全部产品
Search
文档中心

资源编排:ALIYUN::PrivateLink::VpcEndpoint

更新时间:Sep 15, 2023

ALIYUN::PrivateLink::VpcEndpoint类型用于创建终端节点。

语法

{
  "Type": "ALIYUN::PrivateLink::VpcEndpoint",
  "Properties": {
    "VpcId": String,
    "EndpointName": String,
    "ServiceName": String,
    "Zone": List,
    "SecurityGroupId": List,
    "EndpointDescription": String,
    "ServiceId": String,
    "ProtectedEnabled": Boolean,
    "ZonePrivateIpAddressCount": Number,
    "EndpointType": String,
    "Tags": List
  }
}

属性

属性名称

类型

必须

允许更新

描述

约束

VpcId

String

终端节点所属的专有网络ID。

EndpointName

String

终端节点名称。

长度为2~128个字符,以英文字母或汉字开头。可包含英文字母、汉字、数字、短划线(-)和下划线(_)。

ServiceName

String

终端节点关联的终端节点服务名称。

Zone

List

可用区。

最多支持10个可用区。

更多信息,请参见Zone属性

SecurityGroupId

List

终端节点网卡关联的安全组ID,安全组可以管控专有网络到终端节点网卡的数据通信。

最多支持关联10个安全组。

EndpointDescription

String

终端节点描述。

长度为2~256个字符,不能以http://https://开头。

ServiceId

String

终端节点关联的终端节点服务ID。

ProtectedEnabled

Boolean

是否开启托管保护。

STS调用方式下生效。取值:

  • true:开启托管保护。只有创建终端节点的用户才能通过STS方式对该终端节点进行修改或删除等操作。

  • false(默认值):不开启托管保护。

ZonePrivateIpAddressCount

Number

每个可用区ENI私网IP的数量。

取值:1。

EndpointType

String

终端节点类型。

取值:Interface,表示终端节点的服务资源类型为slb(传统型负载均衡CLB)的终端节点类型。

Tags

List

标签列表。

最多支持20个标签。

Zone语法

"Zone": [
  {
    "ZoneId": String,
    "VSwitchId": String,
    "Ip": String
  }
]

Zone属性

属性名称

类型

必须

允许更新

描述

约束

ZoneId

String

终端节点服务对应的可用区ID。

VSwitchId

String

在可用区内,需要创建终端节点网卡的交换机ID。

Ip

String

指定终端节点可用区的IP。

Tags语法

"Tags": [
  {
    "Value": String,
    "Key": String
  }
]

Tags属性

属性名称

类型

必须

允许更新

描述

约束

Key

String

实例的标签键。

最多支持20个标签键。一旦传入该值,则不允许为空字符串。

最多支持64个字符,不能以aliyunacs:开头,不能包含http://或者https://

Value

String

实例的标签值。

最多支持20个标签值。一旦传入该值,可以为空字符串。

最多支持128个字符,不能以aliyunacs:开头,不能包含http://或者https://

返回值

Fn::GetAtt

  • EndpointDomain:终端节点域名。

  • Bandwidth:终端节点的连接带宽。

  • EndpointId:终端节点ID。

  • EndpointName:终端节点名称。

  • VpcId:终端节点所属的专有网络ID。

  • ServiceName:终端节点关联的终端节点服务名称。

  • ServiceId:终端节点关联的终端节点服务ID。

  • ZoneDomains:可用区域名。

示例

  • YAML格式

    ROSTemplateFormatVersion: '2015-09-01'
    Parameters:
      MasterZoneId:
        Type: String
        Description: The master zone id to create load balancer instance.
        AssociationProperty: ALIYUN::ECS::Instance::ZoneId
      SlaveZoneId:
        Type: String
        Description: The slave zone id to create load balancer instance.
        AssociationProperty: ALIYUN::ECS::Instance::ZoneId
      VpcId:
        Type: String
        Description: The VPC id to create load balancer instance. For VPC network only.
        AssociationProperty: ALIYUN::ECS::VPC::VPCId
      VSwitchId:
        Type: String
        Description: The VSwitch id to create load balancer instance. For VPC network only.
        AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
        AssociationPropertyMetadata:
          VpcId: ${VpcId}
          ZoneId: ${MasterZoneId}
      SecurityGroupId:
        Type: CommaDelimitedList
        AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
        AssociationPropertyMetadata:
          VpcId: ${VpcId}
        Description: The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.
        MinLength: 1
        MaxLength: 10
    Resources:
      LoadBalancer:
        Type: ALIYUN::SLB::LoadBalancer
        Properties:
          SupportPrivateLink: true
          PayType: PayOnDemand
          VpcId:
            Ref: VpcId
          VSwitchId:
            Ref: VSwitchId
          LoadBalancerSpec: slb.s1.small
          LoadBalancerName: TestLoadBalancer
          AddressType: intranet
          MasterZoneId:
            Ref: MasterZoneId
          SlaveZoneId:
            Ref: SlaveZoneId
      VpcEndpointService:
        DependsOn: LoadBalancer
        Type: ALIYUN::PrivateLink::VpcEndpointService
        Properties:
          User:
            - Ref: ALIYUN::AccountId
          ServiceDescription: test service endpoint
          Resource:
            - ZoneId:
                Ref: MasterZoneId
              ResourceId:
                Ref: LoadBalancer
              ResourceType: slb
          ConnectBandwidth: 100
          AutoAcceptEnabled: true
      VpcEndpoint:
        DependsOn: VpcEndpointService
        Type: ALIYUN::PrivateLink::VpcEndpoint
        Properties:
          VpcId:
            Ref: VpcId
          EndpointName: TestEndpoint
          Zone:
            - ZoneId:
                Ref: MasterZoneId
              VSwitchId:
                Ref: VSwitchId
          SecurityGroupId:
            Ref: SecurityGroupId
          ServiceId:
            Ref: VpcEndpointService
    Outputs:
      ServiceName:
        Description: The name of the endpoint service.
        Value:
          Fn::GetAtt:
            - VpcEndpointService
            - ServiceName
      ServiceDomain:
        Description: The domain name of the endpoint service.
        Value:
          Fn::GetAtt:
            - VpcEndpointService
            - ServiceDomain
      ServiceId:
        Description: The ID of the endpoint service.
        Value:
          Fn::GetAtt:
            - VpcEndpointService
            - ServiceId
      EndpointDomain:
        Description: The domain name of the endpoint.
        Value:
          Fn::GetAtt:
            - VpcEndpoint
            - EndpointDomain
      Bandwidth:
        Description: The bandwidth of the endpoint.
        Value:
          Fn::GetAtt:
            - VpcEndpoint
            - Bandwidth
      EndpointId:
        Description: The ID of the endpoint.
        Value:
          Fn::GetAtt:
            - VpcEndpoint
            - EndpointId                   
  • JSON格式

