1. Packages
  2. Alibaba Cloud
  3. API Docs
  4. cloudfirewall
  5. FirewallVpcFirewallControlPolicy
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi

    Provides a Cloud Firewall Vpc Firewall Control Policy resource.

    For information about Cloud Firewall Vpc Firewall Control Policy and how to use it, see What is Vpc Firewall Control Policy.

    NOTE: Available since v1.194.0.

    Example Usage

    Basic Usage

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using AliCloud = Pulumi.AliCloud;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultAccount = AliCloud.GetAccount.Invoke();
    
        var defaultInstance = new AliCloud.Cen.Instance("defaultInstance", new()
        {
            CenInstanceName = @var.Name,
            Description = "example_value",
            Tags = 
            {
                { "Created", "TF" },
                { "For", "acceptance test" },
            },
        });
    
        var defaultFirewallVpcFirewallControlPolicy = new AliCloud.CloudFirewall.FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", new()
        {
            Order = 1,
            Destination = "127.0.0.2/32",
            ApplicationName = "ANY",
            Description = "example_value",
            SourceType = "net",
            DestPort = "80/88",
            AclAction = "accept",
            Lang = "zh",
            DestinationType = "net",
            Source = "127.0.0.1/32",
            DestPortType = "port",
            Proto = "TCP",
            Release = true,
            MemberUid = defaultAccount.Apply(getAccountResult => getAccountResult.Id),
            VpcFirewallId = defaultInstance.Id,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cen"
    	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		defaultAccount, err := alicloud.GetAccount(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		defaultInstance, err := cen.NewInstance(ctx, "defaultInstance", &cen.InstanceArgs{
    			CenInstanceName: pulumi.Any(_var.Name),
    			Description:     pulumi.String("example_value"),
    			Tags: pulumi.AnyMap{
    				"Created": pulumi.Any("TF"),
    				"For":     pulumi.Any("acceptance test"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = cloudfirewall.NewFirewallVpcFirewallControlPolicy(ctx, "defaultFirewallVpcFirewallControlPolicy", &cloudfirewall.FirewallVpcFirewallControlPolicyArgs{
    			Order:           pulumi.Int(1),
    			Destination:     pulumi.String("127.0.0.2/32"),
    			ApplicationName: pulumi.String("ANY"),
    			Description:     pulumi.String("example_value"),
    			SourceType:      pulumi.String("net"),
    			DestPort:        pulumi.String("80/88"),
    			AclAction:       pulumi.String("accept"),
    			Lang:            pulumi.String("zh"),
    			DestinationType: pulumi.String("net"),
    			Source:          pulumi.String("127.0.0.1/32"),
    			DestPortType:    pulumi.String("port"),
    			Proto:           pulumi.String("TCP"),
    			Release:         pulumi.Bool(true),
    			MemberUid:       *pulumi.String(defaultAccount.Id),
    			VpcFirewallId:   defaultInstance.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.alicloud.AlicloudFunctions;
    import com.pulumi.alicloud.cen.Instance;
    import com.pulumi.alicloud.cen.InstanceArgs;
    import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy;
    import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var defaultAccount = AlicloudFunctions.getAccount();
    
            var defaultInstance = new Instance("defaultInstance", InstanceArgs.builder()        
                .cenInstanceName(var_.name())
                .description("example_value")
                .tags(Map.ofEntries(
                    Map.entry("Created", "TF"),
                    Map.entry("For", "acceptance test")
                ))
                .build());
    
            var defaultFirewallVpcFirewallControlPolicy = new FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", FirewallVpcFirewallControlPolicyArgs.builder()        
                .order("1")
                .destination("127.0.0.2/32")
                .applicationName("ANY")
                .description("example_value")
                .sourceType("net")
                .destPort("80/88")
                .aclAction("accept")
                .lang("zh")
                .destinationType("net")
                .source("127.0.0.1/32")
                .destPortType("port")
                .proto("TCP")
                .release(true)
                .memberUid(defaultAccount.applyValue(getAccountResult -> getAccountResult.id()))
                .vpcFirewallId(defaultInstance.id())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_alicloud as alicloud
    
    default_account = alicloud.get_account()
    default_instance = alicloud.cen.Instance("defaultInstance",
        cen_instance_name=var["name"],
        description="example_value",
        tags={
            "Created": "TF",
            "For": "acceptance test",
        })
    default_firewall_vpc_firewall_control_policy = alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy",
        order=1,
        destination="127.0.0.2/32",
        application_name="ANY",
        description="example_value",
        source_type="net",
        dest_port="80/88",
        acl_action="accept",
        lang="zh",
        destination_type="net",
        source="127.0.0.1/32",
        dest_port_type="port",
        proto="TCP",
        release=True,
        member_uid=default_account.id,
        vpc_firewall_id=default_instance.id)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as alicloud from "@pulumi/alicloud";
    
    const defaultAccount = alicloud.getAccount({});
    const defaultInstance = new alicloud.cen.Instance("defaultInstance", {
        cenInstanceName: _var.name,
        description: "example_value",
        tags: {
            Created: "TF",
            For: "acceptance test",
        },
    });
    const defaultFirewallVpcFirewallControlPolicy = new alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", {
        order: 1,
        destination: "127.0.0.2/32",
        applicationName: "ANY",
        description: "example_value",
        sourceType: "net",
        destPort: "80/88",
        aclAction: "accept",
        lang: "zh",
        destinationType: "net",
        source: "127.0.0.1/32",
        destPortType: "port",
        proto: "TCP",
        release: true,
        memberUid: defaultAccount.then(defaultAccount => defaultAccount.id),
        vpcFirewallId: defaultInstance.id,
    });
    
    resources:
      defaultInstance:
        type: alicloud:cen:Instance
        properties:
          cenInstanceName: ${var.name}
          description: example_value
          tags:
            Created: TF
            For: acceptance test
      defaultFirewallVpcFirewallControlPolicy:
        type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
        properties:
          order: '1'
          destination: 127.0.0.2/32
          applicationName: ANY
          description: example_value
          sourceType: net
          destPort: 80/88
          aclAction: accept
          lang: zh
          destinationType: net
          source: 127.0.0.1/32
          destPortType: port
          proto: TCP
          release: true
          memberUid: ${defaultAccount.id}
          vpcFirewallId: ${defaultInstance.id}
    variables:
      defaultAccount:
        fn::invoke:
          Function: alicloud:getAccount
          Arguments: {}
    

    Create FirewallVpcFirewallControlPolicy Resource

    new FirewallVpcFirewallControlPolicy(name: string, args: FirewallVpcFirewallControlPolicyArgs, opts?: CustomResourceOptions);
    @overload
    def FirewallVpcFirewallControlPolicy(resource_name: str,
                                         opts: Optional[ResourceOptions] = None,
                                         acl_action: Optional[str] = None,
                                         application_name: Optional[str] = None,
                                         description: Optional[str] = None,
                                         dest_port: Optional[str] = None,
                                         dest_port_group: Optional[str] = None,
                                         dest_port_type: Optional[str] = None,
                                         destination: Optional[str] = None,
                                         destination_type: Optional[str] = None,
                                         lang: Optional[str] = None,
                                         member_uid: Optional[str] = None,
                                         order: Optional[int] = None,
                                         proto: Optional[str] = None,
                                         release: Optional[bool] = None,
                                         source: Optional[str] = None,
                                         source_type: Optional[str] = None,
                                         vpc_firewall_id: Optional[str] = None)
    @overload
    def FirewallVpcFirewallControlPolicy(resource_name: str,
                                         args: FirewallVpcFirewallControlPolicyArgs,
                                         opts: Optional[ResourceOptions] = None)
    func NewFirewallVpcFirewallControlPolicy(ctx *Context, name string, args FirewallVpcFirewallControlPolicyArgs, opts ...ResourceOption) (*FirewallVpcFirewallControlPolicy, error)
    public FirewallVpcFirewallControlPolicy(string name, FirewallVpcFirewallControlPolicyArgs args, CustomResourceOptions? opts = null)
    public FirewallVpcFirewallControlPolicy(String name, FirewallVpcFirewallControlPolicyArgs args)
    public FirewallVpcFirewallControlPolicy(String name, FirewallVpcFirewallControlPolicyArgs args, CustomResourceOptions options)
    
    type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args FirewallVpcFirewallControlPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FirewallVpcFirewallControlPolicyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FirewallVpcFirewallControlPolicyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FirewallVpcFirewallControlPolicyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FirewallVpcFirewallControlPolicyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    FirewallVpcFirewallControlPolicy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The FirewallVpcFirewallControlPolicy resource accepts the following input properties:

    AclAction string

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    ApplicationName string

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    Description string

    Access control over VPC firewalls description of the strategy information.

