1. Packages
  2. Alibaba Cloud
  3. API Docs
  4. wafv3
  5. Domain
Alibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi

alicloud.wafv3.Domain

Explore with Pulumi AI

alicloud logo
Alibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi

    Provides a Wafv3 Domain resource.

    For information about Wafv3 Domain and how to use it, see What is Domain.

    NOTE: Available since v1.200.0.

    Create Domain Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Domain(name: string, args: DomainArgs, opts?: CustomResourceOptions);
    @overload
    def Domain(resource_name: str,
               args: DomainArgs,
               opts: Optional[ResourceOptions] = None)
    
    @overload
    def Domain(resource_name: str,
               opts: Optional[ResourceOptions] = None,
               domain: Optional[str] = None,
               instance_id: Optional[str] = None,
               listen: Optional[DomainListenArgs] = None,
               redirect: Optional[DomainRedirectArgs] = None,
               access_type: Optional[str] = None)
    func NewDomain(ctx *Context, name string, args DomainArgs, opts ...ResourceOption) (*Domain, error)
    public Domain(string name, DomainArgs args, CustomResourceOptions? opts = null)
    public Domain(String name, DomainArgs args)
    public Domain(String name, DomainArgs args, CustomResourceOptions options)
    
    type: alicloud:wafv3:Domain
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DomainArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DomainArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DomainArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DomainArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DomainArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var exampledomainResourceResourceFromWafv3domain = new AliCloud.Wafv3.Domain("exampledomainResourceResourceFromWafv3domain", new()
    {
        DomainName = "string",
        InstanceId = "string",
        Listen = new AliCloud.Wafv3.Inputs.DomainListenArgs
        {
            CertId = "string",
            CipherSuite = 0,
            CustomCiphers = new[]
            {
                "string",
            },
            EnableTlsv3 = false,
            ExclusiveIp = false,
            FocusHttps = false,
            Http2Enabled = false,
            HttpPorts = new[]
            {
                0,
            },
            HttpsPorts = new[]
            {
                0,
            },
            Ipv6Enabled = false,
            ProtectionResource = "string",
            TlsVersion = "string",
            XffHeaderMode = 0,
            XffHeaders = new[]
            {
                "string",
            },
        },
        Redirect = new AliCloud.Wafv3.Inputs.DomainRedirectArgs
        {
            Loadbalance = "string",
            Keepalive = false,
            FocusHttpBackend = false,
            Backends = new[]
            {
                "string",
            },
            KeepaliveRequests = 0,
            KeepaliveTimeout = 0,
            ConnectTimeout = 0,
            ReadTimeout = 0,
            RequestHeaders = new[]
            {
                new AliCloud.Wafv3.Inputs.DomainRedirectRequestHeaderArgs
                {
                    Key = "string",
                    Value = "string",
                },
            },
            Retry = false,
            SniEnabled = false,
            SniHost = "string",
            WriteTimeout = 0,
        },
        AccessType = "string",
    });
    
    example, err := wafv3.NewDomain(ctx, "exampledomainResourceResourceFromWafv3domain", &wafv3.DomainArgs{
    	Domain:     pulumi.String("string"),
    	InstanceId: pulumi.String("string"),
    	Listen: &wafv3.DomainListenArgs{
    		CertId:      pulumi.String("string"),
    		CipherSuite: pulumi.Int(0),
    		CustomCiphers: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		EnableTlsv3:  pulumi.Bool(false),
    		ExclusiveIp:  pulumi.Bool(false),
    		FocusHttps:   pulumi.Bool(false),
    		Http2Enabled: pulumi.Bool(false),
    		HttpPorts: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    		HttpsPorts: pulumi.IntArray{
    			pulumi.Int(0),
    		},
    		Ipv6Enabled:        pulumi.Bool(false),
    		ProtectionResource: pulumi.String("string"),
    		TlsVersion:         pulumi.String("string"),
    		XffHeaderMode:      pulumi.Int(0),
    		XffHeaders: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    	},
    	Redirect: &wafv3.DomainRedirectArgs{
    		Loadbalance:      pulumi.String("string"),
    		Keepalive:        pulumi.Bool(false),
    		FocusHttpBackend: pulumi.Bool(false),
    		Backends: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		KeepaliveRequests: pulumi.Int(0),
    		KeepaliveTimeout:  pulumi.Int(0),
    		ConnectTimeout:    pulumi.Int(0),
    		ReadTimeout:       pulumi.Int(0),
    		RequestHeaders: wafv3.DomainRedirectRequestHeaderArray{
    			&wafv3.DomainRedirectRequestHeaderArgs{
    				Key:   pulumi.String("string"),
    				Value: pulumi.String("string"),
    			},
    		},
    		Retry:        pulumi.Bool(false),
    		SniEnabled:   pulumi.Bool(false),
    		SniHost:      pulumi.String("string"),
    		WriteTimeout: pulumi.Int(0),
    	},
    	AccessType: pulumi.String("string"),
    })
    
