Viewing docs for Alibaba Cloud v3.98.0
published on Saturday, Apr 4, 2026 by Pulumi
published on Saturday, Apr 4, 2026 by Pulumi
Viewing docs for Alibaba Cloud v3.98.0
published on Saturday, Apr 4, 2026 by Pulumi
published on Saturday, Apr 4, 2026 by Pulumi
Provides a Cloud Firewall Vpc Firewall Acl Engine Mode resource.
VPC boundary firewall engine mode.
For information about Cloud Firewall Vpc Firewall Acl Engine Mode and how to use it, see What is Vpc Firewall Acl Engine Mode.
NOTE: Available since v1.269.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const cen = new alicloud.cen.Instance("cen", {
description: "yqc-example001",
cenInstanceName: "yqc-example-CenInstance001",
});
const TR = new alicloud.cen.TransitRouter("TR", {cenId: cen.id});
const vpc1 = new alicloud.vpc.Network("vpc1", {
cidrBlock: "172.16.0.0/12",
vpcName: "yqc-vpc-example-001",
});
const vpc1vsw1 = new alicloud.vpc.Switch("vpc1vsw1", {
vpcId: vpc1.id,
zoneId: "cn-hangzhou-h",
cidrBlock: "172.16.1.0/24",
});
const vpc1vsw2 = new alicloud.vpc.Switch("vpc1vsw2", {
vpcId: vpc1.id,
zoneId: "cn-hangzhou-i",
cidrBlock: "172.16.2.0/24",
});
const tr_vpc1 = new alicloud.cen.TransitRouterVpcAttachment("tr-vpc1", {
vpcId: vpc1.id,
cenId: cen.id,
zoneMappings: [
{
vswitchId: vpc1vsw1.id,
zoneId: vpc1vsw1.zoneId,
},
{
vswitchId: vpc1vsw2.id,
zoneId: vpc1vsw2.zoneId,
},
],
transitRouterVpcAttachmentName: "example",
transitRouterAttachmentDescription: "111",
autoPublishRouteEnabled: true,
transitRouterId: TR.transitRouterId,
});
const _default = new alicloud.cloudfirewall.VpcFirewallAclEngineMode("default", {
strictMode: 0,
vpcFirewallId: cen.id,
memberUid: "1511928242963727",
});
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
cen = alicloud.cen.Instance("cen",
description="yqc-example001",
cen_instance_name="yqc-example-CenInstance001")
tr = alicloud.cen.TransitRouter("TR", cen_id=cen.id)
vpc1 = alicloud.vpc.Network("vpc1",
cidr_block="172.16.0.0/12",
vpc_name="yqc-vpc-example-001")
vpc1vsw1 = alicloud.vpc.Switch("vpc1vsw1",
vpc_id=vpc1.id,
zone_id="cn-hangzhou-h",
cidr_block="172.16.1.0/24")
vpc1vsw2 = alicloud.vpc.Switch("vpc1vsw2",
vpc_id=vpc1.id,
zone_id="cn-hangzhou-i",
cidr_block="172.16.2.0/24")
tr_vpc1 = alicloud.cen.TransitRouterVpcAttachment("tr-vpc1",
vpc_id=vpc1.id,
cen_id=cen.id,
zone_mappings=[
{
"vswitch_id": vpc1vsw1.id,
"zone_id": vpc1vsw1.zone_id,
},
{
"vswitch_id": vpc1vsw2.id,
"zone_id": vpc1vsw2.zone_id,
},
],
transit_router_vpc_attachment_name="example",
transit_router_attachment_description="111",
auto_publish_route_enabled=True,
transit_router_id=tr.transit_router_id)
default = alicloud.cloudfirewall.VpcFirewallAclEngineMode("default",
strict_mode=0,
vpc_firewall_id=cen.id,
member_uid="1511928242963727")
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cen"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpc"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
cen, err := cen.NewInstance(ctx, "cen", &cen.InstanceArgs{
Description: pulumi.String("yqc-example001"),
CenInstanceName: pulumi.String("yqc-example-CenInstance001"),
})
if err != nil {
return err
}
TR, err := cen.NewTransitRouter(ctx, "TR", &cen.TransitRouterArgs{
