ALIYUN::WAF::DomainConfig类型用于添加域名配置信息。
语法
{
"Type": "ALIYUN::WAF::DomainConfig",
"Properties": {
"HttpToUserIp": Integer,
"Domain": String,
"SourceIps": String,
"InstanceId": String,
"Region": String,
"HttpPort": String,
"LoadBalancing": Integer,
"HttpsPort": String,
"RsType": Integer,
"IsAccessProduct": Integer,
"HttpsRedirect": Integer,
"Protocols": String
}
}属性
| 属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
|---|---|---|---|---|---|
| HttpToUserIp | Integer | 否 | 是 | 是否开启HTTPS访问请求通过HTTP协议转发回源站。
说明 如果您的网站不支持HTTPS回源,开启HTTP回源(默认回源端口是80端口)功能项,即可通过WAF实现HTTPS访问。
|
取值:
|
| Domain | String | 是 | 否 | 域名名称。 | 无 |
| SourceIps | String | 否 | 是 | 源站IP,支持指定多个IP。示例:["1.1.1.1", "10.0.0.0"]。
|
无 |
| InstanceId | String | 是 | 否 | Web应用防火墙实例ID。 | 无 |
| Region | String | 否 | 是 | Web应用防火墙实例所在的地域。 | 取值:
|
| HttpPort | String | 否 | 是 | HTTP协议配置的端口。指定多个HTTP端口时,使用英文逗号(,)进行分隔。示例值:[80, 8000]。
|
配置协议为HTTP时,该参数为必填项。默认值为80。HttpPort与HttpsPort两个请求参数至少需要填写一个。 |
| LoadBalancing | Integer | 否 | 是 | 回源负载均衡策略。 | 取值:
|
| HttpsPort | String | 否 | 是 | HTTPS协议配置的端口。指定多个HTTPS端口时,使用英文逗号(,)进行分隔。示例值:[443]。
|
配置协议为HTTPS时,该参数为必填项。默认值为443。HttpPort与HttpsPort两个请求参数至少需要填写一个。 |
| RsType | Integer | 否 | 否 | 该域名的回源地址类型。 | 取值:
|
| IsAccessProduct | Integer | 是 | 否 | 该域名在WAF前是否配置有七层代理(例如:高防、CDN等)。 | 取值:
|
| HttpsRedirect | Integer | 否 | 是 | 是否开启HTTPS强制跳转。 | 取值:
|
| Protocols | String | 是 | 否 | 该域名所支持的访问协议。 | 取值:
|
返回值
Fn::GetAtt
- ProtocolType:支持的访问协议。0表示支持HTTP协议,1表示支持HTTPS协议,2表示同时支持HTTP和HTTPS。
- Cname:WAF分配的别名。
示例
JSON格式
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"HttpToUserIp": {
"Type": "Number",
"Description": "Whether to open HTTPS access request is forwarded back to the source station via the HTTP protocol, the value of:\n0: off (default)\n1: Turn\nNote If your site does not support HTTPS back to the source, open source HTTP return (default back to the source port is port 80) function key, can be realized by WAF HTTPS access.",
"AllowedValues": [
0,
1
]
},
"HttpPort": {
"Type": "String",
"Description": "HTTP protocol configuration port. When specifying a plurality of HTTP port \",\" separated. Example values: [80].\nConfigure the HTTP protocol, this parameter is required. The default value is 80. HttpPort HttpsPort with at least two parameters need to fill a request."
},
"IsAccessProduct": {
"Type": "Number",
"Description": "The domain before WAF is configured with seven agents (eg, high defense, CDN, etc.), the value of:\n0: none.\n1: expressed.",
"AllowedValues": [
0,
1
]
},
"RsType": {
"Type": "Number",
"Description": "Back to the source address type the domain name values:\n0: back to the source to IP.\n1: Indicates the domain name back to the source.",
"AllowedValues": [
0,
1
]
},
"Protocols": {
"Type": "String",
"Description": "The domain supports access protocols, values:\nhttp: expressed support for the HTTP protocol.\nhttps: support for HTTPS protocol.\nhttp, https: supports HTTP, HTTPS protocol."
},
"InstanceId": {
"Type": "String",
"Description": "WAF instance ID.\nDescription Interface You can view your current WAF instance ID by calling DescribePayInfo."
},
"SourceIps": {
"Type": "String",
"Description": "Source station IP, supports a plurality of specified IP. Example values: [ \"1.1.1.1\"]."
},
"HttpsRedirect": {
"Type": "Number",
"Description": "HTTPS is turned forcefully jump the argument:\n0: off (default)\n1: Turn\nDescription required to complete the request parameters using only HTTPS access protocol. After opening force will show a jump HTTP request is HTTPS, a default jump to 443.",
"AllowedValues": [
0,
1
]
},
"Region": {
"Type": "String",
"Description": "Examples of areas where the WAF. Value:\ncn: China mainland (default)\ncn-hongkong: China HongKong and other overseas",
"AllowedValues": [
"cn",
"cn-hongkong"
]
},
"Domain": {
"Type": "String",
"Description": "Domain name."
