All Products
Search
Document Center

Resource Orchestration Service:ALIYUN::NAS::AccessRule

Last Updated:Aug 14, 2023

ALIYUN::NAS::AccessRule is used to create a rule for a permission group.

Syntax

{
  "Type": "ALIYUN::NAS::AccessRule",
  "Properties": {
    "Priority": Integer,
    "UserAccessType": String,
    "AccessGroupName": String,
    "SourceCidrIp": String,
    "RWAccessType": String,
    "FileSystemType": String,
    "Ipv6SourceCidrIp": String
  }
}

Properties

Property

Type

Required

Editable

Description

Constraint

Priority

Integer

No

Yes

The priority.

Valid values: 1 to 100. Default value: 1.

UserAccessType

String

No

Yes

The access permissions for different types of users in the authorized object.

Valid values:

  • no_squash (default)

  • root_squash

  • all_squash

AccessGroupName

String

Yes

No

The name of the permission group.

None.

SourceCidrIp

String

No

Yes

The IP address or CIDR block.

None.

RWAccessType

String

No

Yes

The read or write permission type.

Valid values:

  • RDWR (default): read and write permissions

  • RDONLY: read-only permissions

FileSystemType

String

No

Yes

The type of the file system.

Valid values:

  • standard (default): General-purpose NAS

  • extreme: Extreme NAS

Ipv6SourceCidrIp

String

No

Yes

The source IPv6 CIDR block.

IPv6 CIDR blocks and IPv6 addresses are supported.

Note
  • Only Extreme NAS file systems that reside in regions inside the Chinese mainland support the IPv6 feature. If you want to use the IPv6 feature, you must enable this feature for the file systems.

  • This property is supported only for virtual private clouds (VPCs).

  • You cannot specify an IPv4 address and an IPv6 address at the same time.

Return values

Fn::GetAtt

AccessRuleId: the rule ID.

Examples

  • YAML format

    ROSTemplateFormatVersion: '2015-09-01'
    Resources:
      AccessRule:
        Type: ALIYUN::NAS::AccessRule
        Properties:
          SourceCidrIp: 0.0.0.0/0
          AccessGroupName: TestAccessGroup
    Outputs:
      AccessRuleId:
        Description: Rule serial number
        Value:
          Fn::GetAtt:
            - AccessRule
            - AccessRuleId
  • JSON format

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Resources": {
        "AccessRule": {
          "Type": "ALIYUN::NAS::AccessRule",
          "Properties": {
            "SourceCidrIp": "0.0.0.0/0",
            "AccessGroupName": "TestAccessGroup"
          }
        }
      },
      "Outputs": {
        "AccessRuleId": {
          "Description": "Rule serial number",
          "Value": {
            "Fn::GetAtt": [
              "AccessRule",
              "AccessRuleId"
            ]
          }
        }
      }
    }