Skip to content

Instance

This class encapsulates and extends the ROS resource type ALIYUN::WAF3::Instance, which is used to create a Web Application Firewall (WAF) 3.0 instance.

Initializers 

import ros_cdk_waf3
ros_cdk_waf3.Instance(
  scope: Construct,
  id: str,
  pay_type: typing.Union[str, IResolvable],
  region: typing.Union[str, IResolvable],
  additional_protection_nodes: typing.Union[typing.Union[int, float], IResolvable] = None,
  api_security: typing.Union[bool, IResolvable] = None,
  auto_pay: typing.Union[bool, IResolvable] = None,
  auto_renew: typing.Union[bool, IResolvable] = None,
  bot_app_protection: typing.Union[bool, IResolvable] = None,
  bot_web_protection: typing.Union[bool, IResolvable] = None,
  domains_extension: typing.Union[typing.Union[int, float], IResolvable] = None,
  elastic_qps: typing.Union[typing.Union[int, float], IResolvable] = None,
  exclusive_ip_address: typing.Union[typing.Union[int, float], IResolvable] = None,
  fraud_detection: typing.Union[bool, IResolvable] = None,
  ignore_existing: typing.Union[bool, IResolvable] = None,
  intelligent_load_balancing: typing.Union[bool, IResolvable] = None,
  log_service: typing.Union[bool, IResolvable] = None,
  log_storage: typing.Union[typing.Union[int, float], IResolvable] = None,
  period: typing.Union[typing.Union[int, float], IResolvable] = None,
  period_unit: typing.Union[str, IResolvable] = None,
  qps_extension: typing.Union[typing.Union[int, float], IResolvable] = None,
  traffic_billing_protection_threshold: typing.Union[typing.Union[int, float], IResolvable] = None,
  waf_version: typing.Union[str, IResolvable] = None,
  enable_resource_property_constraint: bool = None
)
Name Type Description
scope ros_cdk_core.Construct No description.
id str No description.
pay_type typing.Union[str, ros_cdk_core.IResolvable] Property payType: The billing method of the firewall instance.
region typing.Union[str, ros_cdk_core.IResolvable] Property region: Web Application Firewall is available in the following regions: regions in the Chinese mainland, China (Hong Kong), Singapore (Singapore), Malaysia (Kuala Lumpur), US (Silicon Valley), Australia (Sydney), Germany (Frankfurt), India (Mumbai), Indonesia (Jakarta), UAE (Dubai), and Japan (Tokyo).
additional_protection_nodes typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property additionalProtectionNodes: Each protection cluster has at least two protection nodes, and each node provides the protection capabilities of up to 5,000 QPS for HTTP requests or up to 3,000 QPS for HTTPS requests.
api_security typing.Union[bool, ros_cdk_core.IResolvable] Property apiSecurity: The API security feature detects responses with specified characteristics to check whether data leaks occur.
auto_pay typing.Union[bool, ros_cdk_core.IResolvable] Property autoPay: Whether to auto pay the bill.
auto_renew typing.Union[bool, ros_cdk_core.IResolvable] Property autoRenew: Whether to auto renew the prepay instance.
bot_app_protection typing.Union[bool, ros_cdk_core.IResolvable] Property botAppProtection: Bot management module for App protection.
bot_web_protection typing.Union[bool, ros_cdk_core.IResolvable] Property botWebProtection: Bot management module for Web application protection.
domains_extension typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property domainsExtension: If the actual number of required access domain names exceeds the number of free domain names in the version, the number of domain names can be expanded according to this specification.Domain name counting does not differentiate between domain name types. The main domain name, sub-domain name, and pan-domain name are each counted as one domain name.
elastic_qps typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property elasticQps: The burstable QPS (pay-as-you-go) feature is suitable for scenarios that involve short-term or sudden traffic surges, for example, during promotions.
exclusive_ip_address typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property exclusiveIpAddress: Excluesive IP address number.
fraud_detection typing.Union[bool, ros_cdk_core.IResolvable] Property fraudDetection: You can enable this feature only after you enable the bot management module.
ignore_existing typing.Union[bool, ros_cdk_core.IResolvable] Property ignoreExisting: Whether to ignore existing WAF3 instance False: ROS will perform a uniqueness check.If the WAF3 instance exists, an error will be reported when creating it. True: ROS will not check the uniqueness.If the WAF3 instance exists, the creation process will be ignored. If the WAF3 instance is not created by ROS, it will be ignored during update and delete stage.
intelligent_load_balancing typing.Union[bool, ros_cdk_core.IResolvable] Property intelligentLoadBalancing: Intelligent load balancer for WAF instance.
log_service typing.Union[bool, ros_cdk_core.IResolvable] Property logService: Log service for WAF instance.
log_storage typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property logStorage: Log storage capacity.
period typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property period: The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6 If periodUnit is year, the valid range is 1, 2, 3.
period_unit typing.Union[str, ros_cdk_core.IResolvable] Property periodUnit: The unit of the subscription duration.
qps_extension typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property qpsExtension: Extended QPS.
traffic_billing_protection_threshold typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable] Property trafficBillingProtectionThreshold: In pay-as-you-go WAF 3.0, the traffic billing protection feature is automatically enabled to prevent unexpected and unusually high bills that result from unpredictable factors such as HTTP flood attacks. A bill is not generated for an hour if the peak traffic exceeds the traffic billing protection threshold within the hour. Then, your WAF instance is added to a sandbox. If the peak traffic is lower than the traffic billing protection threshold the next hour, your WAF instance is removed from the sandbox.
waf_version typing.Union[str, ros_cdk_core.IResolvable] Property wafVersion: The version of WAF3.0.
enable_resource_property_constraint bool No description.

