SecurityPreferenceProps

Properties for defining a SecurityPreference.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-ram-securitypreference

Initializer

import ros_cdk_ram
ros_cdk_ram.SecurityPreferenceProps(
  allow_user_to_change_password: typing.Union[bool, IResolvable] = None,
  allow_user_to_manage_access_keys: typing.Union[bool, IResolvable] = None,
  allow_user_to_manage_mfa_devices: typing.Union[bool, IResolvable] = None,
  allow_user_to_manage_public_keys: typing.Union[bool, IResolvable] = None,
  enable_save_mfa_ticket: typing.Union[bool, IResolvable] = None,
  login_network_masks: typing.Union[str, IResolvable] = None,
  login_session_duration: typing.Union[typing.Union[int, float], IResolvable] = None
)

Properties

Name	Type	Description
`allow_user_to_change_password`	`typing.Union[bool, ros_cdk_core.IResolvable]`	Property allowUserToChangePassword: Specifies whether RAM users can change their passwords.
`allow_user_to_manage_access_keys`	`typing.Union[bool, ros_cdk_core.IResolvable]`	Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs.
`allow_user_to_manage_mfa_devices`	`typing.Union[bool, ros_cdk_core.IResolvable]`	Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices.
`allow_user_to_manage_public_keys`	`typing.Union[bool, ros_cdk_core.IResolvable]`	Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys.
`enable_save_mfa_ticket`	`typing.Union[bool, ros_cdk_core.IResolvable]`	Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon.
`login_network_masks`	`typing.Union[str, ros_cdk_core.IResolvable]`	Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed.
`login_session_duration`	`typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]`	Property loginSessionDuration: The validity period of the logon session of the RAM user.

`allow_user_to_change_password`^Optional

allow_user_to_change_password: typing.Union[bool, IResolvable]

Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property allowUserToChangePassword: Specifies whether RAM users can change their passwords.

Valid values: true: RAM users can change their passwords. This is the default value. false: RAM users cannot change their passwords.

`allow_user_to_manage_access_keys`^Optional

allow_user_to_manage_access_keys: typing.Union[bool, IResolvable]

Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs.

Valid values: true: RAM users can manage their AccessKey pairs. false: RAM users cannot manage their AccessKey pairs. This is the default value.

`allow_user_to_manage_mfa_devices`^Optional

allow_user_to_manage_mfa_devices: typing.Union[bool, IResolvable]

Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices.

Valid values: true: RAM users can manage their MFA devices. This is the default value. false: RAM users cannot manage their MFA devices.

`allow_user_to_manage_public_keys`^Optional

allow_user_to_manage_public_keys: typing.Union[bool, IResolvable]

Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys.

Valid values: true: RAM users can manage their public keys. false: RAM users cannot manage their public keys. This is the default value. Note This parameter is valid only for the Japan site.

`enable_save_mfa_ticket`^Optional

enable_save_mfa_ticket: typing.Union[bool, IResolvable]

Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon.

The security codes are valid for 7 days. Valid values: true: RAM users can save MFA security codes during logon. false: RAM users cannot save MFA security codes during logon. This is the default value.

`login_network_masks`^Optional

login_network_masks: typing.Union[str, IResolvable]

Type: typing.Union[str, ros_cdk_core.IResolvable]

Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed.

This parameter applies to password-based logon and single sign-on (SSO). However, this parameter does not apply to API calls that are authenticated based on AccessKey pairs. If a subnet mask is specified, RAM users can log on to the console only by using the IP addresses in the subnet. If you do not specify a subnet mask, RAM users can log on to the console by using all IP addresses. If you want to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8. A maximum of 25 subnet masks can be set. The total length of the subnet masks can be 1 to 512 characters.

`login_session_duration`^Optional

login_session_duration: typing.Union[typing.Union[int, float], IResolvable]

Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property loginSessionDuration: The validity period of the logon session of the RAM user.

Valid values: 6 to 24. Default value: 6. Unit: hours.

SecurityPreferenceProps

Initializer

Properties

allow_user_to_change_passwordOptional

allow_user_to_manage_access_keysOptional

allow_user_to_manage_mfa_devicesOptional

allow_user_to_manage_public_keysOptional

enable_save_mfa_ticketOptional

login_network_masksOptional

login_session_durationOptional