AWS::GlobalAccelerator::CrossAccountAttachment - Amazon CloudFormation
SyntaxPropertiesReturn values
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::GlobalAccelerator::CrossAccountAttachment

Create a cross-account attachment in Amazon Global Accelerator. You create a cross-account attachment to specify the principals who have permission to work with resources in accelerators in their own account. You specify, in the same attachment, the resources that are shared.

A principal can be an Amazon account number or the Amazon Resource Name (ARN) for an accelerator. For account numbers that are listed as principals, to work with a resource listed in the attachment, you must sign in to an account specified as a principal. Then, you can work with resources that are listed, with any of your accelerators. If an accelerator ARN is listed in the cross-account attachment as a principal, anyone with permission to make updates to the accelerator can work with resources that are listed in the attachment.

Specify each principal and resource separately. To specify two CIDR address pools, list them individually under Resources, and so on. For a command line operation, for example, you might use a statement like the following:

"Resources": [{"Cidr": "169.254.60.0/24"},{"Cidr": "169.254.59.0/24"}]

For more information, see Working with cross-account attachments and resources in Amazon Global Accelerator in the Amazon Global Accelerator Developer Guide.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::GlobalAccelerator::CrossAccountAttachment",
  "Properties" : {
      "Name" : String,
      "Principals" : [ String, ... ],
      "Resources" : [ Resource, ... ],
      "Tags" : [ Tag, ... ]
    }
}

YAML

Type: AWS::GlobalAccelerator::CrossAccountAttachment
Properties:
  Name: String
  Principals: 
    - String
  Resources: 
    - Resource
  Tags: 
    - Tag

Properties

Name

The name of the cross-account attachment.

Required: Yes

Type: String

Pattern: ^[a-zA-Z0-9_-]{0,64}$

Minimum: 1

Maximum: 64

Update requires: No interruption

Principals

The principals included in the cross-account attachment.

Required: No

Type: Array of String

Update requires: No interruption

Resources

The resources included in the cross-account attachment.

Required: No

Type: Array of Resource

Update requires: No interruption

Tags

Add tags for a cross-account attachment.

For more information, see Tagging in Amazon Global Accelerator in the Amazon Global Accelerator Developer Guide.

Required: No

Type: Array of Tag

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the Amazon Resource Name (ARN) of the cross-account attachment.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

AttachmentArn

The Amazon Resource Name (ARN) of the cross-account attachment.