ALIYUN::CLOUDFW::Instance类型用于创建云防火墙实例。
语法
{
"Type": "ALIYUN::CLOUDFW::Instance",
"Properties": {
"VpcBandwidth": Integer,
"AclExtension": Integer,
"NatFirewallNum": Integer,
"NatBandwidth": Integer,
"IpNum": Integer,
"AutoRenew": Boolean,
"Period": Integer,
"PayType": String,
"AutoPay": Boolean,
"LogStorage": Integer,
"LogAnalysis": Boolean,
"VpcFirewallNum": Integer,
"AccountNum": Integer,
"MultiAccountManagement": Boolean,
"Bandwidth": Integer,
"Spec": String,
"PeriodUnit": String,
"IgnoreExisting": Boolean
}
}属性
属性名称 | 类型 | 必须 | 允许更新 | 描述 | 约束 |
VpcBandwidth | Integer | 否 | 否 | VPC的网络处理能力。 | 取值范围:1000~15000。单位:Mbps。 |
AclExtension | Integer | 否 | 否 | 当您版本的默认访问控制授权规格不够时,您可以购买访问控制的全局扩展规格。 | 此扩展支持与互联网和VPC边界ACL规范共享占用。取值范围:0~300000个。 |
NatFirewallNum | Integer | 否 | 否 | NAT防火墙实例数。 | 每个NAT网关实例对应一个NAT防火墙实例。 高级版默认不包含它,企业版默认包含1个实例,旗舰版默认包含2个实例。 取值范围:0~20。 |
NatBandwidth | Integer | 否 | 否 | NAT私网流量处理能力。 | NAT防火墙处理的私网流量带宽大小。企业版默认带10 Mbps,旗舰版默认带20 Mbps。取值范围:0~1000。 单位:Mbps。 |
IpNum | Integer | 否 | 否 | 可防护公网IP数。 | 取值范围:20~4000。 |
AutoRenew | Boolean | 否 | 否 | 是否自动续订预付费实例。 | 取值:
|
Period | Integer | 否 | 否 | 预付费时长。 | 当PeriodUnit为Month,取值范围为1、3、6, 当PeriodUnit为Year时,取值范围为1、2、3。 |
PayType | String | 是 | 否 | 付费方式。 | 取值:
|
AutoPay | Boolean | 否 | 否 | 是否自动付款。 | 取值:
|
LogStorage | Integer | 否 | 否 | 日志存储容量。 | 存储容量选购参考:10 M公网带宽,存储6个月日志,推荐购买1000 GB日志存储容量,取值范围:1000~500000。 |
LogAnalysis | Boolean | 否 | 否 | 是否选购日志分析服务。 | 云防火墙默认含7天免费日志存储审计,如需要更长存储时长或满足等保要求,建议选购日志分析服务。 |
VpcFirewallNum | Integer | 否 | 否 | VPC防火墙实例数。 | 创建的VPC防火墙实例数。如果您的VPC为云企业网(企业版)组网架构,每TR对应一个VPC防火墙实例;如果为云企业网(基础版)组网架构,每VPC对应一个VPC防火墙实例;如果为高速通道组网架构,每对VPC对应一个VPC防火墙实例。取值范围:2~500。 |
AccountNum | Integer | 否 | 否 | 多账号管控数。 | 多账号管控数为您需要统一管控的成员账号数,可按需扩展。目前限时提供1个免费配额供您体验。取值范围:1~1000。 |
MultiAccountManagement | Boolean | 否 | 否 | 多账号统一管理。 | 当您的企业机构在云上有多个账号,需要实现统一集中化安全管理,可以选购云防火墙多账号统一管理服务。 如果您需要关闭多账号统一管理服务,请先在控制台关闭所管理成员账号的防火墙资产保护,并删除成员账号。 |
Bandwidth | Integer | 否 | 否 | 公网流量处理能力。 | 公网流量处理能力是指云防火墙可防护的公网方向流量峰值,建议与当前云防火墙监控到的流量峰值保持一致。取值范围:10~15000。 |
Spec | String | 否 | 否 | 云防火墙的版本。 | 取值:
|
PeriodUnit | String | 否 | 否 | 续费单位。 | 取值:
|
IgnoreExisting | Boolean | 否 | 否 | 是否忽略已有的云防火墙实例。 | 取值:
如果云防火墙实例不是由ROS创建的,在创建过程中将被忽略 更新和删除阶段。 |
返回值
Fn::GetAtt
InstanceId:实例ID。
示例
YAML格式ROSTemplateFormatVersion: '2015-09-01' Metadata: ALIYUN::ROS::Interface: ParameterGroups: - GroupType: Payment Label: default: en: Payment zh-cn: "\u4ED8\u8D39\u7C7B\u578B" Parameters: - Items: - PayType - Period - PeriodUnit Label: "\u652F\u4ED8\u65B9\u5F0F" - Label: default: en: AutoRenew Configuration zh-cn: "\u81EA\u52A8\u7EED\u8D39\u8BBE\u7F6E" Parameters: - AutoRenew - Label: default: en: AutoPay Configuration zh-cn: "\u81EA\u52A8\u652F\u4ED8\u8BBE\u7F6E" Parameters: - AutoPay - Label: default: en: Spec Configuration zh-cn: "\u9632\u706B\u5899\u89C4\u683C\u8BBE\u7F6E" Parameters: - Spec - IpNum - Bandwidth - Label: default: en: Vpc