1. Packages
  2. Alibaba Cloud Provider
  3. API Docs
  4. ram
  5. SecurityPreference
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

alicloud.ram.SecurityPreference

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi

    Provides a RAM Security Preference resource.

    For information about RAM Security Preference and how to use it, see What is Security Preference.

    NOTE: Available since v1.152.0.

    Example Usage

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    
    const example = new alicloud.ram.SecurityPreference("example", {
        enableSaveMfaTicket: false,
        allowUserToChangePassword: true,
    });
    
    import pulumi
    import pulumi_alicloud as alicloud
    
    example = alicloud.ram.SecurityPreference("example",
        enable_save_mfa_ticket=False,
        allow_user_to_change_password=True)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/ram"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := ram.NewSecurityPreference(ctx, "example", &ram.SecurityPreferenceArgs{
    			EnableSaveMfaTicket:       pulumi.Bool(false),
    			AllowUserToChangePassword: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new AliCloud.Ram.SecurityPreference("example", new()
        {
            EnableSaveMfaTicket = false,
            AllowUserToChangePassword = true,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.alicloud.ram.SecurityPreference;
    import com.pulumi.alicloud.ram.SecurityPreferenceArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new SecurityPreference("example", SecurityPreferenceArgs.builder()
                .enableSaveMfaTicket(false)
                .allowUserToChangePassword(true)
                .build());
    
        }
    }
    
    resources:
      example:
        type: alicloud:ram:SecurityPreference
        properties:
          enableSaveMfaTicket: false
          allowUserToChangePassword: true
    

    Create SecurityPreference Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecurityPreference(name: string, args?: SecurityPreferenceArgs, opts?: CustomResourceOptions);
    @overload
    def SecurityPreference(resource_name: str,
                           args: Optional[SecurityPreferenceArgs] = None,
                           opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecurityPreference(resource_name: str,
                           opts: Optional[ResourceOptions] = None,
                           allow_user_to_change_password: Optional[bool] = None,
                           allow_user_to_manage_access_keys: Optional[bool] = None,
                           allow_user_to_manage_mfa_devices: Optional[bool] = None,
                           enable_save_mfa_ticket: Optional[bool] = None,
                           enforce_mfa_for_login: Optional[bool] = None,
                           login_network_masks: Optional[str] = None,
                           login_session_duration: Optional[int] = None)
    func NewSecurityPreference(ctx *Context, name string, args *SecurityPreferenceArgs, opts ...ResourceOption) (*SecurityPreference, error)
    public SecurityPreference(string name, SecurityPreferenceArgs? args = null, CustomResourceOptions? opts = null)
    public SecurityPreference(String name, SecurityPreferenceArgs args)
    public SecurityPreference(String name, SecurityPreferenceArgs args, CustomResourceOptions options)
    
    type: alicloud:ram:SecurityPreference
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecurityPreferenceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecurityPreferenceArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecurityPreferenceArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecurityPreferenceArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecurityPreferenceArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var securityPreferenceResource = new AliCloud.Ram.SecurityPreference("securityPreferenceResource", new()
    {
        AllowUserToChangePassword = false,
        AllowUserToManageAccessKeys = false,
        AllowUserToManageMfaDevices = false,
        EnableSaveMfaTicket = false,
        EnforceMfaForLogin = false,
        LoginNetworkMasks = "string",
        LoginSessionDuration = 0,
    });
    
    example, err := ram.NewSecurityPreference(ctx, "securityPreferenceResource", &ram.SecurityPreferenceArgs{
    	AllowUserToChangePassword:   pulumi.Bool(false),
    	AllowUserToManageAccessKeys: pulumi.Bool(false),
    	AllowUserToManageMfaDevices: pulumi.Bool(false),
    	EnableSaveMfaTicket:         pulumi.Bool(false),
    	EnforceMfaForLogin:          pulumi.Bool(false),
    	LoginNetworkMasks:           pulumi.String("string"),
    	LoginSessionDuration:        pulumi.Int(0),
    })
    
