AWS::DataZone::PolicyGrant - AWS CloudFormation
SyntaxPropertiesReturn values

This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::DataZone::PolicyGrant

Adds a policy grant (an authorization policy) to a specified entity, including domain units, environment blueprint configurations, or environment profiles.

Syntax

To declare this entity in your CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::DataZone::PolicyGrant",
  "Properties" : {
      "Detail" : PolicyGrantDetail,
      "DomainIdentifier" : String,
      "EntityIdentifier" : String,
      "EntityType" : String,
      "PolicyType" : String,
      "Principal" : PolicyGrantPrincipal
    }
}

YAML

Type: AWS::DataZone::PolicyGrant
Properties:
  Detail: 
    PolicyGrantDetail
  DomainIdentifier: String
  EntityIdentifier: String
  EntityType: String
  PolicyType: String
  Principal: 
    PolicyGrantPrincipal

Properties

Detail

The details of the policy grant member.

Required: No

Type: PolicyGrantDetail

Update requires: Replacement

DomainIdentifier

The ID of the domain where you want to add a policy grant.

Required: Yes

Type: String

Pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$

Update requires: Replacement

EntityIdentifier

The ID of the entity (resource) to which you want to add a policy grant.

Required: Yes

Type: String

Update requires: Replacement

EntityType

The type of entity (resource) to which the grant is added.

Required: Yes

Type: String

Allowed values: DOMAIN_UNIT | ENVIRONMENT_BLUEPRINT_CONFIGURATION | ENVIRONMENT_PROFILE | ASSET_TYPE

Update requires: Replacement

PolicyType

The type of policy that you want to grant.

Required: Yes

Type: String

Allowed values: CREATE_DOMAIN_UNIT | OVERRIDE_DOMAIN_UNIT_OWNERS | ADD_TO_PROJECT_MEMBER_POOL | OVERRIDE_PROJECT_OWNERS | CREATE_GLOSSARY | CREATE_FORM_TYPE | CREATE_ASSET_TYPE | CREATE_PROJECT | CREATE_ENVIRONMENT_PROFILE | DELEGATE_CREATE_ENVIRONMENT_PROFILE | CREATE_ENVIRONMENT | CREATE_ENVIRONMENT_FROM_BLUEPRINT | CREATE_PROJECT_FROM_PROJECT_PROFILE

Update requires: Replacement

Principal

The principal of the policy grant member.

Required: No

Type: PolicyGrantPrincipal

Update requires: Replacement

Return values

Ref

Fn::GetAtt

CreatedAt

Specifies the timestamp at which policy grant member was created.

CreatedBy

Specifies the user who created the policy grant member.

GrantId

The ID of the policy grant.