Instance

This class encapsulates and extends the ROS resource type ALIYUN::SAS::Instance, which is used to purchase Security Center.

Initializers

import ros_cdk_sas
ros_cdk_sas.Instance(
  scope: Construct,
  id: str,
  period: typing.Union[typing.Union[int, float], IResolvable],
  period_unit: typing.Union[str, IResolvable],
  anti_ransomware: typing.Union[typing.Union[int, float], IResolvable] = None,
  anti_ransomware_manage_service: typing.Union[bool, IResolvable] = None,
  auto_pay: typing.Union[bool, IResolvable] = None,
  auto_renew: typing.Union[bool, IResolvable] = None,
  cloud_honeypot: typing.Union[bool, IResolvable] = None,
  configuration_assessment: typing.Union[bool, IResolvable] = None,
  container_image_scan: typing.Union[typing.Union[int, float], IResolvable] = None,
  edition: typing.Union[str, IResolvable] = None,
  log_analysis: typing.Union[typing.Union[int, float], IResolvable] = None,
  malicious_file_detection_sdk: typing.Union[bool, IResolvable] = None,
  protected_servers: typing.Union[typing.Union[int, float], IResolvable] = None,
  quota_for_application_protection: typing.Union[typing.Union[int, float], IResolvable] = None,
  quota_for_cloud_honeypot: typing.Union[typing.Union[int, float], IResolvable] = None,
  quota_for_configuration_assessment: typing.Union[typing.Union[int, float], IResolvable] = None,
  quota_for_malicious_file_detection_sdk: typing.Union[typing.Union[int, float], IResolvable] = None,
  quota_for_vulnerability_fixing: typing.Union[typing.Union[int, float], IResolvable] = None,
  quota_for_web_tamper_proofing: typing.Union[typing.Union[int, float], IResolvable] = None,
  threat_analysis: typing.Union[bool, IResolvable] = None,
  threat_analysis_log_storage_capacity: typing.Union[typing.Union[int, float], IResolvable] = None,
  v_core: typing.Union[typing.Union[int, float], IResolvable] = None,
  vulnerability_fixing: typing.Union[bool, IResolvable] = None,
  web_tamper_protection: typing.Union[bool, IResolvable] = None,
  enable_resource_property_constraint: bool = None
)

Name	Type	Description
scope	ros_cdk_core.Construct	No description.
id	str	No description.
period	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property period: The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6 If periodUnit is year, the valid range is 1, 2, 3.
period_unit	typing.Union[str, ros_cdk_core.IResolvable]	Property periodUnit: The unit of the subscription duration.
anti_ransomware	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property antiRansomware: Security Center provides a comprehensive anti-ransomware solution to protect your business.
anti_ransomware_manage_service	typing.Union[bool, ros_cdk_core.IResolvable]	Property antiRansomwareManageService: Provide you with security hosting services such as anti-ransomware configuration, monitoring, and anti-ransomware incident emergency response.
auto_pay	typing.Union[bool, ros_cdk_core.IResolvable]	Property autoPay: Whether to auto pay the bill.Default: True.
auto_renew	typing.Union[bool, ros_cdk_core.IResolvable]	Property autoRenew: Whether to auto renew the prepay instance.Default: False.
cloud_honeypot	typing.Union[bool, ros_cdk_core.IResolvable]	Property cloudHoneypot: The cloud honeypot feature can capture attacks in a timely and efficient manner.
configuration_assessment	typing.Union[bool, ros_cdk_core.IResolvable]	Property configurationAssessment: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.This ensures the security of the running environment of your cloud services.
container_image_scan	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property containerImageScan: Security Center provides the container image scan feature to protect containers.
edition	typing.Union[str, ros_cdk_core.IResolvable]	Property edition: The version of Security center.
log_analysis	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property logAnalysis: In response to the requirements of the network security law, which requires logs to be stored for at least 180 days, we recommend that you configure a 40GB log storage each server.
malicious_file_detection_sdk	typing.Union[bool, ros_cdk_core.IResolvable]	Property maliciousFileDetectionSdk: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.
protected_servers	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property protectedServers: Authorization is the same as the number of servers you have.
quota_for_application_protection	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property quotaForApplicationProtection: The application protection feature can detect attacks on applications and provide self-protection during application runtime.
quota_for_cloud_honeypot	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property quotaForCloudHoneypot:.
quota_for_configuration_assessment	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property quotaForConfigurationAssessment:.
quota_for_malicious_file_detection_sdk	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property quotaForMaliciousFileDetectionSdk:.
quota_for_vulnerability_fixing	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property quotaForVulnerabilityFixing: Specify the quota for vulnerability fixing based on the number of vulnerabilities that you want to fix each month.
quota_for_web_tamper_proofing	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property quotaForWebTamperProofing:.
threat_analysis	typing.Union[bool, ros_cdk_core.IResolvable]	Property threatAnalysis: The threat analysis feature allows you to handle alerts that are generated for assets in the cloud within different accounts and assets of multiple cloud services in a centralized manner.
threat_analysis_log_storage_capacity	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property threatAnalysisLogStorageCapacity:.
v_core	typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]	Property vCore: This parameter indicates the number of server vCPUs.
vulnerability_fixing	typing.Union[bool, ros_cdk_core.IResolvable]	Property vulnerabilityFixing: The vulnerability fixing feature allows you to fix system vulnerabilities with a few clicks.
web_tamper_protection	typing.Union[bool, ros_cdk_core.IResolvable]	Property webTamperProtection: To ensure that the website information of important systems is not maliciously tampered with, there are bad content such as hanging horses, black chains, illegal implantation of terrorist threats, pornography, etc.
enable_resource_property_constraint	bool	No description.

