Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Opentelekomcloud Provider
  3. API Docs
  4. CfwAclRuleV1
opentelekomcloud 1.36.38 published on Friday, May 9, 2025 by opentelekomcloud
opentelekomcloud/terraform-provider-opentelekomcloud

opentelekomcloud.CfwAclRuleV1

Explore with Pulumi AI

opentelekomcloud logo
opentelekomcloud 1.36.38 published on Friday, May 9, 2025 by opentelekomcloud
opentelekomcloud/terraform-provider-opentelekomcloud

    Up-to-date reference of API arguments for CFW ACL rule you can get at documentation portal

    Manages a CFW ACL rule resource within OpenTelekomCloud.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
import * as opentelekomcloud from "@pulumi/opentelekomcloud";

const config = new pulumi.Config();
const objectId = config.requireObject("objectId");
const rule1 = new opentelekomcloud.CfwAclRuleV1("rule1", {
    objectId: objectId,
    type: 0,
    sequence: {
        top: 1,
    },
    addressType: 0,
    actionType: 0,
    status: 1,
    longConnectEnable: 0,
    direction: 0,
    source: {
        type: 0,
        address: "1.1.1.1",
    },
    destination: {
        type: 0,
        address: "2.2.2.2",
    },
    service: {
        type: 0,
        protocol: -1,
    },
});

    import pulumi
import pulumi_opentelekomcloud as opentelekomcloud

config = pulumi.Config()
object_id = config.require_object("objectId")
rule1 = opentelekomcloud.CfwAclRuleV1("rule1",
    object_id=object_id,
    type=0,
    sequence={
        "top": 1,
    },
    address_type=0,
    action_type=0,
    status=1,
    long_connect_enable=0,
    direction=0,
    source={
        "type": 0,
        "address": "1.1.1.1",
    },
    destination={
        "type": 0,
        "address": "2.2.2.2",
    },
    service={
        "type": 0,
        "protocol": -1,
    })

    package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/opentelekomcloud/opentelekomcloud"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		objectId := cfg.RequireObject("objectId")
		_, err := opentelekomcloud.NewCfwAclRuleV1(ctx, "rule1", &opentelekomcloud.CfwAclRuleV1Args{
			ObjectId: pulumi.Any(objectId),
			Type:     pulumi.Float64(0),
			Sequence: &opentelekomcloud.CfwAclRuleV1SequenceArgs{
				Top: pulumi.Float64(1),
			},
			AddressType:       pulumi.Float64(0),
			ActionType:        pulumi.Float64(0),
			Status:            pulumi.Float64(1),
			LongConnectEnable: pulumi.Float64(0),
			Direction:         pulumi.Float64(0),
			Source: &opentelekomcloud.CfwAclRuleV1SourceArgs{
				Type:    pulumi.Float64(0),
				Address: pulumi.String("1.1.1.1"),
			},
			Destination: &opentelekomcloud.CfwAclRuleV1DestinationArgs{
				Type:    pulumi.Float64(0),
				Address: pulumi.String("2.2.2.2"),
			},
			Service: &opentelekomcloud.CfwAclRuleV1ServiceArgs{
				Type:     pulumi.Float64(0),
				Protocol: pulumi.Float64(-1),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Opentelekomcloud = Pulumi.Opentelekomcloud;

return await Deployment.RunAsync(() => 
{
    var config = new Config();
    var objectId = config.RequireObject<dynamic>("objectId");
    var rule1 = new Opentelekomcloud.CfwAclRuleV1("rule1", new()
    {
        ObjectId = objectId,
        Type = 0,
        Sequence = new Opentelekomcloud.Inputs.CfwAclRuleV1SequenceArgs
        {
            Top = 1,
        },
        AddressType = 0,
        ActionType = 0,
        Status = 1,
        LongConnectEnable = 0,
        Direction = 0,
        Source = new Opentelekomcloud.Inputs.CfwAclRuleV1SourceArgs
        {
            Type = 0,
            Address = "1.1.1.1",
        },
        Destination = new Opentelekomcloud.Inputs.CfwAclRuleV1DestinationArgs
        {
            Type = 0,
            Address = "2.2.2.2",
        },
        Service = new Opentelekomcloud.Inputs.CfwAclRuleV1ServiceArgs
        {
            Type = 0,
            Protocol = -1,
        },
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.opentelekomcloud.CfwAclRuleV1;
import com.pulumi.opentelekomcloud.CfwAclRuleV1Args;
import com.pulumi.opentelekomcloud.inputs.CfwAclRuleV1SequenceArgs;
import com.pulumi.opentelekomcloud.inputs.CfwAclRuleV1SourceArgs;
import com.pulumi.opentelekomcloud.inputs.CfwAclRuleV1DestinationArgs;
import com.pulumi.opentelekomcloud.inputs.CfwAclRuleV1ServiceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var config = ctx.config();
        final var objectId = config.get("objectId");
        var rule1 = new CfwAclRuleV1("rule1", CfwAclRuleV1Args.builder()
            .objectId(objectId)
            .type(0)
            .sequence(CfwAclRuleV1SequenceArgs.builder()
                .top(1)
                .build())
            .addressType(0)
            .actionType(0)
            .status(1)
            .longConnectEnable(0)
            .direction(0)
            .source(CfwAclRuleV1SourceArgs.builder()
                .type(0)
                .address("1.1.1.1")
                .build())
            .destination(CfwAclRuleV1DestinationArgs.builder()
                .type(0)
                .address("2.2.2.2")
                .build())
            .service(CfwAclRuleV1ServiceArgs.builder()
                .type(0)
                .protocol(-1)
                .build())
            .build());

    }
}

    configuration:
  objectId:
    type: dynamic
resources:
  rule1:
    type: opentelekomcloud:CfwAclRuleV1
    properties:
      objectId: ${objectId}
      type: 0
      sequence:
        top: 1
      addressType: 0
      actionType: 0
      status: 1
      longConnectEnable: 0
      direction: 0
      source:
        type: 0
        address: 1.1.1.1
      destination:
        type: 0
        address: 2.2.2.2
      service:
        type: 0
        protocol: -1

    Notes

    But due to some attributes missing from the API response, it’s required to ignore changes as below:

    Coming soon!

    Coming soon!

    Coming soon!

    Coming soon!

    Coming soon!

    resources:
  rule1:
    type: opentelekomcloud:CfwAclRuleV1
    properties:
      lifecycle:
        ignoreChanges:
          - applications
          - applicationsJsonString
          - applicationsJsonString
          - destination.predefinedGroups
          - sequence
          - service.predefinedGroups
          - source.predefinedGroups

    Create CfwAclRuleV1 Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CfwAclRuleV1(name: string, args: CfwAclRuleV1Args, opts?: CustomResourceOptions);
    @overload
def CfwAclRuleV1(resource_name: str,
                 args: CfwAclRuleV1Args,
                 opts: Optional[ResourceOptions] = None)

