Use the alicloud_cloud_firewall_address_book Terraform resource to create and manage address books in Cloud Firewall as infrastructure as code.
Run the sample code in this topic with a few clicks in Terraform Explorer.
Resource
alicloud_cloud_firewall_address_book creates an address book in Cloud Firewall.
Parameters
| Parameter | Required | Type | Description |
|---|---|---|---|
group_name | Yes | String | Name of the address book |
group_type | Yes | String | Type of the address book. Valid values: ip, ipv6, domain, port, tag. |
description | No | String | Description of the address book |
address_list | No | List | IP addresses or CIDRs to include in the address book |
auto_add_tag_ecs | No | Int | Whether to automatically add ECS instances with matching tags. Set to 1 to enable. Default: 0. |
Create an address book
Create a working directory and a
main.tfconfiguration file. This file defines the resources Terraform deploys.resource "alicloud_cloud_firewall_address_book" "example" { # Description of the address book description = "Created_by_terraform" # Name of the address book group_name = "IPListExample" # Type of the address book: ip, ipv6, domain, port, or tag group_type = "ip" # IP addresses to include address_list = ["192.0.2.1/32", "192.0.2.2/32"] }Initialize Terraform. This downloads the Alibaba Cloud provider plugin defined in your configuration.
terraform initThe output confirms initialization is complete:
Initializing provider plugins... - Finding latest version of hashicorp/alicloud... - Installing hashicorp/alicloud v1.231.0... - Installed hashicorp/alicloud v1.231.0 (signed by HashiCorp) Terraform has created a lock file .terraform.lock.hcl to record the provider selections it made above. Include this file in your version control repository so that Terraform can guarantee to make the same selections by default when you run "terraform init" in the future. Terraform has been successfully initialized!Preview the changes Terraform will make before applying them.
terraform planCreate the address book.
terraform applyWhen prompted, enter
yesand press Enter. The output confirms the address book is created:Plan: 1 to add, 0 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes alicloud_cloud_firewall_address_book.example: Creating... alicloud_cloud_firewall_address_book.example: Creation complete after 1s [id=d41518ef-0437-44e9-9dd6-86d62f3d0***] Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
Verify the address book
Option 1: Use terraform show
terraform showThe output displays the full state of the created resource, including its assigned ID:
# alicloud_cloud_firewall_address_book.example:
resource "alicloud_cloud_firewall_address_book" "example" {
address_list = [
"192.0.2.1/32",
"192.0.2.2/32",
]
auto_add_tag_ecs = 0
description = "Created_by_terraform"
group_name = "IPListExample"
group_type = "ip"
id = "d41518ef-0437-44e9-9dd6-86d62f3d****"
}Option 2: Use the Cloud Firewall console
Log on to the Cloud Firewall console. Go to Cloud Firewall consolePrevention Configuration > Address Books and search by the address book name.
Exported attributes
After creation, Terraform exports the following attribute:
| Attribute | Description |
|---|---|
id | The unique ID of the address book (UUID format) |
Clean up
To delete the address book created by Terraform, run:
terraform destroyFor details on this command, see Common Terraform commands.
Complete sample code
Run this sample with a few clicks in Terraform Explorer.
resource "alicloud_cloud_firewall_address_book" "example" {
# Description of the address book
description = "Created_by_terraform"
# Name of the address book
group_name = "IPListExample"
# Type of the address book: ip, ipv6, domain, port, or tag
group_type = "ip"
# IP addresses to include
address_list = ["192.0.2.1/32", "192.0.2.2/32"]
}