All Products
Search
Document Center

Resource Orchestration Service:ALIYUN::SAS::Instance

更新時間:Apr 15, 2024

ALIYUN::SAS::Instance is used to purchase Security Center.

Syntax

{
  "Type": "ALIYUN::SAS::Instance",
  "Properties": {
    "QuotaForApplicationProtection": Integer,
    "ThreatAnalysis": Boolean,
    "QuotaForMaliciousFileDetectionSDK": Integer,
    "ContainerImageScan": Integer,
    "ThreatAnalysisLogStorageCapacity": Integer,
    "AutoRenew": Boolean,
    "MaliciousFileDetectionSDK": Boolean,
    "VCore": Integer,
    "Period": Integer,
    "VulnerabilityFixing": Boolean,
    "QuotaForCloudHoneypot": Integer,
    "QuotaForWebTamperProofing": Integer,
    "AutoPay": Boolean,
    "Edition": String,
    "ConfigurationAssessment": Boolean,
    "LogAnalysis": Integer,
    "ProtectedServers": Integer,
    "CloudHoneypot": Boolean,
    "WebTamperProtection": Boolean,
    "QuotaForConfigurationAssessment": Integer,
    "QuotaForVulnerabilityFixing": Integer,
    "AntiRansomware": Integer,
    "PeriodUnit": String
  }
}

Properties

Property

Type

Required

Editable

Description

Constraint

QuotaForApplicationProtection

Integer

No

No

The quota for the application protection feature.

You can use the feature to identify and block attacks on applications during application runtime and provide self-protection. We recommend that you set the quota for the application protection feature to the number of application processes that you want to protect each month on your hosts. A larger quota provides protection at a lower unit price. For more information, see Billing overview.

ThreatAnalysis

Boolean

No

No

Specifies whether to enable the threat analysis feature.

The feature can detect and handle the security events of multiple cloud services, such as Cloud Firewall and Virtual Private Cloud (VPC), across multiple Alibaba Cloud accounts. This helps improve the operational efficiency of events.

If you purchased the log storage capacity for the log analysis feature, we recommend that you set the Log Storage Capacity of Threat Analysis parameter to a value that is three times the purchased log storage capacity. The threat analysis feature stores the logs of multiple Alibaba Cloud accounts and cloud services that are added. Therefore, you must purchase sufficient log storage capacity for threat analysis.

QuotaForMaliciousFileDetectionSDK

Integer

No

No

The quota for the feature of SDK for malicious file detection.

The feature uses a large number of file libraries in the cloud and a multi-architecture detection engine to detect webshell files, malicious scripts, binary programs, and macro viruses in a precise manner. The feature can also detect multiple malicious files at a time in various scenarios.

ContainerImageScan

Integer

No

No

The container image scan feature.

This is a value-added feature. If you set the quota for the container image scan feature to a value greater than 0, the feature is automatically purchased. We recommend that you set the quota for the container image scan feature to the number of images for which you want to detect container vulnerabilities each month. Security Center identifies an image based on a unique digest value. If the digest value of an image is not changed, the quota for the container image scan feature is deducted by one only for the first scan. If the digest value of an image is changed, the quota for the container image scan feature is deducted each time the image is scanned. For example, if you want to scan 10 images and the images are estimated to be updated 20 times within the validity period of Security Center, you must set the quota for the container image scan feature to 30. The value 30 indicates that the quota for the container image scan feature equals the number of images that you want to scan plus the estimated total number of times the images are updated. The number 20 indicates that the digest values of the images are estimated to be changed 20 times.

This property is available only when you use the Advanced, Enterprise, Ultimate, or Value-added Plan edition.

ThreatAnalysisLogStorageCapacity

Integer

No

No

The log storage capacity for the threat analysis feature.

None.

AutoRenew

Boolean

No

No

Specifies whether to enable auto-renewal if Security Center uses the subscription billing method.

Valid values:

  • true

  • false (default)

Note

The auto-renewal cycle varies based on the unit of the subscription duration. If you purchase Security Center on a yearly basis, the auto-renewal cycle is one year. For example, if you select Auto-renewal and purchase a two-year subscription, the auto-renewal cycle is one year.

