diff options
Diffstat (limited to 'data/en_us/waf-openapi')
| -rw-r--r-- | data/en_us/waf-openapi/2017-09-30/api-docs.php | 802 | ||||
| -rw-r--r-- | data/en_us/waf-openapi/2019-09-10/api-docs.php | 10168 | ||||
| -rw-r--r-- | data/en_us/waf-openapi/2021-10-01/api-docs.php | 58559 |
3 files changed, 34473 insertions, 35056 deletions
diff --git a/data/en_us/waf-openapi/2017-09-30/api-docs.php b/data/en_us/waf-openapi/2017-09-30/api-docs.php index d7f42ff..1a83363 100644 --- a/data/en_us/waf-openapi/2017-09-30/api-docs.php +++ b/data/en_us/waf-openapi/2017-09-30/api-docs.php @@ -1,30 +1,12 @@ <?php return [ 'version' => '1.0', - 'info' => [ - 'style' => 'RPC', - 'product' => 'waf-openapi', - 'version' => '2017-09-30', - ], + 'info' => ['style' => 'RPC', 'product' => 'waf-openapi', 'version' => '2017-09-30'], 'directories' => [ [ 'id' => 0, 'title' => '其它', 'type' => 'directory', - 'children' => [ - 'AppOpenAck', - 'DescribeDomainNames', - 'CreateDomainConfig', - 'DescribeDomains', - 'DescribeHttpsCertInUse', - 'DescribeNeedUpgradeDomainLimit', - 'DescribePackage', - 'DescribeQps', - 'DescribeRegionStatus', - 'DescribeRegions', - 'ModifyDomainPackageCount', - 'ModifyDomainConfig', - 'ModifyWafSwitch', - ], + 'children' => ['AppOpenAck', 'DescribeDomainNames', 'CreateDomainConfig', 'DescribeDomains', 'DescribeHttpsCertInUse', 'DescribeNeedUpgradeDomainLimit', 'DescribePackage', 'DescribeQps', 'DescribeRegionStatus', 'DescribeRegions', 'ModifyDomainPackageCount', 'ModifyDomainConfig', 'ModifyWafSwitch'], ], ], 'components' => [ @@ -32,14 +14,8 @@ ], 'apis' => [ 'AppOpenAck' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -48,51 +24,33 @@ 'systemTags' => [ 'operationType' => 'update', 'abilityTreeCode' => '92965', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], [ 'name' => 'AppName', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'ServiceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'AsyncMethod', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Ack', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], ], 'responses' => [ @@ -100,38 +58,24 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], ], ], ], ], 'errorCodes' => [ 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.'], ], 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.'], ], ], 'responseDemo' => null, ], 'DescribeDomainNames' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -140,27 +84,18 @@ 'systemTags' => [ 'operationType' => 'get', 'abilityTreeCode' => '92968', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], ], 'responses' => [ @@ -168,18 +103,14 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], 'DomainNames' => [ 'type' => 'object', 'itemNode' => true, 'properties' => [ 'DomainName' => [ 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['type' => 'string'], ], ], ], @@ -189,29 +120,17 @@ ], 'errorCodes' => [ 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.'], ], 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.'], ], ], 'responseDemo' => null, ], 'CreateDomainConfig' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -220,134 +139,78 @@ 'systemTags' => [ 'operationType' => 'create', 'abilityTreeCode' => '92966', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'Caller', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'SourceIps', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Protocols', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'HttpPort', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['type' => 'string', 'required' => false], ], [ 'name' => 'HttpsPort', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['type' => 'string', 'required' => false], ], [ 'name' => 'RsType', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'IsAccessProduct', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '1', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1'], ], [ 'name' => 'LoadBalancing', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'HttpsRedirect', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'HttpToUserIp', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'IsNonStandardPort', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], ], 'responses' => [ @@ -355,12 +218,8 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'Cname' => [ - 'type' => 'string', - ], - 'RequestId' => [ - 'type' => 'string', - ], + 'Cname' => ['type' => 'string'], + 'RequestId' => ['type' => 'string'], ], ], ], @@ -368,14 +227,8 @@ 'responseDemo' => null, ], 'DescribeDomains' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -384,56 +237,33 @@ 'systemTags' => [ 'operationType' => 'list', 'abilityTreeCode' => '92969', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => '', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Page', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '1', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1'], ], [ 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '10', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '10'], ], ], 'responses' => [ @@ -447,61 +277,36 @@ 'properties' => [ 'Domain' => [ 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['type' => 'string'], ], ], ], 'PageInfo' => [ 'type' => 'object', 'properties' => [ - 'PageSize' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'CurrentPage' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'Total' => [ - 'type' => 'integer', - 'format' => 'int32', - ], + 'PageSize' => ['type' => 'integer', 'format' => 'int32'], + 'CurrentPage' => ['type' => 'integer', 'format' => 'int32'], + 'Total' => ['type' => 'integer', 'format' => 'int32'], ], ], - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], ], ], ], ], 'errorCodes' => [ 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.'], ], 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.'], ], ], 'responseDemo' => null, ], 'DescribeHttpsCertInUse' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -510,27 +315,18 @@ 'systemTags' => [ 'operationType' => 'get', 'abilityTreeCode' => '92971', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], ], 'responses' => [ @@ -538,21 +334,11 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'CertContent' => [ - 'type' => 'string', - ], - 'RequestId' => [ - 'type' => 'string', - ], - 'CertId' => [ - 'type' => 'string', - ], - 'CertName' => [ - 'type' => 'string', - ], - 'CertKey' => [ - 'type' => 'string', - ], + 'CertContent' => ['type' => 'string'], + 'RequestId' => ['type' => 'string'], + 'CertId' => ['type' => 'string'], + 'CertName' => ['type' => 'string'], + 'CertKey' => ['type' => 'string'], ], ], ], @@ -560,14 +346,8 @@ 'responseDemo' => null, ], 'DescribeNeedUpgradeDomainLimit' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -576,35 +356,23 @@ 'systemTags' => [ 'operationType' => 'get', 'abilityTreeCode' => '92972', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], ], 'responses' => [ @@ -612,12 +380,8 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], - 'NeedUpgrade' => [ - 'type' => 'boolean', - ], + 'RequestId' => ['type' => 'string'], + 'NeedUpgrade' => ['type' => 'boolean'], ], ], ], @@ -625,14 +389,8 @@ 'responseDemo' => null, ], 'DescribePackage' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -641,19 +399,13 @@ 'systemTags' => [ 'operationType' => 'get', 'abilityTreeCode' => '92973', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], ], 'responses' => [ @@ -661,28 +413,17 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], - 'InstanceId' => [ - 'type' => 'string', - ], - 'Version' => [ - 'type' => 'string', - ], - 'ExpireTime' => [ - 'type' => 'integer', - 'format' => 'int64', - ], + 'RequestId' => ['type' => 'string'], + 'InstanceId' => ['type' => 'string'], + 'Version' => ['type' => 'string'], + 'ExpireTime' => ['type' => 'integer', 'format' => 'int64'], 'Rules' => [ 'type' => 'object', 'itemNode' => true, 'properties' => [ 'Rule' => [ 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['type' => 'string'], ], ], ], @@ -692,29 +433,17 @@ ], 'errorCodes' => [ 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.'], ], 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.'], ], ], 'responseDemo' => null, ], 'DescribeQps' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -723,62 +452,38 @@ 'systemTags' => [ 'operationType' => 'get', 'abilityTreeCode' => '92974', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['type' => 'string', 'required' => false], ], [ 'name' => 'Interval', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => true], ], [ 'name' => 'StartMillisecond', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - ], + 'schema' => ['type' => 'integer', 'format' => 'int64', 'required' => true], ], [ 'name' => 'EndMillisecond', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - ], + 'schema' => ['type' => 'integer', 'format' => 'int64', 'required' => true], ], [ 'name' => 'Field', @@ -786,9 +491,7 @@ 'style' => 'repeatList', 'schema' => [ 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['type' => 'string'], 'required' => true, 'maxItems' => 200, ], @@ -799,24 +502,13 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], 'TimeScope' => [ 'type' => 'object', 'properties' => [ - 'Start' => [ - 'type' => 'integer', - 'format' => 'int64', - ], - 'End' => [ - 'type' => 'integer', - 'format' => 'int64', - ], - 'Step' => [ - 'type' => 'integer', - 'format' => 'int32', - ], + 'Start' => ['type' => 'integer', 'format' => 'int64'], + 'End' => ['type' => 'integer', 'format' => 'int64'], + 'Step' => ['type' => 'integer', 'format' => 'int32'], ], ], 'Items' => [ @@ -825,9 +517,7 @@ 'properties' => [ 'Qps' => [ 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['type' => 'string'], ], ], ], @@ -837,71 +527,43 @@ ], 'errorCodes' => [ 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.'], ], 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.'], ], ], 'responseDemo' => null, ], 'DescribeRegionStatus' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'SourceIp', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['type' => 'string', 'required' => false], ], [ 'name' => 'Lang', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['type' => 'string', 'required' => false], ], [ 'name' => 'InstanceSource', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'waf-cloud', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'waf-cloud'], ], [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], ], 'responses' => [ @@ -909,46 +571,26 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'InDebt' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'RequestId' => [ - 'type' => 'string', - ], - 'PayType' => [ - 'type' => 'integer', - 'format' => 'int32', - ], + 'InDebt' => ['type' => 'integer', 'format' => 'int32'], + 'RequestId' => ['type' => 'string'], + 'PayType' => ['type' => 'integer', 'format' => 'int32'], ], ], ], ], 'errorCodes' => [ 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.'], ], 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.'], ], ], 'responseDemo' => null, ], 'DescribeRegions' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -957,9 +599,7 @@ 'systemTags' => [ 'operationType' => 'list', 'abilityTreeCode' => '92975', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [], 'responses' => [ @@ -967,18 +607,14 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], 'Regions' => [ 'type' => 'object', 'itemNode' => true, 'properties' => [ 'Region' => [ 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['type' => 'string'], ], ], ], @@ -988,29 +624,17 @@ ], 'errorCodes' => [ 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.'], ], 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.'], ], ], 'responseDemo' => null, ], 'ModifyDomainPackageCount' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -1019,36 +643,23 @@ 'systemTags' => [ 'operationType' => 'update', 'abilityTreeCode' => '92983', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'DomainPackageCount', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => true], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], ], 'responses' => [ @@ -1056,9 +667,7 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], ], ], ], @@ -1066,14 +675,8 @@ 'responseDemo' => null, ], 'ModifyDomainConfig' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -1082,134 +685,78 @@ 'systemTags' => [ 'operationType' => 'update', 'abilityTreeCode' => '92982', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'Caller', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'SourceIps', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Protocols', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'HttpPort', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['type' => 'string', 'required' => false], ], [ 'name' => 'HttpsPort', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['type' => 'string', 'required' => false], ], [ 'name' => 'RsType', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'IsAccessProduct', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '1', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1'], ], [ 'name' => 'LoadBalancing', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'HttpsRedirect', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'HttpToUserIp', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'default' => '0', - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0'], ], [ 'name' => 'IsNonStandardPort', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => false], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], ], 'responses' => [ @@ -1217,9 +764,7 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], ], ], ], @@ -1227,14 +772,8 @@ 'responseDemo' => null, ], 'ModifyWafSwitch' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -1243,52 +782,33 @@ 'systemTags' => [ 'operationType' => 'update', 'abilityTreeCode' => '92984', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'default' => 'cn', - ], + 'schema' => ['type' => 'string', 'required' => false, 'default' => 'cn'], ], [ 'name' => 'Caller', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], + 'schema' => ['type' => 'string', 'required' => true], ], [ 'name' => 'ServiceOn', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - ], + 'schema' => ['type' => 'integer', 'format' => 'int32', 'required' => true], ], ], 'responses' => [ @@ -1296,9 +816,7 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'type' => 'string', - ], + 'RequestId' => ['type' => 'string'], ], ], ], @@ -1307,13 +825,7 @@ ], ], 'endpoints' => [ - [ - 'regionId' => 'cn-hangzhou', - 'endpoint' => 'wafopenapi.cn-hangzhou.aliyuncs.com', - ], - [ - 'regionId' => 'ap-southeast-1', - 'endpoint' => 'wafopenapi.ap-southeast-1.aliyuncs.com', - ], + ['regionId' => 'cn-hangzhou', 'endpoint' => 'wafopenapi.cn-hangzhou.aliyuncs.com'], + ['regionId' => 'ap-southeast-1', 'endpoint' => 'wafopenapi.ap-southeast-1.aliyuncs.com'], ], ]; diff --git a/data/en_us/waf-openapi/2019-09-10/api-docs.php b/data/en_us/waf-openapi/2019-09-10/api-docs.php index 18c0c40..6ffbcdf 100644 --- a/data/en_us/waf-openapi/2019-09-10/api-docs.php +++ b/data/en_us/waf-openapi/2019-09-10/api-docs.php @@ -1,338 +1,89 @@ <?php return [ 'version' => '1.0', - 'info' => [ - 'style' => 'RPC', - 'product' => 'waf-openapi', - 'version' => '2019-09-10', - ], + 'info' => ['style' => 'RPC', 'product' => 'waf-openapi', 'version' => '2019-09-10'], 'directories' => [ [ - 'id' => 40429, - 'title' => 'Instance information', + 'children' => ['DescribeInstanceInfo', 'DescribeInstanceSpecInfo'], 'type' => 'directory', - 'children' => [ - 'DescribeInstanceInfo', - 'DescribeInstanceSpecInfo', - 'DeleteInstance', - ], + 'title' => 'Instance information', ], [ - 'id' => 40434, - 'title' => 'Domain configurations', + 'children' => ['DescribeDomainNames', 'DescribeDomain', 'ModifyDomain', 'DescribeCertificates', 'DescribeCertMatchStatus', 'CreateCertificateByCertificateId', 'DescribeDomainBasicConfigs', 'DescribeDomainAdvanceConfigs'], 'type' => 'directory', - 'children' => [ - 'DescribeDomainNames', - 'DescribeDomain', - 'CreateDomain', - 'ModifyDomain', - 'DeleteDomain', - 'DescribeCertificates', - 'DescribeCertMatchStatus', - 'CreateCertificate', - 'CreateCertificateByCertificateId', - 'DescribeDomainBasicConfigs', - 'DescribeDomainAdvanceConfigs', - 'DescribeDomainList', - ], + 'title' => 'Domain name configuration', ], [ - 'id' => 40447, - 'title' => 'Protection configuration', + 'children' => ['DescribeProtectionModuleMode', 'ModifyDomainIpv6Status', 'DescribeProtectionModuleStatus', 'ModifyProtectionModuleStatus', 'ModifyProtectionModuleMode', 'DescribeProtectionModuleRules', 'CreateProtectionModuleRule', 'ModifyProtectionModuleRule', 'ModifyProtectionRuleStatus', 'DescribeDomainRuleGroup', 'SetDomainRuleGroup', 'ModifyProtectionRuleCacheStatus', 'DeleteProtectionModuleRule', 'DescribeProtectionModuleCodeConfig', 'DescribeRuleGroups', 'DescribeRules'], 'type' => 'directory', - 'children' => [ - 'DescribeProtectionModuleMode', - 'ModifyDomainIpv6Status', - 'DescribeProtectionModuleStatus', - 'ModifyProtectionModuleStatus', - 'ModifyProtectionModuleMode', - 'DescribeProtectionModuleRules', - 'CreateProtectionModuleRule', - 'ModifyProtectionModuleRule', - 'ModifyProtectionRuleStatus', - 'DescribeDomainRuleGroup', - 'SetDomainRuleGroup', - 'ModifyProtectionRuleCacheStatus', - 'DeleteProtectionModuleRule', - 'DescribeProtectionModuleCodeConfig', - 'DescribeRuleGroups', - 'DescribeRules', - ], + 'title' => 'Protection configuration', ], [ - 'id' => 40462, - 'title' => 'Log management', + 'children' => ['DescribeWafSourceIpSegment'], 'type' => 'directory', - 'children' => [ - 'ModifyLogRetrievalStatus', - 'ModifyLogServiceStatus', - 'DescribeLogServiceStatus', - ], - ], - [ - 'id' => 40466, 'title' => 'System management', - 'type' => 'directory', - 'children' => [ - 'DescribeWafSourceIpSegment', - ], ], [ - 'id' => 171036, - 'title' => 'Resource operations', + 'children' => ['CreateCertificate', 'CreateDomain', 'DeleteDomain', 'DeleteInstance', 'DescribeDomainList', 'DescribeLogServiceStatus', 'ModifyLogRetrievalStatus', 'ModifyLogServiceStatus', 'MoveResourceGroup'], + 'title' => 'Others', 'type' => 'directory', - 'children' => [ - 'MoveResourceGroup', - ], ], ], 'components' => [ 'schemas' => [], ], 'apis' => [ - 'DescribeInstanceInfo' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'CreateCertificate' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => [], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'If you do not configure this parameter, all WAF instances in the Chinese mainland or all WAF instances outside the Chinese mainland are queried.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The domain name that has been added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'ResourceGroupId', + 'name' => 'Certificate', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. If you do not configure this parameter, the WAF instance belongs to the default resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The content of the certificate file.', 'type' => 'string', 'required' => false, 'default' => 'cn', 'example' => '-----BEGIN CERTIFICATE----- 62EcYPWd2Oy1vs6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02SIDNggIEeg== -----END CERTIFICATE-----', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'PrivateKey', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The content of the private key file that corresponds to the certificate.', 'type' => 'string', 'required' => true, 'example' => '-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3UKHJTRgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8bv5UK5G04RtKadOw== -----END RSA PRIVATE KEY-----', 'title' => ''], ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'InstanceInfo' => [ - 'description' => 'The information about the WAF instance.'."\n", - 'type' => 'object', - 'properties' => [ - 'Status' => [ - 'description' => 'Indicates whether the WAF instance expires. Valid values:'."\n" - ."\n" - .'* **0**: The instance expires.'."\n" - .'* **1**: The instance does not expire.'."\n" - ."\n" - .'> If the value of **PayType** is **0**, this parameter is not returned. The value 0 indicates that no WAF instances are purchased.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'EndDate' => [ - 'description' => 'The expiration time of the WAF instance. This value is a UNIX timestamp. Unit: seconds.'."\n" - ."\n" - .'> If the value of **PayType** is **0**, this parameter is not returned. The value 0 indicates that no WAF instances are purchased.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1512921600', - ], - 'Version' => [ - 'description' => 'The edition of the WAF instance. Valid values:'."\n" - ."\n" - .'* **version_pro_china**: a WAF Pro instance in the Chinese mainland'."\n" - .'