ALIYUN::CR::InstanceEndpointAclPolicy类型用于为公网实例访问入口创建白名单策略。

语法

{
  "Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
  "Properties": {
    "Comment": String,
    "Entry": String,
    "InstanceId": String,
    "ModuleName": String,
    "EndpointType": String,
    "RegionId": String
  }
}

属性

属性名称 类型 必须 允许更新 描述 约束
Comment String 说明。
Entry String 允许访问的IP网段,例如192.168.1.1/32。
InstanceId String 实例ID。
ModuleName String 需要设置访问策略的模块。 取值:
  • Registry
  • Chart
EndpointType String 访问入口类型。 取值: internet(公网)。
RegionId String 地域ID。 默认为资源栈地域ID。

返回值

Fn::GetAtt

  • Entry:允许访问的IP网段。
  • InstanceId:实例ID。

示例

JSON格式

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "Comment": {
      "Type": "String",
      "Description": "The description of the entry."
    },
    "Entry": {
      "Type": "String",
      "Description": "The IP address range that is allowed to access the instance."
    },
    "InstanceId": {
      "Type": "String",
      "Description": "The ID of the instance."
    },
    "ModuleName": {
      "Type": "String",
      "Description": "The name of the module in the instance for which a whitelist is configured. Valid\nvalues: Registry and Chart.",
      "Default": "Registry"
    },
    "EndpointType": {
      "Type": "String",
      "Description": "The type of the endpoint.",
      "Default": "internet"
    },
    "RegionId": {
      "Type": "String",
      "Description": "Region ID of instance. Default is current region."
    }
  },
  "Resources": {
    "InstanceEndpointAclPolicy": {
      "Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
      "Properties": {
        "Comment": {
          "Ref": "Comment"
        },
        "Entry": {
          "Ref": "Entry"
        },
        "InstanceId": {
          "Ref": "InstanceId"
        },
        "ModuleName": {
          "Ref": "ModuleName"
        },
        "EndpointType": {
          "Ref": "EndpointType"
        },
        "RegionId": {
          "Ref": "RegionId"
        }
      }
    }
  },
  "Outputs": {
    "Entry": {
      "Description": "The IP address range that is allowed to access the instance.",
      "Value": {
        "Fn::GetAtt": [
          "InstanceEndpointAclPolicy",
          "Entry"
        ]
      }
    },
    "InstanceId": {
      "Description": "The ID of the instance.",
      "Value": {
        "Fn::GetAtt": [
          "InstanceEndpointAclPolicy",
          "InstanceId"
        ]
      }
    }
  }
}

YAML格式

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  Comment:
    Type: String
    Description: The description of the entry.
  Entry:
    Type: String
    Description: The IP address range that is allowed to access the instance.
  InstanceId:
    Type: String
    Description: The ID of the instance.
  ModuleName:
    Type: String
    Description: >-
      The name of the module in the instance for which a whitelist is
      configured. Valid

      values: Registry and Chart.
    Default: Registry
  EndpointType:
    Type: String
    Description: The type of the endpoint.
    Default: internet
  RegionId:
    Type: String
    Description: Region ID of instance. Default is current region.
Resources:
  InstanceEndpointAclPolicy:
    Type: 'ALIYUN::CR::InstanceEndpointAclPolicy'
    Properties:
      Comment:
        Ref: Comment
      Entry:
        Ref: Entry
      InstanceId:
        Ref: InstanceId
      ModuleName:
        Ref: ModuleName
      EndpointType:
        Ref: EndpointType
      RegionId:
        Ref: RegionId
Outputs:
  Entry:
    Description: The IP address range that is allowed to access the instance.
    Value:
      'Fn::GetAtt':
        - InstanceEndpointAclPolicy
        - Entry
  InstanceId:
    Description: The ID of the instance.
    Value:
      'Fn::GetAtt':
        - InstanceEndpointAclPolicy
        - InstanceId