Acl
Provides a Sag Acl Rule resource. This topic describes how to configure an access control list (ACL) rule for a target Smart Access Gateway instance to permit or deny access to or from specified IP addresses in the ACL rule. For information about Sag Acl Rule and how to use it, see What is access control list (ACL) rule.
NOTE: Available since v1.60.0. NOTE: Only the following regions support create Cloud Connect Network. `cn-shanghai`, `cn-shanghai-finance-1`, `cn-hongkong`, `ap-southeast-1`, `ap-southeast-3`, `ap-southeast-5`, `ap-northeast-1`, `eu-central-1`
Example Usage
Basic Usage
import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";
const config = new pulumi.Config();
const name = config.get("name") || "tf_example";
const _default = new alicloud.sag.Acl("default", {name: name});
const defaultAclRule = new alicloud.sag.AclRule("default", {
aclId: _default.id,
description: name,
policy: "accept",
ipProtocol: "ALL",
direction: "in",
sourceCidr: "10.10.1.0/24",
sourcePortRange: "-1/-1",
destCidr: "192.168.1.0/24",
destPortRange: "-1/-1",
priority: 1,
});Content copied to clipboard
import pulumi
import pulumi_alicloud as alicloud
config = pulumi.Config()
name = config.get("name")
if name is None:
name = "tf_example"
default = alicloud.sag.Acl("default", name=name)
default_acl_rule = alicloud.sag.AclRule("default",
acl_id=default.id,
description=name,
policy="accept",
ip_protocol="ALL",
direction="in",
source_cidr="10.10.1.0/24",
source_port_range="-1/-1",
dest_cidr="192.168.1.0/24",
dest_port_range="-1/-1",
priority=1)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var name = config.Get("name") ?? "tf_example";
var @default = new AliCloud.Sag.Acl("default", new()
{
Name = name,
});
var defaultAclRule = new AliCloud.Sag.AclRule("default", new()
{
AclId = @default.Id,
Description = name,
Policy = "accept",
IpProtocol = "ALL",
Direction = "in",
SourceCidr = "10.10.1.0/24",
SourcePortRange = "-1/-1",
DestCidr = "192.168.1.0/24",
DestPortRange = "-1/-1",
Priority = 1,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/sag"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
name := "tf_example"
if param := cfg.Get("name"); param != "" {
name = param
}
_default, err := sag.NewAcl(ctx, "default", &sag.AclArgs{
Name: pulumi.String(name),
})
if err != nil {
return err
}
_, err = sag.NewAclRule(ctx, "default", &sag.AclRuleArgs{
AclId: _default.ID(),
Description: pulumi.String(name),
Policy: pulumi.String("accept"),
IpProtocol: pulumi.String("ALL"),
Direction: pulumi.String("in"),
SourceCidr: pulumi.String("10.10.1.0/24"),
SourcePortRange: pulumi.String("-1/-1"),
DestCidr: pulumi.String("192.168.1.0/24"),
DestPortRange: pulumi.String("-1/-1"),
Priority: pulumi.Int(1),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.sag.Acl;
import com.pulumi.alicloud.sag.AclArgs;
import com.pulumi.alicloud.sag.AclRule;
import com.pulumi.alicloud.sag.AclRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var name = config.get("name").orElse("tf_example");
var default_ = new Acl("default", AclArgs.builder()
.name(name)
.build());
var defaultAclRule = new AclRule("defaultAclRule", AclRuleArgs.builder()
.aclId(default_.id())
.description(name)
.policy("accept")
.ipProtocol("ALL")
.direction("in")
.sourceCidr("10.10.1.0/24")
.sourcePortRange("-1/-1")
.destCidr("192.168.1.0/24")
.destPortRange("-1/-1")
.priority(1)
.build());
}
}Content copied to clipboard
configuration:
name:
type: string
default: tf_example
resources:
default:
type: alicloud:sag:Acl
properties:
name: ${name}
defaultAclRule:
type: alicloud:sag:AclRule
name: default
properties:
aclId: ${default.id}
description: ${name}
policy: accept
ipProtocol: ALL
direction: in
sourceCidr: 10.10.1.0/24
sourcePortRange: -1/-1
destCidr: 192.168.1.0/24
destPortRange: -1/-1
priority: '1'Content copied to clipboard
Import
The Sag Acl Rule can be imported using the id, e.g.
$ pulumi import alicloud:sag/aclRule:AclRule example acr-abc123456Content copied to clipboard
Properties
Link copied to clipboard
The description of the ACL rule. It must be 1 to 512 characters in length.
Link copied to clipboard
The range of the destination port. Valid value: 80/80.
Link copied to clipboard
The protocol used by the ACL rule. The value is not case sensitive.
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
The source address. It is an IPv4 address range in the CIDR format. Default value: 0.0.0.0/0.
Link copied to clipboard
The range of the source port. Valid value: 80/80.