Alibaba Cloud v3.57.1, Jun 26 24

Alibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi

alicloud.vpc.NetworkAcl

Explore with Pulumi AI

Alibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-alicloud

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as alicloud from "@pulumi/alicloud";

const config = new pulumi.Config();
const name = config.get("name") || "tf-example";
const default = alicloud.getZones({
    availableResourceCreation: "VSwitch",
});
const example = new alicloud.vpc.Network("example", {
    vpcName: name,
    cidrBlock: "10.4.0.0/16",
});
const exampleSwitch = new alicloud.vpc.Switch("example", {
    vswitchName: name,
    cidrBlock: "10.4.0.0/24",
    vpcId: example.id,
    zoneId: _default.then(_default => _default.zones?.[0]?.id),
});
const exampleNetworkAcl = new alicloud.vpc.NetworkAcl("example", {
    vpcId: example.id,
    networkAclName: name,
    description: name,
    ingressAclEntries: [{
        description: `${name}-ingress`,
        networkAclEntryName: `${name}-ingress`,
        sourceCidrIp: "10.0.0.0/24",
        policy: "accept",
        port: "20/80",
        protocol: "tcp",
    }],
    egressAclEntries: [{
        description: `${name}-egress`,
        networkAclEntryName: `${name}-egress`,
        destinationCidrIp: "10.0.0.0/24",
        policy: "accept",
        port: "20/80",
        protocol: "tcp",
    }],
    resources: [{
        resourceId: exampleSwitch.id,
        resourceType: "VSwitch",
    }],
});

import pulumi
import pulumi_alicloud as alicloud

config = pulumi.Config()
name = config.get("name")
if name is None:
    name = "tf-example"
default = alicloud.get_zones(available_resource_creation="VSwitch")
example = alicloud.vpc.Network("example",
    vpc_name=name,
    cidr_block="10.4.0.0/16")
example_switch = alicloud.vpc.Switch("example",
    vswitch_name=name,
    cidr_block="10.4.0.0/24",
    vpc_id=example.id,
    zone_id=default.zones[0].id)
example_network_acl = alicloud.vpc.NetworkAcl("example",
    vpc_id=example.id,
    network_acl_name=name,
    description=name,
    ingress_acl_entries=[alicloud.vpc.NetworkAclIngressAclEntryArgs(
        description=f"{name}-ingress",
        network_acl_entry_name=f"{name}-ingress",
        source_cidr_ip="10.0.0.0/24",
        policy="accept",
        port="20/80",
        protocol="tcp",
    )],
    egress_acl_entries=[alicloud.vpc.NetworkAclEgressAclEntryArgs(
        description=f"{name}-egress",
        network_acl_entry_name=f"{name}-egress",
        destination_cidr_ip="10.0.0.0/24",
        policy="accept",
        port="20/80",
        protocol="tcp",
    )],
    resources=[alicloud.vpc.NetworkAclResourceArgs(
        resource_id=example_switch.id,
        resource_type="VSwitch",
    )])

package main

import (
	"fmt"

