Security
Provides a NLB Security Policy resource. For information about NLB Security Policy and how to use it, see What is Security Policy.
NOTE: Available since v1.187.0.
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "tf-example";
const _default = alicloud.resourcemanager.getResourceGroups({});
const defaultSecurityPolicy = new alicloud.nlb.SecurityPolicy("default", {
resourceGroupId: _default.then(_default => _default.ids?.[0]),
securityPolicyName: name,
ciphers: [
"ECDHE-RSA-AES128-SHA",
"ECDHE-ECDSA-AES128-SHA",
],
tlsVersions: [
"TLSv1.0",
"TLSv1.1",
"TLSv1.2",
],
tags: {
Created: "TF",
For: "example",
},
});Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "tf-example"
default = alicloud.resourcemanager.get_resource_groups()
default_security_policy = alicloud.nlb.SecurityPolicy("default",
resource_group_id=default.ids[0],
security_policy_name=name,
ciphers=[
"ECDHE-RSA-AES128-SHA",
"ECDHE-ECDSA-AES128-SHA",
],
tls_versions=[
"TLSv1.0",
"TLSv1.1",
"TLSv1.2",
],
tags={
"Created": "TF",
"For": "example",
})Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "tf-example";
var @default = AliCloud.ResourceManager.GetResourceGroups.Invoke();
var defaultSecurityPolicy = new AliCloud.Nlb.SecurityPolicy("default", new()
{
ResourceGroupId = @default.Apply(@default => @default.Apply(getResourceGroupsResult => getResourceGroupsResult.Ids[0])),
SecurityPolicyName = name,
Ciphers = new[]
{
"ECDHE-RSA-AES128-SHA",
"ECDHE-ECDSA-AES128-SHA",
},
TlsVersions = new[]
{
"TLSv1.0",
"TLSv1.1",
"TLSv1.2",
},
Tags =
{
{ "Created", "TF" },
{ "For", "example" },
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/nlb"
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/resourcemanager"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "tf-example"
if param := cfg.Get("name"); param != "" {
name = param
}
_default, err := resourcemanager.GetResourceGroups(ctx, &resourcemanager.GetResourceGroupsArgs{}, nil)
if err != nil {
return err
}
_, err = nlb.NewSecurityPolicy(ctx, "default", &nlb.SecurityPolicyArgs{
ResourceGroupId: pulumi.String(_default.Ids[0]),
SecurityPolicyName: pulumi.String(name),
Ciphers: pulumi.StringArray{
pulumi.String("ECDHE-RSA-AES128-SHA"),
pulumi.String("ECDHE-ECDSA-AES128-SHA"),
},
TlsVersions: pulumi.StringArray{
pulumi.String("TLSv1.0"),
pulumi.String("TLSv1.1"),
pulumi.String("TLSv1.2"),
},
Tags: pulumi.StringMap{
"Created": pulumi.String("TF"),
"For": pulumi.String("example"),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.resourcemanager.ResourcemanagerFunctions;
import com.pulumi.alicloud.resourcemanager.inputs.GetResourceGroupsArgs;
import com.pulumi.alicloud.nlb.SecurityPolicy;
import com.pulumi.alicloud.nlb.SecurityPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("tf-example");
final var default = ResourcemanagerFunctions.getResourceGroups(GetResourceGroupsArgs.builder()
.build());
var defaultSecurityPolicy = new SecurityPolicy("defaultSecurityPolicy", SecurityPolicyArgs.builder()
.resourceGroupId(default_.ids()[0])
.securityPolicyName(name)
.ciphers(
"ECDHE-RSA-AES128-SHA",
"ECDHE-ECDSA-AES128-SHA")
.tlsVersions(
"TLSv1.0",
"TLSv1.1",
"TLSv1.2")
.tags(Map.ofEntries(
Map.entry("Created", "TF"),
Map.entry("For", "example")
))
.build());
}
}Content copied to clipboard
configuration:
name:
type: string
default: tf-example
resources:
defaultSecurityPolicy:
type: alicloud:nlb:SecurityPolicy
name: default
properties:
resourceGroupId: ${default.ids[0]}
securityPolicyName: ${name}
ciphers:
- ECDHE-RSA-AES128-SHA
- ECDHE-ECDSA-AES128-SHA
tlsVersions:
- TLSv1.0
- TLSv1.1
- TLSv1.2
tags:
Created: TF
For: example
variables:
default:
fn::invoke:
function: alicloud:resourcemanager:getResourceGroups
arguments: {}Content copied to clipboard
Import
NLB Security Policy can be imported using the id, e.g.
$ pulumi import alicloud:nlb/securityPolicy:SecurityPolicy example <id>Content copied to clipboard
Properties
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The ID of the new resource group. You can log on to the Resource Management console to view resource group IDs.
Link copied to clipboard
The name of the security policy. The name must be 1 to 200 characters in length, and can contain letters, digits, periods (.), underscores (\_), and hyphens (-).
Link copied to clipboard
The supported versions of the Transport Layer Security (TLS) protocol. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3. You can specify at most four TLS versions.