ALIYUN::PrivateLink::VpcEndpoint -

ALIYUN::PrivateLink::VpcEndpoint類型用於建立終端節點。

文法

{
  "Type": "ALIYUN::PrivateLink::VpcEndpoint",
  "Properties": {
    "VpcId": String,
    "EndpointName": String,
    "ServiceName": String,
    "Zone": List,
    "SecurityGroupId": List,
    "EndpointDescription": String,
    "ServiceId": String,
    "ProtectedEnabled": Boolean,
    "ZonePrivateIpAddressCount": Number,
    "EndpointType": String,
    "Tags": List
  }
}

屬性

屬性名稱	類型	必須	允許更新	描述	約束
VpcId	String	是	否	終端節點所屬的專用網路ID。	無
EndpointName	String	否	是	終端節點名稱。	長度為2~128個字元，以英文字母或漢字開頭。可包含英文字母、漢字、數字、短劃線（-）和底線（_）。
ServiceName	String	否	否	終端節點關聯的終端節點服務名稱。	無
Zone	List	否	是	可用性區域。	最多支援10個可用性區域。更多資訊，請參見Zone屬性。
SecurityGroupId	List	是	是	終端節點網卡關聯的安全性群組ID，安全性群組可以管控專用網路到終端節點網卡的資料通訊。	最多支援關聯10個安全性群組。
EndpointDescription	String	否	是	終端節點描述。	長度為2~256個字元，不能以`http://`或`https://`開頭。
ServiceId	String	否	否	終端節點關聯的終端節點服務ID。	無
ProtectedEnabled	Boolean	否	否	是否開啟託管保護。	STS調用方式下生效。取值： true：開啟託管保護。只有建立終端節點的使用者才能通過STS方式對該終端節點進行修改或刪除等操作。 false（預設值）：不開啟託管保護。
ZonePrivateIpAddressCount	Number	否	否	每個可用性區域ENI私網IP的數量。	取值：1。
EndpointType	String	否	否	終端節點類型。	取值：Interface，表示終端節點的服務資源類型為slb（傳統型負載平衡CLB）的終端節點類型。
Tags	List	否	是	標籤列表。	最多支援20個標籤。

Zone文法

"Zone": [
  {
    "ZoneId": String,
    "VSwitchId": String,
    "Ip": String
  }
]

Zone屬性

屬性名稱	類型	必須	允許更新	描述	約束
ZoneId	String	否	否	終端節點服務對應的可用性區域ID。	無
VSwitchId	String	否	否	在可用性區域內，需要建立終端節點網卡的交換器ID。	無
Ip	String	否	否	指定終端節點可用性區域的IP。	無

Tags文法

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags屬性

屬性名稱

類型

必須

允許更新

描述

約束

Key

String

是

否

執行個體的標籤鍵。

最多支援20個標籤鍵。一旦傳入該值，則不允許為空白字串。

最多支援64個字元，不能以aliyun和acs:開頭，不能包含http://或者https://。

Value

String

否

執行個體的標籤值。

最多支援20個標籤值。一旦傳入該值，可以為空白字串。

最多支援128個字元，不能以aliyun和acs:開頭，不能包含http://或者https://。

傳回值

Fn::GetAtt

EndpointDomain：終端節點網域名稱。
Bandwidth：終端節點的串連頻寬。
EndpointId：終端節點ID。
EndpointName：終端節點名稱。
VpcId：終端節點所屬的專用網路ID。
ServiceName：終端節點關聯的終端節點服務名稱。
ServiceId：終端節點關聯的終端節點服務ID。
ZoneDomains：可用性區域網域名稱。

樣本

YAML格式

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  MasterZoneId:
    Type: String
    Description: The master zone id to create load balancer instance.
    AssociationProperty: ALIYUN::ECS::Instance::ZoneId
  SlaveZoneId:
    Type: String
    Description: The slave zone id to create load balancer instance.
    AssociationProperty: ALIYUN::ECS::Instance::ZoneId
  VpcId:
    Type: String
    Description: The VPC id to create load balancer instance. For VPC network only.
    AssociationProperty: ALIYUN::ECS::VPC::VPCId
  VSwitchId:
    Type: String
    Description: The VSwitch id to create load balancer instance. For VPC network only.
    AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
    AssociationPropertyMetadata:
      VpcId: ${VpcId}
      ZoneId: ${MasterZoneId}
  SecurityGroupId:
    Type: CommaDelimitedList
    AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
    AssociationPropertyMetadata:
      VpcId: ${VpcId}
    Description: The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.
    MinLength: 1
    MaxLength: 10
Resources:
  LoadBalancer:
    Type: ALIYUN::SLB::LoadBalancer
    Properties:
      SupportPrivateLink: true
      PayType: PayOnDemand
      VpcId:
        Ref: VpcId
      VSwitchId:
        Ref: VSwitchId
      LoadBalancerSpec: slb.s1.small
      LoadBalancerName: TestLoadBalancer
      AddressType: intranet
      MasterZoneId:
        Ref: MasterZoneId
      SlaveZoneId:
        Ref: SlaveZoneId
  VpcEndpointService:
    DependsOn: LoadBalancer
    Type: ALIYUN::PrivateLink::VpcEndpointService
    Properties:
      User:
        - Ref: ALIYUN::AccountId
      ServiceDescription: test service endpoint
      Resource:
        - ZoneId:
            Ref: MasterZoneId
          ResourceId:
            Ref: LoadBalancer
          ResourceType: slb
      ConnectBandwidth: 100
      AutoAcceptEnabled: true
  VpcEndpoint:
    DependsOn: VpcEndpointService
    Type: ALIYUN::PrivateLink::VpcEndpoint
    Properties:
      VpcId:
        Ref: VpcId
      EndpointName: TestEndpoint
      Zone:
        - ZoneId:
            Ref: MasterZoneId
          VSwitchId:
            Ref: VSwitchId
      SecurityGroupId:
        Ref: SecurityGroupId
      ServiceId:
        Ref: VpcEndpointService
Outputs:
  ServiceName:
    Description: The name of the endpoint service.
    Value:
      Fn::GetAtt:
        - VpcEndpointService
        - ServiceName
  ServiceDomain:
    Description: The domain name of the endpoint service.
    Value:
      Fn::GetAtt:
        - VpcEndpointService
        - ServiceDomain
  ServiceId:
    Description: The ID of the endpoint service.
    Value:
      Fn::GetAtt:
        - VpcEndpointService
        - ServiceId
  EndpointDomain:
    Description: The domain name of the endpoint.
    Value:
      Fn::GetAtt:
        - VpcEndpoint
        - EndpointDomain
  Bandwidth:
    Description: The bandwidth of the endpoint.
    Value:
      Fn::GetAtt:
        - VpcEndpoint
        - Bandwidth
  EndpointId:
    Description: The ID of the endpoint.
    Value:
      Fn::GetAtt:
        - VpcEndpoint
        - EndpointId