@overload
def CfwAclRuleV1(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 service: Optional[CfwAclRuleV1ServiceArgs] = None,
                 address_type: Optional[float] = None,
                 type: Optional[float] = None,
                 status: Optional[float] = None,
                 source: Optional[CfwAclRuleV1SourceArgs] = None,
                 destination: Optional[CfwAclRuleV1DestinationArgs] = None,
                 action_type: Optional[float] = None,
                 long_connect_enable: Optional[float] = None,
                 sequence: Optional[CfwAclRuleV1SequenceArgs] = None,
                 object_id: Optional[str] = None,
                 name: Optional[str] = None,
                 long_connect_time_second: Optional[float] = None,
                 long_connect_time_minute: Optional[float] = None,
                 long_connect_time: Optional[float] = None,
                 long_connect_time_hour: Optional[float] = None,
                 direction: Optional[float] = None,
                 description: Optional[str] = None,
                 applications_json_string: Optional[str] = None,
                 timeouts: Optional[CfwAclRuleV1TimeoutsArgs] = None,
                 applications: Optional[Sequence[str]] = None)
    func NewCfwAclRuleV1(ctx *Context, name string, args CfwAclRuleV1Args, opts ...ResourceOption) (*CfwAclRuleV1, error)
    public CfwAclRuleV1(string name, CfwAclRuleV1Args args, CustomResourceOptions? opts = null)
    public CfwAclRuleV1(String name, CfwAclRuleV1Args args)
public CfwAclRuleV1(String name, CfwAclRuleV1Args args, CustomResourceOptions options)

    type: opentelekomcloud:CfwAclRuleV1
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args CfwAclRuleV1Args
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CfwAclRuleV1Args
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CfwAclRuleV1Args
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CfwAclRuleV1Args
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CfwAclRuleV1Args
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var cfwAclRuleV1Resource = new Opentelekomcloud.CfwAclRuleV1("cfwAclRuleV1Resource", new()
{
    Service = new Opentelekomcloud.Inputs.CfwAclRuleV1ServiceArgs
    {
        Type = 0,
        CustomServices = new[]
        {
            new Opentelekomcloud.Inputs.CfwAclRuleV1ServiceCustomServiceArgs
            {
                Description = "string",
                DestPort = "string",
                Name = "string",
                Protocol = 0,
                SourcePort = "string",
            },
        },
        DestPort = "string",
        PredefinedGroups = new[]
        {
            "string",
        },
        Protocol = 0,
        Protocols = new[]
        {
            0,
        },
        ServiceGroupNames = new[]
        {
            new Opentelekomcloud.Inputs.CfwAclRuleV1ServiceServiceGroupNameArgs
            {
                Name = "string",
                Protocols = new[]
                {
                    0,
                },
                ServiceSetType = 0,
                SetId = "string",
            },
        },
        ServiceGroups = new[]
        {
            "string",
        },
        ServiceSetId = "string",
        ServiceSetName = "string",
        ServiceSetType = 0,
        SourcePort = "string",
    },
    AddressType = 0,
    Type = 0,
    Status = 0,
    Source = new Opentelekomcloud.Inputs.CfwAclRuleV1SourceArgs
    {
        Type = 0,
        DomainAddressName = "string",
        AddressSetId = "string",
        AddressSetName = "string",
        AddressSetType = 0,
        AddressType = 0,
        Address = "string",
        DomainSetId = "string",
        DomainSetName = "string",
        IpAddresses = new[]
        {
            "string",
        },
        PredefinedGroups = new[]
        {
            "string",
        },
        RegionListJson = "string",
        RegionLists = new[]
        {
            new Opentelekomcloud.Inputs.CfwAclRuleV1SourceRegionListArgs
            {
                RegionId = "string",
                RegionType = 0,
            },
        },
        AddressGroups = new[]
        {
            "string",
        },
    },
    Destination = new Opentelekomcloud.Inputs.CfwAclRuleV1DestinationArgs
    {
        Type = 0,
        DomainAddressName = "string",
        AddressSetId = "string",
        AddressSetName = "string",
        AddressSetType = 0,
        AddressType = 0,
        Address = "string",
        DomainSetId = "string",
        DomainSetName = "string",
        IpAddresses = new[]
        {
            "string",
        },
        PredefinedGroups = new[]
        {
            "string",
        },
        RegionListJson = "string",
        RegionLists = new[]
        {
            new Opentelekomcloud.Inputs.CfwAclRuleV1DestinationRegionListArgs
            {
                RegionId = "string",
                RegionType = 0,
            },
        },
        AddressGroups = new[]
        {
            "string",
        },
    },
    ActionType = 0,
    LongConnectEnable = 0,
    Sequence = new Opentelekomcloud.Inputs.CfwAclRuleV1SequenceArgs
    {
        Bottom = 0,
        DestRuleId = "string",
        Top = 0,
    },
    ObjectId = "string",
    Name = "string",
    LongConnectTimeSecond = 0,
    LongConnectTimeMinute = 0,
    LongConnectTime = 0,
    LongConnectTimeHour = 0,
    Direction = 0,
    Description = "string",
    ApplicationsJsonString = "string",
    Timeouts = new Opentelekomcloud.Inputs.CfwAclRuleV1TimeoutsArgs
    {
        Create = "string",
        Delete = "string",
        Update = "string",
    },
    Applications = new[]
    {
        "string",
    },
});

    example, err := opentelekomcloud.NewCfwAclRuleV1(ctx, "cfwAclRuleV1Resource", &opentelekomcloud.CfwAclRuleV1Args{
	Service: &opentelekomcloud.CfwAclRuleV1ServiceArgs{
		Type: pulumi.Float64(0),
		CustomServices: opentelekomcloud.CfwAclRuleV1ServiceCustomServiceArray{
			&opentelekomcloud.CfwAclRuleV1ServiceCustomServiceArgs{
				Description: pulumi.String("string"),
				DestPort:    pulumi.String("string"),
				Name:        pulumi.String("string"),
				Protocol:    pulumi.Float64(0),
				SourcePort:  pulumi.String("string"),
			},
		},
		DestPort: pulumi.String("string"),
		PredefinedGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
		Protocol: pulumi.Float64(0),
		Protocols: pulumi.Float64Array{
			pulumi.Float64(0),
		},
		ServiceGroupNames: opentelekomcloud.CfwAclRuleV1ServiceServiceGroupNameArray{
			&opentelekomcloud.CfwAclRuleV1ServiceServiceGroupNameArgs{
				Name: pulumi.String("string"),
				Protocols: pulumi.Float64Array{
					pulumi.Float64(0),
				},
				ServiceSetType: pulumi.Float64(0),
				SetId:          pulumi.String("string"),
			},
		},
		ServiceGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
		ServiceSetId:   pulumi.String("string"),
		ServiceSetName: pulumi.String("string"),
		ServiceSetType: pulumi.Float64(0),
		SourcePort:     pulumi.String("string"),
	},
	AddressType: pulumi.Float64(0),
	Type:        pulumi.Float64(0),
	Status:      pulumi.Float64(0),
	Source: &opentelekomcloud.CfwAclRuleV1SourceArgs{
		Type:              pulumi.Float64(0),
		DomainAddressName: pulumi.String("string"),
		AddressSetId:      pulumi.String("string"),
		AddressSetName:    pulumi.String("string"),
		AddressSetType:    pulumi.Float64(0),
		AddressType:       pulumi.Float64(0),
		Address:           pulumi.String("string"),
		DomainSetId:       pulumi.String("string"),
		DomainSetName:     pulumi.String("string"),
		IpAddresses: pulumi.StringArray{
			pulumi.String("string"),
		},
		PredefinedGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
		RegionListJson: pulumi.String("string"),
		RegionLists: opentelekomcloud.CfwAclRuleV1SourceRegionListArray{
			&opentelekomcloud.CfwAclRuleV1SourceRegionListArgs{
				RegionId:   pulumi.String("string"),
				RegionType: pulumi.Float64(0),
			},
		},
		AddressGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
	},
	Destination: &opentelekomcloud.CfwAclRuleV1DestinationArgs{
		Type:              pulumi.Float64(0),
		DomainAddressName: pulumi.String("string"),
		AddressSetId:      pulumi.String("string"),
		AddressSetName:    pulumi.String("string"),
		AddressSetType:    pulumi.Float64(0),
		AddressType:       pulumi.Float64(0),
		Address:           pulumi.String("string"),
		DomainSetId:       pulumi.String("string"),
		DomainSetName:     pulumi.String("string"),
		IpAddresses: pulumi.StringArray{
			pulumi.String("string"),
		},
		PredefinedGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
		RegionListJson: pulumi.String("string"),
		RegionLists: opentelekomcloud.CfwAclRuleV1DestinationRegionListArray{
			&opentelekomcloud.CfwAclRuleV1DestinationRegionListArgs{
				RegionId:   pulumi.String("string"),
				RegionType: pulumi.Float64(0),
			},
		},
		AddressGroups: pulumi.StringArray{
			pulumi.String("string"),
		},
	},
	ActionType:        pulumi.Float64(0),
	LongConnectEnable: pulumi.Float64(0),
	Sequence: &opentelekomcloud.CfwAclRuleV1SequenceArgs{
		Bottom:     pulumi.Float64(0),
		DestRuleId: pulumi.String("string"),
		Top:        pulumi.Float64(0),
	},
	ObjectId:               pulumi.String("string"),
	Name:                   pulumi.String("string"),
	LongConnectTimeSecond:  pulumi.Float64(0),
	LongConnectTimeMinute:  pulumi.Float64(0),
	LongConnectTime:        pulumi.Float64(0),
	LongConnectTimeHour:    pulumi.Float64(0),
	Direction:              pulumi.Float64(0),
	Description:            pulumi.String("string"),
	ApplicationsJsonString: pulumi.String("string"),
	Timeouts: &opentelekomcloud.CfwAclRuleV1TimeoutsArgs{
		Create: pulumi.String("string"),
		Delete: pulumi.String("string"),
		Update: pulumi.String("string"),
	},
	Applications: pulumi.StringArray{
		pulumi.String("string"),
	},
})

