title: "SecgroupRule" title_tag: "huaweicloud.Vpc.SecgroupRule" meta_desc: "Documentation for the huaweicloud.Vpc.SecgroupRule resource with examples, input properties, output properties, lookup functions, and supporting types." layout: api no_edit_this_page: true
Manages a Security Group Rule resource within HuaweiCloud.
Create an ingress rule that opens TCP port 8080 with port range parameters
using System.Collections.Generic;
using Pulumi;
using Huaweicloud = Pulumi.Huaweicloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var securityGroupId = config.RequireObject<dynamic>("securityGroupId");
var test = new Huaweicloud.Vpc.SecgroupRule("test", new()
{
SecurityGroupId = securityGroupId,
Direction = "ingress",
Ethertype = "IPv4",
Protocol = "tcp",
PortRangeMin = 8080,
PortRangeMax = 8080,
RemoteIpPrefix = "0.0.0.0/0",
});
});
package main
import (
"github.com/huaweicloud/pulumi-huaweicloud/sdk/go/huaweicloud/Vpc"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
securityGroupId := cfg.RequireObject("securityGroupId")
_, err := Vpc.NewSecgroupRule(ctx, "test", &Vpc.SecgroupRuleArgs{
SecurityGroupId: pulumi.Any(securityGroupId),
Direction: pulumi.String("ingress"),
Ethertype: pulumi.String("IPv4"),
Protocol: pulumi.String("tcp"),
PortRangeMin: pulumi.Int(8080),
PortRangeMax: pulumi.Int(8080),
RemoteIpPrefix: pulumi.String("0.0.0.0/0"),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.huaweicloud.Vpc.SecgroupRule;
import com.pulumi.huaweicloud.Vpc.SecgroupRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var securityGroupId = config.get("securityGroupId");
var test = new SecgroupRule("test", SecgroupRuleArgs.builder()
.securityGroupId(securityGroupId)
.direction("ingress")
.ethertype("IPv4")
.protocol("tcp")
.portRangeMin(8080)
.portRangeMax(8080)
.remoteIpPrefix("0.0.0.0/0")
.build());
}
}
import pulumi
import pulumi_huaweicloud as huaweicloud
config = pulumi.Config()
security_group_id = config.require_object("securityGroupId")
test = huaweicloud.vpc.SecgroupRule("test",
security_group_id=security_group_id,
direction="ingress",
ethertype="IPv4",
protocol="tcp",
port_range_min=8080,
port_range_max=8080,
remote_ip_prefix="0.0.0.0/0")
import * as pulumi from "@pulumi/pulumi";
import * as pulumi from "@huaweicloudos/pulumi";
const config = new pulumi.Config();
const securityGroupId = config.requireObject("securityGroupId");
const test = new huaweicloud.vpc.SecgroupRule("test", {
securityGroupId: securityGroupId,
direction: "ingress",
ethertype: "IPv4",
protocol: "tcp",
portRangeMin: 8080,
portRangeMax: 8080,
remoteIpPrefix: "0.0.0.0/0",
});
configuration:
securityGroupId:
type: dynamic
resources:
test:
type: huaweicloud:Vpc:SecgroupRule
properties:
securityGroupId: ${securityGroupId}
direction: ingress
ethertype: IPv4
protocol: tcp
portRangeMin: 8080
portRangeMax: 8080
remoteIpPrefix: 0.0.0.0/0
Create an ingress rule that enable the remote address group and open some TCP ports
using System.Collections.Generic;
using Pulumi;
using Huaweicloud = Pulumi.Huaweicloud;
return await Deployment.RunAsync(() =>
{
var config = new Config();
var groupName = config.RequireObject<dynamic>("groupName");
var securityGroupId = config.RequireObject<dynamic>("securityGroupId");
var testAddressGroup = new Huaweicloud.Vpc.AddressGroup("testAddressGroup", new()
{
Addresses = new[]
{
"192.168.10.12",
"192.168.11.0-192.168.11.240",
},
});
var testSecgroupRule = new Huaweicloud.Vpc.SecgroupRule("testSecgroupRule", new()
{
SecurityGroupId = securityGroupId,
Direction = "ingress",
Action = "allow",
Ethertype = "IPv4",
Ports = "80,500,600-800",
Protocol = "tcp",
Priority = 5,
RemoteAddressGroupId = testAddressGroup.Id,
});
});
package main
import (
"github.com/huaweicloud/pulumi-huaweicloud/sdk/go/huaweicloud/Vpc"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
groupName := cfg.RequireObject("groupName")
securityGroupId := cfg.RequireObject("securityGroupId")
testAddressGroup, err := Vpc.NewAddressGroup(ctx, "testAddressGroup", &Vpc.AddressGroupArgs{
Addresses: pulumi.StringArray{
pulumi.String("192.168.10.12"),
pulumi.String("192.168.11.0-192.168.11.240"),
},
})
if err != nil {
return err
}
_, err = Vpc.NewSecgroupRule(ctx, "testSecgroupRule", &Vpc.SecgroupRuleArgs{
SecurityGroupId: pulumi.Any(securityGroupId),
Direction: pulumi.String("ingress"),
Action: pulumi.String("allow"),
Ethertype: pulumi.String("IPv4"),
Ports: pulumi.String("80,500,600-800"),
Protocol: pulumi.String("tcp"),
Priority: pulumi.Int(5),
RemoteAddressGroupId: testAddressGroup.ID(),
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.huaweicloud.Vpc.AddressGroup;
import com.pulumi.huaweicloud.Vpc.AddressGroupArgs;
import com.pulumi.huaweicloud.Vpc.SecgroupRule;
import com.pulumi.huaweicloud.Vpc.SecgroupRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var groupName = config.get("groupName");
final var securityGroupId = config.get("securityGroupId");
var testAddressGroup = new AddressGroup("testAddressGroup", AddressGroupArgs.builder()
.addresses(
"192.168.10.12",
