alicloud_cloud_firewall_control_policy
更新時(shí)間:
Provides a Cloud Firewall Control Policy resource.
For information about Cloud Firewall Control Policy and how to use it, see What is Control Policy.
-> NOTE: Available since v1.129.0.
Example Usage
Basic Usage
variable "name" {
default = "terraform-example"
}
resource "alicloud_cloud_firewall_control_policy" "default" {
direction = "in"
application_name = "ANY"
description = var.name
acl_action = "accept"
source = "127.0.0.1/32"
source_type = "net"
destination = "127.0.0.2/32"
destination_type = "net"
proto = "ANY"
}
Argument Reference
The following arguments are supported:
direction
- (Required, ForceNew) The direction of the traffic to which the access control policy applies. Valid values:in
,out
.application_name
- (Required) The application type supported by the access control policy. Valid values:ANY
,HTTP
,HTTPS
,MQTT
,Memcache
,MongoDB
,MySQL
,RDP
,Redis
,SMTP
,SMTPS
,SSH
,SSL
,VNC
. -> NOTE: Ifproto
is set toTCP
, you can setapplication_name
to any valid value. Ifproto
is set toUDP
,ICMP
, orANY
, you can only setapplication_name
toANY
.description
- (Required) The description of the access control policy.acl_action
- (Required) The action that Cloud Firewall performs on the traffic. Valid values:accept
,drop
,log
.source
- (Required) The source address in the access control policy.source_type
- (Required) The type of the source address in the access control policy. Valid values:net
,group
,location
.destination
- (Required) The destination address in the access control policy.destination_type
- (Required) The type of the destination address in the access control policy. Valid values:net
,group
,domain
,location
.proto
- (Required) The protocol type supported by the access control policy. Valid values:ANY
,TCP
,UDP
,ICMP
.dest_port
- (Optional) The destination port in the access control policy. Note: Ifdest_port_type
is set toport
, you must specifydest_port
.dest_port_group
- (Optional) The name of the destination port address book in the access control policy. Note: Ifdest_port_type
is set togroup
, you must specifydest_port_group
.dest_port_type
- (Optional) The type of the destination port in the access control policy. Valid values:port
,group
.ip_version
- (Optional, ForceNew) The IP version supported by the access control policy. Default value:4
. Valid values:4
: IPv4.6
: IPv6.
release
- (Optional) The status of the access control policy. Valid values:true
,false
.source_ip
- (Optional) The source IP address of the request.lang
- (Optional) The language of the content within the request and response. Valid values:zh
,en
.
Attributes Reference
The following attributes are exported:
id
- The resource ID in terraform of Control Policy. It formats as<acl_uuid>:<direction>
.acl_uuid
- (Available since v1.148.0) The unique ID of the access control policy.
Import
Cloud Firewall Control Policy can be imported using the id, e.g.
$ terraform import alicloud_cloud_firewall_control_policy.example <acl_uuid>:<direction>
文檔內(nèi)容是否對您有幫助?