资源编排 ALIYUN::WAF::DomainConfig

By | 2021年4月22日

ALIYUN::WAF::DomainConfig类型用于添加域名配置信息。

语法

{
  "Type": "ALIYUN::WAF::DomainConfig",
  "Properties": {
    "HttpToUserIp": Integer,
    "Domain": String,
    "SourceIps": String,
    "InstanceId": String,
    "Region": String,
    "HttpPort": String,
    "LoadBalancing": Integer,
    "HttpsPort": String,
    "RsType": Integer,
    "IsAccessProduct": Integer,
    "HttpsRedirect": Integer,
    "Protocols": String
  }
}

属性

属性名称 类型 必须 允许更新 描述 约束
HttpToUserIp Integer 是否开启HTTPS访问请求通过HTTP协议转发回源站。

说明 如果您的网站不支持HTTPS回源,开启HTTP回源(默认回源端口是80端口)功能项,即可通过WAF实现HTTPS访问。

取值:

  • 0(默认值):关闭
  • 1:开启
Domain String 域名名称。
SourceIps String 源站IP,支持指定多个IP。示例:["1.1.1.1", "10.0.0.0"]
InstanceId String Web应用防火墙实例ID。
Region String Web应用防火墙实例所在的地域。 取值:

  • cn(默认值):中国内地
  • cn-hongkong:中国香港及海外地区
HttpPort String HTTP协议配置的端口。指定多个HTTP端口时,使用英文逗号(,)进行分隔。示例值:[80, 8000] 配置协议为HTTP时,该参数为必填项。默认值为80。HttpPort与HttpsPort两个请求参数至少需要填写一个。
LoadBalancing Integer 回源负载均衡策略。 取值:

  • 0:IP Hash方式
  • 1:轮询方式
HttpsPort String HTTPS协议配置的端口。指定多个HTTPS端口时,使用英文逗号(,)进行分隔。示例值:[443] 配置协议为HTTPS时,该参数为必填项。默认值为443。HttpPort与HttpsPort两个请求参数至少需要填写一个。
RsType Integer 该域名的回源地址类型。 取值:

  • 0:回源到IP
  • 1:回源到域名
IsAccessProduct Integer 该域名在WAF前是否配置有七层代理(例如:高防、CDN等)。 取值:

  • 0:无
  • 1:有
HttpsRedirect Integer 是否开启HTTPS强制跳转。 取值:

  • 0(默认值):关闭
  • 1:开启

仅使用HTTPS访问协议时需填写该请求参数。如果此参数设置为1,HTTP请求将显示为HTTPS,默认跳转至443端口。

Protocols String 该域名所支持的访问协议。 取值:

  • http:支持HTTP协议
  • https:支持HTTPS协议
  • http,https:同时支持HTTP和HTTPS协议

返回值

Fn::GetAtt

  • ProtocolType:支持的访问协议。0表示支持HTTP协议,1表示支持HTTPS协议,2表示同时支持HTTP和HTTPS。
  • Cname:WAF分配的别名。

示例

JSON格式

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "HttpToUserIp": {
      "Type": "Number",
      "Description": "Whether to open HTTPS access request is forwarded back to the source station via the HTTP protocol, the value of:\n0: off (default)\n1: Turn\nNote If your site does not support HTTPS back to the source, open source HTTP return (default back to the source port is port 80) function key, can be realized by WAF HTTPS access.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "HttpPort": {
      "Type": "String",
      "Description": "HTTP protocol configuration port. When specifying a plurality of HTTP port \",\" separated. Example values: [80].\nConfigure the HTTP protocol, this parameter is required. The default value is 80. HttpPort HttpsPort with at least two parameters need to fill a request."
    },
    "IsAccessProduct": {
      "Type": "Number",
      "Description": "The domain before WAF is configured with seven agents (eg, high defense, CDN, etc.), the value of:\n0: none.\n1: expressed.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "RsType": {
      "Type": "Number",
      "Description": "Back to the source address type the domain name values:\n0: back to the source to IP.\n1: Indicates the domain name back to the source.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "Protocols": {
      "Type": "String",
      "Description": "The domain supports access protocols, values:\nhttp: expressed support for the HTTP protocol.\nhttps: support for HTTPS protocol.\nhttp, https: supports HTTP, HTTPS protocol."
    },
    "InstanceId": {
      "Type": "String",
      "Description": "WAF instance ID.\nDescription Interface You can view your current WAF instance ID by calling DescribePayInfo."
    },
    "SourceIps": {
      "Type": "String",
      "Description": "Source station IP, supports a plurality of specified IP. Example values: [ \"1.1.1.1\"]."
    },
    "HttpsRedirect": {
      "Type": "Number",
      "Description": "HTTPS is turned forcefully jump the argument:\n0: off (default)\n1: Turn\nDescription required to complete the request parameters using only HTTPS access protocol. After opening force will show a jump HTTP request is HTTPS, a default jump to 443.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "Region": {
      "Type": "String",
      "Description": "Examples of areas where the WAF. Value:\ncn: China mainland (default)\ncn-hongkong: China HongKong and other overseas",
      "AllowedValues": [
        "cn",
        "cn-hongkong"
      ]
    },
    "Domain": {
      "Type": "String",
      "Description": "Domain name."
    },
    "LoadBalancing": {
      "Type": "Number",
      "Description": "Back to the source load balancing policy values:\n0: IP Hash way.\n1: represents a polling mode.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "HttpsPort": {
      "Type": "String",
      "Description": "HTTPS protocol configuration port. When specifying a plurality HTTPS port, using the \",\" separated. Example values: [443].\nConfigure the protocol is HTTPS, this parameter is required. The default value is 443. HttpPort HttpsPort with at least two parameters need to fill a request."
    }
  },
  "Resources": {
    "DomainConfig": {
      "Type": "ALIYUN::WAF::DomainConfig",
      "Properties": {
        "HttpToUserIp": {
          "Ref": "HttpToUserIp"
        },
        "HttpPort": {
          "Ref": "HttpPort"
        },
        "IsAccessProduct": {
          "Ref": "IsAccessProduct"
        },
        "RsType": {
          "Ref": "RsType"
        },
        "Protocols": {
          "Ref": "Protocols"
        },
        "InstanceId": {
          "Ref": "InstanceId"
        },
        "SourceIps": {
          "Ref": "SourceIps"
        },
        "HttpsRedirect": {
          "Ref": "HttpsRedirect"
        },
        "Region": {
          "Ref": "Region"
        },
        "Domain": {
          "Ref": "Domain"
        },
        "LoadBalancing": {
          "Ref": "LoadBalancing"
        },
        "HttpsPort": {
          "Ref": "HttpsPort"
        }
      }
    }
  },
  "Outputs": {
    "ProtocolType": {
      "Description": "agreement type:0: indicates that the HTTP protocol is supported.1: indicates that the HTTPS protocol is supported.2: indicates that both HTTP and HTTPS protocols are supported.",
      "Value": {
        "Fn::GetAtt": [
          "DomainConfig",
          "ProtocolType"
        ]
      }
    },
    "Cname": {
      "Description": "CNAME assigned by WAF instance.",
      "Value": {
        "Fn::GetAtt": [
          "DomainConfig",
          "Cname"
        ]
      }
    }
  }
}

