Docs
Packagesalicloud.alb.SecurityPolicy
Explore with Pulumi AI
Provides a ALB Security Policy resource.
For information about ALB Security Policy and how to use it, see What is Security Policy.
NOTE: Available in v1.130.0+.
Example Usage
Basic Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "testAccSecurityPolicy";
var @default = new AliCloud.Alb.SecurityPolicy("default", new()
{
SecurityPolicyName = name,
TlsVersions = new[]
{
"TLSv1.0",
},
Ciphers = new[]
{
"ECDHE-ECDSA-AES128-SHA",
"AES256-SHA",
},
});
});
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/alb"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "testAccSecurityPolicy"
if param := cfg.Get("name"); param != "" {
name = param
}
_, err := alb.NewSecurityPolicy(ctx, "default", &alb.SecurityPolicyArgs{
SecurityPolicyName: pulumi.String(name),
TlsVersions: pulumi.StringArray{
pulumi.String("TLSv1.0"),
},
Ciphers: pulumi.StringArray{
pulumi.String("ECDHE-ECDSA-AES128-SHA"),
pulumi.String("AES256-SHA"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.alb.SecurityPolicy;
import com.pulumi.alicloud.alb.SecurityPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("testAccSecurityPolicy");
var default_ = new SecurityPolicy("default", SecurityPolicyArgs.builder()
.securityPolicyName(name)
.tlsVersions("TLSv1.0")
.ciphers(
"ECDHE-ECDSA-AES128-SHA",
"AES256-SHA")
.build());
}
}
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "testAccSecurityPolicy"
default = alicloud.alb.SecurityPolicy("default",
security_policy_name=name,
tls_versions=["TLSv1.0"],
ciphers=[
"ECDHE-ECDSA-AES128-SHA",
"AES256-SHA",
])
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "testAccSecurityPolicy";
const _default = new alicloud.alb.SecurityPolicy("default", {
securityPolicyName: name,
tlsVersions: ["TLSv1.0"],
ciphers: [
"ECDHE-ECDSA-AES128-SHA",
"AES256-SHA",
],
});
configuration:
name:
type: string
default: testAccSecurityPolicy
resources:
default:
type: alicloud:alb:SecurityPolicy
properties:
securityPolicyName: ${name}
tlsVersions:
- TLSv1.0
ciphers:
- ECDHE-ECDSA-AES128-SHA
- AES256-SHA
Create SecurityPolicy Resource
new SecurityPolicy(name: string, args: SecurityPolicyArgs, opts?: CustomResourceOptions);@overload
def SecurityPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
ciphers: Optional[Sequence[str]] = None,
dry_run: Optional[bool] = None,
resource_group_id: Optional[str] = None,
security_policy_name: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None,
tls_versions: Optional[Sequence[str]] = None)
@overload
def SecurityPolicy(resource_name: str,
args: SecurityPolicyArgs,
opts: Optional[ResourceOptions] = None)func NewSecurityPolicy(ctx *Context, name string, args SecurityPolicyArgs, opts ...ResourceOption) (*SecurityPolicy, error)public SecurityPolicy(string name, SecurityPolicyArgs args, CustomResourceOptions? opts = null)
public SecurityPolicy(String name, SecurityPolicyArgs args)
public SecurityPolicy(String name, SecurityPolicyArgs args, CustomResourceOptions options)
type: alicloud:alb:SecurityPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecurityPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecurityPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecurityPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecurityPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
SecurityPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The SecurityPolicy resource accepts the following input properties:
- Ciphers List<string>
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- Security
Policy stringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- Tls
Versions List<string> The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- Dry
Run bool The dry run.
- Resource
Group stringId The ID of the resource group.
- Dictionary<string, object>
A mapping of tags to assign to the resource.
- Ciphers []string
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- Security
Policy stringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- Tls
Versions []string The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- Dry
Run bool The dry run.
- Resource
Group stringId The ID of the resource group.
- map[string]interface{}
A mapping of tags to assign to the resource.