    var exampledomainResourceResourceFromWafv3domain = new Domain("exampledomainResourceResourceFromWafv3domain", DomainArgs.builder()
        .domain("string")
        .instanceId("string")
        .listen(DomainListenArgs.builder()
            .certId("string")
            .cipherSuite(0)
            .customCiphers("string")
            .enableTlsv3(false)
            .exclusiveIp(false)
            .focusHttps(false)
            .http2Enabled(false)
            .httpPorts(0)
            .httpsPorts(0)
            .ipv6Enabled(false)
            .protectionResource("string")
            .tlsVersion("string")
            .xffHeaderMode(0)
            .xffHeaders("string")
            .build())
        .redirect(DomainRedirectArgs.builder()
            .loadbalance("string")
            .keepalive(false)
            .focusHttpBackend(false)
            .backends("string")
            .keepaliveRequests(0)
            .keepaliveTimeout(0)
            .connectTimeout(0)
            .readTimeout(0)
            .requestHeaders(DomainRedirectRequestHeaderArgs.builder()
                .key("string")
                .value("string")
                .build())
            .retry(false)
            .sniEnabled(false)
            .sniHost("string")
            .writeTimeout(0)
            .build())
        .accessType("string")
        .build());
    
    exampledomain_resource_resource_from_wafv3domain = alicloud.wafv3.Domain("exampledomainResourceResourceFromWafv3domain",
        domain="string",
        instance_id="string",
        listen=alicloud.wafv3.DomainListenArgs(
            cert_id="string",
            cipher_suite=0,
            custom_ciphers=["string"],
            enable_tlsv3=False,
            exclusive_ip=False,
            focus_https=False,
            http2_enabled=False,
            http_ports=[0],
            https_ports=[0],
            ipv6_enabled=False,
            protection_resource="string",
            tls_version="string",
            xff_header_mode=0,
            xff_headers=["string"],
        ),
        redirect=alicloud.wafv3.DomainRedirectArgs(
            loadbalance="string",
            keepalive=False,
            focus_http_backend=False,
            backends=["string"],
            keepalive_requests=0,
            keepalive_timeout=0,
            connect_timeout=0,
            read_timeout=0,
            request_headers=[alicloud.wafv3.DomainRedirectRequestHeaderArgs(
                key="string",
                value="string",
            )],
            retry=False,
            sni_enabled=False,
            sni_host="string",
            write_timeout=0,
        ),
        access_type="string")
    
    const exampledomainResourceResourceFromWafv3domain = new alicloud.wafv3.Domain("exampledomainResourceResourceFromWafv3domain", {
        domain: "string",
        instanceId: "string",
        listen: {
            certId: "string",
            cipherSuite: 0,
            customCiphers: ["string"],
            enableTlsv3: false,
            exclusiveIp: false,
            focusHttps: false,
            http2Enabled: false,
            httpPorts: [0],
            httpsPorts: [0],
            ipv6Enabled: false,
            protectionResource: "string",
            tlsVersion: "string",
            xffHeaderMode: 0,
            xffHeaders: ["string"],
        },
        redirect: {
            loadbalance: "string",
            keepalive: false,
            focusHttpBackend: false,
            backends: ["string"],
            keepaliveRequests: 0,
            keepaliveTimeout: 0,
            connectTimeout: 0,
            readTimeout: 0,
            requestHeaders: [{
                key: "string",
                value: "string",
            }],
            retry: false,
            sniEnabled: false,
            sniHost: "string",
            writeTimeout: 0,
        },
        accessType: "string",
    });
    
