ALIYUN::ECS::ForwardEntry is used to configure the Destination Network Address Translation (DNAT) table of a Network Address Translation (NAT) gateway.

Syntax

{
  "Type": "ALIYUN::ECS::ForwardEntry",
  "Properties": {
    "ExternalIp": String,
    "ExternalPort": String,
    "ForwardTableId": String,
    "InternalIp": String,
    "IpProtocol": String,
    "InternalPort": String,
    "PortBreak": Boolean,
    "ForwardEntryName": String
  }
}

Properties

Property Type Required Editable Description Constraint
ExternalIp String Yes No The public IP address. The value of the ExternalIp property must be an IP address that is included in the shared service plan of the NAT gateway to which the DNAT table belongs.
ExternalPort String Yes No The public port number. Valid values: 1 to 65535.
ForwardTableId String Yes No The ID of the DNAT table. None
InternalIp String Yes No The destination IP address to which you want to forward the request. The value of the InternalIp property must be a private IP address.
IpProtocol String Yes No The protocol type. Valid values:
  • TCP
  • UDP
  • Any
InternalPort String Yes No The port number of the private network. Valid values: 1 to 65535.
PortBreak Boolean No No Specifies whether to remove limits on the port range. Default value: false. Valid values:
  • true: removes limits on the port range.
  • false: does not remove limits on the port range.
Note If an SNAT entry and a DNAT entry use the same public IP address and you want to specify a port number that is greater than 1024, set the Portbreak property to true.
ForwardEntryName String No No The name of the DNAT entry. The name must be 2 to 128 characters in length and must start with a letter. The name cannot start with http:// or https://.

Return values

Fn::GetAtt

ForwardEntryId: the ID of each entry in the DNAT table.

Examples

JSON format

{
  "Parameters": {
    "ExternalPort": {
      "Type": "String",
      "Description": "Source port, now support [1-65535]|Any|x/y"
    },
    "ExternalIp": {
      "Type": "String",
      "Description": "Source IP, must belongs to bandwidth package internet IP"
    },
    "IpProtocol": {
      "Type": "String",
      "Description": "Supported protocol, Now support 'TCP|UDP|Any'",
      "AllowedValues": [
        "TCP",
        "UDP",
        "Any"
      ]
    },
    "PortBreak": {
      "Type": "Boolean",
      "Description": "Specifies whether to remove limits on the port range.",
      "AllowedValues": [
        "True",
        "true",
        "False",
        "false"
      ]
    },
    "InternalPort": {
      "Type": "String",
      "Description": "Destination port, now support [1-65535]|Any|x/y"
    },
    "ForwardEntryName": {
      "Type": "String",
      "Description": "the name of the DNAT rule is 2-128 characters long and must start with a letter or Chinese, but cannot begin with HTTP:// or https://."
    },
    "InternalIp": {
      "Type": "String",
      "Description": "Destination IP, must belong to VPC private IP"
    },
    "ForwardTableId": {
      "Type": "String",
      "Description": "Create forward entry in specified forward table."
    }
  },
  "ROSTemplateFormatVersion": "2015-09-01",
  "Outputs": {
    "ForwardEntryId": {
      "Description": "The id of created forward entry.",
      "Value": {
        "Fn::GetAtt": [
          "ForwardTableEntry",
          "ForwardEntryId"
        ]
      }
    }
  },
  "Resources": {
    "ForwardTableEntry": {
      "Type": "ALIYUN::ECS::ForwardEntry",
      "Properties": {
        "ExternalPort": {
          "Ref": "ExternalPort"
        },
        "ExternalIp": {
          "Ref": "ExternalIp"
        },
        "IpProtocol": {
          "Ref": "IpProtocol"
        },
        "PortBreak": {
          "Ref": "PortBreak"
        },
        "InternalPort": {
          "Ref": "InternalPort"
        },
        "ForwardEntryName": {
          "Ref": "ForwardEntryName"
        },
        "InternalIp": {
          "Ref": "InternalIp"
        },
        "ForwardTableId": {
          "Ref": "ForwardTableId"
        }
      }
    }
  }
}

YAML format

Parameters:
  ExternalPort:
    Type: String
    Description: 'Source port, now support [1-65535]|Any|x/y'
  ExternalIp:
    Type: String
    Description: 'Source IP, must belongs to bandwidth package internet IP'
  IpProtocol:
    Type: String
    Description: 'Supported protocol, Now support ''TCP|UDP|Any'''
    AllowedValues:
      - TCP
      - UDP
      - Any
  PortBreak:
    Type: Boolean
    Description: Specifies whether to remove limits on the port range.
    AllowedValues:
      - 'True'
      - 'true'
      - 'False'
      - 'false'
  InternalPort:
    Type: String
    Description: 'Destination port, now support [1-65535]|Any|x/y'
  ForwardEntryName:
    Type: String
    Description: >-
      the name of the DNAT rule is 2-128 characters long and must start with a
      letter or Chinese, but cannot begin with HTTP:// or https://.
  InternalIp:
    Type: String
    Description: 'Destination IP, must belong to VPC private IP'
  ForwardTableId:
    Type: String
    Description: Create forward entry in specified forward table.
ROSTemplateFormatVersion: '2015-09-01'
Outputs:
  ForwardEntryId:
    Description: The id of created forward entry.
    Value:
      'Fn::GetAtt':
        - ForwardTableEntry
        - ForwardEntryId
Resources:
  ForwardTableEntry:
    Type: 'ALIYUN::ECS::ForwardEntry'
    Properties:
      ExternalPort:
        Ref: ExternalPort
      ExternalIp:
        Ref: ExternalIp
      IpProtocol:
        Ref: IpProtocol
      PortBreak:
        Ref: PortBreak
      InternalPort:
        Ref: InternalPort
      ForwardEntryName:
        Ref: ForwardEntryName
      InternalIp:
        Ref: InternalIp
      ForwardTableId:
        Ref: ForwardTableId
            

To view more examples, visit ForwardEntry.json and ForwardEntry.yml.