ALIYUN::CR::InstanceEndpointAclPolicy

ALIYUN::CR::InstanceEndpointAclPolicy类型用于为公网实例访问入口创建白名单策略。

语法

{
  "Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
  "Properties": {
    "Comment": String,
    "Entry": String,
    "InstanceId": String,
    "ModuleName": String,
    "EndpointType": String,
    "RegionId": String
  }
}

属性

属性名称

类型

必须

允许更新

描述

约束

Comment

String

说明。

Entry

String

允许访问的IP网段,例如192.168.1.1/32。

InstanceId

String

实例ID。

ModuleName

String

需要设置访问策略的模块。

取值:

  • Registry

  • Chart

EndpointType

String

访问入口类型。

取值: internet(公网)。

RegionId

String

地域ID。

默认为资源栈地域ID。

返回值

Fn::GetAtt

  • Entry:允许访问的IP网段。

  • InstanceId:实例ID。

示例

JSON格式

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "Entry": {
      "Type": "String",
      "Description": "The IP address range that is allowed to access the instance.",
      "Default": "192.168.1.1/32"
    },
    "InstanceId": {
      "Type": "String",
      "Description": "The ID of the instance."
    }
  },
  "Resources": {
    "InstanceEndpointAclPolicy": {
      "Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
      "Properties": {
        "Entry": {
          "Ref": "Entry"
        },
        "InstanceId": {
          "Ref": "InstanceId"
        }
      }
    }
  },
  "Outputs": {
    "Entry": {
      "Description": "The IP address range that is allowed to access the instance.",
      "Value": {
        "Fn::GetAtt": [
          "InstanceEndpointAclPolicy",
          "Entry"
        ]
      }
    },
    "InstanceId": {
      "Description": "The ID of the instance.",
      "Value": {
        "Fn::GetAtt": [
          "InstanceEndpointAclPolicy",
          "InstanceId"
        ]
      }
    }
  }
}

YAML格式

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  Entry:
    Type: String
    Description: The IP address range that is allowed to access the instance.
    Default: 192.168.1.1/32
  InstanceId:
    Type: String
    Description: The ID of the instance.
Resources:
  InstanceEndpointAclPolicy:
    Type: 'ALIYUN::CR::InstanceEndpointAclPolicy'
    Properties:
      Entry:
        Ref: Entry
      InstanceId:
        Ref: InstanceId
Outputs:
  Entry:
    Description: The IP address range that is allowed to access the instance.
    Value:
      'Fn::GetAtt':
        - InstanceEndpointAclPolicy
        - Entry
  InstanceId:
    Description: The ID of the instance.
    Value:
      'Fn::GetAtt':
        - InstanceEndpointAclPolicy
        - InstanceId