Firewall Configuration zh-cn: "VPC\u9632\u706B\u5899\u8BBE\u7F6E" Parameters: - VpcFirewallNum - VpcBandwidth - Label: default: en: Nat Firewall Configuration zh-cn: "NAT\u9632\u706B\u5899\u8BBE\u7F6E" Parameters: - NatFirewallNum - NatBandwidth - Label: default: en: Instance Configuration zh-cn: "\u5B9E\u4F8B\u8BBE\u7F6E" Parameters: - AclExtension - MultiAccountManagement - AccountNum - LogAnalysis - LogStorage - Label: default: en: Other Configuration zh-cn: "\u5176\u4ED6\u8BBE\u7F6E" Parameters: [] Parameters: AccountNum: AssociationPropertyMetadata: Visible: Condition: Fn::And: - Fn::Equals: - ${PayType} - Subscription - Fn::Equals: - ${MultiAccountManagement} - true Description: en: The number of multi-account management and control is the number of member accounts that you need to uniformly control. zh-cn: "\u591A\u8D26\u53F7\u7BA1\u63A7\u6570\u4E3A\u60A8\u9700\u8981\u7EDF\u4E00\ \u7BA1\u63A7\u7684\u6210\u5458\u8D26\u53F7\u6570\uFF0C\u53EF\u6309\u9700\u6269\ \u5C55\u3002\u76EE\u524D\u9650\u65F6\u63D0\u4F9B1\u4E2A\u514D\u8D39\u914D\u989D\ \u4F9B\u60A8\u4F53\u9A8C" Label: zh-cn: "\u591A\u8D26\u53F7\u7BA1\u63A7\u6570" Required: false Type: Number AclExtension: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Description: en: When the default access control authorization specifications of your version are not enough, you can purchase global extension specifications of access control. This extension supports shared occupancy with Internet and VPC boundary ACL specifications. zh-cn: "\u5F53\u60A8\u7248\u672C\u9ED8\u8BA4\u8BBF\u95EE\u63A7\u5236\u6388\u6743\ \u89C4\u683C\u4E0D\u591F\u7528\u65F6\uFF0C\u53EF\u91C7\u8D2D\u8BBF\u95EE\u63A7\ \u5236\u5168\u5C40\u6269\u5C55\u89C4\u683C\u3002\u8BE5\u6269\u5C55\u652F\u6301\ \u4E92\u8054\u7F51\u548CVPC\u8FB9\u754CACL\u89C4\u683C\u5171\u4EAB\u5360\u7528\ \u3002" Label: zh-cn: "\u8BBF\u95EE\u63A7\u5236\u5168\u5C40\u6269\u5C55" MaxValue: 50000 MinValue: 0 Required: false Type: Number AutoPay: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Default: true Description: en: Whether to auto pay the bill. Label: zh-cn: "\u8BA2\u5355\u662F\u5426\u81EA\u52A8\u652F\u4ED8" Required: false Type: Boolean AutoRenew: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Description: en: Whether to auto renew the prepay instance. Label: zh-cn: "\u5230\u671F\u662F\u5426\u81EA\u52A8\u7EED\u8D39" Required: false Type: Boolean Bandwidth: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Description: en: 'Public network processing capability. Valid values: 10 to 15000. Unit: Mbps.' zh-cn: "\u516C\u7F51\u6D41\u91CF\u5904\u7406\u80FD\u529B\u662F\u6307\u4E91\u9632\ \u706B\u5899\u4E92\u8054\u7F51\u8FB9\u754C\u9632\u706B\u5899\uFF0C\u53EF\u9632\ \u62A4\u7684\u516C\u7F51\u51FA\u5165\u6D41\u91CF\u5CF0\u503C\uFF08\u5165\u5411\ \u6216\u51FA\u5411\u53D6\u5176\u9AD8\uFF09\uFF0C\u5EFA\u8BAE\u4E0E\u60A8\u4E1A\ \u52A1\u7684\u516C\u7F51\u5E26\u5BBD\u4FDD\u6301\u4E00\u81F4\uFF0C\u53EF\u968F\ \u65F6\u6269\u5BB9" Label: zh-cn: "\u516C\u7F51\u6D41\u91CF\u5904\u7406\u80FD\u529B(\u5355\u4F4DMbps)" MaxValue: 15000 MinValue: 10 Required: false Type: Number IpNum: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Description: en: 'The number of public IPs that can be protected. Valid values: 20 to 4000.PremiumVersion: [20, 1000]' Label: zh-cn: "\u53EF\u9632\u62A4\u516C\u7F51IP\u6570" MaxValue: 4000 MinValue: 20 Required: false Type: Number LogAnalysis: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Description: en: The cloud firewall includes 7 days of free log storage and auditing by default. If you need longer storage time or meet the requirements for equal protection, it is recommended to purchase the log analysis service. zh-cn: "\u4E91\u9632\u706B\u5899\u9ED8\u8BA4\u542B7\u5929\u514D\u8D39\u65E5\u5FD7\ \u5B58\u50A8\u5BA1\u8BA1\uFF0C\u5982\u9700\u8981\u66F4\u957F\u5B58\u50A8\u65F6\ \u957F\u6216\u6EE1\u8DB3\u7B49\u4FDD\u8981\u6C42\uFF0C\u5EFA\u8BAE\u9009\u8D2D\ \u65E5\u5FD7\u5206\u6790\u670D\u52A1" Label: zh-cn: "\u65E5\u5FD7\u5206\u6790" Required: false Type: Boolean LogStorage: AssociationPropertyMetadata: Visible: Condition: Fn::And: - Fn::Equals: - ${PayType} - Subscription - Fn::Equals: - ${LogAnalysis} - true Description: en: 'Reference for purchasing storage capacity: 10M public network bandwidth, 6 months of log storage, recommended purchase of 1000GB log storage capacity' zh-cn: "\u5B58\u50A8\u5BB9\u91CF\u9009\u8D2D\u53C2\u8003\uFF1A10M\u516C\u7F51\ \u5E26\u5BBD\uFF0C\u5B58\u50A86\u4E2A\u6708\u65E5\u5FD7\uFF0C\u63A8\u8350\u8D2D\ \u4E701000GB\u65E5\u5FD7\u5B58\u50A8\u5BB9\u91CF" Label: zh-cn: "\u65E5\u5FD7\u5B58\u50A8\u5BB9\u91CF(\u5355\u4F4DGB)" MaxValue: 500000 MinValue: 1000 Required: false Type: Number MultiAccountManagement: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Default: false Description: en: Multiple accounts on the enterprise cloud can be managed centrally on the cloud firewall, including asset inventory, ACL policies, attack protection, log reports, etc. After the member account is managed by the current account, there will be no need to purchase it separately. zh-cn: "\u4F01\u4E1A\u4E91\u4E0A\u591A\u4E2A\u8D26\u53F7\u53EF\u5728\u4E91\u9632\ \u706B\u5899\u7EDF\u4E00\u96C6\u4E2D\u5B89\u5168\u7BA1\u7406\uFF0C\u5305\u62EC\ \u8D44\u4EA7\u76D8\u70B9\u3001ACL\u7B56\u7565\u3001\u653B\u51FB\u9632\u62A4\ \u3001\u65E5\u5FD7\u62A5\u8868\u7B49\u3002\u6210\u5458\u8D26\u53F7\u88AB\u5F53\ \u524D\u8D26\u53F7\u7EDF\u7BA1\u540E\uFF0C\u5C06\u65E0\u9700\u5355\u72EC\u91C7\ \u8D2D" Label: zh-cn: "\u591A\u8D26\u53F7\u7EDF\u4E00\u7BA1\u7406" Required: false Type: Boolean NatBandwidth: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Description: en: The bandwidth of private network traffic processed by the NAT firewall. The premium