All Products
Search

This Product

    Resource Orchestration Service:ALIYUN::NAS::AccessRule

    Document Center

    Resource Orchestration Service:ALIYUN::NAS::AccessRule

    更新時間:Aug 14, 2023

    ALIYUN::NAS::AccessRule is used to create a rule for a permission group.

    Syntax

    {
  "Type": "ALIYUN::NAS::AccessRule",
  "Properties": {
    "Priority": Integer,
    "UserAccessType": String,
    "AccessGroupName": String,
    "SourceCidrIp": String,
    "RWAccessType": String,
    "FileSystemType": String,
    "Ipv6SourceCidrIp": String
  }
}

    Properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    Priority

    Integer

    No

    Yes

    The priority.

    Valid values: 1 to 100. Default value: 1.

    UserAccessType

    String

    No

    Yes

    The access permissions for different types of users in the authorized object.

    Valid values:

    • no_squash (default)

    • root_squash

    • all_squash

    AccessGroupName

    String

    Yes

    No

    The name of the permission group.

    None.

    SourceCidrIp

    String

    No

    Yes

    The IP address or CIDR block.

    None.

    RWAccessType

    String

    No

    Yes

    The read or write permission type.

    Valid values:

    • RDWR (default): read and write permissions

    • RDONLY: read-only permissions

    FileSystemType

    String

    No

    Yes

    The type of the file system.

    Valid values:

    • standard (default): General-purpose NAS

    • extreme: Extreme NAS

    Ipv6SourceCidrIp

    String

    No

    Yes

    The source IPv6 CIDR block.

    IPv6 CIDR blocks and IPv6 addresses are supported.

    Note

    • Only Extreme NAS file systems that reside in regions inside the Chinese mainland support the IPv6 feature. If you want to use the IPv6 feature, you must enable this feature for the file systems.

    • This property is supported only for virtual private clouds (VPCs).

    • You cannot specify an IPv4 address and an IPv6 address at the same time.

    Return values

    Fn::GetAtt

    AccessRuleId: the rule ID.

    Examples

    • YAML format

      ROSTemplateFormatVersion: '2015-09-01'
Resources:
  AccessRule:
    Type: ALIYUN::NAS::AccessRule
    Properties:
      SourceCidrIp: 0.0.0.0/0
      AccessGroupName: TestAccessGroup
Outputs:
  AccessRuleId:
    Description: Rule serial number
    Value:
      Fn::GetAtt:
        - AccessRule
        - AccessRuleId

    • JSON format

      {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Resources": {
    "AccessRule": {
      "Type": "ALIYUN::NAS::AccessRule",
      "Properties": {
        "SourceCidrIp": "0.0.0.0/0",
        "AccessGroupName": "TestAccessGroup"
      }
    }
  },
  "Outputs": {
    "AccessRuleId": {
      "Description": "Rule serial number",
      "Value": {
        "Fn::GetAtt": [
          "AccessRule",
          "AccessRuleId"
        ]
      }
    }
  }
}