alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy
Explore with Pulumi AI
Provides a Cloud Firewall Vpc Firewall Control Policy resource.
For information about Cloud Firewall Vpc Firewall Control Policy and how to use it, see What is Vpc Firewall Control Policy.
NOTE: Available since v1.194.0.
Example Usage
Basic Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var defaultAccount = AliCloud.GetAccount.Invoke();
var defaultInstance = new AliCloud.Cen.Instance("defaultInstance", new()
{
CenInstanceName = @var.Name,
Description = "example_value",
Tags =
{
{ "Created", "TF" },
{ "For", "acceptance test" },
},
});
var defaultFirewallVpcFirewallControlPolicy = new AliCloud.CloudFirewall.FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", new()
{
Order = 1,
Destination = "127.0.0.2/32",
ApplicationName = "ANY",
Description = "example_value",
SourceType = "net",
DestPort = "80/88",
AclAction = "accept",
Lang = "zh",
DestinationType = "net",
Source = "127.0.0.1/32",
DestPortType = "port",
Proto = "TCP",
Release = true,
MemberUid = defaultAccount.Apply(getAccountResult => getAccountResult.Id),
VpcFirewallId = defaultInstance.Id,
});
});
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cen"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
defaultAccount, err := alicloud.GetAccount(ctx, nil, nil)
if err != nil {
return err
}
defaultInstance, err := cen.NewInstance(ctx, "defaultInstance", &cen.InstanceArgs{
CenInstanceName: pulumi.Any(_var.Name),
Description: pulumi.String("example_value"),
Tags: pulumi.AnyMap{
"Created": pulumi.Any("TF"),
"For": pulumi.Any("acceptance test"),
},
})
if err != nil {
return err
}
_, err = cloudfirewall.NewFirewallVpcFirewallControlPolicy(ctx, "defaultFirewallVpcFirewallControlPolicy", &cloudfirewall.FirewallVpcFirewallControlPolicyArgs{
Order: pulumi.Int(1),
Destination: pulumi.String("127.0.0.2/32"),
ApplicationName: pulumi.String("ANY"),
Description: pulumi.String("example_value"),
SourceType: pulumi.String("net"),
DestPort: pulumi.String("80/88"),
AclAction: pulumi.String("accept"),
Lang: pulumi.String("zh"),
DestinationType: pulumi.String("net"),
Source: pulumi.String("127.0.0.1/32"),
DestPortType: pulumi.String("port"),
Proto: pulumi.String("TCP"),
Release: pulumi.Bool(true),
MemberUid: *pulumi.String(defaultAccount.Id),
VpcFirewallId: defaultInstance.ID(),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.cen.Instance;
import com.pulumi.alicloud.cen.InstanceArgs;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var defaultAccount = AlicloudFunctions.getAccount();
var defaultInstance = new Instance("defaultInstance", InstanceArgs.builder()
.cenInstanceName(var_.name())
.description("example_value")
.tags(Map.ofEntries(
Map.entry("Created", "TF"),
Map.entry("For", "acceptance test")
))
.build());
var defaultFirewallVpcFirewallControlPolicy = new FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", FirewallVpcFirewallControlPolicyArgs.builder()
.order("1")
.destination("127.0.0.2/32")
.applicationName("ANY")
.description("example_value")
.sourceType("net")
.destPort("80/88")
.aclAction("accept")
.lang("zh")
.destinationType("net")
.source("127.0.0.1/32")
.destPortType("port")
.proto("TCP")
.release(true)
.memberUid(defaultAccount.applyValue(getAccountResult -> getAccountResult.id()))
.vpcFirewallId(defaultInstance.id())
.build());
}
}
import pulumi
import pulumi_alicloud as alicloud
default_account = alicloud.get_account()
default_instance = alicloud.cen.Instance("defaultInstance",
cen_instance_name=var["name"],
description="example_value",
tags={
"Created": "TF",
"For": "acceptance test",
})
default_firewall_vpc_firewall_control_policy = alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy",
order=1,
destination="127.0.0.2/32",
application_name="ANY",
description="example_value",
source_type="net",
dest_port="80/88",
acl_action="accept",
lang="zh",
destination_type="net",
source="127.0.0.1/32",
dest_port_type="port",
proto="TCP",
release=True,
member_uid=default_account.id,
vpc_firewall_id=default_instance.id)
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const defaultAccount = alicloud.getAccount({});
const defaultInstance = new alicloud.cen.Instance("defaultInstance", {
cenInstanceName: _var.name,
description: "example_value",
tags: {
Created: "TF",
For: "acceptance test",
},
});
const defaultFirewallVpcFirewallControlPolicy = new alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", {
