ALIYUN::WAF::DomainConfig is used to add a domain configuration.

Syntax

{
  "Type": "ALIYUN::WAF::DomainConfig",
  "Properties": {
    "HttpToUserIp": Integer,
    "Domain": String,
    "SourceIps": String,
    "InstanceId": String,
    "Region": String,
    "HttpPort": String,
    "LoadBalancing": Integer,
    "HttpsPort": String,
    "RsType": Integer,
    "IsAccessProduct": Integer,
    "HttpsRedirect": Integer,
    "Protocols": String
  }
}

Properties

Parameter Type Required Editable Description Constraint
HttpToUserIp Integer Not supported Supported Indicates whether to enable HTTPS. Valid values: HTTPS and HTTPS.
Note If your website does not support HTTPS back-to-origin, enable the HTTP back-to-origin feature (port 80 is selected by default) to enable HTTPS access through WAF.
Valid values:
  • 0 (default): Off
  • 1: enabled
Domain String Yes Not supported The domain name. None
SourceIps String Not supported Supported The origin IP address. Multiple IP addresses can be specified. Example: ["1.1.1.1", "10.0.0.0"]. None
InstanceId String Yes Not supported Web Application Firewall instance ID. None
Region String Not supported Supported The region of the Web Application Firewall instance. Valid values:
  • cn (default): Mainland China
  • cn-hongkong: China (Hong Kong) and other regions outside China
HttpPort String Not supported Supported The HTTP ports. Multiple HTTP ports are separated by commas (,). Example value: [80, 8000]. This parameter is required if the Protocols parameter is set to http. Default value: 80. You must specify at least one of the HttpPort and HttpsPort request parameters.
LoadBalancing Integer Not supported Supported Back-to-source server load balancer policies Valid values:
  • 0:IP Hash
  • 1: polling mode
HttpsPort String Not supported Supported The HTTPS ports. Multiple HTTPS ports are separated by commas (,). Example value: [443]. This parameter is required if the Protocols parameter is set to https. Default value: 443. You must specify at least one of the HttpPort and HttpsPort request parameters.
RsType Integer Erased Released The origin address type of the domain name. Valid values:
  • 0: Origin to IP
  • 1: Origin to domain name
IsAccessProduct Integer Yes Not supported Indicates whether a layer -7 proxy, such as anti-DDoS pro or CDN, has been configured for the specified domain. Valid values:
  • 0: None
  • 1: Yes
HttpsRedirect Integer Not supported Supported Specifies whether to enable HTTPS force redirect. Valid values:
  • 0 (default): Off
  • 1: enabled
You need to specify this request parameter only if the Protocols parameter is set to https. If this parameter is set to 1, the HTTP request will be displayed as HTTPS and redirected to port 443.
Protocols String Yes Not supported The protocols supported by the domain name. Valid values:
  • http: Supports the HTTP protocol.
  • https: Supports the HTTPS protocol.
  • http,https: indicates both HTTP and HTTPS.

Return value

Fn::GetAtt

  • ProtocolType: The supported access protocol. A value of 0 indicates that CDN supports HTTP, 1 indicates that CDN supports HTTPS, and a value of 2 indicates that CDN supports both HTTP and HTTPS.
  • Cname: The alias assigned by WAF.

Examples

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Resources": {
    "DomainConfig": {
      "Type": "ALIYUN::WAF::DomainConfig",
      "Properties": {
        "HttpToUserIp": {
          "Ref": "HttpToUserIp"
        },
        "Domain": {
          "Ref": "Domain"
        },
        "SourceIps": {
          "Ref": "SourceIps"
        },
        "InstanceId": {
          "Ref": "InstanceId"
        },
        "Region": {
          "Ref": "Region"
        },
        "HttpPort": {
          "Ref": "HttpPort"
        },
        "LoadBalancing": {
          "Ref": "LoadBalancing"
        },
        "HttpsPort": {
          "Ref": "HttpsPort"
        },
        "RsType": {
          "Ref": "RsType"
        },
        "IsAccessProduct": {
          "Ref": "IsAccessProduct"
        },
        "HttpsRedirect": {
          "Ref": "HttpsRedirect"
        },
        "Protocols": {
          "Ref": "Protocols"
        }
      }
    }
  },
  "Parameters": {
    "HttpToUserIp": {
      "Type": "Number",
      "Description": "Whether to open HTTPS access request is forwarded back to the source station via the HTTP protocol, the value of: 0: off (default) 1: Turn Note If your site does not support HTTPS back to the source, open source HTTP return (default back to the source port is port 80) function key, can be realized by WAF HTTPS access.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "Domain": {
      "Type": "String",
      "Description": "Domain name."
    },
    "SourceIps": {
      "Type": "String",
      "Description": "Source station IP, supports a plurality of specified IP. Example values: [ \"1.1.1.1\"]."
    },
    "InstanceId": {
      "Type": "String",
      "Description": "WAF instance ID. Description Interface You can view your current WAF instance ID by calling DescribePayInfo."
    },
    "Region": {
      "Type": "String",
      "Description": "The region where the WAF instance is located.
       Default value: cn.Valid 
       values: 
       cn: mainland China
       cn-hongkong: Hong Kong (China) and outside China"
      "AllowedValues": [
        "cn",
        "cn-hongkong"
      ]
    },
    "HttpPort": {
      "Type": "String",
      "Description": "HTTP protocol configuration port. When specifying a plurality of HTTP port \",\" separated. Example values: [80]. Configure the HTTP protocol, this parameter is required. The default value is 80. HttpPort HttpsPort with at least two parameters need to fill a request."
    },
    "LoadBalancing": {
      "Type": "Number",
      "Description": "Back to the source load balancing policy values: 0: IP Hash way. 1: represents a polling mode.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "HttpsPort": {
      "Type": "String",
      "Description": "HTTPS protocol configuration port. When specifying a plurality HTTPS port, using the \",\" separated. Example values: [443]. Configure the protocol is HTTPS, this parameter is required. The default value is 443. HttpPort HttpsPort with at least two parameters need to fill a request."
    },
    "RsType": {
      "Type": "Number",
      "Description": "Back to the source address type the domain name values: 0: back to the source to IP. 1: Indicates the domain name back to the source.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "IsAccessProduct": {
      "Type": "Number",
      "Description": "The domain before WAF is configured with seven agents (eg, high defense, CDN, etc.), the value of: 0: none. 1: expressed.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "HttpsRedirect": {
      "Type": "Number",
      "Description": "HTTPS is turned forcefully jump the argument: 0: off (default) 1: Turn Description required to complete the request parameters using only HTTPS access protocol. After opening force will show a jump HTTP request is HTTPS, a default jump to 443.",
      "AllowedValues": [
        0,
        1
      ]
    },
    "Protocols": {
      "Type": "String",
      "Description": "The domain supports access protocols, values: http: expressed support for the HTTP protocol. https: support for HTTPS protocol. http, https: supports HTTP, HTTPS protocol."
    }
  },
  "Outputs": {
    "ProtocolType": {
      "Description": "agreement type:0: indicates that the HTTP protocol is supported.1: indicates that the HTTPS protocol is supported.2: indicates that both HTTP and HTTPS protocols are supported.",
      "Value": {
        "Fn::GetAtt": [
          "DomainConfig",
          "ProtocolType"
        ]
      }
    },
    "Cname": {
      "Description": "CNAME assigned by WAF instance.",
      "Value": {
        "Fn::GetAtt": [
          "DomainConfig",
          "Cname"
        ]
      }
    }
  }
}