	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud"
	"github.com/pulumi/pulumi-alicloud/sdk/v3/go/alicloud/vpc"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		name := "tf-example"
		if param := cfg.Get("name"); param != "" {
			name = param
		}
		_default, err := alicloud.GetZones(ctx, &alicloud.GetZonesArgs{
			AvailableResourceCreation: pulumi.StringRef("VSwitch"),
		}, nil)
		if err != nil {
			return err
		}
		example, err := vpc.NewNetwork(ctx, "example", &vpc.NetworkArgs{
			VpcName:   pulumi.String(name),
			CidrBlock: pulumi.String("10.4.0.0/16"),
		})
		if err != nil {
			return err
		}
		exampleSwitch, err := vpc.NewSwitch(ctx, "example", &vpc.SwitchArgs{
			VswitchName: pulumi.String(name),
			CidrBlock:   pulumi.String("10.4.0.0/24"),
			VpcId:       example.ID(),
			ZoneId:      pulumi.String(_default.Zones[0].Id),
		})
		if err != nil {
			return err
		}
		_, err = vpc.NewNetworkAcl(ctx, "example", &vpc.NetworkAclArgs{
			VpcId:          example.ID(),
			NetworkAclName: pulumi.String(name),
			Description:    pulumi.String(name),
			IngressAclEntries: vpc.NetworkAclIngressAclEntryArray{
				&vpc.NetworkAclIngressAclEntryArgs{
					Description:         pulumi.String(fmt.Sprintf("%v-ingress", name)),
					NetworkAclEntryName: pulumi.String(fmt.Sprintf("%v-ingress", name)),
					SourceCidrIp:        pulumi.String("10.0.0.0/24"),
					Policy:              pulumi.String("accept"),
					Port:                pulumi.String("20/80"),
					Protocol:            pulumi.String("tcp"),
				},
			},
			EgressAclEntries: vpc.NetworkAclEgressAclEntryArray{
				&vpc.NetworkAclEgressAclEntryArgs{
					Description:         pulumi.String(fmt.Sprintf("%v-egress", name)),
					NetworkAclEntryName: pulumi.String(fmt.Sprintf("%v-egress", name)),
					DestinationCidrIp:   pulumi.String("10.0.0.0/24"),
					Policy:              pulumi.String("accept"),
					Port:                pulumi.String("20/80"),
					Protocol:            pulumi.String("tcp"),
				},
			},
			Resources: vpc.NetworkAclResourceArray{
				&vpc.NetworkAclResourceArgs{
					ResourceId:   exampleSwitch.ID(),
					ResourceType: pulumi.String("VSwitch"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AliCloud = Pulumi.AliCloud;

return await Deployment.RunAsync(() => 
{
    var config = new Config();
    var name = config.Get("name") ?? "tf-example";
    var @default = AliCloud.GetZones.Invoke(new()
    {
        AvailableResourceCreation = "VSwitch",
    });

    var example = new AliCloud.Vpc.Network("example", new()
    {
        VpcName = name,
        CidrBlock = "10.4.0.0/16",
    });

    var exampleSwitch = new AliCloud.Vpc.Switch("example", new()
    {
        VswitchName = name,
        CidrBlock = "10.4.0.0/24",
        VpcId = example.Id,
        ZoneId = @default.Apply(@default => @default.Apply(getZonesResult => getZonesResult.Zones[0]?.Id)),
    });

    var exampleNetworkAcl = new AliCloud.Vpc.NetworkAcl("example", new()
    {
        VpcId = example.Id,
        NetworkAclName = name,
        Description = name,
        IngressAclEntries = new[]
        {
            new AliCloud.Vpc.Inputs.NetworkAclIngressAclEntryArgs
            {
                Description = $"{name}-ingress",
                NetworkAclEntryName = $"{name}-ingress",
                SourceCidrIp = "10.0.0.0/24",
                Policy = "accept",
                Port = "20/80",
                Protocol = "tcp",
            },
        },
        EgressAclEntries = new[]
        {
            new AliCloud.Vpc.Inputs.NetworkAclEgressAclEntryArgs
            {
                Description = $"{name}-egress",
                NetworkAclEntryName = $"{name}-egress",
                DestinationCidrIp = "10.0.0.0/24",
                Policy = "accept",
                Port = "20/80",
                Protocol = "tcp",
            },
        },
        Resources = new[]
        {
            new AliCloud.Vpc.Inputs.NetworkAclResourceArgs
            {
                ResourceId = exampleSwitch.Id,
                ResourceType = "VSwitch",
            },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.alicloud.AlicloudFunctions;
import com.pulumi.alicloud.inputs.GetZonesArgs;
import com.pulumi.alicloud.vpc.Network;
import com.pulumi.alicloud.vpc.NetworkArgs;
import com.pulumi.alicloud.vpc.Switch;
import com.pulumi.alicloud.vpc.SwitchArgs;
import com.pulumi.alicloud.vpc.NetworkAcl;
import com.pulumi.alicloud.vpc.NetworkAclArgs;
import com.pulumi.alicloud.vpc.inputs.NetworkAclIngressAclEntryArgs;
import com.pulumi.alicloud.vpc.inputs.NetworkAclEgressAclEntryArgs;
import com.pulumi.alicloud.vpc.inputs.NetworkAclResourceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var name = config.get("name").orElse("tf-example");
        final var default = AlicloudFunctions.getZones(GetZonesArgs.builder()
            .availableResourceCreation("VSwitch")
            .build());

        var example = new Network("example", NetworkArgs.builder()
            .vpcName(name)
            .cidrBlock("10.4.0.0/16")
            .build());

