alicloud_cloud_firewall_nat_firewall
更新时间:
Provides a Cloud Firewall Nat Firewall resource.
For information about Cloud Firewall Nat Firewall and how to use it, see What is Nat Firewall.
-> NOTE: Available since v1.224.0.
Example Usage
Basic Usage
variable "name" {
default = "terraform-example"
}
provider "alicloud" {
region = "cn-shenzhen"
}
data "alicloud_zones" "default" {
available_resource_creation = "VSwitch"
}
resource "alicloud_vpc" "defaultikZ0gD" {
cidr_block = "172.16.0.0/12"
vpc_name = var.name
}
resource "alicloud_vswitch" "defaultp4O7qi" {
vpc_id = alicloud_vpc.defaultikZ0gD.id
cidr_block = "172.16.6.0/24"
vswitch_name = var.name
zone_id = data.alicloud_zones.default.zones.0.id
}
resource "alicloud_nat_gateway" "default2iRZpC" {
eip_bind_mode = "MULTI_BINDED"
vpc_id = alicloud_vpc.defaultikZ0gD.id
nat_gateway_name = var.name
payment_type = "PayAsYouGo"
vswitch_id = alicloud_vswitch.defaultp4O7qi.id
nat_type = "Enhanced"
network_type = "internet"
}
resource "alicloud_eip_address" "defaultyiRwgs" {
address_name = var.name
}
resource "alicloud_eip_association" "defaults2MTuO" {
instance_id = alicloud_nat_gateway.default2iRZpC.id
allocation_id = alicloud_eip_address.defaultyiRwgs.id
mode = "NAT"
instance_type = "Nat"
}
resource "alicloud_snat_entry" "defaultAKE43g" {
snat_ip = alicloud_eip_address.defaultyiRwgs.ip_address
snat_table_id = alicloud_nat_gateway.default2iRZpC.snat_table_ids
source_vswitch_id = alicloud_vswitch.defaultp4O7qi.id
}
resource "alicloud_cloud_firewall_nat_firewall" "default" {
nat_gateway_id = alicloud_nat_gateway.default2iRZpC.id
nat_route_entry_list {
nexthop_type = "NatGateway"
route_table_id = alicloud_vpc.defaultikZ0gD.route_table_id
nexthop_id = alicloud_nat_gateway.default2iRZpC.id
destination_cidr = "0.0.0.0/0"
}
firewall_switch = "close"
vswitch_auto = "true"
status = "closed"
region_no = "cn-shenzhen"
lang = "zh"
proxy_name = "CFW-example"
vswitch_id = alicloud_snat_entry.defaultAKE43g.source_vswitch_id
strict_mode = "0"
vpc_id = alicloud_vpc.defaultikZ0gD.id
vswitch_cidr = "172.16.5.0/24"
}
Argument Reference
The following arguments are supported:
firewall_switch
- (Optional) Safety protection switch. Value:-open: open-close: close.lang
- (Optional) Lang.nat_gateway_id
- (Required, ForceNew) NAT gateway ID.nat_route_entry_list
- (Required, ForceNew) The list of routes to be switched by the NAT gateway. Seenat_route_entry_list
below.proxy_name
- (Required, ForceNew) NAT firewall name.region_no
- (Required, ForceNew) Region.status
- (Optional, Computed) The status of the resource.strict_mode
- (Optional, ForceNew) Whether strict mode is enabled 1-Enable strict mode 0-Disable strict mode.vswitch_id
- (Optional) The switch ID. Required for switch manual mode.vpc_id
- (Required, ForceNew) The ID of the VPC instance.vswitch_auto
- (Optional) Whether to use switch automatic mode. Value: true: Use automatic mode: false: Use manual mode.vswitch_cidr
- (Optional) The network segment of the virtual switch. Required for Switch automatic mode.
nat_route_entry_list
The nat_route_entry_list supports the following:
destination_cidr
- (Required, ForceNew) The destination network segment of the default route.nexthop_id
- (Required, ForceNew) The next hop address of the original NAT gateway.nexthop_type
- (Required, ForceNew) The network type of the next hop. Value: NatGateway : NAT Gateway.route_table_id
- (Required, ForceNew) The route table where the default route of the NAT gateway is located.
Attributes Reference
The following attributes are exported:
id
- The ID of the resource supplied above.
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 5 mins) Used when create the Nat Firewall.delete
- (Defaults to 5 mins) Used when delete the Nat Firewall.update
- (Defaults to 5 mins) Used when update the Nat Firewall.
Import
Cloud Firewall Nat Firewall can be imported using the id, e.g.
$ terraform import alicloud_cloud_firewall_nat_firewall.example <id>
文档内容是否对您有帮助?