ALIYUN::ThreatDetection::HoneypotProbe类型用于创建蜜罐探针。
语法
{
"Type": "ALIYUN::ThreatDetection::HoneypotProbe",
"Properties": {
"ControlNodeId": String,
"DisplayName": String,
"ProbeType": String,
"Arp": Boolean,
"BusinessGroupId": String,
"HoneypotBindList": List,
"ProbeVersion": String,
"Ping": Boolean,
"ProxyIp": String,
"ServiceIpList": List,
"Uuid": String,
"VpcId": String
}
}属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
ControlNodeId |
String |
是 |
否 |
管理节点ID。 |
无 |
|
DisplayName |
String |
是 |
是 |
探针名称。 |
无 |
|
ProbeType |
String |
是 |
否 |
探针类型。 |
取值:
|
|
Arp |
Boolean |
否 |
是 |
是否启用ARP欺骗。 |
取值:
|
|
BusinessGroupId |
String |
否 |
否 |
业务分组。 |
无 |
|
HoneypotBindList |
List |
否 |
否 |
探针配置。 |
长度:最小0,最大20。更多信息,请参考HoneypotBindList属性。 |
|
Ping |
Boolean |
否 |
是 |
是否启用Ping扫描。 |
取值:
|
|
ProbeVersion |
String |
否 |
否 |
探针版本。 |
无 |
|
ProxyIp |
String |
否 |
否 |
代理IP地址。 |
无 |
|
ServiceIpList |
List |
否 |
是 |
监听IP地址列表。 |
长度:最小0,最大20 |
|
Uuid |
String |
否 |
否 |
实例UUID。 |
ProbeType 为host_probe时该值不能为空。 |
|
VpcId |
String |
否 |
否 |
VPC ID。 |
ProbeType 为vpc_black_hole_probe时该值不能为空。 |
HoneypotBindList语法
"HoneypotBindList": [
{
"HoneypotId": String,
"BindPortList": List
}
]HoneypotBindList属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
BindPortList |
List |
否 |
否 |
监听端口。 |
长度:最小0,最大20。更多信息,请参考BindPortList属性。 |
|
HoneypotId |
String |
否 |
否 |
蜜罐ID。 |
无 |
BindPortList语法
"BindPortList": [
{
"TargetPort": Integer,
"BindPort": Boolean,
"StartPort": Integer,
"EndPort": Integer,
"Fixed": Boolean
}
]BindPortList属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
BindPort |
Boolean |
否 |
否 |
是否绑定端口。 |
取值:
|
|
EndPort |
Integer |
否 |
否 |
端口范围的结束端口。 |
无 |
|
Fixed |
Boolean |
否 |
否 |
是否为固定端口。 |
取值:
|
|
StartPort |
Integer |
否 |
否 |
端口范围的起始端口。 |
无 |
|
TargetPort |
Integer |
否 |
否 |
目标端口。 |
HoneypotId 不为空时该值不能为空。 |
返回值
Fn::GetAtt
-
ProbeVersion:探针版本。
-
Uuid:实例UUID。
-
VpcId:VPC ID。
-
ProbeType:探针类型。
-
ServiceIpList:监听IP地址列表。
-
ControlNodeId:管理节点ID。
-
HoneypotProbeId:探针ID。
-
Ping:是否启用Ping扫描。
-
DisplayName:探针名称。
-
HoneypotBindList:探针配置。
-
Arp:是否启用ARP欺骗。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Arp:
Type: Boolean
Description:
en: |-
Specifies whether to enable Address Resolution Protocol (ARP) spoofing. Valid values:
* **true**: yes
* **false**: no.
Default: Null
Required: false
VpcId:
Type: String
Description:
en: |-
The ID of the VPC.
> **ProbeType** is **vpc\_Black \_hole\_probe**. This value cannot be empty. You can call the [DescribeVpcHoneyPotList](~~ DescribeVpcHoneyPotList ~~) interface to obtain the value.
