Policy
This class encapsulates and extends the ROS resource type ALIYUN::KMS::Policy.
Initializers
import com.aliyun.ros.cdk.kms.Policy;
Policy.Builder.create(Construct scope, java.lang.String id, java.lang.Boolean enableResourcePropertyConstraint)
.accessControlRules(IResolvable)
.accessControlRules(AccessControlRulesProperty)
.kmsInstanceId(java.lang.String)
.kmsInstanceId(IResolvable)
.permissions(IResolvable)
.permissions(java.util.List<java.lang.String)
.permissions(IResolvable>)
.policyName(java.lang.String)
.policyName(IResolvable)
.resources(IResolvable)
.resources(java.util.List<java.lang.String)
.resources(IResolvable>)
// .description(java.lang.String)
// .description(IResolvable)
.build();
| Name | Type | Description |
|---|---|---|
scope |
com.aliyun.ros.cdk.core.Construct |
No description. |
id |
java.lang.String |
No description. |
enableResourcePropertyConstraint |
java.lang.Boolean |
No description. |
accessControlRules |
com.aliyun.ros.cdk.core.IResolvable OR AccessControlRulesProperty |
Property accessControlRules: Network Rules info. |
kmsInstanceId |
java.lang.String OR com.aliyun.ros.cdk.core.IResolvable |
Property kmsInstanceId: The scope of the permission policy. |
permissions |
com.aliyun.ros.cdk.core.IResolvable OR java.util.List |
Property permissions: The operations that can be performed. |
policyName |
java.lang.String OR com.aliyun.ros.cdk.core.IResolvable |
Property policyName: The name of the permission policy. |
resources |
com.aliyun.ros.cdk.core.IResolvable OR java.util.List |
Property resources: The key and secret that are allowed to access. |
description |
java.lang.String OR com.aliyun.ros.cdk.core.IResolvable |
Property description: The description of the permission policy. |
scopeRequired
- Type: com.aliyun.ros.cdk.core.Construct
idRequired
- Type: java.lang.String
enableResourcePropertyConstraintOptional
- Type: java.lang.Boolean
accessControlRulesRequired
- Type: com.aliyun.ros.cdk.core.IResolvable OR AccessControlRulesProperty
Property accessControlRules: Network Rules info.
kmsInstanceIdRequired
- Type: java.lang.String OR com.aliyun.ros.cdk.core.IResolvable
Property kmsInstanceId: The scope of the permission policy.
You need to specify the KMS instance that you want to access.
permissionsRequired
- Type: com.aliyun.ros.cdk.core.IResolvable OR java.util.List
Property permissions: The operations that can be performed.
Valid values: RbacPermission/Template/CryptoServiceKeyUser: allows you to perform cryptographic operations. RbacPermission/Template/CryptoServiceSecretUser: allows you to perform secret-related operations.
policyNameRequired
- Type: java.lang.String OR com.aliyun.ros.cdk.core.IResolvable
Property policyName: The name of the permission policy.
resourcesRequired
- Type: com.aliyun.ros.cdk.core.IResolvable OR java.util.List
Property resources: The key and secret that are allowed to access.
Supports a maximum of 30 key and secret. Key: Enter a key in the key/${KeyId} format. To allow access to all keys of a KMS instance, enter key/. Secret: Enter a secret in the secret/${SecretName} format. To allow access to all secrets of a KMS instance, enter secret/.
descriptionOptional
- Type: java.lang.String OR com.aliyun.ros.cdk.core.IResolvable
Property description: The description of the permission policy.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
synthesize |
Allows this construct to emit artifacts into the cloud assembly during synthesis. |
addCondition |
No description. |
addCount |
No description. |
addDependency |
No description. |
addResourceDesc |
No description. |
applyRemovalPolicy |
No description. |
getAtt |
No description. |
setMetadata |
No description. |
toString
public java.lang.String toString()
Returns a string representation of this construct.
synthesize
public void synthesize(ISynthesisSession session)
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack and Asset
as they participate in synthesizing the cloud assembly.
