All Products
Search

This Product

    Resource Orchestration Service:ALIYUN::DDoSPro::WebRule

    Document Center

    Resource Orchestration Service:ALIYUN::DDoSPro::WebRule

    Last Updated:Aug 12, 2024

    ALIYUN::DDoSPro::WebRule is used to create a forwarding rule for a website.

    Syntax

    {
  "Type": "ALIYUN::DDoSPro::WebRule",
  "Properties": {
    "RsType": Integer,
    "ResourceGroupId": String,
    "DefenseId": String,
    "Domain": String,
    "InstanceIds": List,
    "Rules": String,
    "HttpsExt": String
  }
}

    Properties

    Property

    Type

    Required

    Editable

    Description

    Constraint

    Domain

    String

    Yes

    No

    The domain name of the website that you want to add to Anti-DDoS Proxy.

    None.

    RsType

    Integer

    Yes

    No

    The address type of the origin server.

    Valid values:

    • 0: IP address.

    • 1: domain name. You can use this value if you deploy proxies, such as Web Application Firewall (WAF), between the origin server and the Anti-DDoS Proxy instance. In this case, the value corresponds to the address of the proxy, such as the canonical name (CNAME) provided by WAF.

    Rules

    String

    Yes

    No

    The details of the forwarding rule.

    The value of this property must be a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields:

    • ProxyRules: the information about the origin server, including the port and IP address. This field is required and must be of the JSON array type. Each element in a JSON array is a JSON struct that contains the following fields:

      • ProxyPort: the port that corresponds to the protocol. This field is required and must be of the integer type.

      • RealServers: the IP addresses of the server. This field is required and must be of the string array type.

    • ProxyType: the protocol type. This field is required and must be of the string type. Valid values:

      • http

      • https

      • websocket

      • websockets

    DefenseId

    String

    No

    No

    The defense ID that you want to associate with the forwarding rule.

    None.

    HttpsExt

    String

    No

    No

    The advanced HTTPS settings. This property takes effect only when the value of ProxyType includes https.

    The value of this property must be a string that consists of a JSON struct. The JSON struct contains the following fields:

    • Http2https: specifies whether to enable force HTTPS redirection. This field is optional and must be of the integer type. Valid values:

      • 0 (default): disables force HTTPS redirection.

      • 1: enables force HTTPS redirection. You can use this value if your website supports HTTP and HTTPS. If you use this value, all HTTP requests are forcefully redirected to HTTPS requests on port 443 by default.

    • Https2http: specifies whether to enable HTTP redirection of back-to-origin requests. This field is optional and must be of the integer type. Valid values:

      • 0 (default): disables HTTP redirection of back-to-origin requests.

      • 1: enables HTTP redirection of back-to-origin requests.

        You can use this value if your website does not support HTTPS redirection of back-to-origin requests. If you use this value, all HTTPS requests are redirected to HTTP requests and forwarded to origin servers, and WebSockets requests are redirected to WebSocket requests and forwarded to origin servers. By default, these requests are redirected on port 80.

    • Http2: specifies whether to enable HTTP/2. This field is optional and must be of the integer type. Valid values:

      • 0 (default): disables HTTP/2.

      • 1: enables HTTP/2.

        After you use this value, the protocol type is HTTP/2.

    InstanceIds

    List

    No

    No

    The IDs of the Anti-DDoS Proxy instances that you want to associate with the forwarding rule.

    None.

    ResourceGroupId

    String

    No

    No

    The ID of the resource group to which the Anti-DDoS Proxy instance belongs in Resource Management.

    None.

    Return values

    Fn::GetAtt

    Domain: the domain name of the website that is added to Anti-DDoS Proxy.

    Examples

    YAML format

    ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  RsType:
    Type: Number
    Description:
      en: |-
        The address type of the origin server. Valid values:
        0: IP address
        1: domain name The domain name of the origin server is returned if you deploy proxies, such as Web Application Firewall (WAF), between the origin server and the instance. In this case, the address of the proxy, such as the CNAME provided by WAF, is returned.
    Required: true
  Domain:
    Type: String
    Description:
      en: The domain name of the website that you want to add to the instance.
    Required: true
  Rules:
    Type: String
    Description:
      en: |-
        The details of the forwarding rule. The value is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields: 
        ProxyRules: the information about the origin server. The information includes the port number and IP address. This field is required and must be a JSON array. Each element in a JSON array is a JSON struct that contains the following fields: ProxyPort: the port number. This field is required and must be an integer; RealServers: the IP address. This field is required and must be a string array.
        ProxyType: the protocol type. This field is required and must be a string. Valid values: http, https, websocket, and websockets.
    Required: true
Resources:
  ExtensionResource:
    Type: ALIYUN::DDoSPro::WebRule
    Properties:
      RsType:
        Ref: RsType
      Domain:
        Ref: Domain
      Rules:
        Ref: Rules
Outputs:
  Domain:
    Description: The domain name of the website that you want to add to the instance.
    Value:
      Fn::GetAtt:
        - ExtensionResource
        - Domain

    JSON format

    {
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "RsType": {
      "Type": "Number",
      "Description": {
        "en": "The address type of the origin server. Valid values:\n0: IP address\n1: domain name The domain name of the origin server is returned if you deploy proxies, such as Web Application Firewall (WAF), between the origin server and the instance. In this case, the address of the proxy, such as the CNAME provided by WAF, is returned."
      },
      "Required": true
    },
    "Domain": {
      "Type": "String",
      "Description": {
        "en": "The domain name of the website that you want to add to the instance."
      },
      "Required": true
    },
    "Rules": {
      "Type": "String",
      "Description": {
        "en": "The details of the forwarding rule. The value is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields: \nProxyRules: the information about the origin server. The information includes the port number and IP address. This field is required and must be a JSON array. Each element in a JSON array is a JSON struct that contains the following fields: ProxyPort: the port number. This field is required and must be an integer; RealServers: the IP address. This field is required and must be a string array.\nProxyType: the protocol type. This field is required and must be a string. Valid values: http, https, websocket, and websockets."
      },
      "Required": true
    }
  },
  "Resources": {
    "ExtensionResource": {
      "Type": "ALIYUN::DDoSPro::WebRule",
      "Properties": {
        "RsType": {
          "Ref": "RsType"
        },
        "Domain": {
          "Ref": "Domain"
        },
        "Rules": {
          "Ref": "Rules"
        }
      }
    }
  },
  "Outputs": {
    "Domain": {
      "Description": "The domain name of the website that you want to add to the instance.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "Domain"
        ]
      }
    }
  }
}