All Products
Search
Document Center

Resource Orchestration Service:ALIYUN::ALB::Rule

Last Updated:Dec 10, 2024

ALIYUN::Config::Rule is used to create a forwarding rule.

Syntax

{
  "Type": "ALIYUN::ALB::Rule",
  "Properties": {
    "RuleActions": List,
    "Priority": Integer,
    "RuleConditions": List,
    "Direction": String,
    "RuleName": String,
    "ListenerId": String
  }
}

Properties

Property

Type

Required

Editable

Description

Constraint

ListenerId

String

Yes

No

The ID of the listener that is added to the Application Load Balancer (ALB) instance.

None.

Priority

Integer

Yes

Yes

The priority of the forwarding rule.

Valid values: 1 to 10000. A smaller value specifies a higher priority.

Note

The priority of each forwarding rule that you specify for a listener must be unique.

RuleActions

List

Yes

Yes

The actions that are performed based on the forwarding rule.

For more information, see RuleActions properties.

RuleConditions

List

Yes

Yes

The conditions for the forwarding rule.

For more information, see RuleConditions properties.

RuleName

String

Yes

Yes

The name of the forwarding rule.

The name must be 2 to 128 characters in length and can contain letters, digits, periods (.), underscores (_), and hyphens (-). The name must start with a letter.

Direction

String

No

No

The direction to which the forwarding rule is applied.

Valid values:

  • Request: inbound

  • Response: outbound

RuleActions syntax

"RuleActions": [
  {
    "Order": Integer,
    "FixedResponseConfig": Map,
    "Type": String,
    "RedirectConfig": Map,
    "ForwardGroupConfig": Map,
    "InsertHeaderConfig": Map,
    "RewriteConfig": Map,
    "TrafficMirrorConfig": Map,
    "TrafficLimitConfig": Map,
    "RemoveHeaderConfig": Map,
    "CorsConfig": Map
  }
]

RuleActions properties

Property

Type

Required

Editable

Description

Constraint

Order

Integer

Yes

Yes

The priority of the action that is performed based on the forwarding rule.

Valid values: 1 to 50000. A smaller value specifies a higher priority.

Note

The execution priority of each action must be unique.

Type

String

Yes

Yes

The action type.

Valid values:

  • ForwardGroup: forwards a request to multiple vServer groups.

  • Redirect: redirects a request.

  • FixedResponse: returns a fixed response.

  • Rewrite: rewrites a request.

  • InsertHeader: adds a header to a request.

FixedResponseConfig

Map

No

Yes

The configurations of the fixed response.

For more information, see FixedResponseConfig properties.

ForwardGroupConfig

Map

No

Yes

The configurations of the vServer group.

For more information, see ForwardGroupConfig properties.

InsertHeaderConfig

Map

No

Yes

The configurations of the header that you want to add to a request.

For more information, see InsertHeaderConfig properties.

RedirectConfig

Map

No

Yes

The configurations of the redirect action.

For more information, see RedirectConfig properties.

RemoveHeaderConfig

Map

No

Yes

The configurations of the header that you want to remove from the request.

For more information, see RemoveHeaderConfig property.

RewriteConfig

Map

No

Yes

The configurations of the rewrite action.

For more information, see RewriteConfig properties.

TrafficLimitConfig

Map

No

Yes

The configurations of the traffic throttling feature.

For more information, see TrafficLimitConfig properties.

TrafficMirrorConfig

Map

No

Yes

The configurations of the traffic mirroring feature.

For more information, see TrafficMirrorConfig properties.

CorsConfig

Map

No

Yes

The configurations of cross-origin resource sharing (CORS).

For more information, see CorsConfig properties.

FixedResponseConfig syntax

"FixedResponseConfig": {
  "HttpCode": String,
  "ContentType": String,
  "Content": String
}

FixedResponseConfig properties

Property

Type

Required

Editable

Description

Constraint

Content

String

No

Yes

The content of the fixed response.

The content can be up to 1 KB in size and can contain only ASCII characters.

ContentType

String

No

Yes

The format of the fixed response.

Valid values:

  • text/plain

  • text/css

  • text/html

  • application/javascript

  • application/json

HttpCode

String

No

Yes

The HTTP status code to return.

