PolicyProps
Properties for defining a Policy.
See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-kms-policy
Initializer
import { PolicyProps } from '@alicloud/ros-cdk-kms'
const policyProps: PolicyProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
accessControlRules |
@alicloud/ros-cdk-core.IResolvable | AccessControlRulesProperty |
Property accessControlRules: Network Rules info. |
kmsInstanceId |
string | @alicloud/ros-cdk-core.IResolvable |
Property kmsInstanceId: The scope of the permission policy. |
permissions |
@alicloud/ros-cdk-core.IResolvable | string | @alicloud/ros-cdk-core.IResolvable[] |
Property permissions: The operations that can be performed. |
policyName |
string | @alicloud/ros-cdk-core.IResolvable |
Property policyName: The name of the permission policy. |
resources |
@alicloud/ros-cdk-core.IResolvable | string | @alicloud/ros-cdk-core.IResolvable[] |
Property resources: The key and secret that are allowed to access. |
description |
string | @alicloud/ros-cdk-core.IResolvable |
Property description: The description of the permission policy. |
accessControlRulesRequired
public readonly accessControlRules: IResolvable | AccessControlRulesProperty;
- Type: @alicloud/ros-cdk-core.IResolvable | AccessControlRulesProperty
Property accessControlRules: Network Rules info.
kmsInstanceIdRequired
public readonly kmsInstanceId: string | IResolvable;
- Type: string | @alicloud/ros-cdk-core.IResolvable
Property kmsInstanceId: The scope of the permission policy.
You need to specify the KMS instance that you want to access.
permissionsRequired
public readonly permissions: IResolvable | string | IResolvable[];
- Type: @alicloud/ros-cdk-core.IResolvable | string | @alicloud/ros-cdk-core.IResolvable[]
Property permissions: The operations that can be performed.
Valid values: RbacPermission\/Template\/CryptoServiceKeyUser: allows you to perform cryptographic operations. RbacPermission\/Template\/CryptoServiceSecretUser: allows you to perform secret-related operations.
policyNameRequired
public readonly policyName: string | IResolvable;
- Type: string | @alicloud/ros-cdk-core.IResolvable
Property policyName: The name of the permission policy.
resourcesRequired
public readonly resources: IResolvable | string | IResolvable[];
- Type: @alicloud/ros-cdk-core.IResolvable | string | @alicloud/ros-cdk-core.IResolvable[]
Property resources: The key and secret that are allowed to access.
Supports a maximum of 30 key and secret. Key: Enter a key in the key\/${KeyId} format. To allow access to all keys of a KMS instance, enter key\/. Secret: Enter a secret in the secret\/${SecretName} format. To allow access to all secrets of a KMS instance, enter secret\/.
descriptionOptional
public readonly description: string | IResolvable;
- Type: string | @alicloud/ros-cdk-core.IResolvable
Property description: The description of the permission policy.