order: 1,
destination: "127.0.0.2/32",
applicationName: "ANY",
description: "example_value",
sourceType: "net",
destPort: "80/88",
aclAction: "accept",
lang: "zh",
destinationType: "net",
source: "127.0.0.1/32",
destPortType: "port",
proto: "TCP",
release: true,
memberUid: defaultAccount.then(defaultAccount => defaultAccount.id),
vpcFirewallId: defaultInstance.id,
});
resources:
defaultInstance:
type: alicloud:cen:Instance
properties:
cenInstanceName: ${var.name}
description: example_value
tags:
Created: TF
For: acceptance test
defaultFirewallVpcFirewallControlPolicy:
type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
properties:
order: '1'
destination: 127.0.0.2/32
applicationName: ANY
description: example_value
sourceType: net
destPort: 80/88
aclAction: accept
lang: zh
destinationType: net
source: 127.0.0.1/32
destPortType: port
proto: TCP
release: true
memberUid: ${defaultAccount.id}
vpcFirewallId: ${defaultInstance.id}
variables:
defaultAccount:
fn::invoke:
Function: alicloud:getAccount
Arguments: {}
Create FirewallVpcFirewallControlPolicy Resource
new FirewallVpcFirewallControlPolicy(name: string, args: FirewallVpcFirewallControlPolicyArgs, opts?: CustomResourceOptions);
@overload
def FirewallVpcFirewallControlPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
acl_action: Optional[str] = None,
application_name: Optional[str] = None,
description: Optional[str] = None,
dest_port: Optional[str] = None,
dest_port_group: Optional[str] = None,
dest_port_type: Optional[str] = None,
destination: Optional[str] = None,
destination_type: Optional[str] = None,
lang: Optional[str] = None,
member_uid: Optional[str] = None,
order: Optional[int] = None,
proto: Optional[str] = None,
release: Optional[bool] = None,
source: Optional[str] = None,
source_type: Optional[str] = None,
vpc_firewall_id: Optional[str] = None)
@overload
def FirewallVpcFirewallControlPolicy(resource_name: str,
args: FirewallVpcFirewallControlPolicyArgs,
opts: Optional[ResourceOptions] = None)
func NewFirewallVpcFirewallControlPolicy(ctx *Context, name string, args FirewallVpcFirewallControlPolicyArgs, opts ...ResourceOption) (*FirewallVpcFirewallControlPolicy, error)
public FirewallVpcFirewallControlPolicy(string name, FirewallVpcFirewallControlPolicyArgs args, CustomResourceOptions? opts = null)
public FirewallVpcFirewallControlPolicy(String name, FirewallVpcFirewallControlPolicyArgs args)
public FirewallVpcFirewallControlPolicy(String name, FirewallVpcFirewallControlPolicyArgs args, CustomResourceOptions options)
type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallVpcFirewallControlPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallVpcFirewallControlPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallVpcFirewallControlPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallVpcFirewallControlPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallVpcFirewallControlPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
FirewallVpcFirewallControlPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The FirewallVpcFirewallControlPolicy resource accepts the following input properties:
- Acl
Action string The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- Application
Name string The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- Description string
Access control over VPC firewalls description of the strategy information.
- Destination string
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- Destination
Type string The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- Order int
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- Proto string
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- Source string
Access control over VPC firewalls strategy in the source address.
- Source
Type string The type of the source address in the access control policy. Valid values:
net
,group
.- Vpc
Firewall stringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- Dest
Port string The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- Dest
Port stringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- Dest
Port stringType The type of the destination port in the access control policy. Valid values:
port
,group
.- Lang string
The language of the content within the request and response. Valid values:
zh
,en
.- Member
Uid string The UID of the member account of the current Alibaba cloud account.
