volcenginecc.clb.NlbSecurityPolicy

volcenginecc v0.0.32, Apr 23 26

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as volcenginecc from "@volcengine/pulumi-volcenginecc";

const cLBNLBSecurityPolicyDemo = new volcenginecc.clb.NlbSecurityPolicy("CLBNLBSecurityPolicyDemo", {
    ciphers: [
        "TLS_AES_128_CCM_SHA256",
        "TLS_AES_128_GCM_SHA256",
    ],
    projectName: "default",
    securityPolicyName: "ccapi-test-1",
    tags: [{
        key: "env",
        value: "test",
    }],
    tlsVersions: ["TLSv1.3"],
});

import pulumi
import pulumi_volcenginecc as volcenginecc

c_lbnlb_security_policy_demo = volcenginecc.clb.NlbSecurityPolicy("CLBNLBSecurityPolicyDemo",
    ciphers=[
        "TLS_AES_128_CCM_SHA256",
        "TLS_AES_128_GCM_SHA256",
    ],
    project_name="default",
    security_policy_name="ccapi-test-1",
    tags=[{
        "key": "env",
        "value": "test",
    }],
    tls_versions=["TLSv1.3"])

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/volcengine/pulumi-volcenginecc/sdk/go/volcenginecc/clb"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := clb.NewNlbSecurityPolicy(ctx, "CLBNLBSecurityPolicyDemo", &clb.NlbSecurityPolicyArgs{
			Ciphers: pulumi.StringArray{
				pulumi.String("TLS_AES_128_CCM_SHA256"),
				pulumi.String("TLS_AES_128_GCM_SHA256"),
			},
			ProjectName:        pulumi.String("default"),
			SecurityPolicyName: pulumi.String("ccapi-test-1"),
			Tags: clb.NlbSecurityPolicyTagArray{
				&clb.NlbSecurityPolicyTagArgs{
					Key:   pulumi.String("env"),
					Value: pulumi.String("test"),
				},
			},
			TlsVersions: pulumi.StringArray{
				pulumi.String("TLSv1.3"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Volcenginecc = Volcengine.Pulumi.Volcenginecc;

return await Deployment.RunAsync(() => 
{
    var cLBNLBSecurityPolicyDemo = new Volcenginecc.Clb.NlbSecurityPolicy("CLBNLBSecurityPolicyDemo", new()
    {
        Ciphers = new[]
        {
            "TLS_AES_128_CCM_SHA256",
            "TLS_AES_128_GCM_SHA256",
        },
        ProjectName = "default",
        SecurityPolicyName = "ccapi-test-1",
        Tags = new[]
        {
            new Volcenginecc.Clb.Inputs.NlbSecurityPolicyTagArgs
            {
                Key = "env",
                Value = "test",
            },
        },
        TlsVersions = new[]
        {
            "TLSv1.3",
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.volcengine.volcenginecc.clb.NlbSecurityPolicy;
import com.volcengine.volcenginecc.clb.NlbSecurityPolicyArgs;
import com.pulumi.volcenginecc.clb.inputs.NlbSecurityPolicyTagArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var cLBNLBSecurityPolicyDemo = new NlbSecurityPolicy("cLBNLBSecurityPolicyDemo", NlbSecurityPolicyArgs.builder()
            .ciphers(            
                "TLS_AES_128_CCM_SHA256",
                "TLS_AES_128_GCM_SHA256")
            .projectName("default")
            .securityPolicyName("ccapi-test-1")
            .tags(NlbSecurityPolicyTagArgs.builder()
                .key("env")
                .value("test")
                .build())
            .tlsVersions("TLSv1.3")
            .build());

    }
}

resources:
  cLBNLBSecurityPolicyDemo:
    type: volcenginecc:clb:NlbSecurityPolicy
    name: CLBNLBSecurityPolicyDemo
    properties:
      ciphers:
        - TLS_AES_128_CCM_SHA256
        - TLS_AES_128_GCM_SHA256
      projectName: default
      securityPolicyName: ccapi-test-1
      tags:
        - key: env
          value: test
      tlsVersions:
        - TLSv1.3

Create NlbSecurityPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new NlbSecurityPolicy(name: string, args: NlbSecurityPolicyArgs, opts?: CustomResourceOptions);

