ALIYUN::ALB::SecurityPolicy類型用於建立自訂安全性原則。
文法
{
"Type": "ALIYUN::ALB::SecurityPolicy",
"Properties": {
"Ciphers": List,
"ResourceGroupId": String,
"TLSVersions": List,
"SecurityPolicyName": String
}
}屬性
屬性名稱 | 類型 | 必須 | 允許更新 | 描述 | 約束 |
Ciphers | List | 是 | 是 | 支援的加密套件。 | 取值:
說明 當TLSVersions取值支援Ciphers時,該參數才生效。 |
SecurityPolicyName | String | 是 | 是 | 安全性原則名稱。 | 長度為2~128個英文或中文字元,必須以大小字母或中文開頭,可包含數字、半形句號(.)、底線(_)和短劃線(-)。 |
TLSVersions | List | 是 | 是 | 支援的TLS協議版本。 | 取值:
|
ResourceGroupId | String | 否 | 否 | 資源群組ID。 | 無 |
傳回值
Fn::GetAtt
SecurityPolicyId:安全性原則ID。
樣本
YAML格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Ciphers:
Description: 'The supported cipher suites, which are determined by the TLS protocol
version.
The specified cipher suites must be supported by at least one TLS protocol version
that you specify.
Note For example, if you set the TLSVersions parameter to TLSv1.3, you must
specify cipher suites that are supported by TLS 1.3.'
MaxLength: 20
MinLength: 1
Type: Json
SecurityPolicyName:
Description: 'The name of the security policy.
The name must be 2 to 128 characters in length, and can contain letters, digits,
periods
(.), underscores (_), and hyphens (-). The name must start with a letter.'
Type: String
TLSVersions:
Description: 'The supported versions of the Transport Layer Security (TLS) protocol.
Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3 and so on.'
MaxLength: 5
MinLength: 1
Type: Json
Resources:
SecurityPolicy:
Properties:
Ciphers:
Ref: Ciphers
SecurityPolicyName:
Ref: SecurityPolicyName
TLSVersions:
Ref: TLSVersions
Type: ALIYUN::ALB::SecurityPolicy
Outputs:
SecurityPolicyId:
Description: The ID of the security policy.
Value:
Fn::GetAtt:
- SecurityPolicy
- SecurityPolicyIdJSON格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Ciphers": {
"Type": "Json",
"Description": "The supported cipher suites, which are determined by the TLS protocol version.\nThe specified cipher suites must be supported by at least one TLS protocol version that you specify.\nNote For example, if you set the TLSVersions parameter to TLSv1.3, you must specify cipher suites that are supported by TLS 1.3.",
"MinLength": 1,
"MaxLength": 20
},
"TLSVersions": {
"Type": "Json",
"Description": "The supported versions of the Transport Layer Security (TLS) protocol. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3 and so on.",
"MinLength": 1,
"MaxLength": 5
},
"SecurityPolicyName": {
"Type": "String",
"Description": "The name of the security policy.\nThe name must be 2 to 128 characters in length, and can contain letters, digits, periods\n(.), underscores (_), and hyphens (-). The name must start with a letter."
}
},
"Resources": {
"SecurityPolicy": {
"Type": "ALIYUN::ALB::SecurityPolicy",
"Properties": {
"Ciphers": {
"Ref": "Ciphers"
},
"TLSVersions": {
"Ref": "TLSVersions"
},
"SecurityPolicyName": {
"Ref": "SecurityPolicyName"
}
}
}
},
"Outputs": {
"SecurityPolicyId": {
"Description": "The ID of the security policy.",
"Value": {
"Fn::GetAtt": [
"SecurityPolicy",
"SecurityPolicyId"
]
}
}
}
}