全部产品
Search
文档中心

资源编排:ALIYUN::SAS::Instance

更新时间:Mar 26, 2024

ALIYUN::SAS::Instance类型用于购买云安全中心实例。

语法

{
  "Type": "ALIYUN::SAS::Instance",
  "Properties": {
    "QuotaForApplicationProtection": Integer,
    "ThreatAnalysis": Boolean,
    "QuotaForMaliciousFileDetectionSDK": Integer,
    "ContainerImageScan": Integer,
    "ThreatAnalysisLogStorageCapacity": Integer,
    "AutoRenew": Boolean,
    "MaliciousFileDetectionSDK": Boolean,
    "VCore": Integer,
    "Period": Integer,
    "VulnerabilityFixing": Boolean,
    "QuotaForCloudHoneypot": Integer,
    "QuotaForWebTamperProofing": Integer,
    "AutoPay": Boolean,
    "Edition": String,
    "ConfigurationAssessment": Boolean,
    "LogAnalysis": Integer,
    "ProtectedServers": Integer,
    "CloudHoneypot": Boolean,
    "WebTamperProtection": Boolean,
    "QuotaForConfigurationAssessment": Integer,
    "QuotaForVulnerabilityFixing": Integer,
    "AntiRansomware": Integer,
    "PeriodUnit": String
  }
}

属性

属性名称

类型

必须

允许更新

描述

约束

QuotaForApplicationProtection

Integer

应用防护授权数。

该功能通过在应用运行时检测并阻断攻击,为应用提供安全防御。建议您将该应用防护授权数设置为每月需要防护的主机资产上的应用进程数量。购买的应用防护授权数越多,单价越低。具体价格,请参见计费概述

ThreatAnalysis

Boolean

是否威胁分析。

可检测并处理多个阿里云账号下多个云产品(例如云防火墙、专有网络VPC等)中的安全信息和安全事件,帮助您提升事件运营效率。

如果已购买日志分析存储容量,建议您将威胁分析日志存储量设置为日志分析存储容量的三倍。威胁分析需存储已接入管控的多个阿里云账号和阿里云产品的日志,因此需要购买充足的容量。

QuotaForMaliciousFileDetectionSDK

Integer

恶意文件检测SDK次数。

该功能结合云端海量文件库及多架构检测引擎,为用户提供针对WebShell文件、恶意脚本、二进制程序、宏病毒文档的高精度文件判研结果,可随时集成到各类应用场景中批量检测恶意文件。

ContainerImageScan

Integer

容器镜像安全扫描数量。

容器镜像安全扫描数量建议设置为您每个月需要进行容器漏洞检测的镜像数量。云安全中心是以摘要(Digest)值唯一标识一个镜像,镜像的摘要值不变时,只在第一次扫描时消耗一个镜像安全扫描次数。摘要值变化后,执行扫描操作会重新消耗镜像安全扫描次数。例如,您需要检测10个镜像,在购买云安全中心服务的期限内,预计镜像更新总次数为20次(即所有镜像摘要值变更总次数为20次),则容器镜像安全扫描数量需要设置为30(即10+20)。

仅版本选择高级版企业版、旗舰版或仅采购增值服务时,支持购买该功能。

ThreatAnalysisLogStorageCapacity

Integer

威胁分析日志存储容量。

AutoRenew

Boolean

是否自动续订预付费实例。

取值:

  • true:自动续订预付费实例。

  • false(默认值):手动续订预付费实例。

说明

选中自动续费后,自动续费周期与购买时长对应,即按年购买的自动续费周期是一年。例如,您购买了2年的云安全中心服务并选中了到期自动续费,购买的2年服务到期后云安全中心将为您自动续费1年。

MaliciousFileDetectionSDK

Boolean

是否恶意文件检测SDK。

建议您将恶意文件检测次数设置为每个月需要检测的文件个数。

该功能结合云端海量文件库及多架构检测引擎,为用户提供针对WebShell文件、恶意脚本、二进制程序、宏病毒文档的高精度文件判研结果,可随时集成到各类应用场景中批量检测恶意文件。

