ALIYUN::ThreatDetection::ImageEventOperation类型用于增加镜像告警处置规则。
语法
{
"Type": "ALIYUN::ThreatDetection::ImageEventOperation",
"Properties": {
"Conditions": Map,
"EventType": String,
"OperationCode": String,
"EventKey": String,
"EventName": String,
"Note": String,
"Scenarios": Map,
"Source": String
}
}属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
Conditions |
Map |
是 |
是 |
规则条件。 |
JSON 格式,key 取值:
|
|
EventType |
String |
是 |
否 |
镜像事件类型。 |
取值:
|
|
OperationCode |
String |
是 |
否 |
事件操作码。 |
取值:
|
|
EventKey |
String |
否 |
否 |
告警项的关键字。 |
无 |
|
EventName |
String |
否 |
否 |
告警项的名称。 |
无 |
|
Note |
String |
否 |
是 |
要添加的备注。 |
无 |
|
Scenarios |
Map |
否 |
是 |
规则的应用范围。 |
JSON 格式,key 取值:
示例:{"type": "repo", "value": "test-aaa/shenzhen-repo-01"} |
|
Source |
String |
否 |
否 |
白名单来源。 |
取值:
|
返回值
Fn::GetAtt
-
ImageEventOperationId:资源的第一个ID。
-
EventType:镜像事件类型。
-
Note:备注。
-
OperationCode:事件操作码。
-
EventKey:镜像事件关键字。
-
Scenarios:事件场景。
-
EventName:镜像事件名称。
-
Source:白名单来源。
-
Conditions:规则条件。以JSON格式指定值。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
Note:
Type: String
Description:
en: The remarks that you want to add.
Default: Null
Required: false
EventType:
Type: String
Description:
en: Image Event Type.
AllowedValues:
- sensitiveFile
- maliciousFile
- buildRisk
Required: true
EventName:
Type: String
Description:
en: The name of the alert item.
Default: Null
Required: false
Source:
Type: String
Description:
en: |-
The source of the whitelist. Valid values:
* **default**: image.
* **agentless**: agentless detection.
AllowedValues:
- agentless
- default
Default: Null
Required: false
EventKey:
Type: String
Description:
en: The keyword of the alert item.
Default: Null
Required: false
Scenarios:
Description:
en: |-
The application scope of the rule. The value is in the JSON format. Valid values of keys:
type
value
Example: {"type": "repo", "value": "test-aaa/shenzhen-repo-01"}
Required: false
Default: Null
Type: Json
Conditions:
Description:
en: |-
The rule conditions. Specify a value in the JSON format. You can specify the following keys:
* **condition**: the matching condition.
* **type**: the matching type.
* **value**: the matching value.
Required: true
Type: Json
OperationCode:
Type: String
Description:
en: Event Operation Code.
AllowedValues:
- whitelist
Required: true
Resources:
ExtensionResource:
Type: ALIYUN::ThreatDetection::ImageEventOperation
Properties:
Note:
Ref: Note
EventType:
Ref: EventType
EventName:
Ref: EventName
Source:
Ref: Source
EventKey:
Ref: EventKey
Scenarios:
Ref: Scenarios
Conditions:
Ref: Conditions
OperationCode:
Ref: OperationCode
Outputs:
Note:
Value:
Fn::GetAtt:
- ExtensionResource
- Note
Description: The remarks.
ImageEventOperationId:
Value:
Fn::GetAtt:
- ExtensionResource
- ImageEventOperationId
Description: The first ID of the resource.
EventType:
Value:
Fn::GetAtt:
- ExtensionResource
- EventType
Description: Image Event Type.
EventName:
Value:
Fn::GetAtt:
- ExtensionResource
- EventName
Description: Image Event Name.
Source:
Value:
Fn::GetAtt:
- ExtensionResource
- Source
Description: The source of the whitelist.
EventKey:
Value:
Fn::GetAtt:
- ExtensionResource
- EventKey
Description: Image Event Key.
Scenarios:
Value:
Fn::GetAtt:
- ExtensionResource
- Scenarios
Description: Event Scenarios.
Conditions:
Value:
Fn::GetAtt:
- ExtensionResource
- Conditions
Description: The rule conditions. Specify a value in the JSON format.
OperationCode:
Value:
Fn::GetAtt:
- ExtensionResource
- OperationCode
Description: Event Operation Code.
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"Note": {
"Type": "String",
"Description": {
"en": "The remarks that you want to add."
},
"Default": null,
"Required": false
},
"EventType": {
"Type": "String",
"Description": {
"en": "Image Event Type."
},
"AllowedValues": [
"sensitiveFile",
"maliciousFile",
"buildRisk"
],
"Required": true
},
"EventName": {
"Type": "String",
"Description": {
"en": "The name of the alert item."
},
"Default": null,
"Required": false
},
"Source": {
"Type": "String",
"Description": {
"en": "The source of the whitelist. Valid values:\n* **default**: image.\n* **agentless**: agentless detection."
},
"AllowedValues": [
"agentless",
"default"
],
"Default": null,
"Required": false
},
"EventKey": {
"Type": "String",
"Description": {
"en": "The keyword of the alert item."
},
"Default": null,
"Required": false
},
"Scenarios": {
"Description": {
"en": "The application scope of the rule. The value is in the JSON format. Valid values of keys:\ntype\nvalue\nExample: {\"type\": \"repo\", \"value\": \"test-aaa/shenzhen-repo-01\"}"
},
"Required": false,
"Default": null,
"Type": "Json"
},
"Conditions": {
"Description": {
"en": "The rule conditions. Specify a value in the JSON format. You can specify the following keys:\n* **condition**: the matching condition.\n* **type**: the matching type.\n* **value**: the matching value."
},
"Required": true,
"Type": "Json"
},
"OperationCode": {
"Type": "String",
"Description": {
"en": "Event Operation Code."
},
"AllowedValues": [
"whitelist"
],
"Required": true
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::ThreatDetection::ImageEventOperation",
"Properties": {
"Note": {
"Ref": "Note"
},
"EventType": {
"Ref": "EventType"
},
"EventName": {
"Ref": "EventName"
},
"Source": {
"Ref": "Source"
},
"EventKey": {
"Ref": "EventKey"
},
"Scenarios": {
"Ref": "Scenarios"
},
"Conditions": {
"Ref": "Conditions"
},
"OperationCode": {
"Ref": "OperationCode"
}
}
}
},
"Outputs": {
"Note": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Note"
]
},
"Description": "The remarks."
},
"ImageEventOperationId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ImageEventOperationId"
]
},
"Description": "The first ID of the resource."
},
"EventType": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"EventType"
]
},
"Description": "Image Event Type."
},
"EventName": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"EventName"
]
},
"Description": "Image Event Name."
},
"Source": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Source"
]
},
"Description": "The source of the whitelist."
},
"EventKey": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"EventKey"
]
},
"Description": "Image Event Key."
},
"Scenarios": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Scenarios"
]
},
"Description": "Event Scenarios."
},
"Conditions": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Conditions"
]
},
"Description": "The rule conditions. Specify a value in the JSON format."
},
"OperationCode": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"OperationCode"
]
},
"Description": "Event Operation Code."
}
}
}该文章对您有帮助吗?