ALIYUN::PrivateLink::VpcEndpoint is used to create an endpoint.
Syntax
{
"Type": "ALIYUN::PrivateLink::VpcEndpoint",
"Properties": {
"VpcId": String,
"EndpointName": String,
"ServiceName": String,
"Zone": List,
"SecurityGroupId": List,
"EndpointDescription": String,
"ServiceId": String,
"ProtectedEnabled": Boolean,
"ZonePrivateIpAddressCount": Number,
"EndpointType": String,
"Tags": List
}
}Properties
Property | Type | Required | Editable | Description | Constraint |
VpcId | String | Yes | No | The ID of the virtual private cloud (VPC) to which the endpoint belongs. | None. |
EndpointName | String | No | Yes | The name of the endpoint. | The name must be 2 to 128 characters in length, and can contain letters, digits, hyphens (-), and underscores (_). The name must start with a letter. |
ServiceName | String | No | No | The name of the endpoint service that is associated with the endpoint. | None. |
Zone | List | No | Yes | The zones. | You can specify up to 10 zones. For more information, see Zone properties. |
SecurityGroupId | List | Yes | Yes | The IDs of the security groups that are associated with the elastic network interfaces (ENIs) of the endpoint. Security groups can be used to control data communication between VPCs and endpoint ENIs. | An endpoint ENI can be associated with up to 10 security groups. |
EndpointDescription | String | No | Yes | The description of the endpoint. | The description must be 2 to 256 characters in length, and cannot start with |
ServiceId | String | No | No | The ID of the endpoint service that is associated with the endpoint. | None. |
ProtectedEnabled | Boolean | No | No | Specifies whether to enable user authentication. | This property takes effect in Security Token Service (STS) mode. Valid values:
|
ZonePrivateIpAddressCount | Number | No | No | The number of private IP addresses that are assigned to an ENI in each zone. | Set the value to 1. |
EndpointType | String | No | No | The type of the endpoint. | Set the value to Interface. In this case, you can specify Classic Load Balancer (CLB) instances as the service resources of the endpoint service. |
Tags | List | No | Yes | The tags of the endpoint. | You can add up to 20 tags. |
Zone syntax
"Zone": [
{
"ZoneId": String,
"VSwitchId": String,
"Ip": String
}
]Zone properties
Property | Type | Required | Editable | Description | Constraint |
ZoneId | String | No | No | The ID of the zone in which the endpoint service resides. | None. |
VSwitchId | String | No | No | The ID of the vSwitch for which you want to create the endpoint ENI in the zone. | None. |
Ip | String | No | No | The IP address of the zone in which the endpoint resides. | None. |
Tags syntax
"Tags": [
{
"Value": String,
"Key": String
}
]Tags properties
Property | Type | Required | Editable | Description | Constraint |
Key | String | Yes | No | The key of the tag. | You can specify up to 20 tag keys. The tag key cannot be an empty string. The tag key can be up to 64 characters in length, and cannot contain |
Value | String | No | No | The value of the tag. | You can specify up to 20 tag values. The tag value can be an empty string. The tag value can be up to 128 characters in length, and cannot contain |
Return values
Fn::GetAtt
EndpointDomain: the domain of the endpoint.
Bandwidth: the bandwidth of the endpoint.
EndpointId: the ID of the endpoint.
EndpointName: the name of the endpoint.
VpcId: the ID of the VPC to which the endpoint belongs.
ServiceName: the name of the endpoint service that is associated with the endpoint.
ServiceId: the ID of the endpoint service that is associated with the endpoint.
ZoneDomains: the zone domains.
Arn: the Alibaba Cloud Resource Name (ARN).
Examples
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
MasterZoneId:
Type: String
Description: The master zone id to create load balancer instance.
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
SlaveZoneId:
Type: String
Description: The slave zone id to create load balancer instance.
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
VpcId:
Type: String
Description: The VPC id to create load balancer instance. For VPC network only.
AssociationProperty: ALIYUN::ECS::VPC::VPCId
VSwitchId:
Type: String
Description: The VSwitch id to create load balancer instance. For VPC network only.
AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
AssociationPropertyMetadata:
VpcId: ${VpcId}
ZoneId: ${MasterZoneId}
SecurityGroupId:
Type: CommaDelimitedList
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
VpcId: ${VpcId}
Description: The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.