    type: alicloud:wafv3:Domain
    properties:
        accessType: string
        domain: string
        instanceId: string
        listen:
            certId: string
            cipherSuite: 0
            customCiphers:
                - string
            enableTlsv3: false
            exclusiveIp: false
            focusHttps: false
            http2Enabled: false
            httpPorts:
                - 0
            httpsPorts:
                - 0
            ipv6Enabled: false
            protectionResource: string
            tlsVersion: string
            xffHeaderMode: 0
            xffHeaders:
                - string
        redirect:
            backends:
                - string
            connectTimeout: 0
            focusHttpBackend: false
            keepalive: false
            keepaliveRequests: 0
            keepaliveTimeout: 0
            loadbalance: string
            readTimeout: 0
            requestHeaders:
                - key: string
                  value: string
            retry: false
            sniEnabled: false
            sniHost: string
            writeTimeout: 0
    

    Domain Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Domain resource accepts the following input properties:

    DomainName string
    The name of the domain name to query.
    InstanceId string
    WAF instance ID
    Listen Pulumi.AliCloud.Wafv3.Inputs.DomainListen
    Configure listening information. See listen below.
    Redirect Pulumi.AliCloud.Wafv3.Inputs.DomainRedirect
    Configure forwarding information. See redirect below.
    AccessType string
    The access type of the WAF instance. Value: share (default): CNAME access.
    Domain string
    The name of the domain name to query.
    InstanceId string
    WAF instance ID
    Listen DomainListenArgs
    Configure listening information. See listen below.
    Redirect DomainRedirectArgs
    Configure forwarding information. See redirect below.
    AccessType string
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain String
    The name of the domain name to query.
    instanceId String
    WAF instance ID
    listen DomainListen
    Configure listening information. See listen below.
    redirect DomainRedirect
    Configure forwarding information. See redirect below.
    accessType String
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain string
    The name of the domain name to query.
    instanceId string
    WAF instance ID
    listen DomainListen
    Configure listening information. See listen below.
    redirect DomainRedirect
    Configure forwarding information. See redirect below.
    accessType string
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain str
    The name of the domain name to query.
    instance_id str
    WAF instance ID
    listen DomainListenArgs
    Configure listening information. See listen below.
    redirect DomainRedirectArgs
    Configure forwarding information. See redirect below.
    access_type str
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain String
    The name of the domain name to query.
    instanceId String
    WAF instance ID
    listen Property Map
    Configure listening information. See listen below.
    redirect Property Map
    Configure forwarding information. See redirect below.
    accessType String
    The access type of the WAF instance. Value: share (default): CNAME access.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Domain resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    ResourceManagerResourceGroupId string
    The ID of the resource group.
    Status string
    The status of the resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    ResourceManagerResourceGroupId string
    The ID of the resource group.
    Status string
    The status of the resource.
    id String
    The provider-assigned unique ID for this managed resource.
    resourceManagerResourceGroupId String
    The ID of the resource group.
    status String
    The status of the resource.
    id string
    The provider-assigned unique ID for this managed resource.
    resourceManagerResourceGroupId string
    The ID of the resource group.
    status string
    The status of the resource.
    id str
    The provider-assigned unique ID for this managed resource.
    resource_manager_resource_group_id str
    The ID of the resource group.
    status str
    The status of the resource.
    id String
    The provider-assigned unique ID for this managed resource.
    resourceManagerResourceGroupId String
    The ID of the resource group.
    status String
    The status of the resource.