        var exampleSwitch = new Switch("exampleSwitch", SwitchArgs.builder()
            .vswitchName(name)
            .cidrBlock("10.4.0.0/24")
            .vpcId(example.id())
            .zoneId(default_.zones()[0].id())
            .build());

        var exampleNetworkAcl = new NetworkAcl("exampleNetworkAcl", NetworkAclArgs.builder()
            .vpcId(example.id())
            .networkAclName(name)
            .description(name)
            .ingressAclEntries(NetworkAclIngressAclEntryArgs.builder()
                .description(String.format("%s-ingress", name))
                .networkAclEntryName(String.format("%s-ingress", name))
                .sourceCidrIp("10.0.0.0/24")
                .policy("accept")
                .port("20/80")
                .protocol("tcp")
                .build())
            .egressAclEntries(NetworkAclEgressAclEntryArgs.builder()
                .description(String.format("%s-egress", name))
                .networkAclEntryName(String.format("%s-egress", name))
                .destinationCidrIp("10.0.0.0/24")
                .policy("accept")
                .port("20/80")
                .protocol("tcp")
                .build())
            .resources(NetworkAclResourceArgs.builder()
                .resourceId(exampleSwitch.id())
                .resourceType("VSwitch")
                .build())
            .build());

    }
}

configuration:
  name:
    type: string
    default: tf-example
resources:
  example:
    type: alicloud:vpc:Network
    properties:
      vpcName: ${name}
      cidrBlock: 10.4.0.0/16
  exampleSwitch:
    type: alicloud:vpc:Switch
    name: example
    properties:
      vswitchName: ${name}
      cidrBlock: 10.4.0.0/24
      vpcId: ${example.id}
      zoneId: ${default.zones[0].id}
  exampleNetworkAcl:
    type: alicloud:vpc:NetworkAcl
    name: example
    properties:
      vpcId: ${example.id}
      networkAclName: ${name}
      description: ${name}
      ingressAclEntries:
        - description: ${name}-ingress
          networkAclEntryName: ${name}-ingress
          sourceCidrIp: 10.0.0.0/24
          policy: accept
          port: 20/80
          protocol: tcp
      egressAclEntries:
        - description: ${name}-egress
          networkAclEntryName: ${name}-egress
          destinationCidrIp: 10.0.0.0/24
          policy: accept
          port: 20/80
          protocol: tcp
      resources:
        - resourceId: ${exampleSwitch.id}
          resourceType: VSwitch
variables:
  default:
    fn::invoke:
      Function: alicloud:getZones
      Arguments:
        availableResourceCreation: VSwitch

Create NetworkAcl Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new NetworkAcl(name: string, args: NetworkAclArgs, opts?: CustomResourceOptions);

@overload
def NetworkAcl(resource_name: str,
               args: NetworkAclArgs,
               opts: Optional[ResourceOptions] = None)

@overload
def NetworkAcl(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               vpc_id: Optional[str] = None,
               description: Optional[str] = None,
               egress_acl_entries: Optional[Sequence[NetworkAclEgressAclEntryArgs]] = None,
               ingress_acl_entries: Optional[Sequence[NetworkAclIngressAclEntryArgs]] = None,
               name: Optional[str] = None,
               network_acl_name: Optional[str] = None,
               resources: Optional[Sequence[NetworkAclResourceArgs]] = None,
               source_network_acl_id: Optional[str] = None,
               tags: Optional[Mapping[str, Any]] = None)

func NewNetworkAcl(ctx *Context, name string, args NetworkAclArgs, opts ...ResourceOption) (*NetworkAcl, error)

public NetworkAcl(string name, NetworkAclArgs args, CustomResourceOptions? opts = null)

public NetworkAcl(String name, NetworkAclArgs args)
public NetworkAcl(String name, NetworkAclArgs args, CustomResourceOptions options)

