ALIYUN::PVTZ::UserVpcAuthorization类型用于跨账号VPC授权。

语法

{
  "Type": "ALIYUN::PVTZ::UserVpcAuthorization",
  "Properties": {
    "AuthCode": String,
    "AuthChannel": String,
    "AuthorizedUserId": String,
    "AuthType": String,
    "IgnoreDeletionForbidden": Boolean
  }
}

属性

属性名称 类型 必须 允许更新 描述 约束
AuthCode String 验证码。 AuthChannel取值为AUTH_CODE或者不填时,AuthCode必选。
AuthChannel String 授权渠道。 取值:
  • AUTH_CODE(默认值):验证码授权,验证AuthCode输入的验证码是否正确。
  • RESOURCE_DIRECTORY:资源目录授权,验证AuthorizedUserId与当前阿里云账号是否存在资源目录授信。
AuthorizedUserId String 授权资源的所属阿里云账号ID。
AuthType String 授权类型。 取值为NORMAL,表示普通授权。
IgnoreDeletionForbidden Boolean 是否忽略删除保护。 取值:
  • true:忽略删除保护。
  • false:不忽略删除保护。

返回值

Fn::GetAtt

  • AuthorizedUserId:授权资源的所属阿里云账号ID。
  • AuthType:授权类型。

示例

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "AuthCode": {
      "Type": "String",
      "Description": "Verification code, if AuthChannel takes \"AUTH_CODE\" or is empty, it is mandatory.",
      "Default": "12****"
    },
    "AuthChannel": {
      "Type": "String",
      "Description": "Authorization channel. Valid values:\nAUTH_CODE: Verification code authorization, to verify whether the verification code passed in by AuthCode is correct.\nRESOURCE_DIRECTORY: Resource directory authorization, verify whether the AuthorizedUserId and the current account have resource directory credit. When it is empty, it is the same as AUTH_CODE, that is, verification code authorization.",
      "Default": "AUTH_CODE"
    },
    "AuthorizedUserId": {
      "Type": "String",
      "Description": "The account ID of the user who authorizes the resource.",
      "Default": "11122****"
    },
    "AuthType": {
      "Type": "String",
      "Description": "Authorization type.",
      "Default": "NORMAL"
    }
  },
  "Resources": {
    "UserVpcAuthorization": {
      "Type": "ALIYUN::PVTZ::UserVpcAuthorization",
      "Properties": {
        "AuthCode": {
          "Ref": "AuthCode"
        },
        "AuthChannel": {
          "Ref": "AuthChannel"
        },
        "AuthorizedUserId": {
          "Ref": "AuthorizedUserId"
        },
        "AuthType": {
          "Ref": "AuthType"
        }
      }
    }
  },
  "Outputs": {
    "AuthorizedUserId": {
      "Description": "The account ID of the user who authorizes the resource.",
      "Value": {
        "Fn::GetAtt": [
          "UserVpcAuthorization",
          "AuthorizedUserId"
        ]
      }
    },
    "AuthType": {
      "Description": "Authorization type.",
      "Value": {
        "Fn::GetAtt": [
          "UserVpcAuthorization",
          "AuthType"
        ]
      }
    }
  }
}