    var cfwAclRuleV1Resource = new CfwAclRuleV1("cfwAclRuleV1Resource", CfwAclRuleV1Args.builder()
    .service(CfwAclRuleV1ServiceArgs.builder()
        .type(0.0)
        .customServices(CfwAclRuleV1ServiceCustomServiceArgs.builder()
            .description("string")
            .destPort("string")
            .name("string")
            .protocol(0.0)
            .sourcePort("string")
            .build())
        .destPort("string")
        .predefinedGroups("string")
        .protocol(0.0)
        .protocols(0.0)
        .serviceGroupNames(CfwAclRuleV1ServiceServiceGroupNameArgs.builder()
            .name("string")
            .protocols(0.0)
            .serviceSetType(0.0)
            .setId("string")
            .build())
        .serviceGroups("string")
        .serviceSetId("string")
        .serviceSetName("string")
        .serviceSetType(0.0)
        .sourcePort("string")
        .build())
    .addressType(0.0)
    .type(0.0)
    .status(0.0)
    .source(CfwAclRuleV1SourceArgs.builder()
        .type(0.0)
        .domainAddressName("string")
        .addressSetId("string")
        .addressSetName("string")
        .addressSetType(0.0)
        .addressType(0.0)
        .address("string")
        .domainSetId("string")
        .domainSetName("string")
        .ipAddresses("string")
        .predefinedGroups("string")
        .regionListJson("string")
        .regionLists(CfwAclRuleV1SourceRegionListArgs.builder()
            .regionId("string")
            .regionType(0.0)
            .build())
        .addressGroups("string")
        .build())
    .destination(CfwAclRuleV1DestinationArgs.builder()
        .type(0.0)
        .domainAddressName("string")
        .addressSetId("string")
        .addressSetName("string")
        .addressSetType(0.0)
        .addressType(0.0)
        .address("string")
        .domainSetId("string")
        .domainSetName("string")
        .ipAddresses("string")
        .predefinedGroups("string")
        .regionListJson("string")
        .regionLists(CfwAclRuleV1DestinationRegionListArgs.builder()
            .regionId("string")
            .regionType(0.0)
            .build())
        .addressGroups("string")
        .build())
    .actionType(0.0)
    .longConnectEnable(0.0)
    .sequence(CfwAclRuleV1SequenceArgs.builder()
        .bottom(0.0)
        .destRuleId("string")
        .top(0.0)
        .build())
    .objectId("string")
    .name("string")
    .longConnectTimeSecond(0.0)
    .longConnectTimeMinute(0.0)
    .longConnectTime(0.0)
    .longConnectTimeHour(0.0)
    .direction(0.0)
    .description("string")
    .applicationsJsonString("string")
    .timeouts(CfwAclRuleV1TimeoutsArgs.builder()
        .create("string")
        .delete("string")
        .update("string")
        .build())
    .applications("string")
    .build());

    cfw_acl_rule_v1_resource = opentelekomcloud.CfwAclRuleV1("cfwAclRuleV1Resource",
    service={
        "type": 0,
        "custom_services": [{
            "description": "string",
            "dest_port": "string",
            "name": "string",
            "protocol": 0,
            "source_port": "string",
        }],
        "dest_port": "string",
        "predefined_groups": ["string"],
        "protocol": 0,
        "protocols": [0],
        "service_group_names": [{
            "name": "string",
            "protocols": [0],
            "service_set_type": 0,
            "set_id": "string",
        }],
        "service_groups": ["string"],
        "service_set_id": "string",
        "service_set_name": "string",
        "service_set_type": 0,
        "source_port": "string",
    },
    address_type=0,
    type=0,
    status=0,
    source={
        "type": 0,
        "domain_address_name": "string",
        "address_set_id": "string",
        "address_set_name": "string",
        "address_set_type": 0,
        "address_type": 0,
        "address": "string",
        "domain_set_id": "string",
        "domain_set_name": "string",
        "ip_addresses": ["string"],
        "predefined_groups": ["string"],
        "region_list_json": "string",
        "region_lists": [{
            "region_id": "string",
            "region_type": 0,
        }],
        "address_groups": ["string"],
    },
    destination={
        "type": 0,
        "domain_address_name": "string",
        "address_set_id": "string",
        "address_set_name": "string",
        "address_set_type": 0,
        "address_type": 0,
        "address": "string",
        "domain_set_id": "string",
        "domain_set_name": "string",
        "ip_addresses": ["string"],
        "predefined_groups": ["string"],
        "region_list_json": "string",
        "region_lists": [{
            "region_id": "string",
            "region_type": 0,
        }],
        "address_groups": ["string"],
    },
    action_type=0,
    long_connect_enable=0,
    sequence={
        "bottom": 0,
        "dest_rule_id": "string",
        "top": 0,
    },
    object_id="string",
    name="string",
    long_connect_time_second=0,
    long_connect_time_minute=0,
    long_connect_time=0,
    long_connect_time_hour=0,
    direction=0,
    description="string",
    applications_json_string="string",
    timeouts={
        "create": "string",
        "delete": "string",
        "update": "string",
    },
    applications=["string"])

