Instance
This class encapsulates and extends the ROS resource type ALIYUN::SAS::Instance, which is used to purchase Security Center.
Initializers
import ros_cdk_sas
ros_cdk_sas.Instance(
scope: Construct,
id: str,
period: typing.Union[typing.Union[int, float], IResolvable],
period_unit: typing.Union[str, IResolvable],
anti_ransomware: typing.Union[typing.Union[int, float], IResolvable] = None,
auto_pay: typing.Union[bool, IResolvable] = None,
auto_renew: typing.Union[bool, IResolvable] = None,
cloud_honeypot: typing.Union[bool, IResolvable] = None,
configuration_assessment: typing.Union[bool, IResolvable] = None,
container_image_scan: typing.Union[typing.Union[int, float], IResolvable] = None,
edition: typing.Union[str, IResolvable] = None,
log_analysis: typing.Union[typing.Union[int, float], IResolvable] = None,
malicious_file_detection_sdk: typing.Union[bool, IResolvable] = None,
protected_servers: typing.Union[typing.Union[int, float], IResolvable] = None,
quota_for_application_protection: typing.Union[typing.Union[int, float], IResolvable] = None,
quota_for_cloud_honeypot: typing.Union[typing.Union[int, float], IResolvable] = None,
quota_for_configuration_assessment: typing.Union[typing.Union[int, float], IResolvable] = None,
quota_for_malicious_file_detection_sdk: typing.Union[typing.Union[int, float], IResolvable] = None,
quota_for_vulnerability_fixing: typing.Union[typing.Union[int, float], IResolvable] = None,
quota_for_web_tamper_proofing: typing.Union[typing.Union[int, float], IResolvable] = None,
threat_analysis: typing.Union[bool, IResolvable] = None,
threat_analysis_log_storage_capacity: typing.Union[typing.Union[int, float], IResolvable] = None,
v_core: typing.Union[typing.Union[int, float], IResolvable] = None,
vulnerability_fixing: typing.Union[bool, IResolvable] = None,
web_tamper_protection: typing.Union[bool, IResolvable] = None,
enable_resource_property_constraint: bool = None
)
| Name | Type | Description |
|---|---|---|
scope |
ros_cdk_core.Construct |
No description. |
id |
str |
No description. |
period |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property period: The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6 If periodUnit is year, the valid range is 1, 2, 3. |
period_unit |
typing.Union[str, ros_cdk_core.IResolvable] |
Property periodUnit: The unit of the subscription duration. |
anti_ransomware |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property antiRansomware: Security Center provides a comprehensive anti-ransomware solution to protect your business. |
auto_pay |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property autoPay: Whether to auto pay the bill.Default: True. |
auto_renew |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property autoRenew: Whether to auto renew the prepay instance.Default: False. |
cloud_honeypot |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property cloudHoneypot: The cloud honeypot feature can capture attacks in a timely and efficient manner. |
configuration_assessment |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property configurationAssessment: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.This ensures the security of the running environment of your cloud services. |
container_image_scan |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property containerImageScan: Security Center provides the container image scan feature to protect containers. |
edition |
typing.Union[str, ros_cdk_core.IResolvable] |
Property edition: The version of Security center. |
log_analysis |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property logAnalysis: In response to the requirements of the network security law, which requires logs to be stored for at least 180 days, we recommend that you configure a 40GB log storage each server. |
malicious_file_detection_sdk |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property maliciousFileDetectionSdk: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks. |
protected_servers |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property protectedServers: Authorization is the same as the number of servers you have. |
quota_for_application_protection |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property quotaForApplicationProtection: The application protection feature can detect attacks on applications and provide self-protection during application runtime. |
quota_for_cloud_honeypot |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property quotaForCloudHoneypot:. |
quota_for_configuration_assessment |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property quotaForConfigurationAssessment:. |
quota_for_malicious_file_detection_sdk |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property quotaForMaliciousFileDetectionSdk:. |
quota_for_vulnerability_fixing |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property quotaForVulnerabilityFixing: Specify the quota for vulnerability fixing based on the number of vulnerabilities that you want to fix each month. |
quota_for_web_tamper_proofing |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property quotaForWebTamperProofing:. |
threat_analysis |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property threatAnalysis: The threat analysis feature allows you to handle alerts that are generated for assets in the cloud within different accounts and assets of multiple cloud services in a centralized manner. |
threat_analysis_log_storage_capacity |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property threatAnalysisLogStorageCapacity:. |
v_core |
typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] |
Property vCore: This parameter indicates the number of server vCPUs. |
vulnerability_fixing |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property vulnerabilityFixing: The vulnerability fixing feature allows you to fix system vulnerabilities with a few clicks. |
web_tamper_protection |
typing.Union[bool, ros_cdk_core.IResolvable] |
Property webTamperProtection: To ensure that the website information of important systems is not maliciously tampered with, there are bad content such as hanging horses, black chains, illegal implantation of terrorist threats, pornography, etc. |
enable_resource_property_constraint |
bool |
No description. |
scopeRequired
- Type: ros_cdk_core.Construct
idRequired
- Type: str
periodRequired
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property period: The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6 If periodUnit is year, the valid range is 1, 2, 3.