Valid values: HTTP_2xx, HTTP_4xx, and HTTP_5xx. x is a digit.

RedirectConfig syntax

"RedirectConfig": {
  "Path": String,
  "HttpCode": Integer,
  "Query": String,
  "Port": String,
  "Host": String,
  "Protocol": String
}

RedirectConfig properties

Property

Type

Required

Editable

Description

Constraint

Host

String

No

Yes

The name of the host to which requests are redirected.

Valid values:

  • ${host} (default). You cannot combine ${host} with a custom value.

  • A custom value. You must make sure that the custom value meets the following requirements:

    • The value must be 3 to 128 characters in length and can contain lowercase letters, digits, hyphens (-), periods (.), asterisks (*), and question marks (?).

    • The value must contain at least one period (.) but cannot start or end with a period (.).

    • The rightmost domain label can contain only letters and wildcard characters and cannot contain digits or hyphens (-).

    • A domain label cannot start or end with a hyphen (-).

    • You can specify asterisks (*) and question marks (?) anywhere in a domain label.

HttpCode

Integer

No

Yes

The redirect type.

Valid values:

  • 301

  • 302

  • 303

  • 307

  • 308

Path

String

No

Yes

The path to which requests are redirected.

Valid values:

  • ${path} (default). You can reference ${host}, ${protocol}, and ${port} in the value. You can reference each variable only once in a path. You can specify all preceding variables in a path at a time. You can also combine the variables with a custom value.

  • A custom value. You must make sure that the custom value meets the following requirements:

    • The value must be 1 to 128 characters in length.

    • The value must start with a forward slash (/) and can contain letters, digits, and the following special characters:$ - _ . + / & ~ @ : , * ?. The value cannot contain the following special characters:% # ; ! ( ) [ ] ^ , ".

    • The value is case-sensitive.

Port

String

No

Yes

The port to which requests are redirected.

Valid values:

  • ${port} (default). You cannot combine ${port} with a custom value.

  • A custom value. Valid values: 1 to 63335.

Protocol

String

No

Yes

The protocol of the destination to which requests are forwarded.

Valid values:

  • ${protocol} (default). You cannot combine ${protocol} with other types of characters.

  • HTTP.

  • HTTPS.

    Note

    HTTPS listeners support only HTTPS to HTTPS redirects.

Query

String

No

Yes

The query string of the URL to which requests are redirected.

Valid values:

  • ${query} (default). You can reference ${host}, ${protocol}, and ${port} in the value. You can reference each variable only once in a query string. You can specify all preceding variables in a query string at a time. You can also combine the variables with a custom value.

  • A custom value. You must make sure that the custom value meets the following requirements:

    • The value must be 1 to 128 characters in length.

    • The value cannot contain a space or the following special characters: # [ ] { } \ | < > &.

    • The value must be lowercase letters.

ForwardGroupConfig syntax

"ForwardGroupConfig": {
  "ServerGroupTuples": List,
  "ServerGroupStickySession": Map
}

ForwardGroupConfig properties

Property

Type

Required

Editable

Description

Constraint

ServerGroupStickySession

Map

No

Yes

The configurations of session persistence.

For more information, see ServerGroupStickySession properties.

ServerGroupTuples

List

No

Yes

The vServer groups to which requests are forwarded.

For more information, see ServerGroupTuples property.

ServerGroupStickySession syntax

"ServerGroupStickySession": {
 "Enabled": Boolean,
  "Timeout": Integer
}

ServerGroupStickySession properties

Property

Type

Required

Editable

Description

Constraint

Enabled

Boolean

No

Yes

Specifies whether to enable session persistence.

Valid values:

  • true

  • false (default)

Timeout

Integer

No

Yes

The timeout period of sessions.

Unit: seconds. Valid values: 1 to 86400.

ServerGroupTuples syntax

"ServerGroupTuples": [
  {
    "ServerGroupId": String
  }
]

ServerGroupTuples property

Property

Type

Required

Editable

Description

Constraint

ServerGroupId

String

Yes

Yes

The ID of the vServer group to which requests are forwarded.

None.

