pulumi-alicloud-kotlin/com.pulumi.alicloud.cloudfirewall.kotlin/FirewallVpcFirewallControlPolicy

FirewallVpcFirewallControlPolicy

class FirewallVpcFirewallControlPolicy : KotlinCustomResource

Provides a Cloud Firewall Vpc Firewall Control Policy resource. For information about Cloud Firewall Vpc Firewall Control Policy and how to use it, see What is Vpc Firewall Control Policy.

NOTE: Available since v1.194.0.

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "terraform-example";
const _default = alicloud.getAccount({});
const defaultInstance = new alicloud.cen.Instance("default", {
    cenInstanceName: name,
    description: "example_value",
    tags: {
        Created: "TF",
        For: "acceptance test",
    },
});
const defaultFirewallVpcFirewallControlPolicy = new alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default", {
    order: 1,
    destination: "127.0.0.2/32",
    applicationName: "ANY",
    description: "example_value",
    sourceType: "net",
    destPort: "80/88",
    aclAction: "accept",
    lang: "zh",
    destinationType: "net",
    source: "127.0.0.1/32",
    destPortType: "port",
    proto: "TCP",
    release: true,
    memberUid: _default.then(_default => _default.id),
    vpcFirewallId: defaultInstance.id,
});

import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
    name = "terraform-example"
default = alicloud.get_account()
default_instance = alicloud.cen.Instance("default",
    cen_instance_name=name,
    description="example_value",
    tags={
        "Created": "TF",
        "For": "acceptance test",
    })
default_firewall_vpc_firewall_control_policy = alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy("default",
    order=1,
    destination="127.0.0.2/32",
    application_name="ANY",
    description="example_value",
    source_type="net",
    dest_port="80/88",
    acl_action="accept",
    lang="zh",
    destination_type="net",
    source="127.0.0.1/32",
    dest_port_type="port",
    proto="TCP",
    release=True,
    member_uid=default.id,
    vpc_firewall_id=default_instance.id)

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
    var config = new Config();
    var name = config.Get("name") ?? "terraform-example";
    var @default = AliCloud.GetAccount.Invoke();
    var defaultInstance = new AliCloud.Cen.Instance("default", new()
    {
        CenInstanceName = name,
        Description = "example_value",
        Tags =
        {
            { "Created", "TF" },
            { "For", "acceptance test" },
        },
    });
    var defaultFirewallVpcFirewallControlPolicy = new AliCloud.CloudFirewall.FirewallVpcFirewallControlPolicy("default", new()
    {
        Order = 1,
        Destination = "127.0.0.2/32",
        ApplicationName = "ANY",
        Description = "example_value",
        SourceType = "net",
        DestPort = "80/88",
        AclAction = "accept",
        Lang = "zh",
        DestinationType = "net",
        Source = "127.0.0.1/32",
        DestPortType = "port",
        Proto = "TCP",
        Release = true,
        MemberUid = @default.Apply(@default => @default.Apply(getAccountResult => getAccountResult.Id)),
        VpcFirewallId = defaultInstance.Id,
    });
});

