ALIYUN::CR::InstanceEndpointAclPolicy is used to create a whitelist for the access port of a public-facing instance.
Syntax
{
"Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
"Properties": {
"Comment": String,
"Entry": String,
"InstanceId": String,
"ModuleName": String,
"EndpointType": String,
"RegionId": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
---|---|---|---|---|---|
Comment | String | No | No | The description. | None |
Entry | String | Yes | No | The CIDR block that you allow to access, such as 192.168.1.1/32. | None |
InstanceId | String | Yes | No | The instance ID. | None |
ModuleName | String | No | No | The modules for which you need to configure access control list. | Valid values:
|
EndpointType | String | No | No | The type of the access portal. | Value: internet. |
Region ID | String | No | No | The region ID. | The default value is the region ID of the stack. |
Response parameters
Fn::GetAtt
- Entry: The permitted CIDR block.
- InstanceId: the ID of the instance.
Examples
JSON
format
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Comment": {
"Type": "String",
"Description": "The description of the entry."
},
"Entry": {
"Type": "String",
"Description": "The IP address range that is allowed to access the instance."
},
"InstanceId": {
"Type": "String",
"Description": "The ID of the instance."
},
"ModuleName": {
"Type": "String",
"Description": "The name of the module in the instance for which a whitelist is configured. Valid\nvalues: Registry and Chart.",
"Default": "Registry"
},
"EndpointType": {
"Type": "String",
"Description": "The type of the endpoint.",
"Default": "internet"
},
"RegionId": {
"Type": "String",
"Description": "Region ID of instance. Default is current region."
}
},
"Resources": {
"InstanceEndpointAclPolicy": {
"Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
"Properties": {
"Comment": {
"Ref": "Comment"
},
"Entry": {
"Ref": "Entry"
},
"InstanceId": {
"Ref": "InstanceId"
},
"ModuleName": {
"Ref": "ModuleName"
},
"EndpointType": {
"Ref": "EndpointType"
},
"RegionId": {
"Ref": "RegionId"
}
}
}
},
"Outputs": {
"Entry": {
"Description": "The IP address range that is allowed to access the instance.",
"Value": {
"Fn::GetAtt": [
"InstanceEndpointAclPolicy",
"Entry"
]
}
},
"InstanceId": {
"Description": "The ID of the instance.",
"Value": {
"Fn::GetAtt": [
"InstanceEndpointAclPolicy",
"InstanceId"
]
}
}
}
}
YAML
format
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Comment:
Type: String
Description: The description of the entry.
Entry:
Type: String
Description: The IP address range that is allowed to access the instance.
InstanceId:
Type: String
Description: The ID of the instance.
ModuleName:
Type: String
Description: >-
The name of the module in the instance for which a whitelist is
configured. Valid
values: Registry and Chart.
Default: Registry
EndpointType:
Type: String
Description: The type of the endpoint.
Default: internet
RegionId:
Type: String
Description: Region ID of instance. Default is current region.
Resources:
InstanceEndpointAclPolicy:
Type: 'ALIYUN::CR::InstanceEndpointAclPolicy'
Properties:
Comment:
Ref: Comment
Entry:
Ref: Entry
InstanceId:
Ref: InstanceId
ModuleName:
Ref: ModuleName
EndpointType:
Ref: EndpointType
RegionId:
Ref: RegionId
Outputs:
Entry:
Description: The IP address range that is allowed to access the instance.
Value:
'Fn::GetAtt':
-InstanceEndpointAclPolicy
-Entry
InstanceId:
Description: The ID of the instance.
Value:
'Fn::GetAtt':
-InstanceEndpointAclPolicy
- InstanceId