scopeRequired

  • Type: ros_cdk_core.Construct

idRequired

  • Type: str

pay_typeRequired

  • Type: typing.Union[str, ros_cdk_core.IResolvable]

Property payType: The billing method of the firewall instance.

Valid values: PayAsYouGo: pay-as-you-go Subscription: subscription

regionRequired

  • Type: typing.Union[str, ros_cdk_core.IResolvable]

Property region: Web Application Firewall is available in the following regions: regions in the Chinese mainland, China (Hong Kong), Singapore (Singapore), Malaysia (Kuala Lumpur), US (Silicon Valley), Australia (Sydney), Germany (Frankfurt), India (Mumbai), Indonesia (Jakarta), UAE (Dubai), and Japan (Tokyo).

If your origin server is deployed within the Chinese mainland, select Chinese Mainland. If your origin server is deployed outside the Chinese mainland, select Outside Chinese mainland. Intelligent region selection is supported.

additional_protection_nodesOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property additionalProtectionNodes: Each protection cluster has at least two protection nodes, and each node provides the protection capabilities of up to 5,000 QPS for HTTP requests or up to 3,000 QPS for HTTPS requests.

You can add protection nodes to increase protection capabilities.

api_securityOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property apiSecurity: The API security feature detects responses with specified characteristics to check whether data leaks occur.

After you enable the feature, WAF is authorized to perform related analysis on your data. If you select Chinese Mainland, service deployment and data processing are performed in the Chinese mainland.

auto_payOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property autoPay: Whether to auto pay the bill.

auto_renewOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property autoRenew: Whether to auto renew the prepay instance.

bot_app_protectionOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property botAppProtection: Bot management module for App protection.

bot_web_protectionOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property botWebProtection: Bot management module for Web application protection.

domains_extensionOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property domainsExtension: If the actual number of required access domain names exceeds the number of free domain names in the version, the number of domain names can be expanded according to this specification.Domain name counting does not differentiate between domain name types. The main domain name, sub-domain name, and pan-domain name are each counted as one domain name.

elastic_qpsOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property elasticQps: The burstable QPS (pay-as-you-go) feature is suitable for scenarios that involve short-term or sudden traffic surges, for example, during promotions.

In these scenarios, the traffic peak may exceed the sum of the maximum QPS that is supported by your WAF edition and the extended QPS. If you enable the feature, you are charged based on the amount of excess QPS resources that you use. This helps prevent your domain names from being added to a sandbox when QPS resources are excessively used and helps ensure service continuity.

exclusive_ip_addressOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property exclusiveIpAddress: Excluesive IP address number.

fraud_detectionOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property fraudDetection: You can enable this feature only after you enable the bot management module.