VCore

Integer

计算核数。

指定要防护的服务器总核数( Vmcore总数)。默认显示您最少需要购买的核数。

仅版本选择为防病毒版旗舰版时需要配置该参数,选择其他版本时,无需配置该参数。

Period

Integer

购买时长。

取值:

  • 当PeriodUnit为Month时,取值[1, 2, 6]。

  • 当PeriodUnit为Year时,取值[1, 2, 3]。

VulnerabilityFixing

Boolean

是否漏洞修复。

防病毒版仅采购增值服务需要购买该功能。该功能可以一键修复服务器中的Linux软件漏洞和Windows系统漏洞。建议您将漏洞修复次数设置为每月需要修复的漏洞总数。

说明
  • 如需修复的漏洞较多,建议您选择高级版企业版旗舰版,上述版本可直接修复对应服务器上的漏洞,不限制修复次数。

  • 如需修复的漏洞较少,云安全中心支持漏洞修复按量付费模式。您可以在漏洞管理页面,单击购买,开通漏洞修复按量付费。按量付费不受包年包月时长的限制,可以先使用,再按实际用量付费。

QuotaForCloudHoneypot

Integer

云蜜罐授权数。

QuotaForWebTamperProofing

Integer

网页防篡改配额。

可实时监控网站目录并通过备份恢复被篡改的文件或目录,保障重要系统的网站信息不被恶意篡改。

AutoPay

Boolean

是否自动付款。

取值:

  • true(默认值):自动付款。

  • false:手动付款。

Edition

String

版本。

取值:

  • Anti-virus:防病毒版。

  • Advanced:高级版。

  • Enterprise:企业版。

  • Ultimate:旗舰版。

ConfigurationAssessment

Boolean

是否配置评估。

配置评估特性从身份和权限管理、阿里云服务安全风险、合规风险三个维度检测云服务的配置错误和安全风险。 这确保了云服务运行环境的安全性。 

LogAnalysis

Integer

日志分析。

增值服务,如果设置日志存储容量大于0 GB则表示购买该功能。日志分析服务提供主机日志、网络日志、安全日志等子类日志的全量日志检索服务,用于事件回溯和安全分析。

说明

企业版和旗舰版支持16种子类日志;防病毒版和高级版仅支持主机和安全两大类的12种子类日志,不支持网络日志。

ProtectedServers

Integer

应用防护授权数。

该功能通过在应用运行时检测并阻断攻击,为应用提供安全防御。建议您将该应用防护授权数设置为每月需要防护的主机资产上的应用进程数量。购买的应用防护授权数越多,单价越低。

CloudHoneypot

Boolean

是否开启云蜜罐。

可针对攻击者的行为进行及时高效的威胁诱捕,在攻防对抗场景中提升对核心资产的检测和防护能力。

WebTamperProtection

Boolean

是否开启网页防篡改。

可实时监控网站目录并通过备份恢复被篡改的文件或目录,保障重要系统的网站信息不被恶意篡改。

QuotaForConfigurationAssessment

Integer

配置评估配额。

QuotaForVulnerabilityFixing

Integer

漏洞修复配额。

根据每个月需要修复的漏洞数量,设置漏洞修复配额。 配额等于您希望在所有服务器上修复的漏洞总数,而不管漏洞名称如何。 例如,如果在10台服务器上使用“安全中心”修复同一个漏洞,则配额减少10。 

AntiRansomware

Integer

反勒索配额。

安全中心提供全面的反勒索软件解决方案,保护您的业务。 我们建议为每台服务器配置50GB的数据保护容量。 

PeriodUnit

String

订阅持续时间的单位。

取值:

  • Month:月。

  • Year:年。

返回值

Fn::GetAtt

InstanceId:实例ID。

示例

  • YAML格式

    ROSTemplateFormatVersion: '2015-09-01'
    Parameters:
      AntiRansomware:
        Description:
          en: Security Center provides a comprehensive anti-ransomware solution to protect
            your business. We recommend that you configure a data protection capacity
            of 50GB for each server.
        Required: false
        Type: Number
      AutoPay:
        Default: true
        Description:
          en: 'Whether to auto pay the bill.Default: True'
        Required: false
        Type: Boolean
      AutoRenew:
        Default: false
        Description:
          en: 'Whether to auto renew the prepay instance.Default: False'
        Required: false
        Type: Boolean
      CloudHoneypot:
        Description:
          en: The cloud honeypot feature can capture attacks in a timely and efficient
            manner. You can use the feature to protect your core assets and detect attacks
            in attack and defense scenarios.
        Required: false
        Type: Boolean
      ConfigurationAssessment:
        Description:
          en: 'The configuration assessment feature detects configuration errors and security
            risks on cloud services from the following dimensions: identity and permission
            management, security risks in Alibaba Cloud services, and compliance risks.This
            ensures the security of the running environment of your cloud services.'
        Required: false
        Type: Boolean
      ContainerImageScan:
        Description:
          en: Security Center provides the container image scan feature to protect containers.
            Security Center can detect CVEs, application vulnerabilities, viruses, and
            malicious samples and allows you to handle the detected risks. You can configure
            this parameter based on the number of images or digests. For example, if the
            number of images or digests that are updated in the previous day is 10, you
            can set this parameter to 300 for a monthly subscription or to 3650 for a
            yearly subscription. This is more cost-effective.
        Required: false
        Type: Number
      Edition:
        AllowedValues:
        - Anti-virus
        - Advanced
        - Enterprise
        - Ultimate
        Description:
          en: The version of Security center.
        Required: false
        Type: String
      LogAnalysis:
        Description:
          en: In response to the requirements of the network security law, which requires
            logs to be stored for at least 180 days, we recommend that you configure a
            40GB log storage each server. Log analysis supports multi-dimensional security
            logs of cloud assets, out-of-the-box reports, and powerful SQL syntax analysis,
            so as to monitor business status, troubleshoot attacks, security operations
            such as traceability and positioning are easier.
        Required: false
        Type: Number
      MaliciousFileDetectionSDK:
        Description:
          en: 'The configuration assessment feature detects configuration errors and security
            risks on cloud services from the following dimensions: identity and permission
            management, security risks in Alibaba Cloud services, and compliance risks.
            This ensures the security of the running environment of your cloud services.'
        Required: false
        Type: Boolean
      Period:
        AllowedValues:
        - 1
        - 2
        - 3
        - 6
        AssociationProperty: PayPeriod
        Description:
          en: 'The subscription period of the firewallIf PeriodUnit is month, the valid
            range is 1, 3, 6
    
            If periodUnit is year, the valid range is 1, 2, 3'
        Required: true
        Type: Number
      PeriodUnit:
        AllowedValues:
        - Month
        - Year
        AssociationProperty: PayPeriodUnit
        Description:
          en: 'The unit of the subscription duration. Valid values:
    
