AI 助理
备案控制台
官方文档
输入文档关键字查找
首页 资源编排 开发参考 资源类型 KMS DATASOURCE::KMS::Policy

DATASOURCE::KMS::Policy

更新时间:
产品详情
我的收藏

DATASOURCE::KMS::Policy类型用于查询一个权限策略的详情。

语法

{
  "Type": "DATASOURCE::KMS::Policy",
  "Properties": {
    "PolicyName": String,
    "RefreshOptions": String
  }
}

属性

属性名称

类型

必须

允许更新

描述

约束

PolicyName

String

权限策略名称。

RefreshOptions

String

当资源栈更新时,数据源资源的刷新策略。

有效值:

  • Never(默认值):更新堆栈时,从不刷新数据源资源。

  • Always:更新堆栈时,始终刷新数据源资源。

返回值

Fn::GetAtt

  • NetworkRules:绑定的网络控制规则。

  • Description:权限策略的描述信息。

  • PolicyName:权限策略名称。

  • Permissions:权限策略支持的操作。

  • KmsInstanceId:权限策略的作用域。

  • Resources:允许访问的密钥和凭据。

示例

  • YAML格式 

    ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  PolicyName:
    Type: String
    Description:
      en: The name of the permission policy.
    Required: true
Resources:
  ExtensionDataSource:
    Type: DATASOURCE::KMS::Policy
    Properties:
      PolicyName:
        Ref: PolicyName
Outputs:
  NetworkRules:
    Description: The network access rule that is associated with the permission policy.
    Value:
      Fn::GetAtt:
        - ExtensionDataSource
        - NetworkRules
  Description:
    Description: The policy description.
    Value:
      Fn::GetAtt:
        - ExtensionDataSource
        - Description
  PolicyName:
    Description: The name of the permission policy.
    Value:
      Fn::GetAtt:
        - ExtensionDataSource
        - PolicyName
  Permissions:
    Description: A list of operations that can be performed.
    Value:
      Fn::GetAtt:
        - ExtensionDataSource
        - Permissions
  KmsInstanceId:
    Description: KMS instance accessed by this policy.
    Value:
      Fn::GetAtt:
        - ExtensionDataSource
        - KmsInstanceId
  Resources:
    Description: A list of keys and secrets that are allowed to access.
    Value:
      Fn::GetAtt:
        - ExtensionDataSource
        - Resources

  • JSON格式 

    {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "PolicyName": {
      "Type": "String",
      "Description": {
        "en": "The name of the permission policy."
      },
      "Required": true
    }
  },
  "Resources": {
    "ExtensionDataSource": {
      "Type": "DATASOURCE::KMS::Policy",
      "Properties": {
        "PolicyName": {
          "Ref": "PolicyName"
        }
      }
    }
  },
  "Outputs": {
    "NetworkRules": {
      "Description": "The network access rule that is associated with the permission policy.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionDataSource",
          "NetworkRules"
        ]
      }
    },
    "Description": {
      "Description": "The policy description.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionDataSource",
          "Description"
        ]
      }
    },
    "PolicyName": {
      "Description": "The name of the permission policy.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionDataSource",
          "PolicyName"
        ]
      }
    },
    "Permissions": {
      "Description": "A list of operations that can be performed.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionDataSource",
          "Permissions"
        ]
      }
    },
    "KmsInstanceId": {
      "Description": "KMS instance accessed by this policy.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionDataSource",
          "KmsInstanceId"
        ]
      }
    },
    "Resources": {
      "Description": "A list of keys and secrets that are allowed to access.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionDataSource",
          "Resources"
        ]
      }
    }
  }
}
上一篇:DATASOURCE::KMS::Policies下一篇:DATASOURCE::KMS::Secret