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Resources:
  DomainConfig:
    Type: ALIYUN::WAF::DomainConfig
    Properties:
      HttpToUserIp:
        Ref: HttpToUserIp
      Domain:
        Ref: Domain
      SourceIps:
        Ref: SourceIps
      InstanceId:
        Ref: InstanceId
      Region:
        Ref: Region
      HttpPort:
        Ref: HttpPort
      LoadBalancing:
        Ref: LoadBalancing
      HttpsPort:
        Ref: HttpsPort
      RsType:
        Ref: RsType
      IsAccessProduct:
        Ref: IsAccessProduct
      HttpsRedirect:
        Ref: HttpsRedirect
      Protocols:
        Ref: Protocols
Parameters:
  HttpToUserIp:
    Type: Number
    Description: 'Whether to open HTTPS access request is forwarded back to the source
      station via the HTTP protocol, the value of: 0: off (default) 1: Turn Note If
      your site does not support HTTPS back to the source and open source HTTP return
      (default back to the source port is port 80) function key, can be realized by
      WAF HTTPS access.'
    AllowedValues:
    -0
    - 1
  Domain:
    Type: String
    Description: Domain name.
  SourceIps:
    Type: String
    Description: 'Source station IP, supports a plurality of specified IP. Example
      values: [ "1.1.1.1"].'
  InstanceId:
    Type: String
    Description: WAF instance ID. Description Interface You can view your current
      WAF instance ID by calling DescribePayInfo.
  Region:
    Type: String
    Description: 'The region where the WAF instance is located.
       Default value: cn.Valid 
       values: 
       cn: mainland China
       cn-hongkong: Hong Kong (China) and outside China'
    AllowedValues:
    -cn
    -cn-hongkong
  HttpPort:
    Type: String
    Description: 'HTTP protocol configuration port. When specifying a plurality of
      HTTP port "," separated. Example values: [80]. Configure the HTTP protocol,
      this parameter is required. The default value is 80. HttpPort HttpsPort with
      at least two parameters need to fill a request.'
  LoadBalancing:
    Type: Number
    Description: 'Back to the source load balancing policy values: 0: IP Hash way.
      1: represents a polling mode.'
    AllowedValues:
    -0
    - 1
  HttpsPort:
    Type: String
    Description: 'HTTPS protocol configuration port. When specifying a plurality HTTPS
      port, using the "," separated. Example values: [443]. Configure the protocol
      is HTTPS, this parameter is required. The default value is 443. HttpPort HttpsPort
      with at least two parameters need to fill a request.'
  RsType:
    Type: Number
    Description: 'Back to the source address type the domain name values: 0: back
      to the source to IP. 1: Indicates the domain name back to the source.'
    AllowedValues:
    -0
    - 1
  IsAccessProduct:
    Type: Number
    Description: 'The domain before WAF is configured with seven agents (eg, high
      defense, CDN, etc.), the value of: 0: none. 1: expressed.'
    AllowedValues:
    -0
    - 1
  HttpsRedirect:
    Type: Number
    Description: 'HTTPS is turned forcefully jump the argument: 0: off (default) 1:
      Turn Description required to complete the request parameters using only HTTPS
      access protocol. After opening force will show a jump HTTP request is HTTPS,
      a default jump to 443.'
    AllowedValues:
    -0
    - 1
  Protocols:
    Type: String
    Description: 'The domain supports access protocols, values: http: expressed support
      for the HTTP protocol. https: support for HTTPS protocol. http, https: supports
      HTTP, HTTPS protocol.'
Outputs:
  ProtocolType:
    Description: 'agreement type:0: indicates that the HTTP protocol is supported.1:
      indicates that the HTTPS protocol is supported.2: indicates that both HTTP and
      HTTPS protocols are supported.'
    Value:
      Fn::GetAtt:
      -DomainConfig
      -ProtocolType
  Cname:
    Description: CNAME assigned by WAF instance.
    Value:
      Fn::GetAtt:
      -DomainConfig
      -Cname