type: alicloud:vpc:NetworkAcl
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args NetworkAclArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var networkAclResource = new AliCloud.Vpc.NetworkAcl("networkAclResource", new()
{
    VpcId = "string",
    Description = "string",
    EgressAclEntries = new[]
    {
        new AliCloud.Vpc.Inputs.NetworkAclEgressAclEntryArgs
        {
            Description = "string",
            DestinationCidrIp = "string",
            EntryType = "string",
            IpVersion = "string",
            NetworkAclEntryName = "string",
            Policy = "string",
            Port = "string",
            Protocol = "string",
        },
    },
    IngressAclEntries = new[]
    {
        new AliCloud.Vpc.Inputs.NetworkAclIngressAclEntryArgs
        {
            Description = "string",
            EntryType = "string",
            IpVersion = "string",
            NetworkAclEntryName = "string",
            Policy = "string",
            Port = "string",
            Protocol = "string",
            SourceCidrIp = "string",
        },
    },
    NetworkAclName = "string",
    Resources = new[]
    {
        new AliCloud.Vpc.Inputs.NetworkAclResourceArgs
        {
            ResourceId = "string",
            ResourceType = "string",
            Status = "string",
        },
    },
    SourceNetworkAclId = "string",
    Tags = 
    {
        { "string", "any" },
    },
});

example, err := vpc.NewNetworkAcl(ctx, "networkAclResource", &vpc.NetworkAclArgs{
	VpcId:       pulumi.String("string"),
	Description: pulumi.String("string"),
	EgressAclEntries: vpc.NetworkAclEgressAclEntryArray{
		&vpc.NetworkAclEgressAclEntryArgs{
			Description:         pulumi.String("string"),
			DestinationCidrIp:   pulumi.String("string"),
			EntryType:           pulumi.String("string"),
			IpVersion:           pulumi.String("string"),
			NetworkAclEntryName: pulumi.String("string"),
			Policy:              pulumi.String("string"),
			Port:                pulumi.String("string"),
			Protocol:            pulumi.String("string"),
		},
	},
	IngressAclEntries: vpc.NetworkAclIngressAclEntryArray{
		&vpc.NetworkAclIngressAclEntryArgs{
			Description:         pulumi.String("string"),
			EntryType:           pulumi.String("string"),
			IpVersion:           pulumi.String("string"),
			NetworkAclEntryName: pulumi.String("string"),
			Policy:              pulumi.String("string"),
			Port:                pulumi.String("string"),
			Protocol:            pulumi.String("string"),
			SourceCidrIp:        pulumi.String("string"),
		},
	},
	NetworkAclName: pulumi.String("string"),
	Resources: vpc.NetworkAclResourceArray{
		&vpc.NetworkAclResourceArgs{
			ResourceId:   pulumi.String("string"),
			ResourceType: pulumi.String("string"),
			Status:       pulumi.String("string"),
		},
	},
	SourceNetworkAclId: pulumi.String("string"),
	Tags: pulumi.Map{
		"string": pulumi.Any("any"),
	},
})

var networkAclResource = new NetworkAcl("networkAclResource", NetworkAclArgs.builder()
    .vpcId("string")
    .description("string")
    .egressAclEntries(NetworkAclEgressAclEntryArgs.builder()
        .description("string")
        .destinationCidrIp("string")
        .entryType("string")
        .ipVersion("string")
        .networkAclEntryName("string")
        .policy("string")
        .port("string")
        .protocol("string")
        .build())
    .ingressAclEntries(NetworkAclIngressAclEntryArgs.builder()
        .description("string")
        .entryType("string")
        .ipVersion("string")
        .networkAclEntryName("string")
        .policy("string")
        .port("string")
        .protocol("string")
        .sourceCidrIp("string")
        .build())
    .networkAclName("string")
    .resources(NetworkAclResourceArgs.builder()
        .resourceId("string")
        .resourceType("string")
        .status("string")
        .build())
    .sourceNetworkAclId("string")
    .tags(Map.of("string", "any"))
    .build());

network_acl_resource = alicloud.vpc.NetworkAcl("networkAclResource",
    vpc_id="string",
    description="string",
    egress_acl_entries=[alicloud.vpc.NetworkAclEgressAclEntryArgs(
        description="string",
        destination_cidr_ip="string",
        entry_type="string",
        ip_version="string",
        network_acl_entry_name="string",
        policy="string",
        port="string",
        protocol="string",
    )],
    ingress_acl_entries=[alicloud.vpc.NetworkAclIngressAclEntryArgs(
        description="string",
        entry_type="string",
        ip_version="string",
        network_acl_entry_name="string",
        policy="string",
        port="string",
        protocol="string",
        source_cidr_ip="string",
    )],
    network_acl_name="string",
    resources=[alicloud.vpc.NetworkAclResourceArgs(
        resource_id="string",
        resource_type="string",
        status="string",
    )],
    source_network_acl_id="string",
    tags={
        "string": "any",
    })