---

scope^Required

• Type: ros_cdk_core.Construct

---

id^Required

• Type: str

---

period^Required

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property period: The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6 If periodUnit is year, the valid range is 1, 2, 3.

---

period_unit^Required

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property periodUnit: The unit of the subscription duration.

Valid values: Month Year

---

anti_ransomware^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property antiRansomware: Security Center provides a comprehensive anti-ransomware solution to protect your business.

We recommend that you configure a data protection capacity of 50GB for each server.

---

anti_ransomware_manage_service^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property antiRansomwareManageService: Provide you with security hosting services such as anti-ransomware configuration, monitoring, and anti-ransomware incident emergency response.

Note:

---

auto_pay^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property autoPay: Whether to auto pay the bill.Default: True.

---

auto_renew^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property autoRenew: Whether to auto renew the prepay instance.Default: False.

---

cloud_honeypot^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property cloudHoneypot: The cloud honeypot feature can capture attacks in a timely and efficient manner.

You can use the feature to protect your core assets and detect attacks in attack and defense scenarios.

---

configuration_assessment^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property configurationAssessment: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.This ensures the security of the running environment of your cloud services.

---

container_image_scan^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property containerImageScan: Security Center provides the container image scan feature to protect containers.

Security Center can detect CVEs, application vulnerabilities, viruses, and malicious samples and allows you to handle the detected risks. You can configure this parameter based on the number of images or digests. For example, if the number of images or digests that are updated in the previous day is 10, you can set this parameter to 300 for a monthly subscription or to 3650 for a yearly subscription. This is more cost-effective.

---

edition^Optional

• Type: typing.Union[str, ros_cdk_core.IResolvable]

Property edition: The version of Security center.

---

log_analysis^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property logAnalysis: In response to the requirements of the network security law, which requires logs to be stored for at least 180 days, we recommend that you configure a 40GB log storage each server.

Log analysis supports multi-dimensional security logs of cloud assets, out-of-the-box reports, and powerful SQL syntax analysis, so as to monitor business status, troubleshoot attacks, security operations such as traceability and positioning are easier.

---

malicious_file_detection_sdk^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property maliciousFileDetectionSdk: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.

This ensures the security of the running environment of your cloud services.

---

protected_servers^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property protectedServers: Authorization is the same as the number of servers you have.

---

quota_for_application_protection^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property quotaForApplicationProtection: The application protection feature can detect attacks on applications and provide self-protection during application runtime.

The feature supports simple and convenient O&M and can effectively defend against zero-day and OWASP Top vulnerabilities. The feature is a value-added feature. You are charged based on the number of assets on which the RASP agent is installed. You must configure protection policies after you purchase the feature.

---

quota_for_cloud_honeypot^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property quotaForCloudHoneypot:.

---

quota_for_configuration_assessment^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property quotaForConfigurationAssessment:.

---

quota_for_malicious_file_detection_sdk^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property quotaForMaliciousFileDetectionSdk:.