* **version_business_china**: a WAF Business instance in the Chinese mainland'."\n" - .'* **version_enterprise_china**: a WAF Enterprise instance in the Chinese mainland'."\n" - .'* **version_exclusive_china**: a WAF Exclusive instance in the Chinese mainland'."\n" - .'* **version_hybrid_cloud_standard_china**: a Hybrid Cloud WAF instance in the Chinese mainland'."\n" - .'* **version_pro_china**: a WAF Pro instance outside the Chinese mainland'."\n" - .'* **version_business**: a WAF Business instance outside the Chinese mainland'."\n" - .'* **version_enterprise**: a WAF Enterprise instance outside the Chinese mainland'."\n" - .'* **version_exclusive**: a WAF Exclusive instance outside the Chinese mainland'."\n" - .'* **version_hybrid_cloud_standard**: a Hybrid Cloud WAF instance outside the Chinese mainland'."\n" - ."\n" - .'The preceding list contains all the editions of WAF instances within accounts that are created at the International site. If the returned version is not in the list, check whether your account is created at the International site.'."\n" - ."\n" - .'> If the value of **PayType** is **0**, this parameter is not returned. The value 0 indicates that no WAF instances are purchased.'."\n", - 'type' => 'string', - 'example' => 'version_3', - ], - 'RemainDay' => [ - 'description' => 'The number of remaining days before the trial period of the WAF instance ends.'."\n" - ."\n" - .'> This parameter is returned only if the value of **Trial** is **1**. The value 1 indicates that the free trial of a WAF instance is activated.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Region' => [ - 'description' => 'The region in which the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn**: a region in the Chinese mainland'."\n" - .'* **cn-hongkong**: a region outside the Chinese mainland'."\n" - ."\n" - .'> If the value of **PayType** is **0**, this parameter is not returned. The value 0 indicates that no WAF instances are purchased.'."\n", - 'type' => 'string', - 'example' => 'cn', - ], - 'PayType' => [ - 'description' => 'The activation status of WAF. Valid values:'."\n" - ."\n" - .'* **0**: No WAF instances are purchased within the Alibaba Cloud account.'."\n" - .'* **1**: A subscription WAF instance is purchased within the Alibaba Cloud account.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'InDebt' => [ - 'description' => 'Indicates whether the WAF instance has overdue payments. Valid values:'."\n" - ."\n" - .'* **0**: The instance has overdue payments.'."\n" - .'* **1**: The instance does not have overdue payments.'."\n" - ."\n" - .'> If the value of **PayType** is **0**, this parameter is not returned. The value 0 indicates that no WAF instances are purchased.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'InstanceId' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> If the value of **PayType** is **0**, this parameter is not returned. The value 0 indicates that no WAF instances are purchased.'."\n", - 'type' => 'string', - 'example' => 'waf-cn-tl32ast****', - ], - 'SubscriptionType' => [ - 'description' => 'The billing method of the WAF instance: The value is fixed as **Subscription**.'."\n" - ."\n" - .'> If the value of **PayType** is **0**, this parameter is not returned. The value 0 indicates that no WAF instances are purchased.'."\n", - 'type' => 'string', - 'example' => 'Subscription', - ], - 'Trial' => [ - 'description' => 'Indicates whether a WAF instance of the free trial edition is activated within the Alibaba Cloud account. Valid values:'."\n" - ."\n" - .'* **0**: no'."\n" - .'* **1**: yes'."\n" - ."\n" - .'> This parameter is returned only if a WAF instance of the free trial edition is activated within the Alibaba Cloud account.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - ], - ], - ], - ], - ], - ], - 'errorCodes' => [ - 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], - ], - 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], - ], - ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"InstanceInfo\\": {\\n \\"Status\\": 1,\\n \\"EndDate\\": 1512921600,\\n \\"Version\\": \\"version_3\\",\\n \\"RemainDay\\": 1,\\n \\"Region\\": \\"cn\\",\\n \\"PayType\\": 1,\\n \\"InDebt\\": 1,\\n \\"InstanceId\\": \\"waf-cn-tl32ast****\\",\\n \\"SubscriptionType\\": \\"Subscription\\",\\n \\"Trial\\": 1\\n }\\n}","errorExample":""},{"type":"xml","example":"<DescribeInstanceInfoResponse>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n <InstanceInfo>\\n <Status>1</Status>\\n <EndDate>1512921600</EndDate>\\n <Version>version_3</Version>\\n <Region>cn</Region>\\n <PayType>1</PayType>\\n <InDebt>1</InDebt>\\n <InstanceId>waf-cn-tl32ast****</InstanceId>\\n <SubscriptionType>Subscription</SubscriptionType>\\n </InstanceInfo>\\n</DescribeInstanceInfoResponse>","errorExample":""}]', - 'title' => 'DescribeInstanceInfo', - 'description' => '## Usage notes'."\n" - ."\n" - .'You can call the DescribeInstanceInfo operation to query the information about the WAF instance within your Alibaba Cloud account. The information includes the ID, version, status, and expiration time of the instance.'."\n", - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'DescribeInstanceSpecInfo' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'CertificateName', + 'in' => 'query', + 'schema' => ['description' => 'The name of the certificate.', 'type' => 'string', 'required' => true, 'example' => 'CertName', 'title' => ''], ], - ], - 'systemTags' => [ - 'operationType' => 'get', - ], - 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'waf-cn-st2225l****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. By default, this parameter is empty, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -340,78 +91,43 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'E906513E-F6B5-495E-98DC-7BA888671D76', - ], - 'InstanceId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'waf-cn-st2225l****', - ], - 'ExpireTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1677168000000', - ], - 'Version' => [ - 'description' => '', - 'type' => 'string', - 'example' => '', - ], - 'InstanceSpecInfos' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Code' => [ - 'description' => '', - 'type' => 'string', - 'example' => '103', - ], - 'Value' => [ - 'description' => '', - 'type' => 'string', - 'example' => '', - ], - ], - ], - ], + 'CertificateId' => ['description' => 'The certificate record ID that is automatically generated by the system.', 'type' => 'integer', 'format' => 'int64', 'example' => '2329260', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], - ], - 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"CertificateId\\": 2329260,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + 'title' => 'Upload certificate and private key for an added domain name', + 'summary' => 'Uploads the certificate and private key for a domain name that has been added to WAF.', + 'description' => 'Uploads or updates the certificate and private key for a specified domain name.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCertificate'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"E906513E-F6B5-495E-98DC-7BA8****1D76\\",\\n \\"InstanceId\\": \\"waf-cn-st2225l****\\",\\n \\"ExpireTime\\": 1677168000000,\\n \\"Version\\": \\"version_3\\",\\n \\"InstanceSpecInfos\\": [\\n {\\n \\"Code\\": \\"103\\",\\n \\"Value\\": \\"640\\"\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<DescribeInstanceSpecInfoResponse>\\n <RequestId>E906513E-F6B5-495E-98DC-7BA888671D76</RequestId>\\n <InstanceId>waf-cn-st2225l****</InstanceId>\\n <ExpireTime>1677168000000</ExpireTime>\\n <Version>version_3或version_pro_china</Version>\\n <InstanceSpecInfos>\\n <Code>103</Code>\\n <Value>640</Value>\\n </InstanceSpecInfos>\\n</DescribeInstanceSpecInfoResponse>","errorExample":""}]', - 'title' => 'DescribeInstanceSpecInfo', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', ], - 'DeleteInstance' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'CreateCertificateByCertificateId' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -420,460 +136,90 @@ 'systemTags' => [], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The domain name to which you want to add an SSL certificate.'."\n" + ."\n" + .'> Call [DescribeDomainList](~~255880~~) to query all domain names that are added to WAF.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'ResourceGroupId', + 'name' => 'CertificateId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the certificate to add.'."\n" + ."\n" + .'> Call [DescribeCertificates](~~160783~~) to query the IDs of all SSL certificates associated with the domain name.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '3384669', 'title' => ''], ], [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], - ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D0760E840', - ], - ], - ], - ], - ], - 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","errorExample":""},{"type":"xml","example":"<DeleteInstanceResponse>\\r\\n<RequestId>F35F45B0-5D6B-4238-BE02-A62D0760E840</RequestId>\\r\\n</DeleteInstanceResponse>","errorExample":""}]', - 'title' => 'DeleteInstance', - 'requestParamsDescription' => ' ', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'DescribeDomainNames' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ - [ - 'AK' => [], - ], - ], - 'systemTags' => [ - 'operationType' => 'list', - ], - 'parameters' => [ - [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the WAF instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'DomainNames' => [ - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '["1.example.com","2.example.com","3.example.com"]', - ], - ], + 'CertificateId' => ['description' => 'The ID of the added certificate.', 'type' => 'integer', 'format' => 'int64', 'example' => '3384669', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], - ], - 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], - ], - ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainNames\\": [\\n \\"1.example.com\\"\\n ]\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\n<DescribeDomainNamesResponse>\\n\\t<DomainNames>1.example.com</DomainNames>\\n\\t<DomainNames>2.example.com</DomainNames>\\n\\t<DomainNames>3.example.com</DomainNames>\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</DescribeDomainNamesResponse>","errorExample":""}]', - 'title' => 'DescribeDomainNames', - 'requestParamsDescription' => ' ', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"CertificateId\\": 3384669,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + 'title' => 'Create a certificate for a domain name by certificate ID', + 'summary' => 'Creates a certificate for a specified domain name based on a certificate ID by calling the CreateCertificateByCertificateId operation.', + 'description' => 'This operation adds an SSL certificate to a specified domain name by certificate ID. Before calling this operation, call [DescribeCertificates](~~160783~~) to query the IDs of all SSL certificates associated with the domain name. To ensure system stability, the queries per second (QPS) for a single user is limited to 10. Requests that exceed this limit will be throttled, which may affect your business. Call this operation appropriately.', + 'requestParamsDescription' => 'When you call this operation, in addition to the request parameters described in this topic, you must include Alibaba Cloud API common request parameters. For more information about common parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeDomain' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ - [ - 'AK' => [], + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCertificateByCertificateId'], ], ], - 'deprecated' => false, - 'systemTags' => [ - 'operationType' => 'get', - ], - 'parameters' => [ - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp26f1****', - ], - ], - [ - 'name' => 'Domain', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], - ], + 'ramActions' => [ [ - 'name' => 'ResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], - ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C7726', - ], - 'Domain' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'HttpToUserIp' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'SniStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'IsAccessProduct' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'AccessHeaderMode' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'HttpsRedirect' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'IpFollowStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'LoadBalancing' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '2', - ], - 'AccessType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'waf-cloud-dns', - ], - 'Version' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '40', - ], - 'ClusterType' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'ReadTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '120', - ], - 'WriteTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '120', - ], - 'SniHost' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'waf.example.com', - ], - 'ResourceGroupId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rg-acfm2mkrunv****', - ], - 'Cname' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com', - ], - 'ConnectionTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '5', - ], - 'LogHeaders' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'k' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ALIWAF-TAG', - ], - 'v' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'Yes', - ], - ], - ], - ], - 'CloudNativeInstances' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'RedirectionTypeName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ALB', - ], - 'CloudNativeProductName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ALB', - ], - 'InstanceId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'alb-s65nua68wdedsp****', - ], - 'IPAddressList' => [ - 'description' => '', - 'type' => 'array', - 'example' => '["39.XX.XX.197"]', - 'items' => [ - 'type' => 'string', - ], - ], - 'ProtocolPortConfigs' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Ports' => [ - 'description' => '', - 'type' => 'array', - 'example' => '[80]', - 'items' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - ], - 'Protocol' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'http', - ], - ], - ], - ], - ], - ], - ], - 'HttpPort' => [ - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'example' => '[80]', - 'format' => 'int32', - ], - ], - 'Http2Port' => [ - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'example' => '[443,8443]', - 'format' => 'int32', - ], - ], - 'SourceIps' => [ - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '["39.XX.XX.197"]', - ], - ], - 'HttpsPort' => [ - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'example' => '[443,8443]', - 'format' => 'int32', - ], - ], - 'AccessHeaders' => [ - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '["X-Client-IP"]', - ], - ], - 'Retry' => [ - 'type' => 'boolean', - 'default' => 'true', - ], - 'Keepalive' => [ - 'type' => 'boolean', - 'default' => 'true', - ], - 'KeepaliveRequests' => [ - 'type' => 'integer', - 'format' => 'int32', - 'default' => '1000', - ], - 'KeepaliveTimeout' => [ - 'type' => 'integer', - 'format' => 'int32', - 'default' => '15', - ], - ], - ], + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCertificateByCertificateId', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4C7726\\",\\n \\"Domain\\": {\\n \\"HttpToUserIp\\": 0,\\n \\"SniStatus\\": 1,\\n \\"IsAccessProduct\\": 1,\\n \\"AccessHeaderMode\\": 1,\\n \\"HttpsRedirect\\": 0,\\n \\"IpFollowStatus\\": 1,\\n \\"LoadBalancing\\": 2,\\n \\"AccessType\\": \\"waf-cloud-dns\\",\\n \\"Version\\": 40,\\n \\"ClusterType\\": 0,\\n \\"ReadTime\\": 120,\\n \\"WriteTime\\": 120,\\n \\"SniHost\\": \\"waf.example.com\\",\\n \\"ResourceGroupId\\": \\"rg-acfm2mkrunv****\\",\\n \\"Cname\\": \\"kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com\\",\\n \\"ConnectionTime\\": 5,\\n \\"LogHeaders\\": [\\n {\\n \\"k\\": \\"ALIWAF-TAG\\",\\n \\"v\\": \\"Yes\\"\\n }\\n ],\\n \\"CloudNativeInstances\\": [\\n {\\n \\"RedirectionTypeName\\": \\"ALB\\",\\n \\"CloudNativeProductName\\": \\"ALB\\",\\n \\"InstanceId\\": \\"alb-s65nua68wdedsp****\\",\\n \\"IPAddressList\\": [\\n \\"39.XX.XX.197\\"\\n ],\\n \\"ProtocolPortConfigs\\": [\\n {\\n \\"Ports\\": [\\n 80\\n ],\\n \\"Protocol\\": \\"http\\"\\n }\\n ]\\n }\\n ],\\n \\"HttpPort\\": [\\n 80\\n ],\\n \\"Http2Port\\": [\\n 8443\\n ],\\n \\"SourceIps\\": [\\n \\"39.XX.XX.197\\"\\n ],\\n \\"HttpsPort\\": [\\n 443\\n ],\\n \\"AccessHeaders\\": [\\n \\"X-Client-IP\\"\\n ],\\n \\"Retry\\": false,\\n \\"Keepalive\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 15\\n }\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\n<DescribeDomainResponse>\\n\\t<RequestId>D827FCFE-90A7-4330-9326-D33C8B4C7726</RequestId>\\n\\t<Domain>\\n\\t\\t<HttpToUserIp>0</HttpToUserIp>\\n\\t\\t<HttpPort>80</HttpPort>\\n\\t\\t<IsAccessProduct>1</IsAccessProduct>\\n\\t\\t<AccessHeaderMode>1</AccessHeaderMode>\\n\\t\\t<ResourceGroupId>rg-acfm2mkrunv****</ResourceGroupId>\\n\\t\\t<AccessHeaders>X-Client-IP</AccessHeaders>\\n\\t\\t<ReadTime>120</ReadTime>\\n\\t\\t<SourceIps>39.XX.XX.197</SourceIps>\\n\\t\\t<IpFollowStatus>1</IpFollowStatus>\\n\\t\\t<ClusterType>0</ClusterType>\\n\\t\\t<LoadBalancing>2</LoadBalancing>\\n\\t\\t<Cname>kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com</Cname>\\n\\t\\t<LogHeaders>\\n\\t\\t\\t<v>Yes</v>\\n\\t\\t\\t<k>ALIWAF-TAG</k>\\n\\t\\t</LogHeaders>\\n\\t\\t<WriteTime>120</WriteTime>\\n\\t\\t<Http2Port>443</Http2Port>\\n\\t\\t<Http2Port>8443</Http2Port>\\n\\t\\t<Version>40</Version>\\n\\t\\t<HttpsRedirect>0</HttpsRedirect>\\n\\t\\t<ConnectionTime>5</ConnectionTime>\\n\\t\\t<AccessType>waf-cloud-dns</AccessType>\\n\\t\\t<HttpsPort>443</HttpsPort>\\n\\t\\t<HttpsPort>8443</HttpsPort>\\n\\t</Domain>\\n</DescribeDomainResponse>\\n","errorExample":""}]', - 'title' => 'DescribeDomain', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', ], 'CreateDomain' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -885,416 +231,243 @@ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp26f1****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****', 'title' => ''], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name that you want to add to WAF.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The domain name to be added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ 'name' => 'SourceIps', 'in' => 'query', - 'schema' => [ - 'description' => 'The IP address or domain name of the origin server. You can specify only one type of address.'."\n" - ."\n" - .'* If you use an IP address, specify the value in the `["ip1","ip2",...]` format. You can specify up to 20 IP addresses.'."\n" - .'* If you use a domain name, specify the value in the `["domain"]` format. You can enter only one domain name.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '["39.XX.XX.197"]', - ], + 'schema' => ['description' => 'The IP address of the origin server or the back-to-origin domain name associated with the domain name. You can set only one of the two:'."\n" + ."\n" + .'- To set origin server IP addresses, use the `["ip1","ip2",……]` format. A maximum of 20 IP addresses can be added.'."\n" + .'- To set the back-to-origin domain name, use the `["domain"]` format. Only one domain name can be specified.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method).', 'type' => 'string', 'required' => false, 'example' => '["39.XX.XX.197"]', 'title' => ''], ], [ 'name' => 'IsAccessProduct', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether a Layer 7 proxy is configured in front of WAF. A Layer 7 proxy is used to filter inbound traffic before the traffic reaches the WAF instance. Layer 7 proxies include Anti-DDoS Pro, Anti-DDoS Premium, and Alibaba Cloud CDN. Valid values:'."\n" - ."\n" - .'* **0**: No Layer 7 proxy is configured in front of WAF.'."\n" - .'* **1**: A Layer 7 proxy is configured in front of WAF.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '0', - ], + 'schema' => ['description' => 'Specifies whether a Layer 7 proxy is deployed in front of WAF (such as Anti-DDoS Pro or CDN), that is, whether the client access traffic passes through other Layer 7 proxy forwarding before reaching WAF. Valid values:'."\n" + ."\n" + .'- **0**: No.'."\n" + .'- **1**: Yes.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '0', 'title' => ''], ], [ 'name' => 'AccessHeaderMode', 'in' => 'query', - 'schema' => [ - 'description' => 'The method that you want WAF to use to obtain the actual IP address of a client. Valid values:'."\n" - ."\n" - .'* **0**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of a client. This is the default value.'