ALIYUN::ThreatDetection::WebLockConfig类型用于为指定服务器添加防护目录。
语法
{
"Type": "ALIYUN::ThreatDetection::WebLockConfig",
"Properties": {
"DefenceMode": String,
"Dir": String,
"LocalBackupDir": String,
"Uuid": String,
"ExclusiveFile": String,
"ExclusiveDir": String,
"ExclusiveFileType": String,
"InclusiveFileType": String,
"InclusiveFile": String,
"Mode": String
}
}属性
|
属性名称 |
类型 |
必须 |
允许更新 |
描述 |
约束 |
|
DefenceMode |
String |
是 |
是 |
防护模式。 |
取值:
|
|
Dir |
String |
是 |
是 |
要启用网页防篡改的目录。 |
无 |
|
LocalBackupDir |
String |
是 |
是 |
防护目录备份文件的本地路径。 |
Linux服务器和Windows服务器的目录格式不同。您需要根据操作系统输入所需格式的目录。示例: * Linux服务器:/usr/local/aegis/bak * Windows服务器:C:\Program Files (x86)\xxx\Aegis\bak。 |
|
Uuid |
String |
是 |
否 |
要添加防护目录的服务器UUID。 |
无 |
|
ExclusiveDir |
String |
否 |
是 |
要禁用网页防篡改的目录。 |
无 |
|
ExclusiveFile |
String |
否 |
是 |
要禁用网页防篡改的文件。 |
无 |
|
ExclusiveFileType |
String |
否 |
是 |
要禁用网页防篡改的文件类型。 |
存在多个文件类型时,使用分号(;)分隔。取值:
|
|
InclusiveFile |
String |
否 |
是 |
已启用网页防篡改的文件。 |
无 |
|
InclusiveFileType |
String |
否 |
是 |
要启用网页防篡改的文件类型。 |
存在多个文件类型时,使用分号(;)分隔。取值:
|
|
Mode |
String |
否 |
是 |
网页防篡改的防护模式。 |
取值:
|
返回值
Fn::GetAtt
-
InclusiveFileType:要启用网页防篡改的文件类型。多个类型用分号(;)分隔。
-
ExclusiveFile:要禁用网页防篡改的文件。
-
Uuid:要添加防护目录的服务器UUID。
-
ExclusiveDir:要禁用网页防篡改的目录。
-
DefenceMode:防护模式。
-
Mode:网页防篡改的防护模式。
-
LocalBackupDir:防护目录备份文件的本地路径。
-
ExclusiveFileType:要禁用网页防篡改的文件类型。多个类型用分号(;)分隔。
-
ConfigId:防护目录的配置ID。
-
Dir:要启用网页防篡改的目录。
-
InclusiveFile:已启用网页防篡改的文件。
示例
ROSTemplateFormatVersion: '2015-09-01'
Parameters:
ExclusiveFile:
Type: String
Description:
en: |-
The file for which you want to disable web tamper proofing.
> If you set **Mode** to **blacklist**, you must specify this parameter.
Default: Null
Required: false
Uuid:
Type: String
Description:
en: |-
The UUID of the server for which you want to add a directory to protect.
> You can call the [DescribeCloudCenterInstances](~~DescribeCloudCenterInstances~~) operation to query the UUIDs of servers.
Required: true
InclusiveFile:
Type: String
Description:
en: |-
The file that has web tamper proofing enabled.
> If the value of **Mode** is **whitelist**, this parameter is returned.
Default: Null
Required: false
ExclusiveFileType:
Type: String
Description:
en: |-
The type of file for which you want to disable web tamper proofing. Separate multiple types with semicolons (;). Valid values:
* php
* jsp
* asp
* aspx
* js
* cgi
* html
* htm
* xml
* shtml
* shtm
* jpg
* gif
* png
> If you set **Mode** to **blacklist**, you must specify this parameter.
Default: Null
Required: false
DefenceMode:
Type: String
Description:
en: |-
The prevention mode. Valid values:
* **block**: Interception Mode
* **audit**: Alert Mode.
AllowedValues:
- block
- audit
Required: true
Mode:
Type: String
Description:
en: |-
The protection mode of web tamper proofing. Valid values:
* **whitelist**: In this mode, web tamper proofing is enabled for the specified directories and file types.
* **blacklist**: In this mode, web tamper proofing is enabled for the unspecified sub-directories, file types, and files in the protected directories.