    const cfwAclRuleV1Resource = new opentelekomcloud.CfwAclRuleV1("cfwAclRuleV1Resource", {
    service: {
        type: 0,
        customServices: [{
            description: "string",
            destPort: "string",
            name: "string",
            protocol: 0,
            sourcePort: "string",
        }],
        destPort: "string",
        predefinedGroups: ["string"],
        protocol: 0,
        protocols: [0],
        serviceGroupNames: [{
            name: "string",
            protocols: [0],
            serviceSetType: 0,
            setId: "string",
        }],
        serviceGroups: ["string"],
        serviceSetId: "string",
        serviceSetName: "string",
        serviceSetType: 0,
        sourcePort: "string",
    },
    addressType: 0,
    type: 0,
    status: 0,
    source: {
        type: 0,
        domainAddressName: "string",
        addressSetId: "string",
        addressSetName: "string",
        addressSetType: 0,
        addressType: 0,
        address: "string",
        domainSetId: "string",
        domainSetName: "string",
        ipAddresses: ["string"],
        predefinedGroups: ["string"],
        regionListJson: "string",
        regionLists: [{
            regionId: "string",
            regionType: 0,
        }],
        addressGroups: ["string"],
    },
    destination: {
        type: 0,
        domainAddressName: "string",
        addressSetId: "string",
        addressSetName: "string",
        addressSetType: 0,
        addressType: 0,
        address: "string",
        domainSetId: "string",
        domainSetName: "string",
        ipAddresses: ["string"],
        predefinedGroups: ["string"],
        regionListJson: "string",
        regionLists: [{
            regionId: "string",
            regionType: 0,
        }],
        addressGroups: ["string"],
    },
    actionType: 0,
    longConnectEnable: 0,
    sequence: {
        bottom: 0,
        destRuleId: "string",
        top: 0,
    },
    objectId: "string",
    name: "string",
    longConnectTimeSecond: 0,
    longConnectTimeMinute: 0,
    longConnectTime: 0,
    longConnectTimeHour: 0,
    direction: 0,
    description: "string",
    applicationsJsonString: "string",
    timeouts: {
        create: "string",
        "delete": "string",
        update: "string",
    },
    applications: ["string"],
});

    type: opentelekomcloud:CfwAclRuleV1
properties:
    actionType: 0
    addressType: 0
    applications:
        - string
    applicationsJsonString: string
    description: string
    destination:
        address: string
        addressGroups:
            - string
        addressSetId: string
        addressSetName: string
        addressSetType: 0
        addressType: 0
        domainAddressName: string
        domainSetId: string
        domainSetName: string
        ipAddresses:
            - string
        predefinedGroups:
            - string
        regionListJson: string
        regionLists:
            - regionId: string
              regionType: 0
        type: 0
    direction: 0
    longConnectEnable: 0
    longConnectTime: 0
    longConnectTimeHour: 0
    longConnectTimeMinute: 0
    longConnectTimeSecond: 0
    name: string
    objectId: string
    sequence:
        bottom: 0
        destRuleId: string
        top: 0
    service:
        customServices:
            - description: string
              destPort: string
              name: string
              protocol: 0
              sourcePort: string
        destPort: string
        predefinedGroups:
            - string
        protocol: 0
        protocols:
            - 0
        serviceGroupNames:
            - name: string
              protocols:
                - 0
              serviceSetType: 0
              setId: string
        serviceGroups:
            - string
        serviceSetId: string
        serviceSetName: string
        serviceSetType: 0
        sourcePort: string
        type: 0
    source:
        address: string
        addressGroups:
            - string
        addressSetId: string
        addressSetName: string
        addressSetType: 0
        addressType: 0
        domainAddressName: string
        domainSetId: string
        domainSetName: string
        ipAddresses:
            - string
        predefinedGroups:
            - string
        regionListJson: string
        regionLists:
            - regionId: string
              regionType: 0
        type: 0
    status: 0
    timeouts:
        create: string
        delete: string
        update: string
    type: 0

    CfwAclRuleV1 Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The CfwAclRuleV1 resource accepts the following input properties:

    ActionType double
    Specifies the rule action: 0 (permit), 1 (deny).
    AddressType double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    Destination CfwAclRuleV1Destination
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    LongConnectEnable double
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    ObjectId string
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    Sequence CfwAclRuleV1Sequence
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    Service CfwAclRuleV1Service

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    Source CfwAclRuleV1Source
    Specifies the source address Data Transport Object. The source structure is documented below.
    Status double
    Specifies the rule status: 0 (disabled), 1 (enabled).
    Type double
    Specifies the service input type: 0 (manual), 1 (automatic).
    Applications List<string>
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    ApplicationsJsonString string
    Specifies the JSON string converted from the applications field in the application list.
    Description string
    Specifies the description of the rule.
    Direction double
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    LongConnectTime double
    Specifies the persistent connection duration.
    LongConnectTimeHour double
    Specifies the persistent connection duration (hour).
    LongConnectTimeMinute double
    Specifies the persistent connection duration (minute).
    LongConnectTimeSecond double
    Specifies the persistent connection duration (second).
    Name string
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    Timeouts CfwAclRuleV1Timeouts
    ActionType float64
    Specifies the rule action: 0 (permit), 1 (deny).
    AddressType float64
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    Destination CfwAclRuleV1DestinationArgs
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    LongConnectEnable float64
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    ObjectId string
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    Sequence CfwAclRuleV1SequenceArgs
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    Service CfwAclRuleV1ServiceArgs

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    Source CfwAclRuleV1SourceArgs
    Specifies the source address Data Transport Object. The source structure is documented below.
    Status float64
    Specifies the rule status: 0 (disabled), 1 (enabled).
    Type float64
    Specifies the service input type: 0 (manual), 1 (automatic).
    Applications []string
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    ApplicationsJsonString string
    Specifies the JSON string converted from the applications field in the application list.
    Description string
    Specifies the description of the rule.
    Direction float64
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    LongConnectTime float64
    Specifies the persistent connection duration.
    LongConnectTimeHour float64
    Specifies the persistent connection duration (hour).
    LongConnectTimeMinute float64
    Specifies the persistent connection duration (minute).
    LongConnectTimeSecond float64
    Specifies the persistent connection duration (second).
    Name string
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    Timeouts CfwAclRuleV1TimeoutsArgs
    actionType Double
    Specifies the rule action: 0 (permit), 1 (deny).
    addressType Double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    destination CfwAclRuleV1Destination
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    longConnectEnable Double
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    objectId String
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence CfwAclRuleV1Sequence
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service CfwAclRuleV1Service

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source CfwAclRuleV1Source
    Specifies the source address Data Transport Object. The source structure is documented below.
    status Double
    Specifies the rule status: 0 (disabled), 1 (enabled).
    type Double
    Specifies the service input type: 0 (manual), 1 (automatic).
    applications List<String>
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applicationsJsonString String
    Specifies the JSON string converted from the applications field in the application list.
    description String
    Specifies the description of the rule.
    direction Double
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    longConnectTime Double
    Specifies the persistent connection duration.
    longConnectTimeHour Double
    Specifies the persistent connection duration (hour).
    longConnectTimeMinute Double
    Specifies the persistent connection duration (minute).
    longConnectTimeSecond Double
    Specifies the persistent connection duration (second).
    name String
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    timeouts CfwAclRuleV1Timeouts
    actionType number
    Specifies the rule action: 0 (permit), 1 (deny).
    addressType number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    destination CfwAclRuleV1Destination
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    longConnectEnable number
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    objectId string
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence CfwAclRuleV1Sequence
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service CfwAclRuleV1Service

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source CfwAclRuleV1Source
    Specifies the source address Data Transport Object. The source structure is documented below.
    status number
    Specifies the rule status: 0 (disabled), 1 (enabled).
    type number
    Specifies the service input type: 0 (manual), 1 (automatic).
    applications string[]
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applicationsJsonString string
    Specifies the JSON string converted from the applications field in the application list.
    description string
    Specifies the description of the rule.
    direction number
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    longConnectTime number
    Specifies the persistent connection duration.
    longConnectTimeHour number
    Specifies the persistent connection duration (hour).
    longConnectTimeMinute number
    Specifies the persistent connection duration (minute).
    longConnectTimeSecond number
    Specifies the persistent connection duration (second).
    name string
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    timeouts CfwAclRuleV1Timeouts
    action_type float
    Specifies the rule action: 0 (permit), 1 (deny).
    address_type float
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    destination CfwAclRuleV1DestinationArgs
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    long_connect_enable float
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    object_id str
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence CfwAclRuleV1SequenceArgs
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service CfwAclRuleV1ServiceArgs

