Creates a PrivateLink endpoint.
Syntax
{
"Type": "ALIYUN::PrivateLink::VpcEndpoint",
"Properties": {
"VpcId": String,
"EndpointName": String,
"ServiceName": String,
"Zone": List,
"SecurityGroupId": List,
"EndpointDescription": String,
"ServiceId": String,
"ProtectedEnabled": Boolean,
"ZonePrivateIpAddressCount": Number,
"EndpointType": String,
"Tags": List
}
}Properties
|
Property |
Type |
Required |
Editable |
Description |
Constraint |
|
VpcId |
String |
Yes |
No |
The ID of the virtual private cloud (VPC) to which the endpoint belongs. |
None. |
|
EndpointName |
String |
No |
Yes |
The name of the endpoint. |
Length: 2 to 128 characters. Must start with a letter and can contain letters, digits, hyphens (-), and underscores (_). |
|
ServiceName |
String |
No |
No |
The name of the associated endpoint service. |
None. |
|
Zone |
List |
No |
Yes |
The zones. |
You can specify up to 10 zones. For more information, see Zone properties. |
|
SecurityGroupId |
List |
No |
Yes |
The security group IDs for the endpoint elastic network interfaces (ENIs). Security groups control data communication between the VPC and endpoint ENIs. |
Maximum: 10 security groups per endpoint ENI. |
|
EndpointDescription |
String |
No |
Yes |
The description of the endpoint. |
Length: 2 to 256 characters. Cannot start with |
|
ServiceId |
String |
No |
No |
The ID of the associated endpoint service. |
None. |
|
ProtectedEnabled |
Boolean |
No |
No |
Whether to enable user authentication. |
Takes effect only in Security Token Service (STS) mode. Valid values:
|
|
ZonePrivateIpAddressCount |
Number |
No |
No |
The number of private IP addresses assigned to an ENI per zone. |
Set the value to 1. |
|
EndpointType |
String |
No |
No |
The type of the endpoint. |
Set the value to Interface. This allows Classic Load Balancer (CLB) instances as service resources for the endpoint service. |
|
Tags |
List |
No |
Yes |
The tags of the endpoint. |
You can add up to 20 tags. |
Zone syntax
"Zone": [
{
"ZoneId": String,
"VSwitchId": String,
"Ip": String
}
]Zone properties
|
Property |
Type |
Required |
Editable |
Description |
Constraint |
|
ZoneId |
String |
No |
No |
The zone ID of the endpoint service. |
None. |
|
VSwitchId |
String |
No |
No |
The vSwitch ID for the endpoint ENI in this zone. |
None. |
|
Ip |
String |
No |
No |
The IP address of the endpoint in this zone. |
None. |
Tags syntax
"Tags": [
{
"Value": String,
"Key": String
}
]Tags properties
|
Property |
Type |
Required |
Editable |
Description |
Constraint |
|
Key |
String |
Yes |
No |
The key of the tag. |
Maximum: 20 keys. Cannot be empty. Maximum length: 64 characters. Cannot contain |
|
Value |
String |
No |
No |
The value of the tag. |
Maximum: 20 values. Can be empty. Maximum length: 128 characters. Cannot contain |
Return values
Fn::GetAtt
-
EndpointDomain: the domain of the endpoint.
-
Bandwidth: the bandwidth of the endpoint.
-
EndpointId: the ID of the endpoint.
-
EndpointName: the name of the endpoint.
-
VpcId: the VPC ID of the endpoint.
-
ServiceName: the name of the associated endpoint service.
-
ServiceId: the ID of the associated endpoint service.
-
ZoneDomains: the zone domains.
-
Arn: the Alibaba Cloud Resource Name (ARN).
Examples
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
MasterZoneId:
Type: String
Description: The master zone id to create load balancer instance.
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
SlaveZoneId:
Type: String
Description: The slave zone id to create load balancer instance.
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
VpcId:
Type: String
Description: The VPC id to create load balancer instance. For VPC network only.
AssociationProperty: ALIYUN::ECS::VPC::VPCId
VSwitchId:
Type: String
Description: The VSwitch id to create load balancer instance. For VPC network only.
AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
AssociationPropertyMetadata:
VpcId: ${VpcId}
ZoneId: ${MasterZoneId}
SecurityGroupId:
Type: CommaDelimitedList
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
VpcId: ${VpcId}
Description: The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.
