Alibaba Cloud v3.76.0, Apr 8 25

Alibaba Cloud v3.76.0 published on Tuesday, Apr 8, 2025 by Pulumi

alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy

Explore with Pulumi AI

Alibaba Cloud v3.76.0 published on Tuesday, Apr 8, 2025 by Pulumi

pulumi/pulumi-alicloud

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = alicloud.getAccount({});
const defaultInstance = new alicloud.cen.Instance("default", {
    cenInstanceName: name,
    description: "example_value",
    tags: {
        Created: "TF",
        For: "acceptance test",
    },
});
const defaultFirewallVpcFirewallControlPolicy = new alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default", {
    order: 1,
    destination: "127.0.0.2/32",
    applicationName: "ANY",
    description: "example_value",
    sourceType: "net",
    destPort: "80/88",
    aclAction: "accept",
    lang: "zh",
    destinationType: "net",
    source: "127.0.0.1/32",
    destPortType: "port",
    proto: "TCP",
    release: true,
    memberUid: _default.then(_default => _default.id),
    vpcFirewallId: defaultInstance.id,
});

import pulumi
import pulumi_alicloud as alicloud

config = pulumi.Config()
name = config.get("name")
if name is None:
    name = "terraform-example"
default = alicloud.get_account()
default_instance = alicloud.cen.Instance("default",
    cen_instance_name=name,
    description="example_value",
    tags={
        "Created": "TF",
        "For": "acceptance test",
    })
default_firewall_vpc_firewall_control_policy = alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default",
    order=1,
    destination="127.0.0.2/32",
    application_name="ANY",
    description="example_value",
    source_type="net",
    dest_port="80/88",
    acl_action="accept",
    lang="zh",
    destination_type="net",
    source="127.0.0.1/32",
    dest_port_type="port",
    proto="TCP",
    release=True,
    member_uid=default.id,
    vpc_firewall_id=default_instance.id)

package main

import (
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cen"
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		name := "terraform-example"
		if param := cfg.Get("name"); param != "" {
			name = param
		}
		_default, err := alicloud.GetAccount(ctx, map[string]interface{}{}, nil)
		if err != nil {
			return err
		}
		defaultInstance, err := cen.NewInstance(ctx, "default", &cen.InstanceArgs{
			CenInstanceName: pulumi.String(name),
			Description:     pulumi.String("example_value"),
			Tags: pulumi.StringMap{
				"Created": pulumi.String("TF"),
				"For":     pulumi.String("acceptance test"),
			},
		})
		if err != nil {
			return err
		}
		_, err = cloudfirewall.NewFirewallVpcFirewallControlPolicy(ctx, "default", &cloudfirewall.FirewallVpcFirewallControlPolicyArgs{
			Order:           pulumi.Int(1),
			Destination:     pulumi.String("127.0.0.2/32"),
			ApplicationName: pulumi.String("ANY"),
			Description:     pulumi.String("example_value"),
			SourceType:      pulumi.String("net"),
			DestPort:        pulumi.String("80/88"),
			AclAction:       pulumi.String("accept"),
			Lang:            pulumi.String("zh"),
			DestinationType: pulumi.String("net"),
			Source:          pulumi.String("127.0.0.1/32"),
			DestPortType:    pulumi.String("port"),
			Proto:           pulumi.String("TCP"),
			Release:         pulumi.Bool(true),
			MemberUid:       pulumi.String(_default.Id),
			VpcFirewallId:   defaultInstance.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;

return await Deployment.RunAsync(() => 
{
    var config = new Config();
    var name = config.Get("name") ?? "terraform-example";
    var @default = AliCloud.GetAccount.Invoke();

    var defaultInstance = new AliCloud.Cen.Instance("default", new()
    {
        CenInstanceName = name,
        Description = "example_value",
        Tags = 
        {
            { "Created", "TF" },
            { "For", "acceptance test" },
        },
    });