InsertHeaderConfig syntax

"InsertHeaderConfig": {
  "ValueType": String,
  "Value": String,
  "Key": String
}

InsertHeaderConfig properties

Property

Type

Required

Editable

Description

Constraint

Key

String

No

Yes

The header name.

The name must be 1 to 40 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The name that you specify for InsertHeaderConfig must be unique.

Note

The name is not case-sensitive. You cannot set a header name to one of the following values: slb-id, slb-ip, x-forwarded-for, x-forwarded-proto, x-forwarded-eip, x-forwarded-port, x-forwarded-client-srcport, connection, upgrade, content-length, transfer-encoding, keep-alive, te, host, cookie, remoteip, and authority.

Value

String

No

Yes

The header value.

Valid values:

  • If you set ValueType to SystemDefined, you can set Value to one of the following values:

    • ClientSrcPort: the port of the client.

    • ClientSrcIp: the IP address of the client.

    • Protocol: the request protocol of the client. You can set the protocol to HTTP or HTTPS.

    • SLBId: the ID of the ALB instance.

    • SLBPort: the listening port of the ALB instance.

  • If you set ValueType to ReferenceHeader, you must take note of the following items:

    You can reference one of the request headers. The header must be 1 to 128 characters in length and can contain lowercase letters, digits, hyphens (-), and underscores (_).

ValueType

String

No

Yes

The header type.

Valid values:

  • UserDefined: a custom header that you specify

  • ReferenceHeader: a header that you reference from one of the request headers

  • SystemDefined: a header that is defined by the system

RewriteConfig syntax

"RewriteConfig": {
  "Path": String,
  "Query": String,
  "Host": String
}

RewriteConfig properties

Property

Type

Required

Editable

Description

Constraint

Host

String

No

Yes

The name of the host to which requests are redirected.

Valid values:

  • ${host} (default). You cannot combine ${host} with a custom value.

  • A custom value. You must make sure that the custom value meets the following requirements:

    • The value must be 3 to 128 characters in length and can contain lowercase letters, digits, hyphens (-), periods (.), asterisks (*), and question marks (?).

    • The value must contain at least one period (.) but cannot start or end with a period (.).

    • The rightmost domain label can contain only letters and wildcard characters and cannot contain digits or hyphens (-).

    • A domain label cannot start or end with a hyphen (-).

    • You can specify asterisks (*) and question marks (?) anywhere in a domain label.

Path

String

No

Yes

The path to which requests are redirected.

Valid values:

  • ${path} (default). You can reference ${host}, ${protocol}, and ${port} in the value. You can reference each variable only once in a path. You can specify all preceding variables in a path at a time. You can also combine the variables with a custom value.

  • A custom value. You must make sure that the custom value meets the following requirements:

    • The value must be 1 to 128 characters in length.

    • The value must start with a forward slash (/) and can contain letters, digits, and the following special characters: $ - _ . + / & ~ @ : * ?. The value cannot contain the following special characters: % # ; ! ( ) [ ] ^ " ,.

    • The value is case-sensitive.

Query

String

No

Yes

The query string of the URL to which requests are rewritten.

Valid values:

  • ${query} (default). You can reference ${host}, ${protocol}, and ${port} in the value. You can reference each variable only once in a query string. You can specify all preceding variables in a query string at a time. You can also combine the variables with a custom value.

  • A custom value. You must make sure that the custom value meets the following requirements:

    • The value must be 1 to 128 characters in length.

    • The value cannot contain a space or the following special characters: # [ ] { } \ | < > &.

    • The value must be lowercase letters.

RuleConditions syntax

"RuleConditions": [
  {
    "MethodConfig": Map,
    "PathConfig": Map,
    "Type": String,
    "QueryStringConfig": Map,
    "HostConfig": Map,
    "CookieConfig": Map,
    "HeaderConfig": Map,
    "SourceIpConfig": Map,
    "ResponseStatusCodeConfig": Map,
    "ResponseHeaderConfig": Map
  }
]

RuleConditions properties

Property

Type

Required

Editable

Description

Constraint

Type

String

Yes

Yes

The type of the forwarding rule.

Valid values:

  • Host: forwards requests based on hosts.