const networkAclResource = new alicloud.vpc.NetworkAcl("networkAclResource", {
    vpcId: "string",
    description: "string",
    egressAclEntries: [{
        description: "string",
        destinationCidrIp: "string",
        entryType: "string",
        ipVersion: "string",
        networkAclEntryName: "string",
        policy: "string",
        port: "string",
        protocol: "string",
    }],
    ingressAclEntries: [{
        description: "string",
        entryType: "string",
        ipVersion: "string",
        networkAclEntryName: "string",
        policy: "string",
        port: "string",
        protocol: "string",
        sourceCidrIp: "string",
    }],
    networkAclName: "string",
    resources: [{
        resourceId: "string",
        resourceType: "string",
        status: "string",
    }],
    sourceNetworkAclId: "string",
    tags: {
        string: "any",
    },
});

type: alicloud:vpc:NetworkAcl
properties:
    description: string
    egressAclEntries:
        - description: string
          destinationCidrIp: string
          entryType: string
          ipVersion: string
          networkAclEntryName: string
          policy: string
          port: string
          protocol: string
    ingressAclEntries:
        - description: string
          entryType: string
          ipVersion: string
          networkAclEntryName: string
          policy: string
          port: string
          protocol: string
          sourceCidrIp: string
    networkAclName: string
    resources:
        - resourceId: string
          resourceType: string
          status: string
    sourceNetworkAclId: string
    tags:
        string: any
    vpcId: string

NetworkAcl Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The NetworkAcl resource accepts the following input properties:

VpcId string

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

Description string

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

EgressAclEntries List<Pulumi.AliCloud.Vpc.Inputs.NetworkAclEgressAclEntry>

Out direction rule information. See egress_acl_entries below.

IngressAclEntries List<Pulumi.AliCloud.Vpc.Inputs.NetworkAclIngressAclEntry>

Inward direction rule information. See ingress_acl_entries below.

Name string

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

NetworkAclName string

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Resources List<Pulumi.AliCloud.Vpc.Inputs.NetworkAclResource>

The associated resource. See resources below.

SourceNetworkAclId string

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

Tags Dictionary<string, object>

The tags of this resource.

VpcId string

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

Description string

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

EgressAclEntries []NetworkAclEgressAclEntryArgs

Out direction rule information. See egress_acl_entries below.

IngressAclEntries []NetworkAclIngressAclEntryArgs

Inward direction rule information. See ingress_acl_entries below.

Name string

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

NetworkAclName string

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Resources []NetworkAclResourceArgs

The associated resource. See resources below.

SourceNetworkAclId string

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

Tags map[string]interface{}

The tags of this resource.

vpcId String

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

description String

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egressAclEntries List<NetworkAclEgressAclEntry>

Out direction rule information. See egress_acl_entries below.

ingressAclEntries List<NetworkAclIngressAclEntry>

Inward direction rule information. See ingress_acl_entries below.

name String

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

networkAclName String

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources List<NetworkAclResource>

The associated resource. See resources below.

sourceNetworkAclId String

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

tags Map<String,Object>

The tags of this resource.

vpcId string

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

description string

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egressAclEntries NetworkAclEgressAclEntry[]

Out direction rule information. See egress_acl_entries below.

ingressAclEntries NetworkAclIngressAclEntry[]

Inward direction rule information. See ingress_acl_entries below.

name string

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

networkAclName string

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources NetworkAclResource[]

The associated resource. See resources below.

sourceNetworkAclId string

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

tags {[key: string]: any}

The tags of this resource.

vpc_id str

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

description str

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egress_acl_entries Sequence[NetworkAclEgressAclEntryArgs]

Out direction rule information. See egress_acl_entries below.

ingress_acl_entries Sequence[NetworkAclIngressAclEntryArgs]

Inward direction rule information. See ingress_acl_entries below.

name str

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

network_acl_name str

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources Sequence[NetworkAclResourceArgs]

The associated resource. See resources below.

source_network_acl_id str

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

tags Mapping[str, Any]

The tags of this resource.

vpcId String

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

description String

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egressAclEntries List<Property Map>

Out direction rule information. See egress_acl_entries below.

ingressAclEntries List<Property Map>

Inward direction rule information. See ingress_acl_entries below.

name String

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

networkAclName String

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources List<Property Map>

The associated resource. See resources below.

sourceNetworkAclId String

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

tags Map<Any>

The tags of this resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the NetworkAcl resource produces the following output properties:

CreateTime string: The creation time of the resource.
Id string: The provider-assigned unique ID for this managed resource.
Status string: The state of the network ACL.