CenId: cen.ID(),
})
if err != nil {
return err
}
vpc1, err := vpc.NewNetwork(ctx, "vpc1", &vpc.NetworkArgs{
CidrBlock: pulumi.String("172.16.0.0/12"),
VpcName: pulumi.String("yqc-vpc-example-001"),
})
if err != nil {
return err
}
vpc1vsw1, err := vpc.NewSwitch(ctx, "vpc1vsw1", &vpc.SwitchArgs{
VpcId: vpc1.ID(),
ZoneId: pulumi.String("cn-hangzhou-h"),
CidrBlock: pulumi.String("172.16.1.0/24"),
})
if err != nil {
return err
}
vpc1vsw2, err := vpc.NewSwitch(ctx, "vpc1vsw2", &vpc.SwitchArgs{
VpcId: vpc1.ID(),
ZoneId: pulumi.String("cn-hangzhou-i"),
CidrBlock: pulumi.String("172.16.2.0/24"),
})
if err != nil {
return err
}
_, err = cen.NewTransitRouterVpcAttachment(ctx, "tr-vpc1", &cen.TransitRouterVpcAttachmentArgs{
VpcId: vpc1.ID(),
CenId: cen.ID(),
ZoneMappings: cen.TransitRouterVpcAttachmentZoneMappingArray{
&cen.TransitRouterVpcAttachmentZoneMappingArgs{
VswitchId: vpc1vsw1.ID(),
ZoneId: vpc1vsw1.ZoneId,
},
&cen.TransitRouterVpcAttachmentZoneMappingArgs{
VswitchId: vpc1vsw2.ID(),
ZoneId: vpc1vsw2.ZoneId,
},
},
TransitRouterVpcAttachmentName: pulumi.String("example"),
TransitRouterAttachmentDescription: pulumi.String("111"),
AutoPublishRouteEnabled: pulumi.Bool(true),
TransitRouterId: TR.TransitRouterId,
})
if err != nil {
return err
}
_, err = cloudfirewall.NewVpcFirewallAclEngineMode(ctx, "default", &cloudfirewall.VpcFirewallAclEngineModeArgs{
StrictMode: pulumi.Int(0),
VpcFirewallId: cen.ID(),
MemberUid: pulumi.String("1511928242963727"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var cen = new AliCloud.Cen.Instance("cen", new()
{
Description = "yqc-example001",
CenInstanceName = "yqc-example-CenInstance001",
});
var TR = new AliCloud.Cen.TransitRouter("TR", new()
{
CenId = cen.Id,
});
var vpc1 = new AliCloud.Vpc.Network("vpc1", new()
{
CidrBlock = "172.16.0.0/12",
VpcName = "yqc-vpc-example-001",
});
var vpc1vsw1 = new AliCloud.Vpc.Switch("vpc1vsw1", new()
{
VpcId = vpc1.Id,
ZoneId = "cn-hangzhou-h",
CidrBlock = "172.16.1.0/24",
});
var vpc1vsw2 = new AliCloud.Vpc.Switch("vpc1vsw2", new()
{
VpcId = vpc1.Id,
ZoneId = "cn-hangzhou-i",
CidrBlock = "172.16.2.0/24",
});
var tr_vpc1 = new AliCloud.Cen.TransitRouterVpcAttachment("tr-vpc1", new()
{
VpcId = vpc1.Id,
CenId = cen.Id,
ZoneMappings = new[]
{
new AliCloud.Cen.Inputs.TransitRouterVpcAttachmentZoneMappingArgs
{
VswitchId = vpc1vsw1.Id,
ZoneId = vpc1vsw1.ZoneId,
},
new AliCloud.Cen.Inputs.TransitRouterVpcAttachmentZoneMappingArgs
{
VswitchId = vpc1vsw2.Id,
ZoneId = vpc1vsw2.ZoneId,
},
},
TransitRouterVpcAttachmentName = "example",
TransitRouterAttachmentDescription = "111",
AutoPublishRouteEnabled = true,
TransitRouterId = TR.TransitRouterId,
});
var @default = new AliCloud.CloudFirewall.VpcFirewallAclEngineMode("default", new()
{
StrictMode = 0,
VpcFirewallId = cen.Id,
MemberUid = "1511928242963727",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.cen.Instance;
import com.pulumi.alicloud.cen.InstanceArgs;
import com.pulumi.alicloud.cen.TransitRouter;
import com.pulumi.alicloud.cen.TransitRouterArgs;
import com.pulumi.alicloud.vpc.Network;
import com.pulumi.alicloud.vpc.NetworkArgs;
import com.pulumi.alicloud.vpc.Switch;
