ALIYUN::CloudSSO::AccessAssignment

语法

{
  "Type": "ALIYUN::CloudSSO::AccessAssignment",
  "Properties": {
    "DirectoryId": String,
    "PrincipalId": String,
    "TargetType": String,
    "PrincipalType": String,
    "AccessConfigurationId": String,
    "TargetId": String
  }
}

属性

返回值

Fn::GetAtt

无

示例

• YAML格式

  ROSTemplateFormatVersion: '2015-09-01'
  Parameters:
    AccessConfigurationId:
      Description:
        en: The ID of the access configuration.
      Required: true
      Type: String
    DirectoryId:
      Description:
        en: The ID of the directory.
      Required: true
      Type: String
    PrincipalId:
      Description:
        en: 'The ID of the CloudSSO identity.
          - If you set PrincipalType to User, set PrincipalId to the ID of the CloudSSO
          user.
          - If you set PrincipalType to Group, set PrincipalId to the ID of the CloudSSO
          group.'
      Required: true
      Type: String
    PrincipalType:
      AllowedValues:
      - User
      - Group
      Description:
        en: 'The type of the CloudSSO identity. Valid values: User, Group'
      Required: true
      Type: String
    TargetId:
      Description:
        en: The ID of the task object.
      Required: true
      Type: String
    TargetType:
      AllowedValues:
      - RD-Account
      Description:
        en: The type of the task object. Set the value to RD-Account, which specifies
          the accounts in the resource directory.
      Required: true
      Type: String
  Resources:
    AccessAssignment:
      Properties:
        AccessConfigurationId:
          Ref: AccessConfigurationId
        DirectoryId:
          Ref: DirectoryId
        PrincipalId:
          Ref: PrincipalId
        PrincipalType:
          Ref: PrincipalType
        TargetId:
          Ref: TargetId
        TargetType:
          Ref: TargetType
      Type: ALIYUN::CloudSSO::AccessAssignment                  

• JSON格式

  {
    "ROSTemplateFormatVersion": "2015-09-01",
    "Parameters": {
      "DirectoryId": {
        "Type": "String",
        "Description": {
          "en": "The ID of the directory."
        },
        "Required": true
      },
      "PrincipalId": {
        "Type": "String",
        "Description": {
          "en": "The ID of the CloudSSO identity.\n- If you set PrincipalType to User, set PrincipalId to the ID of the CloudSSO user.\n- If you set PrincipalType to Group, set PrincipalId to the ID of the CloudSSO group."
        },
        "Required": true
      },
      "TargetType": {
        "Type": "String",
        "Description": {
          "en": "The type of the task object. Set the value to RD-Account, which specifies the accounts in the resource directory."
        },
        "AllowedValues": [
          "RD-Account"
        ],
        "Required": true
      },
      "PrincipalType": {
        "Type": "String",
        "Description": {
          "en": "The type of the CloudSSO identity. Valid values: User, Group"
        },
        "AllowedValues": [
          "User",
          "Group"
        ],
        "Required": true
      },
      "AccessConfigurationId": {
        "Type": "String",
        "Description": {
          "en": "The ID of the access configuration."
        },
        "Required": true
      },
      "TargetId": {
        "Type": "String",
        "Description": {
          "en": "The ID of the task object."
        },
        "Required": true
      }
    },
    "Resources": {
      "AccessAssignment": {
        "Type": "ALIYUN::CloudSSO::AccessAssignment",
        "Properties": {
          "DirectoryId": {
            "Ref": "DirectoryId"
          },
          "PrincipalId": {
            "Ref": "PrincipalId"
          },
          "TargetType": {
            "Ref": "TargetType"
          },
          "PrincipalType": {
            "Ref": "PrincipalType"
          },
          "AccessConfigurationId": {
            "Ref": "AccessConfigurationId"
          },
          "TargetId": {
            "Ref": "TargetId"
          }
        }
      }
    }
  }