    var securityPreferenceResource = new SecurityPreference("securityPreferenceResource", SecurityPreferenceArgs.builder()
        .allowUserToChangePassword(false)
        .allowUserToManageAccessKeys(false)
        .allowUserToManageMfaDevices(false)
        .enableSaveMfaTicket(false)
        .enforceMfaForLogin(false)
        .loginNetworkMasks("string")
        .loginSessionDuration(0)
        .build());
    
    security_preference_resource = alicloud.ram.SecurityPreference("securityPreferenceResource",
        allow_user_to_change_password=False,
        allow_user_to_manage_access_keys=False,
        allow_user_to_manage_mfa_devices=False,
        enable_save_mfa_ticket=False,
        enforce_mfa_for_login=False,
        login_network_masks="string",
        login_session_duration=0)
    
    const securityPreferenceResource = new alicloud.ram.SecurityPreference("securityPreferenceResource", {
        allowUserToChangePassword: false,
        allowUserToManageAccessKeys: false,
        allowUserToManageMfaDevices: false,
        enableSaveMfaTicket: false,
        enforceMfaForLogin: false,
        loginNetworkMasks: "string",
        loginSessionDuration: 0,
    });
    
    type: alicloud:ram:SecurityPreference
    properties:
        allowUserToChangePassword: false
        allowUserToManageAccessKeys: false
        allowUserToManageMfaDevices: false
        enableSaveMfaTicket: false
        enforceMfaForLogin: false
        loginNetworkMasks: string
        loginSessionDuration: 0
    

    SecurityPreference Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The SecurityPreference resource accepts the following input properties:

    AllowUserToChangePassword bool
    Specifies whether RAM users can change their passwords. Valid values: true and false
    AllowUserToManageAccessKeys bool
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    AllowUserToManageMfaDevices bool
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    EnableSaveMfaTicket bool
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    EnforceMfaForLogin bool
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    LoginNetworkMasks string
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    LoginSessionDuration int
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    AllowUserToChangePassword bool
    Specifies whether RAM users can change their passwords. Valid values: true and false
    AllowUserToManageAccessKeys bool
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    AllowUserToManageMfaDevices bool
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    EnableSaveMfaTicket bool
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    EnforceMfaForLogin bool
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    LoginNetworkMasks string
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    LoginSessionDuration int
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allowUserToChangePassword Boolean
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allowUserToManageAccessKeys Boolean
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allowUserToManageMfaDevices Boolean
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enableSaveMfaTicket Boolean
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforceMfaForLogin Boolean
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    loginNetworkMasks String
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    loginSessionDuration Integer
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allowUserToChangePassword boolean
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allowUserToManageAccessKeys boolean
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allowUserToManageMfaDevices boolean
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enableSaveMfaTicket boolean
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforceMfaForLogin boolean
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    loginNetworkMasks string
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    loginSessionDuration number
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allow_user_to_change_password bool
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allow_user_to_manage_access_keys bool
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allow_user_to_manage_mfa_devices bool
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enable_save_mfa_ticket bool
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforce_mfa_for_login bool
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    login_network_masks str
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    login_session_duration int
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allowUserToChangePassword Boolean
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allowUserToManageAccessKeys Boolean
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allowUserToManageMfaDevices Boolean
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enableSaveMfaTicket Boolean
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforceMfaForLogin Boolean
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    loginNetworkMasks String
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    loginSessionDuration Number
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecurityPreference resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing SecurityPreference Resource

