AWS::VpcLattice::AuthPolicy
Creates or updates the auth policy. The policy string in JSON must not contain newlines or blank lines.
For more information, see Auth policies in the Amazon VPC Lattice User Guide.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::VpcLattice::AuthPolicy", "Properties" : { "Policy" :Json, "ResourceIdentifier" :String} }
YAML
Type: AWS::VpcLattice::AuthPolicy Properties: Policy:JsonResourceIdentifier:String
Properties
Policy-
The auth policy.
Required: Yes
Type: Json
Update requires: No interruption
ResourceIdentifier-
The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.
Required: Yes
Type: String
Pattern:
^((((sn)|(svc))-[0-9a-z]{17})|(arn(:[a-z0-9]+([.-][a-z0-9]+)*){2}(:([a-z0-9]+([.-][a-z0-9]+)*)?){2}:((servicenetwork/sn)|(service/svc))-[0-9a-z]{17}))$Minimum:
17Maximum:
200Update requires: Replacement
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the Amazon Resource Name (ARN) of the auth policy.
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
State-
The state of the auth policy. The auth policy is only active when the auth type is set to
AWS_IAM. If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the auth type isNONE, then any auth policy you provide will remain inactive.