import com.pulumi.alicloud.vpc.SwitchArgs;
import com.pulumi.alicloud.cen.TransitRouterVpcAttachment;
import com.pulumi.alicloud.cen.TransitRouterVpcAttachmentArgs;
import com.pulumi.alicloud.cen.inputs.TransitRouterVpcAttachmentZoneMappingArgs;
import com.pulumi.alicloud.cloudfirewall.VpcFirewallAclEngineMode;
import com.pulumi.alicloud.cloudfirewall.VpcFirewallAclEngineModeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
var cen = new Instance("cen", InstanceArgs.builder()
.description("yqc-example001")
.cenInstanceName("yqc-example-CenInstance001")
.build());
var tR = new TransitRouter("TR", TransitRouterArgs.builder()
.cenId(cen.id())
.build());
var vpc1 = new Network("vpc1", NetworkArgs.builder()
.cidrBlock("172.16.0.0/12")
.vpcName("yqc-vpc-example-001")
.build());
var vpc1vsw1 = new Switch("vpc1vsw1", SwitchArgs.builder()
.vpcId(vpc1.id())
.zoneId("cn-hangzhou-h")
.cidrBlock("172.16.1.0/24")
.build());
var vpc1vsw2 = new Switch("vpc1vsw2", SwitchArgs.builder()
.vpcId(vpc1.id())
.zoneId("cn-hangzhou-i")
.cidrBlock("172.16.2.0/24")
.build());
var tr_vpc1 = new TransitRouterVpcAttachment("tr-vpc1", TransitRouterVpcAttachmentArgs.builder()
.vpcId(vpc1.id())
.cenId(cen.id())
.zoneMappings(
TransitRouterVpcAttachmentZoneMappingArgs.builder()
.vswitchId(vpc1vsw1.id())
.zoneId(vpc1vsw1.zoneId())
.build(),
TransitRouterVpcAttachmentZoneMappingArgs.builder()
.vswitchId(vpc1vsw2.id())
.zoneId(vpc1vsw2.zoneId())
.build())
.transitRouterVpcAttachmentName("example")
.transitRouterAttachmentDescription("111")
.autoPublishRouteEnabled(true)
.transitRouterId(TR.transitRouterId())
.build());
var default_ = new VpcFirewallAclEngineMode("default", VpcFirewallAclEngineModeArgs.builder()
.strictMode(0)
.vpcFirewallId(cen.id())
.memberUid("1511928242963727")
.build());
}
}
configuration:
name:
type: string
default: terraform-example
resources:
cen:
type: alicloud:cen:Instance
properties:
description: yqc-example001
cenInstanceName: yqc-example-CenInstance001
TR:
type: alicloud:cen:TransitRouter
properties:
cenId: ${cen.id}
vpc1:
type: alicloud:vpc:Network
properties:
cidrBlock: 172.16.0.0/12
vpcName: yqc-vpc-example-001
vpc1vsw1:
type: alicloud:vpc:Switch
properties:
vpcId: ${vpc1.id}
zoneId: cn-hangzhou-h
cidrBlock: 172.16.1.0/24
vpc1vsw2:
type: alicloud:vpc:Switch
properties:
vpcId: ${vpc1.id}
zoneId: cn-hangzhou-i
cidrBlock: 172.16.2.0/24
tr-vpc1:
type: alicloud:cen:TransitRouterVpcAttachment
properties:
vpcId: ${vpc1.id}
cenId: ${cen.id}
zoneMappings:
- vswitchId: ${vpc1vsw1.id}
zoneId: ${vpc1vsw1.zoneId}
- vswitchId: ${vpc1vsw2.id}
zoneId: ${vpc1vsw2.zoneId}
transitRouterVpcAttachmentName: example
transitRouterAttachmentDescription: '111'
autoPublishRouteEnabled: true
transitRouterId: ${TR.transitRouterId}
default:
type: alicloud:cloudfirewall:VpcFirewallAclEngineMode
properties:
strictMode: '0'
vpcFirewallId: ${cen.id}
memberUid: '1511928242963727'
Deleting alicloud.cloudfirewall.VpcFirewallAclEngineMode or removing it from your configuration
Terraform cannot destroy resource alicloud.cloudfirewall.VpcFirewallAclEngineMode. Terraform will remove this resource from the state file, however resources may remain.
