Skip to content

VpcFirewallControlPolicyProps

Properties for defining a VpcFirewallControlPolicy.

See https://www.alibabacloud.com/help/ros/developer-reference/aliyun-cloudfw-vpcfirewallcontrolpolicy

Initializer 

using AlibabaCloud.SDK.ROS.CDK.Cloudfw;
new VpcFirewallControlPolicyProps {
    object AclAction,
    object Description,
    object Destination,
    object DestinationType,
    object NewOrder,
    object Proto,
    object Source,
    object SourceType,
    object VpcFirewallId,
    object ApplicationName = null,
    object ApplicationNameList = null,
    object DestPort = null,
    object DestPortGroup = null,
    object DestPortType = null,
    object EndTime = null,
    object Lang = null,
    object MemberUid = null,
    object RegionId = null,
    object Release = null,
    object RepeatDays = null,
    object RepeatEndTime = null,
    object RepeatStartTime = null,
    object RepeatType = null,
    object StartTime = null
};

Properties

Name Type Description
AclAction object Property aclAction: The action that Cloud Firewall performs on the traffic.
Description object Property description: The description of the access control policy.
Destination object Property destination: The destination address in the access control policy.
DestinationType object Property destinationType: The type of the destination address in the access control policy.
NewOrder object Property newOrder: The priority of the access control policy.
Proto object Property proto: The type of the security protocol in the access control policy.
Source object Property source: The source address in the access control policy.
SourceType object Property sourceType: The type of the source address in the access control policy.
VpcFirewallId object Property vpcFirewallId: The ID of the policy group to which you want to add the access control policy.
ApplicationName object Property applicationName: The application type that the access control policy supports.
ApplicationNameList object Property applicationNameList: List of application types supported by the access control policy.
DestPort object Property destPort: The destination port in the access control policy.
DestPortGroup object Property destPortGroup: The address book of destination ports in the access control policy.
DestPortType object Property destPortType: The type of the destination port in the access control policy.
EndTime object Property endTime: The end time of the policy validity period for an access control policy.
Lang object Property lang: The natural language of the request and response.
MemberUid object Property memberUid: Member account UID of current Alibaba Cloud account.
RegionId object Property regionId: Region ID.
Release object Property release: The enabled state of the access control policy.
RepeatDays object Property repeatDays: A collection of repeated dates of policy validity for an access control policy.
RepeatEndTime object Property repeatEndTime: The repeated end time of the policy validity period for an access control policy.
RepeatStartTime object Property repeatStartTime: The repeated start time of the policy validity period for an access control policy.
RepeatType object Property repeatType: The repetition type of the policy validity period for an access control policy.
StartTime object Property startTime: The start time of the policy validity period for an access control policy.

AclActionRequired 

public object AclAction { get; set; }
  • Type: object

Property aclAction: The action that Cloud Firewall performs on the traffic.

Valid values: accept: allows the traffic. drop: denies the traffic. log: monitors the traffic.

DescriptionRequired 

public object Description { get; set; }
  • Type: object

Property description: The description of the access control policy.

DestinationRequired 

public object Destination { get; set; }
  • Type: object

Property destination: The destination address in the access control policy.

Set this parameter in the following way: If the DestinationType parameter is set to net, set the value to a Classless Inter-Domain Routing (CIDR) block. Example: 10.2.3.0/24. If the DestinationType parameter is set to group, set the value to the name of an address book. Example: db_group. If the DestinationType parameter is set to domain, set the value to a domain name. Example: *.aliyuncs.com.

DestinationTypeRequired 

public object DestinationType { get; set; }
  • Type: object

Property destinationType: The type of the destination address in the access control policy.

Valid values: net: CIDR block group: address book domain: domain name

NewOrderRequired 

public object NewOrder { get; set; }
  • Type: object

Property newOrder: The priority of the access control policy.

The priority value starts from 1. A smaller priority value indicates a higher priority. Note The value of -1 indicates the lowest priority.

ProtoRequired 

public object Proto { get; set; }
  • Type: object

Property proto: The type of the security protocol in the access control policy.

SourceRequired 

public object Source { get; set; }
  • Type: object

Property source: The source address in the access control policy.

If the SourceType parameter is set to net, set the value to a CIDR block. Example: 10.2.3.0/24. If the SourceType parameter is set to group, set the value to the name of an address book. Example: db_group.

SourceTypeRequired 

public object SourceType { get; set; }
  • Type: object

Property sourceType: The type of the source address in the access control policy.

Valid values: net: CIDR block group: address book

VpcFirewallIdRequired 

public object VpcFirewallId { get; set; }
  • Type: object

Property vpcFirewallId: The ID of the policy group to which you want to add the access control policy.