AssociationProperty: ALIYUN::ECS::VPC::VPCId
Default: Null
Required: false
DisplayName:
Type: String
Description:
en: The name of the probe.
Required: true
Uuid:
Type: String
Description:
en: |-
The UUID of the instance.
> If **ProbeType** is set to **host_probe**, this parameter is required.
Default: Null
Required: false
ProbeType:
Type: String
Description:
en: |-
The type of the probe. Valid values:
* **host_probe**: host probe
* **vpc_black_hole_probe**: virtual private cloud (VPC) probe.
AllowedValues:
- host_probe
- vpc_black_hole_probe
Required: true
HoneypotBindList:
Description:
en: The configuration of the probe.
Required: false
Default: Null
Type: Json
MinLength: 0
MaxLength: 20
AssociationProperty: List[Parameter]
AssociationPropertyMetadata:
Parameter:
Description:
en: The configuration of the probe.
Required: false
Default: Null
Type: Json
AssociationPropertyMetadata:
Parameters:
HoneypotId:
Type: String
Description:
en: |-
The ID of the honeypot.
> You can call the [ListHoneypot](~~ListHoneypot~~) operation to query the IDs of honeypots.
Default: Null
Required: false
BindPortList:
Description:
en: The listener ports.
Required: false
Default: Null
Type: Json
MinLength: 0
MaxLength: 20
AssociationProperty: List[Parameters]
AssociationPropertyMetadata:
Parameters:
BindPort:
Type: Boolean
Description:
en: |-
Specifies whether to bind a port. Valid values:
* **true**: yes
* **false**: no.
Default: Null
Required: false
StartPort:
Type: Number
Description:
en: The start of the port range.
Default: Null
Required: false
Fixed:
Type: Boolean
Description:
en: |-
Specifies whether the port is a fixed port. Valid values:
* **false**: no
* **true**: yes.
Default: Null
Required: false
TargetPort:
Type: Number
Description:
en: |-
The destination port.
> If **HoneypotId** is specified, this parameter is required.
Default: Null
Required: false
EndPort:
Type: Number
Description:
en: The end of the port range.
Default: Null
Required: false
Ping:
Type: Boolean
Description:
en: |-
Specifies whether to enable ping scan. Valid values:
* **true**: yes
* **false**: no.
Default: Null
Required: false
ProbeVersion:
Type: String
Description:
en: The version of the probe.
Default: Null
Required: false
ControlNodeId:
Type: String
Description:
en: |-
The ID of the management node.
> You can call the [ListHoneypotNode](~~ListHoneypotNode~~) operation to query the IDs of management nodes.
Required: true
BusinessGroupId:
Type: String
Description:
en: Business grouping.
Default: Null
Required: false
ProxyIp:
Type: String
Description:
en: The IP address of the proxy.
Default: Null
Required: false
ServiceIpList:
Description:
en: Listen to the IP address list.
Required: false
Default: Null
Type: Json
MinLength: 0
MaxLength: 20
AssociationProperty: List[Parameter]
AssociationPropertyMetadata:
Parameter:
Type: String
Description:
en: Listen to IP addresses.
Default: Null
Required: false
Resources:
ExtensionResource:
Type: ALIYUN::ThreatDetection::HoneypotProbe
Properties:
Arp:
Ref: Arp
VpcId:
Ref: VpcId
DisplayName:
Ref: DisplayName
Uuid:
Ref: Uuid
ProbeType:
Ref: ProbeType
HoneypotBindList:
Ref: HoneypotBindList
Ping:
Ref: Ping
ProbeVersion:
Ref: ProbeVersion
ControlNodeId:
Ref: ControlNodeId
BusinessGroupId:
Ref: BusinessGroupId
ProxyIp:
Ref: ProxyIp
ServiceIpList:
Ref: ServiceIpList
Outputs:
Arp:
Value:
Fn::GetAtt:
- ExtensionResource
- Arp
Description: Specifies whether to enable Address Resolution Protocol (ARP) spoofing.