- Type: com.aliyun.ros.cdk.core.ISynthesisSession
The synthesis session.
addCondition
public void addCondition(RosCondition condition)
- Type: com.aliyun.ros.cdk.core.RosCondition
addCount
public void addCount(java.lang.Number OR IResolvable count)
- Type: java.lang.Number OR com.aliyun.ros.cdk.core.IResolvable
addDependency
public void addDependency(Resource resource)
- Type: com.aliyun.ros.cdk.core.Resource
addResourceDesc
public void addResourceDesc(java.lang.String desc)
- Type: java.lang.String
applyRemovalPolicy
public void applyRemovalPolicy(RemovalPolicy policy)
- Type: com.aliyun.ros.cdk.core.RemovalPolicy
getAtt
public IResolvable getAtt(java.lang.String name)
- Type: java.lang.String
setMetadata
public void setMetadata(java.lang.String key, java.lang.Object value)
- Type: java.lang.String
- Type: java.lang.Object
Static Functions
| Name | Description |
|---|---|
isConstruct |
Return whether the given object is a Construct. |
isConstruct
import com.aliyun.ros.cdk.kms.Policy;
Policy.isConstruct(java.lang.Object x)
Return whether the given object is a Construct.
- Type: java.lang.Object
Properties
| Name | Type | Description |
|---|---|---|
node |
com.aliyun.ros.cdk.core.ConstructNode |
The construct tree node associated with this construct. |
ref |
java.lang.String |
No description. |
stack |
com.aliyun.ros.cdk.core.Stack |
The stack in which this resource is defined. |
resource |
com.aliyun.ros.cdk.core.RosResource |
No description. |
attrAccessControlRules |
com.aliyun.ros.cdk.core.IResolvable |
Attribute AccessControlRules: Network Rules info. |
attrDescription |
com.aliyun.ros.cdk.core.IResolvable |
Attribute Description: Description. |
attrKmsInstanceId |
com.aliyun.ros.cdk.core.IResolvable |
Attribute KmsInstanceId: The scope of the permission policy. |
attrPermissions |
com.aliyun.ros.cdk.core.IResolvable |
Attribute Permissions: RbacPermission Template, support RbacPermission/Template/CryptoServiceKeyUser and RbacPermission/Template/CryptoServiceSecretUser. |
attrPolicyName |
com.aliyun.ros.cdk.core.IResolvable |
Attribute PolicyName: The name of the permission policy. |
attrResources |
com.aliyun.ros.cdk.core.IResolvable |
Attribute Resources: Resources that allowed access by this policy. |
nodeRequired
public ConstructNode getNode();
- Type: com.aliyun.ros.cdk.core.ConstructNode
The construct tree node associated with this construct.
refRequired
public java.lang.String getRef();
- Type: java.lang.String
stackRequired
public Stack getStack();
- Type: com.aliyun.ros.cdk.core.Stack
The stack in which this resource is defined.
resourceOptional
public RosResource getResource();
- Type: com.aliyun.ros.cdk.core.RosResource
attrAccessControlRulesRequired
public IResolvable getAttrAccessControlRules();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute AccessControlRules: Network Rules info.
attrDescriptionRequired
public IResolvable getAttrDescription();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute Description: Description.
attrKmsInstanceIdRequired
public IResolvable getAttrKmsInstanceId();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute KmsInstanceId: The scope of the permission policy.
You need to specify the KMS instance that you want to access.
attrPermissionsRequired
public IResolvable getAttrPermissions();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute Permissions: RbacPermission Template, support RbacPermission/Template/CryptoServiceKeyUser and RbacPermission/Template/CryptoServiceSecretUser.
attrPolicyNameRequired
public IResolvable getAttrPolicyName();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute PolicyName: The name of the permission policy.
attrResourcesRequired
public IResolvable getAttrResources();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute Resources: Resources that allowed access by this policy.