ALIYUN::DDoSPro::WebRule

ALIYUN::DDoSPro::WebRule类型用于创建一条网站业务转发规则。

语法

{
  "Type": "ALIYUN::DDoSPro::WebRule",
  "Properties": {
    "RsType": Integer,
    "ResourceGroupId": String,
    "DefenseId": String,
    "Domain": String,
    "InstanceIds": List,
    "Rules": String,
    "HttpsExt": String
  }
}

属性

属性名称

类型

必须

允许更新

描述

约束

Domain

String

要接入DDoS高防进行防护的网站域名。

RsType

Integer

源站服务器的地址类型。

取值:

  • 0:表示源站服务器的IP地址。

  • 1:表示源站服务器的域名地址。通常适用于源站和高防之间还部署有其他代理服务(例如WAF)的场景,具体指代理服务的跳转地址(例如WAF CNAME地址)。

Rules

String

网站业务转发规则的详细配置。

使用JSON数组转化的字符串格式表示。JSON数组中的每个元素是一个JSON结构体,包含以下字段:

  • ProxyRules:JSONArray类型,必选,源站服务器信息,包括端口号和服务器地址。数组中每个元素是一个JSON结构体,包含以下字段:

    • ProxyPort:Integer 类型,必选,协议对应的端口号。

    • RealServers:StringArray类型,必选,服务器地址。

  • ProxyType:String 类型,必选,网站协议类型。取值:

    • http

    • https

    • websocket

    • websockets

DefenseId

String

要关联的防护ID。

HttpsExt

String

HTTPS 高级设置,仅在网站协议类型支持 HTTPS(ProxyType包含https)时生效。

使用JSON结构体转化的字符串格式表示,JSON结构体包含以下字段:

  • Http2https:Integer类型,可选,是否开启HTTPS的强制跳转功能,取值:

    • 0(表示关闭)默认关闭。

    • 1(表示开启)。适用于您的网站同时支持HTTP和HTTPS协议。开启该设置后,所有HTTP请求将强制转换为HTTPS请求,且默认跳转到443端口。

  • Https2http:Integer类型,可选,是否开启HTTP回源功能,取值:

    • 0(表示关闭) 默认关闭

    • 1(表示开启)。

      适用于您的网站不支持HTTPS回源。开启该设置后,所有HTTPS协议请求将通过HTTP回源(Websockets协议会通过Websocket回源),且默认回源端口为80。

  • Http2:Integer类型,可选,是否启用HTTP2.0协议类型,取值:

    • 0(表示关闭) 默认关闭

    • 1(表示开启)。

      开启该设置后,协议版本为HTTP2.0。

InstanceIds

List

要关联的DDoS高防实例的ID列表。

ResourceGroupId

String

DDoS高防实例在资源管理服务中所属的资源组ID。

返回值

Fn::GetAtt

Domain:接入DDoS高防进行防护的网站域名。

示例

YAML格式

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  RsType:
    Type: Number
    Description:
      en: |-
        The address type of the origin server. Valid values:
        0: IP address
        1: domain name The domain name of the origin server is returned if you deploy proxies, such as Web Application Firewall (WAF), between the origin server and the instance. In this case, the address of the proxy, such as the CNAME provided by WAF, is returned.
    Required: true
  Domain:
    Type: String
    Description:
      en: The domain name of the website that you want to add to the instance.
    Required: true
  Rules:
    Type: String
    Description:
      en: |-
        The details of the forwarding rule. The value is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields: 
        ProxyRules: the information about the origin server. The information includes the port number and IP address. This field is required and must be a JSON array. Each element in a JSON array is a JSON struct that contains the following fields: ProxyPort: the port number. This field is required and must be an integer; RealServers: the IP address. This field is required and must be a string array.
        ProxyType: the protocol type. This field is required and must be a string. Valid values: http, https, websocket, and websockets.
    Required: true
Resources:
  ExtensionResource:
    Type: ALIYUN::DDoSPro::WebRule
    Properties:
      RsType:
        Ref: RsType
      Domain:
        Ref: Domain
      Rules:
        Ref: Rules
Outputs:
  Domain:
    Description: The domain name of the website that you want to add to the instance.
    Value:
      Fn::GetAtt:
        - ExtensionResource
        - Domain

JSON格式

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "RsType": {
      "Type": "Number",
      "Description": {
        "en": "The address type of the origin server. Valid values:\n0: IP address\n1: domain name The domain name of the origin server is returned if you deploy proxies, such as Web Application Firewall (WAF), between the origin server and the instance. In this case, the address of the proxy, such as the CNAME provided by WAF, is returned."
      },
      "Required": true
    },
    "Domain": {
      "Type": "String",
      "Description": {
        "en": "The domain name of the website that you want to add to the instance."
      },
      "Required": true
    },
    "Rules": {
      "Type": "String",
      "Description": {
        "en": "The details of the forwarding rule. The value is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields: \nProxyRules: the information about the origin server. The information includes the port number and IP address. This field is required and must be a JSON array. Each element in a JSON array is a JSON struct that contains the following fields: ProxyPort: the port number. This field is required and must be an integer; RealServers: the IP address. This field is required and must be a string array.\nProxyType: the protocol type. This field is required and must be a string. Valid values: http, https, websocket, and websockets."
      },
      "Required": true
    }
  },
  "Resources": {
    "ExtensionResource": {
      "Type": "ALIYUN::DDoSPro::WebRule",
      "Properties": {
        "RsType": {
          "Ref": "RsType"
        },
        "Domain": {
          "Ref": "Domain"
        },
        "Rules": {
          "Ref": "Rules"
        }
      }
    }
  },
  "Outputs": {
    "Domain": {
      "Description": "The domain name of the website that you want to add to the instance.",
      "Value": {
        "Fn::GetAtt": [
          "ExtensionResource",
          "Domain"
        ]
      }
    }
  }
}