CreateTime string: The creation time of the resource.
Id string: The provider-assigned unique ID for this managed resource.
Status string: The state of the network ACL.

createTime String: The creation time of the resource.
id String: The provider-assigned unique ID for this managed resource.
status String: The state of the network ACL.

createTime string: The creation time of the resource.
id string: The provider-assigned unique ID for this managed resource.
status string: The state of the network ACL.

create_time str: The creation time of the resource.
id str: The provider-assigned unique ID for this managed resource.
status str: The state of the network ACL.

createTime String: The creation time of the resource.
id String: The provider-assigned unique ID for this managed resource.
status String: The state of the network ACL.

Look up Existing NetworkAcl Resource

Get an existing NetworkAcl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: NetworkAclState, opts?: CustomResourceOptions): NetworkAcl

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        create_time: Optional[str] = None,
        description: Optional[str] = None,
        egress_acl_entries: Optional[Sequence[NetworkAclEgressAclEntryArgs]] = None,
        ingress_acl_entries: Optional[Sequence[NetworkAclIngressAclEntryArgs]] = None,
        name: Optional[str] = None,
        network_acl_name: Optional[str] = None,
        resources: Optional[Sequence[NetworkAclResourceArgs]] = None,
        source_network_acl_id: Optional[str] = None,
        status: Optional[str] = None,
        tags: Optional[Mapping[str, Any]] = None,
        vpc_id: Optional[str] = None) -> NetworkAcl

func GetNetworkAcl(ctx *Context, name string, id IDInput, state *NetworkAclState, opts ...ResourceOption) (*NetworkAcl, error)

public static NetworkAcl Get(string name, Input<string> id, NetworkAclState? state, CustomResourceOptions? opts = null)

public static NetworkAcl get(String name, Output<String> id, NetworkAclState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CreateTime string

The creation time of the resource.

Description string

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

EgressAclEntries List<Pulumi.AliCloud.Vpc.Inputs.NetworkAclEgressAclEntry>

Out direction rule information. See egress_acl_entries below.

IngressAclEntries List<Pulumi.AliCloud.Vpc.Inputs.NetworkAclIngressAclEntry>

Inward direction rule information. See ingress_acl_entries below.

Name string

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

NetworkAclName string

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Resources List<Pulumi.AliCloud.Vpc.Inputs.NetworkAclResource>

The associated resource. See resources below.

SourceNetworkAclId string

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

Status string

The state of the network ACL.

Tags Dictionary<string, object>

The tags of this resource.

VpcId string

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

CreateTime string

The creation time of the resource.

Description string

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

EgressAclEntries []NetworkAclEgressAclEntryArgs

Out direction rule information. See egress_acl_entries below.

IngressAclEntries []NetworkAclIngressAclEntryArgs

Inward direction rule information. See ingress_acl_entries below.

Name string

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

NetworkAclName string

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Resources []NetworkAclResourceArgs

The associated resource. See resources below.

SourceNetworkAclId string

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

Status string

The state of the network ACL.

Tags map[string]interface{}

The tags of this resource.

VpcId string

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

createTime String

The creation time of the resource.

description String

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egressAclEntries List<NetworkAclEgressAclEntry>

Out direction rule information. See egress_acl_entries below.

ingressAclEntries List<NetworkAclIngressAclEntry>

Inward direction rule information. See ingress_acl_entries below.

name String

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

networkAclName String

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources List<NetworkAclResource>

The associated resource. See resources below.

sourceNetworkAclId String

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

status String

The state of the network ACL.

tags Map<String,Object>

The tags of this resource.

vpcId String

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

createTime string

The creation time of the resource.

description string

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egressAclEntries NetworkAclEgressAclEntry[]

Out direction rule information. See egress_acl_entries below.

ingressAclEntries NetworkAclIngressAclEntry[]