    Look up Existing Domain Resource

    Get an existing Domain resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: DomainState, opts?: CustomResourceOptions): Domain
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            access_type: Optional[str] = None,
            domain: Optional[str] = None,
            instance_id: Optional[str] = None,
            listen: Optional[DomainListenArgs] = None,
            redirect: Optional[DomainRedirectArgs] = None,
            resource_manager_resource_group_id: Optional[str] = None,
            status: Optional[str] = None) -> Domain
    func GetDomain(ctx *Context, name string, id IDInput, state *DomainState, opts ...ResourceOption) (*Domain, error)
    public static Domain Get(string name, Input<string> id, DomainState? state, CustomResourceOptions? opts = null)
    public static Domain get(String name, Output<String> id, DomainState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccessType string
    The access type of the WAF instance. Value: share (default): CNAME access.
    DomainName string
    The name of the domain name to query.
    InstanceId string
    WAF instance ID
    Listen Pulumi.AliCloud.Wafv3.Inputs.DomainListen
    Configure listening information. See listen below.
    Redirect Pulumi.AliCloud.Wafv3.Inputs.DomainRedirect
    Configure forwarding information. See redirect below.
    ResourceManagerResourceGroupId string
    The ID of the resource group.
    Status string
    The status of the resource.
    AccessType string
    The access type of the WAF instance. Value: share (default): CNAME access.
    Domain string
    The name of the domain name to query.
    InstanceId string
    WAF instance ID
    Listen DomainListenArgs
    Configure listening information. See listen below.
    Redirect DomainRedirectArgs
    Configure forwarding information. See redirect below.
    ResourceManagerResourceGroupId string
    The ID of the resource group.
    Status string
    The status of the resource.
    accessType String
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain String
    The name of the domain name to query.
    instanceId String
    WAF instance ID
    listen DomainListen
    Configure listening information. See listen below.
    redirect DomainRedirect
    Configure forwarding information. See redirect below.
    resourceManagerResourceGroupId String
    The ID of the resource group.
    status String
    The status of the resource.
    accessType string
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain string
    The name of the domain name to query.
    instanceId string
    WAF instance ID
    listen DomainListen
    Configure listening information. See listen below.
    redirect DomainRedirect
    Configure forwarding information. See redirect below.
    resourceManagerResourceGroupId string
    The ID of the resource group.
    status string
    The status of the resource.
    access_type str
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain str
    The name of the domain name to query.
    instance_id str
    WAF instance ID
    listen DomainListenArgs
    Configure listening information. See listen below.
    redirect DomainRedirectArgs
    Configure forwarding information. See redirect below.
    resource_manager_resource_group_id str
    The ID of the resource group.
    status str
    The status of the resource.
    accessType String
    The access type of the WAF instance. Value: share (default): CNAME access.
    domain String
    The name of the domain name to query.
    instanceId String
    WAF instance ID
    listen Property Map
    Configure listening information. See listen below.
    redirect Property Map
    Configure forwarding information. See redirect below.
    resourceManagerResourceGroupId String
    The ID of the resource group.
    status String
    The status of the resource.

    Supporting Types

    DomainListen, DomainListenArgs

    CertId string
    The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
    CipherSuite int
    The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • 1: indicates that all encryption suites are added.
    • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
    • 99: indicates that a custom encryption suite is added.
    CustomCiphers List<string>
    The specific custom encryption suite to add.
    EnableTlsv3 bool
    Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that TSL1.3 is supported.
    • false: indicates that TSL1.3 is not supported.
    ExclusiveIp bool
    Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

    • true: indicates that the exclusive IP address is enabled.
    • false (default): indicates that exclusive IP address is not enabled.
    FocusHttps bool
    Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

    • true: indicates that HTTPS forced redirection is enabled.
    • false: indicates that HTTPS forced redirection is not enabled.
    Http2Enabled bool
    Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that HTTP2 is enabled.
    • false (default): indicates that HTTP2 is not enabled.
    HttpPorts List<int>
    The listening port of the HTTP protocol.
    HttpsPorts List<int>
    The listening port of the HTTPS protocol.
    Ipv6Enabled bool
    Whether IPv6 is turned on. Value:

    • true: indicates that IPv6 is enabled.
    • false (default): indicates that IPv6 is not enabled.
    ProtectionResource string
    The type of protection resource to use. Value:

    • share (default): indicates that a shared cluster is used.
    • gslb: indicates that the shared cluster intelligent load balancing is used.
    TlsVersion string
    The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
    XffHeaderMode int
    WAF obtains the real IP address of the client. Value:

    • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
    • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
    • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
    XffHeaders List<string>
    Set the list of custom fields used to obtain the client IP address.
    CertId string
    The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
    CipherSuite int
    The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • 1: indicates that all encryption suites are added.
    • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
    • 99: indicates that a custom encryption suite is added.
    CustomCiphers []string
    The specific custom encryption suite to add.
    EnableTlsv3 bool
    Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that TSL1.3 is supported.
    • false: indicates that TSL1.3 is not supported.
    ExclusiveIp bool
    Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

    • true: indicates that the exclusive IP address is enabled.
    • false (default): indicates that exclusive IP address is not enabled.
    FocusHttps bool
    Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

    • true: indicates that HTTPS forced redirection is enabled.
    • false: indicates that HTTPS forced redirection is not enabled.
    Http2Enabled bool
    Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that HTTP2 is enabled.
    • false (default): indicates that HTTP2 is not enabled.
    HttpPorts []int
    The listening port of the HTTP protocol.
    HttpsPorts []int
    The listening port of the HTTPS protocol.
    Ipv6Enabled bool
    Whether IPv6 is turned on. Value:

    • true: indicates that IPv6 is enabled.
    • false (default): indicates that IPv6 is not enabled.
    ProtectionResource string
    The type of protection resource to use. Value:

    • share (default): indicates that a shared cluster is used.
    • gslb: indicates that the shared cluster intelligent load balancing is used.
    TlsVersion string
    The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
    XffHeaderMode int
    WAF obtains the real IP address of the client. Value:

    • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
    • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
    • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
    XffHeaders []string
    Set the list of custom fields used to obtain the client IP address.
    certId String
    The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
    cipherSuite Integer
    The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • 1: indicates that all encryption suites are added.
    • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
    • 99: indicates that a custom encryption suite is added.
    customCiphers List<String>
    The specific custom encryption suite to add.
    enableTlsv3 Boolean
    Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that TSL1.3 is supported.
    • false: indicates that TSL1.3 is not supported.
    exclusiveIp Boolean
    Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

    • true: indicates that the exclusive IP address is enabled.
    • false (default): indicates that exclusive IP address is not enabled.
    focusHttps Boolean
    Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

    • true: indicates that HTTPS forced redirection is enabled.
    • false: indicates that HTTPS forced redirection is not enabled.
    http2Enabled Boolean
    Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that HTTP2 is enabled.
    • false (default): indicates that HTTP2 is not enabled.
    httpPorts List<Integer>
    The listening port of the HTTP protocol.
    httpsPorts List<Integer>
    The listening port of the HTTPS protocol.
    ipv6Enabled Boolean
    Whether IPv6 is turned on. Value:

    • true: indicates that IPv6 is enabled.
    • false (default): indicates that IPv6 is not enabled.
    protectionResource String
    The type of protection resource to use. Value:

    • share (default): indicates that a shared cluster is used.
    • gslb: indicates that the shared cluster intelligent load balancing is used.
    tlsVersion String
    The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
    xffHeaderMode Integer
    WAF obtains the real IP address of the client. Value:

    • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
    • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
    • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
    xffHeaders List<String>
    Set the list of custom fields used to obtain the client IP address.
    certId string
    The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
    cipherSuite number
    The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • 1: indicates that all encryption suites are added.
    • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
    • 99: indicates that a custom encryption suite is added.
    customCiphers string[]
    The specific custom encryption suite to add.
    enableTlsv3 boolean
    Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that TSL1.3 is supported.
    • false: indicates that TSL1.3 is not supported.
    exclusiveIp boolean
    Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

    • true: indicates that the exclusive IP address is enabled.
    • false (default): indicates that exclusive IP address is not enabled.
    focusHttps boolean
    Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