MaliciousFileDetectionSDK

Boolean

No

No

Specifies whether to enable the feature of SDK for malicious file detection.

We recommend that you set the quota for the feature of SDK for malicious file detection to the number of files that you want to detect each month.

The feature uses a large number of file libraries in the cloud and a multi-architecture detection engine to detect webshell files, malicious scripts, binary programs, and macro viruses in a precise manner. The feature can also detect multiple malicious files at a time in various scenarios.

VCore

Integer

No

No

The number of cores of servers that you want to protect by using Security Center.

The default value indicates the minimum number of cores that you must purchase.

This property is required only when you use the Anti-virus or Ultimate edition.

Period

Integer

Yes

No

The subscription duration.

  • Valid values when PeriodUnit is set to Month: 1, 2, and 6.

  • Valid values when PeriodUnit is set to Year: 1 to 3.

VulnerabilityFixing

Boolean

No

No

Specifies whether to enable the vulnerability fixing feature.

This property is required only when you use the Anti-virus or Value-added Plan edition. You can use the feature to fix Linux software vulnerabilities and Windows system vulnerabilities that are detected on your servers with a few clicks. We recommend that you set the quota for the vulnerability fixing feature to the total number of vulnerabilities that you want to fix each month.

Note
  • If you want to fix a large number of vulnerabilities, we recommend that you purchase the Advanced, Enterprise, or Ultimate edition. These editions provide an unlimited quota for vulnerability fixing.

  • If you want to fix a small number of vulnerabilities, you can purchase the vulnerability fixing feature based on the pay-as-you-go billing method. If you want to purchase the vulnerability fixing feature based on the pay-as-you-go billing method, go to the Vulnerabilities page in the Security Center console and click Purchase. Pay-as-you-go bills are not affected by the subscription duration of your Security Center. You can use pay-as-you-go resources before you pay for them.

QuotaForCloudHoneypot

Integer

No

No

The quota for the cloud honeypot feature.

None.

QuotaForWebTamperProofing

Integer

No

No

The quota for the web tamper proofing feature.

The feature monitors web directories in real time and can restore files or directories that are tampered with based on backups. This prevents important website information from being tampered with.

AutoPay

Boolean

No

No

Specifies whether to enable automatic payment.

Valid values:

  • true (default)

  • false

Edition

String

No

No

The edition.

Valid values:

  • Anti-virus

  • Advanced

  • Enterprise

  • Ultimate

ConfigurationAssessment

Boolean

No

No

Specifies whether to enable the configuration assessment feature.

The feature detects configuration errors and security risks of cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks. This ensures security of the running environment of your cloud services.  

LogAnalysis

Integer

No

No

Specifies whether to enable the log analysis feature.

This is a value-added feature. If you set the log storage capacity for the log analysis feature to a value greater than 0, the feature is automatically purchased. The unit of the log storage capacity is GB. The log analysis feature retrieves data from all logs, including host, network, and security logs. This allows you to trace and analyze security events.

Note

The Enterprise and Ultimate editions of Security Center support 16 types of logs. The Anti-virus and Advanced editions of Security Center support only 12 subtypes of host logs and security logs, but do not support network logs.

ProtectedServers

Integer

No

No

The number of servers that you want to protect by using Security Center.

The default value is the number of Elastic Compute Service (ECS) instances plus the number of third-party servers on which the Security Center agent is installed within your account. If you want to increase the number of servers to be protected during the subscription, we recommend that you set this property to the estimated total number of servers to be protected within your account. You do not need to specify this property when you use the Anti-virus or Value-added Plan edition.

CloudHoneypot

Boolean

No

No

Specifies whether to enable the cloud honeypot feature.

The feature can capture attacks at the earliest opportunity. You can use this feature to detect attacks and protect your core assets in an efficient manner in attack and defense scenarios.

WebTamperProtection

Boolean

No

No

Specifies whether to enable the web tamper proofing feature.

The feature monitors web directories in real time and can restore files or directories that are tampered with based on backups. This prevents important website information from being tampered with.

QuotaForConfigurationAssessment

Integer

No

No

The quota for the configuration assessment feature.

