全部產品
Search
文件中心

Resource Orchestration Service:ALIYUN::VPC::VpnGateway

更新時間:Jun 19, 2024

ALIYUN::VPC::VpnGateway類型用於建立VPN網關。

文法

{
  "Type": "ALIYUN::VPC::VpnGateway",
  "Properties": {
    "VpcId": String,
    "VSwitchId": String,
    "Description": String,
    "EnableIpsec": Boolean,
    "AutoPay": Boolean,
    "Period": Integer,
    "EnableSsl": Boolean,
    "Bandwidth": Integer,
    "InstanceChargeType": String,
    "SslConnections": Integer,
    "Name": String,
    "Tags": List,
    "VpnType": String,
    "NetworkType": String,
    "DisasterRecoveryVSwitchId": String
  }
}

屬性

屬性名稱

類型

必須

允許更新

描述

約束

VpcId

String

VPN網關所屬的專用網路ID。

VSwitchId

String

VPN網關所屬的交換器ID。

Description

String

VPN網關描述。

長度為2~256個字元,必須以英文字母或漢字開頭,不能以http://https://開頭。

EnableIpsec

Boolean

是否開啟IPsec-VPN功能。

取值:

  • true(預設值):開啟。

  • false:關閉。

IPsec-VPN功能提供網站到網站的串連。您可以通過建立IPsec隧道將本機資料中心網路和專用網路或兩個專用網路安全地串連起來。

AutoPay

Boolean

是否自動支付VPN網關的賬單 。

取值:

  • true(預設值):自動支付。

  • false:不自動支付。

Period

Integer

購買時間長度。

取值:

  • 1

  • 2

  • 3

  • 4

  • 5

  • 6

  • 7

  • 8

  • 9

  • 12

  • 24

  • 36

單位:月

。當InstanceChargeType取值為PREPAY時,必須指定該參數。

EnableSsl

Boolean

是否開啟SSL-VPN功能。

取值:

  • true:開啟。

  • false(預設值):關閉。

SSL-VPN功能提供點到網站的VPN串連,不需要配置客戶網關,終端可以直接接入。

Bandwidth

Integer

VPN網關的公網頻寬。

取值:

  • 5

  • 10

  • 20

  • 50

  • 100

單位:Mbps。

InstanceChargeType

String

VPN網關的計費類型。

取值:PREPAY(預付費)。

SslConnections

Integer

允許同時串連的最大用戶端數量。

Name

String

VPN網關的名稱。

長度為2~100個字元。必須以英文字母或漢字開頭,不能以http://https://開頭。可包含英文字母、漢字、數字、底線(_)和短劃線(-)。

預設值為VPN網關ID。

Tags

List

標籤。

最多支援添加20個標籤。

更多資訊,請參見Tags屬性

VpnType

String

VPN網關類型。

取值:

  • Normal(預設值):普通型。

  • NationalStandard:國密型。

NetworkType

String

VPN網關的網路類型。

取值:

  • public(預設值):公網VPN網關。

  • private:私網VPN網關。

DisasterRecoveryVSwitchId

String

指定VPN網關執行個體關聯的第二個交換器執行個體。

  • 如果當前地區支援建立雙隧道模式的IPsec-VPN串連,則本參數必填。

  • 您需要從VPN網關執行個體關聯的VPC執行個體下指定兩個分布在不同可用性區域的交換器執行個體,以實現IPsec-VPN串連可用性區域層級的容災。

  • 對於僅支援一個可用性區域的地區 ,不支援可用性區域層級的容災,建議您在該可用性區域下指定兩個不同的交換器執行個體以實現IPsec-VPN串連的高可用,支援指定相同的交換器執行個體。

關於支援雙隧道模式IPsec-VPN串連的地區和可用性區域的資訊,請參見IPsec-VPN串連升級為雙隧道模式

Tags文法

"Tags": [
  {
    "Key": String,
    "Value": String
  }
]  

Tags屬性

屬性名稱

類型

必須

允許更新

描述

約束

Key

String

標籤鍵。

長度為1~128個字元,不能以aliyunacs:開頭,不能包含http://或者https://

Value

String

標籤值。

長度為0~128個字元,不能以aliyunacs:開頭,不能包含http://或者https://

傳回值

Fn::GetAtt

  • OrderId:訂單ID。

  • VpnGatewayId:VPN網關ID。

  • InternetIp:VPN網關的公網IP。

  • SslMaxConnections:允許串連的最大SSL-VPN用戶端。

  • Spec:VPN網關的頻寬峰值。

  • DisasterRecoveryVSwitchId:VPN網關執行個體關聯的第二個交換器執行個體。

  • VpnType:VPN網關類型。

  • VpcId:VPN網關所屬的VPC執行個體ID。

  • SslVpnInternetIp:SSL-VPN串連IP地址。

  • DisasterRecoveryInternetIp:建立IPsec-VPN串連時系統分配的第二個IP地址。

  • VSwitchId:VPN網關執行個體關聯的交換器執行個體。

樣本

YAML格式

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
 AutoPay:
  AllowedValues:
  - 'True'
  - 'true'
  - 'False'
  - 'false'
  Default: true
  Description: 'Whether to automatically pay the bill of the VPN gateway, the value:

   True: Automatically pays the bill for the VPN gateway.