@overload
def NlbSecurityPolicy(resource_name: str,
                      args: NlbSecurityPolicyArgs,
                      opts: Optional[ResourceOptions] = None)

@overload
def NlbSecurityPolicy(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      ciphers: Optional[Sequence[str]] = None,
                      tls_versions: Optional[Sequence[str]] = None,
                      project_name: Optional[str] = None,
                      security_policy_name: Optional[str] = None,
                      tags: Optional[Sequence[NlbSecurityPolicyTagArgs]] = None)

func NewNlbSecurityPolicy(ctx *Context, name string, args NlbSecurityPolicyArgs, opts ...ResourceOption) (*NlbSecurityPolicy, error)

public NlbSecurityPolicy(string name, NlbSecurityPolicyArgs args, CustomResourceOptions? opts = null)

public NlbSecurityPolicy(String name, NlbSecurityPolicyArgs args)
public NlbSecurityPolicy(String name, NlbSecurityPolicyArgs args, CustomResourceOptions options)

type: volcenginecc:clb:NlbSecurityPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args NlbSecurityPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args NlbSecurityPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args NlbSecurityPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args NlbSecurityPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args NlbSecurityPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var nlbSecurityPolicyResource = new Volcenginecc.Clb.NlbSecurityPolicy("nlbSecurityPolicyResource", new()
{
    Ciphers = new[]
    {
        "string",
    },
    TlsVersions = new[]
    {
        "string",
    },
    ProjectName = "string",
    SecurityPolicyName = "string",
    Tags = new[]
    {
        new Volcenginecc.Clb.Inputs.NlbSecurityPolicyTagArgs
        {
            Key = "string",
            Value = "string",
        },
    },
});

example, err := clb.NewNlbSecurityPolicy(ctx, "nlbSecurityPolicyResource", &clb.NlbSecurityPolicyArgs{
	Ciphers: pulumi.StringArray{
		pulumi.String("string"),
	},
	TlsVersions: pulumi.StringArray{
		pulumi.String("string"),
	},
	ProjectName:        pulumi.String("string"),
	SecurityPolicyName: pulumi.String("string"),
	Tags: clb.NlbSecurityPolicyTagArray{
		&clb.NlbSecurityPolicyTagArgs{
			Key:   pulumi.String("string"),
			Value: pulumi.String("string"),
		},
	},
})

var nlbSecurityPolicyResource = new NlbSecurityPolicy("nlbSecurityPolicyResource", NlbSecurityPolicyArgs.builder()
    .ciphers("string")
    .tlsVersions("string")
    .projectName("string")
    .securityPolicyName("string")
    .tags(NlbSecurityPolicyTagArgs.builder()
        .key("string")
        .value("string")
        .build())
    .build());

nlb_security_policy_resource = volcenginecc.clb.NlbSecurityPolicy("nlbSecurityPolicyResource",
    ciphers=["string"],
    tls_versions=["string"],
    project_name="string",
    security_policy_name="string",
    tags=[{
        "key": "string",
        "value": "string",
    }])

const nlbSecurityPolicyResource = new volcenginecc.clb.NlbSecurityPolicy("nlbSecurityPolicyResource", {
    ciphers: ["string"],
    tlsVersions: ["string"],
    projectName: "string",
    securityPolicyName: "string",
    tags: [{
        key: "string",
        value: "string",
    }],
});

type: volcenginecc:clb:NlbSecurityPolicy
properties:
    ciphers:
        - string
    projectName: string
    securityPolicyName: string
    tags:
        - key: string
          value: string
    tlsVersions:
        - string

NlbSecurityPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The NlbSecurityPolicy resource accepts the following input properties:

Ciphers List<string>: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
TlsVersions List<string>: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
ProjectName string: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
SecurityPolicyName string: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
Tags List<Volcengine.NlbSecurityPolicyTag>

Ciphers []string: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
TlsVersions []string: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
ProjectName string: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
SecurityPolicyName string: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
Tags []NlbSecurityPolicyTagArgs

ciphers List<String>: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
tlsVersions List<String>: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
projectName String: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
securityPolicyName String: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
tags List<NlbSecurityPolicyTag>

ciphers string[]: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
tlsVersions string[]: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
projectName string: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
securityPolicyName string: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
tags NlbSecurityPolicyTag[]

ciphers Sequence[str]: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
tls_versions Sequence[str]: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
project_name str: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
security_policy_name str: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
tags Sequence[NlbSecurityPolicyTagArgs]

ciphers List<String>: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
tlsVersions List<String>: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
projectName String: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
securityPolicyName String: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
tags List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the NlbSecurityPolicy resource produces the following output properties:

AccountId string: Account ID associated with the TLS security policy
CreatedTime string: Creation time
Id string: The provider-assigned unique ID for this managed resource.
RelatedListenerIds List<string>: Listener associated with the TLS security policy
SecurityPolicyId string: Security policy ID
Status string: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
UpdatedTime string: Update time

AccountId string: Account ID associated with the TLS security policy
CreatedTime string: Creation time
Id string: The provider-assigned unique ID for this managed resource.
RelatedListenerIds []string: Listener associated with the TLS security policy
SecurityPolicyId string: Security policy ID
Status string: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
UpdatedTime string: Update time

accountId String: Account ID associated with the TLS security policy
createdTime String: Creation time
id String: The provider-assigned unique ID for this managed resource.
relatedListenerIds List<String>: Listener associated with the TLS security policy
securityPolicyId String: Security policy ID
status String: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
updatedTime String: Update time

accountId string: Account ID associated with the TLS security policy
createdTime string: Creation time
id string: The provider-assigned unique ID for this managed resource.
relatedListenerIds string[]: Listener associated with the TLS security policy
securityPolicyId string: Security policy ID
status string: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
updatedTime string: Update time

account_id str: Account ID associated with the TLS security policy
created_time str: Creation time
id str: The provider-assigned unique ID for this managed resource.
related_listener_ids Sequence[str]: Listener associated with the TLS security policy
security_policy_id str: Security policy ID
status str: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
updated_time str: Update time

accountId String: Account ID associated with the TLS security policy
createdTime String: Creation time
id String: The provider-assigned unique ID for this managed resource.
relatedListenerIds List<String>: Listener associated with the TLS security policy
securityPolicyId String: Security policy ID
status String: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
updatedTime String: Update time

Look up Existing NlbSecurityPolicy Resource

Get an existing NlbSecurityPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: NlbSecurityPolicyState, opts?: CustomResourceOptions): NlbSecurityPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_id: Optional[str] = None,
        ciphers: Optional[Sequence[str]] = None,
        created_time: Optional[str] = None,
        project_name: Optional[str] = None,
        related_listener_ids: Optional[Sequence[str]] = None,
        security_policy_id: Optional[str] = None,
        security_policy_name: Optional[str] = None,
        status: Optional[str] = None,
        tags: Optional[Sequence[NlbSecurityPolicyTagArgs]] = None,
        tls_versions: Optional[Sequence[str]] = None,
        updated_time: Optional[str] = None) -> NlbSecurityPolicy

func GetNlbSecurityPolicy(ctx *Context, name string, id IDInput, state *NlbSecurityPolicyState, opts ...ResourceOption) (*NlbSecurityPolicy, error)

public static NlbSecurityPolicy Get(string name, Input<string> id, NlbSecurityPolicyState? state, CustomResourceOptions? opts = null)

public static NlbSecurityPolicy get(String name, Output<String> id, NlbSecurityPolicyState state, CustomResourceOptions options)

resources:  _:    type: volcenginecc:clb:NlbSecurityPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountId string: Account ID associated with the TLS security policy
Ciphers List<string>: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
CreatedTime string: Creation time
ProjectName string: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
RelatedListenerIds List<string>: Listener associated with the TLS security policy
SecurityPolicyId string: Security policy ID
SecurityPolicyName string: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
Status string: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
Tags List<Volcengine.NlbSecurityPolicyTag>
TlsVersions List<string>: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
UpdatedTime string: Update time