📚 Need more examples? VIEW MORE EXAMPLES
Create VpcFirewallAclEngineMode Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new VpcFirewallAclEngineMode(name: string, args: VpcFirewallAclEngineModeArgs, opts?: CustomResourceOptions);@overload
def VpcFirewallAclEngineMode(resource_name: str,
args: VpcFirewallAclEngineModeArgs,
opts: Optional[ResourceOptions] = None)
@overload
def VpcFirewallAclEngineMode(resource_name: str,
opts: Optional[ResourceOptions] = None,
strict_mode: Optional[int] = None,
vpc_firewall_id: Optional[str] = None,
member_uid: Optional[str] = None)func NewVpcFirewallAclEngineMode(ctx *Context, name string, args VpcFirewallAclEngineModeArgs, opts ...ResourceOption) (*VpcFirewallAclEngineMode, error)public VpcFirewallAclEngineMode(string name, VpcFirewallAclEngineModeArgs args, CustomResourceOptions? opts = null)
public VpcFirewallAclEngineMode(String name, VpcFirewallAclEngineModeArgs args)
public VpcFirewallAclEngineMode(String name, VpcFirewallAclEngineModeArgs args, CustomResourceOptions options)
type: alicloud:cloudfirewall:VpcFirewallAclEngineMode
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args VpcFirewallAclEngineModeArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args VpcFirewallAclEngineModeArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args VpcFirewallAclEngineModeArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args VpcFirewallAclEngineModeArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args VpcFirewallAclEngineModeArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var vpcFirewallAclEngineModeResource = new AliCloud.CloudFirewall.VpcFirewallAclEngineMode("vpcFirewallAclEngineModeResource", new()
{
StrictMode = 0,
VpcFirewallId = "string",
MemberUid = "string",
});
example, err := cloudfirewall.NewVpcFirewallAclEngineMode(ctx, "vpcFirewallAclEngineModeResource", &cloudfirewall.VpcFirewallAclEngineModeArgs{
StrictMode: pulumi.Int(0),
VpcFirewallId: pulumi.String("string"),
MemberUid: pulumi.String("string"),
})
var vpcFirewallAclEngineModeResource = new VpcFirewallAclEngineMode("vpcFirewallAclEngineModeResource", VpcFirewallAclEngineModeArgs.builder()
.strictMode(0)
.vpcFirewallId("string")
.memberUid("string")
.build());
vpc_firewall_acl_engine_mode_resource = alicloud.cloudfirewall.VpcFirewallAclEngineMode("vpcFirewallAclEngineModeResource",
strict_mode=0,
vpc_firewall_id="string",
member_uid="string")
const vpcFirewallAclEngineModeResource = new alicloud.cloudfirewall.VpcFirewallAclEngineMode("vpcFirewallAclEngineModeResource", {
strictMode: 0,
vpcFirewallId: "string",
memberUid: "string",
});
type: alicloud:cloudfirewall:VpcFirewallAclEngineMode
properties:
memberUid: string
strictMode: 0
vpcFirewallId: string
VpcFirewallAclEngineMode Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The VpcFirewallAclEngineMode resource accepts the following input properties:
- Strict
Mode int - The mode of the ACL engine. Possible values are
0,1. - Vpc
Firewall stringId - The ID of the VPC firewall.