    • true: indicates that HTTPS forced redirection is enabled.
    • false: indicates that HTTPS forced redirection is not enabled.
    http2Enabled boolean
    Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that HTTP2 is enabled.
    • false (default): indicates that HTTP2 is not enabled.
    httpPorts number[]
    The listening port of the HTTP protocol.
    httpsPorts number[]
    The listening port of the HTTPS protocol.
    ipv6Enabled boolean
    Whether IPv6 is turned on. Value:

    • true: indicates that IPv6 is enabled.
    • false (default): indicates that IPv6 is not enabled.
    protectionResource string
    The type of protection resource to use. Value:

    • share (default): indicates that a shared cluster is used.
    • gslb: indicates that the shared cluster intelligent load balancing is used.
    tlsVersion string
    The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
    xffHeaderMode number
    WAF obtains the real IP address of the client. Value:

    • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
    • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
    • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
    xffHeaders string[]
    Set the list of custom fields used to obtain the client IP address.
    cert_id str
    The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
    cipher_suite int
    The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • 1: indicates that all encryption suites are added.
    • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
    • 99: indicates that a custom encryption suite is added.
    custom_ciphers Sequence[str]
    The specific custom encryption suite to add.
    enable_tlsv3 bool
    Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that TSL1.3 is supported.
    • false: indicates that TSL1.3 is not supported.
    exclusive_ip bool
    Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

    • true: indicates that the exclusive IP address is enabled.
    • false (default): indicates that exclusive IP address is not enabled.
    focus_https bool
    Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

    • true: indicates that HTTPS forced redirection is enabled.
    • false: indicates that HTTPS forced redirection is not enabled.
    http2_enabled bool
    Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that HTTP2 is enabled.
    • false (default): indicates that HTTP2 is not enabled.
    http_ports Sequence[int]
    The listening port of the HTTP protocol.
    https_ports Sequence[int]
    The listening port of the HTTPS protocol.
    ipv6_enabled bool
    Whether IPv6 is turned on. Value:

    • true: indicates that IPv6 is enabled.
    • false (default): indicates that IPv6 is not enabled.
    protection_resource str
    The type of protection resource to use. Value:

    • share (default): indicates that a shared cluster is used.
    • gslb: indicates that the shared cluster intelligent load balancing is used.
    tls_version str
    The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
    xff_header_mode int
    WAF obtains the real IP address of the client. Value:

    • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
    • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
    • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
    xff_headers Sequence[str]
    Set the list of custom fields used to obtain the client IP address.
    certId String
    The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
    cipherSuite Number
    The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • 1: indicates that all encryption suites are added.
    • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
    • 99: indicates that a custom encryption suite is added.
    customCiphers List<String>
    The specific custom encryption suite to add.
    enableTlsv3 Boolean
    Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that TSL1.3 is supported.
    • false: indicates that TSL1.3 is not supported.
    exclusiveIp Boolean
    Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

    • true: indicates that the exclusive IP address is enabled.
    • false (default): indicates that exclusive IP address is not enabled.
    focusHttps Boolean
    Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

    • true: indicates that HTTPS forced redirection is enabled.
    • false: indicates that HTTPS forced redirection is not enabled.
    http2Enabled Boolean
    Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that HTTP2 is enabled.
    • false (default): indicates that HTTP2 is not enabled.
    httpPorts List<Number>
    The listening port of the HTTP protocol.
    httpsPorts List<Number>
    The listening port of the HTTPS protocol.
    ipv6Enabled Boolean
    Whether IPv6 is turned on. Value:

    • true: indicates that IPv6 is enabled.
    • false (default): indicates that IPv6 is not enabled.
    protectionResource String
    The type of protection resource to use. Value:

    • share (default): indicates that a shared cluster is used.
    • gslb: indicates that the shared cluster intelligent load balancing is used.
    tlsVersion String
    The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
    xffHeaderMode Number
    WAF obtains the real IP address of the client. Value:

    • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
    • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
    • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
    xffHeaders List<String>
    Set the list of custom fields used to obtain the client IP address.

