ALIYUN::ECS::ForwardEntry类型用于配置NAT网关的DNAT表。
语法
{
"Type": "ALIYUN::ECS::ForwardEntry",
"Properties": {
"ExternalIp": String,
"ExternalPort": String,
"ForwardTableId": String,
"InternalIp": String,
"IpProtocol": String,
"InternalPort": String,
"PortBreak": Boolean,
"ForwardEntryName": String
}
}
属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
---|---|---|---|---|---|
ExternalIp | String | 是 | 否 | 公网IP | ExternalIp必须已加入该DNAT所属NAT网关上的共享带宽包。 |
ExternalPort | String | 是 | 否 | 连接公网的端口 | 取值范围:1~65,535。 |
ForwardTableId | String | 是 | 否 | DNAT表的ID | 无 |
InternalIp | String | 是 | 否 | 转发请求的目标IP | InternalIp是私网IP。 |
IpProtocol | String | 是 | 否 | 协议类型 | 取值:
|
InternalPort | String | 是 | 否 | 目标私网端口 | 取值范围:1~65,535。 |
PortBreak | Boolean | 否 | 否 | 是否开启端口突破 | 取值:
说明 当DNAT条目和SNAT条目使用同一个公网IP地址时,如果您想配置大于1024的端口号,您需要指定PortBreak为true。
|
ForwardEntryName | String | 否 | 否 | DNAT规则的名称 | 长度为2~128个字符,必须以英文字母或汉字开头,但不能以http:// 或https:// 开头。
|
返回值
Fn::GetAtt
ForwardEntryId:DNAT中每一个条目的ID。
示例
JSON
格式
{
"Parameters": {
"ExternalPort": {
"Type": "String",
"Description": "Source port, now support [1-65535]|Any|x/y"
},
"ExternalIp": {
"Type": "String",
"Description": "Source IP, must belongs to bandwidth package internet IP"
},
"IpProtocol": {
"Type": "String",
"Description": "Supported protocol, Now support 'TCP|UDP|Any'",
"AllowedValues": [
"TCP",
"UDP",
"Any"
]
},
"PortBreak": {
"Type": "Boolean",
"Description": "Specifies whether to remove limits on the port range.",
"AllowedValues": [
"True",
"true",
"False",
"false"
]
},
"InternalPort": {
"Type": "String",
"Description": "Destination port, now support [1-65535]|Any|x/y"
},
"ForwardEntryName": {
"Type": "String",
"Description": "the name of the DNAT rule is 2-128 characters long and must start with a letter or Chinese, but cannot begin with HTTP:// or https://."
},
"InternalIp": {
"Type": "String",
"Description": "Destination IP, must belong to VPC private IP"
},
"ForwardTableId": {
"Type": "String",
"Description": "Create forward entry in specified forward table."
}
},
"ROSTemplateFormatVersion": "2015-09-01",
"Outputs": {
"ForwardEntryId": {
"Description": "The id of created forward entry.",
"Value": {
"Fn::GetAtt": [
"ForwardTableEntry",
"ForwardEntryId"
]
}
}
},
"Resources": {
"ForwardTableEntry": {
"Type": "ALIYUN::ECS::ForwardEntry",
"Properties": {
"ExternalPort": {
"Ref": "ExternalPort"
},
"ExternalIp": {
"Ref": "ExternalIp"
},
"IpProtocol": {
"Ref": "IpProtocol"
},
"PortBreak": {
"Ref": "PortBreak"
},
"InternalPort": {
"Ref": "InternalPort"
},
"ForwardEntryName": {
"Ref": "ForwardEntryName"
},
"InternalIp": {
"Ref": "InternalIp"
},
"ForwardTableId": {
"Ref": "ForwardTableId"
}
}
}
}
}
YAML
格式
Parameters:
ExternalPort:
Type: String
Description: 'Source port, now support [1-65535]|Any|x/y'
ExternalIp:
Type: String
Description: 'Source IP, must belongs to bandwidth package internet IP'
IpProtocol:
Type: String
Description: 'Supported protocol, Now support ''TCP|UDP|Any'''
AllowedValues:
- TCP
- UDP
- Any
PortBreak:
Type: Boolean
Description: Specifies whether to remove limits on the port range.
AllowedValues:
- 'True'
- 'true'
- 'False'
- 'false'
InternalPort:
Type: String
Description: 'Destination port, now support [1-65535]|Any|x/y'
ForwardEntryName:
Type: String
Description: >-
the name of the DNAT rule is 2-128 characters long and must start with a
letter or Chinese, but cannot begin with HTTP:// or https://.
InternalIp:
Type: String
Description: 'Destination IP, must belong to VPC private IP'
ForwardTableId:
Type: String
Description: Create forward entry in specified forward table.
ROSTemplateFormatVersion: '2015-09-01'
Outputs:
ForwardEntryId:
Description: The id of created forward entry.
Value:
'Fn::GetAtt':
- ForwardTableEntry
- ForwardEntryId
Resources:
ForwardTableEntry:
Type: 'ALIYUN::ECS::ForwardEntry'
Properties:
ExternalPort:
Ref: ExternalPort
ExternalIp:
Ref: ExternalIp
IpProtocol:
Ref: IpProtocol
PortBreak:
Ref: PortBreak
InternalPort:
Ref: InternalPort
ForwardEntryName:
Ref: ForwardEntryName
InternalIp:
Ref: InternalIp
ForwardTableId:
Ref: ForwardTableId