ALIYUN::POLARDB::AccountPrivilege类型用于授权普通账号访问PolarDB集群的某个数据库。一个账号可以关联一个或多个数据库。
语法
{
"Type": "ALIYUN::POLARDB::AccountPrivilege",
"Properties": {
"DBClusterId": String,
"AccountPrivilege": String,
"DBName": String,
"AccountName": String
}
}属性
| 属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
|---|---|---|---|---|---|
| DBClusterId | String | 是 | 否 | 集群ID。 | 无。 |
| AccountPrivilege | String | 是 | 否 | 账号权限。 | 取值: ReadWrite(读写)、ReadOnly(只读)、DMLOnly(只允许DML)、DDLOnly(只允许DDL)。AccountPrivilege的个数需要与DBName保持一致,且顺序对应。 |
| DBName | String | 是 | 否 | 设置要授权的数据库名。 | 支持同时对一个或多个数据库授权。多个数据库之间用英文逗号(,)隔开。 |
| AccountName | String | 是 | 否 | 账号名。 | 无。 |
返回值
Fn::GetAtt
无。
示例
JSON格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Resources": {
"AccountPrivilege": {
"Type": "ALIYUN::POLARDB::AccountPrivilege",
"Properties": {
"DBClusterId": {
"Ref": "DBClusterId"
},
"AccountPrivilege": {
"Ref": "AccountPrivilege"
},
"DBName": {
"Ref": "DBName"
},
"AccountName": {
"Ref": "AccountName"
}
}
}
},
"Parameters": {
"DBClusterId": {
"Type": "String",
"Description": "The ID of the ApsaraDB for POLARDB cluster to which a database account belongs."
},
"AccountPrivilege": {
"MinLength": 1,
"Type": "String",
"Description": "The permissions of the database account on the database. Valid values: ReadWrite: has read and write permissions on the database. ReadOnly: has the read-only permission on the database. DMLOnly: runs only data manipulation language (DML) statements. DDLOnly: runs only data definition language (DDL) statements.The number of account permissions specified by the AccountPrivilege parameter must be the same as that of database names specified by the DBName parameter. Each account permission must correspond to a database name in sequence. Separate multiple permissions with a comma (,)."
},
"DBName": {
"MinLength": 1,
"Type": "String",
"Description": "The name of the database whose access permissions are to be granted to the database account. You can grant access permissions on one or more databases to the database account.Separate multiple databases with a comma (,)."
},
"AccountName": {
"MinLength": 1,
"Type": "String",
"Description": "The name of the database account to be granted access permissions.",
"MaxLength": 16
}
}
}YAML格式
ROSTemplateFormatVersion: '2015-09-01'
Resources:
AccountPrivilege:
Type: ALIYUN::POLARDB::AccountPrivilege
Properties:
DBClusterId:
Ref: DBClusterId
AccountPrivilege:
Ref: AccountPrivilege
DBName:
Ref: DBName
AccountName:
Ref: AccountName
Parameters:
DBClusterId:
Type: String
Description: The ID of the ApsaraDB for POLARDB cluster to which a database account
belongs.
AccountPrivilege:
MinLength: 1
Type: String
Description: 'The permissions of the database account on the database. Valid values:
ReadWrite: has read and write permissions on the database. ReadOnly: has the
read-only permission on the database. DMLOnly: runs only data manipulation language
(DML) statements. DDLOnly: runs only data definition language (DDL) statements. The
number of account permissions specified by the AccountPrivilege parameter must
be the same as that of database names specified by the DBName parameter. Each
account permission must correspond to a database name in sequence.Separate multiple
permissions with a comma (,).'
DBName:
MinLength: 1
Type: String
Description: The name of the database whose access permissions are to be granted
to the database account. You can grant access permissions on one or more databases
to the database account. Separate multiple databases with a comma (,).
AccountName:
MinLength: 1
Type: String
Description: The name of the database account to be granted access permissions.
MaxLength: 16