    Get an existing SecurityPreference resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecurityPreferenceState, opts?: CustomResourceOptions): SecurityPreference
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            allow_user_to_change_password: Optional[bool] = None,
            allow_user_to_manage_access_keys: Optional[bool] = None,
            allow_user_to_manage_mfa_devices: Optional[bool] = None,
            enable_save_mfa_ticket: Optional[bool] = None,
            enforce_mfa_for_login: Optional[bool] = None,
            login_network_masks: Optional[str] = None,
            login_session_duration: Optional[int] = None) -> SecurityPreference
    func GetSecurityPreference(ctx *Context, name string, id IDInput, state *SecurityPreferenceState, opts ...ResourceOption) (*SecurityPreference, error)
    public static SecurityPreference Get(string name, Input<string> id, SecurityPreferenceState? state, CustomResourceOptions? opts = null)
    public static SecurityPreference get(String name, Output<String> id, SecurityPreferenceState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AllowUserToChangePassword bool
    Specifies whether RAM users can change their passwords. Valid values: true and false
    AllowUserToManageAccessKeys bool
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    AllowUserToManageMfaDevices bool
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    EnableSaveMfaTicket bool
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    EnforceMfaForLogin bool
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    LoginNetworkMasks string
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    LoginSessionDuration int
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    AllowUserToChangePassword bool
    Specifies whether RAM users can change their passwords. Valid values: true and false
    AllowUserToManageAccessKeys bool
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    AllowUserToManageMfaDevices bool
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    EnableSaveMfaTicket bool
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    EnforceMfaForLogin bool
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    LoginNetworkMasks string
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    LoginSessionDuration int
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allowUserToChangePassword Boolean
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allowUserToManageAccessKeys Boolean
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allowUserToManageMfaDevices Boolean
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enableSaveMfaTicket Boolean
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforceMfaForLogin Boolean
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    loginNetworkMasks String
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    loginSessionDuration Integer
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allowUserToChangePassword boolean
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allowUserToManageAccessKeys boolean
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allowUserToManageMfaDevices boolean
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enableSaveMfaTicket boolean
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforceMfaForLogin boolean
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    loginNetworkMasks string
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    loginSessionDuration number
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allow_user_to_change_password bool
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allow_user_to_manage_access_keys bool
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allow_user_to_manage_mfa_devices bool
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enable_save_mfa_ticket bool
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforce_mfa_for_login bool
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    login_network_masks str
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    login_session_duration int
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.
    allowUserToChangePassword Boolean
    Specifies whether RAM users can change their passwords. Valid values: true and false
    allowUserToManageAccessKeys Boolean
    Specifies whether RAM users can manage their AccessKey pairs. Valid values: true and false
    allowUserToManageMfaDevices Boolean
    Specifies whether RAM users can manage their MFA devices. Valid values: true and false
    enableSaveMfaTicket Boolean
    Specifies whether to remember the MFA devices for seven days. Valid values: true and false
    enforceMfaForLogin Boolean
    Specifies whether MFA is required for all RAM users when they log on to the Alibaba Cloud Management Console by using usernames and passwords. Valid values: true and false
    loginNetworkMasks String
    The subnet mask that specifies the IP addresses from which you can log on to the Alibaba Cloud Management Console. This parameter takes effect on password-based logon and single sign-on (SSO). However, this parameter does not take effect on API calls that are authenticated by using AccessKey pairs.NOTE: You can specify up to 25 subnet masks. The total length of the subnet masks can be a maximum of 512 characters.

    • If you specify a subnet mask, RAM users can use only the IP addresses in the subnet mask to log on to the Alibaba Cloud Management Console.
    • If you do not specify a subnet mask, RAM users can use all IP addresses to log on to the Alibaba Cloud Management Console.
    • If you need to specify multiple subnet masks, separate the subnet masks with semicolons (;). Example: 192.168.0.0/16;10.0.0.0/8.
    loginSessionDuration Number
    The validity period of the logon session of RAM users. Valid values: 6 to 24. Unit: hours. Default value: 6.

    Import

    RAM Security Preference can be imported using the id, e.g.

    $ pulumi import alicloud:ram/securityPreference:SecurityPreference example <id>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the alicloud Terraform Provider.
    alicloud logo
    Alibaba Cloud v3.66.0 published on Friday, Nov 15, 2024 by Pulumi