ALIYUN::CloudSSO::AccessAssignment is used to assign access permissions on an account in your resource directory to a user or group by using an access configuration.
Syntax
{
"Type": "ALIYUN::CloudSSO::AccessAssignment",
"Properties": {
"DirectoryId": String,
"PrincipalId": String,
"TargetType": String,
"PrincipalType": String,
"AccessConfigurationId": String,
"TargetId": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
DirectoryId | String | Yes | No | The directory ID. | None. |
PrincipalId | String | Yes | No | The ID of the CloudSSO identity. | Valid values:
|
TargetType | String | Yes | No | The type of the task object. | Set the value to RD-Account. A value of RD-Account specifies accounts in your resource directory. |
PrincipalType | String | Yes | No | The type of the CloudSSO identity. | Valid values:
|
AccessConfigurationId | String | Yes | No | The ID of the access configuration. | None. |
TargetId | String | Yes | No | The ID of the task object. | None. |
Return values
Fn::GetAtt
None.