---

quota_for_vulnerability_fixing^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property quotaForVulnerabilityFixing: Specify the quota for vulnerability fixing based on the number of vulnerabilities that you want to fix each month.

The quota is equal to the total number of vulnerabilities that you want to fix on all servers regardless of the vulnerability names. For example, if you use Security Center to fix the same vulnerability on 10 servers, the quota is deducted by 10.

---

quota_for_web_tamper_proofing^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property quotaForWebTamperProofing:.

---

threat_analysis^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property threatAnalysis: The threat analysis feature allows you to handle alerts that are generated for assets in the cloud within different accounts and assets of multiple cloud services in a centralized manner.

The feature also allows you to handle risks with a few clicks. The feature provides automatic orchestration and response capabilities.

---

threat_analysis_log_storage_capacity^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property threatAnalysisLogStorageCapacity:.

---

v_core^Optional

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property vCore: This parameter indicates the number of server vCPUs.

---

vulnerability_fixing^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property vulnerabilityFixing: The vulnerability fixing feature allows you to fix system vulnerabilities with a few clicks.

This improves O&M efficiency. You can separately purchase the vulnerability fixing feature. You are charged based on the number of times that you perform vulnerability fixing.

---

web_tamper_protection^Optional

• Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property webTamperProtection: To ensure that the website information of important systems is not maliciously tampered with, there are bad content such as hanging horses, black chains, illegal implantation of terrorist threats, pornography, etc.

---

enable_resource_property_constraint^Optional

• Type: bool

---

Methods

Name	Description
to_string	Returns a string representation of this construct.
synthesize	Allows this construct to emit artifacts into the cloud assembly during synthesis.
add_condition	No description.
add_count	No description.
add_dependency	No description.
add_resource_desc	No description.
apply_removal_policy	No description.
get_att	No description.
set_metadata	No description.

---

to_string

def to_string() -> str

Returns a string representation of this construct.

synthesize

def synthesize(
  session: ISynthesisSession
) -> None

Allows this construct to emit artifacts into the cloud assembly during synthesis.

This method is usually implemented by framework-level constructs such as Stack and Asset as they participate in synthesizing the cloud assembly.

session^Required

• Type: ros_cdk_core.ISynthesisSession

The synthesis session.

---

add_condition

def add_condition(
  condition: RosCondition
) -> None

condition^Required

• Type: ros_cdk_core.RosCondition

---

add_count

def add_count(
  count: typing.Union[typing.Union[int, float], IResolvable]
) -> None

count^Required

• Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

---

add_dependency

def add_dependency(
  resource: Resource
) -> None

resource^Required

• Type: ros_cdk_core.Resource

---

add_resource_desc

def add_resource_desc(
  desc: str
) -> None

desc^Required

• Type: str

---

apply_removal_policy

def apply_removal_policy(
  policy: RemovalPolicy
) -> None

policy^Required

• Type: ros_cdk_core.RemovalPolicy

---

get_att

def get_att(
  name: str
) -> IResolvable

name^Required

• Type: str

---

set_metadata

def set_metadata(
  key: str,
  value: typing.Any
) -> None

key^Required

• Type: str

---

value^Required

• Type: typing.Any

---

Static Functions

Name	Description
is_construct	Return whether the given object is a Construct.

---

is_construct

import ros_cdk_sas
ros_cdk_sas.Instance.is_construct(
  x: typing.Any
)

Return whether the given object is a Construct.

x^Required

• Type: typing.Any

---

Properties

Name	Type	Description
node	ros_cdk_core.ConstructNode	The construct tree node associated with this construct.
ref	str	No description.
stack	ros_cdk_core.Stack	The stack in which this resource is defined.
resource	ros_cdk_core.RosResource	No description.
attr_instance_id	ros_cdk_core.IResolvable	Attribute InstanceId: Instance Id.

---

node^Required

node: ConstructNode

• Type: ros_cdk_core.ConstructNode

The construct tree node associated with this construct.

---

ref^Required

ref: str

• Type: str

---

stack^Required

stack: Stack

• Type: ros_cdk_core.Stack

The stack in which this resource is defined.

---

resource^Optional

resource: RosResource

• Type: ros_cdk_core.RosResource

---

attr_instance_id^Required

attr_instance_id: IResolvable

• Type: ros_cdk_core.IResolvable

Attribute InstanceId: Instance Id.

---