    var defaultFirewallVpcFirewallControlPolicy = new AliCloud.CloudFirewall.FirewallVpcFirewallControlPolicy("default", new()
    {
        Order = 1,
        Destination = "127.0.0.2/32",
        ApplicationName = "ANY",
        Description = "example_value",
        SourceType = "net",
        DestPort = "80/88",
        AclAction = "accept",
        Lang = "zh",
        DestinationType = "net",
        Source = "127.0.0.1/32",
        DestPortType = "port",
        Proto = "TCP",
        Release = true,
        MemberUid = @default.Apply(@default => @default.Apply(getAccountResult => getAccountResult.Id)),
        VpcFirewallId = defaultInstance.Id,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.cen.Instance;
import com.pulumi.alicloud.cen.InstanceArgs;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var name = config.get("name").orElse("terraform-example");
        final var default = AlicloudFunctions.getAccount();

        var defaultInstance = new Instance("defaultInstance", InstanceArgs.builder()
            .cenInstanceName(name)
            .description("example_value")
            .tags(Map.ofEntries(
                Map.entry("Created", "TF"),
                Map.entry("For", "acceptance test")
            ))
            .build());

        var defaultFirewallVpcFirewallControlPolicy = new FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", FirewallVpcFirewallControlPolicyArgs.builder()
            .order("1")
            .destination("127.0.0.2/32")
            .applicationName("ANY")
            .description("example_value")
            .sourceType("net")
            .destPort("80/88")
            .aclAction("accept")
            .lang("zh")
            .destinationType("net")
            .source("127.0.0.1/32")
            .destPortType("port")
            .proto("TCP")
            .release(true)
            .memberUid(default_.id())
            .vpcFirewallId(defaultInstance.id())
            .build());

    }
}

configuration:
  name:
    type: string
    default: terraform-example
resources:
  defaultInstance:
    type: alicloud:cen:Instance
    name: default
    properties:
      cenInstanceName: ${name}
      description: example_value
      tags:
        Created: TF
        For: acceptance test
  defaultFirewallVpcFirewallControlPolicy:
    type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
    name: default
    properties:
      order: '1'
      destination: 127.0.0.2/32
      applicationName: ANY
      description: example_value
      sourceType: net
      destPort: 80/88
      aclAction: accept
      lang: zh
      destinationType: net
      source: 127.0.0.1/32
      destPortType: port
      proto: TCP
      release: true
      memberUid: ${default.id}
      vpcFirewallId: ${defaultInstance.id}
variables:
  default:
    fn::invoke:
      function: alicloud:getAccount
      arguments: {}

Create FirewallVpcFirewallControlPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new FirewallVpcFirewallControlPolicy(name: string, args: FirewallVpcFirewallControlPolicyArgs, opts?: CustomResourceOptions);

@overload
def FirewallVpcFirewallControlPolicy(resource_name: str,
                                     args: FirewallVpcFirewallControlPolicyArgs,
                                     opts: Optional[ResourceOptions] = None)

@overload
def FirewallVpcFirewallControlPolicy(resource_name: str,
                                     opts: Optional[ResourceOptions] = None,
                                     order: Optional[int] = None,
                                     application_name: Optional[str] = None,
                                     description: Optional[str] = None,
                                     vpc_firewall_id: Optional[str] = None,
                                     source_type: Optional[str] = None,
                                     source: Optional[str] = None,
                                     destination: Optional[str] = None,
                                     destination_type: Optional[str] = None,
                                     acl_action: Optional[str] = None,
                                     proto: Optional[str] = None,
                                     lang: Optional[str] = None,
                                     member_uid: Optional[str] = None,
                                     release: Optional[bool] = None,
                                     dest_port_type: Optional[str] = None,
                                     dest_port_group: Optional[str] = None,
                                     dest_port: Optional[str] = None)

func NewFirewallVpcFirewallControlPolicy(ctx *Context, name string, args FirewallVpcFirewallControlPolicyArgs, opts ...ResourceOption) (*FirewallVpcFirewallControlPolicy, error)

public FirewallVpcFirewallControlPolicy(string name, FirewallVpcFirewallControlPolicyArgs args, CustomResourceOptions? opts = null)

public FirewallVpcFirewallControlPolicy(String name, FirewallVpcFirewallControlPolicyArgs args)
public FirewallVpcFirewallControlPolicy(String name, FirewallVpcFirewallControlPolicyArgs args, CustomResourceOptions options)