If the VPC firewall is used to protect CEN, set the value to the ID of the CEN instance that the VPC firewall protects. Example: cen-ervw5jbw1234*. If the VPC firewall is used to protect Express Connect, set the value to the ID of the VPC firewall instance. Example: vfw-a42bbb748c91234***. Note You can call the DescribeVpcFirewallAclGroupList operation to query the ID of the policy group.

ApplicationNameOptional 

public object ApplicationName { get; set; }
  • Type: object

Property applicationName: The application type that the access control policy supports.

Valid values: ANY (indicates that all application types are supported) FTP HTTP HTTPS MySQL SMTP SMTPS RDP VNC SSH Redis MQTT MongoDB Memcache SSL

ApplicationNameListOptional 

public object ApplicationNameList { get; set; }
  • Type: object

Property applicationNameList: List of application types supported by the access control policy.

DestPortOptional 

public object DestPort { get; set; }
  • Type: object

Property destPort: The destination port in the access control policy.

Note This parameter must be specified if the DestPortType parameter is set to port.

DestPortGroupOptional 

public object DestPortGroup { get; set; }
  • Type: object

Property destPortGroup: The address book of destination ports in the access control policy.

Note This parameter must be specified if the DestPortType parameter is set to group.

DestPortTypeOptional 

public object DestPortType { get; set; }
  • Type: object

Property destPortType: The type of the destination port in the access control policy.

Valid values: port: port group: address book

EndTimeOptional 

public object EndTime { get; set; }
  • Type: object

Property endTime: The end time of the policy validity period for an access control policy.

It is represented in a second-level timestamp format. It must be the whole hour or half hour, and at least half an hour greater than the start time. Notes: When RepeatType is Permanent, EndTime is empty. When RepeatType is None, Daily, Weekly, Monthly, EndTime must havea value, and you need to set the end time.

LangOptional 

public object Lang { get; set; }
  • Type: object

Property lang: The natural language of the request and response.

Valid values: zh: Chinese en: English

MemberUidOptional 

public object MemberUid { get; set; }
  • Type: object

Property memberUid: Member account UID of current Alibaba Cloud account.

RegionIdOptional 

public object RegionId { get; set; }
  • Type: object

Property regionId: Region ID.

Default to cn-hangzhou.

ReleaseOptional 

public object Release { get; set; }
  • Type: object

Property release: The enabled state of the access control policy.

This policy is enabled by default when it is created. Value:

  • true: Access control policy is enabled
  • false: Access control policy is not enabled

RepeatDaysOptional 

public object RepeatDays { get; set; }
  • Type: object

Property repeatDays: A collection of repeated dates of policy validity for an access control policy.

When RepeatType is Permanent, None, and Daily, RepeatDays is an empty set. For example: [] When RepeatType is Weekly, RepeatDays cannot be empty. Example: [0, 6] Notes: When RepeatType is set to Weekly, RepeatDays is not allowed. When RepeatType is Monthly, RepeatDays cannot be empty. Examples: [1, 31] Notes: When RepeatType is set to Monthly, RepeatDays is not allowed to repeat.

RepeatEndTimeOptional 

public object RepeatEndTime { get; set; }
  • Type: object

Property repeatEndTime: The repeated end time of the policy validity period for an access control policy.

For example: 08:00, must be the hour or half time, and less than the repeat start time at least half an hour. Notes: When RepeatType is Permanent and None, RepeatEndTime is empty. When RepeatType is Daily, Weekly, or Monthly, RepeatEndTime musthave a value, and you need to set the repeat end time.

RepeatStartTimeOptional 

public object RepeatStartTime { get; set; }
  • Type: object

Property repeatStartTime: The repeated start time of the policy validity period for an access control policy.

For example: 08:00, must be the hour or half time, and less than the repeat end time at least half an hour. Notes: When RepeatType is Permanent and None, RepeatStartTime is empty. When RepeatType is Daily, Weekly, or Monthly, RepeatStartTime must have a value, and you need to set the repeat start time.

RepeatTypeOptional 

public object RepeatType { get; set; }
  • Type: object

Property repeatType: The repetition type of the policy validity period for an access control policy.

Valid values:

  • Permanent (default)
  • None
  • Daily
  • Weekly
  • Monthly.

StartTimeOptional 

public object StartTime { get; set; }
  • Type: object

Property startTime: The start time of the policy validity period for an access control policy.

It is represented in a second-level timestamp format. It must be the whole hour or half hour, and at least half an hour less than the end time. Notes: When RepeatType is Permanent, StartTime is empty. When RepeatType is None, Daily, Weekly, Monthly, StartTime must have a value, and you need to set the start time.