AI 助理
备案控制台
官方文档
输入文档关键字查找
首页 Terraform 资源列表 Network Load Balancer (NLB) Resources alicloud_nlb_security_policy

alicloud_nlb_security_policy

更新时间:
我的收藏

Provides a NLB Security Policy resource.

For information about NLB Security Policy and how to use it, see What is Security Policy.

-> NOTE: Available since v1.187.0.

Example Usage

Basic Usage


variable "name" {
  default = "tf-example"
}
data "alicloud_resource_manager_resource_groups" "default" {}
resource "alicloud_nlb_security_policy" "default" {
  resource_group_id    = data.alicloud_resource_manager_resource_groups.default.ids.0
  security_policy_name = var.name
  ciphers              = ["ECDHE-RSA-AES128-SHA", "ECDHE-ECDSA-AES128-SHA"]
  tls_versions         = ["TLSv1.0", "TLSv1.1", "TLSv1.2"]
  tags = {
    Created = "TF"
    For     = "example"
  }
}

Argument Reference

The following arguments are supported:

  • ciphers - (Required, List) The supported cipher suites, which are determined by the TLS protocol version. You can specify at most 32 cipher suites.

    • TLS 1.0 and TLS 1.1 support the following cipher suites: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA
    • TLS 1.2 supports the following cipher suites: ECDHE-ECDSA-AES128-SHA, ECDHE-ECDSA-AES256-SHA, ECDHE-RSA-AES128-SHA, ECDHE-RSA-AES256-SHA, AES128-SHA, AES256-SHA, DES-CBC3-SHA, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES256-SHA384, AES128-GCM-SHA256, AES256-GCM-SHA384, AES128-SHA256, AES256-SHA256
    • TLS 1.3 supports the following cipher suites: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256, TLS_AES_128_CCM_SHA256, TLS_AES_128_CCM_8_SHA256.

  • resource_group_id - (Optional, Computed) The ID of the new resource group.

    You can log on to the Resource Management console to view resource group IDs.

  • security_policy_name - (Optional) The name of the security policy.

    The name must be 1 to 200 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-).

  • tags - (Optional, Map) The tag of the resource

  • tls_versions - (Required, List) The supported versions of the Transport Layer Security (TLS) protocol. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3. You can specify at most four TLS versions.

Attributes Reference

The following attributes are exported:

  • id - The ID of the resource supplied above.
  • status - The status of the resource

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 5 mins) Used when create the Security Policy.
  • delete - (Defaults to 5 mins) Used when delete the Security Policy.
  • update - (Defaults to 5 mins) Used when update the Security Policy.

Import

NLB Security Policy can be imported using the id, e.g.

$ terraform import alicloud_nlb_security_policy.example <id>

上一篇:alicloud_nlb_loadbalancer_common_bandwidth_package_attachment下一篇:alicloud_nlb_server_group