JSON格式

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "MasterZoneId": {
      "Type": "String",
      "Description": "The master zone id to create load balancer instance.",
      "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
    },
    "SlaveZoneId": {
      "Type": "String",
      "Description": "The slave zone id to create load balancer instance.",
      "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
    },
    "VpcId": {
      "Type": "String",
      "Description": "The VPC id to create load balancer instance. For VPC network only.",
      "AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
    },
    "VSwitchId": {
      "Type": "String",
      "Description": "The VSwitch id to create load balancer instance. For VPC network only.",
      "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
      "AssociationPropertyMetadata": {
        "VpcId": "${VpcId}",
        "ZoneId": "${MasterZoneId}"
      }
    },
    "SecurityGroupId": {
      "Type": "CommaDelimitedList",
      "AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
      "AssociationPropertyMetadata": {
        "VpcId": "${VpcId}"
      },
      "Description": "The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.",
      "MinLength": 1,
      "MaxLength": 10
    }
  },
  "Resources": {
    "LoadBalancer": {
      "Type": "ALIYUN::SLB::LoadBalancer",
      "Properties": {
        "SupportPrivateLink": true,
        "PayType": "PayOnDemand",
        "VpcId": {
          "Ref": "VpcId"
        },
        "VSwitchId": {
          "Ref": "VSwitchId"
        },
        "LoadBalancerSpec": "slb.s1.small",
        "LoadBalancerName": "TestLoadBalancer",
        "AddressType": "intranet",
        "MasterZoneId": {
          "Ref": "MasterZoneId"
        },
        "SlaveZoneId": {
          "Ref": "SlaveZoneId"
        }
      }
    },
    "VpcEndpointService": {
      "DependsOn": "LoadBalancer",
      "Type": "ALIYUN::PrivateLink::VpcEndpointService",
      "Properties": {
        "User": [
          {
            "Ref": "ALIYUN::AccountId"
          }
        ],
        "ServiceDescription": "test service endpoint",
        "Resource": [
          {
            "ZoneId": {
              "Ref": "MasterZoneId"
            },
            "ResourceId": {
              "Ref": "LoadBalancer"
            },
            "ResourceType": "slb"
          }
        ],
        "ConnectBandwidth": 100,
        "AutoAcceptEnabled": true
      }
    },
    "VpcEndpoint": {
      "DependsOn": "VpcEndpointService",
      "Type": "ALIYUN::PrivateLink::VpcEndpoint",
      "Properties": {
        "VpcId": {
          "Ref": "VpcId"
        },
        "EndpointName": "TestEndpoint",
        "Zone": [
          {
            "ZoneId": {
              "Ref": "MasterZoneId"
            },
            "VSwitchId": {
              "Ref": "VSwitchId"
            }
          }
        ],
        "SecurityGroupId": {
          "Ref": "SecurityGroupId"
        },
        "ServiceId": {
          "Ref": "VpcEndpointService"
        }
      }
    }
  },
  "Outputs": {
    "ServiceName": {
      "Description": "The name of the endpoint service.",
      "Value": {
        "Fn::GetAtt": [
          "VpcEndpointService",
          "ServiceName"
        ]
      }
    },
    "ServiceDomain": {
      "Description": "The domain name of the endpoint service.",
      "Value": {
        "Fn::GetAtt": [
          "VpcEndpointService",
          "ServiceDomain"
        ]
      }
    },
    "ServiceId": {
      "Description": "The ID of the endpoint service.",
      "Value": {
        "Fn::GetAtt": [
          "VpcEndpointService",
          "ServiceId"
        ]
      }
    },
    "EndpointDomain": {
      "Description": "The domain name of the endpoint.",
      "Value": {
        "Fn::GetAtt": [
          "VpcEndpoint",
          "EndpointDomain"
        ]
      }
    },
    "Bandwidth": {
      "Description": "The bandwidth of the endpoint.",
      "Value": {
        "Fn::GetAtt": [
          "VpcEndpoint",
          "Bandwidth"
        ]
      }
    },
    "EndpointId": {
      "Description": "The ID of the endpoint.",
      "Value": {
        "Fn::GetAtt": [
          "VpcEndpoint",
          "EndpointId"
        ]
      }
    }
  }
}