  • Path: forwards requests based on paths.

  • Header: forwards requests based on HTTP headers.

  • QueryString: forwards requests based on query strings.

  • Method: forwards requests based on request methods.

  • Cookie: forwards requests based on cookies.

CookieConfig

Map

No

Yes

The configurations of the cookie.

For more information, see CookieConfig property.

HeaderConfig

Map

No

Yes

The configurations of the header.

For more information, see HeaderConfig properties.

HostConfig

Map

No

Yes

The configurations of the host.

For more information, see HostConfig property.

MethodConfig

Map

No

Yes

The configurations of the request method.

For more information, see MethodConfig property.

PathConfig

Map

No

Yes

The configurations of the path to which requests are redirected.

For more information, see PathConfig property.

QueryStringConfig

Map

No

Yes

The configurations of the query string.

For more information, see QueryStringConfig property.

SourceIpConfig

Map

No

Yes

The configurations of the forwarding rule.

For more information, see SourceIpConfig property.

ResponseStatusCodeConfig

Map

No

Yes

The configurations of the response status codes.

For more information, see ResponseStatusCodeConfig property.

ResponseHeaderConfig

Map

No

Yes

The configurations of the headers.

For more information, see ResponseHeaderConfig properties.

ResponseStatusCodeConfig syntax

"ResponseStatusCodeConfig": {
 "Values": List
}

ResponseStatusCodeConfig property

Property

Type

Required

Editable

Description

Constraint

Values

List

No

Yes

The response status codes.

None.

ResponseHeaderConfig syntax

"ResponseHeaderConfig": {
  "Key": String,
  "Values": List
}

ResponseHeaderConfig properties

Property

Type

Required

Editable

Description

Constraint

Key

String

No

Yes

The header name.

  • The header name must be 1 to 40 characters in length.

  • It can contain lowercase letters, digits, hyphens (-), and underscores (_).

  • Cookie and Host are not supported.

Values

List

No

Yes

The header values.

  • Each header value must be 1 to 128 characters in length.

  • It can contain printable characters whose ASCII values are larger than or equal to 32 and smaller than 127, lowercase letters, question marks (?), and the asterisk (*) wildcard character.

  • It cannot start or end with a space.

SourceIpConfig syntax

"SourceIpConfig": {
 "Values": List
}

SourceIpConfig property

Property

Type

Required

Editable

Description

Constraint

Values

List

No

Yes

One or more IP addresses or CIDR blocks that you want to add to a forwarding rule.

You can add up to five IP addresses or CIDR blocks to a forwarding rule.

MethodConfig syntax

"MethodConfig": {
  "Values": List
}

MethodConfig property

Property

Type

Required

Editable

Description

Constraint

Values

List

No

Yes

The request method.

Valid values:

  • HEAD

  • GET

  • POST

  • OPTIONS

  • PUT

  • PATCH

  • DELETE

PathConfig syntax

"PathConfig": {
  "Values": List
}

PathConfig property

Property

Type

Required

Editable

Description

Constraint

Values

List

No

Yes

The path to which requests are redirected.

The path must be 1 to 128 characters in length. It must start with a forward slash (/) and can contain letters, digits, and the following special characters: * ? $ - _ . + / & ~ @ :. The path cannot contain the following special characters: % # ; ! ( ) [ ] ^ ,". The path is case-sensitive.

QueryStringConfig syntax

"QueryStringConfig": {
  "Values": List
}

QueryStringConfig property

Property

Type

Required

Editable

Description

Constraint

Values

List

No

Yes

The value of the query string.

None.

HostConfig syntax

"HostConfig": {
  "Values": List
}

HostConfig property

Property

Type

Required

Editable

Description

Constraint

Values

List

No

Yes

The hostname.

Make sure that the hostname meets the following requirements:

  • A forwarding rule can contain only one hostname. The hostname that you specify for a forwarding rule must be unique.

  • The hostname must contain at least one period (.) but cannot start or end with a period (.).

  • The rightmost domain label can contain only letters and wildcard characters and cannot contain digits or hyphens (-).

  • A domain label cannot start or end with a hyphen (-). You can specify asterisks (*) and question marks (?) anywhere in a domain label.

