ALIYUN::CloudSSO::UserProvision is used to create a Resource Access Management (RAM) user provisioning.
Syntax
{
"Type": "ALIYUN::CloudSSO::UserProvision",
"Properties": {
"Description": String,
"DirectoryId": String,
"PrincipalId": String,
"TargetType": String,
"DuplicationStrategy": String,
"DeletionStrategy": String,
"PrincipalType": String,
"TargetId": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
Description | String | No | Yes | The description. | None. |
DirectoryId | String | Yes | No | The directory ID. | None. |
PrincipalId | String | Yes | No | The identity ID of the RAM user provisioning. | Valid values:
|
TargetType | String | Yes | No | The object for which you want to create the RAM user provisioning. | Set the value to |
DuplicationStrategy | String | Yes | Yes | The conflict handling policy. | The policy is used when an existing RAM user has the same username as the CloudSSO user that is synchronized to RAM. Valid values:
|
DeletionStrategy | String | Yes | Yes | The deletion policy. | You can use this policy to determine whether to delete the synchronized RAM users when you delete the RAM user provisioning. Valid values:
|
PrincipalType | String | Yes | No | The identity type of the RAM user provisioning. | Valid values:
|
TargetId | String | Yes | No | The ID of the object for which you want to create the RAM user provisioning. | The value must be the ID of an account in your resource directory. |
Return values
Fn::GetAtt
UserProvisionId: the ID of the RAM user provisioning.