Docs Home
opentelekomcloud.IdentityAclV3
Explore with Pulumi AI
Up-to-date reference of API arguments for IAM agency you can get at documentation portal
Manages an ACL resource within OpenTelekomCloud IAM service. The ACL allows user access only from specified IP address ranges and IPv4 CIDR blocks. The ACL takes effect for IAM users under the Domain account rather than the account itself.
NOTE: You must have admin privileges to use this resource.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as opentelekomcloud from "@pulumi/opentelekomcloud";
const acl = new opentelekomcloud.IdentityAclV3("acl", {
ipCidrs: [{
cidr: "159.138.39.192/32",
description: "This is a test ip address",
}],
ipRanges: [{
description: "This is a test ip range",
range: "0.0.0.0-255.255.255.0",
}],
type: "console",
});
import pulumi
import pulumi_opentelekomcloud as opentelekomcloud
acl = opentelekomcloud.IdentityAclV3("acl",
ip_cidrs=[{
"cidr": "159.138.39.192/32",
"description": "This is a test ip address",
}],
ip_ranges=[{
"description": "This is a test ip range",
"range": "0.0.0.0-255.255.255.0",
}],
type="console")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/opentelekomcloud/opentelekomcloud"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := opentelekomcloud.NewIdentityAclV3(ctx, "acl", &opentelekomcloud.IdentityAclV3Args{
IpCidrs: opentelekomcloud.IdentityAclV3IpCidrArray{
&opentelekomcloud.IdentityAclV3IpCidrArgs{
Cidr: pulumi.String("159.138.39.192/32"),
Description: pulumi.String("This is a test ip address"),
},
},
IpRanges: opentelekomcloud.IdentityAclV3IpRangeArray{
&opentelekomcloud.IdentityAclV3IpRangeArgs{
Description: pulumi.String("This is a test ip range"),
Range: pulumi.String("0.0.0.0-255.255.255.0"),
},
},
Type: pulumi.String("console"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Opentelekomcloud = Pulumi.Opentelekomcloud;
return await Deployment.RunAsync(() =>
{
var acl = new Opentelekomcloud.IdentityAclV3("acl", new()
{
IpCidrs = new[]
{
new Opentelekomcloud.Inputs.IdentityAclV3IpCidrArgs
{
Cidr = "159.138.39.192/32",
Description = "This is a test ip address",
},
},
IpRanges = new[]
{
new Opentelekomcloud.Inputs.IdentityAclV3IpRangeArgs
{
Description = "This is a test ip range",
Range = "0.0.0.0-255.255.255.0",
},
},
Type = "console",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.opentelekomcloud.IdentityAclV3;
import com.pulumi.opentelekomcloud.IdentityAclV3Args;
import com.pulumi.opentelekomcloud.inputs.IdentityAclV3IpCidrArgs;
import com.pulumi.opentelekomcloud.inputs.IdentityAclV3IpRangeArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var acl = new IdentityAclV3("acl", IdentityAclV3Args.builder()
.ipCidrs(IdentityAclV3IpCidrArgs.builder()
.cidr("159.138.39.192/32")
.description("This is a test ip address")
.build())
.ipRanges(IdentityAclV3IpRangeArgs.builder()
.description("This is a test ip range")
.range("0.0.0.0-255.255.255.0")
.build())
.type("console")
.build());
}
}
resources:
acl:
type: opentelekomcloud:IdentityAclV3
properties:
ipCidrs:
- cidr: 159.138.39.192/32
description: This is a test ip address
ipRanges:
- description: This is a test ip range
range: 0.0.0.0-255.255.255.0
type: console
Create IdentityAclV3 Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IdentityAclV3(name: string, args: IdentityAclV3Args, opts?: CustomResourceOptions);@overload
def IdentityAclV3(resource_name: str,
args: IdentityAclV3Args,
opts: Optional[ResourceOptions] = None)
@overload
def IdentityAclV3(resource_name: str,
opts: Optional[ResourceOptions] = None,
type: Optional[str] = None,
identity_acl_v3_id: Optional[str] = None,
ip_cidrs: Optional[Sequence[IdentityAclV3IpCidrArgs]] = None,
ip_ranges: Optional[Sequence[IdentityAclV3IpRangeArgs]] = None)func NewIdentityAclV3(ctx *Context, name string, args IdentityAclV3Args, opts ...ResourceOption) (*IdentityAclV3, error)public IdentityAclV3(string name, IdentityAclV3Args args, CustomResourceOptions? opts = null)
public IdentityAclV3(String name, IdentityAclV3Args args)
public IdentityAclV3(String name, IdentityAclV3Args args, CustomResourceOptions options)