- ciphers List<String>
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- security
Policy StringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- tls
Versions List<String> The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- dry
Run Boolean The dry run.
- resource
Group StringId The ID of the resource group.
- Map<String,Object>
A mapping of tags to assign to the resource.
- ciphers string[]
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- security
Policy stringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- tls
Versions string[] The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- dry
Run boolean The dry run.
- resource
Group stringId The ID of the resource group.
- {[key: string]: any}
A mapping of tags to assign to the resource.
- ciphers Sequence[str]
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- security_
policy_ strname The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- tls_
versions Sequence[str] The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- dry_
run bool The dry run.
- resource_
group_ strid The ID of the resource group.
- Mapping[str, Any]
A mapping of tags to assign to the resource.
- ciphers List<String>
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- security
Policy StringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- tls
Versions List<String> The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- dry
Run Boolean The dry run.
- resource
Group StringId The ID of the resource group.
- Map<Any>
A mapping of tags to assign to the resource.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecurityPolicy resource produces the following output properties:
Look up Existing SecurityPolicy Resource
Get an existing SecurityPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecurityPolicyState, opts?: CustomResourceOptions): SecurityPolicy@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
ciphers: Optional[Sequence[str]] = None,
dry_run: Optional[bool] = None,
resource_group_id: Optional[str] = None,
security_policy_name: Optional[str] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, Any]] = None,
tls_versions: Optional[Sequence[str]] = None) -> SecurityPolicyfunc GetSecurityPolicy(ctx *Context, name string, id IDInput, state *SecurityPolicyState, opts ...ResourceOption) (*SecurityPolicy, error)public static SecurityPolicy Get(string name, Input<string> id, SecurityPolicyState? state, CustomResourceOptions? opts = null)public static SecurityPolicy get(String name, Output<String> id, SecurityPolicyState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Ciphers List<string>
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- Dry
Run bool The dry run.
- Resource
Group stringId The ID of the resource group.
- Security
Policy stringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- Status string
The status of the resource.
- Dictionary<string, object>
A mapping of tags to assign to the resource.
- Tls
Versions List<string> The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- Ciphers []string
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- Dry
Run bool The dry run.
- Resource
Group stringId The ID of the resource group.
- Security
Policy stringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- Status string
The status of the resource.
- map[string]interface{}
A mapping of tags to assign to the resource.
- Tls
Versions []string The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- ciphers List<String>
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- dry
Run Boolean The dry run.
- resource
Group StringId The ID of the resource group.
- security
Policy StringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- status String
The status of the resource.
- Map<String,Object>
A mapping of tags to assign to the resource.
- tls
Versions List<String> The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- ciphers string[]
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- dry
Run boolean The dry run.
- resource
Group stringId The ID of the resource group.
- security
Policy stringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- status string
The status of the resource.
- {[key: string]: any}
A mapping of tags to assign to the resource.
- tls
Versions string[] The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- ciphers Sequence[str]
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- dry_
run bool The dry run.
- resource_
group_ strid The ID of the resource group.
- security_
policy_ strname The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- status str
The status of the resource.
- Mapping[str, Any]
A mapping of tags to assign to the resource.
- tls_
versions Sequence[str] The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
- ciphers List<String>
The supported cipher suites, which are determined by the TLS protocol version.The specified cipher suites must be supported by at least one TLS protocol version that you select.
- dry
Run Boolean The dry run.
- resource
Group StringId The ID of the resource group.
- security
Policy StringName The name of the resource. The name must be 2 to 128 characters in length and must start with a letter. It can contain digits, periods (.), underscores (_), and hyphens (-).
- status String
The status of the resource.
- Map<Any>
A mapping of tags to assign to the resource.
- tls
Versions List<String> The TLS protocol versions that are supported. Valid values: TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3.
Import
ALB Security Policy can be imported using the id, e.g.
$ pulumi import alicloud:alb/securityPolicy:SecurityPolicy example <id>
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
alicloudTerraform Provider.