alicloud_vpc_traffic_mirror_filter_egress_rule
更新时间:
Provides a VPC Traffic Mirror Filter Egress Rule resource.
For information about VPC Traffic Mirror Filter Egress Rule and how to use it, see What is Traffic Mirror Filter Egress Rule.
-> NOTE: Available since v1.140.0.
Example Usage
Basic Usage
resource "alicloud_vpc_traffic_mirror_filter" "example" {
traffic_mirror_filter_name = "example_value"
}
resource "alicloud_vpc_traffic_mirror_filter_egress_rule" "default" {
action = "drop"
priority = "2"
source_cidr_block = "10.0.0.0/11"
destination_cidr_block = "10.0.0.0/12"
traffic_mirror_filter_id = alicloud_vpc_traffic_mirror_filter.example.id
protocol = "ALL"
}
Argument Reference
The following arguments are supported:
action- (Optional, Available since v1.211.0) The collection policy of the inbound rule. Valid values:acceptordrop.accept: collects network traffic.drop: does not collect network traffic.destination_cidr_block- (Required) The destination CIDR block of the outbound traffic.destination_port_range- (Optional, Computed) The destination CIDR block of the outbound traffic. Valid values:1to65535. Separate the first port and last port with a forward slash (/), for example,1/200or80/80. A value of-1/-1indicates that all ports are available. Therefore, do not set the value to-1/-1. NOTE: WhenprotocolisICMP, this parameter is invalid.dry_run- (Optional) Whether to PreCheck this request only. Value:- true: sends a check request and does not create inbound or outbound rules. Check items include whether required parameters are filled in, request format, and restrictions. If the check fails, the corresponding error is returned. If the check passes, the error code 'DryRunOperation' is returned '.
- false (default): Sends a normal request and directly creates an inbound or outbound direction rule after checking.
priority- (Required) The priority of the inbound rule. A smaller value indicates a higher priority. The maximum value is10, which indicates that you can configure at most 10 inbound rules for a filter.protocol- (Required) The transport protocol used by outbound traffic that needs to be mirrored. Valid values:ALL,ICMP,TCP,UDP.source_cidr_block- (Required) The source CIDR block of the outbound traffic.source_port_range- (Optional, Computed) The source port range of the outbound traffic. Valid values:1to65535. Separate the first port and last port with a forward slash (/), for example,1/200or80/80. A value of-1/-1indicates that all ports are available. Therefore, do not set the value to-1/-1. NOTE: WhenprotocolisICMP, this parameter is invalid.traffic_mirror_filter_id- (Required, ForceNew) The ID of the filter.
The following arguments will be discarded. Please use new fields as soon as possible:
rule_action- (Deprecated since v1.211.0). Field 'rule_action' has been deprecated from provider version 1.211.0. New field 'action' instead.
Attributes Reference
The following attributes are exported:
id- The ID of the resource supplied above.The value is formulated as<traffic_mirror_filter_id>:<traffic_mirror_filter_egress_rule_id>.status- The state of the inbound rule.Creating,Created,ModifyingandDeleting.traffic_mirror_filter_egress_rule_id- The ID of the outbound rule.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 5 mins) Used when create the Traffic Mirror Filter Egress Rule.delete- (Defaults to 5 mins) Used when delete the Traffic Mirror Filter Egress Rule.update- (Defaults to 5 mins) Used when update the Traffic Mirror Filter Egress Rule.
Import
VPC Traffic Mirror Filter Egress Rule can be imported using the id, e.g.
$ terraform import alicloud_vpc_traffic_mirror_filter_egress_rule.example <traffic_mirror_filter_id>:<traffic_mirror_filter_egress_rule_id>
文档内容是否对您有帮助?