ALIYUN::PVTZ::UserVpcAuthorization is used to associate virtual private clouds (VPCs) across accounts.

Syntax

{
  "Type": "ALIYUN::PVTZ::UserVpcAuthorization",
  "Properties": {
    "AuthCode": String,
    "AuthChannel": String,
    "AuthorizedUserId": String,
    "AuthType": String,
    "IgnoreDeletionForbidden": Boolean
  }
}

Properties

Property Type Required Editable Description Constraint
AuthCode String No No The verification code. This property is required when the AuthChannel property is set to AUTH_CODE or left empty.
AuthChannel String No No The authorization channel. Default value: AUTH_CODE. Valid values:
  • AUTH_CODE: An authorization code is used to associate VPCs across accounts. The system checks whether the authorization code specified by AuthCode is correct.
  • RESOURCE_DIRECTORY: A resource directory is used to associate VPCs across accounts. The system checks whether the account that is specified by the AuthorizedUserId property and the current Alibaba Cloud account are in the same resource directory.
AuthorizedUserId String Yes No The ID of the Alibaba Cloud account to which you want to grant permissions. None
AuthType String No No The authorization type. Set the value to NORMAL. The value specifies that only regular permissions are granted.
IgnoreDeletionForbidden Boolean No Yes Indicates whether to ignore deletion protection. Valid values:
  • true
  • false

Return values

Fn::GetAtt

  • AuthorizedUserId: the ID of the Alibaba Cloud account to which you want to grant permissions.
  • AuthType: the authorization type.

Examples

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "AuthCode": {
      "Type": "String",
      "Description": "Verification code, if AuthChannel takes \"AUTH_CODE\" or is empty, it is mandatory.",
      "Default": "12****"
    }
    "AuthChannel": {
      "Type": "String",
      "Description": "Authorization channel. Valid values:\nAUTH_CODE: Verification code authorization, to verify whether the verification code passed in by AuthCode is correct.\nRESOURCE_DIRECTORY: Resource directory authorization, verify whether the AuthorizedUserId and the current account have resource directory credit. When it is empty, it is the same as AUTH_CODE, that is, verification code authorization.",
      "Default": "AUTH_CODE"
    },
    "AuthorizedUserId": {
      "Type": "String",
      "Description": "The account ID of the user who authorizes the resource.",
      "Default": "11122****"
    },
    "AuthType": {
      "Type": "String",
      "Description": "Authorization type.",
      "Default": "NORMAL"
    }
  },
  "Resources": {
    "UserVpcAuthorization": {
      "Type": "ALIYUN::PVTZ::UserVpcAuthorization",
      "Properties": {
        "AuthCode": {
          "Ref": "AuthCode"
        },
        "AuthChannel": {
          "Ref": "AuthChannel"
        },
        "AuthorizedUserId": { 
          "Ref": "AuthorizedUserId"
        },
        "AuthType": {
          "Ref": "AuthType"
        }
      }
    }
  },
  "Outputs": {
    "AuthorizedUserId": {
      "Description": "The account ID of the user who authorizes the resource.",
      "Value": {
        "Fn::GetAtt": [
          "UserVpcAuthorization",
          "AuthorizedUserId"
        ]
      }
    },
    "AuthType": {
      "Description": "Authorization type.",
      "Value": {
        "Fn::GetAtt": [
          "UserVpcAuthorization",
          "AuthType"
        ]
      }
    }
  }
}