   False (default): Does not automatically pay the bill for the VPN gateway.'
  Type: Boolean
 Bandwidth:
  AllowedValues:
  - 5
  - 10
  - 20
  - 50
  - 100
  - 200
  Description: 'The public network bandwidth of the VPN gateway, in Mbps.

   Value: 5|10|20|50|100|200.'
  Type: Number
 Description:
  Description: 'Description of the VPN gateway.

   The length is 2-256 characters and must start with a letter or Chinese, but
   cannot start with http:// or https://.'
  MaxLength: 256
  MinLength: 2
  Type: String
 EnableIpsec:
  AllowedValues:
  - 'True'
  - 'true'
  - 'False'
  - 'false'
  Default: true
  Description: 'Whether to enable IPsec-VPN. The IPsec-VPN feature provides a site-to-site
   connection. You can securely connect your local data center network to a private
   network or two proprietary networks by creating an IPsec tunnel. Value:

   True (default): Enables the IPsec-VPN feature.

   False: The IPsec-VPN function is not enabled.'
  Type: Boolean
 EnableSsl:
  AllowedValues:
  - 'True'
  - 'true'
  - 'False'
  - 'false'
  Default: false
  Description: 'Enable the SSL-VPN function. Provide point-to-site VPN connection,
   no need to configure customer gateway, terminal directly access. Value:

   True: Enable SSL-VPN.

   False (default): Does not enable SSL-VPN.'
  Type: Boolean
 InstanceChargeType:
  AllowedValues:
  - PREPAY
  - POSTPAY
  Default: PREPAY
  Description: 'Accounting type of the VPN gateway, the value is:

   PREPAY, POSTPAY'
  Type: String
 Name:
  Description: 'Name of the VPN gateway. The default value is the ID of the VPN
   gateway.

   The length is 2~100 English or Chinese characters. It must start with a large
   or small letter or Chinese. It can contain numbers, underscores (_) and dashes
   (-). It cannot start with http:// or https://.'
  MaxLength: 100
  MinLength: 2
  Type: String
 Period:
  AllowedValues:
  - 1
  - 2
  - 3
  - 4
  - 5
  - 6
  - 7
  - 8
  - 9
  - 12
  - 24
  - 36
  Description: 'Purchase time, value: 1~9|12|24|36.

   When the value of the InstanceChargeType parameter is PREPAY, this parameter
   is mandatory.'
  Type: Number
 SslConnections:
  Description: The maximum number of clients allowed to connect at the same time.
  Type: Number
 Tags:
  Description: Tags to attach to instance. Max support 20 tags to add during create
   instance. Each tag with two properties Key and Value, and Key is required.
  MaxLength: 20
  Type: Json
 VSwitchId:
  Description: The ID of the VSwitch to which the VPN gateway belongs.
  Type: String
 VpcId:
  Description: VPC ID to which the VPN gateway belongs.
  Type: String
Resources:
 VpnGateway:
  Properties:
   AutoPay:
    Ref: AutoPay
   Bandwidth:
    Ref: Bandwidth
   Description:
    Ref: Description
   EnableIpsec:
    Ref: EnableIpsec
   EnableSsl:
    Ref: EnableSsl
   InstanceChargeType:
    Ref: InstanceChargeType
   Name:
    Ref: Name
   Period:
    Ref: Period
   SslConnections:
    Ref: SslConnections
   Tags:
    Ref: Tags
   VSwitchId:
    Ref: VSwitchId
   VpcId:
    Ref: VpcId
  Type: ALIYUN::VPC::VpnGateway
Outputs:
 InternetIp:
  Description: The public IP address of the VPN gateway.
  Value:
   Fn::GetAtt:
   - VpnGateway
   - InternetIp
 OrderId:
  Description: The order ID.
  Value:
   Fn::GetAtt:
   - VpnGateway
   - OrderId
 Spec:
  Description: The specification of the VPN gateway.
  Value:
   Fn::GetAtt:
   - VpnGateway
   - Spec
 SslMaxConnections:
  Description: The maximum number of concurrent SSL-VPN connections.
  Value:
   Fn::GetAtt:
   - VpnGateway
   - SslMaxConnections
 VpnGatewayId:
  Description: ID of the VPN gateway.
  Value:
   Fn::GetAtt:
   - VpnGateway
   - VpnGatewayId

