SecurityPreference
This class encapsulates and extends the ROS resource type ALIYUN::RAM::SecurityPreference, which is used to configure security preferences for Resource Access Management (RAM) users.
Initializers
import ros_cdk_ram
ros_cdk_ram.SecurityPreference(
scope: Construct,
id: str,
allow_user_to_change_password: typing.Union[bool, IResolvable] = None,
allow_user_to_manage_access_keys: typing.Union[bool, IResolvable] = None,
allow_user_to_manage_mfa_devices: typing.Union[bool, IResolvable] = None,
allow_user_to_manage_public_keys: typing.Union[bool, IResolvable] = None,
enable_save_mfa_ticket: typing.Union[bool, IResolvable] = None,
login_network_masks: typing.Union[str, IResolvable] = None,
login_session_duration: typing.Union[typing.Union[int, float], IResolvable] = None,
enable_resource_property_constraint: bool = None
)
| Name | Type | Description |
|---|---|---|
scope |
ros_cdk_core.Construct |
No description. |
id |
str |
No description. |
allow_user_to_change_password |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property allowUserToChangePassword: Specifies whether RAM users can change their passwords. |
allow_user_to_manage_access_keys |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs. |
allow_user_to_manage_mfa_devices |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices. |
allow_user_to_manage_public_keys |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys. |
enable_save_mfa_ticket |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon. |
login_network_masks |
typing.Union[str, ros_cdk_core.IResolvable] |
Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed. |
login_session_duration |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property loginSessionDuration: The validity period of the logon session of the RAM user. |
enable_resource_property_constraint |
bool |
No description. |
scopeRequired
- Type: ros_cdk_core.Construct
idRequired
- Type: str
allow_user_to_change_passwordOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property allowUserToChangePassword: Specifies whether RAM users can change their passwords.
Valid values: true: RAM users can change their passwords. This is the default value. false: RAM users cannot change their passwords.
allow_user_to_manage_access_keysOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs.
Valid values: true: RAM users can manage their AccessKey pairs. false: RAM users cannot manage their AccessKey pairs. This is the default value.
allow_user_to_manage_mfa_devicesOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices.
Valid values: true: RAM users can manage their MFA devices. This is the default value. false: RAM users cannot manage their MFA devices.
allow_user_to_manage_public_keysOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys.
Valid values: true: RAM users can manage their public keys. false: RAM users cannot manage their public keys. This is the default value. Note This parameter is valid only for the Japan site.
enable_save_mfa_ticketOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon.
The security codes are valid for 7 days. Valid values: true: RAM users can save MFA security codes during logon. false: RAM users cannot save MFA security codes during logon. This is the default value.
login_network_masksOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed.
This parameter applies to password-based logon and single sign-on (SSO). However, this parameter does not apply to API calls that are authenticated based on AccessKey pairs. If a subnet mask is specified, RAM users can log on to the console only by using the IP addresses in the subnet. If you do not specify a subnet mask, RAM users can log on to the console by using all IP addresses. If you want to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8. A maximum of 25 subnet masks can be set. The total length of the subnet masks can be 1 to 512 characters.
login_session_durationOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property loginSessionDuration: The validity period of the logon session of the RAM user.
Valid values: 6 to 24. Default value: 6. Unit: hours.
enable_resource_property_constraintOptional
- Type: bool
Methods
| Name | Description |
|---|---|
to_string |
Returns a string representation of this construct. |
synthesize |
Allows this construct to emit artifacts into the cloud assembly during synthesis. |
add_condition |
No description. |
add_count |
No description. |
add_dependency |
No description. |
add_resource_desc |
No description. |
apply_removal_policy |
No description. |
get_att |
No description. |
set_metadata |
No description. |
to_string
def to_string() -> str
Returns a string representation of this construct.
synthesize
def synthesize(
session: ISynthesisSession
) -> None
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack and Asset
as they participate in synthesizing the cloud assembly.
- Type: ros_cdk_core.ISynthesisSession
The synthesis session.
add_condition
def add_condition(
condition: RosCondition
) -> None
- Type: ros_cdk_core.RosCondition
add_count
def add_count(
count: typing.Union[typing.Union[int, float], IResolvable]
) -> None
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
add_dependency
def add_dependency(
resource: Resource
) -> None
- Type: ros_cdk_core.Resource
add_resource_desc
def add_resource_desc(
desc: str
) -> None
- Type: str
apply_removal_policy
def apply_removal_policy(
policy: RemovalPolicy
) -> None
- Type: ros_cdk_core.RemovalPolicy
get_att
def get_att(
name: str
) -> IResolvable
- Type: str
set_metadata
def set_metadata(
key: str,
value: typing.Any
) -> None
- Type: str
- Type: typing.Any
Static Functions
| Name | Description |
|---|---|
is_construct |
Return whether the given object is a Construct. |
is_construct
import ros_cdk_ram
ros_cdk_ram.SecurityPreference.is_construct(
x: typing.Any
)
Return whether the given object is a Construct.
- Type: typing.Any
Properties
| Name | Type | Description |
|---|---|---|
node |
ros_cdk_core.ConstructNode |
The construct tree node associated with this construct. |
ref |
str |
No description. |
stack |
ros_cdk_core.Stack |
The stack in which this resource is defined. |
resource |
ros_cdk_core.RosResource |
No description. |
attr_allow_user_to_change_password |
ros_cdk_core.IResolvable |
Attribute AllowUserToChangePassword: Specifies whether RAM users can change their passwords. |
attr_allow_user_to_manage_access_keys |
ros_cdk_core.IResolvable |
Attribute AllowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs. |
attr_allow_user_to_manage_mfa_devices |
ros_cdk_core.IResolvable |
Attribute AllowUserToManageMFADevices: Specifies whether RAM users can manage their MFA devices. |
attr_allow_user_to_manage_public_keys |
ros_cdk_core.IResolvable |
Attribute AllowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys. |
attr_enable_save_mfa_ticket |
ros_cdk_core.IResolvable |
Attribute EnableSaveMFATicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon. |
attr_login_network_masks |
ros_cdk_core.IResolvable |
Attribute LoginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed. |
attr_login_session_duration |
ros_cdk_core.IResolvable |
Attribute LoginSessionDuration: The validity period of the logon session of the RAM user. |
nodeRequired
node: ConstructNode
- Type: ros_cdk_core.ConstructNode
The construct tree node associated with this construct.
refRequired
ref: str
- Type: str
stackRequired
stack: Stack
- Type: ros_cdk_core.Stack
The stack in which this resource is defined.
resourceOptional
resource: RosResource
- Type: ros_cdk_core.RosResource
attr_allow_user_to_change_passwordRequired
attr_allow_user_to_change_password: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute AllowUserToChangePassword: Specifies whether RAM users can change their passwords.
attr_allow_user_to_manage_access_keysRequired
attr_allow_user_to_manage_access_keys: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute AllowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs.
attr_allow_user_to_manage_mfa_devicesRequired
attr_allow_user_to_manage_mfa_devices: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute AllowUserToManageMFADevices: Specifies whether RAM users can manage their MFA devices.
attr_allow_user_to_manage_public_keysRequired
attr_allow_user_to_manage_public_keys: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute AllowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys.
attr_enable_save_mfa_ticketRequired
attr_enable_save_mfa_ticket: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute EnableSaveMFATicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon.
attr_login_network_masksRequired
attr_login_network_masks: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute LoginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed.
attr_login_session_durationRequired
attr_login_session_duration: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute LoginSessionDuration: The validity period of the logon session of the RAM user.