            Month
    
            Year
    
            '
        Required: true
        Type: String
      ProtectedServers:
        Description:
          en: Authorization is the same as the number of servers you have.
        Required: false
        Type: Number
      QuotaForApplicationProtection:
        Description:
          en: The application protection feature can detect attacks on applications and
            provide self-protection during application runtime. The feature supports simple
            and convenient O&M and can effectively defend against zero-day and OWASP Top
            vulnerabilities. The feature is a value-added feature. You are charged based
            on the number of assets on which the RASP agent is installed. You must configure
            protection policies after you purchase the feature.
        Required: false
        Type: Number
      QuotaForCloudHoneypot:
        Required: false
        Type: Number
      QuotaForConfigurationAssessment:
        Required: false
        Type: Number
      QuotaForMaliciousFileDetectionSDK:
        Required: false
        Type: Number
      QuotaForVulnerabilityFixing:
        Description:
          en: Specify the quota for vulnerability fixing based on the number of vulnerabilities
            that you want to fix each month. The quota is equal to the total number of
            vulnerabilities that you want to fix on all servers regardless of the vulnerability
            names. For example, if you use Security Center to fix the same vulnerability
            on 10 servers, the quota is deducted by 10.
        Required: false
        Type: Number
      QuotaForWebTamperProofing:
        Required: false
        Type: Number
      ThreatAnalysis:
        Description:
          en: 'The threat analysis feature allows you to handle alerts that are generated
            for assets in the cloud within different accounts and assets of multiple cloud
            services in a centralized manner. The feature also allows you to handle risks
            with a few clicks. The feature provides automatic orchestration and response
            capabilities. '
        Required: false
        Type: Boolean
      ThreatAnalysisLogStorageCapacity:
        Required: false
        Type: Number
      VCore:
        Description:
          en: This parameter indicates the number of server vCPUs.
        Required: false
        Type: Number
      VulnerabilityFixing:
        Description:
          en: The vulnerability fixing feature allows you to fix system vulnerabilities
            with a few clicks. This improves O&M efficiency. You can separately purchase
            the vulnerability fixing feature. You are charged based on the number of times
            that you perform vulnerability fixing.
        Required: false
        Type: Boolean
      WebTamperProtection:
        Description:
          en: To ensure that the website information of important systems is not maliciously
            tampered with, there are bad content such as hanging horses, black chains,
            illegal implantation of terrorist threats, pornography, etc.
        Required: false
        Type: Boolean
    Resources:
      Instance:
        Properties:
          AntiRansomware:
            Ref: AntiRansomware
          AutoPay:
            Ref: AutoPay
          AutoRenew:
            Ref: AutoRenew
          CloudHoneypot:
            Ref: CloudHoneypot
          ConfigurationAssessment:
            Ref: ConfigurationAssessment
          ContainerImageScan:
            Ref: ContainerImageScan
          Edition:
            Ref: Edition
          LogAnalysis:
            Ref: LogAnalysis
          MaliciousFileDetectionSDK:
            Ref: MaliciousFileDetectionSDK
          Period:
            Ref: Period
          PeriodUnit:
            Ref: PeriodUnit
          ProtectedServers:
            Ref: ProtectedServers
          QuotaForApplicationProtection:
            Ref: QuotaForApplicationProtection
          QuotaForCloudHoneypot:
            Ref: QuotaForCloudHoneypot
          QuotaForConfigurationAssessment:
            Ref: QuotaForConfigurationAssessment
          QuotaForMaliciousFileDetectionSDK:
            Ref: QuotaForMaliciousFileDetectionSDK
          QuotaForVulnerabilityFixing:
            Ref: QuotaForVulnerabilityFixing
          QuotaForWebTamperProofing:
            Ref: QuotaForWebTamperProofing
          ThreatAnalysis:
            Ref: ThreatAnalysis
          ThreatAnalysisLogStorageCapacity:
            Ref: ThreatAnalysisLogStorageCapacity
          VCore:
            Ref: VCore
          VulnerabilityFixing:
            Ref: VulnerabilityFixing
          WebTamperProtection:
            Ref: WebTamperProtection
        Type: ALIYUN::SAS::Instance
    Outputs:
      InstanceId:
        Description: Instance Id.
        Value:
          Fn::GetAtt:
          - Instance
          - InstanceId
                            