JSON格式

{
 "ROSTemplateFormatVersion": "2015-09-01",
 "Parameters": {
  "EnableIpsec": {
   "Type": "Boolean",
   "Description": "Whether to enable IPsec-VPN. The IPsec-VPN feature provides a site-to-site connection. You can securely connect your local data center network to a private network or two proprietary networks by creating an IPsec tunnel. Value:\nTrue (default): Enables the IPsec-VPN feature.\nFalse: The IPsec-VPN function is not enabled.",
   "AllowedValues": [
    "True",
    "true",
    "False",
    "false"
   ],
   "Default": true
  },
  "EnableSsl": {
   "Type": "Boolean",
   "Description": "Enable the SSL-VPN function. Provide point-to-site VPN connection, no need to configure customer gateway, terminal directly access. Value:\nTrue: Enable SSL-VPN.\nFalse (default): Does not enable SSL-VPN.",
   "AllowedValues": [
    "True",
    "true",
    "False",
    "false"
   ],
   "Default": false
  },
  "SslConnections": {
   "Type": "Number",
   "Description": "The maximum number of clients allowed to connect at the same time."
  },
  "Description": {
   "Type": "String",
   "Description": "Description of the VPN gateway.\nThe length is 2-256 characters and must start with a letter or Chinese, but cannot start with http:// or https://.",
   "MinLength": 2,
   "MaxLength": 256
  },
  "VpcId": {
   "Type": "String",
   "Description": "VPC ID to which the VPN gateway belongs."
  },
  "InstanceChargeType": {
   "Type": "String",
   "Description": "Accounting type of the VPN gateway, the value is:\nPREPAY, POSTPAY",
   "AllowedValues": [
    "PREPAY",
    "POSTPAY"
   ],
   "Default": "PREPAY"
  },
  "Bandwidth": {
   "Type": "Number",
   "Description": "The public network bandwidth of the VPN gateway, in Mbps.\nValue: 5|10|20|50|100|200.",
   "AllowedValues": [
    5,
    10,
    20,
    50,
    100,
    200
   ]
  },
  "VSwitchId": {
   "Type": "String",
   "Description": "The ID of the VSwitch to which the VPN gateway belongs."
  },
  "Period": {
   "Type": "Number",
   "Description": "Purchase time, value: 1~9|12|24|36.\nWhen the value of the InstanceChargeType parameter is PREPAY, this parameter is mandatory.",
   "AllowedValues": [
    1,
    2,
    3,
    4,
    5,
    6,
    7,
    8,
    9,
    12,
    24,
    36
   ]
  },
  "AutoPay": {
   "Type": "Boolean",
   "Description": "Whether to automatically pay the bill of the VPN gateway, the value:\nTrue: Automatically pays the bill for the VPN gateway.\nFalse (default): Does not automatically pay the bill for the VPN gateway.",
   "AllowedValues": [
    "True",
    "true",
    "False",
    "false"
   ],
   "Default": true
  },
  "Tags": {
   "Type": "Json",
   "Description": "Tags to attach to instance. Max support 20 tags to add during create instance. Each tag with two properties Key and Value, and Key is required.",
   "MaxLength": 20
  },
  "Name": {
   "Type": "String",
   "Description": "Name of the VPN gateway. The default value is the ID of the VPN gateway.\nThe length is 2~100 English or Chinese characters. It must start with a large or small letter or Chinese. It can contain numbers, underscores (_) and dashes (-). It cannot start with http:// or https://.",
   "MinLength": 2,
   "MaxLength": 100
  }
 },
 "Resources": {
  "VpnGateway": {
   "Type": "ALIYUN::VPC::VpnGateway",
   "Properties": {
    "EnableIpsec": {
     "Ref": "EnableIpsec"
    },
    "EnableSsl": {
     "Ref": "EnableSsl"
    },
    "SslConnections": {
     "Ref": "SslConnections"
    },
    "Description": {
     "Ref": "Description"
    },
    "VpcId": {
     "Ref": "VpcId"
    },
    "InstanceChargeType": {
     "Ref": "InstanceChargeType"
    },
    "Bandwidth": {
     "Ref": "Bandwidth"
    },
    "VSwitchId": {
     "Ref": "VSwitchId"
    },
    "Period": {
     "Ref": "Period"
    },
    "AutoPay": {
     "Ref": "AutoPay"
    },
    "Tags": {
     "Ref": "Tags"
    },
    "Name": {
     "Ref": "Name"
    }
   }
  }
 },
 "Outputs": {
  "InternetIp": {
   "Description": "The public IP address of the VPN gateway.",
   "Value": {
    "Fn::GetAtt": [
     "VpnGateway",
     "InternetIp"
    ]
   }
  },
  "VpnGatewayId": {
   "Description": "ID of the VPN gateway.",
   "Value": {
    "Fn::GetAtt": [
     "VpnGateway",
     "VpnGatewayId"
    ]
   }
  },
  "OrderId": {
   "Description": "The order ID.",
   "Value": {
    "Fn::GetAtt": [
     "VpnGateway",
     "OrderId"
    ]
   }
  },
  "Spec": {
   "Description": "The specification of the VPN gateway.",
   "Value": {
    "Fn::GetAtt": [
     "VpnGateway",
     "Spec"
    ]
   }
  },
  "SslMaxConnections": {
   "Description": "The maximum number of concurrent SSL-VPN connections.",
   "Value": {
    "Fn::GetAtt": [
     "VpnGateway",
     "SslMaxConnections"
    ]
   }
  }
 }
}