Firewall
Provides a Cloud Firewall Vpc Firewall Control Policy resource. For information about Cloud Firewall Vpc Firewall Control Policy and how to use it, see What is Vpc Firewall Control Policy.
NOTE: Available since v1.194.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = alicloud.getAccount({});
const defaultInstance = new alicloud.cen.Instance("default", {
cenInstanceName: name,
description: "example_value",
tags: {
Created: "TF",
For: "acceptance test",
},
});
const defaultFirewallVpcFirewallControlPolicy = new alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default", {
order: 1,
destination: "127.0.0.2/32",
applicationName: "ANY",
description: "example_value",
sourceType: "net",
destPort: "80/88",
aclAction: "accept",
lang: "zh",
destinationType: "net",
source: "127.0.0.1/32",
destPortType: "port",
proto: "TCP",
release: true,
memberUid: _default.then(_default => _default.id),
vpcFirewallId: defaultInstance.id,
});Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
default = alicloud.get_account()
default_instance = alicloud.cen.Instance("default",
cen_instance_name=name,
description="example_value",
tags={
"Created": "TF",
"For": "acceptance test",
})
default_firewall_vpc_firewall_control_policy = alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default",
order=1,
destination="127.0.0.2/32",
application_name="ANY",
description="example_value",
source_type="net",
dest_port="80/88",
acl_action="accept",
lang="zh",
destination_type="net",
source="127.0.0.1/32",
dest_port_type="port",
proto="TCP",
release=True,
member_uid=default.id,
vpc_firewall_id=default_instance.id)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var @default = AliCloud.GetAccount.Invoke();
var defaultInstance = new AliCloud.Cen.Instance("default", new()
{
CenInstanceName = name,
Description = "example_value",
Tags =
{
{ "Created", "TF" },
{ "For", "acceptance test" },
},
});
var defaultFirewallVpcFirewallControlPolicy = new AliCloud.CloudFirewall.FirewallVpcFirewallControlPolicy("default", new()
{
Order = 1,
Destination = "127.0.0.2/32",
ApplicationName = "ANY",
Description = "example_value",
SourceType = "net",
DestPort = "80/88",
AclAction = "accept",
Lang = "zh",
DestinationType = "net",
Source = "127.0.0.1/32",
DestPortType = "port",
Proto = "TCP",
Release = true,
MemberUid = @default.Apply(@default => @default.Apply(getAccountResult => getAccountResult.Id)),
VpcFirewallId = defaultInstance.Id,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cen"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_default, err := alicloud.GetAccount(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
defaultInstance, err := cen.NewInstance(ctx, "default", &cen.InstanceArgs{
CenInstanceName: pulumi.String(name),
Description: pulumi.String("example_value"),
Tags: pulumi.StringMap{
"Created": pulumi.String("TF"),
"For": pulumi.String("acceptance test"),
},
})
if err != nil {
return err
}
_, err = cloudfirewall.NewFirewallVpcFirewallControlPolicy(ctx, "default", &cloudfirewall.FirewallVpcFirewallControlPolicyArgs{
Order: pulumi.Int(1),
Destination: pulumi.String("127.0.0.2/32"),
ApplicationName: pulumi.String("ANY"),
Description: pulumi.String("example_value"),
SourceType: pulumi.String("net"),
DestPort: pulumi.String("80/88"),
AclAction: pulumi.String("accept"),
Lang: pulumi.String("zh"),
DestinationType: pulumi.String("net"),
Source: pulumi.String("127.0.0.1/32"),
DestPortType: pulumi.String("port"),
Proto: pulumi.String("TCP"),
Release: pulumi.Bool(true),
MemberUid: pulumi.String(_default.Id),
VpcFirewallId: defaultInstance.ID(),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.cen.Instance;
import com.pulumi.alicloud.cen.InstanceArgs;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
final var default = AlicloudFunctions.getAccount();
var defaultInstance = new Instance("defaultInstance", InstanceArgs.builder()
.cenInstanceName(name)
.description("example_value")
.tags(Map.ofEntries(
Map.entry("Created", "TF"),
Map.entry("For", "acceptance test")
))
.build());
var defaultFirewallVpcFirewallControlPolicy = new FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", FirewallVpcFirewallControlPolicyArgs.builder()
.order("1")
.destination("127.0.0.2/32")
.applicationName("ANY")
.description("example_value")
.sourceType("net")
.destPort("80/88")
.aclAction("accept")
.lang("zh")
.destinationType("net")
.source("127.0.0.1/32")
.destPortType("port")
.proto("TCP")
.release(true)
.memberUid(default_.id())
.vpcFirewallId(defaultInstance.id())
.build());
}
}Content copied to clipboard
configuration:
name:
type: string
default: terraform-example
resources:
defaultInstance:
type: alicloud:cen:Instance
name: default
properties:
cenInstanceName: ${name}
description: example_value
tags:
Created: TF
For: acceptance test
defaultFirewallVpcFirewallControlPolicy:
type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
name: default
properties:
order: '1'
destination: 127.0.0.2/32
applicationName: ANY
description: example_value
sourceType: net
destPort: 80/88
aclAction: accept
lang: zh
destinationType: net
source: 127.0.0.1/32
destPortType: port
proto: TCP
release: true
memberUid: ${default.id}
vpcFirewallId: ${defaultInstance.id}
variables:
default:
fn::invoke:
function: alicloud:getAccount
arguments: {}Content copied to clipboard
Import
Cloud Firewall Vpc Firewall Control Policy can be imported using the id, e.g.
$ pulumi import alicloud:cloudfirewall/firewallVpcFirewallControlPolicy:FirewallVpcFirewallControlPolicy example <vpc_firewall_id>:<acl_uuid>Content copied to clipboard
Properties
Link copied to clipboard
Policy specifies the application ID.
Link copied to clipboard
The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.
Link copied to clipboard
Access control over VPC firewalls description of the strategy information.
Link copied to clipboard
The destination address in the access control policy. Valid values:
Link copied to clipboard
Destination address book defined in the address list.
Link copied to clipboard
The destination address book type in the access control policy.
Link copied to clipboard
The type of the destination address in the access control policy. Valid values: net, group, domain.
Link copied to clipboard
Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.
Link copied to clipboard
Port Address Book port list.
Link copied to clipboard
The type of the destination port in the access control policy. Valid values: port, group.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
SOURCE address of the address list.
Link copied to clipboard
The source address type in the access control policy.
Link copied to clipboard
The type of the source address in the access control policy. Valid values: net, group.
Link copied to clipboard
The ID of the VPC firewall instance. Valid values: