1. Packages
  2. Alibaba Cloud Provider
  3. API Docs
  4. wafv3
  5. Domain
Alibaba Cloud v3.76.0 published on Tuesday, Apr 8, 2025 by Pulumi

alicloud.wafv3.Domain

Explore with Pulumi AI

Provides a Wafv3 Domain resource.

For information about Wafv3 Domain and how to use it, see What is Domain.

NOTE: Available since v1.200.0.

Create Domain Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Domain(name: string, args: DomainArgs, opts?: CustomResourceOptions);
@overload
def Domain(resource_name: str,
           args: DomainArgs,
           opts: Optional[ResourceOptions] = None)

@overload
def Domain(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           domain: Optional[str] = None,
           instance_id: Optional[str] = None,
           listen: Optional[DomainListenArgs] = None,
           redirect: Optional[DomainRedirectArgs] = None,
           access_type: Optional[str] = None)
func NewDomain(ctx *Context, name string, args DomainArgs, opts ...ResourceOption) (*Domain, error)
public Domain(string name, DomainArgs args, CustomResourceOptions? opts = null)
public Domain(String name, DomainArgs args)
public Domain(String name, DomainArgs args, CustomResourceOptions options)
type: alicloud:wafv3:Domain
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. DomainArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. DomainArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. DomainArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. DomainArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. DomainArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var exampledomainResourceResourceFromWafv3domain = new AliCloud.Wafv3.Domain("exampledomainResourceResourceFromWafv3domain", new()
{
    DomainName = "string",
    InstanceId = "string",
    Listen = new AliCloud.Wafv3.Inputs.DomainListenArgs
    {
        CertId = "string",
        CipherSuite = 0,
        CustomCiphers = new[]
        {
            "string",
        },
        EnableTlsv3 = false,
        ExclusiveIp = false,
        FocusHttps = false,
        Http2Enabled = false,
        HttpPorts = new[]
        {
            0,
        },
        HttpsPorts = new[]
        {
            0,
        },
        Ipv6Enabled = false,
        ProtectionResource = "string",
        TlsVersion = "string",
        XffHeaderMode = 0,
        XffHeaders = new[]
        {
            "string",
        },
    },
    Redirect = new AliCloud.Wafv3.Inputs.DomainRedirectArgs
    {
        Loadbalance = "string",
        Keepalive = false,
        FocusHttpBackend = false,
        Backends = new[]
        {
            "string",
        },
        KeepaliveRequests = 0,
        KeepaliveTimeout = 0,
        ConnectTimeout = 0,
        ReadTimeout = 0,
        RequestHeaders = new[]
        {
            new AliCloud.Wafv3.Inputs.DomainRedirectRequestHeaderArgs
            {
                Key = "string",
                Value = "string",
            },
        },
        Retry = false,
        SniEnabled = false,
        SniHost = "string",
        WriteTimeout = 0,
    },
    AccessType = "string",
});
Copy
example, err := wafv3.NewDomain(ctx, "exampledomainResourceResourceFromWafv3domain", &wafv3.DomainArgs{
	Domain:     pulumi.String("string"),
	InstanceId: pulumi.String("string"),
	Listen: &wafv3.DomainListenArgs{
		CertId:      pulumi.String("string"),
		CipherSuite: pulumi.Int(0),
		CustomCiphers: pulumi.StringArray{
			pulumi.String("string"),
		},
		EnableTlsv3:  pulumi.Bool(false),
		ExclusiveIp:  pulumi.Bool(false),
		FocusHttps:   pulumi.Bool(false),
		Http2Enabled: pulumi.Bool(false),
		HttpPorts: pulumi.IntArray{
			pulumi.Int(0),
		},
		HttpsPorts: pulumi.IntArray{
			pulumi.Int(0),
		},
		Ipv6Enabled:        pulumi.Bool(false),
		ProtectionResource: pulumi.String("string"),
		TlsVersion:         pulumi.String("string"),
		XffHeaderMode:      pulumi.Int(0),
		XffHeaders: pulumi.StringArray{
			pulumi.String("string"),
		},
	},
	Redirect: &wafv3.DomainRedirectArgs{
		Loadbalance:      pulumi.String("string"),
		Keepalive:        pulumi.Bool(false),
		FocusHttpBackend: pulumi.Bool(false),
		Backends: pulumi.StringArray{
			pulumi.String("string"),
		},
		KeepaliveRequests: pulumi.Int(0),
		KeepaliveTimeout:  pulumi.Int(0),
		ConnectTimeout:    pulumi.Int(0),
		ReadTimeout:       pulumi.Int(0),
		RequestHeaders: wafv3.DomainRedirectRequestHeaderArray{
			&wafv3.DomainRedirectRequestHeaderArgs{
				Key:   pulumi.String("string"),
				Value: pulumi.String("string"),
			},
		},
		Retry:        pulumi.Bool(false),
		SniEnabled:   pulumi.Bool(false),
		SniHost:      pulumi.String("string"),
		WriteTimeout: pulumi.Int(0),
	},
	AccessType: pulumi.String("string"),
})
Copy
var exampledomainResourceResourceFromWafv3domain = new Domain("exampledomainResourceResourceFromWafv3domain", DomainArgs.builder()
    .domain("string")
    .instanceId("string")
    .listen(DomainListenArgs.builder()
        .certId("string")
        .cipherSuite(0)
        .customCiphers("string")
        .enableTlsv3(false)
        .exclusiveIp(false)
        .focusHttps(false)
        .http2Enabled(false)
        .httpPorts(0)
        .httpsPorts(0)
        .ipv6Enabled(false)
        .protectionResource("string")
        .tlsVersion("string")
        .xffHeaderMode(0)
        .xffHeaders("string")
        .build())
    .redirect(DomainRedirectArgs.builder()
        .loadbalance("string")
        .keepalive(false)
        .focusHttpBackend(false)
        .backends("string")
        .keepaliveRequests(0)
        .keepaliveTimeout(0)
        .connectTimeout(0)
        .readTimeout(0)
        .requestHeaders(DomainRedirectRequestHeaderArgs.builder()
            .key("string")
            .value("string")
            .build())
        .retry(false)
        .sniEnabled(false)
        .sniHost("string")
        .writeTimeout(0)
        .build())
    .accessType("string")
    .build());
Copy
exampledomain_resource_resource_from_wafv3domain = alicloud.wafv3.Domain("exampledomainResourceResourceFromWafv3domain",
    domain="string",
    instance_id="string",
    listen={
        "cert_id": "string",
        "cipher_suite": 0,
        "custom_ciphers": ["string"],
        "enable_tlsv3": False,
        "exclusive_ip": False,
        "focus_https": False,
        "http2_enabled": False,
        "http_ports": [0],
        "https_ports": [0],
        "ipv6_enabled": False,
        "protection_resource": "string",
        "tls_version": "string",
        "xff_header_mode": 0,
        "xff_headers": ["string"],
    },
    redirect={
        "loadbalance": "string",
        "keepalive": False,
        "focus_http_backend": False,
        "backends": ["string"],
        "keepalive_requests": 0,
        "keepalive_timeout": 0,
        "connect_timeout": 0,
        "read_timeout": 0,
        "request_headers": [{
            "key": "string",
            "value": "string",
        }],
        "retry": False,
        "sni_enabled": False,
        "sni_host": "string",
        "write_timeout": 0,
    },
    access_type="string")
Copy
const exampledomainResourceResourceFromWafv3domain = new alicloud.wafv3.Domain("exampledomainResourceResourceFromWafv3domain", {
    domain: "string",
    instanceId: "string",
    listen: {
        certId: "string",
        cipherSuite: 0,
        customCiphers: ["string"],
        enableTlsv3: false,
        exclusiveIp: false,
        focusHttps: false,
        http2Enabled: false,
        httpPorts: [0],
        httpsPorts: [0],
        ipv6Enabled: false,
        protectionResource: "string",
        tlsVersion: "string",
        xffHeaderMode: 0,
        xffHeaders: ["string"],
    },
    redirect: {
        loadbalance: "string",
        keepalive: false,
        focusHttpBackend: false,
        backends: ["string"],
        keepaliveRequests: 0,
        keepaliveTimeout: 0,
        connectTimeout: 0,
        readTimeout: 0,
        requestHeaders: [{
            key: "string",
            value: "string",
        }],
        retry: false,
        sniEnabled: false,
        sniHost: "string",
        writeTimeout: 0,
    },
    accessType: "string",
});
Copy
type: alicloud:wafv3:Domain
properties:
    accessType: string
    domain: string
    instanceId: string
    listen:
        certId: string
        cipherSuite: 0
        customCiphers:
            - string
        enableTlsv3: false
        exclusiveIp: false
        focusHttps: false
        http2Enabled: false
        httpPorts:
            - 0
        httpsPorts:
            - 0
        ipv6Enabled: false
        protectionResource: string
        tlsVersion: string
        xffHeaderMode: 0
        xffHeaders:
            - string
    redirect:
        backends:
            - string
        connectTimeout: 0
        focusHttpBackend: false
        keepalive: false
        keepaliveRequests: 0
        keepaliveTimeout: 0
        loadbalance: string
        readTimeout: 0
        requestHeaders:
            - key: string
              value: string
        retry: false
        sniEnabled: false
        sniHost: string
        writeTimeout: 0
Copy

Domain Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Domain resource accepts the following input properties:

DomainName
This property is required.
Changes to this property will trigger replacement.
string
The name of the domain name to query.
InstanceId
This property is required.
Changes to this property will trigger replacement.
string
WAF instance ID
Listen This property is required. Pulumi.AliCloud.Wafv3.Inputs.DomainListen
Configure listening information. See listen below.
Redirect This property is required. Pulumi.AliCloud.Wafv3.Inputs.DomainRedirect
Configure forwarding information. See redirect below.
AccessType string
The access type of the WAF instance. Value: share (default): CNAME access.
Domain
This property is required.
Changes to this property will trigger replacement.
string
The name of the domain name to query.
InstanceId
This property is required.
Changes to this property will trigger replacement.
string
WAF instance ID
Listen This property is required. DomainListenArgs
Configure listening information. See listen below.
Redirect This property is required. DomainRedirectArgs
Configure forwarding information. See redirect below.
AccessType string
The access type of the WAF instance. Value: share (default): CNAME access.
domain
This property is required.
Changes to this property will trigger replacement.
String
The name of the domain name to query.
instanceId
This property is required.
Changes to this property will trigger replacement.
String
WAF instance ID
listen This property is required. DomainListen
Configure listening information. See listen below.
redirect This property is required. DomainRedirect
Configure forwarding information. See redirect below.
accessType String
The access type of the WAF instance. Value: share (default): CNAME access.
domain
This property is required.
Changes to this property will trigger replacement.
string
The name of the domain name to query.
instanceId
This property is required.
Changes to this property will trigger replacement.
string
WAF instance ID
listen This property is required. DomainListen
Configure listening information. See listen below.
redirect This property is required. DomainRedirect
Configure forwarding information. See redirect below.
accessType string
The access type of the WAF instance. Value: share (default): CNAME access.
domain
This property is required.
Changes to this property will trigger replacement.
str
The name of the domain name to query.
instance_id
This property is required.
Changes to this property will trigger replacement.
str
WAF instance ID
listen This property is required. DomainListenArgs
Configure listening information. See listen below.
redirect This property is required. DomainRedirectArgs
Configure forwarding information. See redirect below.
access_type str
The access type of the WAF instance. Value: share (default): CNAME access.
domain
This property is required.
Changes to this property will trigger replacement.
String
The name of the domain name to query.
instanceId
This property is required.
Changes to this property will trigger replacement.
String
WAF instance ID
listen This property is required. Property Map
Configure listening information. See listen below.
redirect This property is required. Property Map
Configure forwarding information. See redirect below.
accessType String
The access type of the WAF instance. Value: share (default): CNAME access.

Outputs

All input properties are implicitly available as output properties. Additionally, the Domain resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
ResourceManagerResourceGroupId string
The ID of the resource group.
Status string
The status of the resource.
Id string
The provider-assigned unique ID for this managed resource.
ResourceManagerResourceGroupId string
The ID of the resource group.
Status string
The status of the resource.
id String
The provider-assigned unique ID for this managed resource.
resourceManagerResourceGroupId String
The ID of the resource group.
status String
The status of the resource.
id string
The provider-assigned unique ID for this managed resource.
resourceManagerResourceGroupId string
The ID of the resource group.
status string
The status of the resource.
id str
The provider-assigned unique ID for this managed resource.
resource_manager_resource_group_id str
The ID of the resource group.
status str
The status of the resource.
id String
The provider-assigned unique ID for this managed resource.
resourceManagerResourceGroupId String
The ID of the resource group.
status String
The status of the resource.

Look up Existing Domain Resource

Get an existing Domain resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: DomainState, opts?: CustomResourceOptions): Domain
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_type: Optional[str] = None,
        domain: Optional[str] = None,
        instance_id: Optional[str] = None,
        listen: Optional[DomainListenArgs] = None,
        redirect: Optional[DomainRedirectArgs] = None,
        resource_manager_resource_group_id: Optional[str] = None,
        status: Optional[str] = None) -> Domain
func GetDomain(ctx *Context, name string, id IDInput, state *DomainState, opts ...ResourceOption) (*Domain, error)
public static Domain Get(string name, Input<string> id, DomainState? state, CustomResourceOptions? opts = null)
public static Domain get(String name, Output<String> id, DomainState state, CustomResourceOptions options)
resources:  _:    type: alicloud:wafv3:Domain    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AccessType string
The access type of the WAF instance. Value: share (default): CNAME access.
DomainName Changes to this property will trigger replacement. string
The name of the domain name to query.
InstanceId Changes to this property will trigger replacement. string
WAF instance ID
Listen Pulumi.AliCloud.Wafv3.Inputs.DomainListen
Configure listening information. See listen below.
Redirect Pulumi.AliCloud.Wafv3.Inputs.DomainRedirect
Configure forwarding information. See redirect below.
ResourceManagerResourceGroupId string
The ID of the resource group.
Status string
The status of the resource.
AccessType string
The access type of the WAF instance. Value: share (default): CNAME access.
Domain Changes to this property will trigger replacement. string
The name of the domain name to query.
InstanceId Changes to this property will trigger replacement. string
WAF instance ID
Listen DomainListenArgs
Configure listening information. See listen below.
Redirect DomainRedirectArgs
Configure forwarding information. See redirect below.
ResourceManagerResourceGroupId string
The ID of the resource group.
Status string
The status of the resource.
accessType String
The access type of the WAF instance. Value: share (default): CNAME access.
domain Changes to this property will trigger replacement. String
The name of the domain name to query.
instanceId Changes to this property will trigger replacement. String
WAF instance ID
listen DomainListen
Configure listening information. See listen below.
redirect DomainRedirect
Configure forwarding information. See redirect below.
resourceManagerResourceGroupId String
The ID of the resource group.
status String
The status of the resource.
accessType string
The access type of the WAF instance. Value: share (default): CNAME access.
domain Changes to this property will trigger replacement. string
The name of the domain name to query.
instanceId Changes to this property will trigger replacement. string
WAF instance ID
listen DomainListen
Configure listening information. See listen below.
redirect DomainRedirect
Configure forwarding information. See redirect below.
resourceManagerResourceGroupId string
The ID of the resource group.
status string
The status of the resource.
access_type str
The access type of the WAF instance. Value: share (default): CNAME access.
domain Changes to this property will trigger replacement. str
The name of the domain name to query.
instance_id Changes to this property will trigger replacement. str
WAF instance ID
listen DomainListenArgs
Configure listening information. See listen below.
redirect DomainRedirectArgs
Configure forwarding information. See redirect below.
resource_manager_resource_group_id str
The ID of the resource group.
status str
The status of the resource.
accessType String
The access type of the WAF instance. Value: share (default): CNAME access.
domain Changes to this property will trigger replacement. String
The name of the domain name to query.
instanceId Changes to this property will trigger replacement. String
WAF instance ID
listen Property Map
Configure listening information. See listen below.
redirect Property Map
Configure forwarding information. See redirect below.
resourceManagerResourceGroupId String
The ID of the resource group.
status String
The status of the resource.

Supporting Types

DomainListen
, DomainListenArgs

CertId string
The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
CipherSuite int
The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • 1: indicates that all encryption suites are added.
  • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
  • 99: indicates that a custom encryption suite is added.
CustomCiphers List<string>
The specific custom encryption suite to add.
EnableTlsv3 bool
Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that TSL1.3 is supported.
  • false: indicates that TSL1.3 is not supported.
ExclusiveIp bool
Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

  • true: indicates that the exclusive IP address is enabled.
  • false (default): indicates that exclusive IP address is not enabled.
FocusHttps bool
Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

  • true: indicates that HTTPS forced redirection is enabled.
  • false: indicates that HTTPS forced redirection is not enabled.
Http2Enabled bool
Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that HTTP2 is enabled.
  • false (default): indicates that HTTP2 is not enabled.
HttpPorts List<int>
The listening port of the HTTP protocol.
HttpsPorts List<int>
The listening port of the HTTPS protocol.
Ipv6Enabled bool
Whether IPv6 is turned on. Value:

  • true: indicates that IPv6 is enabled.
  • false (default): indicates that IPv6 is not enabled.
ProtectionResource string
The type of protection resource to use. Value:

  • share (default): indicates that a shared cluster is used.
  • gslb: indicates that the shared cluster intelligent load balancing is used.
TlsVersion string
The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
XffHeaderMode int
WAF obtains the real IP address of the client. Value:

  • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
  • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
  • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
XffHeaders List<string>
Set the list of custom fields used to obtain the client IP address.
CertId string
The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
CipherSuite int
The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • 1: indicates that all encryption suites are added.
  • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
  • 99: indicates that a custom encryption suite is added.
CustomCiphers []string
The specific custom encryption suite to add.
EnableTlsv3 bool
Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that TSL1.3 is supported.
  • false: indicates that TSL1.3 is not supported.
ExclusiveIp bool
Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

  • true: indicates that the exclusive IP address is enabled.
  • false (default): indicates that exclusive IP address is not enabled.
FocusHttps bool
Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

  • true: indicates that HTTPS forced redirection is enabled.
  • false: indicates that HTTPS forced redirection is not enabled.
Http2Enabled bool
Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that HTTP2 is enabled.
  • false (default): indicates that HTTP2 is not enabled.
HttpPorts []int
The listening port of the HTTP protocol.
HttpsPorts []int
The listening port of the HTTPS protocol.
Ipv6Enabled bool
Whether IPv6 is turned on. Value:

  • true: indicates that IPv6 is enabled.
  • false (default): indicates that IPv6 is not enabled.
ProtectionResource string
The type of protection resource to use. Value:

  • share (default): indicates that a shared cluster is used.
  • gslb: indicates that the shared cluster intelligent load balancing is used.
TlsVersion string
The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
XffHeaderMode int
WAF obtains the real IP address of the client. Value:

  • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
  • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
  • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
XffHeaders []string
Set the list of custom fields used to obtain the client IP address.
certId String
The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
cipherSuite Integer
The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • 1: indicates that all encryption suites are added.
  • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
  • 99: indicates that a custom encryption suite is added.
customCiphers List<String>
The specific custom encryption suite to add.
enableTlsv3 Boolean
Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that TSL1.3 is supported.
  • false: indicates that TSL1.3 is not supported.
exclusiveIp Boolean
Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

  • true: indicates that the exclusive IP address is enabled.
  • false (default): indicates that exclusive IP address is not enabled.
focusHttps Boolean
Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

  • true: indicates that HTTPS forced redirection is enabled.
  • false: indicates that HTTPS forced redirection is not enabled.
http2Enabled Boolean
Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that HTTP2 is enabled.
  • false (default): indicates that HTTP2 is not enabled.
httpPorts List<Integer>
The listening port of the HTTP protocol.
httpsPorts List<Integer>
The listening port of the HTTPS protocol.
ipv6Enabled Boolean
Whether IPv6 is turned on. Value:

  • true: indicates that IPv6 is enabled.
  • false (default): indicates that IPv6 is not enabled.
protectionResource String
The type of protection resource to use. Value:

  • share (default): indicates that a shared cluster is used.
  • gslb: indicates that the shared cluster intelligent load balancing is used.
tlsVersion String
The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
xffHeaderMode Integer
WAF obtains the real IP address of the client. Value:

  • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
  • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
  • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
xffHeaders List<String>
Set the list of custom fields used to obtain the client IP address.
certId string
The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
cipherSuite number
The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • 1: indicates that all encryption suites are added.
  • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
  • 99: indicates that a custom encryption suite is added.
customCiphers string[]
The specific custom encryption suite to add.
enableTlsv3 boolean
Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that TSL1.3 is supported.
  • false: indicates that TSL1.3 is not supported.
exclusiveIp boolean
Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

  • true: indicates that the exclusive IP address is enabled.
  • false (default): indicates that exclusive IP address is not enabled.
focusHttps boolean
Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

  • true: indicates that HTTPS forced redirection is enabled.
  • false: indicates that HTTPS forced redirection is not enabled.
http2Enabled boolean
Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that HTTP2 is enabled.
  • false (default): indicates that HTTP2 is not enabled.
httpPorts number[]
The listening port of the HTTP protocol.
httpsPorts number[]
The listening port of the HTTPS protocol.
ipv6Enabled boolean
Whether IPv6 is turned on. Value:

  • true: indicates that IPv6 is enabled.
  • false (default): indicates that IPv6 is not enabled.
protectionResource string
The type of protection resource to use. Value:

  • share (default): indicates that a shared cluster is used.
  • gslb: indicates that the shared cluster intelligent load balancing is used.
tlsVersion string
The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
xffHeaderMode number
WAF obtains the real IP address of the client. Value:

  • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
  • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
  • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
xffHeaders string[]
Set the list of custom fields used to obtain the client IP address.
cert_id str
The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
cipher_suite int
The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • 1: indicates that all encryption suites are added.
  • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
  • 99: indicates that a custom encryption suite is added.
custom_ciphers Sequence[str]
The specific custom encryption suite to add.
enable_tlsv3 bool
Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that TSL1.3 is supported.
  • false: indicates that TSL1.3 is not supported.
exclusive_ip bool
Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

  • true: indicates that the exclusive IP address is enabled.
  • false (default): indicates that exclusive IP address is not enabled.
focus_https bool
Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

  • true: indicates that HTTPS forced redirection is enabled.
  • false: indicates that HTTPS forced redirection is not enabled.
http2_enabled bool
Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that HTTP2 is enabled.
  • false (default): indicates that HTTP2 is not enabled.
http_ports Sequence[int]
The listening port of the HTTP protocol.
https_ports Sequence[int]
The listening port of the HTTPS protocol.
ipv6_enabled bool
Whether IPv6 is turned on. Value:

  • true: indicates that IPv6 is enabled.
  • false (default): indicates that IPv6 is not enabled.
protection_resource str
The type of protection resource to use. Value:

  • share (default): indicates that a shared cluster is used.
  • gslb: indicates that the shared cluster intelligent load balancing is used.
tls_version str
The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
xff_header_mode int
WAF obtains the real IP address of the client. Value:

  • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
  • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
  • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
xff_headers Sequence[str]
Set the list of custom fields used to obtain the client IP address.
certId String
The ID of the certificate to be added. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol).
cipherSuite Number
The type of encryption suite to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • 1: indicates that all encryption suites are added.
  • 2: indicates that a strong encryption package is added. You can select this value only if the value of tls_version is tlsv1.2.
  • 99: indicates that a custom encryption suite is added.
customCiphers List<String>
The specific custom encryption suite to add.
enableTlsv3 Boolean
Whether TSL1.3 version is supported. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that TSL1.3 is supported.
  • false: indicates that TSL1.3 is not supported.
exclusiveIp Boolean
Whether to enable exclusive IP address. This parameter is used only when the value of ipv6_enabled is false (indicating that IPv6 is not enabled) and the value of protection_resource is share (indicating that a shared cluster is used). Value:

  • true: indicates that the exclusive IP address is enabled.
  • false (default): indicates that exclusive IP address is not enabled.
focusHttps Boolean
Whether to enable the forced jump of HTTPS. This parameter is used only when the value of https_ports is not empty (indicating that the domain name uses HTTPS protocol) and the value of httports is empty (indicating that the domain name does not use HTTP protocol). Value:

  • true: indicates that HTTPS forced redirection is enabled.
  • false: indicates that HTTPS forced redirection is not enabled.
http2Enabled Boolean
Whether to turn on http2. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that HTTP2 is enabled.
  • false (default): indicates that HTTP2 is not enabled.
httpPorts List<Number>
The listening port of the HTTP protocol.
httpsPorts List<Number>
The listening port of the HTTPS protocol.
ipv6Enabled Boolean
Whether IPv6 is turned on. Value:

  • true: indicates that IPv6 is enabled.
  • false (default): indicates that IPv6 is not enabled.
protectionResource String
The type of protection resource to use. Value:

  • share (default): indicates that a shared cluster is used.
  • gslb: indicates that the shared cluster intelligent load balancing is used.
tlsVersion String
The version of TLS to add. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value: tlsv1, tlsv1.1, tlsv1.2.
xffHeaderMode Number
WAF obtains the real IP address of the client. Value:

  • 0 (default): indicates that the client has not forwarded the traffic to WAF through other layer -7 agents.
  • 1: indicates that the first value of the X-Forwarded-For(XFF) field in the WAF read request header is used as the client IP address.
  • 2: indicates that the custom field value set by you in the WAF read request header is used as the client IP address.
xffHeaders List<String>
Set the list of custom fields used to obtain the client IP address.

DomainRedirect
, DomainRedirectArgs

Loadbalance This property is required. string
The load balancing algorithm used when returning to the source. Value:

  • iphash: indicates the IPHash algorithm.
  • roundRobin: indicates the polling algorithm.
  • leastTime: indicates the Least Time algorithm.
  • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
Backends List<string>
The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
ConnectTimeout int
Connection timeout. Unit: seconds, value range: 5~120.
FocusHttpBackend bool
Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that forced HTTP back-to-origin is enabled.
  • false: indicates that forced HTTP back-to-origin is not enabled.
Keepalive bool
Open long connection, default true.
KeepaliveRequests int
Number of long connections, default: 60. range :60-1000.
KeepaliveTimeout int
Long connection over time, default: 15. Range: 1-60.
ReadTimeout int
Read timeout duration. Unit: seconds, Value range: 5~1800.
RequestHeaders List<Pulumi.AliCloud.Wafv3.Inputs.DomainRedirectRequestHeader>
The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
Retry bool
Back to Source Retry. default: true, retry 3 times by default.
SniEnabled bool
Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that the back-to-source SNI is enabled.
  • false (default) indicates that the back-to-source SNI is not enabled.
SniHost string
Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
WriteTimeout int
Write timeout duration> Unit: seconds, Value range: 5~1800.
Loadbalance This property is required. string
The load balancing algorithm used when returning to the source. Value:

  • iphash: indicates the IPHash algorithm.
  • roundRobin: indicates the polling algorithm.
  • leastTime: indicates the Least Time algorithm.
  • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
Backends []string
The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
ConnectTimeout int
Connection timeout. Unit: seconds, value range: 5~120.
FocusHttpBackend bool
Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that forced HTTP back-to-origin is enabled.
  • false: indicates that forced HTTP back-to-origin is not enabled.
Keepalive bool
Open long connection, default true.
KeepaliveRequests int
Number of long connections, default: 60. range :60-1000.
KeepaliveTimeout int
Long connection over time, default: 15. Range: 1-60.
ReadTimeout int
Read timeout duration. Unit: seconds, Value range: 5~1800.
RequestHeaders []DomainRedirectRequestHeader
The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
Retry bool
Back to Source Retry. default: true, retry 3 times by default.
SniEnabled bool
Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that the back-to-source SNI is enabled.
  • false (default) indicates that the back-to-source SNI is not enabled.
SniHost string
Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
WriteTimeout int
Write timeout duration> Unit: seconds, Value range: 5~1800.
loadbalance This property is required. String
The load balancing algorithm used when returning to the source. Value:

  • iphash: indicates the IPHash algorithm.
  • roundRobin: indicates the polling algorithm.
  • leastTime: indicates the Least Time algorithm.
  • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
backends List<String>
The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
connectTimeout Integer
Connection timeout. Unit: seconds, value range: 5~120.
focusHttpBackend Boolean
Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that forced HTTP back-to-origin is enabled.
  • false: indicates that forced HTTP back-to-origin is not enabled.
keepalive Boolean
Open long connection, default true.
keepaliveRequests Integer
Number of long connections, default: 60. range :60-1000.
keepaliveTimeout Integer
Long connection over time, default: 15. Range: 1-60.
readTimeout Integer
Read timeout duration. Unit: seconds, Value range: 5~1800.
requestHeaders List<DomainRedirectRequestHeader>
The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
retry Boolean
Back to Source Retry. default: true, retry 3 times by default.
sniEnabled Boolean
Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that the back-to-source SNI is enabled.
  • false (default) indicates that the back-to-source SNI is not enabled.
sniHost String
Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
writeTimeout Integer
Write timeout duration> Unit: seconds, Value range: 5~1800.
loadbalance This property is required. string
The load balancing algorithm used when returning to the source. Value:

  • iphash: indicates the IPHash algorithm.
  • roundRobin: indicates the polling algorithm.
  • leastTime: indicates the Least Time algorithm.
  • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
backends string[]
The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
connectTimeout number
Connection timeout. Unit: seconds, value range: 5~120.
focusHttpBackend boolean
Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that forced HTTP back-to-origin is enabled.
  • false: indicates that forced HTTP back-to-origin is not enabled.
keepalive boolean
Open long connection, default true.
keepaliveRequests number
Number of long connections, default: 60. range :60-1000.
keepaliveTimeout number
Long connection over time, default: 15. Range: 1-60.
readTimeout number
Read timeout duration. Unit: seconds, Value range: 5~1800.
requestHeaders DomainRedirectRequestHeader[]
The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
retry boolean
Back to Source Retry. default: true, retry 3 times by default.
sniEnabled boolean
Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that the back-to-source SNI is enabled.
  • false (default) indicates that the back-to-source SNI is not enabled.
sniHost string
Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
writeTimeout number
Write timeout duration> Unit: seconds, Value range: 5~1800.
loadbalance This property is required. str
The load balancing algorithm used when returning to the source. Value:

  • iphash: indicates the IPHash algorithm.
  • roundRobin: indicates the polling algorithm.
  • leastTime: indicates the Least Time algorithm.
  • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
backends Sequence[str]
The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
connect_timeout int
Connection timeout. Unit: seconds, value range: 5~120.
focus_http_backend bool
Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that forced HTTP back-to-origin is enabled.
  • false: indicates that forced HTTP back-to-origin is not enabled.
keepalive bool
Open long connection, default true.
keepalive_requests int
Number of long connections, default: 60. range :60-1000.
keepalive_timeout int
Long connection over time, default: 15. Range: 1-60.
read_timeout int
Read timeout duration. Unit: seconds, Value range: 5~1800.
request_headers Sequence[DomainRedirectRequestHeader]
The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
retry bool
Back to Source Retry. default: true, retry 3 times by default.
sni_enabled bool
Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that the back-to-source SNI is enabled.
  • false (default) indicates that the back-to-source SNI is not enabled.
sni_host str
Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
write_timeout int
Write timeout duration> Unit: seconds, Value range: 5~1800.
loadbalance This property is required. String
The load balancing algorithm used when returning to the source. Value:

  • iphash: indicates the IPHash algorithm.
  • roundRobin: indicates the polling algorithm.
  • leastTime: indicates the Least Time algorithm.
  • This value can be selected only if the value of protection_resource is gslb (indicating that the protected resource type uses shared cluster intelligent load balancing).
backends List<String>
The IP address of the origin server corresponding to the domain name or the back-to-origin domain name of the server.
connectTimeout Number
Connection timeout. Unit: seconds, value range: 5~120.
focusHttpBackend Boolean
Whether to enable forced HTTP back-to-origin. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that forced HTTP back-to-origin is enabled.
  • false: indicates that forced HTTP back-to-origin is not enabled.
keepalive Boolean
Open long connection, default true.
keepaliveRequests Number
Number of long connections, default: 60. range :60-1000.
keepaliveTimeout Number
Long connection over time, default: 15. Range: 1-60.
readTimeout Number
Read timeout duration. Unit: seconds, Value range: 5~1800.
requestHeaders List<Property Map>
The traffic tag field and value of the domain name which used to mark the traffic processed by WAF. It formats as [{" k ":"_key_"," v ":"_value_"}]. Where the k represents the specified custom request header field, and the v represents the value set for this field. By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value. See request_headers below.
retry Boolean
Back to Source Retry. default: true, retry 3 times by default.
sniEnabled Boolean
Whether to enable back-to-source SNI. This parameter is used only if the value of https_ports is not empty (indicating that the domain name uses the HTTPS protocol). Value:

  • true: indicates that the back-to-source SNI is enabled.
  • false (default) indicates that the back-to-source SNI is not enabled.
sniHost String
Sets the value of the custom SNI extension field. If this parameter is not set, the value of the Host field in the request header is used as the value of the SNI extension field by default.In general, you do not need to customize SNI unless your business has special configuration requirements. You want WAF to use SNI that is inconsistent with the actual request Host in the back-to-origin request (that is, the custom SNI set here).> This parameter is required only when sni_enalbed is set to true (indicating that back-to-source SNI is enabled).
writeTimeout Number
Write timeout duration> Unit: seconds, Value range: 5~1800.

DomainRedirectRequestHeader
, DomainRedirectRequestHeaderArgs

Key string
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
Value string
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
Key string
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
Value string
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
key String
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
value String
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
key string
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
value string
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
key str
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
value str
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
key String
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.
value String
The traffic tag field and value of the domain name, which is used to mark the traffic processed by WAF. the format of this parameter value is [{" k ":"key"," v ":"value"}]. where_key_represents the specified custom request header field, and_value_represents the value set for this field.By specifying the custom request header field and the corresponding value, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field value to the request header as the traffic mark, which is convenient for backend service statistics.Explain that if the custom header field already exists in the request, the system will overwrite the value of the custom field in the request with the set traffic tag value.

Import

Wafv3 Domain can be imported using the id, e.g.

$ pulumi import alicloud:wafv3/domain:Domain example <instance_id>:<domain>
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
Alibaba Cloud pulumi/pulumi-alicloud
License
Apache-2.0
Notes
This Pulumi package is based on the alicloud Terraform Provider.