ALIYUN::CR::InstanceEndpointAclPolicy类型用于为公网实例访问入口创建白名单策略。
语法
{
"Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
"Properties": {
"Comment": String,
"Entry": String,
"InstanceId": String,
"ModuleName": String,
"EndpointType": String,
"RegionId": String
}
}
属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
---|---|---|---|---|---|
Comment | String | 否 | 否 | 说明。 | 无 |
Entry | String | 是 | 否 | 允许访问的IP网段,例如192.168.1.1/32。 | 无 |
InstanceId | String | 是 | 否 | 实例ID。 | 无 |
ModuleName | String | 否 | 否 | 需要设置访问策略的模块。 | 取值:
|
EndpointType | String | 否 | 否 | 访问入口类型。 | 取值: internet(公网)。 |
RegionId | String | 否 | 否 | 地域ID。 | 默认为资源栈地域ID。 |
返回值
Fn::GetAtt
- Entry:允许访问的IP网段。
- InstanceId:实例ID。
示例
JSON
格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Comment": {
"Type": "String",
"Description": "The description of the entry."
},
"Entry": {
"Type": "String",
"Description": "The IP address range that is allowed to access the instance."
},
"InstanceId": {
"Type": "String",
"Description": "The ID of the instance."
},
"ModuleName": {
"Type": "String",
"Description": "The name of the module in the instance for which a whitelist is configured. Valid\nvalues: Registry and Chart.",
"Default": "Registry"
},
"EndpointType": {
"Type": "String",
"Description": "The type of the endpoint.",
"Default": "internet"
},
"RegionId": {
"Type": "String",
"Description": "Region ID of instance. Default is current region."
}
},
"Resources": {
"InstanceEndpointAclPolicy": {
"Type": "ALIYUN::CR::InstanceEndpointAclPolicy",
"Properties": {
"Comment": {
"Ref": "Comment"
},
"Entry": {
"Ref": "Entry"
},
"InstanceId": {
"Ref": "InstanceId"
},
"ModuleName": {
"Ref": "ModuleName"
},
"EndpointType": {
"Ref": "EndpointType"
},
"RegionId": {
"Ref": "RegionId"
}
}
}
},
"Outputs": {
"Entry": {
"Description": "The IP address range that is allowed to access the instance.",
"Value": {
"Fn::GetAtt": [
"InstanceEndpointAclPolicy",
"Entry"
]
}
},
"InstanceId": {
"Description": "The ID of the instance.",
"Value": {
"Fn::GetAtt": [
"InstanceEndpointAclPolicy",
"InstanceId"
]
}
}
}
}
YAML
格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Comment:
Type: String
Description: The description of the entry.
Entry:
Type: String
Description: The IP address range that is allowed to access the instance.
InstanceId:
Type: String
Description: The ID of the instance.
ModuleName:
Type: String
Description: >-
The name of the module in the instance for which a whitelist is
configured. Valid
values: Registry and Chart.
Default: Registry
EndpointType:
Type: String
Description: The type of the endpoint.
Default: internet
RegionId:
Type: String
Description: Region ID of instance. Default is current region.
Resources:
InstanceEndpointAclPolicy:
Type: 'ALIYUN::CR::InstanceEndpointAclPolicy'
Properties:
Comment:
Ref: Comment
Entry:
Ref: Entry
InstanceId:
Ref: InstanceId
ModuleName:
Ref: ModuleName
EndpointType:
Ref: EndpointType
RegionId:
Ref: RegionId
Outputs:
Entry:
Description: The IP address range that is allowed to access the instance.
Value:
'Fn::GetAtt':
- InstanceEndpointAclPolicy
- Entry
InstanceId:
Description: The ID of the instance.
Value:
'Fn::GetAtt':
- InstanceEndpointAclPolicy
- InstanceId