VpcId:
Value:
Fn::GetAtt:
- ExtensionResource
- VpcId
Description: The ID of the VPC.
DisplayName:
Value:
Fn::GetAtt:
- ExtensionResource
- DisplayName
Description: The name of the probe.
Uuid:
Value:
Fn::GetAtt:
- ExtensionResource
- Uuid
Description: The UUID of the instance.
ProbeType:
Value:
Fn::GetAtt:
- ExtensionResource
- ProbeType
Description: The type of the probe.
HoneypotBindList:
Value:
Fn::GetAtt:
- ExtensionResource
- HoneypotBindList
Description: The configuration of the probe.
Ping:
Value:
Fn::GetAtt:
- ExtensionResource
- Ping
Description: Specifies whether to enable ping scan.
ProbeVersion:
Value:
Fn::GetAtt:
- ExtensionResource
- ProbeVersion
Description: The version of the probe.
ControlNodeId:
Value:
Fn::GetAtt:
- ExtensionResource
- ControlNodeId
Description: The ID of the management node.
HoneypotProbeId:
Value:
Fn::GetAtt:
- ExtensionResource
- HoneypotProbeId
Description: The ID of the probe.
ServiceIpList:
Value:
Fn::GetAtt:
- ExtensionResource
- ServiceIpList
Description: Listen to the IP address list.
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Arp": {
"Type": "Boolean",
"Description": {
"en": "Specifies whether to enable Address Resolution Protocol (ARP) spoofing. Valid values:\n* **true**: yes\n* **false**: no."
},
"Default": null,
"Required": false
},
"VpcId": {
"Type": "String",
"Description": {
"en": "The ID of the VPC.\n> **ProbeType** is **vpc\\_Black \\_hole\\_probe**. This value cannot be empty. You can call the [DescribeVpcHoneyPotList](~~ DescribeVpcHoneyPotList ~~) interface to obtain the value."
},
"AssociationProperty": "ALIYUN::ECS::VPC::VPCId",
"Default": null,
"Required": false
},
"DisplayName": {
"Type": "String",
"Description": {
"en": "The name of the probe."
},
"Required": true
},
"Uuid": {
"Type": "String",
"Description": {
"en": "The UUID of the instance.\n> If **ProbeType** is set to **host_probe**, this parameter is required."
},
"Default": null,
"Required": false
},
"ProbeType": {
"Type": "String",
"Description": {
"en": "The type of the probe. Valid values:\n* **host_probe**: host probe\n* **vpc_black_hole_probe**: virtual private cloud (VPC) probe."
},
"AllowedValues": [
"host_probe",
"vpc_black_hole_probe"
],
"Required": true
},
"HoneypotBindList": {
"Description": {
"en": "The configuration of the probe."
},
"Required": false,
"Default": null,
"Type": "Json",
"MinLength": 0,
"MaxLength": 20,
"AssociationProperty": "List[Parameter]",
"AssociationPropertyMetadata": {
"Parameter": {
"Description": {
"en": "The configuration of the probe."
},
"Required": false,
"Default": null,
"Type": "Json",
"AssociationPropertyMetadata": {
"Parameters": {
"HoneypotId": {
"Type": "String",
"Description": {
"en": "The ID of the honeypot.\n> You can call the [ListHoneypot](~~ListHoneypot~~) operation to query the IDs of honeypots."
},
"Default": null,
"Required": false
},
"BindPortList": {
"Description": {
"en": "The listener ports."
},
"Required": false,
"Default": null,
"Type": "Json",
"MinLength": 0,
"MaxLength": 20,
"AssociationProperty": "List[Parameters]",
"AssociationPropertyMetadata": {
"Parameters": {
"BindPort": {
"Type": "Boolean",
"Description": {
"en": "Specifies whether to bind a port. Valid values:\n* **true**: yes\n* **false**: no."
},
"Default": null,
"Required": false
},
"StartPort": {
"Type": "Number",
"Description": {
"en": "The start of the port range."
