PolicyProps

Properties for defining a Policy.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-policy

Initializer

import ros_cdk_kms
ros_cdk_kms.PolicyProps(
  access_control_rules: typing.Union[IResolvable, AccessControlRulesProperty],
  kms_instance_id: typing.Union[str, IResolvable],
  permissions: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]],
  policy_name: typing.Union[str, IResolvable],
  resources: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]],
  description: typing.Union[str, IResolvable] = None
)

Properties

Name	Type	Description
`access_control_rules`	`typing.Union[ros_cdk_core.IResolvable, AccessControlRulesProperty]`	Property accessControlRules: Network Rules info.
`kms_instance_id`	`typing.Union[str, ros_cdk_core.IResolvable]`	Property kmsInstanceId: The scope of the permission policy.
`permissions`	`typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]`	Property permissions: The operations that can be performed.
`policy_name`	`typing.Union[str, ros_cdk_core.IResolvable]`	Property policyName: The name of the permission policy.
`resources`	`typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]`	Property resources: The key and secret that are allowed to access.
`description`	`typing.Union[str, ros_cdk_core.IResolvable]`	Property description: The description of the permission policy.

`access_control_rules`^Required

access_control_rules: typing.Union[IResolvable, AccessControlRulesProperty]

Type: typing.Union[ros_cdk_core.IResolvable, AccessControlRulesProperty]

Property accessControlRules: Network Rules info.

`kms_instance_id`^Required

kms_instance_id: typing.Union[str, IResolvable]

Type: typing.Union[str, ros_cdk_core.IResolvable]

Property kmsInstanceId: The scope of the permission policy.

You need to specify the KMS instance that you want to access.

`permissions`^Required

permissions: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]]

Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]

Property permissions: The operations that can be performed.

Valid values: RbacPermission/Template/CryptoServiceKeyUser: allows you to perform cryptographic operations. RbacPermission/Template/CryptoServiceSecretUser: allows you to perform secret-related operations.

`policy_name`^Required

policy_name: typing.Union[str, IResolvable]

Type: typing.Union[str, ros_cdk_core.IResolvable]

Property policyName: The name of the permission policy.

`resources`^Required

resources: typing.Union[IResolvable, typing.List[typing.Union[str, IResolvable]]]

Type: typing.Union[ros_cdk_core.IResolvable, typing.List[typing.Union[str, ros_cdk_core.IResolvable]]]

Property resources: The key and secret that are allowed to access.

Supports a maximum of 30 key and secret. Key: Enter a key in the key/${KeyId} format. To allow access to all keys of a KMS instance, enter key/. Secret: Enter a secret in the secret/${SecretName} format. To allow access to all secrets of a KMS instance, enter secret/.

`description`^Optional

description: typing.Union[str, IResolvable]

Type: typing.Union[str, ros_cdk_core.IResolvable]

Property description: The description of the permission policy.

PolicyProps

Initializer

Properties

access_control_rulesRequired

kms_instance_idRequired

permissionsRequired

policy_nameRequired

resourcesRequired

descriptionOptional