AccountId string: Account ID associated with the TLS security policy
Ciphers []string: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
CreatedTime string: Creation time
ProjectName string: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
RelatedListenerIds []string: Listener associated with the TLS security policy
SecurityPolicyId string: Security policy ID
SecurityPolicyName string: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
Status string: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
Tags []NlbSecurityPolicyTagArgs
TlsVersions []string: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
UpdatedTime string: Update time

accountId String: Account ID associated with the TLS security policy
ciphers List<String>: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
createdTime String: Creation time
projectName String: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
relatedListenerIds List<String>: Listener associated with the TLS security policy
securityPolicyId String: Security policy ID
securityPolicyName String: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
status String: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
tags List<NlbSecurityPolicyTag>
tlsVersions List<String>: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
updatedTime String: Update time

accountId string: Account ID associated with the TLS security policy
ciphers string[]: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
createdTime string: Creation time
projectName string: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
relatedListenerIds string[]: Listener associated with the TLS security policy
securityPolicyId string: Security policy ID
securityPolicyName string: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
status string: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
tags NlbSecurityPolicyTag[]
tlsVersions string[]: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
updatedTime string: Update time

account_id str: Account ID associated with the TLS security policy
ciphers Sequence[str]: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
created_time str: Creation time
project_name str: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
related_listener_ids Sequence[str]: Listener associated with the TLS security policy
security_policy_id str: Security policy ID
security_policy_name str: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
status str: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
tags Sequence[NlbSecurityPolicyTagArgs]
tls_versions Sequence[str]: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
updated_time str: Update time

accountId String: Account ID associated with the TLS security policy
ciphers List<String>: Cipher suites for the TLS custom security policy. Supported cipher suites for different TLS protocol versions are as follows: TLSv1.0 & TLSv1.1: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA. TLSv1.2: ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256. TLSv1.3: TLSCHACHA20POLY1305SHA256, TLSAES256GCMSHA384, TLSAES128GCMSHA256, TLSAES128CCM8SHA256, TLSAES128CCMSHA256, TLSSM4GCMSM3, TLSSM4CCMSM3. When specifying this parameter, you must provide all supported cipher suites. Adding or removing cipher suites individually is not supported via this interface. If only Ciphers.N is provided and TlsVersions.N is not, validation is based on the TLS protocol versions supported by the current listener and the cipher suites specified in the request. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request. TLSSM4GCMSM3 and TLSSM4CCMSM3 are currently in pilot testing. To request access, please contact your account manager
createdTime String: Creation time
projectName String: Name of the project to which the TLS custom security policy belongs. If not specified, defaults to default
relatedListenerIds List<String>: Listener associated with the TLS security policy
securityPolicyId String: Security policy ID
securityPolicyName String: Security policy name. Must start with a letter, number, or Chinese character, and can include the following special characters: period (.), underscore (_), and hyphen (-). Length must be between 1 and 128 characters. If this parameter is not specified, defaults to the policy ID
status String: TLS custom security policy status. Creating: Being created. Configuring: Being configured. Active: Active. Deleting: Being deleted.
tags List<Property Map>
tlsVersions List<String>: Update the TLS protocol versions for the TLS custom security policy. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3. When specifying this parameter, you must provide all supported TLS versions. Adding or removing TLS protocol versions individually is not supported via this interface. If only TlsVersions.N is provided and Ciphers.N is not, validation is based on the TLS protocol versions in the request and the cipher suites supported by the current listener. If both TlsVersions.N and Ciphers.N are provided, validation is based on the TLS protocol versions and cipher suites specified in the request
updatedTime String: Update time

Supporting Types

NlbSecurityPolicyTag, NlbSecurityPolicyTagArgs

Key string: User tag key
Value string: User tag value

Key string: User tag key
Value string: User tag value

key String: User tag key
value String: User tag value

key string: User tag key
value string: User tag value

key str: User tag key
value str: User tag value

key String: User tag key
value String: User tag value

Import

$ pulumi import volcenginecc:clb/nlbSecurityPolicy:NlbSecurityPolicy example "security_policy_id"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: volcenginecc volcengine/pulumi-volcenginecc
License: MPL-2.0
Notes: This Pulumi package is based on the volcenginecc Terraform Provider.

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

volcenginecc.clb.NlbSecurityPolicy

On this page

On this page

Example Usage

Create NlbSecurityPolicy Resource

Constructor syntax

Parameters

Constructor example

NlbSecurityPolicy Resource Properties

Inputs

Outputs

Look up Existing NlbSecurityPolicy Resource

Supporting Types

NlbSecurityPolicyTag, NlbSecurityPolicyTagArgs

Import

Package Details

On this page

On this page