ALIYUN::ApiGateway::AccessControl类型用于创建访问控制策略。
语法
{
"Type": "ALIYUN::ApiGateway::AccessControl",
"Properties": {
"AccessControlListName": String,
"AddressIpVersion": String,
"AclEntrys": List
}
}属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
AccessControlListName |
String |
是 |
否 |
ACL的名称。 |
名称长度必须为1到30个字符,可以包含字母、数字、句点(.)、连字符(-)、正斜杠(/)和下划线(_)。名称在区域内必须唯一。长度限制:最小1,最大30 |
|
AclEntrys |
List |
否 |
是 |
访问控制策略信息列表。 |
每次调用最多可以向ACL添加50个IP地址或CIDR块。如果要添加到ACL的IP地址或CIDR块已存在,则不会添加该IP地址或CIDR块。添加的条目必须是CIDR块。长度限制:最小1,最大50。更多信息,请参考AclEntrys属性。 |
|
AddressIpVersion |
String |
否 |
否 |
IP版本。 |
可选值:
|
AclEntrys语法
"AclEntrys": [
{
"AclEntryComment": String,
"AclEntryIp": String
}
]AclEntrys属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
AclEntryComment |
String |
否 |
是 |
ACL的描述。 |
无 |
|
AclEntryIp |
String |
否 |
是 |
要添加到ACL的条目。 |
您可以添加CIDR块。多个CIDR块用逗号(,)分隔。 |
返回值
Fn::GetAtt
-
AddressIpVersion:IP版本。
-
AccessControlListName:ACL的名称。
-
AclEntrys:访问控制策略信息列表。
-
AclId:访问控制列表(ACL)的ID。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
AddressIpVersion:
Type: String
Description:
en: 'The IP version. Valid values: ipv4 and ipv6.'
zh: IP版本。有效值:ipv4和ipv6。
AllowedValues:
- ipv4
- ipv6
Required: false
AccessControlListName:
Type: String
Description:
en: The name of the ACL. The name must be 1 to 30 characters in length, and can contain letters, digits, periods (.), hyphens (-), forward slashes (/), and underscores (_). The name must be unique within the region.
zh: ACL的名称。名称长度必须为1到30个字符,可以包含字母、数字、句点(.)、连字符(-)、正斜杠(/)和下划线(_)。名称在区域内必须唯一。
Required: true
MinLength: 1
MaxLength: 30
AclEntrys:
AssociationPropertyMetadata:
Parameters:
AclEntryComment:
Type: String
Description:
en: The description of the ACL.
zh: ACL的描述。
Required: false
AclEntryIp:
Type: String
Description:
en: The entries that you want to add to the ACL. You can add CIDR blocks. Separate multiple CIDR blocks with commas (,).
zh: 要添加到ACL的条目。您可以添加CIDR块。多个CIDR块用逗号(,)分隔。
Required: false
AssociationProperty: List[Parameters]
Type: Json
Description:
en: Information list of access control policies. You can add at most 50 IP addresses or CIDR blocks to an ACL in each call. If the IP address or CIDR block that you want to add to an ACL already exists, the IP address or CIDR block is not added. The entries that you add must be CIDR blocks.
zh: 访问控制策略信息列表。每次调用最多可以向ACL添加50个IP地址或CIDR块。如果要添加到ACL的IP地址或CIDR块已存在,则不会添加该IP地址或CIDR块。添加的条目必须是CIDR块。
Required: false
MinLength: 1
MaxLength: 50
Resources:
ExtensionResource:
Type: ALIYUN::ApiGateway::AccessControl
Properties:
AddressIpVersion:
Ref: AddressIpVersion
AccessControlListName:
Ref: AccessControlListName
AclEntrys:
Ref: AclEntrys
Outputs:
AddressIpVersion:
Description:
en: 'The IP version. Valid values: ipv4 and ipv6.'
zh: IP版本。有效值:ipv4和ipv6。
Value:
Fn::GetAtt:
- ExtensionResource
- AddressIpVersion
AccessControlListName:
Description:
en: The name of the ACL.
zh: ACL的名称。
Value:
Fn::GetAtt:
- ExtensionResource
- AccessControlListName
AclEntrys:
Description:
en: Information list of access control policies.
zh: 访问控制策略信息列表。
Value:
Fn::GetAtt:
- ExtensionResource
- AclEntrys
AclId:
Description:
en: The ID of the access control list (ACL).
zh: 访问控制列表(ACL)的ID。
Value:
Fn::GetAtt:
- ExtensionResource
- AclId
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"AddressIpVersion": {
"Type": "String",
"Description": {
"en": "The IP version. Valid values: ipv4 and ipv6.",
"zh": "IP版本。有效值:ipv4和ipv6。"
},
"AllowedValues": [
"ipv4",
"ipv6"
],
"Required": false
},
"AccessControlListName": {
"Type": "String",
"Description": {
"en": "The name of the ACL. The name must be 1 to 30 characters in length, and can contain letters, digits, periods (.), hyphens (-), forward slashes (/), and underscores (_). The name must be unique within the region.",
"zh": "ACL的名称。名称长度必须为1到30个字符,可以包含字母、数字、句点(.)、连字符(-)、正斜杠(/)和下划线(_)。名称在区域内必须唯一。"
},
"Required": true,
"MinLength": 1,
"MaxLength": 30
},
"AclEntrys": {
"AssociationPropertyMetadata": {
"Parameters": {
"AclEntryComment": {
"Type": "String",
"Description": {
"en": "The description of the ACL.",
"zh": "ACL的描述。"
},
"Required": false
},
"AclEntryIp": {
"Type": "String",
"Description": {
"en": "The entries that you want to add to the ACL. You can add CIDR blocks. Separate multiple CIDR blocks with commas (,).",
"zh": "要添加到ACL的条目。您可以添加CIDR块。多个CIDR块用逗号(,)分隔。"
},
"Required": false
}
}
},
"AssociationProperty": "List[Parameters]",
"Type": "Json",
"Description": {
"en": "Information list of access control policies. You can add at most 50 IP addresses or CIDR blocks to an ACL in each call. If the IP address or CIDR block that you want to add to an ACL already exists, the IP address or CIDR block is not added. The entries that you add must be CIDR blocks.",
"zh": "访问控制策略信息列表。每次调用最多可以向ACL添加50个IP地址或CIDR块。如果要添加到ACL的IP地址或CIDR块已存在,则不会添加该IP地址或CIDR块。添加的条目必须是CIDR块。"
},
"Required": false,
"MinLength": 1,
"MaxLength": 50
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::ApiGateway::AccessControl",
"Properties": {
"AddressIpVersion": {
"Ref": "AddressIpVersion"
},
"AccessControlListName": {
"Ref": "AccessControlListName"
},
"AclEntrys": {
"Ref": "AclEntrys"
}
}
}
},
"Outputs": {
"AddressIpVersion": {
"Description": {
"en": "The IP version. Valid values: ipv4 and ipv6.",
"zh": "IP版本。有效值:ipv4和ipv6。"
},
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AddressIpVersion"
]
}
},
"AccessControlListName": {
"Description": {
"en": "The name of the ACL.",
"zh": "ACL的名称。"
},
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AccessControlListName"
]
}
},
"AclEntrys": {
"Description": {
"en": "Information list of access control policies.",
"zh": "访问控制策略信息列表。"
},
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AclEntrys"
]
}
},
"AclId": {
"Description": {
"en": "The ID of the access control list (ACL).",
"zh": "访问控制列表(ACL)的ID。"
},
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AclId"
]
}
}
}
}
该文章对您有帮助吗?