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source CfwAclRuleV1SourceArgs
    Specifies the source address Data Transport Object. The source structure is documented below.
    status float
    Specifies the rule status: 0 (disabled), 1 (enabled).
    type float
    Specifies the service input type: 0 (manual), 1 (automatic).
    applications Sequence[str]
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applications_json_string str
    Specifies the JSON string converted from the applications field in the application list.
    description str
    Specifies the description of the rule.
    direction float
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    long_connect_time float
    Specifies the persistent connection duration.
    long_connect_time_hour float
    Specifies the persistent connection duration (hour).
    long_connect_time_minute float
    Specifies the persistent connection duration (minute).
    long_connect_time_second float
    Specifies the persistent connection duration (second).
    name str
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    timeouts CfwAclRuleV1TimeoutsArgs
    actionType Number
    Specifies the rule action: 0 (permit), 1 (deny).
    addressType Number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    destination Property Map
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    longConnectEnable Number
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    objectId String
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence Property Map
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service Property Map

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source Property Map
    Specifies the source address Data Transport Object. The source structure is documented below.
    status Number
    Specifies the rule status: 0 (disabled), 1 (enabled).
    type Number
    Specifies the service input type: 0 (manual), 1 (automatic).
    applications List<String>
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applicationsJsonString String
    Specifies the JSON string converted from the applications field in the application list.
    description String
    Specifies the description of the rule.
    direction Number
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    longConnectTime Number
    Specifies the persistent connection duration.
    longConnectTimeHour Number
    Specifies the persistent connection duration (hour).
    longConnectTimeMinute Number
    Specifies the persistent connection duration (minute).
    longConnectTimeSecond Number
    Specifies the persistent connection duration (second).
    name String
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    timeouts Property Map

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CfwAclRuleV1 resource produces the following output properties:

    CreatedDate string
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastOpenTime string
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    CreatedDate string
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    Id string
    The provider-assigned unique ID for this managed resource.
    LastOpenTime string
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    createdDate String
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    id String
    The provider-assigned unique ID for this managed resource.
    lastOpenTime String
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    createdDate string
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    id string
    The provider-assigned unique ID for this managed resource.
    lastOpenTime string
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    created_date str
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    id str
    The provider-assigned unique ID for this managed resource.
    last_open_time str
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    createdDate String
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    id String
    The provider-assigned unique ID for this managed resource.
    lastOpenTime String
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.

    Look up Existing CfwAclRuleV1 Resource

    Get an existing CfwAclRuleV1 resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CfwAclRuleV1State, opts?: CustomResourceOptions): CfwAclRuleV1
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action_type: Optional[float] = None,
        address_type: Optional[float] = None,
        applications: Optional[Sequence[str]] = None,
        applications_json_string: Optional[str] = None,
        created_date: Optional[str] = None,
        description: Optional[str] = None,
        destination: Optional[CfwAclRuleV1DestinationArgs] = None,
        direction: Optional[float] = None,
        last_open_time: Optional[str] = None,
        long_connect_enable: Optional[float] = None,
        long_connect_time: Optional[float] = None,
        long_connect_time_hour: Optional[float] = None,
        long_connect_time_minute: Optional[float] = None,
        long_connect_time_second: Optional[float] = None,
        name: Optional[str] = None,
        object_id: Optional[str] = None,
        sequence: Optional[CfwAclRuleV1SequenceArgs] = None,
        service: Optional[CfwAclRuleV1ServiceArgs] = None,
        source: Optional[CfwAclRuleV1SourceArgs] = None,
        status: Optional[float] = None,
        timeouts: Optional[CfwAclRuleV1TimeoutsArgs] = None,
        type: Optional[float] = None) -> CfwAclRuleV1
    func GetCfwAclRuleV1(ctx *Context, name string, id IDInput, state *CfwAclRuleV1State, opts ...ResourceOption) (*CfwAclRuleV1, error)
    public static CfwAclRuleV1 Get(string name, Input<string> id, CfwAclRuleV1State? state, CustomResourceOptions? opts = null)
    public static CfwAclRuleV1 get(String name, Output<String> id, CfwAclRuleV1State state, CustomResourceOptions options)
    resources:  _:    type: opentelekomcloud:CfwAclRuleV1    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    ActionType double
    Specifies the rule action: 0 (permit), 1 (deny).
    AddressType double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    Applications List<string>
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    ApplicationsJsonString string
    Specifies the JSON string converted from the applications field in the application list.
    CreatedDate string
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    Description string
    Specifies the description of the rule.
    Destination CfwAclRuleV1Destination
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    Direction double
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    LastOpenTime string
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    LongConnectEnable double
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    LongConnectTime double
    Specifies the persistent connection duration.
    LongConnectTimeHour double
    Specifies the persistent connection duration (hour).
    LongConnectTimeMinute double
    Specifies the persistent connection duration (minute).
    LongConnectTimeSecond double
    Specifies the persistent connection duration (second).
    Name string
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    ObjectId string
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    Sequence CfwAclRuleV1Sequence
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    Service CfwAclRuleV1Service

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    Source CfwAclRuleV1Source
    Specifies the source address Data Transport Object. The source structure is documented below.
    Status double
    Specifies the rule status: 0 (disabled), 1 (enabled).
    Timeouts CfwAclRuleV1Timeouts
    Type double
    Specifies the service input type: 0 (manual), 1 (automatic).
    ActionType float64
    Specifies the rule action: 0 (permit), 1 (deny).
    AddressType float64
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    Applications []string
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    ApplicationsJsonString string
    Specifies the JSON string converted from the applications field in the application list.
    CreatedDate string
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    Description string
    Specifies the description of the rule.
    Destination CfwAclRuleV1DestinationArgs
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    Direction float64
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    LastOpenTime string
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    LongConnectEnable float64
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    LongConnectTime float64
    Specifies the persistent connection duration.
    LongConnectTimeHour float64
    Specifies the persistent connection duration (hour).
    LongConnectTimeMinute float64
    Specifies the persistent connection duration (minute).
    LongConnectTimeSecond float64
    Specifies the persistent connection duration (second).
    Name string
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    ObjectId string
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    Sequence CfwAclRuleV1SequenceArgs
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    Service CfwAclRuleV1ServiceArgs

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    Source CfwAclRuleV1SourceArgs
    Specifies the source address Data Transport Object. The source structure is documented below.
    Status float64
    Specifies the rule status: 0 (disabled), 1 (enabled).
    Timeouts CfwAclRuleV1TimeoutsArgs
    Type float64
    Specifies the service input type: 0 (manual), 1 (automatic).
    actionType Double
    Specifies the rule action: 0 (permit), 1 (deny).
    addressType Double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    applications List<String>
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applicationsJsonString String
    Specifies the JSON string converted from the applications field in the application list.
    createdDate String
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    description String
    Specifies the description of the rule.
    destination CfwAclRuleV1Destination
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    direction Double
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    lastOpenTime String
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    longConnectEnable Double
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    longConnectTime Double
    Specifies the persistent connection duration.
    longConnectTimeHour Double
    Specifies the persistent connection duration (hour).
    longConnectTimeMinute Double
    Specifies the persistent connection duration (minute).
    longConnectTimeSecond Double
    Specifies the persistent connection duration (second).
    name String
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    objectId String
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence CfwAclRuleV1Sequence
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service CfwAclRuleV1Service