None.

QuotaForVulnerabilityFixing

Integer

No

No

The quota for the vulnerability fixing feature.

You must specify this property based on the total number of vulnerabilities that you want to fix each month. The quota indicates the total number of vulnerabilities that you want to fix on all servers each month, regardless of the vulnerability names. For example, if you use Security Center on 10 servers to fix the same vulnerability, the quota is deducted by 10.  

AntiRansomware

Integer

No

No

The anti-ransomware feature.

Security Center provides a comprehensive anti-ransomware solution to protect your business. We recommend that you set the quota for the anti-ransomware feature to 50. The unit of the quota is GB.  

PeriodUnit

String

Yes

No

The unit of the subscription duration.

Valid values:

  • Month

  • Year

Return values

Fn::GetAtt

InstanceId: the instance ID.

Examples

  • YAML format

    ROSTemplateFormatVersion: '2015-09-01'
    Parameters:
      AntiRansomware:
        Description:
          en: Security Center provides a comprehensive anti-ransomware solution to protect
            your business. We recommend that you configure a data protection capacity
            of 50GB for each server.
        Required: false
        Type: Number
      AutoPay:
        Default: true
        Description:
          en: 'Whether to auto pay the bill.Default: True'
        Required: false
        Type: Boolean
      AutoRenew:
        Default: false
        Description:
          en: 'Whether to auto renew the prepay instance.Default: False'
        Required: false
        Type: Boolean
      CloudHoneypot:
        Description:
          en: The cloud honeypot feature can capture attacks in a timely and efficient
            manner. You can use the feature to protect your core assets and detect attacks
            in attack and defense scenarios.
        Required: false
        Type: Boolean
      ConfigurationAssessment:
        Description:
          en: 'The configuration assessment feature detects configuration errors and security
            risks on cloud services from the following dimensions: identity and permission
            management, security risks in Alibaba Cloud services, and compliance risks.This
            ensures the security of the running environment of your cloud services.'
        Required: false
        Type: Boolean
      ContainerImageScan:
        Description:
          en: Security Center provides the container image scan feature to protect containers.
            Security Center can detect CVEs, application vulnerabilities, viruses, and
            malicious samples and allows you to handle the detected risks. You can configure
            this parameter based on the number of images or digests. For example, if the
            number of images or digests that are updated in the previous day is 10, you
            can set this parameter to 300 for a monthly subscription or to 3650 for a
            yearly subscription. This is more cost-effective.
        Required: false
        Type: Number
      Edition:
        AllowedValues:
        - Anti-virus
        - Advanced
        - Enterprise
        - Ultimate
        Description:
          en: The version of Security center.
        Required: false
        Type: String
      LogAnalysis:
        Description:
          en: In response to the requirements of the network security law, which requires
            logs to be stored for at least 180 days, we recommend that you configure a
            40GB log storage each server. Log analysis supports multi-dimensional security
            logs of cloud assets, out-of-the-box reports, and powerful SQL syntax analysis,
            so as to monitor business status, troubleshoot attacks, security operations
            such as traceability and positioning are easier.
        Required: false
        Type: Number
      MaliciousFileDetectionSDK:
        Description:
          en: 'The configuration assessment feature detects configuration errors and security
            risks on cloud services from the following dimensions: identity and permission
            management, security risks in Alibaba Cloud services, and compliance risks.
            This ensures the security of the running environment of your cloud services.'
        Required: false
        Type: Boolean
      Period:
        AllowedValues:
        - 1
        - 2
        - 3
        - 6
        AssociationProperty: PayPeriod
        Description:
          en: 'The subscription period of the firewallIf PeriodUnit is month, the valid
            range is 1, 3, 6
    
            If periodUnit is year, the valid range is 1, 2, 3'
        Required: true
        Type: Number
      PeriodUnit:
        AllowedValues:
        - Month
        - Year
        AssociationProperty: PayPeriodUnit
        Description:
          en: 'The unit of the subscription duration. Valid values:
    