- Release bool
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- Acl
Action string The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- Application
Name string The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- Description string
Access control over VPC firewalls description of the strategy information.
- Destination string
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- Destination
Type string The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- Order int
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- Proto string
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- Source string
Access control over VPC firewalls strategy in the source address.
- Source
Type string The type of the source address in the access control policy. Valid values:
net
,group
.- Vpc
Firewall stringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- Dest
Port string The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- Dest
Port stringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- Dest
Port stringType The type of the destination port in the access control policy. Valid values:
port
,group
.- Lang string
The language of the content within the request and response. Valid values:
zh
,en
.- Member
Uid string The UID of the member account of the current Alibaba cloud account.
- Release bool
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- acl
Action String The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- application
Name String The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description String
Access control over VPC firewalls description of the strategy information.
- destination String
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination
Type String The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- order Integer
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto String
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- source String
Access control over VPC firewalls strategy in the source address.
- source
Type String The type of the source address in the access control policy. Valid values:
net
,group
.- vpc
Firewall StringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- dest
Port String The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest
Port StringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest
Port StringType The type of the destination port in the access control policy. Valid values:
port
,group
.- lang String
The language of the content within the request and response. Valid values:
zh
,en
.- member
Uid String The UID of the member account of the current Alibaba cloud account.
- release Boolean
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- acl
Action string The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- application
Name string The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description string
Access control over VPC firewalls description of the strategy information.
- destination string
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination
Type string The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- order number
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto string
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- source string
Access control over VPC firewalls strategy in the source address.
- source
Type string The type of the source address in the access control policy. Valid values:
net
,group
.- vpc
Firewall stringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- dest
Port string The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest
Port stringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest
Port stringType The type of the destination port in the access control policy. Valid values:
port
,group
.- lang string
The language of the content within the request and response. Valid values:
zh
,en
.- member
Uid string The UID of the member account of the current Alibaba cloud account.
- release boolean
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- acl_
action str The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- application_
name str The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description str
Access control over VPC firewalls description of the strategy information.
- destination str
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination_
type str The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- order int
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto str
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- source str
Access control over VPC firewalls strategy in the source address.
- source_
type str The type of the source address in the access control policy. Valid values:
net
,group
.- vpc_
firewall_ strid The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- dest_
port str The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest_
port_ strgroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest_
port_ strtype The type of the destination port in the access control policy. Valid values:
port
,group
.- lang str
The language of the content within the request and response. Valid values:
zh
,en
.- member_
uid str The UID of the member account of the current Alibaba cloud account.
- release bool
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- acl
Action String The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- application
Name String The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description String
Access control over VPC firewalls description of the strategy information.
- destination String
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination
Type String The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- order Number
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto String
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- source String
Access control over VPC firewalls strategy in the source address.
- source
Type String The type of the source address in the access control policy. Valid values:
net
,group
.- vpc
Firewall StringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- dest
Port String The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest
Port StringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest
Port StringType The type of the destination port in the access control policy. Valid values:
port
,group
.- lang String
The language of the content within the request and response. Valid values:
zh
,en
.- member
Uid String The UID of the member account of the current Alibaba cloud account.
- release Boolean
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
Outputs
All input properties are implicitly available as output properties. Additionally, the FirewallVpcFirewallControlPolicy resource produces the following output properties:
- Acl
Uuid string Access control over VPC firewalls strategy unique identifier.
- Application
Id string Policy specifies the application ID.
- Dest
Port List<string>Group Ports Port Address Book port list.
- Destination
Group List<string>Cidrs Destination address book defined in the address list.
- Destination
Group stringType The destination address book type in the access control policy.
- Hit
Times int Control strategy of hits per second.
- Id string
The provider-assigned unique ID for this managed resource.
- Source
Group List<string>Cidrs SOURCE address of the address list.
- Source
Group stringType The source address type in the access control policy.
- Acl
Uuid string Access control over VPC firewalls strategy unique identifier.
- Application
Id string Policy specifies the application ID.
- Dest
Port []stringGroup Ports Port Address Book port list.
- Destination
Group []stringCidrs Destination address book defined in the address list.
- Destination
Group stringType The destination address book type in the access control policy.
- Hit
Times int Control strategy of hits per second.
- Id string
The provider-assigned unique ID for this managed resource.