CookieConfig syntax

"CookieConfig": {
  "Values": List
}

CookieConfig property

Property

Type

Required

Editable

Description

Constraint

Values

List

No

Yes

The cookie values.

None.

HeaderConfig syntax

"HeaderConfig": {
  "Values": List,
  "Key": String
}

HeaderConfig properties

Property

Type

Required

Editable

Description

Constraint

Key

String

No

Yes

The header name.

The name must be 1 to 40 characters in length and can contain lowercase letters, digits, hyphens (-), and underscores (_). You cannot configure cookies or hosts.

Values

List

No

Yes

The header value.

The value that you specify for a header in a forwarding rule must be unique. The header value must be 1 to 128 characters in length and can contain printable characters in the ch >= 32 && ch < 127 ASCII value range, asterisks (*), and question marks (?). The header value cannot start or end with a space.

TrafficMirrorConfig syntax

"TrafficMirrorConfig": {
 "MirrorGroupConfig": Map,
 "TargetType": String
}

TrafficMirrorConfig properties

Property

Type

Required

Editable

Description

Constraint

MirrorGroupConfig

Map

Yes

Yes

The configurations of the vServer group.

For more information, see MirrorGroupConfig property.

TargetType

String

Yes

Yes

The type of the destination to which network traffic is mirrored.

Valid values:

  • ForwardGroupMirror: vServer group

  • SlsMirror: Simple Log Service (SLS)

MirrorGroupConfig syntax

"MirrorGroupConfig": {
 "ServerGroupTuples": List
}

MirrorGroupConfig property

Property

Type

Required

Editable

Description

Constraint

ServerGroupTuples

List

Yes

Yes

The vServer groups.

None.

TrafficLimitConfig syntax

"TrafficLimitConfig": {
 "PerIpQps": Integer,
  "QPS": Integer
}

TrafficLimitConfig properties

Property

Type

Required

Editable

Description

Constraint

PerIpQps

Integer

No

Yes

The number of queries per second (QPS).

Valid values: 1 to 100000.

QPS

Integer

Yes

Yes

The QPS of each IP address.

Valid values: 1 to 100000.

Note

If both QPS and PerIpQps are specified, make sure that the value of QPS is smaller than the value of PerIpQps.

RemoveHeaderConfig syntax

"RemoveHeaderConfig": {
 "Key": String
}

RemoveHeaderConfig property

Property

Type

Required

Editable

Description

Constraint

Key

String

No

Yes

The header name.

None.

CorsConfig syntax

"CorsConfig": {
  "AllowMethods": List,
  "AllowHeaders": List,
  "AllowOrigin": List,
  "MaxAge": Integer,
  "AllowCredentials": String,
  "ExposeHeaders": List
}

CorsConfig properties

Property

Type

Required

Editable

Description

Constraint

AllowMethods

List

No

Yes

The allowed HTTP methods of CORS requests.

Valid values:

  • GET

  • POST

  • PUT

  • DELETE

  • HEAD

  • OPTIONS

  • PATCH

AllowHeaders

List

No

Yes

The allowed headers of CORS requests.

You can specify the wildcard character (*), or one or more values. Separate multiple values with commas (,). Each value can be up to 32 characters in length, and can contain only letters and digits. The value cannot start or end with an underscore (_) or a hyphen (-).

AllowOrigin

List

No

Yes

The allowed origins of CORS requests.

You can specify one or more values, or only the wildcard character (*).

  • Each value must start with http:// or https://. The http:// or https:// prefix of the value must be followed by a valid domain name, such as a top-level wildcard domain name. Example: http://*.test.abc.example.com.

  • You can determine whether to specify a port or port range in each value. Valid ports: 1 to 65535.

MaxAge

Integer

No

Yes

The maximum cache time of a preflight request in the browser.

Valid values: -1 to 172800. Unit: seconds.

AllowCredentials

String

No

Yes

Specifies whether credentials can be carried.

Valid values:

  • on

  • off

ExposeHeaders

List

No

Yes

The headers that can be exposed.

