Firewall
data class FirewallVpcFirewallControlPolicyArgs(val aclAction: Output<String>? = null, val applicationName: Output<String>? = null, val description: Output<String>? = null, val destPort: Output<String>? = null, val destPortGroup: Output<String>? = null, val destPortType: Output<String>? = null, val destination: Output<String>? = null, val destinationType: Output<String>? = null, val lang: Output<String>? = null, val memberUid: Output<String>? = null, val order: Output<Int>? = null, val proto: Output<String>? = null, val release: Output<Boolean>? = null, val source: Output<String>? = null, val sourceType: Output<String>? = null, val vpcFirewallId: Output<String>? = null) : ConvertibleToJava<FirewallVpcFirewallControlPolicyArgs>
Provides a Cloud Firewall Vpc Firewall Control Policy resource. For information about Cloud Firewall Vpc Firewall Control Policy and how to use it, see What is Vpc Firewall Control Policy.
NOTE: Available since v1.194.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = alicloud.getAccount({});
const defaultInstance = new alicloud.cen.Instance("default", {
cenInstanceName: name,
description: "example_value",
tags: {
Created: "TF",
For: "acceptance test",
},
});
const defaultFirewallVpcFirewallControlPolicy = new alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default", {
order: 1,
destination: "127.0.0.2/32",
applicationName: "ANY",
description: "example_value",
sourceType: "net",
destPort: "80/88",
aclAction: "accept",
lang: "zh",
destinationType: "net",
source: "127.0.0.1/32",
destPortType: "port",
proto: "TCP",
release: true,
memberUid: _default.then(_default => _default.id),
vpcFirewallId: defaultInstance.id,
});Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "terraform-example"
default = alicloud.get_account()
default_instance = alicloud.cen.Instance("default",
cen_instance_name=name,
description="example_value",
tags={
"Created": "TF",
"For": "acceptance test",
})
default_firewall_vpc_firewall_control_policy = alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default",
order=1,
destination="127.0.0.2/32",
application_name="ANY",
description="example_value",
source_type="net",
dest_port="80/88",
acl_action="accept",
lang="zh",
destination_type="net",
source="127.0.0.1/32",
dest_port_type="port",
proto="TCP",
release=True,
member_uid=default.id,
vpc_firewall_id=default_instance.id)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "terraform-example";
var @default = AliCloud.GetAccount.Invoke();
var defaultInstance = new AliCloud.Cen.Instance("default", new()
{
CenInstanceName = name,
Description = "example_value",
Tags =
{
{ "Created", "TF" },
{ "For", "acceptance test" },
},
});
var defaultFirewallVpcFirewallControlPolicy = new AliCloud.CloudFirewall.FirewallVpcFirewallControlPolicy("default", new()
{
Order = 1,
Destination = "127.0.0.2/32",
ApplicationName = "ANY",
Description = "example_value",
SourceType = "net",
DestPort = "80/88",
AclAction = "accept",
Lang = "zh",
DestinationType = "net",
Source = "127.0.0.1/32",
DestPortType = "port",
Proto = "TCP",
Release = true,
MemberUid = @default.Apply(@default => @default.Apply(getAccountResult => getAccountResult.Id)),
VpcFirewallId = defaultInstance.Id,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cen"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "terraform-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_default, err := alicloud.GetAccount(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
defaultInstance, err := cen.NewInstance(ctx, "default", &cen.InstanceArgs{
CenInstanceName: pulumi.String(name),
Description: pulumi.String("example_value"),
Tags: pulumi.StringMap{
"Created": pulumi.String("TF"),
"For": pulumi.String("acceptance test"),
},
})
if err != nil {
return err
}
_, err = cloudfirewall.NewFirewallVpcFirewallControlPolicy(ctx, "default", &cloudfirewall.FirewallVpcFirewallControlPolicyArgs{
Order: pulumi.Int(1),
Destination: pulumi.String("127.0.0.2/32"),
ApplicationName: pulumi.String("ANY"),
Description: pulumi.String("example_value"),
SourceType: pulumi.String("net"),
DestPort: pulumi.String("80/88"),
AclAction: pulumi.String("accept"),
Lang: pulumi.String("zh"),
DestinationType: pulumi.String("net"),
Source: pulumi.String("127.0.0.1/32"),
DestPortType: pulumi.String("port"),
Proto: pulumi.String("TCP"),
Release: pulumi.Bool(true),
MemberUid: pulumi.String(_default.Id),
VpcFirewallId: defaultInstance.ID(),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.cen.Instance;
import com.pulumi.alicloud.cen.InstanceArgs;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("terraform-example");
final var default = AlicloudFunctions.getAccount(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);
var defaultInstance = new Instance("defaultInstance", InstanceArgs.builder()
.cenInstanceName(name)
.description("example_value")
.tags(Map.ofEntries(
Map.entry("Created", "TF"),
Map.entry("For", "acceptance test")
))
.build());
var defaultFirewallVpcFirewallControlPolicy = new FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", FirewallVpcFirewallControlPolicyArgs.builder()
.order(1)
.destination("127.0.0.2/32")
.applicationName("ANY")
.description("example_value")
.sourceType("net")
.destPort("80/88")
.aclAction("accept")
.lang("zh")
.destinationType("net")
.source("127.0.0.1/32")
.destPortType("port")
.proto("TCP")
.release(true)
.memberUid(default_.id())
.vpcFirewallId(defaultInstance.id())
.build());
}
}Content copied to clipboard
configuration:
name:
type: string
default: terraform-example
resources:
defaultInstance:
type: alicloud:cen:Instance
name: default
properties:
cenInstanceName: ${name}
description: example_value
tags:
Created: TF
For: acceptance test
defaultFirewallVpcFirewallControlPolicy:
type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
name: default
properties:
order: '1'
destination: 127.0.0.2/32
applicationName: ANY
description: example_value
sourceType: net
destPort: 80/88
aclAction: accept
lang: zh
destinationType: net
source: 127.0.0.1/32
destPortType: port
proto: TCP
release: true
memberUid: ${default.id}
vpcFirewallId: ${defaultInstance.id}
variables:
default:
fn::invoke:
function: alicloud:getAccount
arguments: {}Content copied to clipboard
Import
Cloud Firewall Vpc Firewall Control Policy can be imported using the id, e.g.
$ pulumi import alicloud:cloudfirewall/firewallVpcFirewallControlPolicy:FirewallVpcFirewallControlPolicy example <vpc_firewall_id>:<acl_uuid>Content copied to clipboard
Constructors
Link copied to clipboard
constructor(aclAction: Output<String>? = null, applicationName: Output<String>? = null, description: Output<String>? = null, destPort: Output<String>? = null, destPortGroup: Output<String>? = null, destPortType: Output<String>? = null, destination: Output<String>? = null, destinationType: Output<String>? = null, lang: Output<String>? = null, memberUid: Output<String>? = null, order: Output<Int>? = null, proto: Output<String>? = null, release: Output<Boolean>? = null, source: Output<String>? = null, sourceType: Output<String>? = null, vpcFirewallId: Output<String>? = null)
Properties
Link copied to clipboard
The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.
Link copied to clipboard
Access control over VPC firewalls description of the strategy information.
Link copied to clipboard
The destination address in the access control policy. Valid values:
Link copied to clipboard
The type of the destination address in the access control policy. Valid values: net, group, domain.
Link copied to clipboard
Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.
Link copied to clipboard
The type of the destination port in the access control policy. Valid values: port, group.
Link copied to clipboard
The type of the source address in the access control policy. Valid values: net, group.
Link copied to clipboard
The ID of the VPC firewall instance. Valid values: