ALIYUN::PrivateLink::VpcEndpoint类型用于创建终端节点。
语法
{
"Type": "ALIYUN::PrivateLink::VpcEndpoint",
"Properties": {
"VpcId": String,
"EndpointName": String,
"ServiceName": String,
"Zone": List,
"SecurityGroupId": List,
"EndpointDescription": String,
"ServiceId": String,
"ProtectedEnabled": Boolean,
"ZonePrivateIpAddressCount": Number,
"EndpointType": String,
"Tags": List
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
VpcId | String | 是 | 否 | 终端节点所属的专有网络ID。 | 无 |
EndpointName | String | 否 | 是 | 终端节点名称。 | 长度为2~128个字符,以英文字母或汉字开头。可包含英文字母、汉字、数字、短划线(-)和下划线(_)。 |
ServiceName | String | 否 | 否 | 终端节点关联的终端节点服务名称。 | 无 |
Zone | List | 否 | 是 | 可用区。 | 最多支持10个可用区。 更多信息,请参见Zone属性。 |
SecurityGroupId | List | 是 | 是 | 终端节点网卡关联的安全组ID,安全组可以管控专有网络到终端节点网卡的数据通信。 | 最多支持关联10个安全组。 |
EndpointDescription | String | 否 | 是 | 终端节点描述。 | 长度为2~256个字符,不能以 |
ServiceId | String | 否 | 否 | 终端节点关联的终端节点服务ID。 | 无 |
ProtectedEnabled | Boolean | 否 | 否 | 是否开启托管保护。 | STS调用方式下生效。取值:
|
ZonePrivateIpAddressCount | Number | 否 | 否 | 每个可用区ENI私网IP的数量。 | 取值:1。 |
EndpointType | String | 否 | 否 | 终端节点类型。 | 取值:Interface,表示终端节点的服务资源类型为slb(传统型负载均衡CLB)的终端节点类型。 |
Tags | List | 否 | 是 | 标签列表。 | 最多支持20个标签。 |
Zone语法
"Zone": [
{
"ZoneId": String,
"VSwitchId": String,
"Ip": String
}
]Zone属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
ZoneId | String | 否 | 否 | 终端节点服务对应的可用区ID。 | 无 |
VSwitchId | String | 否 | 否 | 在可用区内,需要创建终端节点网卡的交换机ID。 | 无 |
Ip | String | 否 | 否 | 指定终端节点可用区的IP。 | 无 |
Tags语法
"Tags": [
{
"Value": String,
"Key": String
}
]Tags属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Key | String | 是 | 否 | 实例的标签键。 | 最多支持20个标签键。一旦传入该值,则不允许为空字符串。 最多支持64个字符,不能以 |
Value | String | 否 | 否 | 实例的标签值。 | 最多支持20个标签值。一旦传入该值,可以为空字符串。 最多支持128个字符,不能以 |
返回值
Fn::GetAtt
EndpointDomain:终端节点域名。
Bandwidth:终端节点的连接带宽。
EndpointId:终端节点ID。
EndpointName:终端节点名称。
VpcId:终端节点所属的专有网络ID。
ServiceName:终端节点关联的终端节点服务名称。
ServiceId:终端节点关联的终端节点服务ID。
ZoneDomains:可用区域名。
Arn:阿里云资源名称。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
MasterZoneId:
Type: String
Description: The master zone id to create load balancer instance.
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
SlaveZoneId:
Type: String
Description: The slave zone id to create load balancer instance.
AssociationProperty: ALIYUN::ECS::Instance::ZoneId
VpcId:
Type: String
Description: The VPC id to create load balancer instance. For VPC network only.
AssociationProperty: ALIYUN::ECS::VPC::VPCId
VSwitchId:
Type: String
Description: The VSwitch id to create load balancer instance. For VPC network only.
AssociationProperty: ALIYUN::ECS::VSwitch::VSwitchId
AssociationPropertyMetadata:
VpcId: ${VpcId}
ZoneId: ${MasterZoneId}
SecurityGroupId:
Type: CommaDelimitedList
AssociationProperty: ALIYUN::ECS::SecurityGroup::SecurityGroupId
AssociationPropertyMetadata:
VpcId: ${VpcId}
Description: The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.
MinLength: 1
MaxLength: 10
Resources:
LoadBalancer:
Type: ALIYUN::SLB::LoadBalancer
Properties:
SupportPrivateLink: true
PayType: PayOnDemand
VpcId:
Ref: VpcId
VSwitchId:
Ref: VSwitchId
LoadBalancerSpec: slb.s1.small
LoadBalancerName: TestLoadBalancer
AddressType: intranet
MasterZoneId:
Ref: MasterZoneId
SlaveZoneId:
Ref: SlaveZoneId
VpcEndpointService:
DependsOn: LoadBalancer
Type: ALIYUN::PrivateLink::VpcEndpointService
Properties:
User:
- Ref: ALIYUN::AccountId
ServiceDescription: test service endpoint
Resource:
- ZoneId:
Ref: MasterZoneId
ResourceId:
Ref: LoadBalancer
ResourceType: slb
ConnectBandwidth: 100
AutoAcceptEnabled: true
VpcEndpoint:
DependsOn: VpcEndpointService
Type: ALIYUN::PrivateLink::VpcEndpoint
Properties:
VpcId:
Ref: VpcId
EndpointName: TestEndpoint
Zone:
- ZoneId:
Ref: MasterZoneId
VSwitchId:
Ref: VSwitchId
SecurityGroupId:
Ref: SecurityGroupId
ServiceId:
Ref: VpcEndpointService
Outputs:
ServiceName:
Description: The name of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceName
ServiceDomain:
Description: The domain name of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceDomain
ServiceId:
Description: The ID of the endpoint service.
Value:
Fn::GetAtt:
- VpcEndpointService
- ServiceId
EndpointDomain:
Description: The domain name of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- EndpointDomain
Bandwidth:
Description: The bandwidth of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- Bandwidth
EndpointId:
Description: The ID of the endpoint.
Value:
Fn::GetAtt:
- VpcEndpoint
- EndpointId {
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"MasterZoneId": {
"Type": "String",
"Description": "The master zone id to create load balancer instance.",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
},
"SlaveZoneId": {
"Type": "String",
"Description": "The slave zone id to create load balancer instance.",
"AssociationProperty": "ALIYUN::ECS::Instance::ZoneId"
},
"VpcId": {
"Type": "String",
"Description": "The VPC id to create load balancer instance. For VPC network only.",
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId"
},
"VSwitchId": {
"Type": "String",
"Description": "The VSwitch id to create load balancer instance. For VPC network only.",
"AssociationProperty": "ALIYUN::ECS::VSwitch::VSwitchId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}",
"ZoneId": "${MasterZoneId}"
}
},
"SecurityGroupId": {
"Type": "CommaDelimitedList",
"AssociationProperty": "ALIYUN::ECS::SecurityGroup::SecurityGroupId",
"AssociationPropertyMetadata": {
"VpcId": "${VpcId}"
},
"Description": "The security group associated with the endpoint network interface. The security group can control the data communication from the VPC to the endpoint network interface.",
"MinLength": 1,
"MaxLength": 10
}
},
"Resources": {
"LoadBalancer": {
"Type": "ALIYUN::SLB::LoadBalancer",
"Properties": {
"SupportPrivateLink": true,
"PayType": "PayOnDemand",
"VpcId": {
"Ref": "VpcId"
},
"VSwitchId": {
"Ref": "VSwitchId"
},
"LoadBalancerSpec": "slb.s1.small",
"LoadBalancerName": "TestLoadBalancer",
"AddressType": "intranet",
"MasterZoneId": {
"Ref": "MasterZoneId"
},
"SlaveZoneId": {
"Ref": "SlaveZoneId"
}
}
},
"VpcEndpointService": {
"DependsOn": "LoadBalancer",
"Type": "ALIYUN::PrivateLink::VpcEndpointService",
"Properties": {
"User": [
{
"Ref": "ALIYUN::AccountId"
}
],
"ServiceDescription": "test service endpoint",
"Resource": [
{
"ZoneId": {
"Ref": "MasterZoneId"
},
"ResourceId": {
"Ref": "LoadBalancer"
},
"ResourceType": "slb"
}
],
"ConnectBandwidth": 100,
"AutoAcceptEnabled": true
}
},
"VpcEndpoint": {
"DependsOn": "VpcEndpointService",
"Type": "ALIYUN::PrivateLink::VpcEndpoint",
"Properties": {
"VpcId": {
"Ref": "VpcId"
},
"EndpointName": "TestEndpoint",
"Zone": [
{
"ZoneId": {
"Ref": "MasterZoneId"
},
"VSwitchId": {
"Ref": "VSwitchId"
}
}
],
"SecurityGroupId": {
"Ref": "SecurityGroupId"
},
"ServiceId": {
"Ref": "VpcEndpointService"
}
}
}
},
"Outputs": {
"ServiceName": {
"Description": "The name of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceName"
]
}
},
"ServiceDomain": {
"Description": "The domain name of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceDomain"
]
}
},
"ServiceId": {
"Description": "The ID of the endpoint service.",
"Value": {
"Fn::GetAtt": [
"VpcEndpointService",
"ServiceId"
]
}
},
"EndpointDomain": {
"Description": "The domain name of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"EndpointDomain"
]
}
},
"Bandwidth": {
"Description": "The bandwidth of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"Bandwidth"
]
}
},
"EndpointId": {
"Description": "The ID of the endpoint.",
"Value": {
"Fn::GetAtt": [
"VpcEndpoint",
"EndpointId"
]
}
}
}
}