"192.168.11.0-192.168.11.240")
.build());
var testSecgroupRule = new SecgroupRule("testSecgroupRule", SecgroupRuleArgs.builder()
.securityGroupId(securityGroupId)
.direction("ingress")
.action("allow")
.ethertype("IPv4")
.ports("80,500,600-800")
.protocol("tcp")
.priority(5)
.remoteAddressGroupId(testAddressGroup.id())
.build());
}
}
import pulumi
import pulumi_huaweicloud as huaweicloud
config = pulumi.Config()
group_name = config.require_object("groupName")
security_group_id = config.require_object("securityGroupId")
test_address_group = huaweicloud.vpc.AddressGroup("testAddressGroup", addresses=[
"192.168.10.12",
"192.168.11.0-192.168.11.240",
])
test_secgroup_rule = huaweicloud.vpc.SecgroupRule("testSecgroupRule",
security_group_id=security_group_id,
direction="ingress",
action="allow",
ethertype="IPv4",
ports="80,500,600-800",
protocol="tcp",
priority=5,
remote_address_group_id=test_address_group.id)
import * as pulumi from "@pulumi/pulumi";
import * as pulumi from "@huaweicloudos/pulumi";
const config = new pulumi.Config();
const groupName = config.requireObject("groupName");
const securityGroupId = config.requireObject("securityGroupId");
const testAddressGroup = new huaweicloud.vpc.AddressGroup("testAddressGroup", {addresses: [
"192.168.10.12",
"192.168.11.0-192.168.11.240",
]});
const testSecgroupRule = new huaweicloud.vpc.SecgroupRule("testSecgroupRule", {
securityGroupId: securityGroupId,
direction: "ingress",
action: "allow",
ethertype: "IPv4",
ports: "80,500,600-800",
protocol: "tcp",
priority: 5,
remoteAddressGroupId: testAddressGroup.id,
});
configuration:
groupName:
type: dynamic
securityGroupId:
type: dynamic
resources:
testAddressGroup:
type: huaweicloud:Vpc:AddressGroup
properties:
addresses:
- 192.168.10.12
- 192.168.11.0-192.168.11.240
testSecgroupRule:
type: huaweicloud:Vpc:SecgroupRule
properties:
securityGroupId: ${securityGroupId}
direction: ingress
action: allow
ethertype: IPv4
ports: 80,500,600-800
protocol: tcp
priority: 5
remoteAddressGroupId: ${testAddressGroup.id}
Create SecgroupRule Resource {#create}
new SecgroupRule(name: string, args: SecgroupRuleArgs, opts?: CustomResourceOptions);
@overload
def SecgroupRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
description: Optional[str] = None,
direction: Optional[str] = None,
ethertype: Optional[str] = None,
port_range_max: Optional[int] = None,
port_range_min: Optional[int] = None,
ports: Optional[str] = None,
priority: Optional[int] = None,
protocol: Optional[str] = None,
region: Optional[str] = None,
remote_address_group_id: Optional[str] = None,
remote_group_id: Optional[str] = None,
remote_ip_prefix: Optional[str] = None,
security_group_id: Optional[str] = None)
@overload
def SecgroupRule(resource_name: str,
args: SecgroupRuleInitArgs,
opts: Optional[ResourceOptions] = None)
func NewSecgroupRule(ctx *Context, name string, args SecgroupRuleArgs, opts ...ResourceOption) (*SecgroupRule, error)
public SecgroupRule(string name, SecgroupRuleArgs args, CustomResourceOptions? opts = null)
public SecgroupRule(String name, SecgroupRuleArgs args)
public SecgroupRule(String name, SecgroupRuleArgs args, CustomResourceOptions options)
type: huaweicloud:Vpc:SecgroupRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecgroupRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SecgroupRuleInitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SecgroupRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SecgroupRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SecgroupRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
SecgroupRule Resource Properties {#properties}
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The SecgroupRule resource accepts the following input properties:
- Direction string
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype string
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
Security
Group stringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- Action string
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Description string
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
-
Port
Range intMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
Port
Range intMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- Ports string
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- Priority int
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Protocol string
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- Region string
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
Remote
Address stringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
Remote
Group stringId Specifies the remote group ID. Changing this creates a new security group rule.
-
Remote
Ip stringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- Direction string
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype string
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
Security
Group stringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- Action string