version does not include it by default, the enterprise version has 10Mbps by default, and the ultimate version has 20Mbps by default. zh-cn: "NAT\u9632\u706B\u5899\u5904\u7406\u7684\u79C1\u7F51\u6D41\u91CF\u5E26\ \u5BBD\u5927\u5C0F\u3002\u9AD8\u7EA7\u7248\u9ED8\u8BA4\u4E0D\u542B\uFF0C\u4F01\ \u4E1A\u7248\u9ED8\u8BA4\u5E2610Mbps\uFF0C\u65D7\u8230\u7248\u7248\u9ED8\u8BA4\ \u5E2620Mbps\u3002" Label: zh-cn: "NAT\u79C1\u7F51\u6D41\u91CF\u5904\u7406\u80FD\u529B(\u5355\u4F4DMbps)" MaxValue: 1000 MinValue: 0 Required: false Type: Number NatFirewallNum: AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Description: en: The number of NAT gateway instances of the NAT firewall you need to enable. Each NAT gateway instance corresponds to one NAT firewall instance. The premium version does not include it by default, the enterprise version comes with 1 specification by default,and the ultimate version comes with 2 specifications by default. zh-cn: "NAT\u9632\u706B\u5899\u5904\u7406\u7684\u79C1\u7F51\u6D41\u91CF\u5E26\ \u5BBD\u5927\u5C0F\u3002\u9AD8\u7EA7\u7248\u9ED8\u8BA4\u4E0D\u542B\uFF0C\u4F01\ \u4E1A\u7248\u9ED8\u8BA4\u5E2610Mbps\uFF0C\u65D7\u8230\u7248\u7248\u9ED8\u8BA4\ \u5E2620Mbps\u3002" Label: zh-cn: "NAT\u9632\u706B\u5899\u5B9E\u4F8B\u6570" MaxValue: 20 MinValue: 0 Required: false Type: Number PayType: AllowedValues: - PayAsYouGo - Subscription AssociationProperty: ChargeType AssociationPropertyMetadata: PaymentDefinition: PayAsYouGo: {} Subscription: Month: - 1 - 3 - 6 Year: - 1 - 2 - 3 Default: PayAsYouGo Description: en: 'The billing method of the firewall instance. Valid values: PayAsYouGo: pay-as-you-go Subscription: subscription' Required: true Type: String Period: AllowedValues: - 1 - 2 - 3 - 6 AssociationProperty: PayPeriod Default: 1 Description: en: 'The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6 If periodUnit is year, the valid range is 1, 2, 3' Required: false Type: Number PeriodUnit: AllowedValues: - Month - Year AssociationProperty: PayPeriodUnit Default: Month Description: en: 'The unit of the subscription duration. Valid values: Month Year Default value: Month.' Required: false Type: String Spec: AllowedValues: - PremiumVersion - EnterpriseVersion - UltimateVersion AssociationPropertyMetadata: Visible: Condition: Fn::Equals: - ${PayType} - Subscription Default: PremiumVersion Description: en: The version of Cloud Firewall. Label: zh-cn: "\u9632\u706B\u5899\u7248\u672C" Required: false Type: String VpcBandwidth: AssociationPropertyMetadata: Visible: Condition: Fn::And: - Fn::Equals: - ${PayType} - Subscription - Fn::Or: - Fn::Equals: - ${Spec} - EnterpriseVersion - Fn::Equals: - ${Spec} - UltimateVersion Description: en: 'VPC network processing capability. Valid values: 1000 to 15000. Unit: Mbps.' zh-cn: "VPC\u6D41\u91CF\u5904\u7406\u80FD\u529B\u662F\u6307\u4E91\u9632\u706B\ \u5899\u7684VPC\u8FB9\u754C\u9632\u706B\u5899\uFF0C\u53EF\u9632\u62A4\u7684\ \u8DE8VPC\u6D41\u91CF\u5CF0\u503C\uFF0C\u5EFA\u8BAE\u4E0E\u60A8\u4E1A\u52A1\ \u7684VPC\u5E26\u5BBD\u4FDD\u6301\u4E00\u81F4\uFF0C\u53EF\u968F\u65F6\u6269\ \u5BB9" Label: zh-cn: "VPC\u6D41\u91CF\u5904\u7406\u80FD\u529B(\u5355\u4F4DMbps)" MaxValue: 15000 MinValue: 1000 Required: false Type: Number VpcFirewallNum: AssociationPropertyMetadata: Visible: Condition: Fn::And: - Fn::Equals: - ${PayType} - Subscription - Fn::Or: - Fn::Equals: - ${Spec} - EnterpriseVersion - Fn::Equals: - ${Spec} - UltimateVersion Description: en: The number of protected VPCs. It will be ignored when spec = "premium_version". Valid values between 2 and 500. zh-cn: "\u521B\u5EFA\u7684VPC\u9632\u706B\u5899\u5B9E\u4F8B\u6570\u3002\u5982\ \u679C\u60A8\u7684VPC\u4E3A\u4E91\u4F01\u4E1A\u7F51\uFF08\u4F01\u4E1A\u7248\ \uFF09\u7EC4\u7F51\u67B6\u6784\uFF0C\u6BCFTR\u5BF9\u5E94\u4E00\u4E2AVPC\u9632\ \u706B\u5899\u5B9E\u4F8B\uFF1B\u5982\u679C\u4E3A\u4E91\u4F01\u4E1A\u7F51\uFF08\ \u57FA\u7840\u7248\uFF09\u7EC4\u7F51\u67B6\u6784\uFF0C\u6BCFVPC\u5BF9\u5E94\ \u4E00\u4E2AVPC\u9632\u706B\u5899\u5B9E\u4F8B\uFF1B\u5982\u679C\u4E3A\u9AD8\ \u901F\u901A\u9053\u7EC4\u7F51\u67B6\u6784\uFF0C\u6BCF\u5BF9VPC\u5BF9\u5E94\ \u4E00\u4E2AVPC\u9632\u706B\u5899\u5B9E\u4F8B" Label: zh-cn: "VPC\u9632\u706B\u5899\u5B9E\u4F8B\u6570" MaxValue: 500 MinValue: 2 Required: false Type: Number Resources: Instance: Properties: AccountNum: Ref: AccountNum AclExtension: Ref: AclExtension AutoPay: Ref: AutoPay AutoRenew: Ref: AutoRenew Bandwidth: Ref: Bandwidth IpNum: Ref: IpNum LogAnalysis: Ref: LogAnalysis LogStorage: Ref: LogStorage MultiAccountManagement: Ref: MultiAccountManagement NatBandwidth: Ref: NatBandwidth NatFirewallNum: Ref: NatFirewallNum PayType: Ref: PayType Period: Ref: Period PeriodUnit: Ref: PeriodUnit Spec: Ref: Spec VpcBandwidth: Ref: VpcBandwidth VpcFirewallNum: Ref: VpcFirewallNum Type: ALIYUN::CLOUDFW::Instance Outputs: InstanceId: Description: Instance Id. Value: Fn::GetAtt: - Instance - InstanceId OrderId: Description: Order id of created instance. Value: Fn::GetAtt: - Instance - OrderIdJSON格式{ "ROSTemplateFormatVersion": "2015-09-01", "Metadata": { "ALIYUN::ROS::Interface": { "ParameterGroups": [ { "Parameters": [ { "Label": "支付方式", "Items": [ "PayType", "Period", "PeriodUnit" ] } ], "GroupType": "Payment", "Label": { "default": { "en": "Payment", "zh-cn": "付费类型" } } }, { "Parameters": [ "AutoRenew" ], "Label": { "default": { "en": "AutoRenew Configuration", "zh-cn": "自动续费设置" } } }, { "Parameters": [ "AutoPay" ], "Label": { "default": { "en": "AutoPay Configuration", "zh-cn": "自动支付设置" } } }, { "Parameters": [ "Spec", "IpNum", "Bandwidth" ], "Label": { "default": { "en": "Spec Configuration", "zh-cn": "防火墙规格设置" } } }, { "Parameters": [ "VpcFirewallNum", "VpcBandwidth" ], "Label": { "default": { "en": "Vpc Firewall Configuration", "zh-cn": "VPC防火墙设置" } } }, { "Parameters": [ "NatFirewallNum", "NatBandwidth" ], "Label": { "default": { "en": "Nat Firewall Configuration", "zh-cn": "NAT防火墙设置" } } }, { "Parameters": [ "AclExtension", "MultiAccountManagement", "AccountNum", "LogAnalysis", "LogStorage" ], "Label": { "default": { "en": "Instance Configuration", "zh-cn": "实例设置" } } }, { "Parameters": [], "Label": { "default": { "en": "Other Configuration", "zh-cn": "其他设置" } } } ] } }, "Parameters": { "VpcBandwidth": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::And": [ { "Fn::Equals": [ "${PayType}", "Subscription" ] }, { "Fn::Or": [ { "Fn::Equals": [ "${Spec}", "EnterpriseVersion" ] }, { "Fn::Equals": [ "${Spec}", "UltimateVersion" ] } ] } ] } } }, "Type": "Number", "Description": { "en": "VPC network processing capability. Valid values: 1000 to 15000. Unit: Mbps.", "zh-cn": "VPC流量处理能力是指云防火墙的VPC边界防火墙,可防护的跨VPC流量峰值,建议与您业务的VPC带宽保持一致,可随时扩容" }, "Required": false, "MinValue": 1000, "Label": { "zh-cn": "VPC流量处理能力(单位Mbps)" }, "MaxValue": 15000 }, "AclExtension": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Number", "Description": { "en": "When the default access control authorization specifications of your version are not enough, you can purchase global extension specifications of access control. This extension supports shared occupancy with Internet and VPC boundary ACL specifications.", "zh-cn": "当您版本默认访问控制授权规格不够用时,可采购访问控制全局扩展规格。该扩展支持互联网和VPC边界ACL规格共享占用。" }, "Required": false, "MinValue": 0, "Label": { "zh-cn": "访问控制全局扩展" }, "MaxValue": 50000 }, "NatFirewallNum": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Number", "Description": { "en": "The number of NAT gateway instances of the NAT firewall you need to enable. Each NAT gateway instance corresponds to one NAT firewall instance. The premium version does not include it by default, the enterprise version comes with 1 specification by default,and the ultimate version comes with 2 specifications by default.", "zh-cn": "NAT防火墙处理的私网流量带宽大小。高级版默认不含,企业版默认带10Mbps,旗舰版默认带20Mbps。" }, "Required": false, "MinValue": 0, "Label": { "zh-cn": "NAT防火墙实例数" }, "MaxValue": 20 }, "NatBandwidth": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Number", "Description": { "en": "The bandwidth of private network traffic processed by the NAT firewall. The premium version does not include it by default, the enterprise version has 10Mbps by default, and the ultimate version has 20Mbps by default.", "zh-cn": "NAT防火墙处理的私网流量带宽大小。