pulumi-alicloud-kotlin/com.pulumi.alicloud.ram.kotlin/PolicyArgs

PolicyArgs

data class PolicyArgs(val description: Output<String>? = null, val document: Output<String>? = null, val force: Output<Boolean>? = null, val name: Output<String>? = null, val policyDocument: Output<String>? = null, val policyName: Output<String>? = null, val rotateStrategy: Output<String>? = null, val statements: Output<List<PolicyStatementArgs>>? = null, val tags: Output<Map<String, String>>? = null, val version: Output<String>? = null) : ConvertibleToJava<PolicyArgs>

Provides a RAM Policy resource. For information about RAM Policy and how to use it, see What is Policy.

NOTE: Available since v1.0.0. NOTE: When you want to destroy this resource forcefully(means remove all the relationships associated with it automatically and then destroy it) without set force with true at beginning, you need add force = true to configuration file and run pulumi preview, then you can delete resource forcefully. NOTE: Each policy can own at most 5 versions and the oldest version will be removed after its version achieves 5. NOTE: If the policy has multiple versions, all non-default versions will be deleted first when deleting policy.

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
import * as random from "@pulumi/random";
// Create a new RAM Policy.
const _default = new random.index.Integer("default", {
    min: 10000,
    max: 99999,
});
const policy = new alicloud.ram.Policy("policy", {
    policyName: `tf-example-${_default.result}`,
    policyDocument: `  {
    "Statement": [
      {
        "Action": [
          "oss:ListObjects",
          "oss:GetObject"
        ],
        "Effect": "Allow",
        "Resource": [
          "acs:oss:*:*:mybucket",
          "acs:oss:*:*:mybucket/*"
        ]
      }
    ],
      "Version": "1"
  }
`,
    description: "this is a policy test",
});
Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
import pulumi_random as random
# Create a new RAM Policy.
default = random.index.Integer("default",
    min=10000,
    max=99999)
policy = alicloud.ram.Policy("policy",
    policy_name=f"tf-example-{default['result']}",
    policy_document="""  {
    "Statement": [
      {
        "Action": [
          "oss:ListObjects",
          "oss:GetObject"
        ],
        "Effect": "Allow",
        "Resource": [
          "acs:oss:*:*:mybucket",
          "acs:oss:*:*:mybucket/*"
        ]
      }
    ],
      "Version": "1"
  }
""",
    description="this is a policy test")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
using Random = Pulumi.Random;
return await Deployment.RunAsync(() =>
{
    // Create a new RAM Policy.
    var @default = new Random.Index.Integer("default", new()
    {
        Min = 10000,
        Max = 99999,
    });
    var policy = new AliCloud.Ram.Policy("policy", new()
    {
        PolicyName = $"tf-example-{@default.Result}",
        PolicyDocument = @"  {
    ""Statement"": [
      {
        ""Action"": [
          ""oss:ListObjects"",
          ""oss:GetObject""
        ],
        ""Effect"": ""Allow"",
        ""Resource"": [
          ""acs:oss:*:*:mybucket"",
          ""acs:oss:*:*:mybucket/*""
        ]
      }
    ],
      ""Version"": ""1""
  }
",
        Description = "this is a policy test",
    });
});
Content copied to clipboard
package main
import (
	"fmt"
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/ram"
	"github.com/pulumi/pulumi-random/sdk/v4/go/random"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// Create a new RAM Policy.
		_default, err := random.NewInteger(ctx, "default", &random.IntegerArgs{
			Min: 10000,
			Max: 99999,
		})
		if err != nil {
			return err
		}
		_, err = ram.NewPolicy(ctx, "policy", &ram.PolicyArgs{
			PolicyName: pulumi.Sprintf("tf-example-%v", _default.Result),
			PolicyDocument: pulumi.String(`  {
    "Statement": [
      {
        "Action": [
          "oss:ListObjects",
          "oss:GetObject"
        ],
        "Effect": "Allow",
        "Resource": [
          "acs:oss:*:*:mybucket",
          "acs:oss:*:*:mybucket/*"
        ]
      }
    ],
      "Version": "1"
  }
`),
			Description: pulumi.String("this is a policy test"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.integer;
import com.pulumi.random.IntegerArgs;
import com.pulumi.alicloud.ram.Policy;
import com.pulumi.alicloud.ram.PolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        // Create a new RAM Policy.
        var default_ = new Integer("default", IntegerArgs.builder()
            .min(10000)
            .max(99999)
            .build());
        var policy = new Policy("policy", PolicyArgs.builder()
            .policyName(String.format("tf-example-%s", default_.result()))
            .policyDocument("""
  {
    "Statement": [
      {
        "Action": [
          "oss:ListObjects",
          "oss:GetObject"
        ],
        "Effect": "Allow",
        "Resource": [
          "acs:oss:*:*:mybucket",
          "acs:oss:*:*:mybucket/*"
        ]
      }
    ],
      "Version": "1"
  }
            """)
            .description("this is a policy test")
            .build());
    }
}
Content copied to clipboard
resources:
  # Create a new RAM Policy.
  default:
    type: random:integer
    properties:
      min: 10000
      max: 99999
  policy:
    type: alicloud:ram:Policy
    properties:
      policyName: tf-example-${default.result}
      policyDocument: |2
          {
            "Statement": [
              {
                "Action": [
                  "oss:ListObjects",
                  "oss:GetObject"
                ],
                "Effect": "Allow",
                "Resource": [
                  "acs:oss:*:*:mybucket",
                  "acs:oss:*:*:mybucket/*"
                ]
              }
            ],
              "Version": "1"
          }
      description: this is a policy test
Content copied to clipboard

Import

RAM Policy can be imported using the id, e.g.

$ pulumi import alicloud:ram/policy:Policy example <id>
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(description: Output<String>? = null, document: Output<String>? = null, force: Output<Boolean>? = null, name: Output<String>? = null, policyDocument: Output<String>? = null, policyName: Output<String>? = null, rotateStrategy: Output<String>? = null, statements: Output<List<PolicyStatementArgs>>? = null, tags: Output<Map<String, String>>? = null, version: Output<String>? = null)

Properties

Link copied to clipboard
val description: Output<String>? = null

The description of the policy. It can be 1 to 1024 characters in length.

Link copied to clipboard
val document: Output<String>? = null

Field document has been deprecated from provider version 1.114.0. New field policy_document instead.

Link copied to clipboard
val force: Output<Boolean>? = null

Specifies whether to force delete the Policy. Default value: false. Valid values:

Link copied to clipboard
val name: Output<String>? = null

Field name has been deprecated from provider version 1.114.0. New field policy_name instead.

Link copied to clipboard
val policyDocument: Output<String>? = null

The content of the policy. The maximum length is 6144 bytes.

Link copied to clipboard
val policyName: Output<String>? = null

The policy name. It can be 1 to 128 characters in length and can contain English letters, digits, and dashes (-).

Link copied to clipboard
val rotateStrategy: Output<String>? = null

The automatic rotation mechanism of policy versions can delete historical policy versions. The default value is None. Currently contains:

Link copied to clipboard
val statements: Output<List<PolicyStatementArgs>>? = null

Field statement has been deprecated from provider version 1.49.0. New field document instead. See statement below.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

The list of tags on the policy.

Link copied to clipboard
val version: Output<String>? = null

Field version has been deprecated from provider version 1.49.0. New field document instead. //////

Functions

Link copied to clipboard
open override fun toJava(): PolicyArgs