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source CfwAclRuleV1Source
    Specifies the source address Data Transport Object. The source structure is documented below.
    status Double
    Specifies the rule status: 0 (disabled), 1 (enabled).
    timeouts CfwAclRuleV1Timeouts
    type Double
    Specifies the service input type: 0 (manual), 1 (automatic).
    actionType number
    Specifies the rule action: 0 (permit), 1 (deny).
    addressType number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    applications string[]
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applicationsJsonString string
    Specifies the JSON string converted from the applications field in the application list.
    createdDate string
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    description string
    Specifies the description of the rule.
    destination CfwAclRuleV1Destination
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    direction number
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    lastOpenTime string
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    longConnectEnable number
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    longConnectTime number
    Specifies the persistent connection duration.
    longConnectTimeHour number
    Specifies the persistent connection duration (hour).
    longConnectTimeMinute number
    Specifies the persistent connection duration (minute).
    longConnectTimeSecond number
    Specifies the persistent connection duration (second).
    name string
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    objectId string
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence CfwAclRuleV1Sequence
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service CfwAclRuleV1Service

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source CfwAclRuleV1Source
    Specifies the source address Data Transport Object. The source structure is documented below.
    status number
    Specifies the rule status: 0 (disabled), 1 (enabled).
    timeouts CfwAclRuleV1Timeouts
    type number
    Specifies the service input type: 0 (manual), 1 (automatic).
    action_type float
    Specifies the rule action: 0 (permit), 1 (deny).
    address_type float
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    applications Sequence[str]
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applications_json_string str
    Specifies the JSON string converted from the applications field in the application list.
    created_date str
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    description str
    Specifies the description of the rule.
    destination CfwAclRuleV1DestinationArgs
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    direction float
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    last_open_time str
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    long_connect_enable float
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    long_connect_time float
    Specifies the persistent connection duration.
    long_connect_time_hour float
    Specifies the persistent connection duration (hour).
    long_connect_time_minute float
    Specifies the persistent connection duration (minute).
    long_connect_time_second float
    Specifies the persistent connection duration (second).
    name str
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    object_id str
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence CfwAclRuleV1SequenceArgs
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service CfwAclRuleV1ServiceArgs

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source CfwAclRuleV1SourceArgs
    Specifies the source address Data Transport Object. The source structure is documented below.
    status float
    Specifies the rule status: 0 (disabled), 1 (enabled).
    timeouts CfwAclRuleV1TimeoutsArgs
    type float
    Specifies the service input type: 0 (manual), 1 (automatic).
    actionType Number
    Specifies the rule action: 0 (permit), 1 (deny).
    addressType Number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    applications List<String>
    Specifies the rule application list . Allowed list values: HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP.
    applicationsJsonString String
    Specifies the JSON string converted from the applications field in the application list.
    createdDate String
    Indicates the Rule creation time in YYYY-MM-DD hh:mm:ss format.
    description String
    Specifies the description of the rule.
    destination Property Map
    Specifies the destination address Data Transport Object. The destination structure is documented below.
    direction Number
    Specifies the Direction: 0 (inbound) or 1 (outbound). This parameter is mandatory when type is set to 0 (Internet rule) or 2 (NAT rule).
    lastOpenTime String
    Indicates the Last time when the rule was enabled in YYYY-MM-DD hh:mm:ss format.
    longConnectEnable Number
    Specifies whether to support persistent connections: 0 (no), 1 (yes).
    longConnectTime Number
    Specifies the persistent connection duration.
    longConnectTimeHour Number
    Specifies the persistent connection duration (hour).
    longConnectTimeMinute Number
    Specifies the persistent connection duration (minute).
    longConnectTimeSecond Number
    Specifies the persistent connection duration (second).
    name String
    Specifies the CFW ACL rule name. The CFW ACL rule name of the same type is unique in the same firewall instance.
    objectId String
    Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border.
    sequence Property Map
    Specifies the request body for changing the rule sequence. The sequence structure is documented below.
    service Property Map

    Specifies the service object. The service structure is documented below.

    The sequence block supports:

    source Property Map
    Specifies the source address Data Transport Object. The source structure is documented below.
    status Number
    Specifies the rule status: 0 (disabled), 1 (enabled).
    timeouts Property Map
    type Number
    Specifies the service input type: 0 (manual), 1 (automatic).

    Supporting Types

    CfwAclRuleV1Destination, CfwAclRuleV1DestinationArgs

    Type double
    Specifies the service input type: 0 (manual), 1 (automatic).
    Address string
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    AddressGroups List<string>

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    AddressSetId string
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetName string
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetType double
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    AddressType double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    DomainAddressName string
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    DomainSetId string
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    DomainSetName string
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    IpAddresses List<string>
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    PredefinedGroups List<string>
    Specifies the pre-defined service group ID list.
    RegionListJson string
    Specifies the JSON value of the rule region list.
    RegionLists List<CfwAclRuleV1DestinationRegionList>
    Specifies the rule region list.
    Type float64
    Specifies the service input type: 0 (manual), 1 (automatic).
    Address string
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    AddressGroups []string

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    AddressSetId string
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetName string
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetType float64
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    AddressType float64
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    DomainAddressName string
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    DomainSetId string
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    DomainSetName string
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    IpAddresses []string
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    PredefinedGroups []string
    Specifies the pre-defined service group ID list.
    RegionListJson string
    Specifies the JSON value of the rule region list.
    RegionLists []CfwAclRuleV1DestinationRegionList
    Specifies the rule region list.
    type Double
    Specifies the service input type: 0 (manual), 1 (automatic).
    address String
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    addressGroups List<String>

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    addressSetId String
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetName String
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetType Double
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    addressType Double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domainAddressName String
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domainSetId String
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domainSetName String
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ipAddresses List<String>
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefinedGroups List<String>
    Specifies the pre-defined service group ID list.
    regionListJson String
    Specifies the JSON value of the rule region list.
    regionLists List<CfwAclRuleV1DestinationRegionList>
    Specifies the rule region list.
    type number
    Specifies the service input type: 0 (manual), 1 (automatic).
    address string
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    addressGroups string[]

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    addressSetId string
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetName string
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetType number
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    addressType number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domainAddressName string
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domainSetId string
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domainSetName string
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ipAddresses string[]
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefinedGroups string[]
    Specifies the pre-defined service group ID list.
    regionListJson string
    Specifies the JSON value of the rule region list.
    regionLists CfwAclRuleV1DestinationRegionList[]
    Specifies the rule region list.
    type float
    Specifies the service input type: 0 (manual), 1 (automatic).
    address str
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    address_groups Sequence[str]

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    address_set_id str
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    address_set_name str
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    address_set_type float
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    address_type float
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domain_address_name str
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domain_set_id str
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domain_set_name str
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ip_addresses Sequence[str]
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefined_groups Sequence[str]
    Specifies the pre-defined service group ID list.
    region_list_json str
    Specifies the JSON value of the rule region list.
    region_lists Sequence[CfwAclRuleV1DestinationRegionList]
    Specifies the rule region list.
    type Number
    Specifies the service input type: 0 (manual), 1 (automatic).
    address String
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    addressGroups List<String>

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    addressSetId String
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetName String
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetType Number
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    addressType Number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domainAddressName String
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domainSetId String
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domainSetName String
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ipAddresses List<String>
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefinedGroups List<String>
    Specifies the pre-defined service group ID list.
    regionListJson String
    Specifies the JSON value of the rule region list.
    regionLists List<Property Map>
    Specifies the rule region list.

    CfwAclRuleV1DestinationRegionList, CfwAclRuleV1DestinationRegionListArgs

    RegionId string
    Specifies the region ID.
    RegionType double
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    RegionId string
    Specifies the region ID.
    RegionType float64
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    regionId String
    Specifies the region ID.
    regionType Double
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    regionId string
    Specifies the region ID.
    regionType number
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    region_id str
    Specifies the region ID.
    region_type float
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    regionId String
    Specifies the region ID.
    regionType Number
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).

