AWS::DataZone::PolicyGrant - AWS CloudFormation
SyntaxPropertiesReturn values

This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.

AWS::DataZone::PolicyGrant

Adds a policy grant (an authorization policy) to a specified entity, including domain units, environment blueprint configurations, or environment profiles.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::DataZone::PolicyGrant",
  "Properties" : {
      "Detail" : PolicyGrantDetail,
      "DomainIdentifier" : String,
      "EntityIdentifier" : String,
      "EntityType" : String,
      "PolicyType" : String,
      "Principal" : PolicyGrantPrincipal
    }
}

YAML

Type: AWS::DataZone::PolicyGrant
Properties:
  Detail: 
    PolicyGrantDetail
  DomainIdentifier: String
  EntityIdentifier: String
  EntityType: String
  PolicyType: String
  Principal: 
    PolicyGrantPrincipal

Properties

Detail

The details of the policy grant member.

Required: No

Type: PolicyGrantDetail

Update requires: Replacement

DomainIdentifier

The ID of the domain where you want to add a policy grant.

Required: Yes

Type: String

Pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$

Update requires: Replacement

EntityIdentifier

The ID of the entity (resource) to which you want to add a policy grant.

Required: Yes

Type: String

Update requires: Replacement

EntityType

The type of entity (resource) to which the grant is added.

Required: Yes

Type: String

Allowed values: DomainUnit | EnvironmentBlueprintConfiguration | EnvironmentProfile | DOMAIN_UNIT | ENVIRONMENT_BLUEPRINT_CONFIGURATION | ENVIRONMENT_PROFILE | ASSET_TYPE

Update requires: Replacement

PolicyType

The type of policy that you want to grant.

Required: Yes

Type: String

Update requires: Replacement

Principal

The principal of the policy grant member.

Required: No

Type: PolicyGrantPrincipal

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the policy grant ID.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

CreatedAt

Specifies the timestamp at which policy grant member was created.

CreatedBy

Specifies the user who created the policy grant member.