."\n" - .'* **1**: WAF reads the value of a custom header field as the actual IP address of a client.'."\n" - ."\n" - .'> This parameter is required only if you set **IsAccessProduct** to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['description' => 'The method that WAF uses to obtain the actual IP address of the client. Valid values:'."\n" + ."\n" + .'- **0** (default): WAF reads the first value of the X-Forwarded-For (XFF) field in the request header as the client IP address.'."\n" + .'- **1**: WAF reads the value of a custom field that you specified in the request header as the client IP address.'."\n" + ."\n" + .'> This parameter is required only when **IsAccessProduct** is set to **1** (indicating that a Layer 7 proxy is deployed in front of WAF).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ 'name' => 'AccessHeaders', 'in' => 'query', - 'schema' => [ - 'description' => 'The custom header fields that you want WAF to use to obtain the actual IP address of a client. Specify the value in the `["header1","header2",...]` format.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessHeaderMode** to **1**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '["X-Client-IP"]', - ], + 'schema' => ['description' => 'The list of custom fields used to obtain the client IP address, in the `["header1","header2",……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessHeaderMode** is set to **1** (indicating that WAF reads the value of a custom field in the request header as the client IP address).', 'type' => 'string', 'required' => false, 'example' => '["X-Client-IP"]', 'title' => ''], ], [ 'name' => 'LoadBalancing', 'in' => 'query', - 'schema' => [ - 'description' => 'The load balancing algorithm that you want WAF to use to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **0**: The IP hash algorithm.'."\n" - .'* **1**: The round-robin algorithm.'."\n" - .'* **2**: The least time algorithm.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], + 'schema' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n" + ."\n" + .'- **0**: IP Hash.'."\n" + .'- **1**: Round Robin.'."\n" + .'- **2**: Least Time.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], [ 'name' => 'LogHeaders', 'in' => 'query', - 'schema' => [ - 'description' => 'The key-value pairs that you want to use to label the requests that pass through the WAF instance.'."\n" - ."\n" - .'Specify the key-value pair in the `[{"k":"_key_","v":"_value_"}]` format. `key` is the custom header field, and `value` is the value of the custom header field.'."\n" - ."\n" - .'The WAF can automatically add custom key-value pairs as traffic markers to the request headers of traffic destined for the protected domain. This allows backend services to easily identify requests that have passed through the WAF.'."\n" - ."\n" - .'> If a request contains a custom header field, WAF overwrites the original value of the field with the specified value.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[{"k":"ALIWAF-TAG","v":"Yes"}]', - ], + 'schema' => ['description' => 'The traffic tag field and value of the domain name, used to mark traffic processed by WAF.'."\n" + ."\n" + .'The format of this parameter value is `[{"k":"_key_","v":"_value_"}]`, where `_key_` specifies the custom request header field and `_value_` specifies the value set for the field.'."\n" + ."\n" + .'By specifying custom request header fields and their corresponding values, when traffic to the domain name passes through WAF, WAF automatically adds the custom field values to the request header as traffic tags, facilitating statistics collection by backend services.'."\n" + ."\n" + .'> If the custom header field already exists in the request, the system overwrites the value of the custom field in the request with the specified traffic tag value.', 'type' => 'string', 'required' => false, 'example' => '[{"k":"ALIWAF-TAG","v":"Yes"}]', 'title' => ''], ], [ 'name' => 'HttpPort', 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTPS ports. Specify the value in the `["port1","port2",...]` format.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns**. If you specify this parameter, your website uses HTTP. You must specify **HttpPort** or **HttpsPort**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[80]', - ], + 'schema' => ['description' => 'The list of HTTP protocol ports, in the `[port1,port2,……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method). Setting this parameter indicates that the domain name uses the HTTP protocol. **HttpPort** and **HttpsPort** cannot both be empty.', 'type' => 'string', 'required' => false, 'example' => '[80]', 'title' => ''], ], [ 'name' => 'HttpsPort', 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTPS ports. Specify the value in the `["port1","port2",...]` format.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns**. If you specify this parameter, your website uses HTTPS. You must specify **HttpPort** or **HttpsPort**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[443]', - ], + 'schema' => ['description' => 'The list of HTTPS protocol ports, in the `[port1,port2,……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method). Setting this parameter indicates that the domain name uses the HTTPS protocol. **HttpPort** and **HttpsPort** cannot both be empty.', 'type' => 'string', 'required' => false, 'example' => '[443]', 'title' => ''], ], [ 'name' => 'Http2Port', 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTP/2 ports. Specify the value in the `["port1","port2",...]` format.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns** and specify **HttpsPort**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[443]', - ], + 'schema' => ['description' => 'The list of HTTP 2.0 protocol ports, in the `[port1,port2,……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method) and **HttpsPort** is not empty (indicating that the domain name uses the HTTPS protocol).', 'type' => 'string', 'required' => false, 'example' => '[443]', 'title' => ''], ], [ 'name' => 'HttpToUserIp', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable HTTPS to HTTP redirection for back-to-origin requests. If you enable this feature, WAF forwards requests to the origin server over HTTP. The default port is 80. Valid values:'."\n" - ."\n" - .'* **0**: Disables HTTPS to HTTP redirection for back-to-origin requests. This is the default value.'."\n" - .'* **1**: Enables HTTPS to HTTP redirection for back-to-origin requests.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns** and specify **HttpsPort**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], + 'schema' => ['description' => 'Specifies whether to enable HTTP back-to-origin. After this feature is enabled, HTTPS requests are forwarded to the origin server over HTTP, and the default back-to-origin port is 80. Valid values:'."\n" + ."\n" + .'- **0** (default): Disabled.'."\n" + .'- **1**: Enabled.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method) and **HttpsPort** is not empty (indicating that the domain name uses the HTTPS protocol).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], [ 'name' => 'HttpsRedirect', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable the feature of redirecting HTTP requests to HTTPS requests. Specifies whether to enable HTTP to HTTPS redirection. If you enable this feature, requests are sent over HTTPS. The default port is 443. Valid values:'."\n" - ."\n" - .'* **0**: Disables HTTP to HTTPS redirection. This is the default value.'."\n" - .'* **1**: Enables HTTP to HTTPS redirection.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns** and specify **HttpsPort**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], + 'schema' => ['description' => 'Specifies whether to enable HTTPS forced redirect. After this feature is enabled, HTTP requests from clients are forcibly redirected to HTTPS requests, and the default redirect port is 443. Valid values:'."\n" + ."\n" + .'- **0** (default): Disabled.'."\n" + .'- **1**: Enabled.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method) and **HttpsPort** is not empty (indicating that the domain name uses the HTTPS protocol).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], [ 'name' => 'ClusterType', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the WAF protection cluster. Valid values:'."\n" - ."\n" - .'* **0**: Shared cluster. This is the default value.'."\n" - .'* **1**: Exclusive cluster.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], + 'schema' => ['description' => 'The type of the WAF protection cluster. Valid values:'."\n" + ."\n" + .'- **0** (default): Physical cluster.'."\n" + .'- **1**: Virtual cluster, that is, WAF exclusive cluster.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which specifies that the instance belongs to the default resource group.'."\n" - ."\n" - .'For more information about resource groups, see [Create a resource group](~~94485~~).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. The default value is empty, indicating that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'ConnectionTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The timeout period for connections of WAF exclusive clusters. Unit: seconds.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns** and **ClusterType** to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '5', - 'default' => '5', - ], + 'schema' => ['description' => 'The connection timeout period of the WAF exclusive cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method) and **ClusterType** is set to **1** (indicating that the domain name uses a WAF exclusive cluster).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '5', 'example' => '5', 'title' => ''], ], [ 'name' => 'ReadTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The timeout period for read connections of WAF exclusive clusters. Unit: seconds.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns** and **ClusterType** to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '120', - 'default' => '120', - ], + 'schema' => ['description' => 'The read connection timeout period of the WAF exclusive cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method) and **ClusterType** is set to **1** (indicating that the domain name uses a WAF exclusive cluster).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '120', 'example' => '120', 'title' => ''], ], [ 'name' => 'WriteTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The timeout period for write connections of WAF exclusive clusters. Unit: seconds.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns** and **ClusterType** to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '120', - 'default' => '120', - ], + 'schema' => ['description' => 'The write connection timeout period of the WAF exclusive cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method) and **ClusterType** is set to **1** (indicating that the domain name uses a WAF exclusive cluster).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '120', 'example' => '120', 'title' => ''], ], [ 'name' => 'AccessType', 'in' => 'query', - 'schema' => [ - 'description' => 'The mode in which you want to add the domain name to WAF. Valid values:'."\n" - ."\n" - .'* **waf-cloud-dns**: CNAME record mode. This is the default value.'."\n" - .'* **waf-cloud-native**: Transparent proxy mode.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'waf-cloud-dns', - ], + 'schema' => ['description' => 'The access method of the domain name. Valid values:'."\n" + ."\n" + .'- **waf-cloud-dns** (default): CNAME access.'."\n" + ."\n" + .'- **waf-cloud-native**: Transparent access.', 'type' => 'string', 'required' => false, 'example' => 'waf-cloud-dns', 'title' => ''], ], [ 'name' => 'CloudNativeInstances', 'in' => 'query', - 'schema' => [ - 'description' => 'The list of server and port configurations for the transparent proxy mode. Set the value to a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields:'."\n" - ."\n" - .'* **ProtocolPortConfigs**: The list of protocol and port configurations. This field is required. Data type: array. Each element in a JSON array is a JSON struct that contains the following fields:'."\n" - ."\n" - .' * **Ports**:The list of ports. This field is required. Data type: array. Specify the value in the `[port1,port2,……]` format.'."\n" - .' * **Protocol**: The protocol. This field is required. Data type: string. Valid values: **http** and **https**.'."\n" - ."\n" - .'* **CloudNativeProductName**: The type of the cloud service instance. This field is required. Data type: string. Valid values: **ECS**, **SLB**, and **ALB**.'."\n" - ."\n" - .'* **RedirectionTypeName**: The type of traffic redirection port. This field is required. Data type: string. Valid values: **ECS**, **SLB-L4**, **SLB-L7**, and **ALB**.'."\n" - ."\n" - .'* **InstanceId**: The ID of the cloud service instance. This field is required. Data type: string.'."\n" - ."\n" - .'* **IPAddressList**: The list of public IP addresses of the cloud service instance. This field is required. Data type: array. Specify the value in the `["ip1","ip2",...]` format.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-native**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[{"ProtocolPortConfigs":[{"Ports":[80],"Protocol":"http"}],"RedirectionTypeName":"ALB","InstanceId":"alb-s65nua68wdedsp****","IPAddressList":["182.XX.XX.113"],"CloudNativeProductName":"ALB"}]', - ], + 'schema' => ['description' => 'The server and port configuration list for transparent access, in the string format of a JSON array. Each element in the JSON array is a structure that contains the following fields:'."\n" + ."\n" + .'- **ProtocolPortConfigs**: JSON Array | Required | The protocol and port configuration list. Each element in the JSON array is a structure that contains the following fields:'."\n" + .' - **Ports**: Array | Required | The list of ports, in the `[port1,port2,……]` format.'."\n" + .' - **Protocol**: String | Required | The protocol type. Valid values: **http**, **https**.'."\n" + .'- **CloudNativeProductName**: String | Required | The type of the cloud service instance. Valid values: **ECS**, **SLB**, **ALB**.'."\n" + .'- **RedirectionTypeName**: String | Required | The type of the redirection port. Valid values: **ECS** (ECS port), **SLB-L4** (SLB Layer 4 port), **SLB-L7** (SLB Layer 7 port), **ALB** (ALB port).'."\n" + .'- **InstanceId**: String | Required | The ID of the cloud service instance.'."\n" + .'- **IPAddressList**: Array | Required | The list of public IP addresses of the cloud service instance, in the `["ip1","ip2",……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-native** (indicating that the domain name uses the transparent access method).', 'type' => 'string', 'required' => false, 'example' => '[{"ProtocolPortConfigs":[{"Ports":[80],"Protocol":"http"}],"RedirectionTypeName":"ALB","InstanceId":"alb-s65nua68wdedsp****","IPAddressList":["182.XX.XX.113"],"CloudNativeProductName":"ALB"}]', 'title' => ''], ], [ 'name' => 'IpFollowStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable the feature of forwarding requests to the origin servers that use the IP address type specified in the requests. If you enable the feature, WAF forwards requests from IPv4 addresses to origin servers that use IPv4 addresses and requests from IPv6 addresses to origin servers that use IPv6 addresses. Valid values:'."\n" - ."\n" - .'* **0**: Disables the feature of forwarding requests to the origin servers that use the IP address type that is specified in the requests. This is the default value.'."\n" - .'* **1**: Enables the feature of forwarding requests to the origin servers that use the IP address type that is specified in the requests.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'Specifies whether to enable the IPv4/IPv6 back-to-origin protocol follow feature when the origin server addresses include both IPv4 and IPv6 addresses. After this feature is enabled, WAF forwards requests from IPv4 addresses to the IPv4 origin server and forwards requests from IPv6 addresses to the IPv6 origin server. Valid values:'."\n" + ."\n" + .'- **0** (default): Disabled.'."\n" + .'- **1**: Enabled.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'SniStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable origin Server Name Indication (SNI). Origin SNI specifies the domain name that must be used for establishing an HTTPS connection during the initial handshake. This occurs when the WAF forwards requests to the origin server. If the origin server hosts multiple domain names, you must enable this feature. Valid values:'."\n" - ."\n" - .'* **0**: Disables origin SNI.'."\n" - .'* **1**: Enables origin SNI.'."\n" - ."\n" - .'By default, origin SNI is disabled for WAF instances in Chinese mainland and enabled for WAF instances outside the Chinese mainland.'."\n" - ."\n" - .'> This parameter is required only if you set **AccessType** to **waf-cloud-dns** and specify **HttpsPort**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'Specifies whether to enable back-to-origin SNI. Back-to-origin SNI means that when WAF forwards client requests to the origin server and performs a TLS handshake with the origin server, WAF specifies the host to access through the SNI extension field (Server Name Indicator extension) and establishes an HTTPS connection with that host. If your origin server has multiple virtual hosts (corresponding to different domain names), you need to enable back-to-origin SNI. Valid values:'."\n" + .'- **0**: Disabled.'."\n" + .'- **1**: Enabled.'."\n" + ."\n" + .'For WAF instances in the China mainland, back-to-origin SNI is disabled by default. For WAF instances outside the China mainland, back-to-origin SNI is enabled by default.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name uses the CNAME access method) and **HttpsPort** is not empty (indicating that the domain name uses the HTTPS protocol).', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'SniHost', 'in' => 'query', - 'schema' => [ - 'description' => 'The value of the custom SNI extended field. If you do not specify this parameter, the value of the **Host** field in the request header is automatically used as the value of the SNI field.'."\n" - ."\n" - .'In most cases, you do not need to specify a custom value for the SNI field. However, if you want WAF to use an SNI field whose value is different from the value of the Host header field in back-to-origin requests, you can specify a custom value for the SNI field.'."\n" - ."\n" - .'> This parameter is required only if you set SniStatus to **1**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'waf.example.com', - ], + 'schema' => ['description' => 'The custom value of the SNI extension field. If this parameter is not set, the value of the **Host** field in the request header is used as the value of the SNI extension field by default.'."\n" + ."\n" + .'In most cases, you do not need to customize the SNI, unless your business has special configuration requirements and you want WAF to use an SNI different from the actual request Host in the back-to-origin request (that is, the custom SNI set here).'."\n" + ."\n" + .'> This parameter is required only when **SniStatus** is set to **1** (indicating that back-to-origin SNI is enabled).', 'type' => 'string', 'required' => false, 'example' => 'waf.example.com', 'title' => ''], ], [ 'name' => 'Retry', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether WAF retries to forward requests when the requests fail to be forwarded to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], + 'schema' => ['description' => 'Specifies whether to retry when WAF fails to forward requests to the origin server. Valid values:'."\n" + ."\n" + .'- **true** (default): Retry.'."\n" + .'- **false**: Do not retry.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], ], [ 'name' => 'Keepalive', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable the persistent connection feature. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], + 'schema' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n" + ."\n" + .'- **true** (default): Enable persistent connections.'."\n" + ."\n" + .'- **false**: Disable persistent connections.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], ], [ 'name' => 'KeepaliveRequests', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter specifies the number of persistent connections that can be reused after you enable the persistent connection feature.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '1000', - 'minimum' => '60', - 'example' => '1000', - 'default' => '1000', - ], + 'schema' => ['description' => 'The number of requests that can reuse a persistent connection. Valid values: 60 to 1000.'."\n" + ."\n" + .'> The number of requests that can reuse a persistent connection after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''], ], [ 'name' => 'KeepaliveTimeout', 'in' => 'query', - 'schema' => [ - 'description' => 'The timeout period of persistent connections that are in the idle state. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" - ."\n" - .'> This parameter specifies the duration for which a reused persistent connection can remain in the idle state before it is released.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '15', - 'default' => '15', - ], + 'schema' => ['description' => 'The timeout period of idle persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" + ."\n" + .'> The period after which idle persistent connections are released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '1', 'default' => '15', 'required' => false, 'example' => '15', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ap-southeast-1', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: China mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the China mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -1302,463 +475,122 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'Cname' => [ - 'description' => 'The CNAME assigned by WAF to the domain name.'."\n" - ."\n" - .'> This parameter is returned only if you set **AccessType** to **waf-cloud-dns**.'."\n", - 'type' => 'string', - 'example' => 'mmspx7qhfvnfzggheh1g2wnbhog66vcv.****.com', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'Cname' => ['description' => 'The CNAME address assigned by WAF to the domain name.'."\n" + ."\n" + .'> This parameter is returned only when the domain name uses the CNAME access method (the request parameter **AccessType** is set to **waf-cloud-dns**).', 'type' => 'string', 'example' => 'mmspx7qhfvnfzggheh1g2wnbhog66vcv.****.com', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"Cname\\": \\"mmspx7qhfvnfzggheh1g2wnbhog66vcv.****.com\\",\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\n<CreateDomainResponse>\\n\\t<Cname>mmspx7qhfvnfzggheh1g2wnbhog66vcv.****.com</Cname>\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</CreateDomainResponse>","errorExample":""}]', - 'title' => 'CreateDomain', - 'summary' => 'Adds a domain name to a Web Application Firewall (WAF) instance.', - 'requestParamsDescription' => 'All Alibaba Cloud API operations must include common request parameters. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Cname\\": \\"mmspx7qhfvnfzggheh1g2wnbhog66vcv.****.com\\",\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Add domain name configuration', + 'summary' => 'Add a domain name to a WAF instance for protection.', + 'requestParamsDescription' => 'When you call this API operation, in addition to the request parameters described in this topic, you must also include Alibaba Cloud API common request parameters. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" ."\n" - .'For more information about sample requests, see the **"Examples"** section of this topic.'."\n", + .'For the request format of API calls, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'ModifyDomain' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2023-08-28T12:42:34.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-05-23T05:46:03.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2022-08-22T10:01:08.000Z', 'description' => 'Request parameters changed, Error codes changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDomain'], + ], ], + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + ], + 'CreateProtectionModuleRule' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'deprecated' => false, 'systemTags' => [], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp26f1****', - ], - ], - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp26f1****', - ], - ], - [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name whose configurations you want to modify.'."\n" - ."\n" - .'> You can call the [DescribeDomainNames](~~86373~~) operation to query the domain names that are added to Web Application Firewall (WAF).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], - ], - [ - 'name' => 'SourceIps', - 'in' => 'query', - 'schema' => [ - 'description' => 'The address type of the origin server. The address can be an IP address or a domain name. You can specify only one type of address.'."\n" - ."\n" - .'* If you use the IP address type, specify the value in the `["ip1","ip2",...]` format. You can add up to 20 IP addresses.'."\n" - .'* If you use the domain name type, specify the value in the `["domain"]` format. You can enter only one domain name.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '["39.XX.XX.197"]', - ], - ], - [ - 'name' => 'LoadBalancing', - 'in' => 'query', - 'schema' => [ - 'description' => 'The load balancing algorithm that is used when WAF forwards requests to the origin server. Valid values:'."\n" - ."\n" - .'* **0**: IP hash'."\n" - .'* **1**: round-robin'."\n" - .'* **2**: least time'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], - ], - [ - 'name' => 'HttpPort', - 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTP ports. Specify the value in the `["port1","port2",...]` format.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns**. If you specify this parameter, your website uses HTTP. You must specify at least one of the **HttpPort** and **HttpsPort** parameters.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[80]', - ], - ], - [ - 'name' => 'HttpsPort', - 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTPS ports. Specify the value in the `["port1","port2",...]` format.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns**. If you specify this parameter, your website uses HTTPS. You must specify at least one of the **HttpPort** and **HttpsPort** parameters.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[443]', - ], - ], - [ - 'name' => 'Http2Port', - 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTP/2 ports. Specify the value in the `["port1","port2",...]` format.'."\n" - ."\n" - .'> You need to specify this parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns** and the **HttpsPort** parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[443]', - ], - ], - [ - 'name' => 'HttpsRedirect', - 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable the feature of redirecting HTTP requests to HTTPS requests. If you enable the feature, HTTP requests are redirected to HTTPS requests on port 443, which is used by default. Valid values:'."\n" - ."\n" - .'* **0**: disables the feature. This is the default value.'."\n" - .'* **1**: enables the feature.'."\n" - ."\n" - .'> You need to specify this parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns** and the **HttpsPort** parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], - ], - [ - 'name' => 'HttpToUserIp', - 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable the feature of redirecting HTTPS requests to HTTP requests. If you enable the feature, HTTPS requests are redirected to HTTP requests on port 80, which is used by default. Valid values:'."\n" - ."\n" - .'* **0**: disables the feature. This is the default value.'."\n" - .'* **1**: enables the feature.'."\n" - ."\n" - .'> You need to specify this parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns** and the **HttpsPort** parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], - ], - [ - 'name' => 'IsAccessProduct', - 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to deploy a Layer 7 proxy, which is used to filter inbound traffic before the traffic reaches the WAF instance. The supported Layer 7 proxies include Anti-DDoS Pro, Anti-DDoS Premium, and Alibaba Cloud CDN. Valid values:'."\n" - ."\n" - .'* **0**: does not configure a Layer 7 proxy'."\n" - .'* **1**: configures a Layer 7 proxy'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '0', - ], - ], - [ - 'name' => 'AccessHeaderMode', - 'in' => 'query', - 'schema' => [ - 'description' => 'The method that WAF uses to obtain the actual IP address of a client. Valid values:'."\n" - ."\n" - .'* **0**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client. This is the default value.'."\n" - .'* **1**: WAF reads the value of a custom header field as the actual IP address of the client.'."\n" - ."\n" - .'> You need to specify the parameter only when the **IsAccessProduct** parameter is set to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], - ], - [ - 'name' => 'AccessHeaders', - 'in' => 'query', - 'schema' => [ - 'description' => 'The custom header fields that are used to obtain the actual IP address of a client. Specify the value in the `["header1","header2",...]` format.'."\n" - ."\n" - .'> You need to specify the parameter only when the **AccessHeaderMode** parameter is set to **1**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '["X-Client-IP"]', - ], - ], - [ - 'name' => 'LogHeaders', - 'in' => 'query', - 'schema' => [ - 'description' => 'The key-value pair that is used to mark the requests that pass through the WAF instance.'."\n" - ."\n" - .'Specify the key-value pair in the `[{"k":"_key_","v":"_value_"}]` format. `_key_` specifies a header field in a custom request. `_value_` specifies the value of the field.'."\n" - ."\n" - .'WAF automatically adds the key-value pair to the headers of requests. This way, the requests that pass through WAF are identified.'."\n" - ."\n" - .'> If requests contain the custom header field, WAF overwrites the original value of the field with the specified value.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[{"k":"ALIWAF-TAG","v":"Yes"}]', - ], - ], - [ - 'name' => 'ClusterType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of WAF protection cluster. Valid values:'."\n" - ."\n" - .'* **0**: shared cluster. This is the default value.'."\n" - .'* **1**: exclusive cluster.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], - ], - [ - 'name' => 'ConnectionTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The timeout period for connections of WAF exclusive clusters. Unit: seconds.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns** and the value of the **ClusterType** parameter is set to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '5', - 'default' => '5', - ], - ], - [ - 'name' => 'ReadTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The timeout period for read connections of WAF exclusive clusters. Unit: seconds.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns** and the value of the **ClusterType** parameter is set to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '120', - 'default' => '120', - ], - ], - [ - 'name' => 'WriteTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The timeout period for write connections of WAF exclusive clusters. Unit: seconds.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns** and the value of the **ClusterType** parameter is set to **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '120', - 'default' => '120', - ], - ], - [ - 'name' => 'AccessType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The mode that is used to add the domain name. Valid values:'."\n" - ."\n" - .'* **waf-cloud-dns**: CNAME record mode. This is the default value.'."\n" - .'* **waf-cloud-native**: transparent proxy mode.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'waf-cloud-dns', - ], - ], - [ - 'name' => 'CloudNativeInstances', - 'in' => 'query', - 'schema' => [ - 'description' => 'The list of server and port configurations for the transparent proxy mode. The value is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields:'."\n" - ."\n" - .'* **ProtocolPortConfigs**: the list of protocol and port configurations. This field is required. Data type: array. Each element in a JSON array is a JSON struct that contains the following fields:'."\n" - ."\n" - .' * **Ports**: the list of ports. This field is required. Data type: array. The value is in the `[port1,port2,……]` format.'."\n" - .' * **Protocol**: the protocol. This field is required. Data type: string. Valid values: **http** and **https**.'."\n" - ."\n" - .'* **CloudNativeProductName**: the type of the cloud service instance. This field is required. Data type: string. Valid values: **ECS**, **SLB**, and **ALB**.'."\n" - ."\n" - .'* **RedirectionTypeName**: the type of traffic redirection port. This field is required. Data type: string. Valid values: **ECS**, **SLB-L4**, **SLB-L7**, and **ALB**.'."\n" - ."\n" - .'* **InstanceId**: the ID of the cloud service instance. This field is required. Data type: string.'."\n" - ."\n" - .'* **IPAddressList**: the list of public IP addresses of the cloud service instance. This field is required. Data type: array. The value is in the `["ip1","ip2",...]` format.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-native**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '[{"ProtocolPortConfigs":[{"Ports":[80],"Protocol":"http"}],"RedirectionTypeName":"ALB","InstanceId":"alb-s65nua68wdedsp****","IPAddressList":["182.XX.XX.113"],"CloudNativeProductName":"ALB"}]', - ], - ], - [ - 'name' => 'IpFollowStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable the feature of forwarding requests to the origin servers that use the IP address type specified in the requests. If you enable the feature, WAF forwards requests from IPv4 addresses to origin servers that use IPv4 addresses and requests from IPv6 addresses to origin servers that use IPv6 addresses. Valid values:'."\n" - ."\n" - .'* **0**: disables the feature. This is the default value.'."\n" - .'* **1**: enables the feature.'."\n" - ."\n" - .'> You need to specify the parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['description' => 'The domain name for which you want to add protection rule configurations.'."\n" + ."\n" + .'> You can call [DescribeDomainNames](~~86373~~) to query all domain names that have been added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'SniStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable origin SNI. Origin Server Name Indication (SNI) specifies the domain name to which an HTTPS connection needs to be established at the start of the TLS handshaking process when WAF forwards requests to the origin server. If the origin server hosts multiple domain names, you must enable this feature. Valid values:'."\n" - ."\n" - .'* **0**: disables origin SNI.'."\n" - .'* **1**: enables origin SNI.'."\n" - ."\n" - .'By default, origin SNI is disabled for WAF instances in the Chinese mainland and enabled for WAF instances outside the Chinese mainland.'."\n" - ."\n" - .'> You need to specify this parameter only when the value of the **AccessType** parameter is set to **waf-cloud-dns** and the **HttpsPort** parameter is not empty. If the HttpsPort parameter is not empty, your website uses HTTPS.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], - ], - [ - 'name' => 'SniHost', - 'in' => 'query', - 'schema' => [ - 'description' => 'The value of the custom SNI field. If this parameter is not specified, the value of the **Host** field in the request header is automatically used as the value of the SNI field.'."\n" - ."\n" - .'If you want WAF to use an SNI field whose value is different from the value of the Host field, you can specify a custom value for the SNI field.'."\n" - ."\n" - .'> This parameter needs to be set only when the value of the **SniStatus** parameter is set to **1**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'waf.example.com', - ], - ], - [ - 'name' => 'Retry', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'false', - ], + 'schema' => ['description' => 'The protection module to configure. Valid values:'."\n" + ."\n" + .'- **waf-codec**: Rule engine decoding settings.'."\n" + ."\n" + .'- **tamperproof**: Website tamper-proofing rule configurations.'."\n" + ."\n" + .'- **dlp**: Data leakage prevention rule configurations.'."\n" + ."\n" + .'- **ng_account**: Account security rule configurations.'."\n" + ."\n" + .'- **antifraud**: Data risk control protection request configurations.'."\n" + ."\n" + .'- **antifraud_js**: Data risk control JS insertion page configurations.'."\n" + ."\n" + .'- **bot_algorithm**: Bot management intelligent algorithm rules.'."\n" + ."\n" + .'- **bot_wxbb_pkg**: App protection version protection rules.'."\n" + ."\n" + .'- **bot_wxbb**: App protection path protection rules.'."\n" + ."\n" + .'- **ac_custom**: Custom protection policy rule configurations.'."\n" + ."\n" + .'- **whitelist**: Whitelist rule configurations.', 'type' => 'string', 'required' => true, 'example' => 'ac_custom', 'title' => ''], ], [ - 'name' => 'Keepalive', + 'name' => 'Rule', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'false', - ], + 'schema' => ['description' => 'The rule configuration content, which is a string converted from a JSON object constructed with a set of parameters.'."\n" + ."\n" + .'> The specific parameters vary depending on the protection module configuration (**DefenseType**) that is specified. For more information, see the detailed description of the Rule parameter.', 'type' => 'string', 'required' => true, 'example' => ' {"action":"monitor","name":"test","scene":"custom_acl","conditions":[{"opCode":1,"key":"URL","values":"/example"}]}', 'title' => ''], ], [ - 'name' => 'KeepaliveRequests', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '1000', - 'minimum' => '60', - 'example' => '1000', - 'default' => '1000', - ], - ], - [ - 'name' => 'KeepaliveTimeout', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '60', - 'default' => '15', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. The default value is empty, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -1766,30 +598,513 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<ModifyDomainResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</ModifyDomainResponse>","errorExample":""}]', - 'title' => 'ModifyDomain', - 'summary' => 'Modifies the configurations of a domain name.', + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Create a configuration rule in a WAF protection module', + 'summary' => 'Creates a configuration rule in a specified WAF protection module, such as Web Intrusion Prevention, Data Security, Advanced Protection, Bot Management, Access Control, or Rate Limiting.', + 'description' => 'This API is used to create rule configurations in a specified WAF protection module, including Web Intrusion Prevention, Data Security, Advanced Protection, Bot Management, Access Control, and Rate Limiting. You can specify the protection module by setting the **DefenseType** parameter value. For the specific meanings of the parameter values, see the description of the **DefenseType** request parameter.'."\n" + .'Note that to ensure system documentation, the single-user QPS limit is 10 requests per second. Exceeding the limit will result in API call throttling, which may affect your business. Please make calls appropriately.', + 'requestParamsDescription' => '**Detailed description of the Rule parameter**'."\n" + ."\n" + .' - The JSON string corresponding to rule engine decoding settings (**waf-codec**) contains the following parameters:'."\n" + ."\n" + .' - **codecList**: Array type | Required | The decoding configurations to enable. You can view the supported parameter values in the Web Application Firewall console.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "codecList":["url","base64"]'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to website tamper-proofing rule configurations (**tamperproof**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String type | Required | The specific URL to protect.'."\n" + .' - **name**: String type | Required | The rule name.'."\n" + ."\n" + .' - **Example**'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"example",'."\n" + .' "uri":"http://www.aliyundoc.com/example"'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to data leakage prevention rule configurations (**dlp**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String type | Required | The rule name.'."\n" + .' - **conditions**: Array type | Required | The match conditions described in JSON string format. A maximum of two match conditions can be set, and the relationship between the conditions is AND. This parameter contains the following sub-parameters:'."\n" + ."\n" + .' - **key**: The match item. Valid values:'."\n" + ."\n" + .' - **0**: The URL to protect.'."\n" + .' - **10**: Sensitive information.'."\n" + .' - **11**: Response code.'."\n" + .' > You cannot set match conditions for both response code (**11**) and sensitive information (**10**) simultaneously in the **conditions** parameter.'."\n" + ."\n" + .' - **operation**: The match logic. The value is fixed to **1**, which indicates Contains.'."\n" + ."\n" + .' - **value**: The match condition value described in JSON string format. Multiple condition values are supported. This parameter contains the following sub-parameters:'."\n" + ."\n" + .' - **v**: Applicable only when the match item (**key**) is URL (**0**) or response code (**11**).'."\n" + .' - URL: When `"key":0`, the value is a URL address.'."\n" + .' - Response code: When `"key":11`, valid values include **400**, **401**, **402**, **403**, **404**, **405-499**, **500**, **501**, **502**, **503**, **504**, and **505-599**.'."\n" + .' - **k**: Applicable only when the match item (**key**) is sensitive information (**10**). Valid values:'."\n" + .' - **100**: ID card numbers.'."\n" + .' - **101**: Credit card numbers.'."\n" + .' - **102**: Phone numbers.'."\n" + .' - **103**: Default sensitive words.'."\n" + ."\n" + .' - **action**: The match action. Valid values:'."\n" + .' - **3**: Alert.'."\n" + .' - **10**: Sensitive information filtering. This action is applicable only to match conditions that contain sensitive information (`"key":10`).'."\n" + .' - **11**: Return the built-in block page. This action is applicable only to match conditions that contain response codes (`"key":11`).'."\n" + ."\n" + .' - **Example**'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"example",'."\n" + .' "conditions":[{"key":11,"operation":1,"value":[{"v":401}]},{"key":"0","operation":1,"value":[{"v":"www.aliyundoc.com"}]}],'."\n" + .' "action":3'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to account security rule configurations (**ng_account**) contains the following parameters:'."\n" + ."\n" + .' - **url_path**: String type | Required | The detection interface, expressed as a URL path. It must start with a forward slash (/).'."\n" + .' - **method**: String type | Required | The request method to detect, including POST, GET, PUT, and DELETE. Multiple request methods are separated by commas (,).'."\n" + .' - **account_left**: String type | Required | The account parameter name.'."\n" + .' - **password_left**: String type | Optional | The password parameter name.'."\n" + .' - **action**: String type | Required | The protection action. Valid values:'."\n" + .' - **monitor**: Alert.'."\n" + .' - **block**: Block.'."\n" + ."\n" + .' - **Example**'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "url_path":"/example",'."\n" + .' "method":"POST,GET,PUT,DELETE",'."\n" + .' "account_left":"aaa",'."\n" + .' "password_left:"123",'."\n" + .' "action":"monitor"'."\n" + .' }'."\n" + .' ``` '."\n" + ."\n" + .'- The JSON string corresponding to data risk control protection request configurations (**antifraud**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String type | Required | The specific protection request URL.'."\n" + .' '."\n" + .' - **Example**'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "uri": "http://1.example.com/example"'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to data risk control JS insertion page configurations (**antifraud_js**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String type | Required | The URL of the page into which the data risk control JS is inserted. The system inserts the data risk control JS into all pages under the specified URL path. The value must start with a forward slash (/).'."\n" + ."\n" + .' - **Example**'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "uri": "/example/example"'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to Bot management intelligent algorithm rule configurations (**bot_algorithm**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String type | Required | The rule name.'."\n" + .' - **algorithmName**: String type | Required | The algorithm name. Valid values:'."\n" + .' - **RR**: Dedicated resource crawler identification algorithm.'."\n" + .' - **PR**: Targeted path crawler identification algorithm.'."\n" + .' - **DPR**: Parameter polling crawler identification algorithm.'."\n" + .' - **SR**: Dynamic IP crawler identification algorithm.'."\n" + .' - **IND**: Proxy device crawler identification algorithm.'."\n" + .' - **Periodicity**: Periodicity-based crawler identification algorithm.'."\n" + .' - **timeInterval**: Integer type | Required | The detection period. Valid values: 30, 60, 120, 300, and 600. Unit: seconds.'."\n" + .' - **action**: String type | Required | The disposition action. Valid values:'."\n" + .' - **monitor**: Monitor.'."\n" + .' - **captcha**: Slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: Block. When Block is selected as the disposition action, the block duration (**blocktime**) parameter must be specified.'."\n" + .' - **blocktime**: Integer type | Optional | The block duration. Unit: minutes. Valid values: 1 to 600.'."\n" + .' - **config**: String type | Required | The algorithm configuration information in JSON string format. The specific sub-parameters in the algorithm configuration are related to the selected algorithm name (**algorithmName**).'."\n" + .' - The configuration information for the dedicated resource crawler identification algorithm (**RR**) contains the following sub-parameters:'."\n" + .' - **resourceType**: Integer type | Optional | The type of the requested resource. Valid values:'."\n" + .' - **1**: Dynamic resource type.'."\n" + .' - **2**: Static resource type.'."\n" + .' - **-1**: Custom resource type. When Custom resource type is selected, you must also specify the **extensions** parameter with specific resource suffixes in string format, with multiple suffixes separated by commas (,), for example, `css,jpg,xls`.'."\n" + .' - **minRequestCountPerIp**: Integer type | Required | The range of IPs to detect during the detection period. Only IPs with access request counts greater than or equal to this value will be detected. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float type | Required | The risk determination condition, which is the threshold for the ratio of IP access requests that access the specified resource type (for the dedicated resource crawler identification algorithm) or the threshold for the ratio of IP access requests that access the specified path (for the targeted path crawler identification algorithm). An IP is determined as risky when the ratio exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration information for the targeted path crawler identification algorithm (**PR**) contains the following sub-parameters:'."\n" + .' - **keyPathConfiguration**: Array type | Optional | The request path information, supporting a maximum of 10 paths. This sub-parameter is required only when the targeted path crawler identification algorithm is used. It is expressed in JSON string format and contains the following parameters:'."\n" + .' - **method**: String type | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **url**: String type | Required | The request path keyword. It must start with a forward slash (/).'."\n" + .' - **matchType**: String type | Required | The match method, used in combination with the request path keyword (**url**) parameter to specify the request path. Valid values: **all** (exact match), **prefix** (prefix match), and **regex** (regular expression match).'."\n" + .' - **minRequestCountPerIp**: Integer type | Required | The range of IPs to detect during the detection period. Only IPs with access request counts greater than or equal to this value will be detected. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float type | Required | The risk determination condition, which is the threshold for the ratio of IP access requests that access the specified resource type (for the dedicated resource crawler identification algorithm) or the threshold for the ratio of IP access requests that access the specified path (for the targeted path crawler identification algorithm). An IP is determined as risky when the ratio exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration information for the parameter polling crawler identification algorithm (**DPR**) contains the following sub-parameters:'."\n" + .' - **method**: String type | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **urlPattern**: String type | Required | The key parameter path. It must start with a forward slash (/). Use {} to represent key parameters. When multiple {} are configured, these parameters are concatenated as the key parameter. For example, `/company/{}/{}/{}/user.php?uid={}`.'."\n" + .' - **minRequestCountPerIp**: Integer type | Required | The range of IPs to detect during the detection period. Only IPs with access request counts greater than or equal to this value will be detected. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float type | Required | The risk determination condition, which is the threshold for the ratio of different key parameter values in IP access requests. An IP is determined as risky when the ratio exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration information for the dynamic IP crawler identification algorithm (**SR**) contains the following sub-parameters:'."\n" + .' - **maxRequestCountPerSrSession**: Integer type | Required | Defines abnormal sessions by setting the minimum number of requests per session. A session is considered abnormal if the number of requests within a single session is less than this value. Valid values: 1 to 8.'."\n" + .' - **minSrSessionCountPerIp**: Integer type | Required | The risk determination condition, which is the threshold for the number of abnormal sessions in IP access requests. An IP is determined as risky when the number of abnormal sessions in a single IP\'s access requests exceeds this value. Valid values: 5 to 300.'."\n" + .' - The configuration information for the proxy device crawler identification algorithm (**IND**) contains the following sub-parameters:'."\n" + .' - **minIpCount**: Integer type | Required | The malicious device determination condition, which is the threshold for the number of IP changes associated with a device\'s WIFI connections. The device is determined as risky when this threshold is exceeded. Valid values: 5 to 500.'."\n" + .' - **keyPathConfiguration**: Array type | Optional | The detection path information, supporting a maximum of 10 paths. It is expressed in JSON string format and contains the following parameters:'."\n" + .' - **method**: String type | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **url**: String type | Required | The detection path keyword. It must start with a forward slash (/).'."\n" + .' - **matchType**: String type | Required | The match method, used in combination with the detection path keyword (**url**) parameter to specify the request path. Valid values: **all** (exact match), **prefix** (prefix match), and **regex** (regular expression match).'."\n" + .' - The configuration information for the periodicity-based crawler identification algorithm (**Periodicity**) contains the following sub-parameters:'."\n" + .' - **minRequestCountPerIp**: Integer type | Required | The range of IPs to detect during the detection period. Only IPs with access request counts greater than or equal to this value will be detected. Valid values: 5 to 10000.'."\n" + .' - **level**: Integer type | Required | The risk determination level, which indicates the clarity of the periodicity features of the access IP. Valid values:'."\n" + .' - **0**: Obvious.'."\n" + .' - **1**: Moderate.'."\n" + .' - **2**: Weak.'."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"Proxy device crawler identification",'."\n" + .' "algorithmName":"IND",'."\n" + .' "timeInterval":"60",'."\n" + .' "action":"monitor",'."\n" + .' "config":{'."\n" + .' "minIpCount":5,'."\n" + .' "keyPathConfiguration":[{"url":"/index","method":"GET","matchType":"prefix"}]'."\n" + .' }'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to App protection version protection rule configurations (**bot_wxbb_pkg**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String type | Required | The rule name.'."\n" + .' - **action**: String type | Required | The disposition action. Valid values:'."\n" + .' - **test**: Monitor.'."\n" + .' - **close**: Block.'."\n" + .' - **nameList**: Array type | Required | The legitimate version information. A maximum of five rules can be specified. It is expressed in JSON string format and contains the following parameters:'."\n" + .' - **name**: String type | Required | The legitimate package name.'."\n" + .' - **signList**: Array type | Required | The corresponding package signatures. A maximum of 15 signatures can be specified, separated by commas (,).'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"test",'."\n" + .' "action":"close",'."\n" + .' "nameList":[{'."\n" + .' "name":"apk-xxxx",'."\n" + .' "signList":["xxxxxx","xxxxx","xxxx","xx"]'."\n" + .' }]'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to App protection path protection rule configurations (**bot_wxbb**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String type | Required | The rule name.'."\n" + .' - **uri**: String type | Required | The protection path. It must start with a forward slash (/).'."\n" + .' - **matchType**: String type | Required | The match method. Valid values: **all** (exact match), **prefix** (prefix match), and **regex** (regular expression match).'."\n" + .' - **arg**: String type | Required | The included parameter, used in combination with the match method (**matchType**) parameter to specify the protection path configuration.'."\n" + .' - **action**: String type | Required | The disposition action. Valid values:'."\n" + .' - **test**: Monitor.'."\n" + .' - **close**: Block.'."\n" + .' - **hasTag**: Boolean type | Required | Specifies whether a custom signature field is required.'."\n" + .' - **true**: Yes. When a custom signature field is required, you must specify the **wxbbVmpFieldType** and **wxbbVmpFieldValue** parameters to define the type and value of the signature field.'."\n" + .' - **false**: No.'."\n" + .' - **wxbbVmpFieldType**: Integer type | Optional | The type of the custom signature field. This parameter is required when the **hasTag** parameter is set to **true**. Valid values:'."\n" + .' - **0**: Header.'."\n" + .' - **1**: Parameter.'."\n" + .' - **2**: Cookie.'."\n" + .' - **wxbbVmpFieldValue**: String type | Optional | The value of the custom signature field. This parameter is required when the **hasTag** parameter is set to **true**.'."\n" + .' - **blockInvalidSign**: Integer type | Required | Specifies whether to perform the disposition action on invalid signatures. The value is fixed to **1**. This is the default protection policy for path protection rules.'."\n" + .' - **blockProxy**: Integer type | Optional | Specifies whether to perform the disposition action on proxies. The value is fixed to **1**. This parameter does not need to be specified if no disposition action is required for proxy behavior.'."\n" + .' - **blockSimulator**: Integer type | Optional | Specifies whether to perform the disposition action on simulators. The value is fixed to **1**. This parameter does not need to be specified if no disposition action is required for simulator behavior.'."\n" + ."\n" + .' - **Example**'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"test",'."\n" + .' "uri":"/index",'."\n" + .' "matchType":"all",'."\n" + .' "arg":"test",'."\n" + .' "action":"close",'."\n" + .' "hasTag":true,'."\n" + .' "wxbbVmpFieldType":2,'."\n" + .' "wxbbVmpFieldValue":"test",'."\n" + .' "blockInvalidSign":1,'."\n" + .' "blockProxy":1'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- Custom protection policy rule configurations (**ac_custom**) use the **scene** parameter in the corresponding JSON string to set ACL access control rules and CC attack protection rules.'."\n" + ."\n" + .' - To set an ACL access control rule (the **scene** parameter value is **custom_acl**), the corresponding JSON string contains the following parameters:'."\n" + ."\n" + .' - **name**: String type | Required | The rule name.'."\n" + .' - **scene**: String type | Required | The protection type. When setting an ACL access control rule, the value is fixed to **custom_acl**.'."\n" + .' - **action**: String type | Required | The disposition action. Valid values:'."\n" + .' - **monitor**: Monitor.'."\n" + .' - **captcha**: Slider CAPTCHA.'."\n" + .' - **captcha_strict**: Strict slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: Block.'."\n" + ."\n" + .' - **conditions**: Array type | Required | The match conditions. A maximum of five match conditions can be specified. It is described in JSON string format and contains the following parameters:'."\n" + ."\n" + .' - **key**: The match field. Valid values: **URL**, **IP**, **Referer**, **User-Agent**, **Params**, **Cookie**, **Content-Type**, **Content-Length**, **X-Forwarded-For**, **Post-Body**, **Http-Method**, **Header**, and **URLPath**.'."\n" + ."\n" + .' - **opCode**: The logical operator. Valid values:'."\n" + ."\n" + .' > Not every match field (**key**) of a custom rule supports all logical operators (**opcode**). For the relationship between different match fields and supported logical operators, refer to the WAF console at [WAF console](https://yundun.console.aliyun.com/?p=wafnext).'."\n" + ."\n" + .' - **11**: Equals.'."\n" + .' - **10**: Does not equal.'."\n" + .' - **41**: Equals one of multiple values.'."\n" + .' - **50**: Does not equal any value.'."\n" + .' - **1**: Contains.'."\n" + .' - **0**: Does not contain.'."\n" + .' - **51**: Contains one of multiple values.'."\n" + .' - **52**: Does not contain any value.'."\n" + .' - **82**: Exists.'."\n" + .' - **2**: Does not exist.'."\n" + .' - **21**: Length equals.'."\n" + .' - **22**: Length is greater than.'."\n" + .' - **20**: Length is less than.'."\n" + .' - **60**: Does not match regular expression.'."\n" + .' - **61**: Matches regular expression.'."\n" + .' - **72**: Prefix match.'."\n" + .' - **81**: Suffix match.'."\n" + .' - **80**: Content is empty.'."\n" + ."\n" + .' - **values**: The match content. Fill in the corresponding content as needed, expressed as a String type.'."\n" + ."\n" + .' > The valid values of the logical operator (**opCode**) and match content (**values**) parameters in the match condition are related to the specified match field (**key**). For detailed information about supported match condition configurations, see [Match condition field description](~~147945~~).'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "action":"monitor",'."\n" + .' "name":"test",'."\n" + .' "scene":"custom_acl",'."\n" + .' "conditions":[{"opCode":1,"key":"URL","values":"/example"}]'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .' - To set a CC attack protection rule (the **scene** parameter value is **custom_cc**), the corresponding JSON string contains the following parameters:'."\n" + ."\n" + .' - **name**: String type | Required | The rule name.'."\n" + .' - **scene**: String type | Required | The protection type. When setting a CC attack protection rule, the value is fixed to **custom_cc**.'."\n" + .' - **conditions**: Array type | Required | The match conditions. A maximum of five match conditions can be specified. It is described in JSON string format and contains the following parameters:'."\n" + ."\n" + .' - **key**: The match field. Valid values: **URL**, **IP**, **Referer**, **User-Agent**, **Params**, **Cookie**, **Content-Type**, **Content-Length**, **X-Forwarded-For**, **Post-Body**, **Http-Method**, **Header**, and **URLPath**.'."\n" + ."\n" + .' - **opCode**: The logical operator. Valid values:'."\n" + ."\n" + .' > Not every match field (**key**) of a custom rule supports all logical operators (**opcode**). For the relationship between different match fields and supported logical operators, refer to the WAF console at [WAF console](https://yundun.console.aliyun.com/?p=wafnext).'."\n" + .' '."\n" + .' - **11**: Equals.'."\n" + .' - **10**: Does not equal.'."\n" + .' - **41**: Equals one of multiple values.'."\n" + .' - **50**: Does not equal any value.'."\n" + .' - **1**: Contains.'."\n" + .' - **0**: Does not contain.'."\n" + .' - **51**: Contains one of multiple values.'."\n" + .' - **52**: Does not contain any value.'."\n" + .' - **82**: Exists.'."\n" + .' - **2**: Does not exist.'."\n" + .' - **21**: Length equals.'."\n" + .' - **22**: Length is greater than.'."\n" + .' - **20**: Length is less than.'."\n" + .' - **60**: Does not match regular expression.'."\n" + .' - **61**: Matches regular expression.'."\n" + .' - **72**: Prefix match.'."\n" + .' - **81**: Suffix match.'."\n" + .' - **80**: Content is empty.'."\n" + ."\n" + .' - **values**: The match content. Fill in the corresponding content as needed, expressed as a String type.'."\n" + ."\n" + .' > The valid values of the logical operator (**opCode**) and match content (**values**) parameters in the match condition are related to the specified match field (**key**).'."\n" + ."\n" + .' - **action**: String type | Required | The disposition action. Valid values:'."\n" + ."\n" + .' - **monitor**: Monitor.'."\n" + .' - **captcha**: Slider CAPTCHA.'."\n" + .' - **captcha_strict**: Strict slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: Block.'."\n" + ."\n" + .' - **ratelimit**: JSON format | Required | The rate limiting settings. It is described in JSON string format and contains the following parameters:'."\n" + ."\n" + .' - **target**: String type | Required | The type of the statistical object. Valid values:'."\n" + .' - **remote_addr**: IP.'."\n" + .' - **cookie.acw_tc**: Session.'."\n" + .' - **queryarg**: Custom parameter. When Custom parameter is selected, you must specify the name of the custom parameter in the **subkey** parameter.'."\n" + .' - **cookie**: Custom cookie. When Custom cookie is selected, you must specify the cookie content in the **subkey** parameter.'."\n" + .' - **header**: Custom header. When Custom header is selected, you must specify the header content in the **subkey** parameter.'."\n" + .' - **subkey**: String type | Optional | Required when the **target** parameter value is **cookie**, **header**, or **queryarg**. Specify the corresponding information in the **subkey** parameter.'."\n" + .' - **interval**: Integer type | Required | The statistical duration in seconds, which is the statistical period for access counts. It is used in combination with the threshold (**threshold**) parameter.'."\n" + .' - **threshold**: Integer type | Required | The threshold for the number of times a single statistical object is allowed to access the protected URL within the detection duration.'."\n" + .' - **status**: JSON format | Optional | The response code frequency settings. It is described in JSON string format and contains the following parameters:'."\n" + .' - **code**: Integer type | Required | The specified response code.'."\n" + .' - **count**: Integer type | Optional | The threshold for the number of occurrences, meaning the protection rule is triggered when the specified response code occurs more than this threshold. Valid values: 1 to 999999999. The **count** parameter and the **ratio** parameter are mutually exclusive and cannot be configured simultaneously.'."\n" + .' - **ratio**: Integer type | Optional | The threshold for the occurrence ratio (percentage), meaning the protection rule is triggered when the specified response code occurrence ratio exceeds this threshold. Valid values: 1 to 100. The **count** parameter and the **ratio** parameter are mutually exclusive and cannot be configured simultaneously.'."\n" + .' - **scope**: String type | Required | The effective scope. Valid values:'."\n" + .' - **rule**: Within the current feature match scope.'."\n" + .' - **domain**: Within the domain scope of the current rule.'."\n" + .' - **ttl**: Integer type | Required | The effective duration of the disposition action in seconds. Valid values: 60 to 86400.'."\n" + ."\n" + .' - **Example**'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"CC protection",'."\n" + .' "conditions":[{"opCode":1,"key":"URL","values":"/example"}],'."\n" + .' "action":"block", '."\n" + .' "scene":"custom_cc", '."\n" + .' "ratelimit":{'."\n" + .' "target": "remote_addr", '."\n" + .' "interval": 300,'."\n" + .' "threshold": 2000,'."\n" + .' "status": {'."\n" + .' "code": 404,'."\n" + .' "count": 200'."\n" + .' },'."\n" + .' "scope": "rule",'."\n" + .' "ttl": 1800'."\n" + .' }'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string corresponding to website whitelist rule configurations (**whitelist**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String type | Required | The rule name.'."\n" + .' - **tags**: Array type | Required | The modules to skip during detection. Different types of whitelist rules support different modules (**tags**) to skip. The details are as follows:'."\n" + ."\n" + .' > The values of **tags** can only include the values listed under the specific whitelist type. For example, the **tags** values cannot include both **regular** and **cc** simultaneously, because **regular** belongs to the Web Intrusion Prevention whitelist and **cc** belongs to the Access Control/Rate Limiting whitelist.'."\n" + ."\n" + .' - To set a global whitelist, **tags** valid values:'."\n" + .' - **waf**: Skip detection of all protection modules.'."\n" + ."\n" + .' - To set a Web Intrusion Prevention whitelist, **tags** valid values (multiple values can be set):'."\n" + .' - **regular**: Skip detection by the rule engine (including all protection rules).'."\n" + .' - **regular_rule**: Skip detection of specified protection rules in the rule engine (if this value is selected, you must set the rule IDs to skip using the **regularRules** parameter).'."\n" + .' - **regular_type**: Skip detection of specified types of protection rules in the rule engine (if this value is selected, you must set the rule types to skip using the **regularTypes** parameter).'."\n" + .' - **deeplearning**: Skip detection by the deep learning engine.'."\n" + ."\n" + .' - To set an Access Control/Rate Limiting whitelist, **tags** valid values (multiple values can be set):'."\n" + .' - **cc**: Skip detection by the CC security protection module.'."\n" + .' - **customrule**: Skip detection by the custom protection policy.'."\n" + .' - **blacklist**: Skip detection by the IP blacklist module.'."\n" + .' - **antiscan**: Skip detection by the scan protection module.'."\n" + ."\n" + .' - To set a Data Security whitelist, **tags** valid values (multiple values can be set):'."\n" + .' - **dlp**: Skip detection by the data leakage prevention module.'."\n" + .' - **tamperproof**: Skip detection by the website tamper-proofing module.'."\n" + .' - **account**: Skip detection by the account security module.'."\n" + ."\n" + .' - To set a Bot Management whitelist, **tags** valid values (multiple values can be set):'."\n" + .' - **bot_intelligence**: Skip detection by the crawler threat intelligence module.'."\n" + .' - **bot_algorithm**: Skip detection by the typical crawler behavior identification module.'."\n" + .' - **bot_wxbb**: Skip detection by the App protection module.'."\n" + .' - **antifraud**: Skip detection by the data risk control module.'."\n" + ."\n" + .' - **regularRules**: Array type | Optional | The list of protection rule IDs to skip. This parameter is required if the **tags** parameter value contains **regular_rule**. You can view all Web attack protection rules in WAF and obtain the related rule IDs on the **Protection Rule Group** page of the [WAF console](https://yundun.console.aliyun.com/?p=wafnext) by using **Create Rule Group**. For more information, see [Customize protection rule groups](~~99262~~).'."\n" + .' - **regularTypes**: Array type | Optional | The list of protection rule types to skip. This parameter is required if the **tags** parameter value contains **regular_type**. Valid values:'."\n" + .' - **sqli**: SQL injection.'."\n" + .' - **xss**: Cross-site scripting (XSS).'."\n" + .' - **code_exec**: Code execution.'."\n" + .' - **lfilei**: Local file inclusion.'."\n" + .' - **rfilei**: Remote file inclusion.'."\n" + .' - **webshell**: WebShell.'."\n" + .' - **vvip**: Customized protection rules.'."\n" + .' - **other**: Other types.'."\n" + .' '."\n" + .' - **conditions**: Array type | Required | The match conditions. A maximum of five match conditions can be specified. It is described in JSON string format and contains the following parameters:'."\n" + ."\n" + .' - **key**: The match field. Valid values: **URL**, **IP**, **Referer**, **User-Agent**, **Params**, **Cookie**, **Content-Type**, **Content-Length**, **X-Forwarded-For**, **Post-Body**, **Http-Method**, **Header**, and **URLPath**.'."\n" + ."\n" + .' - **opCode**: The logical operator. Valid values:'."\n" + ."\n" + .' > Not every match field (**key**) of a custom rule supports all logical operators (**opcode**). For the relationship between different match fields and supported logical operators, refer to the WAF console at [WAF console](https://yundun.console.aliyun.com/?p=wafnext).'."\n" + ."\n" + .' - **11**: Equals.'."\n" + .' - **10**: Does not equal.'."\n" + .' - **41**: Equals one of multiple values.'."\n" + .' - **50**: Does not equal any value.'."\n" + .' - **1**: Contains or belongs to.'."\n" + .' - **0**: Does not contain or does not belong to.'."\n" + .' - **51**: Contains one of multiple values.'."\n" + .' - **52**: Does not contain any value.'."\n" + .' - **82**: Exists.'."\n" + .' - **2**: Does not exist.'."\n" + .' - **21**: Length equals.'."\n" + .' - **22**: Length is greater than.'."\n" + .' - **20**: Length is less than.'."\n" + .' - **60**: Does not match regular expression.'."\n" + .' - **61**: Matches regular expression.'."\n" + .' - **72**: Prefix match.'."\n" + .' - **81**: Suffix match.'."\n" + .' - **80**: Content is empty.'."\n" + .' - **30**: Value is less than.'."\n" + .' - **31**: Value is greater than.'."\n" + ."\n" + .' - **values**: The match content. Fill in the corresponding content as needed, expressed as a String type.'."\n" + ."\n" + .' > The valid values of the logical operator (**opCode**) and match content (**values**) parameters in the match condition are related to the specified match field (**key**).'."\n" + ."\n" + .' - **Example**'."\n" + .' '."\n" + .' ```'."\n" + .' {'."\n" + .' "name": "test",'."\n" + .' "tags": ["cc","customrule"],'."\n" + .' "conditions":[{"opCode":1,"key":"URL","values":"/example"}],'."\n" + .' }'."\n" + .' ``` '."\n" + ."\n\n" + .'When calling the API, in addition to the request parameters described in this topic, you must also include the Alibaba Cloud API common request parameters. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format of the API call, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DeleteDomain' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateProtectionModuleRule'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateProtectionModuleRule', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DeleteDomain' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -1801,37 +1116,30 @@ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The domain name that has been added to WAF.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -1839,74 +1147,71 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<DeleteDomainResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</DeleteDomainResponse>","errorExample":""}]', - 'title' => 'DeleteDomain', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Delete specified domain name configuration information', + 'summary' => 'Deletes the configuration information of a specified domain name.', 'requestParamsDescription' => ' ', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeCertificates' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDomain'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DeleteInstance' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'list', - ], + 'systemTags' => [], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], - ], - [ - 'name' => 'Domain', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group.'."\n" + ."\n" + .'Default value: empty, which indicates the default resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -1914,135 +1219,115 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ECF65091-3704-55D5-BC88-EC208B0E238C', - ], - 'Certificates' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'IsUsing' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'false', - ], - 'CertificateName' => [ - 'description' => '', - 'type' => 'string', - 'example' => '*.aliyundoc.com', - ], - 'CertificateId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2329260', - ], - 'CommonName' => [ - 'description' => '', - 'type' => 'string', - 'example' => '*.aliyundoc.com', - ], - 'Sans' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '*.aliyundoc.com', - ], - ], - 'EndTime' => [ - 'type' => 'integer', - 'format' => 'int64', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The unique identifier that Alibaba Cloud generated for this API request.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"ECF65091-3704-55D5-BC88-EC208B0E238C\\",\\n \\"Certificates\\": [\\n {\\n \\"IsUsing\\": false,\\n \\"CertificateName\\": \\"*.aliyundoc.com\\",\\n \\"CertificateId\\": 2329260,\\n \\"CommonName\\": \\"*.aliyundoc.com\\",\\n \\"Sans\\": [\\n \\"*.aliyundoc.com\\"\\n ],\\n \\"EndTime\\": 1971273600000\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<DescribeCertificatesResponse>\\n <RequestId>ECF65091-3704-55D5-BC88-EC208B0E238C</RequestId>\\n <Certificates>\\n <IsUsing>false</IsUsing>\\n <CertificateName>*.aliyundoc.com</CertificateName>\\n <CertificateId>2329260</CertificateId>\\n <CommonName>*.aliyundoc.com</CommonName>\\n <Sans>*.aliyundoc.com</Sans>\\n </Certificates>\\n</DescribeCertificatesResponse>","errorExample":""}]', - 'title' => 'DescribeCertificates', - 'summary' => 'Queries the SSL certificates that are associated with a domain name and managed by Alibaba Cloud Certificate Management Service.', + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","type":"json"}]', + 'title' => 'Release a WAF instance', + 'summary' => 'Releases a pay-as-you-go Web Application Firewall (WAF) instance or an expired subscription instance.', + 'description' => 'After an instance is released, all data associated with the instance is permanently deleted and cannot be recovered. Proceed with caution.', + 'requestParamsDescription' => ' ', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeCertMatchStatus' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteInstance'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteInstance', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DeleteProtectionModuleRule' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => [], 'parameters' => [ [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The domain name for which you want to delete the protection rule.'."\n" + ."\n" + .'> You can call [DescribeDomainList](~~255880~~) to query all domain names that are added to WAF.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'Certificate', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '-----BEGIN CERTIFICATE----- 62EcYPWd2Oy1vs6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02SIDNggIEeg== -----END CERTIFICATE-----', - ], + 'schema' => ['description' => 'The protection feature module to which the rule to be deleted belongs. Valid values:'."\n" + ."\n" + .'- **waf-codec**: the decoding settings of the RegEx Protection DPI engine.'."\n" + ."\n" + .'- **tamperproof**: web tamper-proofing rules.'."\n" + ."\n" + .'- **dlp**: data leak prevention rules.'."\n" + ."\n" + .'- **ng_account**: account security rules.'."\n" + ."\n" + .'- **antifraud**: data risk control protection request configurations.'."\n" + ."\n" + .'- **antifraud_js**: data risk control JS insertion page configurations.'."\n" + ."\n" + .'- **bot_algorithm**: intelligent algorithm rules of Bot Management.'."\n" + ."\n" + .'- **bot_wxbb_pkg**: version protection rules of App Protection.'."\n" + ."\n" + .'- **bot_wxbb**: path protection rules of App Protection.'."\n" + ."\n" + .'- **ac_custom**: custom protection policy rules.'."\n" + ."\n" + .'- **whitelist**: whitelist rules.', 'type' => 'string', 'required' => true, 'example' => 'ac_custom', 'title' => ''], ], [ - 'name' => 'PrivateKey', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3UKHJTRgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8bv5UK5G04RtKadOw== -----END RSA PRIVATE KEY-----', - ], + 'schema' => ['description' => 'The ID of the protection rule to delete.'."\n" + ."\n" + .'> You can call [DescribeProtectionModuleRules](~~100398~~) to query the IDs of all rules in a specified protection module.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '42754', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. By default, this parameter is empty, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2050,108 +1335,92 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'MatchStatus' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'false', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '1557B42F-B889-460A-B17F-1DE5C5AD7FF2', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"MatchStatus\\": false,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\n<DescribeCertMatchStatusResponse>\\n\\t<MatchStatus>false</MatchStatus>\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</DescribeCertMatchStatusResponse>","errorExample":""}]', - 'title' => 'DescribeCertMatchStatus', - 'requestParamsDescription' => ' ', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1557B42F-B889-460A-B17F-1DE5C5AD7FF2\\"\\n}","type":"json"}]', + 'title' => 'Delete a rule from a protection module', + 'summary' => 'Deletes a rule configured in a specified protection module by calling DeleteProtectionModuleRule.', + 'description' => 'This operation deletes a rule configured in a specified protection module.'."\n" + .'To ensure system stability, the queries per second (QPS) for a single user is limited to 10. If the limit is exceeded, API calls are throttled, which may affect your business. Call this operation at an appropriate frequency.', + 'requestParamsDescription' => 'When you call this operation, you must include common Alibaba Cloud API request parameters in addition to the operation-specific request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'CreateCertificate' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteProtectionModuleRule'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteProtectionModuleRule', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeCertMatchStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The domain name that is added to WAF.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ 'name' => 'Certificate', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '-----BEGIN CERTIFICATE----- 62EcYPWd2Oy1vs6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02SIDNggIEeg== -----END CERTIFICATE-----', - 'default' => 'cn', - ], + 'schema' => ['description' => 'The content of the certificate file.', 'type' => 'string', 'required' => true, 'example' => '-----BEGIN CERTIFICATE----- 62EcYPWd2Oy1vs6MTXcJSfN9*****9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02SIDNggIEeg== -----END CERTIFICATE-----', 'title' => ''], ], [ 'name' => 'PrivateKey', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3UKHJTRgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8bv5UK5G04RtKadOw== -----END RSA PRIVATE KEY-----', - ], - ], - [ - 'name' => 'CertificateName', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'CertName', - ], + 'schema' => ['description' => 'The content of the private key file.', 'type' => 'string', 'required' => true, 'example' => '-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3UKHJTRgNQ****Qn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8bv5UK5G04RtKadOw== -----END RSA PRIVATE KEY-----', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2159,215 +1428,194 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'CertificateId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2329260', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'MatchStatus' => ['description' => 'Indicates whether the certificate and private key match.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"CertificateId\\": 2329260,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\n<CreateCertificateResponse>\\n\\t<CertificateId>2329260</CertificateId>\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</CreateCertificateResponse>","errorExample":""}]', - 'title' => 'CreateCertificate', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"MatchStatus\\": false,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Check whether the uploaded certificate and private key match for a domain name', + 'summary' => 'Checks whether the certificate and private key uploaded for a specified domain name configuration match.', 'requestParamsDescription' => ' ', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'CreateCertificateByCertificateId' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertMatchStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCertMatchStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeCertificates' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [], + 'systemTags' => ['operationType' => 'list'], 'parameters' => [ [ - 'name' => 'Domain', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.aliyundoc.com', - ], - ], - [ - 'name' => 'CertificateId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '3384669', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], + 'schema' => ['description' => 'The domain name for which you want to query the associated SSL certificates.'