ALIYUN::ThreatDetection::VulWhitelist类型用于添加漏洞白名单。
语法
{
"Type": "ALIYUN::ThreatDetection::VulWhitelist",
"Properties": {
"TargetInfo": Map,
"Whitelist": Map,
"Reason": String
}
}属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
TargetInfo |
Map |
是 |
是 |
白名单的适用范围。 |
该字段为 JSON 格式,包含以下字段。
|
|
Whitelist |
Map |
是 |
否 |
要添加到白名单的漏洞信息。 |
格式为 JSON 格式的字符串。包含以下字段:
|
|
Reason |
String |
否 |
是 |
将漏洞添加到白名单的原因。 |
无 |
返回值
Fn::GetAtt
-
TargetInfo:白名单的适用范围。
-
VulWhitelistId:白名单ID。
-
Whitelist:要添加到白名单的漏洞信息。
-
Reason:将漏洞添加到白名单的原因。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
TargetInfo:
Description:
en: |-
The applicable scope of the whitelist. The value of this parameter is in the JSON format and contains the following fields:
* **type**: the type of the applicable scope. Valid values:
* **GroupId**: the ID of a server group.
* **Uuid**: the UUID of a server.
* **uuids**: the UUIDs of servers. This field is of the string type.
* **groupIds**: the IDs of server groups. This field is of the long type.
> If you leave this parameter empty, the applicable scope is all servers. If you set the **type** field to **GroupId**, you must also specify the **groupIds** field. If you set the **type** field to **Uuid**, you must also specify the **uuids** field.
Required: true
Type: Json
Reason:
Type: String
Description:
en: The reason why you add the vulnerability to the whitelist.
Default: Null
Required: false
Whitelist:
Description:
en: |-
The information about the vulnerability that you want to add to the whitelist. The value is a JSON string that contains the following fields:
* **Status**: the status of the vulnerability.
* **GmtLast**: the timestamp when the vulnerability was last detected. Unit: milliseconds.
* **LaterCount**: the number of vulnerabilities that have the medium priority.
* **AsapCount**: the number of vulnerabilities that have the high priority.
* **Name**: the name of the vulnerability.
* **Type**: the type of the vulnerability. Valid values:
* **cve**: Linux software vulnerability
* **sys**: Windows system vulnerability
* **cms**: Web-CMS vulnerability
* **app**: application vulnerability
* **emg**: urgent vulnerability
* **Related**: the Common Vulnerabilities and Exposures (CVE) ID of the vulnerability.
* **HandledCount**: the number of handled vulnerabilities.
* **AliasName**: the alias of the vulnerability.
* **RuleModifyTime**: the time when the vulnerability was last disclosed.
* **NntfCount**: the number of vulnerabilities that have the low priority.
* **TotalFixCount**: the total number of fixed vulnerabilities.
* **Tags**: the tag that is added to the vulnerability.
> You can call the [DescribeGroupedVul](~~DescribeGroupedVul~~) operation to query the information about the vulnerability that you want to add to the whitelist.
Required: true
Type: Json
Resources:
ExtensionResource:
Type: ALIYUN::ThreatDetection::VulWhitelist
Properties:
TargetInfo:
Ref: TargetInfo
Reason:
Ref: Reason
Whitelist:
Ref: Whitelist
Outputs:
TargetInfo:
Value:
Fn::GetAtt:
- ExtensionResource
- TargetInfo
Description: The applicable scope of the whitelist.
Reason:
Value:
Fn::GetAtt:
- ExtensionResource
- Reason
Description: The reason why you add the vulnerability to the whitelist.
VulWhitelistId:
Value:
Fn::GetAtt:
- ExtensionResource
- VulWhitelistId
Description: The ID of the whitelist.
Whitelist:
Value:
Fn::GetAtt:
- ExtensionResource
- Whitelist
Description: The information about the vulnerability that you want to add to the whitelist.
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"TargetInfo": {
"Description": {
"en": "The applicable scope of the whitelist. The value of this parameter is in the JSON format and contains the following fields:\n* **type**: the type of the applicable scope. Valid values:\n * **GroupId**: the ID of a server group.\n * **Uuid**: the UUID of a server.\n* **uuids**: the UUIDs of servers. This field is of the string type.\n* **groupIds**: the IDs of server groups. This field is of the long type.\n> If you leave this parameter empty, the applicable scope is all servers. If you set the **type** field to **GroupId**, you must also specify the **groupIds** field. If you set the **type** field to **Uuid**, you must also specify the **uuids** field."
},
"Required": true,
"Type": "Json"
},
"Reason": {
"Type": "String",
"Description": {
"en": "The reason why you add the vulnerability to the whitelist."
},
"Default": null,
"Required": false
},
"Whitelist": {
"Description": {
"en": "The information about the vulnerability that you want to add to the whitelist. The value is a JSON string that contains the following fields:\n* **Status**: the status of the vulnerability.\n* **GmtLast**: the timestamp when the vulnerability was last detected. Unit: milliseconds.\n* **LaterCount**: the number of vulnerabilities that have the medium priority.\n* **AsapCount**: the number of vulnerabilities that have the high priority.\n* **Name**: the name of the vulnerability.\n* **Type**: the type of the vulnerability. Valid values:\n * **cve**: Linux software vulnerability\n * **sys**: Windows system vulnerability\n * **cms**: Web-CMS vulnerability\n * **app**: application vulnerability\n * **emg**: urgent vulnerability\n* **Related**: the Common Vulnerabilities and Exposures (CVE) ID of the vulnerability.\n* **HandledCount**: the number of handled vulnerabilities.\n* **AliasName**: the alias of the vulnerability.\n* **RuleModifyTime**: the time when the vulnerability was last disclosed.\n* **NntfCount**: the number of vulnerabilities that have the low priority.\n* **TotalFixCount**: the total number of fixed vulnerabilities.\n* **Tags**: the tag that is added to the vulnerability.\n> You can call the [DescribeGroupedVul](~~DescribeGroupedVul~~) operation to query the information about the vulnerability that you want to add to the whitelist."
},
"Required": true,
"Type": "Json"
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::ThreatDetection::VulWhitelist",
"Properties": {
"TargetInfo": {
"Ref": "TargetInfo"
},
"Reason": {
"Ref": "Reason"
},
"Whitelist": {
"Ref": "Whitelist"
}
}
}
},
"Outputs": {
"TargetInfo": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"TargetInfo"
]
},
"Description": "The applicable scope of the whitelist."
},
"Reason": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Reason"
]
},
"Description": "The reason why you add the vulnerability to the whitelist."
},
"VulWhitelistId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"VulWhitelistId"
]
},
"Description": "The ID of the whitelist."
},
"Whitelist": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Whitelist"
]
},
"Description": "The information about the vulnerability that you want to add to the whitelist."
}
}
}该文章对您有帮助吗?