alicloud_accountalicloud_action_trailalicloud_cas_certificatealicloud_cms_monitor_hostalicloud_cs_kubernetes_clusteralicloud_cs_kubernetes_cluster_nodealicloud_ecs_auto_provisioning_groupalicloud_ecs_autoscaling_groupalicloud_ecs_diskalicloud_ecs_disk_metric_read_iopsalicloud_ecs_disk_metric_read_iops_dailyalicloud_ecs_disk_metric_read_iops_hourlyalicloud_ecs_disk_metric_write_iopsalicloud_ecs_disk_metric_write_iops_dailyalicloud_ecs_disk_metric_write_iops_hourlyalicloud_ecs_imagealicloud_ecs_instancealicloud_ecs_instance_metric_cpu_utilization_dailyalicloud_ecs_instance_metric_cpu_utilization_hourlyalicloud_ecs_key_pairalicloud_ecs_launch_templatealicloud_ecs_network_interfacealicloud_ecs_regionalicloud_ecs_security_groupalicloud_ecs_snapshotalicloud_ecs_zonealicloud_kms_keyalicloud_kms_secretalicloud_oss_bucketalicloud_ram_access_keyalicloud_ram_credential_reportalicloud_ram_groupalicloud_ram_password_policyalicloud_ram_policyalicloud_ram_rolealicloud_ram_security_preferencealicloud_ram_useralicloud_rds_backupalicloud_rds_databasealicloud_rds_instancealicloud_rds_instance_metric_connectionsalicloud_rds_instance_metric_connections_dailyalicloud_rds_instance_metric_cpu_utilizationalicloud_rds_instance_metric_cpu_utilization_dailyalicloud_rds_instance_metric_cpu_utilization_hourlyalicloud_security_center_field_statisticsalicloud_security_center_versionalicloud_slb_load_balanceralicloud_vpcalicloud_vpc_dhcp_options_setalicloud_vpc_eipalicloud_vpc_flow_logalicloud_vpc_nat_gatewayalicloud_vpc_network_aclalicloud_vpc_route_entryalicloud_vpc_route_tablealicloud_vpc_ssl_vpn_client_certalicloud_vpc_ssl_vpn_serveralicloud_vpc_vpn_connectionalicloud_vpc_vpn_customer_gatewayalicloud_vpc_vpn_gatewayalicloud_vpc_vswitch
Table: alicloud_ram_security_preference
Alibaba Cloud RAM users security preference provides better security to user.
Examples
Basic security preference info
select allow_user_to_change_password, allow_user_to_manage_access_keys, allow_user_to_manage_mfa_devices, allow_user_to_manage_public_keys, enable_save_mfa_ticket, login_session_durationfrom alicloud_ram_security_preference;Check if user have access to change password
select allow_user_to_change_passwordfrom alicloud_ram_security_preference;Check if user have access to manage public access key
select allow_user_to_manage_public_keysfrom alicloud_ram_security_preference;Get the log on session duration of User
select login_session_durationfrom alicloud_ram_security_preference;.inspect alicloud_ram_security_preference
Alibaba Cloud RAM Security Preference
| Name | Type | Description |
|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. |
| account_id | text | The Alicloud Account ID in which the resource is located. |
| allow_user_to_change_password | boolean | Indicates whether RAM users can change their passwords. |
| allow_user_to_manage_access_keys | boolean | Indicates whether RAM users can manage their AccessKey pairs. |
| allow_user_to_manage_mfa_devices | boolean | Indicates whether RAM users can manage their MFA devices. |
| allow_user_to_manage_public_keys | boolean | Indicates whether RAM users can manage their public keys. |
| enable_save_mfa_ticket | boolean | Indicates whether RAM users can save security codes for multi-factor authentication (MFA) during logon. Each security code is valid for seven days. |
| login_network_masks | jsonb | The subnet mask that indicates the IP addresses from which logon to the Alibaba Cloud Management Console is allowed. This parameter applies to password-based logon and single sign-on (SSO). However, this parameter does not apply to API calls that are authenticated based on AccessKey pairs. May be more than one CIDR range. If empty then login is allowed from any source. |
| login_session_duration | bigint | The validity period of a logon session of a RAM user. Unit: hours. |
| region | text | The Alicloud region in which the resource is located. |