Inward direction rule information. See ingress_acl_entries below.

name string

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

networkAclName string

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources NetworkAclResource[]

The associated resource. See resources below.

sourceNetworkAclId string

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

status string

The state of the network ACL.

tags {[key: string]: any}

The tags of this resource.

vpcId string

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

create_time str

The creation time of the resource.

description str

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egress_acl_entries Sequence[NetworkAclEgressAclEntryArgs]

Out direction rule information. See egress_acl_entries below.

ingress_acl_entries Sequence[NetworkAclIngressAclEntryArgs]

Inward direction rule information. See ingress_acl_entries below.

name str

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

network_acl_name str

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources Sequence[NetworkAclResourceArgs]

The associated resource. See resources below.

source_network_acl_id str

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

status str

The state of the network ACL.

tags Mapping[str, Any]

The tags of this resource.

vpc_id str

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

createTime String

The creation time of the resource.

description String

The description of the network ACL. The description must be 1 to 256 characters in length and cannot start with http:// or https.

egressAclEntries List<Property Map>

Out direction rule information. See egress_acl_entries below.

ingressAclEntries List<Property Map>

Inward direction rule information. See ingress_acl_entries below.

name String

. Field 'name' has been deprecated from provider version 1.122.0. New field 'network_acl_name' instead.

Deprecated: Field 'name' has been deprecated since provider version 1.122.0. New field 'network_acl_name' instead.

networkAclName String

The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with http:// or https.

resources List<Property Map>

The associated resource. See resources below.

sourceNetworkAclId String

SOURCE NetworkAcl specified by CopyNetworkAclEntries.

status String

The state of the network ACL.

tags Map<Any>

The tags of this resource.

vpcId String

The ID of the associated VPC.

The following arguments will be discarded. Please use new fields as soon as possible:

Supporting Types

NetworkAclEgressAclEntry, NetworkAclEgressAclEntryArgs

Description string

The description of the outbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

DestinationCidrIp string

The network of the destination address.

EntryType string

The route entry type. The value can be custom, indicating custom.

IpVersion string

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV4'.

NetworkAclEntryName string

Name of the outbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Policy string

Authorization policy. Value:

accept: Allow.
drop: Refused.

Port string

The destination port range of the outbound rule. When the Protocol type of the outbound rule is all, icmp, or gre, the port range is - 1/-1, indicating that the port is not restricted. When the Protocol type of the outbound rule is tcp or udp, the port range is 1 to 65535, and the format is 1/200 or 80/80, indicating port 1 to port 200 or port 80.

Protocol string

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

Description string

The description of the outbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

DestinationCidrIp string

The network of the destination address.

EntryType string

The route entry type. The value can be custom, indicating custom.

IpVersion string

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV4'.

NetworkAclEntryName string

Name of the outbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Policy string

Authorization policy. Value:

accept: Allow.
drop: Refused.

Port string

Protocol string

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

description String

The description of the outbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

destinationCidrIp String

The network of the destination address.

entryType String

The route entry type. The value can be custom, indicating custom.

ipVersion String

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV4'.

networkAclEntryName String

Name of the outbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy String

Authorization policy. Value:

accept: Allow.
drop: Refused.

port String

protocol String

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

description string

The description of the outbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

destinationCidrIp string

The network of the destination address.

entryType string

The route entry type. The value can be custom, indicating custom.

ipVersion string

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV4'.

networkAclEntryName string

Name of the outbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy string

Authorization policy. Value:

accept: Allow.
drop: Refused.

port string

protocol string

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

description str

The description of the outbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

destination_cidr_ip str

The network of the destination address.

entry_type str

The route entry type. The value can be custom, indicating custom.

ip_version str

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV4'.

network_acl_entry_name str

Name of the outbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy str

Authorization policy. Value:

accept: Allow.
drop: Refused.

port str

protocol str

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

description String

The description of the outbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

destinationCidrIp String

The network of the destination address.

entryType String

The route entry type. The value can be custom, indicating custom.

ipVersion String

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV4'.

networkAclEntryName String

Name of the outbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy String

Authorization policy. Value:

accept: Allow.
drop: Refused.

port String

protocol String

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

NetworkAclIngressAclEntry, NetworkAclIngressAclEntryArgs

Description string

Description of the inbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

EntryType string

The route entry type. The value can be custom, indicating custom.