If abnormal phone numbers are used in logon or registration scenarios, anomaly tags are matched. Requests from the abnormal phone numbers are blocked or CAPTCHA verification is required. You are charged based on the number of times that anomaly tags are matched.

ignore_existingOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property ignoreExisting: Whether to ignore existing WAF3 instance False: ROS will perform a uniqueness check.If the WAF3 instance exists, an error will be reported when creating it. True: ROS will not check the uniqueness.If the WAF3 instance exists, the creation process will be ignored. If the WAF3 instance is not created by ROS, it will be ignored during update and delete stage.

intelligent_load_balancingOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property intelligentLoadBalancing: Intelligent load balancer for WAF instance.

log_serviceOptional

  • Type: typing.Union[bool, ros_cdk_core.IResolvable]

Property logService: Log service for WAF instance.

log_storageOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property logStorage: Log storage capacity.

periodOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property period: The subscription period of the firewallIf PeriodUnit is month, the valid range is 1, 3, 6 If periodUnit is year, the valid range is 1, 2, 3.

period_unitOptional

  • Type: typing.Union[str, ros_cdk_core.IResolvable]

Property periodUnit: The unit of the subscription duration.

Valid values: Month Year Default value: Month.

qps_extensionOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property qpsExtension: Extended QPS.

traffic_billing_protection_thresholdOptional

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

Property trafficBillingProtectionThreshold: In pay-as-you-go WAF 3.0, the traffic billing protection feature is automatically enabled to prevent unexpected and unusually high bills that result from unpredictable factors such as HTTP flood attacks. A bill is not generated for an hour if the peak traffic exceeds the traffic billing protection threshold within the hour. Then, your WAF instance is added to a sandbox. If the peak traffic is lower than the traffic billing protection threshold the next hour, your WAF instance is removed from the sandbox.

waf_versionOptional

  • Type: typing.Union[str, ros_cdk_core.IResolvable]

Property wafVersion: The version of WAF3.0.

enable_resource_property_constraintOptional

  • Type: bool

Methods

Name Description
to_string Returns a string representation of this construct.
synthesize Allows this construct to emit artifacts into the cloud assembly during synthesis.
add_condition No description.
add_count No description.
add_dependency No description.
add_resource_desc No description.
apply_removal_policy No description.
get_att No description.
set_metadata No description.

to_string 

def to_string() -> str

Returns a string representation of this construct.

synthesize 

def synthesize(
  session: ISynthesisSession
) -> None

Allows this construct to emit artifacts into the cloud assembly during synthesis.

This method is usually implemented by framework-level constructs such as Stack and Asset as they participate in synthesizing the cloud assembly.

sessionRequired

  • Type: ros_cdk_core.ISynthesisSession

The synthesis session.

add_condition 

def add_condition(
  condition: RosCondition
) -> None

conditionRequired

  • Type: ros_cdk_core.RosCondition

add_count 

def add_count(
  count: typing.Union[typing.Union[int, float], IResolvable]
) -> None

countRequired

  • Type: typing.Union[typing.Union[int, float], ros_cdk_core.IResolvable]

add_dependency 

def add_dependency(
  resource: Resource
) -> None

resourceRequired

  • Type: ros_cdk_core.Resource

add_resource_desc 

def add_resource_desc(
  desc: str
) -> None

descRequired

  • Type: str

apply_removal_policy 

def apply_removal_policy(
  policy: RemovalPolicy
) -> None

policyRequired

  • Type: ros_cdk_core.RemovalPolicy

get_att 

def get_att(
  name: str
) -> IResolvable

nameRequired

  • Type: str

set_metadata 

def set_metadata(
  key: str,
  value: typing.Any
) -> None

keyRequired

  • Type: str

valueRequired

  • Type: typing.Any

Static Functions

Name Description
is_construct Return whether the given object is a Construct.

is_construct 

import ros_cdk_waf3
ros_cdk_waf3.Instance.is_construct(
  x: typing.Any
)

Return whether the given object is a Construct.

xRequired

  • Type: typing.Any

Properties

Name Type Description
node ros_cdk_core.ConstructNode The construct tree node associated with this construct.
ref str No description.
stack ros_cdk_core.Stack The stack in which this resource is defined.
resource ros_cdk_core.RosResource No description.
attr_instance_id ros_cdk_core.IResolvable Attribute InstanceId: Instance Id.

nodeRequired 

node: ConstructNode
  • Type: ros_cdk_core.ConstructNode

The construct tree node associated with this construct.

refRequired 

ref: str
  • Type: str

stackRequired 

stack: Stack
  • Type: ros_cdk_core.Stack

The stack in which this resource is defined.

resourceOptional 

resource: RosResource
  • Type: ros_cdk_core.RosResource

attr_instance_idRequired 

attr_instance_id: IResolvable
  • Type: ros_cdk_core.IResolvable

Attribute InstanceId: Instance Id.