            Month
    
            Year
    
            '
        Required: true
        Type: String
      ProtectedServers:
        Description:
          en: Authorization is the same as the number of servers you have.
        Required: false
        Type: Number
      QuotaForApplicationProtection:
        Description:
          en: The application protection feature can detect attacks on applications and
            provide self-protection during application runtime. The feature supports simple
            and convenient O&M and can effectively defend against zero-day and OWASP Top
            vulnerabilities. The feature is a value-added feature. You are charged based
            on the number of assets on which the RASP agent is installed. You must configure
            protection policies after you purchase the feature.
        Required: false
        Type: Number
      QuotaForCloudHoneypot:
        Required: false
        Type: Number
      QuotaForConfigurationAssessment:
        Required: false
        Type: Number
      QuotaForMaliciousFileDetectionSDK:
        Required: false
        Type: Number
      QuotaForVulnerabilityFixing:
        Description:
          en: Specify the quota for vulnerability fixing based on the number of vulnerabilities
            that you want to fix each month. The quota is equal to the total number of
            vulnerabilities that you want to fix on all servers regardless of the vulnerability
            names. For example, if you use Security Center to fix the same vulnerability
            on 10 servers, the quota is deducted by 10.
        Required: false
        Type: Number
      QuotaForWebTamperProofing:
        Required: false
        Type: Number
      ThreatAnalysis:
        Description:
          en: 'The threat analysis feature allows you to handle alerts that are generated
            for assets in the cloud within different accounts and assets of multiple cloud
            services in a centralized manner. The feature also allows you to handle risks
            with a few clicks. The feature provides automatic orchestration and response
            capabilities. '
        Required: false
        Type: Boolean
      ThreatAnalysisLogStorageCapacity:
        Required: false
        Type: Number
      VCore:
        Description:
          en: This parameter indicates the number of server vCPUs.
        Required: false
        Type: Number
      VulnerabilityFixing:
        Description:
          en: The vulnerability fixing feature allows you to fix system vulnerabilities
            with a few clicks. This improves O&M efficiency. You can separately purchase
            the vulnerability fixing feature. You are charged based on the number of times
            that you perform vulnerability fixing.
        Required: false
        Type: Boolean
      WebTamperProtection:
        Description:
          en: To ensure that the website information of important systems is not maliciously
            tampered with, there are bad content such as hanging horses, black chains,
            illegal implantation of terrorist threats, pornography, etc.
        Required: false
        Type: Boolean
    Resources:
      Instance:
        Properties:
          AntiRansomware:
            Ref: AntiRansomware
          AutoPay:
            Ref: AutoPay
          AutoRenew:
            Ref: AutoRenew
          CloudHoneypot:
            Ref: CloudHoneypot
          ConfigurationAssessment:
            Ref: ConfigurationAssessment
          ContainerImageScan:
            Ref: ContainerImageScan
          Edition:
            Ref: Edition
          LogAnalysis:
            Ref: LogAnalysis
          MaliciousFileDetectionSDK:
            Ref: MaliciousFileDetectionSDK
          Period:
            Ref: Period
          PeriodUnit:
            Ref: PeriodUnit
          ProtectedServers:
            Ref: ProtectedServers
          QuotaForApplicationProtection:
            Ref: QuotaForApplicationProtection
          QuotaForCloudHoneypot:
            Ref: QuotaForCloudHoneypot
          QuotaForConfigurationAssessment:
            Ref: QuotaForConfigurationAssessment
          QuotaForMaliciousFileDetectionSDK:
            Ref: QuotaForMaliciousFileDetectionSDK
          QuotaForVulnerabilityFixing:
            Ref: QuotaForVulnerabilityFixing
          QuotaForWebTamperProofing:
            Ref: QuotaForWebTamperProofing
          ThreatAnalysis:
            Ref: ThreatAnalysis
          ThreatAnalysisLogStorageCapacity:
            Ref: ThreatAnalysisLogStorageCapacity
          VCore:
            Ref: VCore
          VulnerabilityFixing:
            Ref: VulnerabilityFixing
          WebTamperProtection:
            Ref: WebTamperProtection
        Type: ALIYUN::SAS::Instance
    Outputs:
      InstanceId:
        Description: Instance Id.
        Value:
          Fn::GetAtt:
          - Instance
          - InstanceId
                            