You can specify the wildcard character (*), or one or more values. Separate multiple values with commas (,). Each value can be up to 32 characters in length, and can contain only letters and digits. The value cannot start or end with an underscore (_) or a hyphen (-).

Return values

Fn::GetAtt

RuleId: the ID of the forwarding rule.

Examples

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  ListenerId:
    Type: String
    Description: |-
      The ID of the listener that is configured for the Application Load Balancer (ALB)
      instance.
    Default: lsn-5tl4x9oav95yeb****
Resources:
  Rule:
    Type: ALIYUN::ALB::Rule
    Properties:
      RuleActions:
        - FixedResponseConfig:
            Content: dssacav
            ContentType: text/plain
            HttpCode: '200'
          ForwardGroupConfig:
            ServerGroupTuples:
              - ServerGroupId: sgp-46ndzg2wz4v5mp****
          InsertHeaderConfig:
            Key: key
            Value: ClientSrcPort
            ValueType: SystemDefined
          Order: 1
          RedirectConfig:
            Host: ${host}
            HttpCode: '301'
            Path: /test
            Port: '10'
            Protocol: HTTP
            Query: quert
          RewriteConfig:
            Host: example.com
            Path: /tsdf
            Query: quedsa
          Type: ForwardGroup
      Priority: 10
      RuleConditions:
        - CookieConfig:
            Values:
              - Key: test
                Value: test
          HeaderConfig:
            Key: port
            Values:
              - '5006'
          HostConfig:
            Values:
              - www.example.com
          MethodConfig:
            Values:
              - PUT
          PathConfig:
            Values:
              - /test
          QueryStringConfig:
            Values:
              - Key: test
                Value: test
          Type: Host
      RuleName: MyTestRule
      ListenerId:
        Ref: ListenerId
Outputs:
  RuleId:
    Description: The ID of the forwarding rules.
    Value:
      Fn::GetAtt:
        - Rule
        - RuleId                

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "ListenerId": {
      "Type": "String",
      "Description": "The ID of the listener that is configured for the Application Load Balancer (ALB)\ninstance.",
      "Default": "lsn-5tl4x9oav95yeb****"
    }
  },
  "Resources": {
    "Rule": {
      "Type": "ALIYUN::ALB::Rule",
      "Properties": {
        "RuleActions": [
          {
            "FixedResponseConfig": {
              "Content": "dssacav",
              "ContentType": "text/plain",
              "HttpCode": "200"
            },
            "ForwardGroupConfig": {
              "ServerGroupTuples": [
                {
                  "ServerGroupId": "sgp-46ndzg2wz4v5mp****"
                }
              ]
            },
            "InsertHeaderConfig": {
              "Key": "key",
              "Value": "ClientSrcPort",
              "ValueType": "SystemDefined"
            },
            "Order": 1,
            "RedirectConfig": {
              "Host": "${host}",
              "HttpCode": "301",
              "Path": "/test",
              "Port": "10",
              "Protocol": "HTTP",
              "Query": "quert"
            },
            "RewriteConfig": {
              "Host": "example.com",
              "Path": "/tsdf",
              "Query": "quedsa"
            },
            "Type": "ForwardGroup"
          }
        ],
        "Priority": 10,
        "RuleConditions": [
          {
            "CookieConfig": {
              "Values": [
                {
                  "Key": "test",
                  "Value": "test"
                }
              ]
            },
            "HeaderConfig": {
              "Key": "port",
              "Values": [
                "5006"
              ]
            },
            "HostConfig": {
              "Values": [
                "www.example.com"
              ]
            },
            "MethodConfig": {
              "Values": [
                "PUT"
              ]
            },
            "PathConfig": {
              "Values": [
                "/test"
              ]
            },
            "QueryStringConfig": {
              "Values": [
                {
                  "Key": "test",
                  "Value": "test"
                }
              ]
            },
            "Type": "Host"
          }
        ],
        "RuleName": "MyTestRule",
        "ListenerId": {
          "Ref": "ListenerId"
        }
      }
    }
  },
  "Outputs": {
    "RuleId": {
      "Description": "The ID of the forwarding rules.",
      "Value": {
        "Fn::GetAtt": [
          "Rule",
          "RuleId"
        ]
      }
    }
  }
}