Control
Provides a Cloud Firewall Control Policy resource. For information about Cloud Firewall Control Policy and how to use it, see What is Control Policy.
NOTE: Available since v1.129.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = new alicloud.cloudfirewall.ControlPolicy("default", {
direction: "in",
applicationName: "ANY",
description: name,
aclAction: "accept",
source: "127.0.0.1/32",
sourceType: "net",
destination: "127.0.0.2/32",
destinationType: "net",
proto: "ANY",
});import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
default = alicloud.cloudfirewall.ControlPolicy("default",
direction="in",
application_name="ANY",
description=name,
acl_action="accept",
source="127.0.0.1/32",
source_type="net",
destination="127.0.0.2/32",
destination_type="net",
proto="ANY")using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var @default = new AliCloud.CloudFirewall.ControlPolicy("default", new()
{
Direction = "in",
ApplicationName = "ANY",
Description = name,
AclAction = "accept",
Source = "127.0.0.1/32",
SourceType = "net",
Destination = "127.0.0.2/32",
DestinationType = "net",
Proto = "ANY",
});
});package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_, err := cloudfirewall.NewControlPolicy(ctx, "default", &cloudfirewall.ControlPolicyArgs{
Direction: pulumi.String("in"),
ApplicationName: pulumi.String("ANY"),
Description: pulumi.String(name),
AclAction: pulumi.String("accept"),
Source: pulumi.String("127.0.0.1/32"),
SourceType: pulumi.String("net"),
Destination: pulumi.String("127.0.0.2/32"),
DestinationType: pulumi.String("net"),
Proto: pulumi.String("ANY"),
})
if err != nil {
return err
}
return nil
})
}package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.cloudfirewall.ControlPolicy;
import com.pulumi.alicloud.cloudfirewall.ControlPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
var default_ = new ControlPolicy("default", ControlPolicyArgs.builder()
.direction("in")
.applicationName("ANY")
.description(name)
.aclAction("accept")
.source("127.0.0.1/32")
.sourceType("net")
.destination("127.0.0.2/32")
.destinationType("net")
.proto("ANY")
.build());
}
}configuration:
name:
type: string
default: terraform-example
resources:
default:
type: alicloud:cloudfirewall:ControlPolicy
properties:
direction: in
applicationName: ANY
description: ${name}
aclAction: accept
source: 127.0.0.1/32
sourceType: net
destination: 127.0.0.2/32
destinationType: net
proto: ANYImport
Cloud Firewall Control Policy can be imported using the id, e.g.
$ pulumi import alicloud:cloudfirewall/controlPolicy:ControlPolicy example <acl_uuid>:<direction>Constructors
Properties
The application type supported by the access control policy. Valid values: ANY, HTTP, HTTPS, MQTT, Memcache, MongoDB, MySQL, RDP, Redis, SMTP, SMTPS, SSH, SSL, VNC.
The application types supported by the access control policy.
The description of the access control policy.
The destination address in the access control policy.
The type of the destination address in the access control policy. Valid values: net, group, domain, location.
The name of the destination port address book in the access control policy. Note: If dest_port_type is set to group, you must specify dest_port_group.
The type of the destination port in the access control policy. Valid values: port, group.
The domain name resolution method of the access control policy. Valid values:
The days of a week or of a month on which the access control policy takes effect. Valid values:
The point in time when the recurrence ends. Example: 23:30. The end time must be on the hour or on the half hour, and at least 30 minutes later than the start time.
The point in time when the recurrence starts. Example: 08:00. The start time must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.
The recurrence type for the access control policy to take effect. Default value: Permanent. Valid values:
The type of the source address in the access control policy. Valid values: net, group, location.