  • JSON format

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Parameters": {
        "QuotaForApplicationProtection": {
          "Type": "Number",
          "Description": {
            "en": "The application protection feature can detect attacks on applications and provide self-protection during application runtime. The feature supports simple and convenient O&M and can effectively defend against zero-day and OWASP Top vulnerabilities. The feature is a value-added feature. You are charged based on the number of assets on which the RASP agent is installed. You must configure protection policies after you purchase the feature."
          },
          "Required": false
        },
        "ThreatAnalysis": {
          "Type": "Boolean",
          "Description": {
            "en": "The threat analysis feature allows you to handle alerts that are generated for assets in the cloud within different accounts and assets of multiple cloud services in a centralized manner. The feature also allows you to handle risks with a few clicks. The feature provides automatic orchestration and response capabilities. "
          },
          "Required": false
        },
        "QuotaForMaliciousFileDetectionSDK": {
          "Type": "Number",
          "Required": false
        },
        "ContainerImageScan": {
          "Type": "Number",
          "Description": {
            "en": "Security Center provides the container image scan feature to protect containers. Security Center can detect CVEs, application vulnerabilities, viruses, and malicious samples and allows you to handle the detected risks. You can configure this parameter based on the number of images or digests. For example, if the number of images or digests that are updated in the previous day is 10, you can set this parameter to 300 for a monthly subscription or to 3650 for a yearly subscription. This is more cost-effective."
          },
          "Required": false
        },
        "ThreatAnalysisLogStorageCapacity": {
          "Type": "Number",
          "Required": false
        },
        "AutoRenew": {
          "Type": "Boolean",
          "Description": {
            "en": "Whether to auto renew the prepay instance.Default: False"
          },
          "Required": false,
          "Default": false
        },
        "MaliciousFileDetectionSDK": {
          "Type": "Boolean",
          "Description": {
            "en": "The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks. This ensures the security of the running environment of your cloud services."
          },
          "Required": false
        },
        "VCore": {
          "Type": "Number",
          "Description": {
            "en": "This parameter indicates the number of server vCPUs."
          },
          "Required": false
        },
        "Period": {
          "AssociationProperty": "PayPeriod",
          "Type": "Number",
          "Description": {
            "en": "The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6\nIf periodUnit is year, the valid range is 1, 2, 3"
          },
          "AllowedValues": [
            1,
            2,
            3,
            6
          ],
          "Required": true
        },
        "VulnerabilityFixing": {
          "Type": "Boolean",
          "Description": {
            "en": "The vulnerability fixing feature allows you to fix system vulnerabilities with a few clicks. This improves O&M efficiency. You can separately purchase the vulnerability fixing feature. You are charged based on the number of times that you perform vulnerability fixing."
          },
          "Required": false
        },
        "QuotaForCloudHoneypot": {
          "Type": "Number",
          "Required": false
        },
        "QuotaForWebTamperProofing": {
          "Type": "Number",
          "Required": false
        },
        "AutoPay": {
          "Type": "Boolean",
          "Description": {
            "en": "Whether to auto pay the bill.Default: True"
          },
          "Required": false,
          "Default": true
        },
        "Edition": {
          "Type": "String",
          "Description": {
            "en": "The version of Security center."
          },
          "AllowedValues": [
            "Anti-virus",
            "Advanced",
            "Enterprise",
            "Ultimate"
          ],
          "Required": false
        },
        "ConfigurationAssessment": {
          "Type": "Boolean",
          "Description": {
            "en": "The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks. This ensures the security of the running environment of your cloud services."
          },
          "Required": false
        },
        "LogAnalysis": {
          "Type": "Number",
          "Description": {
            "en": "In response to the requirements of the network security law, which requires logs to be stored for at least 180 days, we recommend that you configure a 40GB log storage each server. Log analysis supports multi-dimensional security logs of cloud assets, out-of-the-box reports, and powerful SQL syntax analysis, so as to monitor business status, troubleshoot attacks, security operations such as traceability and positioning are easier."