    Destination string

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    DestinationType string

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    Order int

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    Proto string

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    Source string

    Access control over VPC firewalls strategy in the source address.

    SourceType string

    The type of the source address in the access control policy. Valid values: net, group.

    VpcFirewallId string

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    DestPort string

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    DestPortGroup string

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    DestPortType string

    The type of the destination port in the access control policy. Valid values: port, group.

    Lang string

    The language of the content within the request and response. Valid values: zh, en.

    MemberUid string

    The UID of the member account of the current Alibaba cloud account.

    Release bool

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    AclAction string

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    ApplicationName string

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    Description string

    Access control over VPC firewalls description of the strategy information.

    Destination string

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    DestinationType string

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    Order int

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    Proto string

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    Source string

    Access control over VPC firewalls strategy in the source address.

    SourceType string

    The type of the source address in the access control policy. Valid values: net, group.

    VpcFirewallId string

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    DestPort string

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    DestPortGroup string

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    DestPortType string

    The type of the destination port in the access control policy. Valid values: port, group.

    Lang string

    The language of the content within the request and response. Valid values: zh, en.

    MemberUid string

    The UID of the member account of the current Alibaba cloud account.

    Release bool

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    aclAction String

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    applicationName String

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description String

    Access control over VPC firewalls description of the strategy information.

    destination String

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destinationType String

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    order Integer

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto String

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    source String

    Access control over VPC firewalls strategy in the source address.

    sourceType String

    The type of the source address in the access control policy. Valid values: net, group.

    vpcFirewallId String

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    destPort String

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    destPortGroup String

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    destPortType String

    The type of the destination port in the access control policy. Valid values: port, group.

    lang String

    The language of the content within the request and response. Valid values: zh, en.

    memberUid String

    The UID of the member account of the current Alibaba cloud account.

    release Boolean

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    aclAction string

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    applicationName string

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description string

    Access control over VPC firewalls description of the strategy information.

    destination string

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destinationType string

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    order number

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto string

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    source string

    Access control over VPC firewalls strategy in the source address.

    sourceType string

    The type of the source address in the access control policy. Valid values: net, group.

    vpcFirewallId string

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    destPort string

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    destPortGroup string

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    destPortType string

    The type of the destination port in the access control policy. Valid values: port, group.

    lang string

    The language of the content within the request and response. Valid values: zh, en.

    memberUid string

    The UID of the member account of the current Alibaba cloud account.

    release boolean

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    acl_action str

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    application_name str

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description str

    Access control over VPC firewalls description of the strategy information.

    destination str

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destination_type str

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    order int

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto str

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    source str

    Access control over VPC firewalls strategy in the source address.

    source_type str

    The type of the source address in the access control policy. Valid values: net, group.

    vpc_firewall_id str

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    dest_port str

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    dest_port_group str

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    dest_port_type str

    The type of the destination port in the access control policy. Valid values: port, group.

    lang str

    The language of the content within the request and response. Valid values: zh, en.

    member_uid str

    The UID of the member account of the current Alibaba cloud account.

    release bool

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    aclAction String

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    applicationName String

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description String

    Access control over VPC firewalls description of the strategy information.

    destination String

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destinationType String

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    order Number

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto String

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    source String

    Access control over VPC firewalls strategy in the source address.

    sourceType String

    The type of the source address in the access control policy. Valid values: net, group.

    vpcFirewallId String

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    destPort String

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    destPortGroup String

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    destPortType String

    The type of the destination port in the access control policy. Valid values: port, group.

    lang String

    The language of the content within the request and response. Valid values: zh, en.

    memberUid String

    The UID of the member account of the current Alibaba cloud account.

    release Boolean

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    Outputs

    All input properties are implicitly available as output properties. Additionally, the FirewallVpcFirewallControlPolicy resource produces the following output properties:

    AclUuid string

    Access control over VPC firewalls strategy unique identifier.

    ApplicationId string

    Policy specifies the application ID.

    DestPortGroupPorts List<string>

    Port Address Book port list.

    DestinationGroupCidrs List<string>

    Destination address book defined in the address list.