type: opentelekomcloud:IdentityAclV3
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IdentityAclV3Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IdentityAclV3Args
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IdentityAclV3Args
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IdentityAclV3Args
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IdentityAclV3Args
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var identityAclV3Resource = new Opentelekomcloud.IdentityAclV3("identityAclV3Resource", new()
{
Type = "string",
IdentityAclV3Id = "string",
IpCidrs = new[]
{
new Opentelekomcloud.Inputs.IdentityAclV3IpCidrArgs
{
Cidr = "string",
Description = "string",
},
},
IpRanges = new[]
{
new Opentelekomcloud.Inputs.IdentityAclV3IpRangeArgs
{
Range = "string",
Description = "string",
},
},
});
example, err := opentelekomcloud.NewIdentityAclV3(ctx, "identityAclV3Resource", &opentelekomcloud.IdentityAclV3Args{
Type: pulumi.String("string"),
IdentityAclV3Id: pulumi.String("string"),
IpCidrs: opentelekomcloud.IdentityAclV3IpCidrArray{
&opentelekomcloud.IdentityAclV3IpCidrArgs{
Cidr: pulumi.String("string"),
Description: pulumi.String("string"),
},
},
IpRanges: opentelekomcloud.IdentityAclV3IpRangeArray{
&opentelekomcloud.IdentityAclV3IpRangeArgs{
Range: pulumi.String("string"),
Description: pulumi.String("string"),
},
},
})
var identityAclV3Resource = new IdentityAclV3("identityAclV3Resource", IdentityAclV3Args.builder()
.type("string")
.identityAclV3Id("string")
.ipCidrs(IdentityAclV3IpCidrArgs.builder()
.cidr("string")
.description("string")
.build())
.ipRanges(IdentityAclV3IpRangeArgs.builder()
.range("string")
.description("string")
.build())
.build());
identity_acl_v3_resource = opentelekomcloud.IdentityAclV3("identityAclV3Resource",
type="string",
identity_acl_v3_id="string",
ip_cidrs=[{
"cidr": "string",
"description": "string",
}],
ip_ranges=[{
"range": "string",
"description": "string",
}])
const identityAclV3Resource = new opentelekomcloud.IdentityAclV3("identityAclV3Resource", {
type: "string",
identityAclV3Id: "string",
ipCidrs: [{
cidr: "string",
description: "string",
}],
ipRanges: [{
range: "string",
description: "string",
}],
});
type: opentelekomcloud:IdentityAclV3
properties:
identityAclV3Id: string
ipCidrs:
- cidr: string
description: string
ipRanges:
- description: string
range: string
type: string
IdentityAclV3 Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IdentityAclV3 resource accepts the following input properties:
- Type string
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- Identity
Acl stringV3Id - The ID of identity ACL.
- Ip
Cidrs List<IdentityAcl V3Ip Cidr> - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - Ip
Ranges List<IdentityAcl V3Ip Range> Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:
- Type string
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- Identity
Acl stringV3Id - The ID of identity ACL.
- Ip
Cidrs []IdentityAcl V3Ip Cidr Args - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - Ip
Ranges []IdentityAcl V3Ip Range Args Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:
- type String
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity
Acl StringV3Id - The ID of identity ACL.
- ip
Cidrs List<IdentityAcl V3Ip Cidr> - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip
Ranges List<IdentityAcl V3Ip Range> Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:
- type string
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity
Acl stringV3Id - The ID of identity ACL.
- ip
Cidrs IdentityAcl V3Ip Cidr[] - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip
Ranges IdentityAcl V3Ip Range[] Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:
- type str
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity_
acl_ strv3_ id - The ID of identity ACL.
- ip_
cidrs Sequence[IdentityAcl V3Ip Cidr Args] - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip_
ranges Sequence[IdentityAcl V3Ip Range Args] Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:
- type String
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity
Acl StringV3Id - The ID of identity ACL.