AllowedValues:
- whitelist
- blacklist
Default: Null
Required: false
LocalBackupDir:
Type: String
Description:
en: |-
The local path to the backup files of the protected directory.\
The directory format of a Linux server is different from that of a Windows server. You must enter the directory in the required format based on your operating system. Examples:
* Linux server: /usr/local/aegis/bak
* Windows server: C:\Program Files (x86)\xxx\Aegis\bak.
Required: true
ExclusiveDir:
Type: String
Description:
en: |-
The directory for which you want to disable web tamper proofing.
> If you set **Mode** to **blacklist**, you must specify this parameter.
Default: Null
Required: false
InclusiveFileType:
Type: String
Description:
en: |-
The type of file for which you want to enable web tamper proofing. Separate multiple types with semicolons (;). Valid values:
* php
* jsp
* asp
* aspx
* js
* cgi
* html
* htm
* xml
* shtml
* shtm
* jpg
* gif
* png
> If you set **Mode** to **whitelist**, you must specify this parameter.
Default: Null
Required: false
Dir:
Type: String
Description:
en: The directory for which you want to enable web tamper proofing.
Required: true
Resources:
ExtensionResource:
Type: ALIYUN::ThreatDetection::WebLockConfig
Properties:
ExclusiveFile:
Ref: ExclusiveFile
Uuid:
Ref: Uuid
InclusiveFile:
Ref: InclusiveFile
ExclusiveFileType:
Ref: ExclusiveFileType
DefenceMode:
Ref: DefenceMode
Mode:
Ref: Mode
LocalBackupDir:
Ref: LocalBackupDir
ExclusiveDir:
Ref: ExclusiveDir
InclusiveFileType:
Ref: InclusiveFileType
Dir:
Ref: Dir
Outputs:
InclusiveFile:
Value:
Fn::GetAtt:
- ExtensionResource
- InclusiveFile
Description: The file that has web tamper proofing enabled.
ExclusiveDir:
Value:
Fn::GetAtt:
- ExtensionResource
- ExclusiveDir
Description: The directory for which you want to disable web tamper proofing.
ExclusiveFileType:
Value:
Fn::GetAtt:
- ExtensionResource
- ExclusiveFileType
Description: The type of file for which you want to disable web tamper proofing. Separate multiple types with semicolons (;).
DefenceMode:
Value:
Fn::GetAtt:
- ExtensionResource
- DefenceMode
Description: The prevention mode.
Mode:
Value:
Fn::GetAtt:
- ExtensionResource
- Mode
Description: The protection mode of web tamper proofing.
LocalBackupDir:
Value:
Fn::GetAtt:
- ExtensionResource
- LocalBackupDir
Description: The local path to the backup files of the protected directory.
ExclusiveFile:
Value:
Fn::GetAtt:
- ExtensionResource
- ExclusiveFile
Description: The file for which you want to disable web tamper proofing.
ConfigId:
Value:
Fn::GetAtt:
- ExtensionResource
- ConfigId
Description: The configuration ID of the protected directory.
InclusiveFileType:
Value:
Fn::GetAtt:
- ExtensionResource
- InclusiveFileType
Description: The type of file for which you want to enable web tamper proofing. Separate multiple types with semicolons (;).
Dir:
Value:
Fn::GetAtt:
- ExtensionResource
- Dir
Description: The directory for which you want to enable web tamper proofing.
Uuid:
Value:
Fn::GetAtt:
- ExtensionResource
- Uuid
Description: The UUID of the server for which you want to add a directory to protect.
{
"ROSTemplateFormatVersion": "2015-09-01",
"Parameters": {
"ExclusiveFile": {
"Type": "String",
"Description": {
"en": "The file for which you want to disable web tamper proofing.\n> If you set **Mode** to **blacklist**, you must specify this parameter."
},
"Default": null,
"Required": false
},
"Uuid": {
"Type": "String",
"Description": {
"en": "The UUID of the server for which you want to add a directory to protect.\n> You can call the [DescribeCloudCenterInstances](~~DescribeCloudCenterInstances~~) operation to query the UUIDs of servers."
},
"Required": true
},
"InclusiveFile": {
"Type": "String",
"Description": {
"en": "The file that has web tamper proofing enabled.\n> If the value of **Mode** is **whitelist**, this parameter is returned."
},
"Default": null,
"Required": false
},
"ExclusiveFileType": {
"Type": "String",
"Description": {
"en": "The type of file for which you want to disable web tamper proofing. Separate multiple types with semicolons (;). Valid values:\n* php\n* jsp\n* asp\n* aspx\n* js\n* cgi\n* html\n* htm\n* xml\n* shtml\n* shtm\n* jpg\n* gif\n* png\n> If you set **Mode** to **blacklist**, you must specify this parameter."