    DestinationGroupType string

    The destination address book type in the access control policy.

    HitTimes int

    Control strategy of hits per second.

    Id string

    The provider-assigned unique ID for this managed resource.

    SourceGroupCidrs List<string>

    SOURCE address of the address list.

    SourceGroupType string

    The source address type in the access control policy.

    AclUuid string

    Access control over VPC firewalls strategy unique identifier.

    ApplicationId string

    Policy specifies the application ID.

    DestPortGroupPorts []string

    Port Address Book port list.

    DestinationGroupCidrs []string

    Destination address book defined in the address list.

    DestinationGroupType string

    The destination address book type in the access control policy.

    HitTimes int

    Control strategy of hits per second.

    Id string

    The provider-assigned unique ID for this managed resource.

    SourceGroupCidrs []string

    SOURCE address of the address list.

    SourceGroupType string

    The source address type in the access control policy.

    aclUuid String

    Access control over VPC firewalls strategy unique identifier.

    applicationId String

    Policy specifies the application ID.

    destPortGroupPorts List<String>

    Port Address Book port list.

    destinationGroupCidrs List<String>

    Destination address book defined in the address list.

    destinationGroupType String

    The destination address book type in the access control policy.

    hitTimes Integer

    Control strategy of hits per second.

    id String

    The provider-assigned unique ID for this managed resource.

    sourceGroupCidrs List<String>

    SOURCE address of the address list.

    sourceGroupType String

    The source address type in the access control policy.

    aclUuid string

    Access control over VPC firewalls strategy unique identifier.

    applicationId string

    Policy specifies the application ID.

    destPortGroupPorts string[]

    Port Address Book port list.

    destinationGroupCidrs string[]

    Destination address book defined in the address list.

    destinationGroupType string

    The destination address book type in the access control policy.

    hitTimes number

    Control strategy of hits per second.

    id string

    The provider-assigned unique ID for this managed resource.

    sourceGroupCidrs string[]

    SOURCE address of the address list.

    sourceGroupType string

    The source address type in the access control policy.

    acl_uuid str

    Access control over VPC firewalls strategy unique identifier.

    application_id str

    Policy specifies the application ID.

    dest_port_group_ports Sequence[str]

    Port Address Book port list.

    destination_group_cidrs Sequence[str]

    Destination address book defined in the address list.

    destination_group_type str

    The destination address book type in the access control policy.

    hit_times int

    Control strategy of hits per second.

    id str

    The provider-assigned unique ID for this managed resource.

    source_group_cidrs Sequence[str]

    SOURCE address of the address list.

    source_group_type str

    The source address type in the access control policy.

    aclUuid String

    Access control over VPC firewalls strategy unique identifier.

    applicationId String

    Policy specifies the application ID.

    destPortGroupPorts List<String>

    Port Address Book port list.

    destinationGroupCidrs List<String>

    Destination address book defined in the address list.

    destinationGroupType String

    The destination address book type in the access control policy.

    hitTimes Number

    Control strategy of hits per second.

    id String

    The provider-assigned unique ID for this managed resource.

    sourceGroupCidrs List<String>

    SOURCE address of the address list.

    sourceGroupType String

    The source address type in the access control policy.

    Look up Existing FirewallVpcFirewallControlPolicy Resource

    Get an existing FirewallVpcFirewallControlPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FirewallVpcFirewallControlPolicyState, opts?: CustomResourceOptions): FirewallVpcFirewallControlPolicy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            acl_action: Optional[str] = None,
            acl_uuid: Optional[str] = None,
            application_id: Optional[str] = None,
            application_name: Optional[str] = None,
            description: Optional[str] = None,
            dest_port: Optional[str] = None,
            dest_port_group: Optional[str] = None,
            dest_port_group_ports: Optional[Sequence[str]] = None,
            dest_port_type: Optional[str] = None,
            destination: Optional[str] = None,
            destination_group_cidrs: Optional[Sequence[str]] = None,
            destination_group_type: Optional[str] = None,
            destination_type: Optional[str] = None,
            hit_times: Optional[int] = None,
            lang: Optional[str] = None,
            member_uid: Optional[str] = None,
            order: Optional[int] = None,
            proto: Optional[str] = None,
            release: Optional[bool] = None,
            source: Optional[str] = None,
            source_group_cidrs: Optional[Sequence[str]] = None,
            source_group_type: Optional[str] = None,
            source_type: Optional[str] = None,
            vpc_firewall_id: Optional[str] = None) -> FirewallVpcFirewallControlPolicy
    func GetFirewallVpcFirewallControlPolicy(ctx *Context, name string, id IDInput, state *FirewallVpcFirewallControlPolicyState, opts ...ResourceOption) (*FirewallVpcFirewallControlPolicy, error)
    public static FirewallVpcFirewallControlPolicy Get(string name, Input<string> id, FirewallVpcFirewallControlPolicyState? state, CustomResourceOptions? opts = null)
    public static FirewallVpcFirewallControlPolicy get(String name, Output<String> id, FirewallVpcFirewallControlPolicyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AclAction string