    DomainRedirect, DomainRedirectArgs

    Loadbalance string
    The load balancing algorithm used when returning to the source. Value:

    • iphash: indicates the IPHash algorithm.
    • roundRobin: indicates the polling algorithm.
    • leastTime: indicates the Least Time algorithm.
    • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
    Backends List<string>
    The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
    ConnectTimeout int
    Connection timeout. Unit: seconds, value range: 5~120.
    FocusHttpBackend bool
    Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that forced HTTP back-to-origin is enabled.
    • false: indicates that forced HTTP back-to-origin is not enabled.
    Keepalive bool
    Open long connection, default true.
    KeepaliveRequests int
    Number of long connections, default: 60. range :60-1000.
    KeepaliveTimeout int
    Long connection over time, default: 15. Range: 1-60.
    ReadTimeout int
    Read timeout duration. Unit: seconds, Value range: 5~1800.
    RequestHeaders List<Pulumi.AliCloud.Wafv3.Inputs.DomainRedirectRequestHeader>
    The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
    Retry bool
    Back to Source Retry. default: true, retry 3 times by default.
    SniEnabled bool
    Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that the back-to-source SNI is enabled.
    • false (default) indicates that the back-to-source SNI is not enabled.
    SniHost string
    Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
    WriteTimeout int
    Write timeout duration> Unit: seconds, Value range: 5~1800.
    Loadbalance string
    The load balancing algorithm used when returning to the source. Value:

    • iphash: indicates the IPHash algorithm.
    • roundRobin: indicates the polling algorithm.
    • leastTime: indicates the Least Time algorithm.
    • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
    Backends []string
    The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
    ConnectTimeout int
    Connection timeout. Unit: seconds, value range: 5~120.
    FocusHttpBackend bool
    Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that forced HTTP back-to-origin is enabled.
    • false: indicates that forced HTTP back-to-origin is not enabled.
    Keepalive bool
    Open long connection, default true.
    KeepaliveRequests int
    Number of long connections, default: 60. range :60-1000.
    KeepaliveTimeout int
    Long connection over time, default: 15. Range: 1-60.
    ReadTimeout int
    Read timeout duration. Unit: seconds, Value range: 5~1800.
    RequestHeaders []DomainRedirectRequestHeader
    The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
    Retry bool
    Back to Source Retry. default: true, retry 3 times by default.
    SniEnabled bool
    Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that the back-to-source SNI is enabled.
    • false (default) indicates that the back-to-source SNI is not enabled.
    SniHost string
    Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
    WriteTimeout int
    Write timeout duration> Unit: seconds, Value range: 5~1800.
    loadbalance String
    The load balancing algorithm used when returning to the source. Value:

    • iphash: indicates the IPHash algorithm.
    • roundRobin: indicates the polling algorithm.
    • leastTime: indicates the Least Time algorithm.
    • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
    backends List<String>
    The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
    connectTimeout Integer
    Connection timeout. Unit: seconds, value range: 5~120.
    focusHttpBackend Boolean
    Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that forced HTTP back-to-origin is enabled.
    • false: indicates that forced HTTP back-to-origin is not enabled.
    keepalive Boolean
    Open long connection, default true.
    keepaliveRequests Integer
    Number of long connections, default: 60. range :60-1000.
    keepaliveTimeout Integer
    Long connection over time, default: 15. Range: 1-60.
    readTimeout Integer
    Read timeout duration. Unit: seconds, Value range: 5~1800.
    requestHeaders List<DomainRedirectRequestHeader>
    The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
    retry Boolean
    Back to Source Retry. default: true, retry 3 times by default.
    sniEnabled Boolean
    Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that the back-to-source SNI is enabled.
    • false (default) indicates that the back-to-source SNI is not enabled.
    sniHost String
    Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
    writeTimeout Integer
    Write timeout duration> Unit: seconds, Value range: 5~1800.
    loadbalance string
    The load balancing algorithm used when returning to the source. Value:

    • iphash: indicates the IPHash algorithm.
    • roundRobin: indicates the polling algorithm.
    • leastTime: indicates the Least Time algorithm.
    • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
    backends string[]
    The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
    connectTimeout number
    Connection timeout. Unit: seconds, value range: 5~120.
    focusHttpBackend boolean
    Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that forced HTTP back-to-origin is enabled.
    • false: indicates that forced HTTP back-to-origin is not enabled.
    keepalive boolean
    Open long connection, default true.
    keepaliveRequests number
    Number of long connections, default: 60. range :60-1000.
    keepaliveTimeout number
    Long connection over time, default: 15. Range: 1-60.
    readTimeout number
    Read timeout duration. Unit: seconds, Value range: 5~1800.
    requestHeaders DomainRedirectRequestHeader[]
    The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
    retry boolean
    Back to Source Retry. default: true, retry 3 times by default.
    sniEnabled boolean
    Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that the back-to-source SNI is enabled.
    • false (default) indicates that the back-to-source SNI is not enabled.
    sniHost string
    Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
    writeTimeout number
    Write timeout duration> Unit: seconds, Value range: 5~1800.
    loadbalance str
    The load balancing algorithm used when returning to the source. Value:

    • iphash: indicates the IPHash algorithm.
    • roundRobin: indicates the polling algorithm.
    • leastTime: indicates the Least Time algorithm.
    • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
    backends Sequence[str]
    The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
    connect_timeout int
    Connection timeout. Unit: seconds, value range: 5~120.
    focus_http_backend bool
    Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that forced HTTP back-to-origin is enabled.
    • false: indicates that forced HTTP back-to-origin is not enabled.
    keepalive bool
    Open long connection, default true.
    keepalive_requests int
    Number of long connections, default: 60. range :60-1000.
    keepalive_timeout int
    Long connection over time, default: 15. Range: 1-60.
    read_timeout int
    Read timeout duration. Unit: seconds, Value range: 5~1800.
    request_headers Sequence[DomainRedirectRequestHeader]
    The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
    retry bool
    Back to Source Retry. default: true, retry 3 times by default.
    sni_enabled bool
    Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that the back-to-source SNI is enabled.
    • false (default) indicates that the back-to-source SNI is not enabled.
    sni_host str
    Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
    write_timeout int
    Write timeout duration> Unit: seconds, Value range: 5~1800.
    loadbalance String
    The load balancing algorithm used when returning to the source. Value:

    • iphash: indicates the IPHash algorithm.
    • roundRobin: indicates the polling algorithm.
    • leastTime: indicates the Least Time algorithm.
    • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
    backends List<String>
    The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
    connectTimeout Number
    Connection timeout. Unit: seconds, value range: 5~120.
    focusHttpBackend Boolean
    Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that forced HTTP back-to-origin is enabled.
    • false: indicates that forced HTTP back-to-origin is not enabled.
    keepalive Boolean
    Open long connection, default true.
    keepaliveRequests Number
    Number of long connections, default: 60. range :60-1000.
    keepaliveTimeout Number
    Long connection over time, default: 15. Range: 1-60.
    readTimeout Number
    Read timeout duration. Unit: seconds, Value range: 5~1800.
    requestHeaders List<Property Map>
    The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
    retry Boolean
    Back to Source Retry. default: true, retry 3 times by default.
    sniEnabled Boolean
    Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

    • true: indicates that the back-to-source SNI is enabled.
    • false (default) indicates that the back-to-source SNI is not enabled.
    sniHost String
    Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
    writeTimeout Number
    Write timeout duration> Unit: seconds, Value range: 5~1800.

    DomainRedirectRequestHeader, DomainRedirectRequestHeaderArgs

    Key string
    Value string
    Key string
    Value string
    key String
    value String
    key string
    value string
    key str
    value str
    key String
    value String

    Import

    Wafv3 Domain can be imported using the id, e.g.

    $ pulumi import alicloud:wafv3/domain:Domain example <instance_id>:<domain>
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Alibaba Cloud pulumi/pulumi-alicloud
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the alicloud Terraform Provider.
    alicloud logo
    Alibaba Cloud v3.57.1 published on Wednesday, Jun 26, 2024 by Pulumi