},
"Default": null,
"Required": false
},
"DefenceMode": {
"Type": "String",
"Description": {
"en": "The prevention mode. Valid values:\n* **block**: Interception Mode\n* **audit**: Alert Mode."
},
"AllowedValues": [
"block",
"audit"
],
"Required": true
},
"Mode": {
"Type": "String",
"Description": {
"en": "The protection mode of web tamper proofing. Valid values:\n* **whitelist**: In this mode, web tamper proofing is enabled for the specified directories and file types.\n* **blacklist**: In this mode, web tamper proofing is enabled for the unspecified sub-directories, file types, and files in the protected directories."
},
"AllowedValues": [
"whitelist",
"blacklist"
],
"Default": null,
"Required": false
},
"LocalBackupDir": {
"Type": "String",
"Description": {
"en": "The local path to the backup files of the protected directory.\\\nThe directory format of a Linux server is different from that of a Windows server. You must enter the directory in the required format based on your operating system. Examples:\n* Linux server: /usr/local/aegis/bak\n* Windows server: C:\\Program Files (x86)\\xxx\\Aegis\\bak."
},
"Required": true
},
"ExclusiveDir": {
"Type": "String",
"Description": {
"en": "The directory for which you want to disable web tamper proofing.\n> If you set **Mode** to **blacklist**, you must specify this parameter."
},
"Default": null,
"Required": false
},
"InclusiveFileType": {
"Type": "String",
"Description": {
"en": "The type of file for which you want to enable web tamper proofing. Separate multiple types with semicolons (;). Valid values:\n* php\n* jsp\n* asp\n* aspx\n* js\n* cgi\n* html\n* htm\n* xml\n* shtml\n* shtm\n* jpg\n* gif\n* png\n> If you set **Mode** to **whitelist**, you must specify this parameter."
},
"Default": null,
"Required": false
},
"Dir": {
"Type": "String",
"Description": {
"en": "The directory for which you want to enable web tamper proofing."
},
"Required": true
}
},
"Resources": {
"ExtensionResource": {
"Type": "ALIYUN::ThreatDetection::WebLockConfig",
"Properties": {
"ExclusiveFile": {
"Ref": "ExclusiveFile"
},
"Uuid": {
"Ref": "Uuid"
},
"InclusiveFile": {
"Ref": "InclusiveFile"
},
"ExclusiveFileType": {
"Ref": "ExclusiveFileType"
},
"DefenceMode": {
"Ref": "DefenceMode"
},
"Mode": {
"Ref": "Mode"
},
"LocalBackupDir": {
"Ref": "LocalBackupDir"
},
"ExclusiveDir": {
"Ref": "ExclusiveDir"
},
"InclusiveFileType": {
"Ref": "InclusiveFileType"
},
"Dir": {
"Ref": "Dir"
}
}
}
},
"Outputs": {
"InclusiveFile": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"InclusiveFile"
]
},
"Description": "The file that has web tamper proofing enabled."
},
"ExclusiveDir": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ExclusiveDir"
]
},
"Description": "The directory for which you want to disable web tamper proofing."
},
"ExclusiveFileType": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ExclusiveFileType"
]
},
"Description": "The type of file for which you want to disable web tamper proofing. Separate multiple types with semicolons (;)."
},
"DefenceMode": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"DefenceMode"
]
},
"Description": "The prevention mode."
},
"Mode": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Mode"
]
},
"Description": "The protection mode of web tamper proofing."
},
"LocalBackupDir": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"LocalBackupDir"
]
},
"Description": "The local path to the backup files of the protected directory."
},
"ExclusiveFile": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ExclusiveFile"
]
},
"Description": "The file for which you want to disable web tamper proofing."
},
"ConfigId": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"ConfigId"
]
},
"Description": "The configuration ID of the protected directory."
},
"InclusiveFileType": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"InclusiveFileType"
]
},
"Description": "The type of file for which you want to enable web tamper proofing. Separate multiple types with semicolons (;)."
},
"Dir": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Dir"
]
},
"Description": "The directory for which you want to enable web tamper proofing."
},
"Uuid": {
"Value": {
"Fn::GetAtt": [
"ExtensionResource",
"Uuid"
]
},
"Description": "The UUID of the server for which you want to add a directory to protect."
}
}
}该文章对您有帮助吗?