period_unitRequired
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property periodUnit: The unit of the subscription duration.
Valid values: Month Year
anti_ransomwareOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property antiRansomware: Security Center provides a comprehensive anti-ransomware solution to protect your business.
We recommend that you configure a data protection capacity of 50GB for each server.
auto_payOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property autoPay: Whether to auto pay the bill.Default: True.
auto_renewOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property autoRenew: Whether to auto renew the prepay instance.Default: False.
cloud_honeypotOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property cloudHoneypot: The cloud honeypot feature can capture attacks in a timely and efficient manner.
You can use the feature to protect your core assets and detect attacks in attack and defense scenarios.
configuration_assessmentOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property configurationAssessment: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.This ensures the security of the running environment of your cloud services.
container_image_scanOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property containerImageScan: Security Center provides the container image scan feature to protect containers.
Security Center can detect CVEs, application vulnerabilities, viruses, and malicious samples and allows you to handle the detected risks. You can configure this parameter based on the number of images or digests. For example, if the number of images or digests that are updated in the previous day is 10, you can set this parameter to 300 for a monthly subscription or to 3650 for a yearly subscription. This is more cost-effective.
editionOptional
- Type: typing.Union[str, ros_cdk_core.IResolvable]
Property edition: The version of Security center.
log_analysisOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property logAnalysis: In response to the requirements of the network security law, which requires logs to be stored for at least 180 days, we recommend that you configure a 40GB log storage each server.
Log analysis supports multi-dimensional security logs of cloud assets, out-of-the-box reports, and powerful SQL syntax analysis, so as to monitor business status, troubleshoot attacks, security operations such as traceability and positioning are easier.
malicious_file_detection_sdkOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property maliciousFileDetectionSdk: The configuration assessment feature detects configuration errors and security risks on cloud services from the following dimensions: identity and permission management, security risks in Alibaba Cloud services, and compliance risks.
This ensures the security of the running environment of your cloud services.
protected_serversOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property protectedServers: Authorization is the same as the number of servers you have.
quota_for_application_protectionOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property quotaForApplicationProtection: The application protection feature can detect attacks on applications and provide self-protection during application runtime.
The feature supports simple and convenient O&M and can effectively defend against zero-day and OWASP Top vulnerabilities. The feature is a value-added feature. You are charged based on the number of assets on which the RASP agent is installed. You must configure protection policies after you purchase the feature.
quota_for_cloud_honeypotOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property quotaForCloudHoneypot:.
quota_for_configuration_assessmentOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property quotaForConfigurationAssessment:.
quota_for_malicious_file_detection_sdkOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property quotaForMaliciousFileDetectionSdk:.
quota_for_vulnerability_fixingOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property quotaForVulnerabilityFixing: Specify the quota for vulnerability fixing based on the number of vulnerabilities that you want to fix each month.