package main
import (
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cen"
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/cloudfirewall"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		name := "terraform-example"
		if param := cfg.Get("name"); param != "" {
			name = param
		}
		_default, err := alicloud.GetAccount(ctx, map[string]interface{}{}, nil)
		if err != nil {
			return err
		}
		defaultInstance, err := cen.NewInstance(ctx, "default", &cen.InstanceArgs{
			CenInstanceName: pulumi.String(name),
			Description:     pulumi.String("example_value"),
			Tags: pulumi.StringMap{
				"Created": pulumi.String("TF"),
				"For":     pulumi.String("acceptance test"),
			},
		})
		if err != nil {
			return err
		}
		_, err = cloudfirewall.NewFirewallVpcFirewallControlPolicy(ctx, "default", &cloudfirewall.FirewallVpcFirewallControlPolicyArgs{
			Order:           pulumi.Int(1),
			Destination:     pulumi.String("127.0.0.2/32"),
			ApplicationName: pulumi.String("ANY"),
			Description:     pulumi.String("example_value"),
			SourceType:      pulumi.String("net"),
			DestPort:        pulumi.String("80/88"),
			AclAction:       pulumi.String("accept"),
			Lang:            pulumi.String("zh"),
			DestinationType: pulumi.String("net"),
			Source:          pulumi.String("127.0.0.1/32"),
			DestPortType:    pulumi.String("port"),
			Proto:           pulumi.String("TCP"),
			Release:         pulumi.Bool(true),
			MemberUid:       pulumi.String(_default.Id),
			VpcFirewallId:   defaultInstance.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.cen.Instance;
import com.pulumi.alicloud.cen.InstanceArgs;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicy;
import com.pulumi.alicloud.cloudfirewall.FirewallVpcFirewallControlPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var name = config.get("name").orElse("terraform-example");
        final var default = AlicloudFunctions.getAccount(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference);
        var defaultInstance = new Instance("defaultInstance", InstanceArgs.builder()
            .cenInstanceName(name)
            .description("example_value")
            .tags(Map.ofEntries(
                Map.entry("Created", "TF"),
                Map.entry("For", "acceptance test")
            ))
            .build());
        var defaultFirewallVpcFirewallControlPolicy = new FirewallVpcFirewallControlPolicy("defaultFirewallVpcFirewallControlPolicy", FirewallVpcFirewallControlPolicyArgs.builder()
            .order(1)
            .destination("127.0.0.2/32")
            .applicationName("ANY")
            .description("example_value")
            .sourceType("net")
            .destPort("80/88")
            .aclAction("accept")
            .lang("zh")
            .destinationType("net")
            .source("127.0.0.1/32")
            .destPortType("port")
            .proto("TCP")
            .release(true)
            .memberUid(default_.id())
            .vpcFirewallId(defaultInstance.id())
            .build());
    }
}

configuration:
  name:
    type: string
    default: terraform-example
resources:
  defaultInstance:
    type: alicloud:cen:Instance
    name: default
    properties:
      cenInstanceName: ${name}
      description: example_value
      tags:
        Created: TF
        For: acceptance test
  defaultFirewallVpcFirewallControlPolicy:
    type: alicloud:cloudfirewall:FirewallVpcFirewallControlPolicy
    name: default
    properties:
      order: '1'
      destination: 127.0.0.2/32
      applicationName: ANY
      description: example_value
      sourceType: net
      destPort: 80/88
      aclAction: accept
      lang: zh
      destinationType: net
      source: 127.0.0.1/32
      destPortType: port
      proto: TCP
      release: true
      memberUid: ${default.id}
      vpcFirewallId: ${defaultInstance.id}
variables:
  default:
    fn::invoke:
      function: alicloud:getAccount
      arguments: {}

Import

Cloud Firewall Vpc Firewall Control Policy can be imported using the id, e.g.

$ pulumi import alicloud:cloudfirewall/firewallVpcFirewallControlPolicy:FirewallVpcFirewallControlPolicy example <vpc_firewall_id>:<acl_uuid>

Properties

aclAction

val aclAction: Output<String>

The action that Cloud Firewall performs on the traffic. Valid values: accept, drop, log.

aclUuid

val aclUuid: Output<String>

Access control over VPC firewalls strategy unique identifier.

applicationId

val applicationId: Output<String>

Policy specifies the application ID.

applicationName

val applicationName: Output<String>

The type of the applications that the access control policy supports. Valid values: FTP, HTTP, HTTPS, MySQL, SMTP, SMTPS, RDP, VNC, SSH, Redis, MQTT, MongoDB, Memcache, SSL, ANY.

description

val description: Output<String>

Access control over VPC firewalls description of the strategy information.

destination

val destination: Output<String>

The destination address in the access control policy. Valid values:

destinationGroupCidrs

val destinationGroupCidrs: Output<List<String>>

Destination address book defined in the address list.

destinationGroupType

val destinationGroupType: Output<String>

The destination address book type in the access control policy.

destinationType

val destinationType: Output<String>

The type of the destination address in the access control policy. Valid values: net, group, domain.

destPort

val destPort: Output<String>

The destination port in the access control policy. Note: If dest_port_type is set to port, you must specify this parameter.

destPortGroup

val destPortGroup: Output<String>?

Access control policy in the access traffic of the destination port address book name. Note: If dest_port_type is set to group, you must specify this parameter.