This is the new AWS CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::DataZone::PolicyGrant
Adds a policy grant (an authorization policy) to a specified entity, including domain units, environment blueprint configurations, or environment profiles.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::DataZone::PolicyGrant", "Properties" : { "Detail" :PolicyGrantDetail, "DomainIdentifier" :String, "EntityIdentifier" :String, "EntityType" :String, "PolicyType" :String, "Principal" :PolicyGrantPrincipal} }
YAML
Type: AWS::DataZone::PolicyGrant Properties: Detail:PolicyGrantDetailDomainIdentifier:StringEntityIdentifier:StringEntityType:StringPolicyType:StringPrincipal:PolicyGrantPrincipal
Properties
- Detail
- 
                    The details of the policy grant member. Required: No Type: PolicyGrantDetail Update requires: Replacement 
- DomainIdentifier
- 
                    The ID of the domain where you want to add a policy grant. Required: Yes Type: String Pattern: ^dzd[-_][a-zA-Z0-9_-]{1,36}$Update requires: Replacement 
- EntityIdentifier
- 
                    The ID of the entity (resource) to which you want to add a policy grant. Required: Yes Type: String Update requires: Replacement 
- EntityType
- 
                    The type of entity (resource) to which the grant is added. Required: Yes Type: String Allowed values: DOMAIN_UNIT | ENVIRONMENT_BLUEPRINT_CONFIGURATION | ENVIRONMENT_PROFILE | ASSET_TYPEUpdate requires: Replacement 
- PolicyType
- 
                    The type of policy that you want to grant. Required: Yes Type: String Allowed values: CREATE_DOMAIN_UNIT | OVERRIDE_DOMAIN_UNIT_OWNERS | ADD_TO_PROJECT_MEMBER_POOL | OVERRIDE_PROJECT_OWNERS | CREATE_GLOSSARY | CREATE_FORM_TYPE | CREATE_ASSET_TYPE | CREATE_PROJECT | CREATE_ENVIRONMENT_PROFILE | DELEGATE_CREATE_ENVIRONMENT_PROFILE | CREATE_ENVIRONMENT | CREATE_ENVIRONMENT_FROM_BLUEPRINT | CREATE_PROJECT_FROM_PROJECT_PROFILEUpdate requires: Replacement 
- Principal
- 
                    The principal of the policy grant member. Required: No Type: PolicyGrantPrincipal Update requires: Replacement 
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the policy grant ID.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
- CreatedAt
- 
                            Specifies the timestamp at which policy grant member was created. 
- CreatedBy
- 
                            Specifies the user who created the policy grant member.