type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args FirewallVpcFirewallControlPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args FirewallVpcFirewallControlPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args FirewallVpcFirewallControlPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args FirewallVpcFirewallControlPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args FirewallVpcFirewallControlPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var firewallVpcFirewallControlPolicyResource = new AliCloud.CloudFirewall.FirewallVpcFirewallControlPolicy("firewallVpcFirewallControlPolicyResource", new()
{
    Order = 0,
    ApplicationName = "string",
    Description = "string",
    VpcFirewallId = "string",
    SourceType = "string",
    Source = "string",
    Destination = "string",
    DestinationType = "string",
    AclAction = "string",
    Proto = "string",
    Lang = "string",
    MemberUid = "string",
    Release = false,
    DestPortType = "string",
    DestPortGroup = "string",
    DestPort = "string",
});

example, err := cloudfirewall.NewFirewallVpcFirewallControlPolicy(ctx, "firewallVpcFirewallControlPolicyResource", &cloudfirewall.FirewallVpcFirewallControlPolicyArgs{
	Order:           pulumi.Int(0),
	ApplicationName: pulumi.String("string"),
	Description:     pulumi.String("string"),
	VpcFirewallId:   pulumi.String("string"),
	SourceType:      pulumi.String("string"),
	Source:          pulumi.String("string"),
	Destination:     pulumi.String("string"),
	DestinationType: pulumi.String("string"),
	AclAction:       pulumi.String("string"),
	Proto:           pulumi.String("string"),
	Lang:            pulumi.String("string"),
	MemberUid:       pulumi.String("string"),
	Release:         pulumi.Bool(false),
	DestPortType:    pulumi.String("string"),
	DestPortGroup:   pulumi.String("string"),
	DestPort:        pulumi.String("string"),
})

var firewallVpcFirewallControlPolicyResource = new FirewallVpcFirewallControlPolicy("firewallVpcFirewallControlPolicyResource", FirewallVpcFirewallControlPolicyArgs.builder()
    .order(0)
    .applicationName("string")
    .description("string")
    .vpcFirewallId("string")
    .sourceType("string")
    .source("string")
    .destination("string")
    .destinationType("string")
    .aclAction("string")
    .proto("string")
    .lang("string")
    .memberUid("string")
    .release(false)
    .destPortType("string")
    .destPortGroup("string")
    .destPort("string")
    .build());

firewall_vpc_firewall_control_policy_resource = alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("firewallVpcFirewallControlPolicyResource",
    order=0,
    application_name="string",
    description="string",
    vpc_firewall_id="string",
    source_type="string",
    source="string",
    destination="string",
    destination_type="string",
    acl_action="string",
    proto="string",
    lang="string",
    member_uid="string",
    release=False,
    dest_port_type="string",
    dest_port_group="string",
    dest_port="string")

const firewallVpcFirewallControlPolicyResource = new alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("firewallVpcFirewallControlPolicyResource", {
    order: 0,
    applicationName: "string",
    description: "string",
    vpcFirewallId: "string",
    sourceType: "string",
    source: "string",
    destination: "string",
    destinationType: "string",
    aclAction: "string",
    proto: "string",
    lang: "string",
    memberUid: "string",
    release: false,
    destPortType: "string",
    destPortGroup: "string",
    destPort: "string",
});

type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
properties:
    aclAction: string
    applicationName: string
    description: string
    destPort: string
    destPortGroup: string
    destPortType: string
    destination: string
    destinationType: string
    lang: string
    memberUid: string
    order: 0
    proto: string
    release: false
    source: string
    sourceType: string
    vpcFirewallId: string

FirewallVpcFirewallControlPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The FirewallVpcFirewallControlPolicy resource accepts the following input properties:

AclAction string

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

ApplicationName string

The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

Description string

Access control over VPC firewalls description of the strategy information.

Destination string

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

DestinationType string

The type of the destination address in the access control policy. Valid values: net, group, domain.

Order int

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

Proto string

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

Source string

Access control over VPC firewalls strategy in the source address.

SourceType string

The type of the source address in the access control policy. Valid values: net, group.

VpcFirewallId string

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

DestPort string

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

DestPortGroup string

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

DestPortType string

The type of the destination port in the access control policy. Valid values: port, group.