},
"Default": null,
"Required": false
},
"Fixed": {
"Type": "Boolean",
"Description": {
"en": "Specifies whether the port is a fixed port. Valid values:\n* **false**: no\n* **true**: yes."
},
"Default": null,
"Required": false
},
"TargetPort": {
"Type": "Number",
"Description": {
"en": "The destination port.\n> If **HoneypotId** is specified, this parameter is required."
},
"Default": null,
"Required": false
},
"EndPort": {
"Type": "Number",
"Description": {
"en": "The end of the port range."
},
"Default": null,
"Required": false
}
}
}
}
}
}
}
}
},
"Ping": {
"Type": "Boolean",
"Description": {
"en": "Specifies whether to enable ping scan. Valid values:\n* **true**: yes\n* **false**: no."
},
"Default": null,
"Required": false
},
"ProbeVersion": {
"Type": "String",
"Description": {
"en": "The version of the probe."
},
"Default": null,
"Required": false
},
"ControlNodeId": {
"Type": "String",
"Description": {
"en": "The ID of the management node.\n> You can call the [ListHoneypotNode](~~ListHoneypotNode~~) operation to query the IDs of management nodes."
},
"Required": true
},
"BusinessGroupId": {
"Type": "String",
"Description": {
"en": "Business grouping."
},
"Default": null,
"Required": false
},
"ProxyIp": {
"Type": "String",
"Description": {
"en": "The IP address of the proxy."
},
"Default": null,
"Required": false
},
"ServiceIpList": {
"Description": {
"en": "Listen to the IP address list."
},
"Required": false,
"Default": null,
"Type": "Json",
"MinLength": 0,
"MaxLength": 20,
"AssociationProperty": "List[Parameter]",
"AssociationPropertyMetadata": {
"Parameter": {
"Type": "String",
"Description": {
"en": "Listen to IP addresses."
},
"Default": null,
"Required": false
}
}
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::ThreatDetection::HoneypotProbe",
"Properties": {
"Arp": {
"Ref": "Arp"
},
"VpcId": {
"Ref": "VpcId"
},
"DisplayName": {
"Ref": "DisplayName"
},
"Uuid": {
"Ref": "Uuid"
},
"ProbeType": {
"Ref": "ProbeType"
},
"HoneypotBindList": {
"Ref": "HoneypotBindList"
},
"Ping": {
"Ref": "Ping"
},
"ProbeVersion": {
"Ref": "ProbeVersion"
},
"ControlNodeId": {
"Ref": "ControlNodeId"
},
"BusinessGroupId": {
"Ref": "BusinessGroupId"
},
"ProxyIp": {
"Ref": "ProxyIp"
},
"ServiceIpList": {
"Ref": "ServiceIpList"
}
}
}
},
"Outputs": {
"Arp": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Arp"
]
},
"Description": "Specifies whether to enable Address Resolution Protocol (ARP) spoofing."
},
"VpcId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"VpcId"
]
},
"Description": "The ID of the VPC."
},
"DisplayName": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"DisplayName"
]
},
"Description": "The name of the probe."
},
"Uuid": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Uuid"
]
},
"Description": "The UUID of the instance."
},
"ProbeType": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ProbeType"
]
},
"Description": "The type of the probe."
},
"HoneypotBindList": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"HoneypotBindList"
]
},
"Description": "The configuration of the probe."
},
"Ping": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Ping"
]
},
"Description": "Specifies whether to enable ping scan."
},
"ProbeVersion": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ProbeVersion"
]
},
"Description": "The version of the probe."
},
"ControlNodeId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ControlNodeId"
]
},
"Description": "The ID of the management node."
},
"HoneypotProbeId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"HoneypotProbeId"
]
},
"Description": "The ID of the probe."
},
"ServiceIpList": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ServiceIpList"
]
},
"Description": "Listen to the IP address list."
}
}
}该文章对您有帮助吗?