},
"LoadBalancing": {
"Type": "Number",
"Description": "Back to the source load balancing policy values:\n0: IP Hash way.\n1: represents a polling mode.",
"AllowedValues": [
0,
1
]
},
"HttpsPort": {
"Type": "String",
"Description": "HTTPS protocol configuration port. When specifying a plurality HTTPS port, using the \",\" separated. Example values: [443].\nConfigure the protocol is HTTPS, this parameter is required. The default value is 443. HttpPort HttpsPort with at least two parameters need to fill a request."
}
},
"Resources": {
"DomainConfig": {
"Type": "ALIYUN::WAF::DomainConfig",
"Properties": {
"HttpToUserIp": {
"Ref": "HttpToUserIp"
},
"HttpPort": {
"Ref": "HttpPort"
},
"IsAccessProduct": {
"Ref": "IsAccessProduct"
},
"RsType": {
"Ref": "RsType"
},
"Protocols": {
"Ref": "Protocols"
},
"InstanceId": {
"Ref": "InstanceId"
},
"SourceIps": {
"Ref": "SourceIps"
},
"HttpsRedirect": {
"Ref": "HttpsRedirect"
},
"Region": {
"Ref": "Region"
},
"Domain": {
"Ref": "Domain"
},
"LoadBalancing": {
"Ref": "LoadBalancing"
},
"HttpsPort": {
"Ref": "HttpsPort"
}
}
}
},
"Outputs": {
"ProtocolType": {
"Description": "agreement type:0: indicates that the HTTP protocol is supported.1: indicates that the HTTPS protocol is supported.2: indicates that both HTTP and HTTPS protocols are supported.",
"Value": {
"Fn::GetAtt": [
"DomainConfig",
"ProtocolType"
]
}
},
"Cname": {
"Description": "CNAME assigned by WAF instance.",
"Value": {
"Fn::GetAtt": [
"DomainConfig",
"Cname"
]
}
}
}
}YAML格式
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
HttpToUserIp:
Type: Number
Description: >-
Whether to open HTTPS access request is forwarded back to the source
station via the HTTP protocol, the value of:
0: off (default)
1: Turn
Note If your site does not support HTTPS back to the source, open source
HTTP return (default back to the source port is port 80) function key, can
be realized by WAF HTTPS access.
AllowedValues:
- 0
- 1
HttpPort:
Type: String
Description: >-
HTTP protocol configuration port. When specifying a plurality of HTTP port
"," separated. Example values: [80].
Configure the HTTP protocol, this parameter is required. The default value
is 80. HttpPort HttpsPort with at least two parameters need to fill a
request.
IsAccessProduct:
Type: Number
Description: >-
The domain before WAF is configured with seven agents (eg, high defense,
CDN, etc.), the value of:
0: none.
1: expressed.
AllowedValues:
- 0
- 1
RsType:
Type: Number
Description: |-
Back to the source address type the domain name values:
0: back to the source to IP.
1: Indicates the domain name back to the source.
AllowedValues:
- 0
- 1
Protocols:
Type: String
Description: |-
The domain supports access protocols, values:
http: expressed support for the HTTP protocol.
https: support for HTTPS protocol.
http, https: supports HTTP, HTTPS protocol.
InstanceId:
Type: String
Description: >-
WAF instance ID.
Description Interface You can view your current WAF instance ID by calling
DescribePayInfo.
SourceIps:
Type: String
Description: >-
Source station IP, supports a plurality of specified IP. Example values: [
"1.1.1.1"].
HttpsRedirect:
Type: Number
Description: >-
HTTPS is turned forcefully jump the argument:
0: off (default)
1: Turn
Description required to complete the request parameters using only HTTPS
access protocol. After opening force will show a jump HTTP request is
HTTPS, a default jump to 443.
AllowedValues:
- 0
- 1
Region:
Type: String
Description: |-
Examples of areas where the WAF. Value:
cn: China mainland (default)
cn-hongkong: China HongKong and other overseas
AllowedValues:
- cn
- cn-hongkong
Domain:
Type: String
Description: Domain name.
LoadBalancing:
Type: Number
Description: |-
Back to the source load balancing policy values:
0: IP Hash way.
1: represents a polling mode.
AllowedValues:
- 0
- 1
HttpsPort:
Type: String
Description: >-
HTTPS protocol configuration port. When specifying a plurality HTTPS port,
using the "," separated. Example values: [443].
Configure the protocol is HTTPS, this parameter is required. The default
value is 443. HttpPort HttpsPort with at least two parameters need to fill
a request.
Resources:
DomainConfig:
Type: 'ALIYUN::WAF::DomainConfig'
Properties:
HttpToUserIp:
Ref: HttpToUserIp
HttpPort:
Ref: HttpPort
IsAccessProduct:
Ref: IsAccessProduct
RsType:
Ref: RsType
Protocols:
Ref: Protocols
InstanceId:
Ref: InstanceId
SourceIps:
Ref: SourceIps
HttpsRedirect:
Ref: HttpsRedirect
Region:
Ref: Region
Domain:
Ref: Domain
LoadBalancing:
Ref: LoadBalancing
HttpsPort:
Ref: HttpsPort
Outputs:
ProtocolType:
Description: >-
agreement type:0: indicates that the HTTP protocol is supported.1:
indicates that the HTTPS protocol is supported.2: indicates that both HTTP
and HTTPS protocols are supported.
Value:
'Fn::GetAtt':
- DomainConfig
- ProtocolType
Cname:
Description: CNAME assigned by WAF instance.
Value:
'Fn::GetAtt':
- DomainConfig
- Cname