ALIYUN::GA::Acl类型用于创建访问控制策略组。
语法
{
"Type": "ALIYUN::GA::Acl",
"Properties": {
"AclEntries": List,
"ResourceGroupId": String,
"AddressIPVersion": String,
"AclName": String,
"Tags": List
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
AddressIPVersion | String | 是 | 否 | 访问控制策略组的 IP 版本。 | 取值:
|
AclEntries | List | 否 | 否 | 访问控制策略组条目,即 IP 地址条目或 IP 地址段条目。 | 一次最多支持添加 50 个条目。详细信息请参考AclEntries属性。 |
AclName | String | 否 | 是 | 访问控制策略组的名称。 | 名称长度为 1~128 个字符,以大小写字母或中文开头,可包含数字、半角句号(.)下划线(_)和短划线(-)。 |
ResourceGroupId | String | 否 | 是 | 资源组 ID。 | 无 |
Tags | List | 否 | 是 | 访问控制策略组的标签信息。 | 一次最多支持添加 20 个标签。详细信息请参考Tags属性。 |
AclEntries语法
"AclEntries": [
{
"Entry": String,
"EntryDescription": String
}
]AclEntries属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Entry | String | 否 | 否 | 访问控制策略组条目 | 即IP地址条目(192.168.XX.XX)或IP地址段条目(10.0.XX.XX/24)。 |
EntryDescription | String | 否 | 否 | 访问控制策略组条目备注内容。 | 一次最多支持添加50个条目备注。 长度限制为1~256个字符,允许包含字母、数字、短划线(-)、正斜线(/)、半角句号(.)和下划线(_),支持中文字符。 |
Tags语法
"Tags": [
{
"Value": String,
"Key": String
}
]Tags属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Value | String | 否 | 否 | 访问控制策略组的标签值。 | 一旦输入该值,可以为空字符串。 最多支持128个字符,不能以 最多支持输入20个标签值。 |
Key | String | 是 | 否 | 访问控制策略组的标签键。 | 一旦输入该值,则不允许为空字符串。 最多支持64个字符,不能以 最多支持输入20个标签键。 |
返回值
Fn::GetAtt
AclEntries:访问控制策略组条目。
ResourceGroupId:资源组ID。
AclId:访问控制策略组ID。
AddressIPVersion:访问控制策略组的IP版本。
Tags:访问控制策略组的标签信息。
AclName:访问控制策略组的名称。
示例
YAML格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
AclEntries:
AssociationPropertyMetadata:
Parameters:
Entry:
Type: String
Description:
en: The IP addresses (192.168.XX.XX) or CIDR blocks (10.0.XX.XX/24) that you want to add to the ACL.
Required: false
EntryDescription:
Type: String
Description:
en: The description of the entry that you want to add to the AC,The description must be 1 to 256 characters in length, and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), and underscores (_).
Required: false
AssociationProperty: List[Parameters]
Type: Json
Description:
en: The entries of IP addresses or CIDR blocks to add to the ACL. You can add up to 20 entries.
Required: false
MinLength: 0
MaxLength: 20
AddressIPVersion:
Type: String
Description:
en: The IP version of the ACL.
Required: true
AclName:
Type: String
Description:
en: The name of the ACL.
Required: false
Resources:
ExtensionResource:
Type: ALIYUN::GA::Acl
Properties:
AclEntries:
Ref: AclEntries
AddressIPVersion:
Ref: AddressIPVersion
AclName:
Ref: AclName
Outputs:
AclEntries:
Description: The entries of the ACL.
Value:
Fn::GetAtt:
- ExtensionResource
- AclEntries
ResourceGroupId:
Description: The ID of the resource group.
Value:
Fn::GetAtt:
- ExtensionResource
- ResourceGroupId
AclId:
Description: The ID of the ACL.
Value:
Fn::GetAtt:
- ExtensionResource
- AclId
AddressIPVersion:
Description: The IP version of the ACL.
Value:
Fn::GetAtt:
- ExtensionResource
- AddressIPVersion
Tags:
Description: The tags of the resource.
Value:
Fn::GetAtt:
- ExtensionResource
- Tags
AclName:
Description: The name of the ACL.
Value:
Fn::GetAtt:
- ExtensionResource
- AclName
JSON格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"AclEntries": {
"AssociationPropertyMetadata": {
"Parameters": {
"Entry": {
"Type": "String",
"Description": {
"en": "The IP addresses (192.168.XX.XX) or CIDR blocks (10.0.XX.XX/24) that you want to add to the ACL."
},
"Required": false
},
"EntryDescription": {
"Type": "String",
"Description": {
"en": "The description of the entry that you want to add to the AC,The description must be 1 to 256 characters in length, and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), and underscores (_)."
},
"Required": false
}
}
},
"AssociationProperty": "List[Parameters]",
"Type": "Json",
"Description": {
"en": "The entries of IP addresses or CIDR blocks to add to the ACL. You can add up to 20 entries."
},
"Required": false,
"MinLength": 0,
"MaxLength": 20
},
"AddressIPVersion": {
"Type": "String",
"Description": {
"en": "The IP version of the ACL."
},
"Required": true
},
"AclName": {
"Type": "String",
"Description": {
"en": "The name of the ACL."
},
"Required": false
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::GA::Acl",
"Properties": {
"AclEntries": {
"Ref": "AclEntries"
},
"AddressIPVersion": {
"Ref": "AddressIPVersion"
},
"AclName": {
"Ref": "AclName"
}
}
}
},
"Outputs": {
"AclEntries": {
"Description": "The entries of the ACL.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AclEntries"
]
}
},
"ResourceGroupId": {
"Description": "The ID of the resource group.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ResourceGroupId"
]
}
},
"AclId": {
"Description": "The ID of the ACL.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AclId"
]
}
},
"AddressIPVersion": {
"Description": "The IP version of the ACL.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AddressIPVersion"
]
}
},
"Tags": {
"Description": "The tags of the resource.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Tags"
]
}
},
"AclName": {
"Description": "The name of the ACL.",
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"AclName"
]
}
}
}
}