Use ALIYUN::SLS::Audit to configure Log Audit Service - Resource Orchestration Service

ALIYUN::SLS::Audit is used to configure Log Audit Service.

Note For more information about Log Audit Service, see Overview of Log Audit Service.

Syntax

{
  "Type": "ALIYUN::SLS::Audit",
  "Properties": {
    "VariableMap": Map,
    "DisplayName": String,
    "MultiAccount": List
  }
}

Properties

Property	Type	Required	Editable	Description	Constraint
VariableMap	Map	Yes	Yes	The detailed configuration of Log Audit Service.	For more information, see VariableMap properties.
DisplayName	String	Yes	No	The display name of Log Audit Service.	The name can be up to 128 characters in length.
MultiAccount	List	No	Yes	The Alibaba Cloud accounts for which you want to configure Log Audit Service.	You must separate multiple Alibaba Cloud account IDs with commas (,). You can specify up to 100 Alibaba Cloud accounts.

VariableMap syntax

"VariableMap": {
  "ApigatewayTtl": Number,
  "SasCrackEnabled": Boolean,
  "CpsEnabled": Boolean,
  "ApigatewayEnabled": Boolean,
  "WafEnabled": Boolean,
  "OssSyncTtl": Number,
  "SasTtl": Number,
  "ActiontrailTtl": Number,
  "OssAccessEnabled": Boolean,
  "OssSyncEnabled": Boolean,
  "SasSnapshotAccountEnabled": Boolean,
  "SlbSyncEnabled": Boolean,
  "SlbAccessTtl": Number,
  "BastionEnabled": Boolean,
  "RdsEnabled": Boolean,
  "SasSessionEnabled": Boolean,
  "SasLocalDnsEnabled": Boolean,
  "OssAccessTtl": Number,
  "SasHttpEnabled": Boolean,
  "BastionTtl": Number,
  "OssMeteringEnabled": Boolean,
  "SasProcessEnabled": Boolean,
  "NasEnabled": Boolean,
  "SasDnsEnabled": Boolean,
  "SasSnapshotPortEnabled": Boolean,
  "SasSecurityAlertEnabled": Boolean,
  "SlbAccessEnabled": Boolean,
  "NasTtl": Number,
  "SasNetworkEnabled": Boolean,
  "SasLoginEnabled": Boolean,
  "WafTtl": Number,
  "OssMeteringTtl": Number,
  "SasSnapshotProcessEnabled": Boolean,
  "SasSecurityHcEnabled": Boolean,
  "RdsTtl": Number,
  "CpsTtl": Number,
  "SlbSyncTtl": Number,
  "CloudfirewallTtl": Number,
  "ActiontrailEnabled": Boolean,
  "SasSecurityVulEnabled": Boolean,"ApigatewayTiEnabled": Boolean,
  "RdsSlowCollectionPolicy": String,
  "PolardbSlowCollectionPolicy": String,
  "BastionAuditCollectionPolicy": String,
  "DdosCooAccessPolicySetting": List,
  "RdsAuditCollectionPolicy": String,
  "ActiontrailOpenapiPolicySetting": List,
  "BastionTiEnabled": Boolean,
  "K8sIngressTiEnabled": Boolean,
  "PolardbEnabled": Boolean,
  "WafTiEnabled": Boolean,
  "RedisSyncTtl": Number,
  "OssAccessPolicySetting": List,
  "AppconnectTiEnabled": Boolean,
  "ApigatewayAccessPolicySetting": List,
  "NasTiEnabled": Boolean,
  "RdsPerfTiEnabled": Boolean,
  "ActiontrailOpenapiCollectionPolicy": String,
  "DrdsSyncTtl": Number,
  "K8sEventEnabled": Boolean,
  "RedisSyncEnabled": Boolean,
  "PolardbPerfTiEnabled": Boolean,
  "CpsTiEnabled": Boolean,
  "CloudfirewallTiEnabled": Boolean,
  "OssAccessTiEnabled": Boolean,
  "PolardbSlowTiEnabled": Boolean,
  "RedisAuditTtl": Number,
  "RdsAuditPolicySetting": List,
  "OssMeteringCollectionPolicy": String,
  "ActiontrailTiEnabled": Boolean,
  "SasTiEnabled": Boolean,
  "DdosCooAccessTiEnabled": Boolean,
  "WafAccessCollectionPolicy": String,
  "CloudfirewallAccessPolicySetting": List,
  "RedisAuditEnabled": Boolean,
  "CpsCallbackPolicySetting": List,
  "BastionAuditPolicySetting": List,
  "PolardbSlowEnabled": Boolean,
  "DrdsAuditEnabled": Boolean,
  "PolardbTtl": Number,
  "RdsPerfPolicySetting": List,
  "K8sIngressTtl": Number,
  "OssMeteringPolicySetting": List,
  "K8sEventCollectionPolicy": String,
  "DrdsAuditPolicySetting": List,
  "WafAccessPolicySetting": List,
  "CloudfirewallEnabled": Boolean,
  "PolardbAuditPolicySetting": List,
  "RedisAuditTiEnabled": Boolean,
  "RedisAuditPolicySetting": List,
  "SlbAccessPolicySetting": List,
  "PolardbTiEnabled": Boolean,
  "ApigatewayAccessCollectionPolicy": String,
  "DrdsAuditTtl": Number,
  "AppconnectEnabled": Boolean,
  "DrdsSyncEnabled": Boolean,
  "OssMeteringTiEnabled": Boolean,
  "K8sAuditTiEnabled": Boolean,
  "PolardbSlowTtl": Number,
  "DrdsAuditCollectionPolicy": String,
  "K8sAuditPolicySetting": List,
  "K8sEventPolicySetting": List,
  "RdsSlowTiEnabled": Boolean,
  "K8sIngressPolicySetting": List,
  "RedisAuditCollectionPolicy": String,
  "PolardbPerfTtl": Number,
  "AppconnectTtl": Number,
  "DrdsAuditTiEnabled": Boolean,
  "K8sAuditEnabled": Boolean,
  "PolardbPerfPolicySetting": List,
  "NasAuditPolicySetting": List,
  "K8sEventTtl": Number,
  "CpsCallbackCollectionPolicy": String,
  "PolardbAuditCollectionPolicy": String,
  "RdsPerfEnabled": Boolean,
  "RdsSlowEnabled": Boolean,
  "PolardbSlowPolicySetting": List,
  "DdosCooAccessTtl": Number,
  "PolardbPerfCollectionPolicy": String,
  "SlbAccessTiEnabled": Boolean,
  "PolardbPerfEnabled": Boolean,
  "AppconnectOpPolicySetting": List,
  "K8sEventTiEnabled": Boolean,
  "AppconnectOpCollectionPolicy": String,
  "NasAuditCollectionPolicy": String,
  "K8sAuditTtl": Number,
  "SlbAccessCollectionPolicy": String,
  "K8sIngressEnabled": Boolean,
  "K8sAuditCollectionPolicy": String,
  "RdsPerfTtl": Number,
  "OssAccessCollectionPolicy": String,
  "RdsSlowPolicySetting": List,
  "RdsSlowTtl": Number,
  "RdsPerfCollectionPolicy": String,
  "DdosCooAccessEnabled": Boolean,
  "DdosCooAccessCollectionPolicy": String,
  "CloudfirewallAccessCollectionPolicy": String,
  "RdsTiEnabled": Boolean,
  "K8sIngressCollectionPolicy": String
}