高级版默认不含,企业版默认带10Mbps,旗舰版默认带20Mbps。" }, "Required": false, "MinValue": 0, "Label": { "zh-cn": "NAT私网流量处理能力(单位Mbps)" }, "MaxValue": 1000 }, "IpNum": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Number", "Description": { "en": "The number of public IPs that can be protected. Valid values: 20 to 4000.PremiumVersion: [20, 1000]" }, "Required": false, "MinValue": 20, "Label": { "zh-cn": "可防护公网IP数" }, "MaxValue": 4000 }, "AutoRenew": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Boolean", "Description": { "en": "Whether to auto renew the prepay instance." }, "Required": false, "Label": { "zh-cn": "到期是否自动续费" } }, "Period": { "AssociationProperty": "PayPeriod", "Type": "Number", "Description": { "en": "The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6\nIf periodUnit is year, the valid range is 1, 2, 3" }, "AllowedValues": [ 1, 2, 3, 6 ], "Required": false, "Default": 1 }, "PayType": { "AssociationPropertyMetadata": { "PaymentDefinition": { "PayAsYouGo": {}, "Subscription": { "Month": [ 1, 3, 6 ], "Year": [ 1, 2, 3 ] } } }, "AssociationProperty": "ChargeType", "Type": "String", "Description": { "en": "The billing method of the firewall instance. Valid values:\nPayAsYouGo: pay-as-you-go\nSubscription: subscription" }, "AllowedValues": [ "PayAsYouGo", "Subscription" ], "Required": true, "Default": "PayAsYouGo" }, "AutoPay": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Boolean", "Description": { "en": "Whether to auto pay the bill." }, "Required": false, "Label": { "zh-cn": "订单是否自动支付" }, "Default": true }, "LogStorage": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::And": [ { "Fn::Equals": [ "${PayType}", "Subscription" ] }, { "Fn::Equals": [ "${LogAnalysis}", true ] } ] } } }, "Type": "Number", "Description": { "en": "Reference for purchasing storage capacity: 10M public network bandwidth, 6 months of log storage, recommended purchase of 1000GB log storage capacity", "zh-cn": "存储容量选购参考:10M公网带宽,存储6个月日志,推荐购买1000GB日志存储容量" }, "Required": false, "MinValue": 1000, "Label": { "zh-cn": "日志存储容量(单位GB)" }, "MaxValue": 500000 }, "LogAnalysis": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Boolean", "Description": { "en": "The cloud firewall includes 7 days of free log storage and auditing by default. If you need longer storage time or meet the requirements for equal protection, it is recommended to purchase the log analysis service.", "zh-cn": "云防火墙默认含7天免费日志存储审计,如需要更长存储时长或满足等保要求,建议选购日志分析服务" }, "Required": false, "Label": { "zh-cn": "日志分析" } }, "VpcFirewallNum": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::And": [ { "Fn::Equals": [ "${PayType}", "Subscription" ] }, { "Fn::Or": [ { "Fn::Equals": [ "${Spec}", "EnterpriseVersion" ] }, { "Fn::Equals": [ "${Spec}", "UltimateVersion" ] } ] } ] } } }, "Type": "Number", "Description": { "en": "The number of protected VPCs. It will be ignored when spec = \"premium_version\". Valid values between 2 and 500.", "zh-cn": "创建的VPC防火墙实例数。如果您的VPC为云企业网(企业版)组网架构,每TR对应一个VPC防火墙实例;如果为云企业网(基础版)组网架构,每VPC对应一个VPC防火墙实例;如果为高速通道组网架构,每对VPC对应一个VPC防火墙实例" }, "Required": false, "MinValue": 2, "Label": { "zh-cn": "VPC防火墙实例数" }, "MaxValue": 500 }, "AccountNum": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::And": [ { "Fn::Equals": [ "${PayType}", "Subscription" ] }, { "Fn::Equals": [ "${MultiAccountManagement}", true ] } ] } } }, "Type": "Number", "Description": { "en": "The number of multi-account management and control is the number of member accounts that you need to uniformly control.", "zh-cn": "多账号管控数为您需要统一管控的成员账号数,可按需扩展。