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Parameters": {
        "MasterZoneId": {
          "Type": "String",
          "Description": "The master zone id to create load balancer instance.",
          "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
        },
        "SlaveZoneId": {
          "Type": "String",
          "Description": "The slave zone id to create load balancer instance.",
          "AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
        },
        "VpcId": {
          "Type": "String",
          "Description": "The VPC id to create load balancer instance. For VPC network only.",
          "AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
        },
        "VSwitchId": {
          "Type": "String",
          "Description": "The VSwitch id to create load balancer instance. For VPC network only.",
          "AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
          "AssociationPropertyMetadata": {
            "VpcId": "${VpcId}",
            "ZoneId": "${MasterZoneId}"
          }
        },
        "SecurityGroupId": {
          "Type": "CommaDelimitedList",
          "AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
          "AssociationPropertyMetadata": {
            "VpcId": "${VpcId}"
          },
          "Description": "The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.",
          "MinLength": 1,
          "MaxLength": 10
        }
      },
      "Resources": {
        "LoadBalancer": {
          "Type": "ALIYUN::SLB::LoadBalancer",
          "Properties": {
            "SupportPrivateLink": true,
            "PayType": "PayOnDemand",
            "VpcId": {
              "Ref": "VpcId"
            },
            "VSwitchId": {
              "Ref": "VSwitchId"
            },
            "LoadBalancerSpec": "slb.s1.small",
            "LoadBalancerName": "TestLoadBalancer",
            "AddressType": "intranet",
            "MasterZoneId": {
              "Ref": "MasterZoneId"
            },
            "SlaveZoneId": {
              "Ref": "SlaveZoneId"
            }
          }
        },
        "VpcEndpointService": {
          "DependsOn": "LoadBalancer",
          "Type": "ALIYUN::PrivateLink::VpcEndpointService",
          "Properties": {
            "User": [
              {
                "Ref": "ALIYUN::AccountId"
              }
            ],
            "ServiceDescription": "test service endpoint",
            "Resource": [
              {
                "ZoneId": {
                  "Ref": "MasterZoneId"
                },
                "ResourceId": {
                  "Ref": "LoadBalancer"
                },
                "ResourceType": "slb"
              }
            ],
            "ConnectBandwidth": 100,
            "AutoAcceptEnabled": true
          }
        },
        "VpcEndpoint": {
          "DependsOn": "VpcEndpointService",
          "Type": "ALIYUN::PrivateLink::VpcEndpoint",
          "Properties": {
            "VpcId": {
              "Ref": "VpcId"
            },
            "EndpointName": "TestEndpoint",
            "Zone": [
              {
                "ZoneId": {
                  "Ref": "MasterZoneId"
                },
                "VSwitchId": {
                  "Ref": "VSwitchId"
                }
              }
            ],
            "SecurityGroupId": {
              "Ref": "SecurityGroupId"
            },
            "ServiceId": {
              "Ref": "VpcEndpointService"
            }
          }
        }
      },
      "Outputs": {
        "ServiceName": {
          "Description": "The name of the endpoint service.",
          "Value": {
            "Fn::GetAtt": [
              "VpcEndpointService",
              "ServiceName"
            ]
          }
        },
        "ServiceDomain": {
          "Description": "The domain name of the endpoint service.",
          "Value": {
            "Fn::GetAtt": [
              "VpcEndpointService",
              "ServiceDomain"
            ]
          }
        },
        "ServiceId": {
          "Description": "The ID of the endpoint service.",
          "Value": {
            "Fn::GetAtt": [
              "VpcEndpointService",
              "ServiceId"
            ]
          }
        },
        "EndpointDomain": {
          "Description": "The domain name of the endpoint.",
          "Value": {
            "Fn::GetAtt": [
              "VpcEndpoint",
              "EndpointDomain"
            ]
          }
        },
        "Bandwidth": {
          "Description": "The bandwidth of the endpoint.",
          "Value": {
            "Fn::GetAtt": [
              "VpcEndpoint",
              "Bandwidth"
            ]
          }
        },
        "EndpointId": {
          "Description": "The ID of the endpoint.",
          "Value": {
            "Fn::GetAtt": [
              "VpcEndpoint",
              "EndpointId"
            ]
          }
        }
      }
    }