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    AclUuid string

    Access control over VPC firewalls strategy unique identifier.

    ApplicationId string

    Policy specifies the application ID.

    ApplicationName string

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    Description string

    Access control over VPC firewalls description of the strategy information.

    DestPort string

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    DestPortGroup string

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    DestPortGroupPorts List<string>

    Port Address Book port list.

    DestPortType string

    The type of the destination port in the access control policy. Valid values: port, group.

    Destination string

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    DestinationGroupCidrs List<string>

    Destination address book defined in the address list.

    DestinationGroupType string

    The destination address book type in the access control policy.

    DestinationType string

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    HitTimes int

    Control strategy of hits per second.

    Lang string

    The language of the content within the request and response. Valid values: zh, en.

    MemberUid string

    The UID of the member account of the current Alibaba cloud account.

    Order int

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    Proto string

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    Release bool

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    Source string

    Access control over VPC firewalls strategy in the source address.

    SourceGroupCidrs List<string>

    SOURCE address of the address list.

    SourceGroupType string

    The source address type in the access control policy.

    SourceType string

    The type of the source address in the access control policy. Valid values: net, group.

    VpcFirewallId string

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    AclAction string

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    AclUuid string

    Access control over VPC firewalls strategy unique identifier.

    ApplicationId string

    Policy specifies the application ID.

    ApplicationName string

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    Description string

    Access control over VPC firewalls description of the strategy information.

    DestPort string

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    DestPortGroup string

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    DestPortGroupPorts []string

    Port Address Book port list.

    DestPortType string

    The type of the destination port in the access control policy. Valid values: port, group.

    Destination string

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    DestinationGroupCidrs []string

    Destination address book defined in the address list.

    DestinationGroupType string

    The destination address book type in the access control policy.

    DestinationType string

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    HitTimes int

    Control strategy of hits per second.

    Lang string

    The language of the content within the request and response. Valid values: zh, en.

    MemberUid string

    The UID of the member account of the current Alibaba cloud account.

    Order int

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    Proto string

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    Release bool

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    Source string

    Access control over VPC firewalls strategy in the source address.

    SourceGroupCidrs []string

    SOURCE address of the address list.

    SourceGroupType string

    The source address type in the access control policy.

    SourceType string

    The type of the source address in the access control policy. Valid values: net, group.

    VpcFirewallId string

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    aclAction String

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    aclUuid String

    Access control over VPC firewalls strategy unique identifier.

    applicationId String

    Policy specifies the application ID.

    applicationName String

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description String

    Access control over VPC firewalls description of the strategy information.

    destPort String

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    destPortGroup String

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    destPortGroupPorts List<String>

    Port Address Book port list.

    destPortType String

    The type of the destination port in the access control policy. Valid values: port, group.

    destination String

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destinationGroupCidrs List<String>

    Destination address book defined in the address list.

    destinationGroupType String

    The destination address book type in the access control policy.

    destinationType String

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    hitTimes Integer

    Control strategy of hits per second.

    lang String

    The language of the content within the request and response. Valid values: zh, en.

    memberUid String

    The UID of the member account of the current Alibaba cloud account.

    order Integer

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto String

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    release Boolean

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    source String

    Access control over VPC firewalls strategy in the source address.

    sourceGroupCidrs List<String>

    SOURCE address of the address list.

    sourceGroupType String

    The source address type in the access control policy.

    sourceType String

    The type of the source address in the access control policy. Valid values: net, group.

    vpcFirewallId String

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    aclAction string

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    aclUuid string

    Access control over VPC firewalls strategy unique identifier.

