ALIYUN::POLARDB::AccountPrivilege is used to grant access permissions on one or more databases in a specified ApsaraDB for POLARDB cluster to a standard account.

Syntax

{
  "Type": "ALIYUN::POLARDB::AccountPrivilege",
  "Properties": {
    "DBClusterId": String,
    "AccountPrivilege": String,
    "DBName": String,
    "AccountName": String
  }
}

Properties

Name Type Required Editable Description Validity
DBClusterId String Yes No The ID of the cluster. None
AccountPrivilege String Yes No The permissions of the database account. Valid values: ReadWrite, ReadOnly, DMLOnly, and DDLOnly. The number of account permissions specified by the AccountPrivilege parameter must be the same as that of database names specified by the DBName parameter. Each account permission must correspond to a database name in sequence.
DBName String Yes No The name of the database whose access permissions are to be granted to the database account. You can grant access permissions on one or more databases to the database account. Separate multiple databases with commas (,).
AccountName String Yes No The name of the database account. None

Response parameters

Fn::GetAtt

None

Examples

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Resources": {
    "AccountPrivilege": {
      "Type": "ALIYUN::POLARDB::AccountPrivilege",
      "Properties": {
        "DBClusterId": {
          "Ref": "DBClusterId"
        },
        "AccountPrivilege": {
          "Ref": "AccountPrivilege"
        },
        "DBName": {
          "Ref": "DBName"
        },
        "AccountName": {
          "Ref": "AccountName"
        }
      }
    }
  },
  "Parameters": {
    "DBClusterId": {
      "Type": "String",
      "Description": "The ID of the ApsaraDB for POLARDB cluster to which a database account belongs."
    },
    "AccountPrivilege": {
      "MinLength": 1,
      "Type": "String",
      "Description": "The permissions of the database account on the database. Valid values: ReadWrite: has read and write permissions on the database. ReadOnly: has the read-only permission on the database. DMLOnly: runs only data manipulation language (DML) statements. DDLOnly: runs only data definition language (DDL) statements.The number of account permissions specified by the AccountPrivilege parameter must be the same as that of database names specified by the DBName parameter. Each account permission must correspond to a database name in sequence. Separate multiple permissions with a comma (,)."
    },
    "DBName": {
      "MinLength": 1,
      "Type": "String",
      "Description": "The name of the database whose access permissions are to be granted to the database account. You can grant access permissions on one or more databases to the database account. Separate multiple databases with a comma (,)."
    },
    "AccountName": {
      "MinLength": 1,
      "Type": "String",
      "Description": "The name of the database account to be granted access permissions.",
      "MaxLength": 16
    }
  }
}

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Resources:
  AccountPrivilege:
    Type: ALIYUN::POLARDB::AccountPrivilege
    Properties:
      DBClusterId:
        Ref: DBClusterId
      AccountPrivilege:
        Ref: AccountPrivilege
      DBName:
        Ref: DBName
      AccountName:
        Ref: AccountName
Parameters:
  DBClusterId:
    Type: String
    Description: The ID of the ApsaraDB for POLARDB cluster to which a database account
      belongs.
  AccountPrivilege:
    MinLength: 1
    Type: String
    Description: 'The permissions of the database account on the database. Valid values:
      ReadWrite: has read and write permissions on the database. ReadOnly: has the
      read-only permission on the database. DMLOnly: runs only data manipulation language
      (DML) statements. DDLOnly: runs only data definition language (DDL) statements. The
      number of account permissions specified by the AccountPrivilege parameter must
      be the same as that of database names specified by the DBName parameter. Each
      account permission must correspond to a database name in sequence.Separate multiple
      permissions with a comma (,).'
  DBName:
    MinLength: 1
    Type: String
    Description: The name of the database whose access permissions are to be granted
      to the database account. You can grant access permissions on one or more databases
      to the database account. Separate multiple databases with a comma (,).
  AccountName:
    MinLength: 1
    Type: String
    Description: The name of the database account to be granted access permissions.
    MaxLength: 16