All Products
Search

This Product

    Resource Orchestration Service:ALIYUN::CLOUDFW::FwSwitch

    Document Center

    Resource Orchestration Service:ALIYUN::CLOUDFW::FwSwitch

    Last Updated:Mar 28, 2026

    ALIYUN::CLOUDFW::FwSwitch is used to enable a firewall.

    Syntax

    {
  "Type": "ALIYUN::CLOUDFW::FwSwitch",
  "Properties": {
    "IpaddrList": List,
    "IpVersion": String,
    "MemberUid": String,
    "ResourceTypeList": List,
    "RegionList": List
  }
}

    Properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    IpaddrList

    List

    No

    No

    The IP addresses.

    Note

    You must specify at least one of the following properties: IpaddrList, RegionList, and ResourceTypeList.

    Example: ["192.0.X.X","192.0.X.X"].

    IpVersion

    String

    No

    No

    The IP version.

    None

    MemberUid

    String

    No

    No

    The unique ID of the member account.

    None

    RegionList

    List

    No

    No

    The regions.

    Note

    You must specify at least one of the following properties: IpaddrList, RegionList, and ResourceTypeList.

    Example: ["cn-hangzhou","cn-shanghai"].

    ResourceTypeList

    List

    No

    No

    The asset types.

    Valid values:

    • BastionHostIP: the egress IP address of a bastion host

    • BastionHostIngressIP: the ingress IP address of a bastion host

    • EcsEIP: the elastic IP address (EIP) of an Elastic Compute Service (ECS) instance

    • EcsPublicIP: the public IP address of an ECS instance

    • EIP: the EIP

    • EniEIP: the EIP of an elastic network interface (ENI)

    • NatEIP: the EIP of a NAT gateway

    • SlbEIP: the EIP of a Server Load Balancer (SLB) instance

    • SlbPublicIP: the public IP address of an SLB instance

    • NatPublicIP: the public IP address of a NAT gateway

    • HAVIP: the high-availability virtual IP address (HAVIP)

    Note

    You must specify at least one of the following properties: IpaddrList, RegionList, and ResourceTypeList.

    Example: ["EcsPublicIp","NatEip"].

    Return values

    Fn::GetAtt

    None.

    Examples

    ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  IpaddrList:
    Description:
      en: 'The list of IP addresses.

        **Note**: You must specify at least one of the following parameters: `IpaddrList`, `RegionList`, or `ResourceTypeList`.'
    MaxLength: 200
    Required: false
    Type: Json
  RegionList:
    Description:
      en: 'The list of regions.

        **Note**: You must specify at least one of the following parameters: `IpaddrList`, `RegionList`, or `ResourceTypeList`.'
    MaxLength: 200
    Required: false
    Type: Json
  ResourceTypeList:
    Description:
      en: 'The list of resource types. Valid values:

        - BastionHostIP: The egress IP address of a bastion host.

        - BastionHostIngressIP: The ingress IP address of a bastion host.

        - EcsEIP: The EIP of an ECS instance.

        - EcsPublicIP: The public IP address of an ECS instance.

        - EIP: An Elastic IP address (EIP).

        - EniEIP: The EIP of an elastic network interface.

        - NatEIP: The EIP of a NAT Gateway.

        - SlbEIP: The EIP of an SLB instance.

        - SlbPublicIP: The public IP address of an SLB instance.

        - NatPublicIP: The public IP address of a NAT Gateway.

        - HAVIP: A high-availability virtual IP address (HAVIP).

        **Note**: You must specify at least one of the following parameters: `IpaddrList`, `RegionList`, or `ResourceTypeList`.'
    MaxLength: 200
    Required: false
    Type: Json
Resources:
  FwSwitch:
    Properties:
      IpaddrList:
        Ref: IpaddrList
      RegionList:
        Ref: RegionList
      ResourceTypeList:
        Ref: ResourceTypeList
    Type: ALIYUN::CLOUDFW::FwSwitch
                        
    {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "IpaddrList": {
      "Type": "Json",
      "Description": {
        "en": "The list of IP addresses.\n**Note**: You must specify at least one of the following parameters: `IpaddrList`, `RegionList`, or `ResourceTypeList`."
      },
      "Required": false,
      "MaxLength": 200
    },
    "ResourceTypeList": {
      "Type": "Json",
      "Description": {
        "en": "The list of resource types. Valid values:\n- BastionHostIP: The egress IP address of a bastion host.\n- BastionHostIngressIP: The ingress IP address of a bastion host.\n- EcsEIP: The EIP of an ECS instance.\n- EcsPublicIP: The public IP address of an ECS instance.\n- EIP: An Elastic IP address (EIP).\n- EniEIP: The EIP of an elastic network interface.\n- NatEIP: The EIP of a NAT Gateway.\n- SlbEIP: The EIP of an SLB instance.\n- SlbPublicIP: The public IP address of an SLB instance.\n- NatPublicIP: The public IP address of a NAT Gateway.\n- HAVIP: A high-availability virtual IP address (HAVIP).\n**Note**: You must specify at least one of the following parameters: `IpaddrList`, `RegionList`, or `ResourceTypeList`."
      },
      "Required": false,
      "MaxLength": 200
    },
    "RegionList": {
      "Type": "Json",
      "Description": {
        "en": "The list of regions.\n**Note**: You must specify at least one of the following parameters: `IpaddrList`, `RegionList`, or `ResourceTypeList`."
      },
      "Required": false,
      "MaxLength": 200
    }
  },
  "Resources": {
    "FwSwitch": {
      "Type": "ALIYUN::CLOUDFW::FwSwitch",
      "Properties": {
        "IpaddrList": {
          "Ref": "IpaddrList"
        },
        "ResourceTypeList": {
          "Ref": "ResourceTypeList"
        },
        "RegionList": {
          "Ref": "RegionList"
        }
      }
    }
  }
}