目前限时提供1个免费配额供您体验" }, "Required": false, "Label": { "zh-cn": "多账号管控数" } }, "MultiAccountManagement": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Boolean", "Description": { "en": "Multiple accounts on the enterprise cloud can be managed centrally on the cloud firewall, including asset inventory, ACL policies, attack protection, log reports, etc. After the member account is managed by the current account, there will be no need to purchase it separately.", "zh-cn": "企业云上多个账号可在云防火墙统一集中安全管理,包括资产盘点、ACL策略、攻击防护、日志报表等。成员账号被当前账号统管后,将无需单独采购" }, "Required": false, "Label": { "zh-cn": "多账号统一管理" }, "Default": false }, "Bandwidth": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "Number", "Description": { "en": "Public network processing capability. Valid values: 10 to 15000. Unit: Mbps.", "zh-cn": "公网流量处理能力是指云防火墙互联网边界防火墙,可防护的公网出入流量峰值(入向或出向取其高),建议与您业务的公网带宽保持一致,可随时扩容" }, "Required": false, "MinValue": 10, "Label": { "zh-cn": "公网流量处理能力(单位Mbps)" }, "MaxValue": 15000 }, "Spec": { "AssociationPropertyMetadata": { "Visible": { "Condition": { "Fn::Equals": [ "${PayType}", "Subscription" ] } } }, "Type": "String", "Description": { "en": "The version of Cloud Firewall." }, "AllowedValues": [ "PremiumVersion", "EnterpriseVersion", "UltimateVersion" ], "Required": false, "Label": { "zh-cn": "防火墙版本" }, "Default": "PremiumVersion" }, "PeriodUnit": { "AssociationProperty": "PayPeriodUnit", "Type": "String", "Description": { "en": "The unit of the subscription duration. Valid values:\nMonth\nYear\nDefault value: Month." }, "AllowedValues": [ "Month", "Year" ], "Required": false, "Default": "Month" } }, "Resources": { "Instance": { "Type": "ALIYUN::CLOUDFW::Instance", "Properties": { "VpcBandwidth": { "Ref": "VpcBandwidth" }, "AclExtension": { "Ref": "AclExtension" }, "NatFirewallNum": { "Ref": "NatFirewallNum" }, "NatBandwidth": { "Ref": "NatBandwidth" }, "IpNum": { "Ref": "IpNum" }, "AutoRenew": { "Ref": "AutoRenew" }, "Period": { "Ref": "Period" }, "PayType": { "Ref": "PayType" }, "AutoPay": { "Ref": "AutoPay" }, "LogStorage": { "Ref": "LogStorage" }, "LogAnalysis": { "Ref": "LogAnalysis" }, "VpcFirewallNum": { "Ref": "VpcFirewallNum" }, "AccountNum": { "Ref": "AccountNum" }, "MultiAccountManagement": { "Ref": "MultiAccountManagement" }, "Bandwidth": { "Ref": "Bandwidth" }, "Spec": { "Ref": "Spec" }, "PeriodUnit": { "Ref": "PeriodUnit" } } } }, "Outputs": { "InstanceId": { "Description": "Instance Id.", "Value": { "Fn::GetAtt": [ "Instance", "InstanceId" ] } }, "OrderId": { "Description": "Order id of created instance.", "Value": { "Fn::GetAtt": [ "Instance", "OrderId" ] } } } }
反馈
- 本页导读 (1)
文档反馈