Lang string

The language of the content within the request and response. Valid values: zh, en.

MemberUid string

The UID of the member account of the current Alibaba cloud account.

Release bool

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

AclAction string

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

ApplicationName string

Description string

Access control over VPC firewalls description of the strategy information.

Destination string

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

DestinationType string

The type of the destination address in the access control policy. Valid values: net, group, domain.

Order int

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

Proto string

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

Source string

Access control over VPC firewalls strategy in the source address.

SourceType string

The type of the source address in the access control policy. Valid values: net, group.

VpcFirewallId string

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

DestPort string

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

DestPortGroup string

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

DestPortType string

The type of the destination port in the access control policy. Valid values: port, group.

Lang string

The language of the content within the request and response. Valid values: zh, en.

MemberUid string

The UID of the member account of the current Alibaba cloud account.

Release bool

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

aclAction String

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

applicationName String

description String

Access control over VPC firewalls description of the strategy information.

destination String

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destinationType String

The type of the destination address in the access control policy. Valid values: net, group, domain.

order Integer

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto String

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

source String

Access control over VPC firewalls strategy in the source address.

sourceType String

The type of the source address in the access control policy. Valid values: net, group.

vpcFirewallId String

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

destPort String

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

destPortGroup String

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

destPortType String

The type of the destination port in the access control policy. Valid values: port, group.

lang String

The language of the content within the request and response. Valid values: zh, en.

memberUid String

The UID of the member account of the current Alibaba cloud account.

release Boolean

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

aclAction string

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

applicationName string

description string

Access control over VPC firewalls description of the strategy information.

destination string

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destinationType string

The type of the destination address in the access control policy. Valid values: net, group, domain.

order number

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto string

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

source string

Access control over VPC firewalls strategy in the source address.

sourceType string

The type of the source address in the access control policy. Valid values: net, group.

vpcFirewallId string

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

destPort string

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

destPortGroup string

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

destPortType string

The type of the destination port in the access control policy. Valid values: port, group.

lang string

The language of the content within the request and response. Valid values: zh, en.

memberUid string

The UID of the member account of the current Alibaba cloud account.

release boolean

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

acl_action str

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

application_name str

description str

Access control over VPC firewalls description of the strategy information.

destination str

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destination_type str

The type of the destination address in the access control policy. Valid values: net, group, domain.

order int

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto str

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

source str

Access control over VPC firewalls strategy in the source address.

source_type str

The type of the source address in the access control policy. Valid values: net, group.

vpc_firewall_id str

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

dest_port str

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

dest_port_group str

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

dest_port_type str

The type of the destination port in the access control policy. Valid values: port, group.

lang str

The language of the content within the request and response. Valid values: zh, en.

member_uid str

The UID of the member account of the current Alibaba cloud account.

release bool

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

aclAction String

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

applicationName String

description String

Access control over VPC firewalls description of the strategy information.

destination String

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destinationType String

The type of the destination address in the access control policy. Valid values: net, group, domain.

order Number

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto String

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

source String

Access control over VPC firewalls strategy in the source address.

sourceType String

The type of the source address in the access control policy. Valid values: net, group.

vpcFirewallId String

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

destPort String

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

destPortGroup String

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

destPortType String

The type of the destination port in the access control policy. Valid values: port, group.

lang String

The language of the content within the request and response. Valid values: zh, en.

memberUid String

The UID of the member account of the current Alibaba cloud account.

release Boolean

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

Outputs

All input properties are implicitly available as output properties. Additionally, the FirewallVpcFirewallControlPolicy resource produces the following output properties:

AclUuid string: Access control over VPC firewalls strategy unique identifier.
ApplicationId string: Policy specifies the application ID.
DestPortGroupPorts List<string>: Port Address Book port list.
DestinationGroupCidrs List<string>: Destination address book defined in the address list.
DestinationGroupType string: The destination address book type in the access control policy.
HitTimes int: Control strategy of hits per second.
Id string: The provider-assigned unique ID for this managed resource.
SourceGroupCidrs List<string>: SOURCE address of the address list.
SourceGroupType string: The source address type in the access control policy.