."\n" + ."\n" + .'If you do not set this parameter, the SSL certificates associated with all domain names are queried.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If you do not set this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzz2e****pp7i', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'CertificateId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '3384669', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'ECF65091-3704-55D5-BC88-EC208B0E238C', 'title' => ''], + 'Certificates' => [ + 'description' => 'The SSL certificate information associated with the domain name.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'IsUsing' => ['description' => 'Indicates whether the certificate is currently used by the domain name. Valid values:'."\n" + ."\n" + .'- **true**: The certificate is in use.'."\n" + .'- **false**: The certificate is not in use.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'CertificateName' => ['description' => 'The name of the certificate.', 'type' => 'string', 'example' => '*.aliyundoc.com', 'title' => ''], + 'CertificateId' => ['description' => 'The ID of the certificate.', 'type' => 'integer', 'format' => 'int64', 'example' => '2329260', 'title' => ''], + 'CommonName' => ['description' => 'The domain name that is bound to the certificate.', 'type' => 'string', 'example' => '*.aliyundoc.com', 'title' => ''], + 'Sans' => [ + 'description' => 'The list of SAN (Subject Alternative Name) extension attributes of the certificate.', + 'type' => 'array', + 'items' => ['description' => 'Other domain names that are bound to the certificate.', 'type' => 'string', 'example' => '*.aliyundoc.com', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'EndTime' => ['description' => 'The expiration time of the certificate. The value is a Unix timestamp in UTC. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1971273600000', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"CertificateId\\": 3384669,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateCertificateByCertificateIdResponse>\\n <CertificateId>3384669</CertificateId>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</CreateCertificateByCertificateIdResponse>","errorExample":""}]', - 'title' => 'CreateCertificateByCertificateId', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"ECF65091-3704-55D5-BC88-EC208B0E238C\\",\\n \\"Certificates\\": [\\n {\\n \\"IsUsing\\": false,\\n \\"CertificateName\\": \\"*.aliyundoc.com\\",\\n \\"CertificateId\\": 2329260,\\n \\"CommonName\\": \\"*.aliyundoc.com\\",\\n \\"Sans\\": [\\n \\"*.aliyundoc.com\\"\\n ],\\n \\"EndTime\\": 1971273600000\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query available certificates for a specified domain name', + 'summary' => 'Queries the available existing certificates for a specified domain name, that is, certificates that are already managed in SSL Certificates Service.', + 'description' => 'This API is used to query the list of SSL certificates associated with a domain name (purchased through Alibaba Cloud SSL Certificates Service or uploaded and managed in SSL Certificates Service), such as the certificate ID, name, associated domain name, and SAN (Subject Alternative Name) extension attributes. Note that to ensure system stability, the QPS for a single user is limited to 10 requests per second. If the limit is exceeded, API calls will be throttled, which may affect your business. Please call this API at a reasonable frequency.', + 'requestParamsDescription' => 'When you call this API, in addition to the request parameters described in this topic, you must also include Alibaba Cloud API common request parameters. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format of the API, see the request example in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeDomainBasicConfigs' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2023-04-18T02:30:35.000Z', 'description' => 'Response parameters changed, Error codes changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertificates'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCertificates', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeDomain' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'deprecated' => false, + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], - ], - [ - 'name' => 'DomainKey', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'aliyundoc', - ], - ], - [ - 'name' => 'AccessType', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'waf-cloud-dns', - ], - ], - [ - 'name' => 'CloudNativeProductId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], - ], - [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['description' => 'The domain name to query.'."\n" + ."\n" + .'> You can call [DescribeDomainNames](~~86373~~) to query all domain names that have been added to WAF protection.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2pz25js****', - ], + 'schema' => ['description' => 'The resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2375,161 +1623,296 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'DomainConfigs' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Status' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Domain' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'Owner' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'WAF', - ], - 'CcMode' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'CcStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'AccessType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'waf-cloud-dns', - ], - 'Version' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'AclStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'WafStatus' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C7726', 'title' => ''], + 'Domain' => [ + 'description' => 'The configuration information of the domain name.', + 'type' => 'object', + 'properties' => [ + 'HttpToUserIp' => ['description' => 'Indicates whether the HTTP back-to-origin feature is enabled. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method) and **HttpsPort** is not empty (indicating that the domain name uses HTTPS).', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'SniStatus' => ['description' => 'Indicates whether back-to-origin Server Name Indication (SNI) is enabled. When back-to-origin SNI is enabled, WAF forwards client requests to the origin server and specifies the host to access through the SNI extension field (Server Name Indicator extension) during the TLS handshake with the origin server, and then establishes an HTTPS connection with the specified host. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added by using the CNAME method) and **HttpsPort** is not empty (indicating that the domain name uses HTTPS).', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'IsAccessProduct' => ['description' => 'Indicates whether another Layer 7 proxy (such as Anti-DDoS Pro or CDN) is deployed in front of WAF, meaning whether client traffic passes through another Layer 7 proxy before reaching WAF. Valid values:'."\n" + ."\n" + .'- **0**: no.'."\n" + .'- **1**: yes.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'AccessHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n" + ."\n" + .'- **0**: WAF reads the first value of the X-Forwarded-For (XFF) field in the request header as the client IP address.'."\n" + .'- **1**: WAF reads the value of a custom field that you specify in the request header as the client IP address.'."\n" + ."\n" + .'> This parameter is returned only when **IsAccessProduct** is set to **1** (indicating that another Layer 7 proxy service is deployed in front of WAF).', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'HttpsRedirect' => ['description' => 'Indicates whether HTTPS forced redirect is enabled. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method) and **HttpsPort** is not empty (indicating that the domain name uses HTTPS).', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'IpFollowStatus' => ['description' => 'Indicates whether the IPv4/IPv6 back-to-origin protocol follow feature is enabled. Valid values:'."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'LoadBalancing' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n" + ."\n" + .'- **0**: IP Hash.'."\n" + .'- **1**: round-robin.'."\n" + .'- **2**: Least Time.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', 'type' => 'integer', 'format' => 'int32', 'example' => '2', 'title' => ''], + 'AccessType' => ['description' => 'The Website Config method. Valid values:'."\n" + .'- **waf-cloud-dns**: CNAME access.'."\n" + .'- **waf-cloud-native**: transparent access.', 'type' => 'string', 'example' => 'waf-cloud-dns', 'title' => ''], + 'Version' => ['description' => 'The version of the current domain name configuration.', 'type' => 'integer', 'format' => 'int64', 'example' => '40', 'title' => ''], + 'ClusterType' => ['description' => 'The cluster type of the WAF instance. Valid values:'."\n" + ."\n" + .'- **0**: physical cluster.'."\n" + .'- **1**: virtual cluster, which is a WAF exclusive cluster.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'ReadTime' => ['description' => 'The read connection timeout period of the WAF cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', 'type' => 'integer', 'format' => 'int32', 'example' => '120', 'title' => ''], + 'WriteTime' => ['description' => 'The write connection timeout period of the WAF cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', 'type' => 'integer', 'format' => 'int32', 'example' => '120', 'title' => ''], + 'SniHost' => ['description' => 'The custom value of the SNI extension field. An empty value indicates that no custom SNI value is set. By default, the value of the **Host** field in the request header is used as the value of the SNI extension field.'."\n" + ."\n" + .'> This parameter is returned only when **SniStatus** is set to **1** (indicating that back-to-origin SNI is enabled).', 'type' => 'string', 'example' => 'waf.example.com', 'title' => ''], + 'ResourceGroupId' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'example' => 'rg-acfm2mkrunv****', 'title' => ''], + 'Cname' => ['description' => 'The CNAME assigned by WAF to the domain name.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', 'type' => 'string', 'example' => 'kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com', 'title' => ''], + 'ConnectionTime' => ['description' => 'The connection timeout period of the WAF cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''], + 'LogHeaders' => [ + 'description' => 'The traffic tag fields and values of the domain name, which are used to mark traffic processed by WAF.'."\n" + ."\n" + .'> This parameter is returned only when the traffic tag feature is enabled for the domain name.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'k' => ['description' => 'The name of the traffic tag field.', 'type' => 'string', 'example' => 'ALIWAF-TAG', 'title' => ''], + 'v' => ['description' => 'The value of the traffic tag field.', 'type' => 'string', 'example' => 'Yes', 'title' => ''], + ], 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', + 'title' => '', + 'example' => '', ], - 'WafMode' => [ + 'title' => '', + 'example' => '', + ], + 'CloudNativeInstances' => [ + 'description' => 'The configuration list for transparent access.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-native** (indicating that the domain name is added to WAF by using the transparent access method).', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'RedirectionTypeName' => ['description' => 'The type of the traffic redirection port. Valid values:'."\n" + ."\n" + .'- **SLB-L4**: redirects traffic from the Layer 4 listener port of a Classic Load Balancer (CLB, formerly SLB) instance to WAF for protection.'."\n" + .'- **SLB-L7**: redirects traffic from the Layer 7 listener port of a CLB instance to WAF for protection.'."\n" + .'- **ECS**: redirects traffic from the listener port of an Elastic Compute Service (ECS) server to WAF for protection.'."\n" + .'- **ALB**: redirects traffic from the HTTP or HTTPS listener port of an Application Load Balancer (ALB) instance to WAF for protection.', 'type' => 'string', 'example' => 'ALB', 'title' => ''], + 'CloudNativeProductName' => ['description' => 'The type of the cloud service instance. Valid values:'."\n" + ."\n" + .'- **SLB**: Classic Load Balancer (CLB, formerly SLB) instance.'."\n" + .'- **ECS**: Elastic Compute Service (ECS) server.'."\n" + .'- **ALB**: Application Load Balancer (ALB) instance.', 'type' => 'string', 'example' => 'ALB', 'title' => ''], + 'InstanceId' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'example' => 'alb-s65nua68wdedsp****', 'title' => ''], + 'IPAddressList' => [ + 'description' => 'The list of public IP addresses of the cloud service instance.', + 'type' => 'array', + 'items' => ['description' => 'The public IP address of the cloud service instance.', 'type' => 'string', 'example' => '39.XX.XX.197', 'title' => ''], + 'example' => '["39.XX.XX.197"]', + 'title' => '', + ], + 'ProtocolPortConfigs' => [ + 'description' => 'The list of protocol and port configurations.', + 'type' => 'array', + 'items' => [ + 'description' => 'The protocol and port configuration.', + 'type' => 'object', + 'properties' => [ + 'Ports' => [ + 'description' => 'The list of ports.', + 'type' => 'array', + 'items' => ['description' => 'The port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'example' => '[80]', + 'title' => '', + ], + 'Protocol' => ['description' => 'The protocol type. Valid values:'."\n" + .'- **http**: HTTP.'."\n" + .'- **https**: HTTPS.', 'type' => 'string', 'example' => 'http', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', + ], + 'HttpPort' => [ + 'description' => 'The list of HTTP ports.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', + 'type' => 'array', + 'items' => ['description' => 'The HTTP port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'Http2Port' => [ + 'description' => 'The list of HTTP 2.0 ports.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method) and **HttpsPort** is not empty (indicating that the domain name uses HTTPS).', + 'type' => 'array', + 'items' => ['description' => 'The HTTP 2.0 port.', 'type' => 'integer', 'format' => 'int32', 'example' => '8443', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'SourceIps' => [ + 'description' => 'The addresses of the origin server.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', + 'type' => 'array', + 'items' => ['description' => 'The address of the origin server.', 'type' => 'string', 'example' => '39.XX.XX.197', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'HttpsPort' => [ + 'description' => 'The list of HTTPS ports.'."\n" + ."\n" + .'> This parameter is returned only when **AccessType** is set to **waf-cloud-dns** (indicating that the domain name is added to WAF by using the CNAME method).', + 'type' => 'array', + 'items' => ['description' => 'The HTTPS port.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'AccessHeaders' => [ + 'description' => 'The list of custom fields used to obtain the originating IP address of the client.'."\n" + ."\n" + .'> This parameter is returned only when **AccessHeaderMode** is set to **1** (indicating that WAF reads the value of a custom field that you specify in the request header as the client IP address).', + 'type' => 'array', + 'items' => ['description' => 'The custom field used to obtain the originating IP address of the client.', 'type' => 'string', 'example' => 'X-Client-IP', 'title' => ''], + 'title' => '', + 'example' => '', ], + 'Retry' => ['description' => 'Indicates whether WAF retries when back-to-origin fails. Valid values:'."\n" + ."\n" + .'- **true**: retries.'."\n" + ."\n" + .'- **false**: does not retry.', 'type' => 'boolean', 'default' => 'true', 'example' => 'false', 'title' => ''], + 'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n" + ."\n" + .'- **true**: enabled.'."\n" + ."\n" + .'- **false**: disabled.', 'type' => 'boolean', 'default' => 'true', 'example' => 'true', 'title' => ''], + 'KeepaliveRequests' => ['description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000.'."\n" + ."\n" + .'> The number of persistent connections to reuse after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int32', 'default' => '1000', 'example' => '1000', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" + ."\n" + .'> The idle duration after which a reused persistent connection is released.', 'type' => 'integer', 'format' => 'int32', 'default' => '15', 'example' => '15', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4C7726\\",\\n \\"Domain\\": {\\n \\"HttpToUserIp\\": 0,\\n \\"SniStatus\\": 1,\\n \\"IsAccessProduct\\": 1,\\n \\"AccessHeaderMode\\": 1,\\n \\"HttpsRedirect\\": 0,\\n \\"IpFollowStatus\\": 1,\\n \\"LoadBalancing\\": 2,\\n \\"AccessType\\": \\"waf-cloud-dns\\",\\n \\"Version\\": 40,\\n \\"ClusterType\\": 0,\\n \\"ReadTime\\": 120,\\n \\"WriteTime\\": 120,\\n \\"SniHost\\": \\"waf.example.com\\",\\n \\"ResourceGroupId\\": \\"rg-acfm2mkrunv****\\",\\n \\"Cname\\": \\"kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com\\",\\n \\"ConnectionTime\\": 5,\\n \\"LogHeaders\\": [\\n {\\n \\"k\\": \\"ALIWAF-TAG\\",\\n \\"v\\": \\"Yes\\"\\n }\\n ],\\n \\"CloudNativeInstances\\": [\\n {\\n \\"RedirectionTypeName\\": \\"ALB\\",\\n \\"CloudNativeProductName\\": \\"ALB\\",\\n \\"InstanceId\\": \\"alb-s65nua68wdedsp****\\",\\n \\"IPAddressList\\": [\\n \\"39.XX.XX.197\\"\\n ],\\n \\"ProtocolPortConfigs\\": [\\n {\\n \\"Ports\\": [\\n 80\\n ],\\n \\"Protocol\\": \\"http\\"\\n }\\n ]\\n }\\n ],\\n \\"HttpPort\\": [\\n 80\\n ],\\n \\"Http2Port\\": [\\n 8443\\n ],\\n \\"SourceIps\\": [\\n \\"39.XX.XX.197\\"\\n ],\\n \\"HttpsPort\\": [\\n 443\\n ],\\n \\"AccessHeaders\\": [\\n \\"X-Client-IP\\"\\n ],\\n \\"Retry\\": false,\\n \\"Keepalive\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 15\\n }\\n}","type":"json"}]', + 'title' => 'Query the configuration of a domain name added to WAF', + 'summary' => 'Queries the configuration information of a domain name that has been added to WAF protection.', + 'requestParamsDescription' => 'When you call this operation, you must include common Alibaba Cloud API request parameters in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request example in the **Examples** section of this topic.', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [ + ['createdAt' => '2023-08-22T06:08:27.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2023-05-23T05:46:04.000Z', 'description' => 'Response parameters changed, Error codes changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomain'], ], - 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainConfigs\\": [\\n {\\n \\"Status\\": 1,\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Owner\\": \\"WAF\\",\\n \\"CcMode\\": 0,\\n \\"CcStatus\\": 1,\\n \\"AccessType\\": \\"waf-cloud-dns\\",\\n \\"Version\\": 0,\\n \\"AclStatus\\": 1,\\n \\"WafStatus\\": 1,\\n \\"WafMode\\": 0\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<DescribeDomainBasicConfigsResponse>\\n <TotalCount>1</TotalCount>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n <DomainConfigs>\\n <Status>1</Status>\\n <Domain>www.aliyundoc.com</Domain>\\n <Owner>WAF</Owner>\\n <CcMode>0</CcMode>\\n <CcStatus>1</CcStatus>\\n <Version>0</Version>\\n <AclStatus>1</AclStatus>\\n <WafStatus>1</WafStatus>\\n <WafMode>0</WafMode>\\n </DomainConfigs>\\n</DescribeDomainBasicConfigsResponse>","errorExample":""}]', - 'title' => 'DescribeDomainBasicConfigs', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', ], 'DescribeDomainAdvanceConfigs' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-2r427ng****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-2r427ng****', 'title' => ''], ], [ 'name' => 'DomainList', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The domain names whose configurations you want to query. You can specify multiple domain names. Separate multiple domain names with commas (,).'."\n" + ."\n" + .'