- Source
Group []stringCidrs SOURCE address of the address list.
- Source
Group stringType The source address type in the access control policy.
- acl
Uuid String Access control over VPC firewalls strategy unique identifier.
- application
Id String Policy specifies the application ID.
- dest
Port List<String>Group Ports Port Address Book port list.
- destination
Group List<String>Cidrs Destination address book defined in the address list.
- destination
Group StringType The destination address book type in the access control policy.
- hit
Times Integer Control strategy of hits per second.
- id String
The provider-assigned unique ID for this managed resource.
- source
Group List<String>Cidrs SOURCE address of the address list.
- source
Group StringType The source address type in the access control policy.
- acl
Uuid string Access control over VPC firewalls strategy unique identifier.
- application
Id string Policy specifies the application ID.
- dest
Port string[]Group Ports Port Address Book port list.
- destination
Group string[]Cidrs Destination address book defined in the address list.
- destination
Group stringType The destination address book type in the access control policy.
- hit
Times number Control strategy of hits per second.
- id string
The provider-assigned unique ID for this managed resource.
- source
Group string[]Cidrs SOURCE address of the address list.
- source
Group stringType The source address type in the access control policy.
- acl_
uuid str Access control over VPC firewalls strategy unique identifier.
- application_
id str Policy specifies the application ID.
- dest_
port_ Sequence[str]group_ ports Port Address Book port list.
- destination_
group_ Sequence[str]cidrs Destination address book defined in the address list.
- destination_
group_ strtype The destination address book type in the access control policy.
- hit_
times int Control strategy of hits per second.
- id str
The provider-assigned unique ID for this managed resource.
- source_
group_ Sequence[str]cidrs SOURCE address of the address list.
- source_
group_ strtype The source address type in the access control policy.
- acl
Uuid String Access control over VPC firewalls strategy unique identifier.
- application
Id String Policy specifies the application ID.
- dest
Port List<String>Group Ports Port Address Book port list.
- destination
Group List<String>Cidrs Destination address book defined in the address list.
- destination
Group StringType The destination address book type in the access control policy.
- hit
Times Number Control strategy of hits per second.
- id String
The provider-assigned unique ID for this managed resource.
- source
Group List<String>Cidrs SOURCE address of the address list.
- source
Group StringType The source address type in the access control policy.
Look up Existing FirewallVpcFirewallControlPolicy Resource
Get an existing FirewallVpcFirewallControlPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FirewallVpcFirewallControlPolicyState, opts?: CustomResourceOptions): FirewallVpcFirewallControlPolicy
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
acl_action: Optional[str] = None,
acl_uuid: Optional[str] = None,
application_id: Optional[str] = None,
application_name: Optional[str] = None,
description: Optional[str] = None,
dest_port: Optional[str] = None,
dest_port_group: Optional[str] = None,
dest_port_group_ports: Optional[Sequence[str]] = None,
dest_port_type: Optional[str] = None,
destination: Optional[str] = None,
destination_group_cidrs: Optional[Sequence[str]] = None,
destination_group_type: Optional[str] = None,
destination_type: Optional[str] = None,
hit_times: Optional[int] = None,
lang: Optional[str] = None,
member_uid: Optional[str] = None,
order: Optional[int] = None,
proto: Optional[str] = None,
release: Optional[bool] = None,
source: Optional[str] = None,
source_group_cidrs: Optional[Sequence[str]] = None,
source_group_type: Optional[str] = None,
source_type: Optional[str] = None,
vpc_firewall_id: Optional[str] = None) -> FirewallVpcFirewallControlPolicy
func GetFirewallVpcFirewallControlPolicy(ctx *Context, name string, id IDInput, state *FirewallVpcFirewallControlPolicyState, opts ...ResourceOption) (*FirewallVpcFirewallControlPolicy, error)
public static FirewallVpcFirewallControlPolicy Get(string name, Input<string> id, FirewallVpcFirewallControlPolicyState? state, CustomResourceOptions? opts = null)
public static FirewallVpcFirewallControlPolicy get(String name, Output<String> id, FirewallVpcFirewallControlPolicyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Acl
Action string The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- Acl
Uuid string Access control over VPC firewalls strategy unique identifier.