          },
          "Required": false
        },
        "ProtectedServers": {
          "Type": "Number",
          "Description": {
            "en": "Authorization is the same as the number of servers you have."
          },
          "Required": false
        },
        "CloudHoneypot": {
          "Type": "Boolean",
          "Description": {
            "en": "The cloud honeypot feature can capture attacks in a timely and efficient manner. You can use the feature to protect your core assets and detect attacks in attack and defense scenarios."
          },
          "Required": false
        },
        "WebTamperProtection": {
          "Type": "Boolean",
          "Description": {
            "en": "To ensure that the website information of important systems is not maliciously tampered with, there are bad content such as hanging horses, black chains, illegal implantation of terrorist threats, pornography, etc."
          },
          "Required": false
        },
        "QuotaForConfigurationAssessment": {
          "Type": "Number",
          "Required": false
        },
        "QuotaForVulnerabilityFixing": {
          "Type": "Number",
          "Description": {
            "en": "Specify the quota for vulnerability fixing based on the number of vulnerabilities that you want to fix each month. The quota is equal to the total number of vulnerabilities that you want to fix on all servers regardless of the vulnerability names. For example, if you use Security Center to fix the same vulnerability on 10 servers, the quota is deducted by 10."
          },
          "Required": false
        },
        "AntiRansomware": {
          "Type": "Number",
          "Description": {
            "en": "Security Center provides a comprehensive anti-ransomware solution to protect your business. We recommend that you configure a data protection capacity of 50GB for each server."
          },
          "Required": false
        },
        "PeriodUnit": {
          "AssociationProperty": "PayPeriodUnit",
          "Type": "String",
          "Description": {
            "en": "The unit of the subscription duration. Valid values:\nMonth\nYear\n"
          },
          "AllowedValues": [
            "Month",
            "Year"
          ],
          "Required": true
        }
      },
      "Resources": {
        "Instance": {
          "Type": "ALIYUN::SAS::Instance",
          "Properties": {
            "QuotaForApplicationProtection": {
              "Ref": "QuotaForApplicationProtection"
            },
            "ThreatAnalysis": {
              "Ref": "ThreatAnalysis"
            },
            "QuotaForMaliciousFileDetectionSDK": {
              "Ref": "QuotaForMaliciousFileDetectionSDK"
            },
            "ContainerImageScan": {
              "Ref": "ContainerImageScan"
            },
            "ThreatAnalysisLogStorageCapacity": {
              "Ref": "ThreatAnalysisLogStorageCapacity"
            },
            "AutoRenew": {
              "Ref": "AutoRenew"
            },
            "MaliciousFileDetectionSDK": {
              "Ref": "MaliciousFileDetectionSDK"
            },
            "VCore": {
              "Ref": "VCore"
            },
            "Period": {
              "Ref": "Period"
            },
            "VulnerabilityFixing": {
              "Ref": "VulnerabilityFixing"
            },
            "QuotaForCloudHoneypot": {
              "Ref": "QuotaForCloudHoneypot"
            },
            "QuotaForWebTamperProofing": {
              "Ref": "QuotaForWebTamperProofing"
            },
            "AutoPay": {
              "Ref": "AutoPay"
            },
            "Edition": {
              "Ref": "Edition"
            },
            "ConfigurationAssessment": {
              "Ref": "ConfigurationAssessment"
            },
            "LogAnalysis": {
              "Ref": "LogAnalysis"
            },
            "ProtectedServers": {
              "Ref": "ProtectedServers"
            },
            "CloudHoneypot": {
              "Ref": "CloudHoneypot"
            },
            "WebTamperProtection": {
              "Ref": "WebTamperProtection"
            },
            "QuotaForConfigurationAssessment": {
              "Ref": "QuotaForConfigurationAssessment"
            },
            "QuotaForVulnerabilityFixing": {
              "Ref": "QuotaForVulnerabilityFixing"
            },
            "AntiRansomware": {
              "Ref": "AntiRansomware"
            },
            "PeriodUnit": {
              "Ref": "PeriodUnit"
            }
          }
        }
      },
      "Outputs": {
        "InstanceId": {
          "Description": "Instance Id.",
          "Value": {
            "Fn::GetAtt": [
              "Instance",
              "InstanceId"
            ]
          }
        }
      }
    }