ALIYUN::CLOUDFW::TrFirewallRoutePolicy类型用于创建TR防火墙路由规则。
语法
{
"Type": "ALIYUN::CLOUDFW::TrFirewallRoutePolicy",
"Properties": {
"FirewallId": String,
"PolicyType": String,
"PolicyDescription": String,
"PolicyName": String,
"DestCandidateList": List,
"SrcCandidateList": List
}
}
属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
FirewallId | String | 是 | 否 | VPC 边界防火墙实例 ID。 | 无 |
PolicyType | String | 是 | 否 | VPC 边界防火墙云企业网企业版引流场景类型。 | 取值:
|
PolicyDescription | String | 是 | 否 | 引流描述。 | 无 |
PolicyName | String | 是 | 否 | 引流名称。 | 无 |
DestCandidateList | List | 否 | 是 | 子引流实例列表。 | 更多信息,请参见DestCandidateList属性。 |
SrcCandidateList | List | 否 | 是 | 主引流实例列表。 | 更多信息,请参见SrcCandidateList属性。 |
SrcCandidateList语法
"SrcCandidateList": [
{
"CandidateType": String,
"CandidateId": String
}
]
SrcCandidateList属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
CandidateId | String | 是 | 否 | 引流实例的 ID。 | 无 |
CandidateType | String | 否 | 否 | 引流实例类型。 | 无 |
DestCandidateList语法
"DestCandidateList": [
{
"CandidateType": String,
"CandidateId": String
}
]
DestCandidateList属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
CandidateId | String | 是 | 否 | 引流实例的 ID。 | 无 |
CandidateType | String | 否 | 否 | 引流实例类型。 | 无 |
返回值
Fn::GetAtt
FirewallId:VPC 边界防火墙实例 ID。
TrFirewallRoutePolicyId:防火墙路由策略 ID。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
PolicyType:
Type: String
Description:
en: |-
The type of the traffic redirection scenario of the VPC firewall. Valid values:
fullmesh: interconnected instances
one_to_one: instance to instance
end_to_end: instance to instances
AllowedValues:
- fullmesh
- one_to_one
- end_to_end
Required: true
Default: end_to_end
PolicyName:
Type: String
Description:
en: The name of the traffic redirection instance.
Required: true
FirewallId:
Type: String
Description:
en: The instance ID of the VPC firewall.
Required: true
Resources:
ExtensionResource:
Type: ALIYUN::CLOUDFW::TrFirewallRoutePolicy
Properties:
PolicyType:
Ref: PolicyType
PolicyName:
Ref: PolicyName
FirewallId:
Ref: FirewallId
PolicyDescription: demo
SrcCandidateList:
- CandidateType: VPC
CandidateId: vpc-wXXXXX
DestCandidateList:
- CandidateType: VPC
CandidateId: vpc-wXXXXX
Outputs:
FirewallId:
Description: The instance ID of the VPC firewall.
Value:
Fn::GetAtt:
- ExtensionResource
- FirewallId
TrFirewallRoutePolicyId:
Description: The ID of the routing policy.
Value:
Fn::GetAtt:
- ExtensionResource
- TrFirewallRoutePolicyId
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"PolicyType": {
"Type": "String",
"Description": {
"en": "The type of the traffic redirection scenario of the VPC firewall. Valid values:\nfullmesh: interconnected instances\none_to_one: instance to instance\nend_to_end: instance to instances"
},
"AllowedValues": [
"fullmesh",
"one_to_one",
"end_to_end"
],
"Required": true,
"Default": "end_to_end"
},
"PolicyName": {
"Type": "String",
"Description": {
"en": "The name of the traffic redirection instance."
},
"Required": true
},
"FirewallId": {
"Type": "String",
"Description": {
"en": "The instance ID of the VPC firewall."
},
"Required": true
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::CLOUDFW::TrFirewallRoutePolicy",
"Properties": {
"PolicyType": {
"Ref": "PolicyType"
},
"PolicyName": {
"Ref": "PolicyName"
},
"FirewallId": {
"Ref": "FirewallId"
},
"PolicyDescription": "demo",
"SrcCandidateList": [
{
"CandidateType": "VPC",
"CandidateId": "vpc-wXXXXX"
}
],
"DestCandidateList": [
{
"CandidateType": "VPC",
"CandidateId": "vpc-wXXXXX"
}
]
}
}
},
"Outputs": {
"FirewallId": {
"Description": "The instance ID of the VPC firewall.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"FirewallId"
]
}
},
"TrFirewallRoutePolicyId": {
"Description": "The ID of the routing policy.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"TrFirewallRoutePolicyId"
]
}
}
}
}