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Description string
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
-
Port
Range intMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
Port
Range intMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- Ports string
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- Priority int
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Protocol string
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- Region string
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
Remote
Address stringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
Remote
Group stringId Specifies the remote group ID. Changing this creates a new security group rule.
-
Remote
Ip stringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- direction String
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype String
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
security
Group StringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action String
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description String
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
-
port
Range IntegerMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port
Range IntegerMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports String
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority Integer
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol String
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region String
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote
Address StringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote
Group StringId Specifies the remote group ID. Changing this creates a new security group rule.
-
remote
Ip StringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- direction string
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype string
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
security
Group stringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action string
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description string
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
-
port
Range numberMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port
Range numberMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports string
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority number
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol string
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region string
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote
Address stringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote
Group stringId Specifies the remote group ID. Changing this creates a new security group rule.
-
remote
Ip stringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- direction str
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype str
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
security_
group_ strid Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action str
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description str
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
-
port_
range_ intmax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port_
range_ intmin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports str
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority int
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol str
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region str
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote_
address_ strgroup_ id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote_
group_ strid Specifies the remote group ID. Changing this creates a new security group rule.
-
remote_
ip_ strprefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- direction String
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype String
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
security
Group StringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action String
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description String
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
-
port
Range NumberMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port
Range NumberMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports String
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority Number
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol String
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region String
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote
Address StringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote
Group StringId Specifies the remote group ID. Changing this creates a new security group rule.
-
remote
Ip StringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecgroupRule resource produces the following output properties:
- Id string
The provider-assigned unique ID for this managed resource.
- Id string
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
- id string
The provider-assigned unique ID for this managed resource.
