SecurityPreference
This class encapsulates and extends the ROS resource type ALIYUN::RAM::SecurityPreference
, which is used to configure security preferences for Resource Access Management (RAM) users.
Initializers
import com.aliyun.ros.cdk.ram.SecurityPreference;
SecurityPreference.Builder.create(Construct scope, java.lang.String id, java.lang.Boolean enableResourcePropertyConstraint)
// .allowUserToChangePassword(java.lang.Boolean)
// .allowUserToChangePassword(IResolvable)
// .allowUserToManageAccessKeys(java.lang.Boolean)
// .allowUserToManageAccessKeys(IResolvable)
// .allowUserToManageMfaDevices(java.lang.Boolean)
// .allowUserToManageMfaDevices(IResolvable)
// .allowUserToManagePublicKeys(java.lang.Boolean)
// .allowUserToManagePublicKeys(IResolvable)
// .enableSaveMfaTicket(java.lang.Boolean)
// .enableSaveMfaTicket(IResolvable)
// .loginNetworkMasks(java.lang.String)
// .loginNetworkMasks(IResolvable)
// .loginSessionDuration(java.lang.Number)
// .loginSessionDuration(IResolvable)
.build();
Name | Type | Description |
---|---|---|
scope |
com.aliyun.ros.cdk.core.Construct |
No description. |
id |
java.lang.String |
No description. |
enableResourcePropertyConstraint |
java.lang.Boolean |
No description. |
allowUserToChangePassword |
java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable |
Property allowUserToChangePassword: Specifies whether RAM users can change their passwords. |
allowUserToManageAccessKeys |
java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable |
Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs. |
allowUserToManageMfaDevices |
java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable |
Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices. |
allowUserToManagePublicKeys |
java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable |
Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys. |
enableSaveMfaTicket |
java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable |
Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon. |
loginNetworkMasks |
java.lang.String OR com.aliyun.ros.cdk.core.IResolvable |
Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed. |
loginSessionDuration |
java.lang.Number OR com.aliyun.ros.cdk.core.IResolvable |
Property loginSessionDuration: The validity period of the logon session of the RAM user. |
scope
Required
- Type: com.aliyun.ros.cdk.core.Construct
id
Required
- Type: java.lang.String
enableResourcePropertyConstraint
Optional
- Type: java.lang.Boolean
allowUserToChangePassword
Optional
- Type: java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable
Property allowUserToChangePassword: Specifies whether RAM users can change their passwords.
Valid values: true: RAM users can change their passwords. This is the default value. false: RAM users cannot change their passwords.
allowUserToManageAccessKeys
Optional
- Type: java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable
Property allowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs.
Valid values: true: RAM users can manage their AccessKey pairs. false: RAM users cannot manage their AccessKey pairs. This is the default value.
allowUserToManageMfaDevices
Optional
- Type: java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable
Property allowUserToManageMfaDevices: Specifies whether RAM users can manage their MFA devices.
Valid values: true: RAM users can manage their MFA devices. This is the default value. false: RAM users cannot manage their MFA devices.
allowUserToManagePublicKeys
Optional
- Type: java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable
Property allowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys.
Valid values: true: RAM users can manage their public keys. false: RAM users cannot manage their public keys. This is the default value. Note This parameter is valid only for the Japan site.
enableSaveMfaTicket
Optional
- Type: java.lang.Boolean OR com.aliyun.ros.cdk.core.IResolvable
Property enableSaveMfaTicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon.
The security codes are valid for 7 days. Valid values: true: RAM users can save MFA security codes during logon. false: RAM users cannot save MFA security codes during logon. This is the default value.
loginNetworkMasks
Optional
- Type: java.lang.String OR com.aliyun.ros.cdk.core.IResolvable
Property loginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed.
This parameter applies to password-based logon and single sign-on (SSO). However, this parameter does not apply to API calls that are authenticated based on AccessKey pairs. If a subnet mask is specified, RAM users can log on to the console only by using the IP addresses in the subnet. If you do not specify a subnet mask, RAM users can log on to the console by using all IP addresses. If you want to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8. A maximum of 25 subnet masks can be set. The total length of the subnet masks can be 1 to 512 characters.
loginSessionDuration
Optional
- Type: java.lang.Number OR com.aliyun.ros.cdk.core.IResolvable
Property loginSessionDuration: The validity period of the logon session of the RAM user.
Valid values: 6 to 24. Default value: 6. Unit: hours.
Methods
Name | Description |
---|---|
toString |
Returns a string representation of this construct. |
synthesize |
Allows this construct to emit artifacts into the cloud assembly during synthesis. |
addCondition |
No description. |
addCount |
No description. |
addDependency |
No description. |
addResourceDesc |
No description. |
applyRemovalPolicy |
No description. |
getAtt |
No description. |
setMetadata |
No description. |
toString
public java.lang.String toString()
Returns a string representation of this construct.
synthesize
public void synthesize(ISynthesisSession session)
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack
and Asset
as they participate in synthesizing the cloud assembly.