- Application
Id string Policy specifies the application ID.
- Application
Name string The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- Description string
Access control over VPC firewalls description of the strategy information.
- Dest
Port string The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- Dest
Port stringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- Dest
Port List<string>Group Ports Port Address Book port list.
- Dest
Port stringType The type of the destination port in the access control policy. Valid values:
port
,group
.- Destination string
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- Destination
Group List<string>Cidrs Destination address book defined in the address list.
- Destination
Group stringType The destination address book type in the access control policy.
- Destination
Type string The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- Hit
Times int Control strategy of hits per second.
- Lang string
The language of the content within the request and response. Valid values:
zh
,en
.- Member
Uid string The UID of the member account of the current Alibaba cloud account.
- Order int
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- Proto string
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- Release bool
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- Source string
Access control over VPC firewalls strategy in the source address.
- Source
Group List<string>Cidrs SOURCE address of the address list.
- Source
Group stringType The source address type in the access control policy.
- Source
Type string The type of the source address in the access control policy. Valid values:
net
,group
.- Vpc
Firewall stringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- Acl
Action string The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- Acl
Uuid string Access control over VPC firewalls strategy unique identifier.
- Application
Id string Policy specifies the application ID.
- Application
Name string The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- Description string
Access control over VPC firewalls description of the strategy information.
- Dest
Port string The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- Dest
Port stringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- Dest
Port []stringGroup Ports Port Address Book port list.
- Dest
Port stringType The type of the destination port in the access control policy. Valid values:
port
,group
.- Destination string
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- Destination
Group []stringCidrs Destination address book defined in the address list.
- Destination
Group stringType The destination address book type in the access control policy.
- Destination
Type string The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- Hit
Times int Control strategy of hits per second.
- Lang string
The language of the content within the request and response. Valid values:
zh
,en
.- Member
Uid string The UID of the member account of the current Alibaba cloud account.
- Order int
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- Proto string
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- Release bool
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- Source string
Access control over VPC firewalls strategy in the source address.
- Source
Group []stringCidrs SOURCE address of the address list.
- Source
Group stringType The source address type in the access control policy.
- Source
Type string The type of the source address in the access control policy. Valid values:
net
,group
.- Vpc
Firewall stringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- acl
Action String The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- acl
Uuid String Access control over VPC firewalls strategy unique identifier.
- application
Id String Policy specifies the application ID.
- application
Name String The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description String
Access control over VPC firewalls description of the strategy information.
- dest
Port String The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest
Port StringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest
Port List<String>Group Ports Port Address Book port list.
- dest
Port StringType The type of the destination port in the access control policy. Valid values:
port
,group
.- destination String
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination
Group List<String>Cidrs Destination address book defined in the address list.
- destination
Group StringType The destination address book type in the access control policy.
- destination
Type String The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- hit
Times Integer Control strategy of hits per second.
- lang String
The language of the content within the request and response. Valid values:
zh
,en
.- member
Uid String The UID of the member account of the current Alibaba cloud account.
- order Integer
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto String
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- release Boolean
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- source String
Access control over VPC firewalls strategy in the source address.
- source
Group List<String>Cidrs SOURCE address of the address list.
- source
Group StringType The source address type in the access control policy.
- source
Type String The type of the source address in the access control policy. Valid values:
net
,group
.- vpc
Firewall StringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- acl
Action string The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- acl
Uuid string Access control over VPC firewalls strategy unique identifier.
- application
Id string Policy specifies the application ID.
- application
Name string The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description string
Access control over VPC firewalls description of the strategy information.
- dest
Port string The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest
Port stringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest
Port string[]Group Ports Port Address Book port list.
- dest
Port stringType The type of the destination port in the access control policy. Valid values:
port
,group
.- destination string
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination
Group string[]Cidrs Destination address book defined in the address list.
- destination
Group stringType The destination address book type in the access control policy.
- destination
Type string The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- hit
Times number Control strategy of hits per second.
- lang string
The language of the content within the request and response. Valid values:
zh
,en
.- member
Uid string The UID of the member account of the current Alibaba cloud account.
- order number
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto string
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- release boolean
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- source string
Access control over VPC firewalls strategy in the source address.