AclUuid string: Access control over VPC firewalls strategy unique identifier.
ApplicationId string: Policy specifies the application ID.
DestPortGroupPorts []string: Port Address Book port list.
DestinationGroupCidrs []string: Destination address book defined in the address list.
DestinationGroupType string: The destination address book type in the access control policy.
HitTimes int: Control strategy of hits per second.
Id string: The provider-assigned unique ID for this managed resource.
SourceGroupCidrs []string: SOURCE address of the address list.
SourceGroupType string: The source address type in the access control policy.

aclUuid String: Access control over VPC firewalls strategy unique identifier.
applicationId String: Policy specifies the application ID.
destPortGroupPorts List<String>: Port Address Book port list.
destinationGroupCidrs List<String>: Destination address book defined in the address list.
destinationGroupType String: The destination address book type in the access control policy.
hitTimes Integer: Control strategy of hits per second.
id String: The provider-assigned unique ID for this managed resource.
sourceGroupCidrs List<String>: SOURCE address of the address list.
sourceGroupType String: The source address type in the access control policy.

aclUuid string: Access control over VPC firewalls strategy unique identifier.
applicationId string: Policy specifies the application ID.
destPortGroupPorts string[]: Port Address Book port list.
destinationGroupCidrs string[]: Destination address book defined in the address list.
destinationGroupType string: The destination address book type in the access control policy.
hitTimes number: Control strategy of hits per second.
id string: The provider-assigned unique ID for this managed resource.
sourceGroupCidrs string[]: SOURCE address of the address list.
sourceGroupType string: The source address type in the access control policy.

acl_uuid str: Access control over VPC firewalls strategy unique identifier.
application_id str: Policy specifies the application ID.
dest_port_group_ports Sequence[str]: Port Address Book port list.
destination_group_cidrs Sequence[str]: Destination address book defined in the address list.
destination_group_type str: The destination address book type in the access control policy.
hit_times int: Control strategy of hits per second.
id str: The provider-assigned unique ID for this managed resource.
source_group_cidrs Sequence[str]: SOURCE address of the address list.
source_group_type str: The source address type in the access control policy.

aclUuid String: Access control over VPC firewalls strategy unique identifier.
applicationId String: Policy specifies the application ID.
destPortGroupPorts List<String>: Port Address Book port list.
destinationGroupCidrs List<String>: Destination address book defined in the address list.
destinationGroupType String: The destination address book type in the access control policy.
hitTimes Number: Control strategy of hits per second.
id String: The provider-assigned unique ID for this managed resource.
sourceGroupCidrs List<String>: SOURCE address of the address list.
sourceGroupType String: The source address type in the access control policy.

Look up Existing FirewallVpcFirewallControlPolicy Resource

Get an existing FirewallVpcFirewallControlPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FirewallVpcFirewallControlPolicyState, opts?: CustomResourceOptions): FirewallVpcFirewallControlPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        acl_action: Optional[str] = None,
        acl_uuid: Optional[str] = None,
        application_id: Optional[str] = None,
        application_name: Optional[str] = None,
        description: Optional[str] = None,
        dest_port: Optional[str] = None,
        dest_port_group: Optional[str] = None,
        dest_port_group_ports: Optional[Sequence[str]] = None,
        dest_port_type: Optional[str] = None,
        destination: Optional[str] = None,
        destination_group_cidrs: Optional[Sequence[str]] = None,
        destination_group_type: Optional[str] = None,
        destination_type: Optional[str] = None,
        hit_times: Optional[int] = None,
        lang: Optional[str] = None,
        member_uid: Optional[str] = None,
        order: Optional[int] = None,
        proto: Optional[str] = None,
        release: Optional[bool] = None,
        source: Optional[str] = None,
        source_group_cidrs: Optional[Sequence[str]] = None,
        source_group_type: Optional[str] = None,
        source_type: Optional[str] = None,
        vpc_firewall_id: Optional[str] = None) -> FirewallVpcFirewallControlPolicy

func GetFirewallVpcFirewallControlPolicy(ctx *Context, name string, id IDInput, state *FirewallVpcFirewallControlPolicyState, opts ...ResourceOption) (*FirewallVpcFirewallControlPolicy, error)

public static FirewallVpcFirewallControlPolicy Get(string name, Input<string> id, FirewallVpcFirewallControlPolicyState? state, CustomResourceOptions? opts = null)

public static FirewallVpcFirewallControlPolicy get(String name, Output<String> id, FirewallVpcFirewallControlPolicyState state, CustomResourceOptions options)

resources:  _:    type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AclAction string

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

AclUuid string

Access control over VPC firewalls strategy unique identifier.

