ALIYUN::ThreatDetection::Instance is used to purchase Security Center (SAS).
Syntax
{
"Type": "ALIYUN::ThreatDetection::Instance",
"Properties": {
"ThreatAnalysis": String,
"SasSlsStorage": String,
"ContainerImageScan": String,
"ThreatAnalysisSwitch": String,
"VCore": String,
"RenewPeriod": Integer,
"SasSc": String,
"SasCspmSwitch": String,
"BuyNumber": String,
"SasWebguardBoolean": String,
"HoneypotSwitch": String,
"PaymentType": String,
"SasSdk": String,
"SasAntiRansomware": String,
"SasWebguardOrderNum": String,
"RenewalStatus": String,
"ProductType": String,
"VulSwitch": String,
"Period": Integer,
"RaspCount": String,
"VulCount": String,
"VersionCode": String,
"ModifyType": String,
"SasCspm": String,
"SasSdkSwitch": String,
"RenewalPeriodUnit": String,
"ContainerImageScanNew": String,
"Honeypot": String
}
}
Properties
Property | Type | Required | Editable | Description | Constraint |
ThreatAnalysis | String | No | Yes | The log storage capacity for threat analysis. | Valid values: 0 to 9999999999. Note You can purchase the capacity only when ThreatAnalysisSwitch is set to 1. The value of ThreatAnalysis has a step size of 10 and must be a multiple of 10. |
SasSlsStorage | String | No | Yes | The log storage capacity for log analysis. | Unit: GB. Valid values: 0 to 600000. Note The value has a step size of 10 and must be a multiple of 10. |
ContainerImageScan | String | No | Yes | The container image scan feature. | Valid values: 0 to 200000. Note The value has a step size of 20 and must be a multiple of 20. |
ThreatAnalysisSwitch | String | No | Yes | Specifies whether to enable the threat analysis feature. | Valid values:
|
VCore | String | No | Yes | The number of vCPUs. | None. |
RenewPeriod | Integer | No | Yes | The auto-renewal period. | Unit: month. Note This property must be specified when RenewalStatus is set to AutoRenewal. |
SasSc | String | No | Yes | Specifies whether to enable the security dashboard feature. | Valid values:
|
SasCspmSwitch | String | No | Yes | Specifies whether to enable the configuration assessment feature. | Valid values:
|
BuyNumber | String | No | Yes | The number of servers that you want to protect by using SAS. | None. |
SasWebguardBoolean | String | No | Yes | Specifies whether to enable the feature of web tamper proofing. | Valid values:
|
HoneypotSwitch | String | No | Yes | Specifies whether to enable the cloud honeypot feature. | Valid values:
|
PaymentType | String | Yes | No | The billing method. |
|
SasSdk | String | No | Yes | The quota for the feature of SDK for malicious file detection. | Unit: 10,000 times. Valid values: 10 to 9999999999. Note You can purchase the quota only when SasSdkSwitch is set to 1. The value of SasSdk has a step size of 10 and must be a multiple of 10. |
SasAntiRansomware | String | No | Yes | The anti-ransomware capacity. | Unit: GB. Valid values: 0 to 9999999999. Note The value has a step size of 10 and must be a multiple of 10. |
SasWebguardOrderNum | String | No | Yes | The quota for the feature of web tamper proofing. | Valid values: 0 to 9999. Note You can purchase the quota only when SasWebguardBoolean is set to 1. |
RenewalStatus | String | No | Yes | The auto-renewal state. | Valid values:
|
ProductType | String | No | No | The product type. | Set the value to sas on the China site (aliyun.com). You can leave this property empty on the international site (alibabacloud.com). |
VulSwitch | String | No | Yes | Specifies whether to enable the vulnerability fixing feature. | Valid values:
|
Period | Integer | No | No | The subscription duration. | Unit: month. The value must be an integral multiple of 12. Note This property must be specified when you use the subscription billing method for SAS. |
RaspCount | String | No | Yes | The quota for the application protection feature. | Valid values: 1 to 100000000. |
VulCount | String | No | Yes | The quota for the vulnerability fixing feature. | Valid values: 20 to 100000000. Note You can purchase the quota only when VulSwitch is set to 1 and VersionCode is set to level7 or level10. When VulSwitch is set to 1 but VersionCode is set to a different value, you do not need to separately purchase the quota because it is contained in other versions. |
VersionCode | String | Yes | Yes | The edition of SAS. | Valid values:
|
ModifyType | String | No | No | The specification change type. | Valid values:
|
SasCspm | String | No | Yes | The quota for the configuration assessment feature. | Valid values: 1000 to 9999999999. Note You can purchase the quota only when SasCspmSwitch is set to 1. The value of SasCspm has a step size of 100 and must be a multiple of 10. |
SasSdkSwitch | String | No | Yes | Specifies whether to enable the feature of SDK for malicious file detection. | Valid values:
|
RenewalPeriodUnit | String | No | Yes | The unit of the auto-renewal period. | Valid values:
Note This property must be specified when RenewalStatus is set to AutoRenewal. |
ContainerImageScanNew | String | No | Yes | The quota for the container image scan feature. | Valid values: 0 to 200000. Note The value has a step size of 20 and must be a multiple of 20. |
Honeypot | String | No | Yes | The quota for the cloud honeypot feature. | Valid values: 20 to 500. Note The value must be at least 20. You can purchase the quota only when HoneypotSwitch is set to 1. |
Return values
Fn::GetAtt
ThreatAnalysis: the log storage capacity for threat analysis.
SasSlsStorage: the log storage capacity for log analysis.
ContainerImageScan: the container image scan feature.
ThreatAnalysisSwitch: indicates whether the threat analysis feature is enabled.
VCore: the number of vCPUs.
RenewPeriod: the auto-renewal period.
SasSc: indicates whether the security dashboard feature is enabled.
SasCspmSwitch: indicates whether the configuration assessment feature is enabled.
BuyNumber: the number of servers that are protected by using SAS.
SasWebguardBoolean: indicates whether the feature of web tamper proofing is enabled.
HoneypotSwitch: indicates whether the cloud honeypot feature is enabled.
PaymentType: the billing method.
SasSdk: the quota for the feature of SDK for malicious file detection.
SasAntiRansomware: the anti-ransomware capacity.
InstanceId: the ID of purchased SAS.
SasWebguardOrderNum: the quota for the feature of web tamper proofing.
CreateTime: the time when SAS was created.
RenewalStatus: the auto-renewal state.
VulSwitch: indicates whether the vulnerability fixing feature is enabled.
RaspCount: the quota for the application protection feature.
VulCount: the quota for the vulnerability fixing feature.
VersionCode: the edition of SAS.
SasCspm: the quota for the configuration assessment feature.
SasSdkSwitch: indicates whether the feature of SDK for malicious file detection is enabled.
RenewalPeriodUnit: the unit of the auto-renewal period.
ContainerImageScanNew: the quota for the container image scan feature.
Honeypot: the quota for the cloud honeypot feature.