IpVersion string

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV6'.

NetworkAclEntryName string

The name of the inbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Policy string

Authorization policy. Value:

accept: Allow.
drop: Refused.

Port string

The source port range of the inbound rule. When the Protocol type of the inbound rule is all, icmp, or gre, the port range is - 1/-1, indicating that the port is not restricted. When the Protocol type of the inbound rule is tcp or udp, the port range is 1 to 65535, and the format is 1/200 or 80/80, indicating port 1 to port 200 or port 80.

Protocol string

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

SourceCidrIp string

Source address network segment.

Description string

Description of the inbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

EntryType string

The route entry type. The value can be custom, indicating custom.

IpVersion string

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV6'.

NetworkAclEntryName string

The name of the inbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

Policy string

Authorization policy. Value:

accept: Allow.
drop: Refused.

Port string

Protocol string

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

SourceCidrIp string

Source address network segment.

description String

Description of the inbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

entryType String

The route entry type. The value can be custom, indicating custom.

ipVersion String

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV6'.

networkAclEntryName String

The name of the inbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy String

Authorization policy. Value:

accept: Allow.
drop: Refused.

port String

protocol String

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

sourceCidrIp String

Source address network segment.

description string

Description of the inbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

entryType string

The route entry type. The value can be custom, indicating custom.

ipVersion string

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV6'.

networkAclEntryName string

The name of the inbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy string

Authorization policy. Value:

accept: Allow.
drop: Refused.

port string

protocol string

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

sourceCidrIp string

Source address network segment.

description str

Description of the inbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

entry_type str

The route entry type. The value can be custom, indicating custom.

ip_version str

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV6'.

network_acl_entry_name str

The name of the inbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy str

Authorization policy. Value:

accept: Allow.
drop: Refused.

port str

protocol str

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

source_cidr_ip str

Source address network segment.

description String

Description of the inbound rule. The description must be 1 to 256 characters in length and cannot start with http:// or https.

entryType String

The route entry type. The value can be custom, indicating custom.

ipVersion String

The IP protocol version of the route entry. Valid values: "IPV4" and "IPV6'.

networkAclEntryName String

The name of the inbound rule entry. The name must be 1 to 128 characters in length and cannot start with http:// or https.

policy String

Authorization policy. Value:

accept: Allow.
drop: Refused.

port String

protocol String

The protocol type. Value:

icmp: Network Control Message Protocol.
gre: Generic Routing Encapsulation Protocol.
tcp: Transmission Control Protocol.
udp: User Datagram Protocol.
all: Supports all protocols.

sourceCidrIp String

Source address network segment.

NetworkAclResource, NetworkAclResourceArgs

ResourceId string: The ID of the associated resource.
ResourceType string: The type of the associated resource.
Status string: The state of the network ACL.

ResourceId string: The ID of the associated resource.
ResourceType string: The type of the associated resource.
Status string: The state of the network ACL.

resourceId String: The ID of the associated resource.
resourceType String: The type of the associated resource.
status String: The state of the network ACL.

resourceId string: The ID of the associated resource.
resourceType string: The type of the associated resource.
status string: The state of the network ACL.

resource_id str: The ID of the associated resource.
resource_type str: The type of the associated resource.
status str: The state of the network ACL.

resourceId String: The ID of the associated resource.
resourceType String: The type of the associated resource.
status String: The state of the network ACL.

Import

VPC Network Acl can be imported using the id, e.g.

$ pulumi import alicloud:vpc/networkAcl:NetworkAcl example <id>

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Alibaba Cloud pulumi/pulumi-alicloud
License: Apache-2.0
Notes: This Pulumi package is based on the alicloud Terraform Provider.

Alibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi

pulumi/pulumi-alicloud

alicloud.vpc.NetworkAcl

On this page

On this page

Example Usage

Create NetworkAcl Resource

Constructor syntax

Parameters

Constructor example

NetworkAcl Resource Properties

Inputs

Outputs

Look up Existing NetworkAcl Resource

Supporting Types

NetworkAclEgressAclEntry, NetworkAclEgressAclEntryArgs

NetworkAclIngressAclEntry, NetworkAclIngressAclEntryArgs

NetworkAclResource, NetworkAclResourceArgs

Import

Package Details

On this page

On this page