ApplicationId string

Policy specifies the application ID.

ApplicationName string

Description string

Access control over VPC firewalls description of the strategy information.

DestPort string

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

DestPortGroup string

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

DestPortGroupPorts List<string>

Port Address Book port list.

DestPortType string

The type of the destination port in the access control policy. Valid values: port, group.

Destination string

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

DestinationGroupCidrs List<string>

Destination address book defined in the address list.

DestinationGroupType string

The destination address book type in the access control policy.

DestinationType string

The type of the destination address in the access control policy. Valid values: net, group, domain.

HitTimes int

Control strategy of hits per second.

Lang string

The language of the content within the request and response. Valid values: zh, en.

MemberUid string

The UID of the member account of the current Alibaba cloud account.

Order int

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

Proto string

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

Release bool

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

Source string

Access control over VPC firewalls strategy in the source address.

SourceGroupCidrs List<string>

SOURCE address of the address list.

SourceGroupType string

The source address type in the access control policy.

SourceType string

The type of the source address in the access control policy. Valid values: net, group.

VpcFirewallId string

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

AclAction string

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

AclUuid string

Access control over VPC firewalls strategy unique identifier.

ApplicationId string

Policy specifies the application ID.

ApplicationName string

Description string

Access control over VPC firewalls description of the strategy information.

DestPort string

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

DestPortGroup string

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

DestPortGroupPorts []string

Port Address Book port list.

DestPortType string

The type of the destination port in the access control policy. Valid values: port, group.

Destination string

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

DestinationGroupCidrs []string

Destination address book defined in the address list.

DestinationGroupType string

The destination address book type in the access control policy.

DestinationType string

The type of the destination address in the access control policy. Valid values: net, group, domain.

HitTimes int

Control strategy of hits per second.

Lang string

The language of the content within the request and response. Valid values: zh, en.

MemberUid string

The UID of the member account of the current Alibaba cloud account.

Order int

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

Proto string

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

Release bool

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

Source string

Access control over VPC firewalls strategy in the source address.

SourceGroupCidrs []string

SOURCE address of the address list.

SourceGroupType string

The source address type in the access control policy.

SourceType string

The type of the source address in the access control policy. Valid values: net, group.

VpcFirewallId string

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

aclAction String

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

aclUuid String

Access control over VPC firewalls strategy unique identifier.

applicationId String

Policy specifies the application ID.

applicationName String

description String

Access control over VPC firewalls description of the strategy information.

destPort String

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

destPortGroup String

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

destPortGroupPorts List<String>

Port Address Book port list.

destPortType String

The type of the destination port in the access control policy. Valid values: port, group.

destination String

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destinationGroupCidrs List<String>

Destination address book defined in the address list.

destinationGroupType String

The destination address book type in the access control policy.

destinationType String

The type of the destination address in the access control policy. Valid values: net, group, domain.

hitTimes Integer

Control strategy of hits per second.

lang String

The language of the content within the request and response. Valid values: zh, en.

memberUid String

The UID of the member account of the current Alibaba cloud account.

order Integer

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto String

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

release Boolean

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

source String

Access control over VPC firewalls strategy in the source address.

sourceGroupCidrs List<String>

SOURCE address of the address list.

sourceGroupType String

The source address type in the access control policy.

sourceType String

The type of the source address in the access control policy. Valid values: net, group.

vpcFirewallId String

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

aclAction string

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

aclUuid string

Access control over VPC firewalls strategy unique identifier.

applicationId string

Policy specifies the application ID.

applicationName string

description string

Access control over VPC firewalls description of the strategy information.

destPort string

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

destPortGroup string

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

destPortGroupPorts string[]

Port Address Book port list.

destPortType string

The type of the destination port in the access control policy. Valid values: port, group.

