全部产品
Search

搜索本产品

    资源编排:ALIYUN::GA::AclsListenerAssociation

    文档中心

    资源编排:ALIYUN::GA::AclsListenerAssociation

    更新时间:Jun 21, 2024

    ALIYUN::GA::AclsListenerAssociation类型用于将访问控制策略组(ACL)关联到监听。

    语法

    {
  "Type": "ALIYUN::GA::AclsListenerAssociation",
  "Properties": {
    "AclType": String,
    "AclIds": List,
    "ListenerId": String
  }
}

    属性

    属性名称

    类型

    必须

    允许更新

    描述

    约束

    AclType

    String

    访问控制类型。

    取值:

    • white:仅转发来自所选访问控制策略组中设置的IP地址或地址段的请求,白名单适用于只允许特定IP访问的场景。设置白名单存在一定业务风险。一旦设置白名单,就只有白名单中的IP可以访问全球加速监听。如果开启了白名单访问,但访问策略组中没有添加任何IP,则全球加速监听会转发全部请求。

    • black:来自所选访问控制策略组中设置的IP地址或地址段的所有请求都不会转发,黑名单适用于只限制某些特定IP访问的场景。如果开启了黑名单访问,但访问策略组中没有添加任何IP,则全球加速监听会转发全部请求。

    AclIds

    List

    访问控制策略组ID。

    最多支持关联2个访问控制策略组ID。

    ListenerId

    String

    监听ID。

    返回值

    Fn::GetAtt

    • AclIds:访问控制策略组ID。

    • ListenerId:监听ID。

    示例

    YAML格式 

    ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  AclType:
    Type: String
    Description:
      en: |-
        The type of ACL. Valid values:white: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. Whitelists apply to scenarios in which you want to allow only specific IP addresses to access an application. Your service may be adversely affected if the whitelist is not properly configured. After you configure a whitelist for a listener, only requests from the IP addresses that are added to the whitelist are forwarded by the listener. If the whitelist is enabled but no IP addresses are added to it, the listener does not forward requests.
        black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are denied. Blacklists apply to scenarios in which you want to deny access from specific IP addresses to an application. If the blacklist is enabled but no IP addresses are added to it, the listener forwards all requests.
    AllowedValues:
      - white
      - black
    Required: true
  AclIds:
    AssociationPropertyMetadata:
      Parameter:
        Type: String
        Description:
          en: 'The ID of the ACL. '
        Required: false
    AssociationProperty: List[Parameter]
    Type: Json
    Description:
      en: The ID of the ACL. You can associate up to two ACL IDs.
    Required: true
    MinLength: 1
    MaxLength: 2
  ListenerId:
    Type: String
    Description:
      en: The ID of the listener.
    Required: true
Resources:
  ExtensionResource:
    Type: ALIYUN::GA::AclsListenerAssociation
    Properties:
      AclType:
        Ref: AclType
      AclIds:
        Ref: AclIds
      ListenerId:
        Ref: ListenerId
Outputs:
  AclIds:
    Description: 'The IDs of the ACL. '
    Value:
      Fn::GetAtt:
        - ExtensionResource
        - AclIds
  ListenerId:
    Description: The ID of the listener.
    Value:
      Fn::GetAtt:
        - ExtensionResource
        - ListenerId

    JSON格式

    {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "AclType": {
      "Type": "String",
      "Description": {
        "en": "The type of ACL. Valid values:white: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. Whitelists apply to scenarios in which you want to allow only specific IP addresses to access an application. Your service may be adversely affected if the whitelist is not properly configured. After you configure a whitelist for a listener, only requests from the IP addresses that are added to the whitelist are forwarded by the listener. If the whitelist is enabled but no IP addresses are added to it, the listener does not forward requests.\nblack: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are denied. Blacklists apply to scenarios in which you want to deny access from specific IP addresses to an application. If the blacklist is enabled but no IP addresses are added to it, the listener forwards all requests."
      },
      "AllowedValues": [
        "white",
        "black"
      ],
      "Required": true
    },
    "AclIds": {
      "AssociationPropertyMetadata": {
        "Parameter": {
          "Type": "String",
          "Description": {
            "en": "The ID of the ACL. "
          },
          "Required": false
        }
      },
      "AssociationProperty": "List[Parameter]",
      "Type": "Json",
      "Description": {
        "en": "The ID of the ACL. You can associate up to two ACL IDs."
      },
      "Required": true,
      "MinLength": 1,
      "MaxLength": 2
    },
    "ListenerId": {
      "Type": "String",
      "Description": {
        "en": "The ID of the listener."
      },
      "Required": true
    }
  },
  "Resources": {
    "ExtensionResource": {
      "Type": "ALIYUN::GA::AclsListenerAssociation",
      "Properties": {
        "AclType": {
          "Ref": "AclType"
        },
        "AclIds": {
          "Ref": "AclIds"
        },
        "ListenerId": {
          "Ref": "ListenerId"
        }
      }
    }
  },
  "Outputs": {
    "AclIds": {
      "Description": "The IDs of the ACL. ",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "AclIds"
        ]
      }
    },
    "ListenerId": {
      "Description": "The ID of the listener.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "ListenerId"
        ]
      }
    }
  }
}