cross-domain Identity Management (SCIM) protocol are supported.

    AppName

    String

    Yes

    No

    The application name.

    The name can be up to 64 characters in length and can contain letters, digits, periods (.), underscores (_), and hyphens (-).

    RequiredScopes

    List

    No

    Yes

    The required permissions.

    You can specify one or more permissions by using the RequiredScopes property. After you specify this property, the required permissions are automatically selected and cannot be revoked when a user grants permissions on the application.

    Note

    This property takes effect only when the permissions specified by RequiredScopes are included in the permission scopes specified by PredefinedScopes.

    Return values

    Fn::GetAtt

    • AppId: the application ID.

    • AppName: the application name.

    Examples

    • YAML format 

      ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  DisplayName:
    Type: String
    MaxLength: 24
    Default: myapp
  AppType:
    Type: String
    Description: |-
      The type of the application. Valid values:
      - **WebApp**: a web application that interacts with a browser.
      - **NativeApp**: a native application that runs on an operating system, such as a desktop operating system or a mobile operating system.
      - **ServerApp**: an application that accesses Alibaba Cloud services without the need of manual user logon. User provisioning is automated based on the System for Cross-Domain Identity Management (SCIM) protocol.
    Default: WebApp
  AppName:
    Type: String
    Description: The name of the application. The name can be up to 64 characters in length. The name can contain letters, digits, periods (.), underscores (_), and hyphens (-).
    AllowedPattern: ^[-_.a-zA-Z0-9]{1,64}$
    Default: myapp
Resources:
  Application:
    Type: ALIYUN::RAM::Application
    Properties:
      DisplayName:
        Ref: DisplayName
      AppType:
        Ref: AppType
      AppName:
        Ref: AppName
Outputs:
  AppId:
    Description: The ID of the application.
    Value:
      Fn::GetAtt:
        - Application
        - AppId
  AppName:
    Description: The name of the application.
    Value:
      Fn::GetAtt:
        - Application
        - AppName

    • JSON format 

      {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "DisplayName": {
      "Type": "String",
      "MaxLength": 24,
      "Default": "myapp"
    },
    "AppType": {
      "Type": "String",
      "Description": "The type of the application. Valid values:\n- **WebApp**: a web application that interacts with a browser.\n- **NativeApp**: a native application that runs on an operating system, such as a desktop operating system or a mobile operating system.\n- **ServerApp**: an application that accesses Alibaba Cloud services without the need of manual user logon. User provisioning is automated based on the System for Cross-Domain Identity Management (SCIM) protocol.",
      "Default": "WebApp"
    },
    "AppName": {
      "Type": "String",
      "Description": "The name of the application. The name can be up to 64 characters in length. The name can contain letters, digits, periods (.), underscores (_), and hyphens (-).",
      "AllowedPattern": "^[-_.a-zA-Z0-9]{1,64}$",
      "Default": "myapp"
    }
  },
  "Resources": {
    "Application": {
      "Type": "ALIYUN::RAM::Application",
      "Properties": {
        "DisplayName": {
          "Ref": "DisplayName"
        },
        "AppType": {
          "Ref": "AppType"
        },
        "AppName": {
          "Ref": "AppName"
        }
      }
    }
  },
  "Outputs": {
    "AppId": {
      "Description": "The ID of the application.",
      "Value": {
        "Fn::GetAtt": [
          "Application",
          "AppId"
        ]
      }
    },
    "AppName": {
      "Description": "The name of the application.",
      "Value": {
        "Fn::GetAtt": [
          "Application",
          "AppName"
        ]
      }
    }
  }
}