    CfwAclRuleV1Sequence, CfwAclRuleV1SequenceArgs

    Bottom double

    Specifies whether to pin to bottom: 0 (no), 1 (yes).

    The source and destination block supports:

    DestRuleId string
    Specifies the ID of the target rule.
    Top double
    Specifies whether to pin on top: 0 (no), 1 (yes).
    Bottom float64

    Specifies whether to pin to bottom: 0 (no), 1 (yes).

    The source and destination block supports:

    DestRuleId string
    Specifies the ID of the target rule.
    Top float64
    Specifies whether to pin on top: 0 (no), 1 (yes).
    bottom Double

    Specifies whether to pin to bottom: 0 (no), 1 (yes).

    The source and destination block supports:

    destRuleId String
    Specifies the ID of the target rule.
    top Double
    Specifies whether to pin on top: 0 (no), 1 (yes).
    bottom number

    Specifies whether to pin to bottom: 0 (no), 1 (yes).

    The source and destination block supports:

    destRuleId string
    Specifies the ID of the target rule.
    top number
    Specifies whether to pin on top: 0 (no), 1 (yes).
    bottom float

    Specifies whether to pin to bottom: 0 (no), 1 (yes).

    The source and destination block supports:

    dest_rule_id str
    Specifies the ID of the target rule.
    top float
    Specifies whether to pin on top: 0 (no), 1 (yes).
    bottom Number

    Specifies whether to pin to bottom: 0 (no), 1 (yes).

    The source and destination block supports:

    destRuleId String
    Specifies the ID of the target rule.
    top Number
    Specifies whether to pin on top: 0 (no), 1 (yes).

    CfwAclRuleV1Service, CfwAclRuleV1ServiceArgs

    Type double
    Specifies the service input type: 0 (manual), 1 (automatic).
    CustomServices List<CfwAclRuleV1ServiceCustomService>
    Specifies the custom service.
    DestPort string
    Specifies the destination port.
    PredefinedGroups List<string>
    Specifies the pre-defined service group ID list.
    Protocol double
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    Protocols List<double>
    Specifies the protocol list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    ServiceGroupNames List<CfwAclRuleV1ServiceServiceGroupName>
    Specifies the service group name list.
    ServiceGroups List<string>
    Specifies the service group ID list.
    ServiceSetId string
    Specifies the Service group ID. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    ServiceSetName string
    Specifies the Service group name. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    ServiceSetType double
    Specifies the service group type: 0 (user-defined service group), 1 (common web service), 2 (common remote login and ping), or 3 (common database).
    SourcePort string
    Specifies the source port.
    Type float64
    Specifies the service input type: 0 (manual), 1 (automatic).
    CustomServices []CfwAclRuleV1ServiceCustomService
    Specifies the custom service.
    DestPort string
    Specifies the destination port.
    PredefinedGroups []string
    Specifies the pre-defined service group ID list.
    Protocol float64
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    Protocols []float64
    Specifies the protocol list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    ServiceGroupNames []CfwAclRuleV1ServiceServiceGroupName
    Specifies the service group name list.
    ServiceGroups []string
    Specifies the service group ID list.
    ServiceSetId string
    Specifies the Service group ID. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    ServiceSetName string
    Specifies the Service group name. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    ServiceSetType float64
    Specifies the service group type: 0 (user-defined service group), 1 (common web service), 2 (common remote login and ping), or 3 (common database).
    SourcePort string
    Specifies the source port.
    type Double
    Specifies the service input type: 0 (manual), 1 (automatic).
    customServices List<CfwAclRuleV1ServiceCustomService>
    Specifies the custom service.
    destPort String
    Specifies the destination port.
    predefinedGroups List<String>
    Specifies the pre-defined service group ID list.
    protocol Double
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    protocols List<Double>
    Specifies the protocol list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    serviceGroupNames List<CfwAclRuleV1ServiceServiceGroupName>
    Specifies the service group name list.
    serviceGroups List<String>
    Specifies the service group ID list.
    serviceSetId String
    Specifies the Service group ID. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    serviceSetName String
    Specifies the Service group name. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    serviceSetType Double
    Specifies the service group type: 0 (user-defined service group), 1 (common web service), 2 (common remote login and ping), or 3 (common database).
    sourcePort String
    Specifies the source port.
    type number
    Specifies the service input type: 0 (manual), 1 (automatic).
    customServices CfwAclRuleV1ServiceCustomService[]
    Specifies the custom service.
    destPort string
    Specifies the destination port.
    predefinedGroups string[]
    Specifies the pre-defined service group ID list.
    protocol number
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    protocols number[]
    Specifies the protocol list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    serviceGroupNames CfwAclRuleV1ServiceServiceGroupName[]
    Specifies the service group name list.
    serviceGroups string[]
    Specifies the service group ID list.
    serviceSetId string
    Specifies the Service group ID. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    serviceSetName string
    Specifies the Service group name. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    serviceSetType number
    Specifies the service group type: 0 (user-defined service group), 1 (common web service), 2 (common remote login and ping), or 3 (common database).
    sourcePort string
    Specifies the source port.
    type float
    Specifies the service input type: 0 (manual), 1 (automatic).
    custom_services Sequence[CfwAclRuleV1ServiceCustomService]
    Specifies the custom service.
    dest_port str
    Specifies the destination port.
    predefined_groups Sequence[str]
    Specifies the pre-defined service group ID list.
    protocol float
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    protocols Sequence[float]
    Specifies the protocol list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    service_group_names Sequence[CfwAclRuleV1ServiceServiceGroupName]
    Specifies the service group name list.
    service_groups Sequence[str]
    Specifies the service group ID list.
    service_set_id str
    Specifies the Service group ID. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    service_set_name str
    Specifies the Service group name. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    service_set_type float
    Specifies the service group type: 0 (user-defined service group), 1 (common web service), 2 (common remote login and ping), or 3 (common database).
    source_port str
    Specifies the source port.
    type Number
    Specifies the service input type: 0 (manual), 1 (automatic).
    customServices List<Property Map>
    Specifies the custom service.
    destPort String
    Specifies the destination port.
    predefinedGroups List<String>
    Specifies the pre-defined service group ID list.
    protocol Number
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    protocols List<Number>
    Specifies the protocol list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual).
    serviceGroupNames List<Property Map>
    Specifies the service group name list.
    serviceGroups List<String>
    Specifies the service group ID list.
    serviceSetId String
    Specifies the Service group ID. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    serviceSetName String
    Specifies the Service group name. This parameter cannot be left blank when type is set to 1 (associated IP address group).
    serviceSetType Number
    Specifies the service group type: 0 (user-defined service group), 1 (common web service), 2 (common remote login and ping), or 3 (common database).
    sourcePort String
    Specifies the source port.

    CfwAclRuleV1ServiceCustomService, CfwAclRuleV1ServiceCustomServiceArgs

    Description string
    Specifies the service member description.
    DestPort string
    Specifies the destination port.
    Name string
    Specifies the service member name.
    Protocol double
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual) in service block.
    SourcePort string
    Specifies the source port.
    Description string
    Specifies the service member description.
    DestPort string
    Specifies the destination port.
    Name string
    Specifies the service member name.
    Protocol float64
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual) in service block.
    SourcePort string
    Specifies the source port.
    description String
    Specifies the service member description.
    destPort String
    Specifies the destination port.
    name String
    Specifies the service member name.
    protocol Double
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual) in service block.
    sourcePort String
    Specifies the source port.
    description string
    Specifies the service member description.
    destPort string
    Specifies the destination port.
    name string
    Specifies the service member name.
    protocol number
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual) in service block.
    sourcePort string
    Specifies the source port.
    description str
    Specifies the service member description.
    dest_port str
    Specifies the destination port.
    name str
    Specifies the service member name.
    protocol float
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual) in service block.
    source_port str
    Specifies the source port.
    description String
    Specifies the service member description.
    destPort String
    Specifies the destination port.
    name String
    Specifies the service member name.
    protocol Number
    Specifies the protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any). It cannot be left blank when type is set to 0 (manual) in service block.
    sourcePort String
    Specifies the source port.