- source
Group string[]Cidrs SOURCE address of the address list.
- source
Group stringType The source address type in the access control policy.
- source
Type string The type of the source address in the access control policy. Valid values:
net
,group
.- vpc
Firewall stringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- acl_
action str The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- acl_
uuid str Access control over VPC firewalls strategy unique identifier.
- application_
id str Policy specifies the application ID.
- application_
name str The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description str
Access control over VPC firewalls description of the strategy information.
- dest_
port str The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest_
port_ strgroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest_
port_ Sequence[str]group_ ports Port Address Book port list.
- dest_
port_ strtype The type of the destination port in the access control policy. Valid values:
port
,group
.- destination str
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination_
group_ Sequence[str]cidrs Destination address book defined in the address list.
- destination_
group_ strtype The destination address book type in the access control policy.
- destination_
type str The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- hit_
times int Control strategy of hits per second.
- lang str
The language of the content within the request and response. Valid values:
zh
,en
.- member_
uid str The UID of the member account of the current Alibaba cloud account.
- order int
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto str
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- release bool
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- source str
Access control over VPC firewalls strategy in the source address.
- source_
group_ Sequence[str]cidrs SOURCE address of the address list.
- source_
group_ strtype The source address type in the access control policy.
- source_
type str The type of the source address in the access control policy. Valid values:
net
,group
.- vpc_
firewall_ strid The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
- acl
Action String The action that Cloud Firewall performs on the traffic. Valid values:
accept
,drop
,log
.- acl
Uuid String Access control over VPC firewalls strategy unique identifier.
- application
Id String Policy specifies the application ID.
- application
Name String The type of the applications that the access control policy supports. Valid values:
FTP
,HTTP
,HTTPS
,MySQL
,SMTP
,SMTPS
,RDP
,VNC
,SSH
,Redis
,MQTT
,MongoDB
,Memcache
,SSL
,ANY
.- description String
Access control over VPC firewalls description of the strategy information.
- dest
Port String The destination port in the access control policy. Note: If
dest_port_type
is set toport
, you must specify this parameter.- dest
Port StringGroup Access control policy in the access traffic of the destination port address book name. Note: If
dest_port_type
is set togroup
, you must specify this parameter.- dest
Port List<String>Group Ports Port Address Book port list.
- dest
Port StringType The type of the destination port in the access control policy. Valid values:
port
,group
.- destination String
The destination address in the access control policy. Valid values:
- If
destination_type
is set tonet
, the value ofdestination
must be a CIDR block. - If
destination_type
is set togroup
, the value ofdestination
must be an address book. - If
destination_type
is set todomain
, the value ofdestination
must be a domain name.
- If
- destination
Group List<String>Cidrs Destination address book defined in the address list.
- destination
Group StringType The destination address book type in the access control policy.
- destination
Type String The type of the destination address in the access control policy. Valid values:
net
,group
,domain
.- hit
Times Number Control strategy of hits per second.
- lang String
The language of the content within the request and response. Valid values:
zh
,en
.- member
Uid String The UID of the member account of the current Alibaba cloud account.
- order Number
The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.
- proto String
The type of the protocol in the access control policy. Valid values:
ANY
,TCP
,UDP
,ICMP
.- release Boolean
The enabled status of the access control policy. The policy is enabled by default after it is created.. Valid values:
- source String
Access control over VPC firewalls strategy in the source address.
- source
Group List<String>Cidrs SOURCE address of the address list.
- source
Group StringType The source address type in the access control policy.
- source
Type String The type of the source address in the access control policy. Valid values:
net
,group
.- vpc
Firewall StringId The ID of the VPC firewall instance. Valid values:
- When the VPC firewall protects traffic between two VPCs connected through the cloud enterprise network, the policy group ID uses the cloud enterprise network instance ID.
- When the VPC firewall protects traffic between two VPCs connected through the express connection, the policy group ID uses the ID of the VPC firewall instance.
Import
Cloud Firewall Vpc Firewall Control Policy can be imported using the id, e.g.
$ pulumi import alicloud:cloudfirewall/firewallVpcFirewallControlPolicy:FirewallVpcFirewallControlPolicy example <vpc_firewall_id>:<acl_uuid>
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
alicloud
Terraform Provider.