destination string

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destinationGroupCidrs string[]

Destination address book defined in the address list.

destinationGroupType string

The destination address book type in the access control policy.

destinationType string

The type of the destination address in the access control policy. Valid values: net, group, domain.

hitTimes number

Control strategy of hits per second.

lang string

The language of the content within the request and response. Valid values: zh, en.

memberUid string

The UID of the member account of the current Alibaba cloud account.

order number

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto string

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

release boolean

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

source string

Access control over VPC firewalls strategy in the source address.

sourceGroupCidrs string[]

SOURCE address of the address list.

sourceGroupType string

The source address type in the access control policy.

sourceType string

The type of the source address in the access control policy. Valid values: net, group.

vpcFirewallId string

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

acl_action str

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

acl_uuid str

Access control over VPC firewalls strategy unique identifier.

application_id str

Policy specifies the application ID.

application_name str

description str

Access control over VPC firewalls description of the strategy information.

dest_port str

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

dest_port_group str

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

dest_port_group_ports Sequence[str]

Port Address Book port list.

dest_port_type str

The type of the destination port in the access control policy. Valid values: port, group.

destination str

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destination_group_cidrs Sequence[str]

Destination address book defined in the address list.

destination_group_type str

The destination address book type in the access control policy.

destination_type str

The type of the destination address in the access control policy. Valid values: net, group, domain.

hit_times int

Control strategy of hits per second.

lang str

The language of the content within the request and response. Valid values: zh, en.

member_uid str

The UID of the member account of the current Alibaba cloud account.

order int

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto str

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

release bool

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

source str

Access control over VPC firewalls strategy in the source address.

source_group_cidrs Sequence[str]

SOURCE address of the address list.

source_group_type str

The source address type in the access control policy.

source_type str

The type of the source address in the access control policy. Valid values: net, group.

vpc_firewall_id str

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

aclAction String

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

aclUuid String

Access control over VPC firewalls strategy unique identifier.

applicationId String

Policy specifies the application ID.

applicationName String

description String

Access control over VPC firewalls description of the strategy information.

destPort String

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

destPortGroup String

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

destPortGroupPorts List<String>

Port Address Book port list.

destPortType String

The type of the destination port in the access control policy. Valid values: port, group.

destination String

The destination address in the access control policy. Valid values:

If destination_type is set to net, the value of destination must be a CIDR block.
If destination_type is set to group, the value of destination must be an address book.
If destination_type is set to domain, the value of destination must be a domain name.

destinationGroupCidrs List<String>

Destination address book defined in the address list.

destinationGroupType String

The destination address book type in the access control policy.

destinationType String

The type of the destination address in the access control policy. Valid values: net, group, domain.

hitTimes Number

Control strategy of hits per second.

lang String

The language of the content within the request and response. Valid values: zh, en.

memberUid String

The UID of the member account of the current Alibaba cloud account.

order Number

The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

proto String

The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

release Boolean

The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

source String

Access control over VPC firewalls strategy in the source address.

sourceGroupCidrs List<String>

SOURCE address of the address list.

sourceGroupType String

The source address type in the access control policy.

sourceType String

The type of the source address in the access control policy. Valid values: net, group.

vpcFirewallId String

The ID of the VPC firewall instance. Valid values:

When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

Import

Cloud Firewall Vpc Firewall Control Policy can be imported using the id, e.g.

$ pulumi import alicloud:cloudfirewall/firewallVpcFirewallControlPolicy:FirewallVpcFirewallControlPolicy example <vpc_firewall_id>:<acl_uuid>

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Alibaba Cloud pulumi/pulumi-alicloud
License: Apache-2.0
Notes: This Pulumi package is based on the alicloud Terraform Provider.

Alibaba Cloud v3.76.0 published on Tuesday, Apr 8, 2025 by Pulumi

pulumi/pulumi-alicloud

alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy

On this page

On this page

Example Usage

Create FirewallVpcFirewallControlPolicy Resource

Constructor syntax

Parameters

Constructor example

FirewallVpcFirewallControlPolicy Resource Properties

Inputs

Outputs

Look up Existing FirewallVpcFirewallControlPolicy Resource

Import

Package Details

On this page

On this page