AWS::Connect::SecurityProfile
Creates a security profile.
For information about security profiles, see Security Profiles in the Amazon Connect Administrator Guide. For a mapping of the API name and user interface name of the security profile permissions, see List of security profile permissions.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "Type" : "AWS::Connect::SecurityProfile", "Properties" : { "AllowedAccessControlHierarchyGroupId" :String, "AllowedAccessControlTags" :[ Tag, ... ], "Applications" :[ Application, ... ], "Description" :String, "HierarchyRestrictedResources" :[ String, ... ], "InstanceArn" :String, "Permissions" :[ String, ... ], "SecurityProfileName" :String, "TagRestrictedResources" :[ String, ... ], "Tags" :[ Tag, ... ]} }
YAML
Type: AWS::Connect::SecurityProfile Properties: AllowedAccessControlHierarchyGroupId:StringAllowedAccessControlTags:- TagApplications:- ApplicationDescription:StringHierarchyRestrictedResources:- StringInstanceArn:StringPermissions:- StringSecurityProfileName:StringTagRestrictedResources:- StringTags:- Tag
Properties
AllowedAccessControlHierarchyGroupId-
The identifier of the hierarchy group that a security profile uses to restrict access to resources in Amazon Connect.
Required: No
Type: String
Pattern:
^[a-zA-Z0-9-]+$Minimum:
0Maximum:
127Update requires: No interruption
-
The list of tags that a security profile uses to restrict access to resources in Amazon Connect.
Required: No
Type: Array of Tag
Maximum:
2Update requires: No interruption
ApplicationsProperty description not available.
Required: No
Type: Array of Application
Maximum:
10Update requires: No interruption
Description-
The description of the security profile.
Required: No
Type: String
Minimum:
0Maximum:
250Update requires: No interruption
HierarchyRestrictedResources-
The list of resources that a security profile applies hierarchy restrictions to in Amazon Connect. Following are acceptable ResourceNames:
User.Required: No
Type: Array of String
Maximum:
10Update requires: No interruption
InstanceArn-
The identifier of the Amazon Connect instance.
Required: Yes
Type: String
Pattern:
^arn:aws[-a-z0-9]*:connect:[-a-z0-9]*:[0-9]{12}:instance/[-a-zA-Z0-9]*$Update requires: Replacement
Permissions-
Permissions assigned to the security profile. For a list of valid permissions, see List of security profile permissions.
Required: No
Type: Array of String
Maximum:
500Update requires: No interruption
SecurityProfileName-
The name for the security profile.
Required: Yes
Type: String
Pattern:
^[ a-zA-Z0-9_@-]+$Minimum:
1Maximum:
127Update requires: Replacement
TagRestrictedResources-
The list of resources that a security profile applies tag restrictions to in Amazon Connect.
Required: No
Type: Array of String
Maximum:
10Update requires: No interruption
-
The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.
Required: No
Type: Array of Tag
Maximum:
50Update requires: No interruption
Return values
Ref
When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the name of the security profile. For example:
{ "Ref": "mySecurityProfileName" }
For more information about using the Ref function, see Ref.
Fn::GetAtt
The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.
For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.
LastModifiedRegion-
The AWS Region where this resource was last modified.
LastModifiedTime-
The timestamp when this resource was last modified.
SecurityProfileArn-
The Amazon Resource Name (ARN) of the security profile.
