ALIYUN::ThreatDetection::ContainerDefenseRule类型用于新建非镜像程序防御规则。
语法
{
"Type": "ALIYUN::ThreatDetection::ContainerDefenseRule",
"Properties": {
"Description": String,
"RuleSwitch": Integer,
"RuleId": Integer,
"RuleAction": Integer,
"RuleType": Integer,
"RuleName": String,
"Scope": List,
"WhitelistHash": String,
"Whitelist": Map
}
}属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
Description |
String |
否 |
是 |
规则描述。 |
无 |
|
RuleAction |
Integer |
否 |
是 |
规则命中时执行的动作。 |
取值:
|
|
RuleId |
Integer |
否 |
否 |
规则ID。 |
无 |
|
RuleName |
String |
否 |
是 |
规则名称。 |
无 |
|
RuleSwitch |
Integer |
否 |
是 |
规则的开关。 |
取值:
|
|
RuleType |
Integer |
否 |
是 |
规则类型。 |
取值:
|
|
Scope |
List |
否 |
是 |
规则范围。 |
长度:最小1,最大100。更多信息,请参考Scope属性。 |
|
Whitelist |
Map |
否 |
是 |
规则的白名单。 |
更多信息,请参考Whitelist属性。 |
|
WhitelistHash |
String |
否 |
否 |
白名单哈希值。 |
无 |
Scope语法
"Scope": [
{
"Namespaces": List,
"ClusterId": String,
"AllNamespace": Integer
}
]Scope属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
AllNamespace |
Integer |
否 |
是 |
是否包含所有命名空间。 |
取值:
|
|
ClusterId |
String |
否 |
是 |
集群ID。 |
无 |
|
Namespaces |
List |
否 |
是 |
要包含的命名空间。 |
长度:最小1,最大100 |
Whitelist语法
"Whitelist": {
"Path": List,
"Image": List
}Whitelist属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
Image |
List |
否 |
是 |
需要添加到白名单的镜像。 |
无 |
|
Path |
List |
否 |
是 |
需要添加到白名单的文件路径。 |
无 |
返回值
Fn::GetAtt
-
RuleSwitch:规则的开关。
-
Description:规则描述。
-
Scope:规则范围。
-
RuleId:规则ID。
-
RuleAction:规则命中时执行的动作。
-
Whitelist:规则的白名单。
-
RuleType:规则类型。
-
RuleName:规则名称。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
RuleType:
Type: Number
Description:
en: |-
The rule type. Value:
* 2: User Rules
AllowedValues:
- 2
Default: Null
Required: false
Description:
Type: String
Description:
en: Rule description.
AssociationProperty: TextArea
Default: Null
Required: false
RuleId:
Type: Number
Description:
en: Rule Id.
Default: Null
Required: false
Whitelist:
Description:
en: The whitelist of rule.
Required: false
Default: Null
Type: Json
AssociationPropertyMetadata:
Parameters:
Path:
Description:
en: The paths to the files that need to be added to the whitelist.
Required: false
Default: Null
Type: Json
AssociationProperty: List[Parameter]
AssociationPropertyMetadata:
Parameter:
Type: String
Description:
en: The path to the file that needs to be added to the whitelist.
Default: Null
Required: false
Image:
Description:
en: The images that need to be added to the whitelist.
Required: false
Default: Null
Type: Json
AssociationProperty: List[Parameter]
AssociationPropertyMetadata:
Parameter:
Type: String
Description:
en: The image that needs to be added to the whitelist.
Default: Null
Required: false
RuleAction:
Type: Number
Description:
en: |-
The action that is performed when the rule is hit. Valid values:
- **1**: alert
- **2**: block.
AllowedValues:
- 1
- 2
Default: Null
Required: false
RuleName:
Type: String
Description:
en: The name of the rule.
Default: Null
Required: false
RuleSwitch:
Type: Number
Description:
en: |-
The switch of the rule. Valid values:
* 0: off.
* 1: on.
AllowedValues:
- 0
- 1
Default: Null
Required: false
Scope:
Description:
en: Rule scope.
Required: false
Default: Null
Type: Json
MinLength: 1
MaxLength: 100
AssociationProperty: List[Parameter]
AssociationPropertyMetadata:
Parameter:
Description:
en: Rule scope.
Required: false
Default: Null
Type: Json
AssociationPropertyMetadata:
Parameters:
ClusterId:
Type: String
Description:
en: The ID of the cluster.
Default: Null
Required: false
AllNamespace:
Type: Number
Description:
en: |-
Specifies whether to include all namespaces. Valid values:
* 0: You can use the Namespaces parameter to specify the namespaces to include.
* 1: All namespaces are included.
AllowedValues:
- 0
- 1
Default: Null
Required: false
Namespaces:
Description:
en: The namespaces to include.
Required: false
Default: Null
Type: Json
MinLength: 1
MaxLength: 100
AssociationProperty: List[Parameter]
AssociationPropertyMetadata:
Parameter:
Type: String
Description:
en: The namespace to include.
Default: Null
Required: false
WhitelistHash:
Type: String
Description:
en: The whitelist Hash.
Default: Null
Required: false
Resources:
ExtensionResource:
Type: ALIYUN::ThreatDetection::ContainerDefenseRule
Properties:
RuleType:
Ref: RuleType
Description:
Ref: Description
RuleId:
Ref: RuleId
Whitelist:
Ref: Whitelist
RuleAction:
Ref: RuleAction
RuleName:
Ref: RuleName
RuleSwitch:
Ref: RuleSwitch
Scope:
Ref: Scope
WhitelistHash:
Ref: WhitelistHash
Outputs:
RuleType:
Value:
Fn::GetAtt:
- ExtensionResource
- RuleType
Description: The rule type.
Description:
Value:
Fn::GetAtt:
- ExtensionResource
- Description
Description: Rule description.
RuleId:
Value:
Fn::GetAtt:
- ExtensionResource
- RuleId
Description: Rule Id.
Whitelist:
Value:
Fn::GetAtt:
- ExtensionResource
- Whitelist
Description: The whitelist of rule.
RuleAction:
Value:
Fn::GetAtt:
- ExtensionResource
- RuleAction
Description: The action that is performed when the rule is hit.
RuleName:
Value:
Fn::GetAtt:
- ExtensionResource
- RuleName
Description: The name of the rule.
RuleSwitch:
Value:
Fn::GetAtt:
- ExtensionResource
- RuleSwitch
Description: The switch of the rule.
Scope:
Value:
Fn::GetAtt:
- ExtensionResource
- Scope
Description: Rule scope.
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"RuleType": {
"Type": "Number",
"Description": {
"en": "The rule type. Value:\n* 2: User Rules"
},
"AllowedValues": [
2
],
"Default": null,
"Required": false
},
"Description": {
"Type": "String",
"Description": {
"en": "Rule description."
},
"AssociationProperty": "TextArea",
"Default": null,
"Required": false
},
"RuleId": {
"Type": "Number",
"Description": {
"en": "Rule Id."
},
"Default": null,
"Required": false
},
"Whitelist": {
"Description": {
"en": "The whitelist of rule."
},
"Required": false,
"Default": null,
"Type": "Json",
"AssociationPropertyMetadata": {
"Parameters": {
"Path": {
"Description": {
"en": "The paths to the files that need to be added to the whitelist."
},
"Required": false,
"Default": null,
"Type": "Json",
"AssociationProperty": "List[Parameter]",
"AssociationPropertyMetadata": {
"Parameter": {
"Type": "String",
"Description": {
"en": "The path to the file that needs to be added to the whitelist."
},
"Default": null,
"Required": false
}
}
},
"Image": {
"Description": {
"en": "The images that need to be added to the whitelist."
},
"Required": false,
"Default": null,
"Type": "Json",
"AssociationProperty": "List[Parameter]",
"AssociationPropertyMetadata": {
"Parameter": {
"Type": "String",
"Description": {
"en": "The image that needs to be added to the whitelist."
},
"Default": null,
"Required": false
}
}
}
}
}
},
"RuleAction": {
"Type": "Number",
"Description": {
"en": "The action that is performed when the rule is hit. Valid values:\n- **1**: alert\n- **2**: block."
},
"AllowedValues": [
1,
2
],
"Default": null,
"Required": false
},
"RuleName": {
"Type": "String",
"Description": {
"en": "The name of the rule."
},
"Default": null,
"Required": false
},
"RuleSwitch": {
"Type": "Number",
"Description": {
"en": "The switch of the rule. Valid values:\n* 0: off.\n* 1: on."
},
"AllowedValues": [
0,
1
],
"Default": null,
"Required": false
},
"Scope": {
"Description": {
"en": "Rule scope."
},
"Required": false,
"Default": null,
"Type": "Json",
"MinLength": 1,
"MaxLength": 100,
"AssociationProperty": "List[Parameter]",
"AssociationPropertyMetadata": {
"Parameter": {
"Description": {
"en": "Rule scope."
},
"Required": false,
"Default": null,
"Type": "Json",
"AssociationPropertyMetadata": {
"Parameters": {
"ClusterId": {
"Type": "String",
"Description": {
"en": "The ID of the cluster."
},
"Default": null,
"Required": false
},
"AllNamespace": {
"Type": "Number",
"Description": {
"en": "Specifies whether to include all namespaces. Valid values:\n* 0: You can use the Namespaces parameter to specify the namespaces to include.\n* 1: All namespaces are included."
},
"AllowedValues": [
0,
1
],
"Default": null,
"Required": false
},
"Namespaces": {
"Description": {
"en": "The namespaces to include."
},
"Required": false,
"Default": null,
"Type": "Json",
"MinLength": 1,
"MaxLength": 100,
"AssociationProperty": "List[Parameter]",
"AssociationPropertyMetadata": {
"Parameter": {
"Type": "String",
"Description": {
"en": "The namespace to include."
},
"Default": null,
"Required": false
}
}
}
}
}
}
}
},
"WhitelistHash": {
"Type": "String",
"Description": {
"en": "The whitelist Hash."
},
"Default": null,
"Required": false
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::ThreatDetection::ContainerDefenseRule",
"Properties": {
"RuleType": {
"Ref": "RuleType"
},
"Description": {
"Ref": "Description"
},
"RuleId": {
"Ref": "RuleId"
},
"Whitelist": {
"Ref": "Whitelist"
},
"RuleAction": {
"Ref": "RuleAction"
},
"RuleName": {
"Ref": "RuleName"
},
"RuleSwitch": {
"Ref": "RuleSwitch"
},
"Scope": {
"Ref": "Scope"
},
"WhitelistHash": {
"Ref": "WhitelistHash"
}
}
}
},
"Outputs": {
"RuleType": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"RuleType"
]
},
"Description": "The rule type."
},
"Description": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Description"
]
},
"Description": "Rule description."
},
"RuleId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"RuleId"
]
},
"Description": "Rule Id."
},
"Whitelist": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Whitelist"
]
},
"Description": "The whitelist of rule."
},
"RuleAction": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"RuleAction"
]
},
"Description": "The action that is performed when the rule is hit."
},
"RuleName": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"RuleName"
]
},
"Description": "The name of the rule."
},
"RuleSwitch": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"RuleSwitch"
]
},
"Description": "The switch of the rule."
},
"Scope": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Scope"
]
},
"Description": "Rule scope."
}
}
}该文章对您有帮助吗?