- id str
The provider-assigned unique ID for this managed resource.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing SecgroupRule Resource {#look-up}
Get an existing SecgroupRule resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecgroupRuleState, opts?: CustomResourceOptions): SecgroupRule
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
action: Optional[str] = None,
description: Optional[str] = None,
direction: Optional[str] = None,
ethertype: Optional[str] = None,
port_range_max: Optional[int] = None,
port_range_min: Optional[int] = None,
ports: Optional[str] = None,
priority: Optional[int] = None,
protocol: Optional[str] = None,
region: Optional[str] = None,
remote_address_group_id: Optional[str] = None,
remote_group_id: Optional[str] = None,
remote_ip_prefix: Optional[str] = None,
security_group_id: Optional[str] = None) -> SecgroupRule
func GetSecgroupRule(ctx *Context, name string, id IDInput, state *SecgroupRuleState, opts ...ResourceOption) (*SecgroupRule, error)
public static SecgroupRule Get(string name, Input<string> id, SecgroupRuleState? state, CustomResourceOptions? opts = null)
public static SecgroupRule get(String name, Output<String> id, SecgroupRuleState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Description string
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
- Direction string
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype string
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
Port
Range intMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
Port
Range intMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- Ports string
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- Priority int
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Protocol string
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- Region string
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
Remote
Address stringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
Remote
Group stringId Specifies the remote group ID. Changing this creates a new security group rule.
-
Remote
Ip stringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
-
Security
Group stringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- Action string
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Description string
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
- Direction string
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype string
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
Port
Range intMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
Port
Range intMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- Ports string
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- Priority int
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- Protocol string
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- Region string
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
Remote
Address stringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
Remote
Group stringId Specifies the remote group ID. Changing this creates a new security group rule.
-
Remote
Ip stringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
-
Security
Group stringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action String
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description String
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
- direction String
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype String
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
port
Range IntegerMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port
Range IntegerMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports String
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority Integer
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol String
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region String
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote
Address StringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote
Group StringId Specifies the remote group ID. Changing this creates a new security group rule.
-
remote
Ip StringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
-
security
Group StringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action string
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description string
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
- direction string
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype string
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
port
Range numberMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port
Range numberMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports string
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority number
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol string
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region string
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote
Address stringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote
Group stringId Specifies the remote group ID. Changing this creates a new security group rule.
-
remote
Ip stringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
-
security
Group stringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action str
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description str
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
- direction str
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype str
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
port_
range_ intmax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port_
range_ intmin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports str
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority int
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol str
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region str
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote_
address_ strgroup_ id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote_
group_ strid Specifies the remote group ID. Changing this creates a new security group rule.
-
remote_
ip_ strprefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
-
security_
group_ strid Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
- action String
Specifies the effective policy. The valid values are allow and deny. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- description String
Specifies the supplementary information about the networking security group rule. This parameter can contain a maximum of 255 characters and cannot contain angle brackets (< or >). Changing this creates a new security group rule.
- direction String
Specifies the direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype String
Specifies the layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
-
port
Range NumberMax Specifies the higher part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.-
port
Range NumberMin Specifies the lower part of the allowed port range, valid integer value needs to be between
1
and65,535
. Changing this creates a new security group rule. This parameter andports
are alternative.- ports String
Specifies the allowed port value range, which supports single port (80), continuous port (1-30) and discontinous port (22, 3389, 80) The valid port values is range form
1
to65,535
. Changing this creates a new security group rule.- priority Number
Specifies the priority number. The valid value is range from 1 to 100. The default value is 1. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.- protocol String
Specifies the layer 4 protocol type, valid values are tcp, udp, icmp and icmpv6. If omitted, the protocol means that all protocols are supported. This is required if you want to specify a port range. Changing this creates a new security group rule.
- region String
Specifies the region in which to create the security group rule resource. If omitted, the provider-level region will be used. Changing this creates a new security group rule.
-
remote
Address StringGroup Id Specifies the remote address group ID. This parameter is not used with
port_range_min
andport_range_max
. Changing this creates a new security group rule.-
remote
Group StringId Specifies the remote group ID. Changing this creates a new security group rule.
-
remote
Ip StringPrefix Specifies the remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
-
security
Group StringId Specifies the security group ID the rule should belong to. Changing this creates a new security group rule.
Import
Security Group Rules can be imported using the id
, e.g.
$ pulumi import huaweicloud:Vpc/secgroupRule:SecgroupRule secgroup_rule_1 aeb68ee3-6e9d-4256-955c-9584a6212745
Package Details
- Repository
- https://github.com/huaweicloud/pulumi-huaweicloud
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
huaweicloud
Terraform Provider.