VariableMap properties

Property	Type	Required	Editable	Description	Constraint
ApigatewayTtl	Number	No	Yes	The period of time during which the access logs of API Gateway are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
SasCrackEnabled	Boolean	No	Yes	Specifies whether to audit the brute-force attack logs of Security Center (SAS).	Default value: false. Valid values: true false
CpsEnabled	Boolean	No	Yes	Specifies whether to audit the push receipt events of Alibaba Cloud Mobile Push.	Default value: true. Valid values: true false
ApigatewayEnabled	Boolean	No	Yes	Specifies whether to audit the access logs of API Gateway.	Default value: true. Valid values: true false
WafEnabled	Boolean	No	Yes	Specifies whether to audit the access logs of Web Application Firewall (WAF).	Default value: true. Valid values: true false
OssSyncTtl	Number	No	Yes	The period of time during which the Object Storage Service (OSS) logs are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days. For more information about centralized storage, see Technical advantages.
SasTtl	Number	No	Yes	The period of time during which the SAS logs are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
ActiontrailTtl	Number	No	Yes	The period of time during which the operation logs of ActionTrail are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
OssAccessEnabled	Boolean	No	Yes	Specifies whether to audit the access logs of OSS.	Default value: true. Valid values: true false
OssSyncEnabled	Boolean	No	Yes	Specifies whether to synchronize the access logs of OSS to the central project.	Default value: true. Valid values: true false Note You can synchronize the collected logs to the central project. This improves efficiency when you query, analyze, and visualize the collected logs. You can also configure alerts and perform custom development for OSS.
SasSnapshotAccountEnabled	Boolean	No	Yes	Specifies whether to audit the account snapshots of SAS.	Default value: false. Valid values: true false
SlbSyncEnabled	Boolean	No	Yes	Specifies whether to synchronize the access logs of Server Load Balancer (SLB) to the central project.	Default value: true. Valid values: true false
SlbAccessTtl	Number	No	Yes	The period of time during which the access logs of SLB are stored in the Logstore of the regional project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
BastionEnabled	Boolean	No	Yes	Specifies whether to audit the operation logs of Bastionhost (BH).	Default value: true. Valid values: true false
RdsEnabled	Boolean	No	Yes	Specifies whether to audit the SQL audit logs of ApsaraDB RDS.	Default value: true. Valid values: true false
SasSessionEnabled	Boolean	No	Yes	Specifies whether to audit the network session logs of SAS.	Default value: false. Valid values: true false
SasLocalDnsEnabled	Boolean	No	Yes	Specifies whether to audit the local Domain Name System (DNS) logs of SAS.	Default value: false. Valid values: true false
OssAccessTtl	Number	No	Yes	The period of time during which the access logs of OSS are stored in the Logstore of the regional project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
SasHttpEnabled	Boolean	No	Yes	Specifies whether to audit the web access logs of SAS.	Default value: false. Valid values: true false
BastionTtl	Number	No	Yes	The period of time during which the operation logs of BH are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
OssMeteringEnabled	Boolean	No	Yes	Specifies whether to audit the metering logs of OSS.	Default value: true. Valid values: true false
SasProcessEnabled	Boolean	No	Yes	Specifies whether to audit the process startup logs of SAS.	Default value: false. Valid values: true false
NasEnabled	Boolean	No	Yes	Specifies whether to audit the access logs of Apsara File Storage NAS (NAS).	Default value: true. Valid values: true false
SasDnsEnabled	Boolean	No	Yes	Specifies whether to audit the DNS logs of SAS.	Default value: false. Valid values: true false
SasSnapshotPortEnabled	Boolean	No	Yes	Specifies whether to audit the port snapshots of SAS.	Default value: false. Valid values: true false
SasSecurityAlertEnabled	Boolean	No	Yes	Specifies whether to audit the security alert logs of SAS.	Default value: false. Valid values: true false
SlbAccessEnabled	Boolean	No	Yes	Specifies whether to audit the access logs of SLB.	Default value: true. Valid values: true false
NasTtl	Number	No	Yes	The period of time during which the access logs of NAS are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
SasNetworkEnabled	Boolean	No	Yes	Specifies whether to audit the network connection logs of SAS.	Default value: false. Valid values: true false