The quota is equal to the total number of vulnerabilities that you want to fix on all servers regardless of the vulnerability names. For example, if you use Security Center to fix the same vulnerability on 10 servers, the quota is deducted by 10.
quota_for_web_tamper_proofingOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property quotaForWebTamperProofing:.
threat_analysisOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property threatAnalysis: The threat analysis feature allows you to handle alerts that are generated for assets in the cloud within different accounts and assets of multiple cloud services in a centralized manner.
The feature also allows you to handle risks with a few clicks. The feature provides automatic orchestration and response capabilities.
threat_analysis_log_storage_capacityOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property threatAnalysisLogStorageCapacity:.
v_coreOptional
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
Property vCore: This parameter indicates the number of server vCPUs.
vulnerability_fixingOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property vulnerabilityFixing: The vulnerability fixing feature allows you to fix system vulnerabilities with a few clicks.
This improves O&M efficiency. You can separately purchase the vulnerability fixing feature. You are charged based on the number of times that you perform vulnerability fixing.
web_tamper_protectionOptional
- Type: typing.Union[bool, ros_cdk_core.IResolvable]
Property webTamperProtection: To ensure that the website information of important systems is not maliciously tampered with, there are bad content such as hanging horses, black chains, illegal implantation of terrorist threats, pornography, etc.
enable_resource_property_constraintOptional
- Type: bool
Methods
| Name | Description |
|---|---|
to_string |
Returns a string representation of this construct. |
synthesize |
Allows this construct to emit artifacts into the cloud assembly during synthesis. |
add_condition |
No description. |
add_count |
No description. |
add_dependency |
No description. |
add_resource_desc |
No description. |
apply_removal_policy |
No description. |
get_att |
No description. |
set_metadata |
No description. |
to_string
def to_string() -> str
Returns a string representation of this construct.
synthesize
def synthesize(
session: ISynthesisSession
) -> None
Allows this construct to emit artifacts into the cloud assembly during synthesis.
This method is usually implemented by framework-level constructs such as Stack and Asset
as they participate in synthesizing the cloud assembly.
- Type: ros_cdk_core.ISynthesisSession
The synthesis session.
add_condition
def add_condition(
condition: RosCondition
) -> None
- Type: ros_cdk_core.RosCondition
add_count
def add_count(
count: typing.Union[typing.Union[int, float], IResolvable]
) -> None
- Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]
add_dependency
def add_dependency(
resource: Resource
) -> None
- Type: ros_cdk_core.Resource
add_resource_desc
def add_resource_desc(
desc: str
) -> None
- Type: str
apply_removal_policy
def apply_removal_policy(
policy: RemovalPolicy
) -> None
- Type: ros_cdk_core.RemovalPolicy
get_att
def get_att(
name: str
) -> IResolvable
- Type: str
set_metadata
def set_metadata(
key: str,
value: typing.Any
) -> None
- Type: str
- Type: typing.Any
Static Functions
| Name | Description |
|---|---|
is_construct |
Return whether the given object is a Construct. |
is_construct
import ros_cdk_sas
ros_cdk_sas.Instance.is_construct(
x: typing.Any
)
Return whether the given object is a Construct.
- Type: typing.Any
Properties
| Name | Type | Description |
|---|---|---|
node |
ros_cdk_core.ConstructNode |
The construct tree node associated with this construct. |
ref |
str |
No description. |
stack |
ros_cdk_core.Stack |
The stack in which this resource is defined. |
resource |
ros_cdk_core.RosResource |
No description. |
attr_instance_id |
ros_cdk_core.IResolvable |
Attribute InstanceId: Instance Id. |
nodeRequired
node: ConstructNode
- Type: ros_cdk_core.ConstructNode
The construct tree node associated with this construct.
refRequired
ref: str
- Type: str
stackRequired
stack: Stack
- Type: ros_cdk_core.Stack
The stack in which this resource is defined.
resourceOptional
resource: RosResource
- Type: ros_cdk_core.RosResource
attr_instance_idRequired
attr_instance_id: IResolvable
- Type: ros_cdk_core.IResolvable
Attribute InstanceId: Instance Id.