  • JSON格式

    {
      "ROSTemplateFormatVersion": "2015-09-01",
      "Parameters": {
        "QuotaForApplicationProtection": {
          "Type": "Number",
          "Description": {
            "en": "The application protection feature can detect attacks on applications and provide self-protection during application runtime. The feature supports simple and convenient O&M and can effectively defend against zero-day and OWASP Top vulnerabilities. The feature is a value-added feature. You are charged based on the number of assets on which the RASP agent is installed. You must configure protection policies after you purchase the feature."
          },
          "Required": false
        },
        "ThreatAnalysis": {
          "Type": "Boolean",
          "Description": {
            "en": "The threat analysis feature allows you to handle alerts that are generated for assets in the cloud within different accounts and assets of multiple cloud services in a centralized manner. The feature also allows you to handle risks with a few clicks. The feature provides automatic orchestration and response capabilities. "
          },
          "Required": false
        },
        "QuotaForMaliciousFileDetectionSDK": {
          "Type": "Number",
          "Required": false
        },
        "ContainerImageScan": {
          "Type": "Number",
          "Description": {
            "en": "Security Center provides the container image scan feature to protect containers. Security Center can detect CVEs, application vulnerabilities, viruses, and malicious samples and allows you to handle the detected risks. You can configure this parameter based on the number of images or digests. For example, if the number of images or digests that are updated in the previous day is 10, you can set this parameter to 300 for a monthly subscription or to 3650 for a yearly subscription. This is more cost-effective."
          },
          "Required": false
        },
        "ThreatAnalysisLogStorageCapacity": {
          "Type": "Number",
          "Required": false
        },
        "AutoRenew": {
          "Type": "Boolean",
          "Description": {
            "en": "Whether to auto renew the prepay instance.Default: False"
          },
          "Required": false,
          "Default": false
        },
        "MaliciousFileDetectionSDK": {
          "Type": "Boolean",
          "Description": {
            "en": "The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks. This ensures the security of the running environment of your cloud services."
          },
          "Required": false
        },
        "VCore": {
          "Type": "Number",
          "Description": {
            "en": "This parameter indicates the number of server vCPUs."
          },
          "Required": false
        },
        "Period": {
          "AssociationProperty": "PayPeriod",
          "Type": "Number",
          "Description": {
            "en": "The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6\nIf periodUnit is year, the valid range is 1, 2, 3"
          },
          "AllowedValues": [
            1,
            2,
            3,
            6
          ],
          "Required": true
        },
        "VulnerabilityFixing": {
          "Type": "Boolean",
          "Description": {
            "en": "The vulnerability fixing feature allows you to fix system vulnerabilities with a few clicks. This improves O&M efficiency. You can separately purchase the vulnerability fixing feature. You are charged based on the number of times that you perform vulnerability fixing."
          },
          "Required": false
        },
        "QuotaForCloudHoneypot": {
          "Type": "Number",
          "Required": false
        },
        "QuotaForWebTamperProofing": {
          "Type": "Number",
          "Required": false
        },
        "AutoPay": {
          "Type": "Boolean",
          "Description": {
            "en": "Whether to auto pay the bill.Default: True"
          },
          "Required": false,
          "Default": true
        },
        "Edition": {
          "Type": "String",
          "Description": {
            "en": "The version of Security center."
          },
          "AllowedValues": [
            "Anti-virus",
            "Advanced",
            "Enterprise",
            "Ultimate"
          ],
          "Required": false
        },
        "ConfigurationAssessment": {
          "Type": "Boolean",
          "Description": {
            "en": "The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.This ensures the security of the running environment of your cloud services."
          },
          "Required": false
        },
        "LogAnalysis": {
          "Type": "Number",
          "Description": {
            "en": "In response to the requirements of the network security law, which requires logs to be stored for at least 180 days, we recommend that you configure a 40GB log storage each server. Log analysis supports multi-dimensional security logs of cloud assets, out-of-the-box reports, and powerful SQL syntax analysis, so as to monitor business status, troubleshoot attacks, security operations such as traceability and positioning are easier."
