SecurityPreferenceProps
Properties for defining a SecurityPreference.
See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-ram-securitypreference
Initializer
using AlibabaCloud.SDK.ROS.CDK.Ram;
new SecurityPreferenceProps {
object AllowUserToChangePassword = null,
object AllowUserToManageAccessKeys = null,
object AllowUserToManageMfaDevices = null,
object AllowUserToManagePublicKeys = null,
object EnableSaveMfaTicket = null,
object LoginNetworkMasks = null,
object LoginSessionDuration = null
};
Properties
| Name | Type | Description |
|---|---|---|
AllowUserToChangePassword |
object |
Property allowUserToChangePassword: Specifies whether RAM users can change their passwords. |
AllowUserToManageAccessKeys |
object |
Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs. |
AllowUserToManageMfaDevices |
object |
Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices. |
AllowUserToManagePublicKeys |
object |
Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys. |
EnableSaveMfaTicket |
object |
Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon. |
LoginNetworkMasks |
object |
Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed. |
LoginSessionDuration |
object |
Property loginSessionDuration: The validity period of the logon session of the RAM user. |
AllowUserToChangePasswordOptional
public object AllowUserToChangePassword { get; set; }
- Type: object
Property allowUserToChangePassword: Specifies whether RAM users can change their passwords.
Valid values: true: RAM users can change their passwords. This is the default value. false: RAM users cannot change their passwords.
AllowUserToManageAccessKeysOptional
public object AllowUserToManageAccessKeys { get; set; }
- Type: object
Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs.
Valid values: true: RAM users can manage their AccessKey pairs. false: RAM users cannot manage their AccessKey pairs. This is the default value.
AllowUserToManageMfaDevicesOptional
public object AllowUserToManageMfaDevices { get; set; }
- Type: object
Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices.
Valid values: true: RAM users can manage their MFA devices. This is the default value. false: RAM users cannot manage their MFA devices.
AllowUserToManagePublicKeysOptional
public object AllowUserToManagePublicKeys { get; set; }
- Type: object
Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys.
Valid values: true: RAM users can manage their public keys. false: RAM users cannot manage their public keys. This is the default value. Note This parameter is valid only for the Japan site.
EnableSaveMfaTicketOptional
public object EnableSaveMfaTicket { get; set; }
- Type: object
Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon.
The security codes are valid for 7 days. Valid values: true: RAM users can save MFA security codes during logon. false: RAM users cannot save MFA security codes during logon. This is the default value.
LoginNetworkMasksOptional
public object LoginNetworkMasks { get; set; }
- Type: object
Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed.
This parameter applies to password-based logon and single sign-on (SSO). However, this parameter does not apply to API calls that are authenticated based on AccessKey pairs. If a subnet mask is specified, RAM users can log on to the console only by using the IP addresses in the subnet. If you do not specify a subnet mask, RAM users can log on to the console by using all IP addresses. If you want to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8. A maximum of 25 subnet masks can be set. The total length of the subnet masks can be 1 to 512 characters.
LoginSessionDurationOptional
public object LoginSessionDuration { get; set; }
- Type: object
Property loginSessionDuration: The validity period of the logon session of the RAM user.
Valid values: 6 to 24. Default value: 6. Unit: hours.