SasLoginEnabled	Boolean	No	Yes	Specifies whether to audit the logon logs of SAS.	Default value: false. Valid values: true false
WafTtl	Number	No	Yes	The period of time during which the access logs of WAF are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
OssMeteringTtl	Number	No	Yes	The period of time during which the metering logs of OSS are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
SasSnapshotProcessEnabled	Boolean	No	Yes	Specifies whether to audit the process snapshots of SAS.	Default value: false. Valid values: true false
SasSecurityHcEnabled	Boolean	No	Yes	Specifies whether to audit the baseline logs of SAS.	Default value: false. Valid values: true false
RdsTtl	Number	No	Yes	The period of time during which the SQL audit logs of ApsaraDB RDS are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
CpsTtl	Number	No	Yes	The period of time during which the push receipt events of Alibaba Cloud Mobile Push are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
SlbSyncTtl	Number	No	Yes	The period of time during which the access logs of SLB are stored in the Logstore of the regional project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
CloudfirewallTtl	Number	No	Yes	The period of time during which the logs of traffic that passes through the Cloud Firewall (CFW) Internet firewall are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
ActiontrailEnabled	Boolean	No	Yes	Specifies whether to audit the operation logs of ActionTrail.	Default value: true. Valid values: true false
SasSecurityVulEnabled	Boolean	No	Yes	Specifies whether to audit the vulnerability logs of SAS.	Default value: false. Valid values: true false
ApigatewayTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for API Gateway.	Default value: false. Valid values: true false
RdsSlowCollectionPolicy	String	No	Yes	Specifies whether to audit the policy for the slow query logs of ApsaraDB RDS.	Default value: false. Valid values: true false
PolardbSlowCollectionPolicy	String	No	Yes	Specifies whether to audit the slow query logs of PolarDB.	Default value: false. Valid values: true false
BastionAuditCollectionPolicy	String	No	Yes	The collection policy for the audit logs of BH.	None.
DdosCooAccessPolicySetting	List	No	Yes	The settings of the audit policy for Anti-DDoS.	None.
RdsAuditCollectionPolicy	String	No	Yes	The collection policy for the audit logs of ApsaraDB RDS.	None.
ActiontrailOpenapiPolicySetting	List	No	Yes	The settings of the API policy for ActionTrail.	None.
BastionTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for BH.	Default value: false. Valid values: true false
K8sIngressTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for the Ingress access logs of Container Service for Kubernetes (ACK).	Default value: false. Valid values: true false
PolardbEnabled	Boolean	No	Yes	Specifies whether to audit the audit logs of PolarDB.	Default value: true. Valid values: true false
WafTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for WAF.	Default value: false. Valid values: true false
RedisSyncTtl	Number	No	Yes	The period of time during which the audit logs of ApsaraDB for Redis are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
OssAccessPolicySetting	List	No	Yes	The settings of the access policy for OSS.	None.
AppconnectTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for Cloud Service Bus (CSB) App Connect.	Default value: false. Valid values: true false
ApigatewayAccessPolicySetting	List	No	Yes	The settings of the audit policy for API Gateway.	None.
NasTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for NAS.	Default value: false. Valid values: true false
RdsPerfTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for ApsaraDB RDS.	Default value: false. Valid values: true false
ActiontrailOpenapiCollectionPolicy	String	No	Yes	The collection policy for the API logs of ActionTrail.	None.
DrdsSyncTtl	Number	No	Yes	The period of time during which the SQL audit logs of PolarDB-X are synchronized to the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
K8sEventEnabled	Boolean	No	Yes	Specifies whether to audit the Kubernetes event center of ACK.	Default value: false. Valid values: true false
RedisSyncEnabled	Boolean	No	Yes	Specifies whether to synchronize the audit logs of ApsaraDB for Redis to the central project.	Default value: true. Valid values: true false
PolardbPerfTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for PolarDB.	Default value: false. Valid values: true false
CpsTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for Alibaba Cloud Mobile Push.	Default value: false. Valid values: true false
CloudfirewallTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for CFW.	Default value: false. Valid values: true false
OssAccessTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for OSS.	Default value: false. Valid values: true false
PolardbSlowTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for the slow query logs of PolarDB.	Default value: false. Valid values: true false
RedisAuditTtl	Number	No	Yes	The period of time during which the access logs of ApsaraDB for Redis are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 7. Unit: days.
RdsAuditPolicySetting	List	No	Yes	The settings of the audit policy for ApsaraDB RDS.	None.
OssMeteringCollectionPolicy	String	No	Yes	The collection policy for the metering logs of OSS.	None.
ActiontrailTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for ActionTrail.	Default value: false. Valid values: true false
SasTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for SAS.	Default value: false. Valid values: true false
DdosCooAccessTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for Anti-DDoS.	Default value: false. Valid values: true false
WafAccessCollectionPolicy	String	No	Yes	The collection policy for WAF logs.	None.
CloudfirewallAccessPolicySetting	List	No	Yes	The settings of the collection policy for CFW logs.	None.
RedisAuditEnabled	Boolean	No	Yes	Specifies whether to audit the audit logs of ApsaraDB for Redis.	Default value: true. Valid values: true false
CpsCallbackPolicySetting	List	No	Yes	The settings of the collection policy for Alibaba Cloud Mobile Push logs.	None.
BastionAuditPolicySetting	List	No	Yes	The settings of the collection policy for BH logs.	None.
PolardbSlowEnabled	Boolean	No	Yes	Specifies whether to audit the slow query logs of PolarDB.	Default value: false. Valid values: true false
DrdsAuditEnabled	Boolean	No	Yes	Specifies whether to audit the SQL audit logs of PolarDB-X.	Default value: true. Valid values: true false
PolardbTtl	Number	No	Yes	The period of time during which the audit logs of PolarDB are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
RdsPerfPolicySetting	List	No	Yes	The settings of the performance policy for ApsaraDB RDS.	None.
K8sIngressTtl	Number	No	Yes	The period of time during which the Ingress access logs of ACK are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
OssMeteringPolicySetting	List	No	Yes	The settings of the metering policy for OSS.	None.
K8sEventCollectionPolicy	String	No	Yes	The collection policy for the event logs of ACK.	None.
DrdsAuditPolicySetting	List	No	Yes	The settings of the audit policy for PolarDB-X.	None.
WafAccessPolicySetting	List	No	Yes	The settings of the audit policy for WAF.	None.
CloudfirewallEnabled	Boolean	No	Yes	Specifies whether to audit the logs of traffic that passes through the CFW VPC firewall.	Default value: true. Valid values: true false
PolardbAuditPolicySetting	List	No	Yes	The settings of the audit policy for PolarDB.	None.
RedisAuditTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for ApsaraDB for Redis.	Default value: false. Valid values: true false
RedisAuditPolicySetting	List	No	Yes	The settings of the audit policy for ApsaraDB for Redis.	None.
SlbAccessPolicySetting	List	No	Yes	The settings of the audit policy for SLB.	None.
PolardbTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for PolarDB.	Default value: false. Valid values: true false
ApigatewayAccessCollectionPolicy	String	No	Yes	The audit policy for API Gateway.	None.
DrdsAuditTtl	Number	No	Yes	The period of time during which the SQL audit logs of PolarDB-X are stored in the Logstore of the regional project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
AppconnectEnabled	Boolean	No	Yes	Specifies whether to audit the operation logs of CSB App Connect.	Default value: false. Valid values: true false
DrdsSyncEnabled	Boolean	No	Yes	Specifies whether to synchronize the SQL audit logs of PolarDB-X to the central project.	Default value: true. Valid values: true false
OssMeteringTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for the metering logs of OSS.	Default value: false. Valid values: true false
K8sAuditTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for ACK.	Default value: false. Valid values: true false
PolardbSlowTtl	Number	No	Yes	The period of time during which the slow query logs of PolarDB are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
DrdsAuditCollectionPolicy	String	No	Yes	The collection policy for the audit logs of PolarDB-X.	None.
K8sAuditPolicySetting	List	No	Yes	The settings of the audit policy for ACK.	None.