MinLength: 1
MaxLength: 10
Resources:
LoadBalancer:
Type: ALIYUN::SLB::LoadBalancer
Properties:
SupportPrivateLink: true
PayType: PayOnDemand
VpcId:
Ref: VpcId
VSwitchId:
Ref: VSwitchId
LoadBalancerSpec: slb.s1.small
LoadBalancerName: TestLoadBalancer
AddressType: intranet
MasterZoneId:
Ref: MasterZoneId
SlaveZoneId:
Ref: SlaveZoneId
VpcEndpointService:
DependsOn: LoadBalancer
Type: ALIYUN::PrivateLink::VpcEndpointService
Properties:
User:
- Ref: ALIYUN::AccountId
ServiceDescription: test service endpoint
Resource:
- ZoneId:
Ref: MasterZoneId
ResourceId:
Ref: LoadBalancer
ResourceType: slb
ConnectBandwidth: 100
AutoAcceptEnabled: true
VpcEndpoint:
DependsOn: VpcEndpointService
Type: ALIYUN::PrivateLink::VpcEndpoint
Properties:
VpcId:
Ref: VpcId
EndpointName: TestEndpoint
Zone:
- ZoneId:
Ref: MasterZoneId
VSwitchId:
Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
ServiceId:
Ref: VpcEndpointService
Outputs:
ServiceName:
Description: The name of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceName
ServiceDomain:
Description: The domain name of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceDomain
ServiceId:
Description: The ID of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceId
EndpointDomain:
Description: The domain name of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- EndpointDomain
Bandwidth:
Description: The bandwidth of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- Bandwidth
EndpointId:
Description: The ID of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- EndpointId {
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"MasterZoneId": {
"Type": "String",
"Description": "The master zone id to create load balancer instance.",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
},
"SlaveZoneId": {
"Type": "String",
"Description": "The slave zone id to create load balancer instance.",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
},
"VpcId": {
"Type": "String",
"Description": "The VPC id to create load balancer instance. For VPC network only.",
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
},
"VSwitchId": {
"Type": "String",
"Description": "The VSwitch id to create load balancer instance. For VPC network only.",
"AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}",
"ZoneId": "${MasterZoneId}"
}
},
"SecurityGroupId": {
"Type": "CommaDelimitedList",
"AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}"
},
"Description": "The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.",
"MinLength": 1,
"MaxLength": 10
}
},
"Resources": {
"LoadBalancer": {
"Type": "ALIYUN::SLB::LoadBalancer",
"Properties": {
"SupportPrivateLink": true,
"PayType": "PayOnDemand",
"VpcId": {
"Ref": "VpcId"
},
"VSwitchId": {
"Ref": "VSwitchId"
},
"LoadBalancerSpec": "slb.s1.small",
"LoadBalancerName": "TestLoadBalancer",
"AddressType": "intranet",
"MasterZoneId": {
"Ref": "MasterZoneId"
},
"SlaveZoneId": {
"Ref": "SlaveZoneId"
}
}
},
"VpcEndpointService": {
"DependsOn": "LoadBalancer",
"Type": "ALIYUN::PrivateLink::VpcEndpointService",
"Properties": {
"User": [
{
"Ref": "ALIYUN::AccountId"
}
],
"ServiceDescription": "test service endpoint",
"Resource": [
{
"ZoneId": {
"Ref": "MasterZoneId"
},
"ResourceId": {
"Ref": "LoadBalancer"
},
"ResourceType": "slb"
}
],
"ConnectBandwidth": 100,
"AutoAcceptEnabled": true
}
},
"VpcEndpoint": {
"DependsOn": "VpcEndpointService",
"Type": "ALIYUN::PrivateLink::VpcEndpoint",
"Properties": {
"VpcId": {
"Ref": "VpcId"
},
"EndpointName": "TestEndpoint",
"Zone": [
{
"ZoneId": {
"Ref": "MasterZoneId"
},
"VSwitchId": {
"Ref": "VSwitchId"
}
}
],
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"ServiceId": {
"Ref": "VpcEndpointService"
}
}
}
},
"Outputs": {
"ServiceName": {
"Description": "The name of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceName"
]
}
},
"ServiceDomain": {
"Description": "The domain name of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceDomain"
]
}
},
"ServiceId": {
"Description": "The ID of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceId"
]
}
},
"EndpointDomain": {
"Description": "The domain name of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"EndpointDomain"
]
}
},
"Bandwidth": {
"Description": "The bandwidth of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"Bandwidth"
]
}
},
"EndpointId": {
"Description": "The ID of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"EndpointId"
]
}
}
}
}