          },
          "Required": false
        },
        "ProtectedServers": {
          "Type": "Number",
          "Description": {
            "en": "Authorization is the same as the number of servers you have."
          },
          "Required": false
        },
        "CloudHoneypot": {
          "Type": "Boolean",
          "Description": {
            "en": "The cloud honeypot feature can capture attacks in a timely and efficient manner. You can use the feature to protect your core assets and detect attacks in attack and defense scenarios."
          },
          "Required": false
        },
        "WebTamperProtection": {
          "Type": "Boolean",
          "Description": {
            "en": "To ensure that the website information of important systems is not maliciously tampered with, there are bad content such as hanging horses, black chains, illegal implantation of terrorist threats, pornography, etc."
          },
          "Required": false
        },
        "QuotaForConfigurationAssessment": {
          "Type": "Number",
          "Required": false
        },
        "QuotaForVulnerabilityFixing": {
          "Type": "Number",
          "Description": {
            "en": "Specify the quota for vulnerability fixing based on the number of vulnerabilities that you want to fix each month. The quota is equal to the total number of vulnerabilities that you want to fix on all servers regardless of the vulnerability names. For example, if you use Security Center to fix the same vulnerability on 10 servers, the quota is deducted by 10."
          },
          "Required": false
        },
        "AntiRansomware": {
          "Type": "Number",
          "Description": {
            "en": "Security Center provides a comprehensive anti-ransomware solution to protect your business. We recommend that you configure a data protection capacity of 50GB for each server."
          },
          "Required": false
        },
        "PeriodUnit": {
          "AssociationProperty": "PayPeriodUnit",
          "Type": "String",
          "Description": {
            "en": "The unit of the subscription duration. Valid values:\nMonth\nYear\n"
          },
          "AllowedValues": [
            "Month",
            "Year"
          ],
          "Required": true
        }
      },
      "Resources": {
        "Instance": {
          "Type": "ALIYUN::SAS::Instance",
          "Properties": {
            "QuotaForApplicationProtection": {
              "Ref": "QuotaForApplicationProtection"
            },
            "ThreatAnalysis": {
              "Ref": "ThreatAnalysis"
            },
            "QuotaForMaliciousFileDetectionSDK": {
              "Ref": "QuotaForMaliciousFileDetectionSDK"
            },
            "ContainerImageScan": {
              "Ref": "ContainerImageScan"
            },
            "ThreatAnalysisLogStorageCapacity": {
              "Ref": "ThreatAnalysisLogStorageCapacity"
            },
            "AutoRenew": {
              "Ref": "AutoRenew"
            },
            "MaliciousFileDetectionSDK": {
              "Ref": "MaliciousFileDetectionSDK"
            },
            "VCore": {
              "Ref": "VCore"
            },
            "Period": {
              "Ref": "Period"
            },
            "VulnerabilityFixing": {
              "Ref": "VulnerabilityFixing"
            },
            "QuotaForCloudHoneypot": {
              "Ref": "QuotaForCloudHoneypot"
            },
            "QuotaForWebTamperProofing": {
              "Ref": "QuotaForWebTamperProofing"
            },
            "AutoPay": {
              "Ref": "AutoPay"
            },
            "Edition": {
              "Ref": "Edition"
            },
            "ConfigurationAssessment": {
              "Ref": "ConfigurationAssessment"
            },
            "LogAnalysis": {
              "Ref": "LogAnalysis"
            },
            "ProtectedServers": {
              "Ref": "ProtectedServers"
            },
            "CloudHoneypot": {
              "Ref": "CloudHoneypot"
            },
            "WebTamperProtection": {
              "Ref": "WebTamperProtection"
            },
            "QuotaForConfigurationAssessment": {
              "Ref": "QuotaForConfigurationAssessment"
            },
            "QuotaForVulnerabilityFixing": {
              "Ref": "QuotaForVulnerabilityFixing"
            },
            "AntiRansomware": {
              "Ref": "AntiRansomware"
            },
            "PeriodUnit": {
              "Ref": "PeriodUnit"
            }
          }
        }
      },
      "Outputs": {
        "InstanceId": {
          "Description": "Instance Id.",
          "Value": {
            "Fn::GetAtt": [
              "Instance",
              "InstanceId"
            ]
          }
        }
      }
    }