ALIYUN::ResourceManager::Role类型用于创建角色。
语法
{
"Type": "ALIYUN::ResourceManager::Role",
"Properties": {
"AssumeRolePolicyDocument": Map,
"RoleName": String,
"Description": String,
"MaxSessionDuration": Integer
}
}属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
AssumeRolePolicyDocument |
Map |
是 |
是 |
扮演角色的权限策略内容。 |
无 |
|
RoleName |
String |
是 |
否 |
角色名称。 |
无 |
|
Description |
String |
否 |
否 |
资源管理器角色的描述。 |
无 |
|
MaxSessionDuration |
Integer |
否 |
是 |
角色最大会话时间。 |
取值范围:3600到43200。 |
返回值
Fn::GetAtt
-
MaxSessionDuration:角色最大会话时间。有效取值:[3600-43200]。
-
UpdateDate:角色更新时间。
-
RoleName:角色名称。
-
Description:资源管理器角色的描述。
-
AssumeRolePolicyDocument:扮演角色的权限策略内容。
-
CreateTime:角色创建时间。
-
Arn:角色的资源描述符。
-
RoleId:资源管理器角色的ID。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
MaxSessionDuration:
Type: Number
Description:
en: 'Role maximum session time. Valid values: [3600-43200]. Default to 3600.'
MinValue: 3600
MaxValue: 43200
Default: Null
Required: false
RoleName:
Type: String
Description:
en: Role Name.
Required: true
Description:
Type: String
Description:
en: The description of the Resource Manager role.
AssociationProperty: TextArea
Default: Null
Required: false
AssumeRolePolicyDocument:
Description:
en: The content of the permissions strategy that plays a role.
Required: true
Type: Json
Resources:
ExtensionResource:
Type: ALIYUN::ResourceManager::Role
Properties:
MaxSessionDuration:
Ref: MaxSessionDuration
RoleName:
Ref: RoleName
Description:
Ref: Description
AssumeRolePolicyDocument:
Ref: AssumeRolePolicyDocument
Outputs:
Description:
Value:
Fn::GetAtt:
- ExtensionResource
- Description
Description: The description of the Resource Manager role.
AssumeRolePolicyDocument:
Value:
Fn::GetAtt:
- ExtensionResource
- AssumeRolePolicyDocument
Description: The content of the permissions strategy that plays a role.
MaxSessionDuration:
Value:
Fn::GetAtt:
- ExtensionResource
- MaxSessionDuration
Description: 'Role maximum session time. Valid values: [3600-43200].'
RoleId:
Value:
Fn::GetAtt:
- ExtensionResource
- RoleId
Description: This ID of Resource Manager role.
UpdateDate:
Value:
Fn::GetAtt:
- ExtensionResource
- UpdateDate
Description: Role update time.
RoleName:
Value:
Fn::GetAtt:
- ExtensionResource
- RoleName
Description: Role Name.
CreateTime:
Value:
Fn::GetAtt:
- ExtensionResource
- CreateTime
Description: Role creation time.
Arn:
Value:
Fn::GetAtt:
- ExtensionResource
- Arn
Description: The resource descriptor of the role.
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"MaxSessionDuration": {
"Type": "Number",
"Description": {
"en": "Role maximum session time. Valid values: [3600-43200]. Default to 3600."
},
"MinValue": 3600,
"MaxValue": 43200,
"Default": null,
"Required": false
},
"RoleName": {
"Type": "String",
"Description": {
"en": "Role Name."
},
"Required": true
},
"Description": {
"Type": "String",
"Description": {
"en": "The description of the Resource Manager role."
},
"AssociationProperty": "TextArea",
"Default": null,
"Required": false
},
"AssumeRolePolicyDocument": {
"Description": {
"en": "The content of the permissions strategy that plays a role."
},
"Required": true,
"Type": "Json"
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::ResourceManager::Role",
"Properties": {
"MaxSessionDuration": {
"Ref": "MaxSessionDuration"
},
"RoleName": {
"Ref": "RoleName"
},
"Description": {
"Ref": "Description"
},
"AssumeRolePolicyDocument": {
"Ref": "AssumeRolePolicyDocument"
}
}
}
},
"Outputs": {
"Description": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Description"
]
},
"Description": "The description of the Resource Manager role."
},
"AssumeRolePolicyDocument": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AssumeRolePolicyDocument"
]
},
"Description": "The content of the permissions strategy that plays a role."
},
"MaxSessionDuration": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"MaxSessionDuration"
]
},
"Description": "Role maximum session time. Valid values: [3600-43200]."
},
"RoleId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"RoleId"
]
},
"Description": "This ID of Resource Manager role."
},
"UpdateDate": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"UpdateDate"
]
},
"Description": "Role update time."
},
"RoleName": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"RoleName"
]
},
"Description": "Role Name."
},
"CreateTime": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"CreateTime"
]
},
"Description": "Role creation time."
},
"Arn": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Arn"
]
},
"Description": "The resource descriptor of the role."
}
}
}该文章对您有帮助吗?