ALIYUN::PVTZ::UserVpcAuthorization is used to associate Virtual Private Clouds (VPCs) across accounts.

Syntax

{
  "Type": "ALIYUN::PVTZ::UserVpcAuthorization",
  "Properties": {
    "AuthCode": String,
    "AuthChannel": String,
    "AuthorizedUserId": String,
    "AuthType": String
  }
}

Properties

Property Type Required Editable Description Constraint
AuthCode String No No The verification code. AuthCode is required if AuthChannel is set to AUTH_CODE or left empty.
AuthChannel String No No The authorization channel. Default value: AUTH_CODE. Valid values:
  • AUTH_CODE: An authorization code can be used to associate VPCs across accounts. The system grants permissions to associate VPCs across accounts by checking whether the authorization code specified by AuthCode is correct.
  • RESOURCE_DIRECTORY: A resource directory can be used to associate VPCs across accounts. The system grants permissions to associate VPCs across accounts by checking whether the account that is specified by AuthorizedUserId and the current account are in the same resource directory.
AuthorizedUserId String Yes No The ID of the Alibaba Cloud account to which you want to grant permissions. None
AuthType String No No The authorization type. Set the value to NORMAL, which means that only regular permissions are granted.

Response parameters

Fn::GetAtt

  • AuthorizedUserId: the ID of the Alibaba Cloud account to which you want to grant permissions.
  • AuthType: the authorization type.

Examples

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "AuthCode": {
      "Type": "String",
      "Description": "Verification code, if AuthChannel takes \"AUTH_CODE\" or is empty, it is mandatory.",
      "Default": "12****"
    },
    "AuthChannel": {
      "Type": "String",
      "Description": "Authorization channel. Valid values:\nAUTH_CODE: Verification code authorization, to verify whether the verification code passed in by AuthCode is correct.\nRESOURCE_DIRECTORY: Resource directory authorization, verify whether the AuthorizedUserId and the current account have resource directory credit. When it is empty, it is the same as AUTH_CODE, that is, verification code authorization.",
      "Default": "AUTH_CODE"
    },
    "AuthorizedUserId": {
      "Type": "String",
      "Description": "The account ID of the user who authorizes the resource.",
      "Default": "11122****"
    },
    "AuthType": {
      "Type": "String",
      "Description": "Authorization type.",
      "Default": "NORMAL"
    }
  },
  "Resources": {
    "UserVpcAuthorization": {
      "Type": "ALIYUN::PVTZ::UserVpcAuthorization",
      "Properties": {
        "AuthCode": {
          "Ref": "AuthCode"
        },
        "AuthChannel": {
          "Ref": "AuthChannel"
        },
        "AuthorizedUserId": {
          "Ref": "AuthorizedUserId"
        },
        "AuthType": {
          "Ref": "AuthType"
        }
      }
    }
  },
  "Outputs": {
    "AuthorizedUserId": {
      "Description": "The account ID of the user who authorizes the resource.",
      "Value": {
        "Fn::GetAtt": [
          "UserVpcAuthorization",
          "AuthorizedUserId"
        ]
      }
    },
    "AuthType": {
      "Description": "Authorization type.",
      "Value": {
        "Fn::GetAtt": [
          "UserVpcAuthorization",
          "AuthType"
        ]
      }
    }
  }
}