MinLength: 1
MaxLength: 10
Resources:
LoadBalancer:
Type: ALIYUN::SLB::LoadBalancer
Properties:
SupportPrivateLink: true
PayType: PayOnDemand
VpcId:
Ref: VpcId
VSwitchId:
Ref: VSwitchId
LoadBalancerSpec: slb.s1.small
LoadBalancerName: TestLoadBalancer
AddressType: intranet
MasterZoneId:
Ref: MasterZoneId
SlaveZoneId:
Ref: SlaveZoneId
VpcEndpointService:
DependsOn: LoadBalancer
Type: ALIYUN::PrivateLink::VpcEndpointService
Properties:
User:
- Ref: ALIYUN::AccountId
ServiceDescription: test service endpoint
Resource:
- ZoneId:
Ref: MasterZoneId
ResourceId:
Ref: LoadBalancer
ResourceType: slb
ConnectBandwidth: 100
AutoAcceptEnabled: true
VpcEndpoint:
DependsOn: VpcEndpointService
Type: ALIYUN::PrivateLink::VpcEndpoint
Properties:
VpcId:
Ref: VpcId
EndpointName: TestEndpoint
Zone:
- ZoneId:
Ref: MasterZoneId
VSwitchId:
Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
ServiceId:
Ref: VpcEndpointService
Outputs:
ServiceName:
Description: The name of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceName
ServiceDomain:
Description: The domain name of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceDomain
ServiceId:
Description: The ID of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceId
EndpointDomain:
Description: The domain name of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- EndpointDomain
Bandwidth:
Description: The bandwidth of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- Bandwidth
EndpointId:
Description: The ID of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- EndpointId {
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"MasterZoneId": {
"Type": "String",
"Description": "The master zone id to create load balancer instance.",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
},
"SlaveZoneId": {
"Type": "String",
"Description": "The slave zone id to create load balancer instance.",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
},
"VpcId": {
"Type": "String",
"Description": "The VPC id to create load balancer instance. For VPC network only.",
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
},
"VSwitchId": {
"Type": "String",
"Description": "The VSwitch id to create load balancer instance. For VPC network only.",
"AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}",
"ZoneId": "${MasterZoneId}"
}
},
"SecurityGroupId": {
"Type": "CommaDelimitedList",
"AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}"
},
"Description": "The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.",
"MinLength": 1,
"MaxLength": 10
}
},
"Resources": {
"LoadBalancer": {
"Type": "ALIYUN::SLB::LoadBalancer",
"Properties": {
"SupportPrivateLink": true,
"PayType": "PayOnDemand",
"VpcId": {
"Ref": "VpcId"
},
"VSwitchId": {
"Ref": "VSwitchId"
},
"LoadBalancerSpec": "slb.s1.small",
"LoadBalancerName": "TestLoadBalancer",
"AddressType": "intranet",
"MasterZoneId": {
"Ref": "MasterZoneId"
},
"SlaveZoneId": {
"Ref": "SlaveZoneId"
}
}
},
"VpcEndpointService": {
"DependsOn": "LoadBalancer",
"Type": "ALIYUN::PrivateLink::VpcEndpointService",
"Properties": {
"User": [
{
"Ref": "ALIYUN::AccountId"
}
],
"ServiceDescription": "test service endpoint",
"Resource": [
{
"ZoneId": {
"Ref": "MasterZoneId"
},
"ResourceId": {
"Ref": "LoadBalancer"
},
"ResourceType": "slb"
}
],
"ConnectBandwidth": 100,
"AutoAcceptEnabled": true
}
},
"VpcEndpoint": {
"DependsOn": "VpcEndpointService",
"Type": "ALIYUN::PrivateLink::VpcEndpoint",
"Properties": {
"VpcId": {
"Ref": "VpcId"
},
"EndpointName": "TestEndpoint",
"Zone": [
{
"ZoneId": {
"Ref": "MasterZoneId"
},
"VSwitchId": {
"Ref": "VSwitchId"
}
}
],
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"ServiceId": {
"Ref": "VpcEndpointService"
}
}
}
},
"Outputs": {
"ServiceName": {
"Description": "The name of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceName"
]
}
},
"ServiceDomain": {
"Description": "The domain name of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceDomain"
]
}
},
"ServiceId": {
"Description": "The ID of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceId"
]
}
},
"EndpointDomain": {
"Description": "The domain name of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"EndpointDomain"
]
}
},
"Bandwidth": {
"Description": "The bandwidth of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"Bandwidth"
]
}
},
"EndpointId": {
"Description": "The ID of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"EndpointId"
]
}
}
}
}