ALIYUN::ThreatDetection::AntiBruteForceRule is used to create a defense rule against brute-force attacks.
Syntax
{
"Type": "ALIYUN::ThreatDetection::AntiBruteForceRule",
"Properties": {
"DefaultRule": Boolean,
"AntiBruteForceRuleName": String,
"ForbiddenTime": Integer,
"UuidList": List,
"FailCount": Integer,
"Span": Integer
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
DefaultRule | Boolean | No | Yes | Specifies whether to set the defense rule as the default rule. | Valid values:
Note If no defense rule is associated with an asset, the default rule is applied to the asset. |
AntiBruteForceRuleName | String | Yes | Yes | The name of the defense rule. | None. |
ForbiddenTime | Integer | Yes | Yes | The period of time during which logons from an account are not allowed. | Valid values:
|
UuidList | List | Yes | Yes | The UUIDs of the servers to which you want to apply the defense rule. | None. |
FailCount | Integer | Yes | Yes | The maximum number of failed logon attempts from an account. |
Valid values: 2, 3, 4, 5, 10, 50, 80, and 100. |
Span | Integer | Yes | Yes | The maximum period of time during which failed logon attempts from an account can occur. | Unit: minutes. Valid values:
Note To configure a defense rule, you must configure Span, FailCount, and ForbiddenTime. If the number of failed logon attempts from an account within the minutes specified by Span exceeds the value specified by FailCount, the account cannot be used for logons within the minutes specified by ForbiddenTime. |
Return values
Fn::GetAtt
DefaultRule: indicates whether the defense rule is set as the default rule.
AntiBruteForceRuleName: the name of the defense rule.
ForbiddenTime: the period of time during which logons from an account are not allowed.
AntiBruteForceRuleId: the ID of the defense rule.
UuidList: the UUIDs of the servers to which the defense rule is applied.
FailCount: the maximum number of failed logon attempts from an account.
Span: the maximum period of time during which failed logon attempts from an account can occur.