github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/providers/alicloud/r/security_group_rule.html.markdown

github.com/vtorhonen/terraform@v0.9.0-beta2.0.20170307220345-5d894e4ffda7/website/source/docs/providers/alicloud/r/security_group_rule.html.markdown (about)

     1  ---
     2  layout: "alicloud"
     3  page_title: "Alicloud: alicloud_security_group_rule"
     4  sidebar_current: "docs-alicloud-resource-security-group-rule"
     5  description: |-
     6    Provides a Alicloud Security Group Rule resource.
     7  ---
     8  
     9  # alicloud\_security\_group\_rule
    10  
    11  Provides a security group rule resource.
    12  Represents a single `ingress` or `egress` group rule, which can be added to external Security Groups.
    13  
    14  ~> **NOTE:**  `nic_type` should set to `intranet` when security group type is `vpc`. In this situation it does not distinguish between intranet and internet, the rule is effective on them both.
    15  
    16  
    17  ## Example Usage
    18  
    19  Basic Usage
    20  
    21  ```
    22  resource "alicloud_security_group" "default" {
    23    name = "default"
    24  }
    25  
    26  resource "alicloud_security_group_rule" "allow_all_tcp" {
    27    type              = "ingress"
    28    ip_protocol       = "tcp"
    29    nic_type          = "internet"
    30    policy            = "accept"
    31    port_range        = "1/65535"
    32    priority          = 1
    33    security_group_id = "${alicloud_security_group.default.id}"
    34    cidr_ip           = "0.0.0.0/0"
    35  }
    36  ```
    37  
    38  ## Argument Reference
    39  
    40  The following arguments are supported:
    41  
    42  * `type` - (Required) The type of rule being created. Valid options are `ingress` (inbound) or `egress` (outbound).
    43  * `ip_protocol` - (Required) The protocol. Can be `tcp`, `udp`, `icmp`, `gre` or `all`.
    44  * `port_range` - (Required) The range of port numbers relevant to the IP protocol. When the protocol is tcp or udp, the default port number range is 1-65535. For example, `1/200` means that the range of the port numbers is 1-200.
    45  * `security_group_id` - (Required) The security group to apply this rule to.
    46  * `nic_type` - (Optional, Forces new resource) Network type, can be either `internet` or `intranet`, the default value is `internet`.
    47  * `policy` - (Optional, Forces new resource) Authorization policy, can be either `accept` or `drop`, the default value is `accept`.
    48  * `priority` - (Optional, Forces new resource) Authorization policy priority, with parameter values: `1-100`, default value: 1.
    49  * `cidr_ip` - (Optional, Forces new resource) The target IP address range. The default value is 0.0.0.0/0 (which means no restriction will be applied). Other supported formats include 10.159.6.18/12. Only IPv4 is supported.
    50  * `source_security_group_id` - (Optional, Forces new resource) The target security group ID within the same region. Either the `source_security_group_id` or `cidr_ip` must be set. If both are set, then `cidr_ip` is authorized by default. If this field is specified, but no `cidr_ip` is specified, the `nic_type` can only select `intranet`.
    51  * `source_group_owner_account` - (Optional, Forces new resource) The Alibaba Cloud user account Id of the target security group when security groups are authorized across accounts.  This parameter is invalid if `cidr_ip` has already been set.
    52  
    53  ## Attributes Reference
    54  
    55  The following attributes are exported:
    56  
    57  * `id` - The ID of the security group rule
    58  * `type` - The type of rule, `ingress` or `egress`
    59  * `name` - The name of the security group
    60  * `port_range` - The range of port numbers
    61  * `ip_protocol` - The protocol of the security group rule