    applicationId string

    Policy specifies the application ID.

    applicationName string

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description string

    Access control over VPC firewalls description of the strategy information.

    destPort string

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    destPortGroup string

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    destPortGroupPorts string[]

    Port Address Book port list.

    destPortType string

    The type of the destination port in the access control policy. Valid values: port, group.

    destination string

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destinationGroupCidrs string[]

    Destination address book defined in the address list.

    destinationGroupType string

    The destination address book type in the access control policy.

    destinationType string

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    hitTimes number

    Control strategy of hits per second.

    lang string

    The language of the content within the request and response. Valid values: zh, en.

    memberUid string

    The UID of the member account of the current Alibaba cloud account.

    order number

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto string

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    release boolean

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    source string

    Access control over VPC firewalls strategy in the source address.

    sourceGroupCidrs string[]

    SOURCE address of the address list.

    sourceGroupType string

    The source address type in the access control policy.

    sourceType string

    The type of the source address in the access control policy. Valid values: net, group.

    vpcFirewallId string

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    acl_action str

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    acl_uuid str

    Access control over VPC firewalls strategy unique identifier.

    application_id str

    Policy specifies the application ID.

    application_name str

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description str

    Access control over VPC firewalls description of the strategy information.

    dest_port str

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    dest_port_group str

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    dest_port_group_ports Sequence[str]

    Port Address Book port list.

    dest_port_type str

    The type of the destination port in the access control policy. Valid values: port, group.

    destination str

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destination_group_cidrs Sequence[str]

    Destination address book defined in the address list.

    destination_group_type str

    The destination address book type in the access control policy.

    destination_type str

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    hit_times int

    Control strategy of hits per second.

    lang str

    The language of the content within the request and response. Valid values: zh, en.

    member_uid str

    The UID of the member account of the current Alibaba cloud account.

    order int

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto str

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    release bool

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    source str

    Access control over VPC firewalls strategy in the source address.

    source_group_cidrs Sequence[str]

    SOURCE address of the address list.

    source_group_type str

    The source address type in the access control policy.

    source_type str

    The type of the source address in the access control policy. Valid values: net, group.

    vpc_firewall_id str

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
    aclAction String

    The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

    aclUuid String

    Access control over VPC firewalls strategy unique identifier.

    applicationId String

    Policy specifies the application ID.

    applicationName String

    The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

    description String

    Access control over VPC firewalls description of the strategy information.

    destPort String

    The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

    destPortGroup String

    Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.

    destPortGroupPorts List<String>

    Port Address Book port list.

    destPortType String

    The type of the destination port in the access control policy. Valid values: port, group.

    destination String

    The destination address in the access control policy. Valid values:

    • If destination_type is set to net, the value of destination must be a CIDR block.
    • If destination_type is set to group, the value of destination must be an address book.
    • If destination_type is set to domain, the value of destination must be a domain name.
    destinationGroupCidrs List<String>

    Destination address book defined in the address list.

    destinationGroupType String

    The destination address book type in the access control policy.

    destinationType String

    The type of the destination address in the access control policy. Valid values: net, group, domain.

    hitTimes Number

    Control strategy of hits per second.

    lang String

    The language of the content within the request and response. Valid values: zh, en.

    memberUid String

    The UID of the member account of the current Alibaba cloud account.

    order Number

    The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

    proto String

    The type of the protocol in the access control policy. Valid values: ANY, TCP, UDP, ICMP.

    release Boolean

    The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:

    source String

    Access control over VPC firewalls strategy in the source address.

    sourceGroupCidrs List<String>

    SOURCE address of the address list.

    sourceGroupType String

    The source address type in the access control policy.

    sourceType String

    The type of the source address in the access control policy. Valid values: net, group.

    vpcFirewallId String

    The ID of the VPC firewall instance. Valid values:

    • When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
    • When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.

    Import

    Cloud Firewall Vpc Firewall Control Policy can be imported using the id, e.g.

     $ pulumi import alicloud:cloudfirewall/firewallVpcFirewallControlPolicy:FirewallVpcFirewallControlPolicy example <vpc_firewall_id>:<acl_uuid>
    

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the alicloud Terraform Provider.

    alicloud logo
    Alibaba Cloud v3.43.1 published on Monday, Sep 11, 2023 by Pulumi