K8sEventPolicySetting	List	No	Yes	The settings of the event policy for ACK.	None.
RdsSlowTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for the slow query logs of ApsaraDB RDS.	Default value: false. Valid values: true false
K8sIngressPolicySetting	List	No	Yes	The settings of the Ingress policy for ACK.	None.
RedisAuditCollectionPolicy	String	No	Yes	The collection policy for the audit logs of ApsaraDB for Redis.	None.
PolardbPerfTtl	Number	No	Yes	The period of time during which the performance logs of PolarDB are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
AppconnectTtl	Number	No	Yes	The period of time during which the operation logs of CSB App Connect are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
DrdsAuditTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for PolarDB-X.	Default value: false. Valid values: true false
K8sAuditEnabled	Boolean	No	Yes	Specifies whether to audit the Kubernetes audit logs of ACK.	Default value: false. Valid values: true false
PolardbPerfPolicySetting	List	No	Yes	The settings of the performance logs of PolarDB.	None.
NasAuditPolicySetting	List	No	Yes	The settings of the audit policy for NAS.	None.
K8sEventTtl	Number	No	Yes	The period of time during which the event logs of ACK are stored in the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
CpsCallbackCollectionPolicy	String	No	Yes	The collection policy for Alibaba Cloud Mobile Push logs.	None.
PolardbAuditCollectionPolicy	String	No	Yes	The collection policy for the audit logs of PolarDB.	None.
RdsPerfEnabled	Boolean	No	Yes	Specifies whether to audit the performance logs of ApsaraDB RDS.	Default value: false. Valid values: true false
RdsSlowEnabled	Boolean	No	Yes	Specifies whether to audit the slow query logs of ApsaraDB RDS.	Default value: false. Valid values: true false
PolardbSlowPolicySetting	List	No	Yes	The settings of the slow query log policy for PolarDB.	None.
DdosCooAccessTtl	Number	No	Yes	The period of time during which the Anti-DDoS logs are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
PolardbPerfCollectionPolicy	String	No	Yes	The collection policy for the performance logs of PolarDB.	None.
SlbAccessTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for SLB.	Default value: false. Valid values: true false
PolardbPerfEnabled	Boolean	No	Yes	Specifies whether to audit the performance logs of PolarDB.	Default value: false. Valid values: true false
AppconnectOpPolicySetting	List	No	Yes	The settings of the audit policy for CSB App Connect.	None.
K8sEventTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for ACK.	Default value: false. Valid values: true false
AppconnectOpCollectionPolicy	String	No	Yes	The collection policy for CSB App Connect logs.	None.
NasAuditCollectionPolicy	String	No	Yes	The collection policy for the audit logs of NAS.	None.
K8sAuditTtl	Number	No	Yes	The period of time during which the Kubernetes audit logs of ACK are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
SlbAccessCollectionPolicy	String	No	Yes	The collection policy for the audit logs of SLB.	None.
K8sIngressEnabled	Boolean	No	Yes	Specifies whether to audit the Ingress access logs of ACK.	Default value: false. Valid values: true false
K8sAuditCollectionPolicy	String	No	Yes	The collection policy for the audit logs of ACK.	None.
RdsPerfTtl	Number	No	Yes	The period of time during which the performance logs of ApsaraDB RDS are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
OssAccessCollectionPolicy	String	No	Yes	The collection policy for the access logs of OSS.	None.
RdsSlowPolicySetting	List	No	Yes	The settings of the slow query log policy for ApsaraDB RDS.	None.
RdsSlowTtl	Number	No	Yes	The period of time during which the slow query logs of ApsaraDB RDS are stored in the Logstore of the central project.	Valid values: 3 to 3000. Default value: 180. Unit: days.
RdsPerfCollectionPolicy	String	No	Yes	The collection policy for the performance logs of ApsaraDB RDS.	None.
DdosCooAccessEnabled	Boolean	No	Yes	Specifies whether to audit the access logs of Anti-DDoS.	Default value: false. Valid values: true false
DdosCooAccessCollectionPolicy	String	No	Yes	The collection policy for the audit logs of Anti-DDoS.	None.
CloudfirewallAccessCollectionPolicy	String	No	Yes	The collection policy for the audit logs of WAF.	None.
RdsTiEnabled	Boolean	No	Yes	Specifies whether to enable the threat intelligence feature for ApsaraDB RDS.	Default value: false. Valid values: true false
K8sIngressCollectionPolicy	String	No	Yes	The collection policy for the Ingress access logs of ACK.	None.

