ALIYUN::ALB::SecurityPolicy类型用于创建自定义安全策略。
语法
{
"Type": "ALIYUN::ALB::SecurityPolicy",
"Properties": {
"Ciphers": List,
"ResourceGroupId": String,
"TLSVersions": List,
"SecurityPolicyName": String
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
Ciphers | List | 是 | 是 | 支持的加密套件。 | 取值:
说明 当TLSVersions取值支持Ciphers时,该参数才生效。 |
SecurityPolicyName | String | 是 | 是 | 安全策略名称。 | 长度为2~128个英文或中文字符,必须以大小字母或中文开头,可包含数字、半角句号(.)、下划线(_)和短划线(-)。 |
TLSVersions | List | 是 | 是 | 支持的TLS协议版本。 | 取值:
|
ResourceGroupId | String | 否 | 否 | 资源组ID。 | 无 |
返回值
Fn::GetAtt
SecurityPolicyId:安全策略ID。
示例
YAML格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Ciphers:
Description: 'The supported cipher suites, which are determined by the TLS protocol
version.
The specified cipher suites must be supported by at least one TLS protocol version
that you specify.
Note For example, if you set the TLSVersions parameter to TLSv1.3, you must
specify cipher suites that are supported by TLS 1.3.'
MaxLength: 20
MinLength: 1
Type: Json
SecurityPolicyName:
Description: 'The name of the security policy.
The name must be 2 to 128 characters in length, and can contain letters, digits,
periods
(.), underscores (_), and hyphens (-). The name must start with a letter.'
Type: String
TLSVersions:
Description: 'The supported versions of the Transport Layer Security (TLS) protocol.
Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3 and so on.'
MaxLength: 5
MinLength: 1
Type: Json
Resources:
SecurityPolicy:
Properties:
Ciphers:
Ref: Ciphers
SecurityPolicyName:
Ref: SecurityPolicyName
TLSVersions:
Ref: TLSVersions
Type: ALIYUN::ALB::SecurityPolicy
Outputs:
SecurityPolicyId:
Description: The ID of the security policy.
Value:
Fn::GetAtt:
- SecurityPolicy
- SecurityPolicyIdJSON格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Ciphers": {
"Type": "Json",
"Description": "The supported cipher suites, which are determined by the TLS protocol version.\nThe specified cipher suites must be supported by at least one TLS protocol version that you specify.\nNote For example, if you set the TLSVersions parameter to TLSv1.3, you must specify cipher suites that are supported by TLS 1.3.",
"MinLength": 1,
"MaxLength": 20
},
"TLSVersions": {
"Type": "Json",
"Description": "The supported versions of the Transport Layer Security (TLS) protocol. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3 and so on.",
"MinLength": 1,
"MaxLength": 5
},
"SecurityPolicyName": {
"Type": "String",
"Description": "The name of the security policy.\nThe name must be 2 to 128 characters in length, and can contain letters, digits, periods\n(.), underscores (_), and hyphens (-). The name must start with a letter."
}
},
"Resources": {
"SecurityPolicy": {
"Type": "ALIYUN::ALB::SecurityPolicy",
"Properties": {
"Ciphers": {
"Ref": "Ciphers"
},
"TLSVersions": {
"Ref": "TLSVersions"
},
"SecurityPolicyName": {
"Ref": "SecurityPolicyName"
}
}
}
},
"Outputs": {
"SecurityPolicyId": {
"Description": "The ID of the security policy.",
"Value": {
"Fn::GetAtt": [
"SecurityPolicy",
"SecurityPolicyId"
]
}
}
}
}