- Member
Uid string - The ID of member account.
- Strict
Mode int - The mode of the ACL engine. Possible values are
0,1. - Vpc
Firewall stringId - The ID of the VPC firewall.
- Member
Uid string - The ID of member account.
- strict
Mode Integer - The mode of the ACL engine. Possible values are
0,1. - vpc
Firewall StringId - The ID of the VPC firewall.
- member
Uid String - The ID of member account.
- strict
Mode number - The mode of the ACL engine. Possible values are
0,1. - vpc
Firewall stringId - The ID of the VPC firewall.
- member
Uid string - The ID of member account.
- strict_
mode int - The mode of the ACL engine. Possible values are
0,1. - vpc_
firewall_ strid - The ID of the VPC firewall.
- member_
uid str - The ID of member account.
- strict
Mode Number - The mode of the ACL engine. Possible values are
0,1. - vpc
Firewall StringId - The ID of the VPC firewall.
- member
Uid String - The ID of member account.
Outputs
All input properties are implicitly available as output properties. Additionally, the VpcFirewallAclEngineMode resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing VpcFirewallAclEngineMode Resource
Get an existing VpcFirewallAclEngineMode resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: VpcFirewallAclEngineModeState, opts?: CustomResourceOptions): VpcFirewallAclEngineMode@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
member_uid: Optional[str] = None,
strict_mode: Optional[int] = None,
vpc_firewall_id: Optional[str] = None) -> VpcFirewallAclEngineModefunc GetVpcFirewallAclEngineMode(ctx *Context, name string, id IDInput, state *VpcFirewallAclEngineModeState, opts ...ResourceOption) (*VpcFirewallAclEngineMode, error)public static VpcFirewallAclEngineMode Get(string name, Input<string> id, VpcFirewallAclEngineModeState? state, CustomResourceOptions? opts = null)public static VpcFirewallAclEngineMode get(String name, Output<String> id, VpcFirewallAclEngineModeState state, CustomResourceOptions options)resources: _: type: alicloud:cloudfirewall:VpcFirewallAclEngineMode get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Member
Uid string - The ID of member account.
- Strict
Mode int - The mode of the ACL engine. Possible values are
0,1. - Vpc
Firewall stringId - The ID of the VPC firewall.
- Member
Uid string - The ID of member account.
- Strict
Mode int - The mode of the ACL engine. Possible values are
0,1. - Vpc
Firewall stringId - The ID of the VPC firewall.
- member
Uid String - The ID of member account.
- strict
Mode Integer - The mode of the ACL engine. Possible values are
0,1. - vpc
Firewall StringId - The ID of the VPC firewall.
- member
Uid string - The ID of member account.
- strict
Mode number - The mode of the ACL engine. Possible values are
0,1. - vpc
Firewall stringId - The ID of the VPC firewall.
- member_
uid str - The ID of member account.
- strict_
mode int - The mode of the ACL engine. Possible values are
0,1. - vpc_
firewall_ strid - The ID of the VPC firewall.
- member
Uid String - The ID of member account.
- strict
Mode Number - The mode of the ACL engine. Possible values are
0,1. - vpc
Firewall StringId - The ID of the VPC firewall.
Import
Cloud Firewall Vpc Firewall Acl Engine Mode can be imported using the id, e.g.
$ pulumi import alicloud:cloudfirewall/vpcFirewallAclEngineMode:VpcFirewallAclEngineMode example <vpc_firewall_id>
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Alibaba Cloud pulumi/pulumi-alicloud
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
alicloudTerraform Provider.
Viewing docs for Alibaba Cloud v3.98.0
published on Saturday, Apr 4, 2026 by Pulumi
published on Saturday, Apr 4, 2026 by Pulumi