- ip
Cidrs List<Property Map> - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip
Ranges List<Property Map> Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:
Outputs
All input properties are implicitly available as output properties. Additionally, the IdentityAclV3 resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing IdentityAclV3 Resource
Get an existing IdentityAclV3 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IdentityAclV3State, opts?: CustomResourceOptions): IdentityAclV3@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
identity_acl_v3_id: Optional[str] = None,
ip_cidrs: Optional[Sequence[IdentityAclV3IpCidrArgs]] = None,
ip_ranges: Optional[Sequence[IdentityAclV3IpRangeArgs]] = None,
type: Optional[str] = None) -> IdentityAclV3func GetIdentityAclV3(ctx *Context, name string, id IDInput, state *IdentityAclV3State, opts ...ResourceOption) (*IdentityAclV3, error)public static IdentityAclV3 Get(string name, Input<string> id, IdentityAclV3State? state, CustomResourceOptions? opts = null)public static IdentityAclV3 get(String name, Output<String> id, IdentityAclV3State state, CustomResourceOptions options)resources: _: type: opentelekomcloud:IdentityAclV3 get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Identity
Acl stringV3Id - The ID of identity ACL.
- Ip
Cidrs List<IdentityAcl V3Ip Cidr> - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - Ip
Ranges List<IdentityAcl V3Ip Range> Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:- Type string
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- Identity
Acl stringV3Id - The ID of identity ACL.
- Ip
Cidrs []IdentityAcl V3Ip Cidr Args - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - Ip
Ranges []IdentityAcl V3Ip Range Args Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:- Type string
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity
Acl StringV3Id - The ID of identity ACL.
- ip
Cidrs List<IdentityAcl V3Ip Cidr> - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip
Ranges List<IdentityAcl V3Ip Range> Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:- type String
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity
Acl stringV3Id - The ID of identity ACL.
- ip
Cidrs IdentityAcl V3Ip Cidr[] - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip
Ranges IdentityAcl V3Ip Range[] Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:- type string
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity_
acl_ strv3_ id - The ID of identity ACL.
- ip_
cidrs Sequence[IdentityAcl V3Ip Cidr Args] - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip_
ranges Sequence[IdentityAcl V3Ip Range Args] Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:- type str
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
- identity
Acl StringV3Id - The ID of identity ACL.
- ip
Cidrs List<Property Map> - Specifies the IPv4 CIDR blocks from which console access or api access is allowed.
The
ip_cidrscannot repeat. The object structure is documented below. - ip
Ranges List<Property Map> Specifies the IP address ranges from which console access or api access is allowed. The
ip_rangescannot repeat. The object structure is documented below.NOTE: Up to 200
ip_cidrsandip_rangescan be created in total for each access method.The
ip_cidrsblock supports:- type String
- Specifies the ACL is created through the Console or API. Valid values are console and api. Changing this parameter will create a new ACL.
Supporting Types
IdentityAclV3IpCidr, IdentityAclV3IpCidrArgs
- Cidr string
- Specifies the IPv4 CIDR block, for example, 192.168.0.0/24.
- Description string
- Specifies a description about an IP address range.
- Cidr string
- Specifies the IPv4 CIDR block, for example, 192.168.0.0/24.
- Description string
- Specifies a description about an IP address range.
- cidr String
- Specifies the IPv4 CIDR block, for example, 192.168.0.0/24.
- description String
- Specifies a description about an IP address range.
- cidr string
- Specifies the IPv4 CIDR block, for example, 192.168.0.0/24.
- description string
- Specifies a description about an IP address range.
- cidr str
- Specifies the IPv4 CIDR block, for example, 192.168.0.0/24.
- description str
- Specifies a description about an IP address range.
- cidr String
- Specifies the IPv4 CIDR block, for example, 192.168.0.0/24.
- description String
- Specifies a description about an IP address range.
IdentityAclV3IpRange, IdentityAclV3IpRangeArgs
- Range string
- Specifies the Ip address range, for example, 0.0.0.0-255.255.255.0.
- Description string
- Specifies a description about an IP address range.
- Range string
- Specifies the Ip address range, for example, 0.0.0.0-255.255.255.0.
- Description string
- Specifies a description about an IP address range.
- range String
- Specifies the Ip address range, for example, 0.0.0.0-255.255.255.0.
- description String
- Specifies a description about an IP address range.
- range string
- Specifies the Ip address range, for example, 0.0.0.0-255.255.255.0.
- description string
- Specifies a description about an IP address range.
- range str
- Specifies the Ip address range, for example, 0.0.0.0-255.255.255.0.
- description str
- Specifies a description about an IP address range.
- range String
- Specifies the Ip address range, for example, 0.0.0.0-255.255.255.0.
- description String
- Specifies a description about an IP address range.
Package Details
- Repository
- opentelekomcloud opentelekomcloud/terraform-provider-opentelekomcloud
- License
- Notes
- This Pulumi package is based on the
opentelekomcloudTerraform Provider.