Return values

Fn::GetAtt

DisplayName: the display name of Log Audit Service.

Examples

JSON format

{
  "ROSTemplateFormatVersion": "2015-09-01",
  "Parameters": {
    "VariableMap": {
      "Type": "Json",
      "Description": "Log audit detailed configuration."
    },
    "DisplayName": {
      "Type": "String",
      "Description": "Name of SLS log audit.",
      "MaxLength": 128
    },
    "MultiAccount": {
      "Type": "Json",
      "Description": "Multi-account configuration, please fill in multiple aliuid.",
      "MinLength": 0,
      "MaxLength": 100
    }
  },
  "Resources": {
    "Audit": {
      "Type": "ALIYUN::SLS::Audit",
      "Properties": {
        "VariableMap": {
          "Ref": "VariableMap"
        },
        "DisplayName": {
          "Ref": "DisplayName"
        },
        "MultiAccount": {
          "Ref": "MultiAccount"
        }
      }
    }
  },
  "Outputs": {
    "DisplayName": {
      "Description": "Name of SLS log audit.",
      "Value": {
        "Fn::GetAtt": [
          "Audit",
          "DisplayName"
        ]
      }
    }
  }
}

YAML format

ROSTemplateFormatVersion: '2015-09-01'
Parameters:
  DisplayName:
    Description: Name of SLS log audit.
    MaxLength: 128
    Type: String
  MultiAccount:
    Description: Multi-account configuration, please fill in multiple aliuid.
    MaxLength: 100
    MinLength: 0
    Type: Json
  VariableMap:
    Description: Log audit detailed configuration.
    Type: Json
Resources:
  Audit:
    Properties:
      DisplayName:
        Ref: DisplayName
      MultiAccount:
        Ref: MultiAccount
      VariableMap:
        Ref: VariableMap
    Type: ALIYUN::SLS::Audit
Outputs:
  DisplayName:
    Description: Name of SLS log audit.
    Value:
      Fn::GetAtt:
      - Audit
      - DisplayName