- Type: com.aliyun.ros.cdk.core.ISynthesisSession
The synthesis session.
addCondition
public void addCondition(RosCondition condition)
- Type: com.aliyun.ros.cdk.core.RosCondition
addCount
public void addCount(java.lang.Number OR IResolvable count)
- Type: java.lang.Number OR com.aliyun.ros.cdk.core.IResolvable
addDependency
public void addDependency(Resource resource)
- Type: com.aliyun.ros.cdk.core.Resource
addResourceDesc
public void addResourceDesc(java.lang.String desc)
- Type: java.lang.String
applyRemovalPolicy
public void applyRemovalPolicy(RemovalPolicy policy)
- Type: com.aliyun.ros.cdk.core.RemovalPolicy
getAtt
public IResolvable getAtt(java.lang.String name)
- Type: java.lang.String
setMetadata
public void setMetadata(java.lang.String key, java.lang.Object value)
- Type: java.lang.String
- Type: java.lang.Object
Static Functions
Name | Description |
---|---|
isConstruct |
Return whether the given object is a Construct. |
isConstruct
import com.aliyun.ros.cdk.ram.SecurityPreference;
SecurityPreference.isConstruct(java.lang.Object x)
Return whether the given object is a Construct.
- Type: java.lang.Object
Properties
Name | Type | Description |
---|---|---|
node |
com.aliyun.ros.cdk.core.ConstructNode |
The construct tree node associated with this construct. |
ref |
java.lang.String |
No description. |
stack |
com.aliyun.ros.cdk.core.Stack |
The stack in which this resource is defined. |
resource |
com.aliyun.ros.cdk.core.RosResource |
No description. |
attrAllowUserToChangePassword |
com.aliyun.ros.cdk.core.IResolvable |
Attribute AllowUserToChangePassword: Specifies whether RAM users can change their passwords. |
attrAllowUserToManageAccessKeys |
com.aliyun.ros.cdk.core.IResolvable |
Attribute AllowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs. |
attrAllowUserToManageMfaDevices |
com.aliyun.ros.cdk.core.IResolvable |
Attribute AllowUserToManageMFADevices: Specifies whether RAM users can manage their MFA devices. |
attrAllowUserToManagePublicKeys |
com.aliyun.ros.cdk.core.IResolvable |
Attribute AllowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys. |
attrEnableSaveMfaTicket |
com.aliyun.ros.cdk.core.IResolvable |
Attribute EnableSaveMFATicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon. |
attrLoginNetworkMasks |
com.aliyun.ros.cdk.core.IResolvable |
Attribute LoginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed. |
attrLoginSessionDuration |
com.aliyun.ros.cdk.core.IResolvable |
Attribute LoginSessionDuration: The validity period of the logon session of the RAM user. |
node
Required
public ConstructNode getNode();
- Type: com.aliyun.ros.cdk.core.ConstructNode
The construct tree node associated with this construct.
ref
Required
public java.lang.String getRef();
- Type: java.lang.String
stack
Required
public Stack getStack();
- Type: com.aliyun.ros.cdk.core.Stack
The stack in which this resource is defined.
resource
Optional
public RosResource getResource();
- Type: com.aliyun.ros.cdk.core.RosResource
attrAllowUserToChangePassword
Required
public IResolvable getAttrAllowUserToChangePassword();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute AllowUserToChangePassword: Specifies whether RAM users can change their passwords.
attrAllowUserToManageAccessKeys
Required
public IResolvable getAttrAllowUserToManageAccessKeys();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute AllowUserToManageAccessKeys: Specifies whether RAM users can manage their AccessKey pairs.
attrAllowUserToManageMfaDevices
Required
public IResolvable getAttrAllowUserToManageMfaDevices();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute AllowUserToManageMFADevices: Specifies whether RAM users can manage their MFA devices.
attrAllowUserToManagePublicKeys
Required
public IResolvable getAttrAllowUserToManagePublicKeys();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute AllowUserToManagePublicKeys: Specifies whether RAM users can manage their public keys.
attrEnableSaveMfaTicket
Required
public IResolvable getAttrEnableSaveMfaTicket();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute EnableSaveMFATicket: Specifies whether RAM users can save multi-factor authentication (MFA) security codes during logon.
attrLoginNetworkMasks
Required
public IResolvable getAttrLoginNetworkMasks();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute LoginNetworkMasks: The subnet mask that specifies the IP addresses from which logon to the console is allowed.
attrLoginSessionDuration
Required
public IResolvable getAttrLoginSessionDuration();
- Type: com.aliyun.ros.cdk.core.IResolvable
Attribute LoginSessionDuration: The validity period of the logon session of the RAM user.