    CfwAclRuleV1ServiceServiceGroupName, CfwAclRuleV1ServiceServiceGroupNameArgs

    Name string
    Specifies the service group name.
    Protocols List<double>
    Specifies the protocols list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any).
    ServiceSetType double
    Specifies the service group type: 0 (user-defined service group), 1 (predefined service group).
    SetId string
    Specifies the service group ID.
    Name string
    Specifies the service group name.
    Protocols []float64
    Specifies the protocols list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any).
    ServiceSetType float64
    Specifies the service group type: 0 (user-defined service group), 1 (predefined service group).
    SetId string
    Specifies the service group ID.
    name String
    Specifies the service group name.
    protocols List<Double>
    Specifies the protocols list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any).
    serviceSetType Double
    Specifies the service group type: 0 (user-defined service group), 1 (predefined service group).
    setId String
    Specifies the service group ID.
    name string
    Specifies the service group name.
    protocols number[]
    Specifies the protocols list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any).
    serviceSetType number
    Specifies the service group type: 0 (user-defined service group), 1 (predefined service group).
    setId string
    Specifies the service group ID.
    name str
    Specifies the service group name.
    protocols Sequence[float]
    Specifies the protocols list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any).
    service_set_type float
    Specifies the service group type: 0 (user-defined service group), 1 (predefined service group).
    set_id str
    Specifies the service group ID.
    name String
    Specifies the service group name.
    protocols List<Number>
    Specifies the protocols list. Permitted list values: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (any).
    serviceSetType Number
    Specifies the service group type: 0 (user-defined service group), 1 (predefined service group).
    setId String
    Specifies the service group ID.

    CfwAclRuleV1Source, CfwAclRuleV1SourceArgs

    Type double
    Specifies the service input type: 0 (manual), 1 (automatic).
    Address string
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    AddressGroups List<string>

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    AddressSetId string
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetName string
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetType double
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    AddressType double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    DomainAddressName string
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    DomainSetId string
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    DomainSetName string
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    IpAddresses List<string>
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    PredefinedGroups List<string>
    Specifies the pre-defined service group ID list.
    RegionListJson string
    Specifies the JSON value of the rule region list.
    RegionLists List<CfwAclRuleV1SourceRegionList>
    Specifies the rule region list.
    Type float64
    Specifies the service input type: 0 (manual), 1 (automatic).
    Address string
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    AddressGroups []string

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    AddressSetId string
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetName string
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    AddressSetType float64
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    AddressType float64
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    DomainAddressName string
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    DomainSetId string
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    DomainSetName string
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    IpAddresses []string
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    PredefinedGroups []string
    Specifies the pre-defined service group ID list.
    RegionListJson string
    Specifies the JSON value of the rule region list.
    RegionLists []CfwAclRuleV1SourceRegionList
    Specifies the rule region list.
    type Double
    Specifies the service input type: 0 (manual), 1 (automatic).
    address String
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    addressGroups List<String>

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    addressSetId String
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetName String
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetType Double
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    addressType Double
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domainAddressName String
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domainSetId String
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domainSetName String
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ipAddresses List<String>
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefinedGroups List<String>
    Specifies the pre-defined service group ID list.
    regionListJson String
    Specifies the JSON value of the rule region list.
    regionLists List<CfwAclRuleV1SourceRegionList>
    Specifies the rule region list.
    type number
    Specifies the service input type: 0 (manual), 1 (automatic).
    address string
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    addressGroups string[]

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    addressSetId string
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetName string
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetType number
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    addressType number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domainAddressName string
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domainSetId string
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domainSetName string
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ipAddresses string[]
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefinedGroups string[]
    Specifies the pre-defined service group ID list.
    regionListJson string
    Specifies the JSON value of the rule region list.
    regionLists CfwAclRuleV1SourceRegionList[]
    Specifies the rule region list.
    type float
    Specifies the service input type: 0 (manual), 1 (automatic).
    address str
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    address_groups Sequence[str]

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    address_set_id str
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    address_set_name str
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    address_set_type float
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    address_type float
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domain_address_name str
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domain_set_id str
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domain_set_name str
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ip_addresses Sequence[str]
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefined_groups Sequence[str]
    Specifies the pre-defined service group ID list.
    region_list_json str
    Specifies the JSON value of the rule region list.
    region_lists Sequence[CfwAclRuleV1SourceRegionList]
    Specifies the rule region list.
    type Number
    Specifies the service input type: 0 (manual), 1 (automatic).
    address String
    Specifies the IP address information. It cannot be left blank if type is set to 0.
    addressGroups List<String>

    Specifies the Address group ID list. This parameter cannot be left blank when type is set to 5 (multiple objects).

    The service block supports:

    addressSetId String
    Specifies the ID of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetName String
    Specifies the name of an associated IP address group. This parameter cannot be left blank when type is set to 1.
    addressSetType Number
    Specifies the Address group type. It cannot be left blank when type is set to 1 (associated IP address group). It value can be 0 (user-defined address group), 1 (WAF back-to-source IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group).
    addressType Number
    Specifies theInternet protocol type of an address: 0 (IPv4), 1 (IPv6). If type is 0, this parameter cannot be left blank.
    domainAddressName String
    Specifies the name of a domain name address. This parameter is valid when type is set to 2 (domain name) or 7 (application domain name group).
    domainSetId String
    Specifies the domain group ID. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    domainSetName String
    Specifies the domain group name. The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application).
    ipAddresses List<String>
    Specifies the IP address list. This parameter cannot be left blank when type is set to 5 (multiple objects).
    predefinedGroups List<String>
    Specifies the pre-defined service group ID list.
    regionListJson String
    Specifies the JSON value of the rule region list.
    regionLists List<Property Map>
    Specifies the rule region list.

    CfwAclRuleV1SourceRegionList, CfwAclRuleV1SourceRegionListArgs

    RegionId string
    Specifies the region ID.
    RegionType double
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    RegionId string
    Specifies the region ID.
    RegionType float64
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    regionId String
    Specifies the region ID.
    regionType Double
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    regionId string
    Specifies the region ID.
    regionType number
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    region_id str
    Specifies the region ID.
    region_type float
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).
    regionId String
    Specifies the region ID.
    regionType Number
    Specifies the region type: 0 (country), 1 (province), and 2 (continent).

    CfwAclRuleV1Timeouts, CfwAclRuleV1TimeoutsArgs

    Create string
    Delete string
    Update string
    Create string
    Delete string
    Update string
    create String
    delete String
    update String
    create string
    delete string
    update string
    create str
    delete str
    update str
    create String
    delete String
    update String

    Import

    CFW ACL V1 Rule can be imported using the CFW Firewall protection object ID, object_id and rule name name, e.g.

    $ pulumi import opentelekomcloud:index/cfwAclRuleV1:CfwAclRuleV1 rule_1 b4cd6aeb0b7445d3bf271457c6941544in09/name

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    opentelekomcloud opentelekomcloud/terraform-provider-opentelekomcloud
    License
    Notes
    This Pulumi package is based on the opentelekomcloud Terraform Provider.
    opentelekomcloud logo
    opentelekomcloud 1.36.38 published on Friday, May 9, 2025 by opentelekomcloud
    opentelekomcloud/terraform-provider-opentelekomcloud