YAML格式

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  HttpToUserIp:
    Type: Number
    Description: >-
      Whether to open HTTPS access request is forwarded back to the source
      station via the HTTP protocol, the value of:
      0: off (default)
      1: Turn
      Note If your site does not support HTTPS back to the source, open source
      HTTP return (default back to the source port is port 80) function key, can
      be realized by WAF HTTPS access.
    AllowedValues:
      - 0
      - 1
  HttpPort:
    Type: String
    Description: >-
      HTTP protocol configuration port. When specifying a plurality of HTTP port
      "," separated. Example values: [80].
      Configure the HTTP protocol, this parameter is required. The default value
      is 80. HttpPort HttpsPort with at least two parameters need to fill a
      request.
  IsAccessProduct:
    Type: Number
    Description: >-
      The domain before WAF is configured with seven agents (eg, high defense,
      CDN, etc.), the value of:
      0: none.
      1: expressed.
    AllowedValues:
      - 0
      - 1
  RsType:
    Type: Number
    Description: |-
      Back to the source address type the domain name values:
      0: back to the source to IP.
      1: Indicates the domain name back to the source.
    AllowedValues:
      - 0
      - 1
  Protocols:
    Type: String
    Description: |-
      The domain supports access protocols, values:
      http: expressed support for the HTTP protocol.
      https: support for HTTPS protocol.
      http, https: supports HTTP, HTTPS protocol.
  InstanceId:
    Type: String
    Description: >-
      WAF instance ID.
      Description Interface You can view your current WAF instance ID by calling
      DescribePayInfo.
  SourceIps:
    Type: String
    Description: >-
      Source station IP, supports a plurality of specified IP. Example values: [
      "1.1.1.1"].
  HttpsRedirect:
    Type: Number
    Description: >-
      HTTPS is turned forcefully jump the argument:
      0: off (default)
      1: Turn
      Description required to complete the request parameters using only HTTPS
      access protocol. After opening force will show a jump HTTP request is
      HTTPS, a default jump to 443.
    AllowedValues:
      - 0
      - 1
  Region:
    Type: String
    Description: |-
      Examples of areas where the WAF. Value:
      cn: China mainland (default)
      cn-hongkong: China HongKong and other overseas
    AllowedValues:
      - cn
      - cn-hongkong
  Domain:
    Type: String
    Description: Domain name.
  LoadBalancing:
    Type: Number
    Description: |-
      Back to the source load balancing policy values:
      0: IP Hash way.
      1: represents a polling mode.
    AllowedValues:
      - 0
      - 1
  HttpsPort:
    Type: String
    Description: >-
      HTTPS protocol configuration port. When specifying a plurality HTTPS port,
      using the "," separated. Example values: [443].
      Configure the protocol is HTTPS, this parameter is required. The default
      value is 443. HttpPort HttpsPort with at least two parameters need to fill
      a request.
Resources:
  DomainConfig:
    Type: 'ALIYUN::WAF::DomainConfig'
    Properties:
      HttpToUserIp:
        Ref: HttpToUserIp
      HttpPort:
        Ref: HttpPort
      IsAccessProduct:
        Ref: IsAccessProduct
      RsType:
        Ref: RsType
      Protocols:
        Ref: Protocols
      InstanceId:
        Ref: InstanceId
      SourceIps:
        Ref: SourceIps
      HttpsRedirect:
        Ref: HttpsRedirect
      Region:
        Ref: Region
      Domain:
        Ref: Domain
      LoadBalancing:
        Ref: LoadBalancing
      HttpsPort:
        Ref: HttpsPort
Outputs:
  ProtocolType:
    Description: >-
      agreement type:0: indicates that the HTTP protocol is supported.1:
      indicates that the HTTPS protocol is supported.2: indicates that both HTTP
      and HTTPS protocols are supported.
    Value:
      'Fn::GetAtt':
        - DomainConfig
        - ProtocolType
  Cname:
    Description: CNAME assigned by WAF instance.
    Value:
      'Fn::GetAtt':
        - DomainConfig
        - Cname

请关注公众号获取更多资料

发表回复

您的电子邮箱地址不会被公开。 必填项已用*标注