> You can call [DescribeDomainList](~~255880~~) to query all domain names that have been added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the domain name belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2537,232 +1920,377 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], 'DomainConfigs' => [ - 'description' => '', + 'description' => 'The detailed configuration information of the domain names.', 'type' => 'array', 'items' => [ 'type' => 'object', 'properties' => [ - 'Domain' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], + 'Domain' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], 'Profile' => [ - 'description' => '', + 'description' => 'The domain name configuration.', 'type' => 'object', 'properties' => [ 'Http2Port' => [ - 'description' => '', + 'description' => 'The list of HTTP 2.0 ports.', 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '443', - ], - ], - 'Ipv6Status' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', + 'items' => ['description' => 'The HTTP 2.0 port.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''], + 'title' => '', + 'example' => '', ], + 'Ipv6Status' => ['description' => 'Indicates whether IPv6 security protection is enabled. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], 'HttpPort' => [ - 'description' => '', + 'description' => 'The list of HTTP ports.', 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '80', - ], - ], - 'GSLBStatus' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'on', + 'items' => ['description' => 'The HTTP port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'title' => '', + 'example' => '', ], + 'GSLBStatus' => ['description' => 'Indicates whether intelligent load balancing is enabled. Valid values:'."\n" + ."\n" + .'- **off**: disabled.'."\n" + ."\n" + .'- **on**: enabled.', 'type' => 'string', 'example' => 'on', 'title' => ''], 'Rs' => [ - 'description' => '', + 'description' => 'The list of origin server addresses.', 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '38.XX.XX.42', - ], + 'items' => ['description' => 'The origin server address.', 'type' => 'string', 'example' => '38.XX.XX.42', 'title' => ''], 'example' => '["39.XX.XX.197"]', + 'title' => '', ], - 'VipServiceStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'ClusterType' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'ExclusiveVipStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'Cname' => [ - 'description' => '', - 'type' => 'string', - 'example' => '****dsbpkt75zeiok5mta2j5l7hggcrm.****.com', - ], - 'CertStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], + 'VipServiceStatus' => ['description' => 'The service status of the WAF instance IP address (or WAF virtual cluster IP address) currently in use. Valid values:'."\n" + ."\n" + .'- **0**: Normal.'."\n" + ."\n" + .'- **1**: The system scrubs traffic.'."\n" + ."\n" + .'- **2**: The system is in blackhole filtering status.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'ClusterType' => ['description' => 'The cluster type of the WAF instance. Valid values:'."\n" + ."\n" + .'- **0** (default): physical cluster.'."\n" + .'- **1**: virtual cluster, which is a WAF exclusive cluster.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'ExclusiveVipStatus' => ['description' => 'Indicates whether an exclusive IP address is used. Valid values:'."\n" + ."\n" + .'- **0**: no.'."\n" + ."\n" + .'- **1**: yes.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'Cname' => ['description' => 'The CNAME address assigned by the WAF instance for the domain name configuration.', 'type' => 'string', 'example' => '****dsbpkt75zeiok5mta2j5l7hggcrm.****.com', 'title' => ''], + 'CertStatus' => ['description' => 'The certificate status (the HTTPS protocol status). Valid values:'."\n" + ."\n" + .'- **0**: abnormal. For example, no certificate is uploaded, or the uploaded certificate is invalid.'."\n" + ."\n" + .'- **1**: normal. A certificate is uploaded and the certificate is valid.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], 'HttpsPort' => [ - 'description' => '', + 'description' => 'The list of HTTPS ports.', 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '443', - ], - ], - 'ResolvedType' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', + 'items' => ['description' => 'The HTTPS port.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''], + 'title' => '', + 'example' => '', ], + 'ResolvedType' => ['description' => 'The type of the CNAME records to parse. Valid values:'."\n" + ."\n" + .'- **-1**: points to the origin server.'."\n" + ."\n" + .'- **0**: points to the WAF instance IP address.'."\n" + ."\n" + .'- **1**: points to the WAF virtual cluster IP address.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainConfigs\\": [\\n {\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Profile\\": {\\n \\"Http2Port\\": [\\n 443\\n ],\\n \\"Ipv6Status\\": 1,\\n \\"HttpPort\\": [\\n 80\\n ],\\n \\"GSLBStatus\\": \\"on\\",\\n \\"Rs\\": [\\n \\"38.XX.XX.42\\"\\n ],\\n \\"VipServiceStatus\\": 0,\\n \\"ClusterType\\": 0,\\n \\"ExclusiveVipStatus\\": 0,\\n \\"Cname\\": \\"****dsbpkt75zeiok5mta2j5l7hggcrm.****.com\\",\\n \\"CertStatus\\": 1,\\n \\"HttpsPort\\": [\\n 443\\n ],\\n \\"ResolvedType\\": 0\\n }\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<DescribeDomainAdvanceConfigsResponse>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n <DomainConfigs>\\n <Domain>www.aliyundoc.com</Domain>\\n <Profile>\\n <Http2Port>443</Http2Port>\\n <Ipv6Status>1</Ipv6Status>\\n <HttpPort>80</HttpPort>\\n <GSLBStatus>on</GSLBStatus>\\n <Rs>38.XX.XX.42</Rs>\\n <VipServiceStatus>0</VipServiceStatus>\\n <ClusterType>0</ClusterType>\\n <ExclusiveVipStatus>0</ExclusiveVipStatus>\\n <Cname>****dsbpkt75zeiok5mta2j5l7hggcrm.****.com</Cname>\\n <CertStatus>1</CertStatus>\\n <HttpsPort>443</HttpsPort>\\n <ResolvedType>0</ResolvedType>\\n </Profile>\\n </DomainConfigs>\\n</DescribeDomainAdvanceConfigsResponse>","errorExample":""}]', - 'title' => 'DescribeDomainAdvanceConfigs', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainConfigs\\": [\\n {\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Profile\\": {\\n \\"Http2Port\\": [\\n 443\\n ],\\n \\"Ipv6Status\\": 1,\\n \\"HttpPort\\": [\\n 80\\n ],\\n \\"GSLBStatus\\": \\"on\\",\\n \\"Rs\\": [\\n \\"38.XX.XX.42\\"\\n ],\\n \\"VipServiceStatus\\": 0,\\n \\"ClusterType\\": 0,\\n \\"ExclusiveVipStatus\\": 0,\\n \\"Cname\\": \\"****dsbpkt75zeiok5mta2j5l7hggcrm.****.com\\",\\n \\"CertStatus\\": 1,\\n \\"HttpsPort\\": [\\n 443\\n ],\\n \\"ResolvedType\\": 0\\n }\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query detailed configuration records of added domain names', + 'summary' => 'Queries the detailed configurations of domain names that have been added to WAF for protection.', + 'description' => 'Queries the detailed configurations of domain names that have been added to WAF for protection, such as CNAME addresses, origin server addresses, and HTTP and HTTPS port lists. To ensure system stability, the queries per second (QPS) for a single user is limited to 50. If the limit is exceeded, API calls are throttled, which may affect your business. Call this operation at an appropriate frequency.', + 'requestParamsDescription' => 'When you call this operation, you must include the common request parameters of Alibaba Cloud APIs in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeDomainList' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2021-10-18T07:56:27.000Z', 'description' => 'Response parameters changed, Error codes changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainAdvanceConfigs'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainAdvanceConfigs', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeDomainBasicConfigs' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], + ], + [ + 'name' => 'DomainKey', + 'in' => 'query', + 'schema' => ['description' => 'The domain name keyword. If you specify this parameter, only domain name configurations that contain the specified keyword are returned.'."\n" + ."\n" + .'If you do not specify this parameter, all domain name configurations are returned.', 'type' => 'string', 'required' => false, 'example' => 'aliyundoc', 'title' => ''], + ], + [ + 'name' => 'AccessType', + 'in' => 'query', + 'schema' => ['description' => 'The domain name access mode. Set this parameter to query domain name configurations that use the specified access mode. Valid values:'."\n" + ."\n" + .'- **waf-cloud-dns**: CNAME access.'."\n" + .'- **waf-cloud-native**: transparent access.'."\n" + ."\n" + .'If you do not set this parameter, all domain name configurations are returned.', 'type' => 'string', 'required' => false, 'example' => 'waf-cloud-dns', 'title' => ''], + ], + [ + 'name' => 'CloudNativeProductId', + 'in' => 'query', + 'schema' => ['description' => 'The type of the origin server. Set this parameter to query domain name configurations that use the specified origin server type in transparent access mode. Valid values:'."\n" + .'- **0**: ECS instance.'."\n" + .'- **1**: Classic Load Balancer (CLB) instance.'."\n" + .'- **2**: Application Load Balancer (ALB) instance.'."\n" + ."\n" + .'If you do not set this parameter, all domain name configurations are returned.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number in a paging query. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of domain name configurations per page in a paging query. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ 'name' => 'ResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group to which the domain name belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'TotalCount' => ['description' => 'The total number of domain name configurations returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'DomainConfigs' => [ + 'description' => 'The list of domain name configurations.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The status of the domain name configuration. Valid values:'."\n" + ."\n" + .'- **0**: invalid (deleted).'."\n" + .'- **1**: valid (created).'."\n" + .'- **10**: being created.'."\n" + .'- **11**: creation failed.'."\n" + .'- **20**: being deleted.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'Domain' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'Owner' => ['description' => 'The source of the domain name configuration. The value is fixed as **WAF**, which indicates that the domain name is added through WAF.', 'type' => 'string', 'example' => 'WAF', 'title' => ''], + 'CcMode' => ['description' => 'The mode of the CC security protection feature. Valid values:'."\n" + ."\n" + .'- **0**: **Protection** mode.'."\n" + .'- **1**: **Protection-Emergency** mode.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'CcStatus' => ['description' => 'The status of the CC security protection feature. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'AccessType' => ['description' => 'The domain name access mode. Valid values:'."\n" + ."\n" + .'- **waf-cloud-dns**: CNAME access.'."\n" + .'- **waf-cloud-native**: transparent access.', 'type' => 'string', 'example' => 'waf-cloud-dns', 'title' => ''], + 'Version' => ['description' => 'The version number of the current configuration.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'AclStatus' => ['description' => 'The status of the custom protection policy feature. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'WafStatus' => ['description' => 'The status of the rule protection engine feature. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'WafMode' => ['description' => 'The mode of the rule protection engine feature. Valid values:'."\n" + ."\n" + .'- **0**: **Block** mode.'."\n" + .'- **1**: **Warn** mode.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2pz25js****', + 'title' => '', + 'example' => '', ], ], + ], + 'errorCodes' => [ + 403 => [ + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.', 'description' => ''], + ], + 500 => [ + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.', 'description' => ''], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainConfigs\\": [\\n {\\n \\"Status\\": 1,\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Owner\\": \\"WAF\\",\\n \\"CcMode\\": 0,\\n \\"CcStatus\\": 1,\\n \\"AccessType\\": \\"waf-cloud-dns\\",\\n \\"Version\\": 0,\\n \\"AclStatus\\": 1,\\n \\"WafStatus\\": 1,\\n \\"WafMode\\": 0\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query protection settings of domain name configurations', + 'summary' => 'Queries the basic configurations of website domain names that are added to Web Application Firewall (WAF) for protection.', + 'description' => 'This operation is used to query the basic configurations of website domain names that are added to WAF for protection (hereinafter referred to as domain name configurations) by paging. For example, you can query the status of domain name configurations and the status and mode of default security protection modules, including the rule protection DPI engine, CC security protection, and custom protection policy. To ensure system stability, the queries per second (QPS) for a single user is limited to 50. If the limit is exceeded, API calls are throttled, which may affect your business. Invoke this operation at an appropriate frequency.', + 'requestParamsDescription' => 'When you call this operation, you must also include Alibaba Cloud common request parameters in addition to the request parameters described in this topic. For more information, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the **Example** section of this topic.', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainBasicConfigs'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainBasicConfigs', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + ], + 'DescribeDomainList' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'systemTags' => ['operationType' => 'get'], + 'parameters' => [ + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], + ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp26f1****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****', 'title' => ''], ], [ 'name' => 'DomainName', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'example.com', - ], + 'schema' => ['description' => 'The domain name that you want to query.'."\n" + ."\n" + .'You can set this parameter to perform a prefix match to check whether a specific domain name is added to WAF for protection.', 'type' => 'string', 'required' => false, 'example' => 'example.com', 'title' => ''], ], [ 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The page number of the page to return in a paged query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], ], [ 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''], ], [ 'name' => 'IsSub', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], + 'schema' => ['description' => 'The type of domain name that you want to query. Valid values:'."\n" + ."\n" + .'- **0** (default): queries all domain names, including exact domain names and wildcard domain names.'."\n" + .'- **1**: queries only exact domain names.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], [ 'name' => 'DomainNames', 'in' => 'query', 'style' => 'repeatList', 'schema' => [ - 'description' => '', + 'description' => 'The list of domain names that you want to query.'."\n" + ."\n" + .'You can set this parameter to perform a fuzzy match to check whether multiple domain names are added to WAF for protection.', 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], + 'items' => ['description' => 'The domain name that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'example.com '."\n", 'title' => ''], 'required' => false, 'example' => 'example.com', 'maxItems' => 100, + 'title' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2770,100 +2298,177 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '2', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '592E866F-6C05-4E7C-81DE-B4D8E86B91EF', - ], + 'TotalCount' => ['description' => 'The total number of domain names returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '2', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '592E866F-6C05-4E7C-81DE-B4D8E86B91EF', 'title' => ''], 'DomainNames' => [ + 'description' => 'The list of domain names returned.', 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '["www.example.com","test.example.com"]', - ], + 'items' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'www.example.com', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"TotalCount\\": 2,\\n \\"RequestId\\": \\"592E866F-6C05-4E7C-81DE-B4D8E86B91EF\\",\\n \\"DomainNames\\": [\\n \\"www.example.com\\"\\n ]\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<DescribeDomainListResponse>\\r\\n\\t<TotalCount>2</TotalCount>\\r\\n\\t<RequestId>592E866F-6C05-4E7C-81DE-B4D8E86B91EF</RequestId>\\r\\n\\t<DomainNames>www.example.com</DomainNames>\\r\\n\\t<DomainNames>test.example.com</DomainNames>\\r\\n</DescribeDomainListResponse>","errorExample":""}]', - 'title' => 'DescribeDomainList', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 2,\\n \\"RequestId\\": \\"592E866F-6C05-4E7C-81DE-B4D8E86B91EF\\",\\n \\"DomainNames\\": [\\n \\"www.example.com\\"\\n ]\\n}","type":"json"}]', + 'title' => 'Query domain name asset information', + 'summary' => 'Invokes DescribeDomainList to perform a paged query of domain names that are added to WAF for protection.', + 'description' => 'You can also use this operation to query all domain names that are added to WAF for protection, but paged query is not supported, which means all domain names are returned at a time. If you have a large number of domain names, we recommend that you invoke this operation to perform a paged query, which displays results by page and supports conditional query.', + 'requestParamsDescription' => 'When you call this operation, you must include common request parameters in addition to the operation-specific request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeProtectionModuleMode' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainList'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainList', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeDomainNames' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => ['operationType' => 'list'], 'parameters' => [ [ - 'name' => 'Domain', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'ResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group to which the domain name belongs in Resource Management. This parameter is empty by default, which indicates that the domain name belongs to the default resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'DomainNames' => [ + 'description' => 'The list of domain names that have been added.', + 'type' => 'array', + 'items' => ['description' => 'The domain name.', 'type' => 'string', 'example' => '1.example.com', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf', + 'title' => '', + 'example' => '', ], ], + ], + 'errorCodes' => [ + 403 => [ + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.', 'description' => ''], + ], + 500 => [ + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.', 'description' => ''], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainNames\\": [\\n \\"1.example.com\\"\\n ]\\n}","type":"json"}]', + 'title' => 'Retrieve the list of domain names added to a specified instance', + 'summary' => 'Retrieves the list of domain names that have been added to a specified WAF instance.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainNames'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainNames', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + ], + 'DescribeDomainRuleGroup' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'systemTags' => ['operationType' => 'get'], + 'parameters' => [ + [ + 'name' => 'Domain', + 'in' => 'query', + 'schema' => ['description' => 'The domain name to query.'."\n" + ."\n" + .'> You can call [DescribeDomainList](~~255880~~) to query all domain names that have been added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], + ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. Default value: empty, which indicates the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2oij****hbfi', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2871,88 +2476,255 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Mode' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], + 'RuleGroupId' => ['description' => 'The ID of the protection rule group bound to the domain. Valid values:'."\n" + ."\n" + .'- **1011**: the strict rule group built into WAF.'."\n" + .'- **1012**: the medium rule group built into WAF.'."\n" + .'- **1013**: the loose rule group built into WAF.'."\n" + ."\n" + .'Other values indicate the IDs of custom rule groups.'."\n", 'type' => 'integer', 'format' => 'int64', 'example' => '1012', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'WafAiStatus' => ['description' => 'The status of the intelligent rule hosting feature. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"DE14845A-F46F-59BE-B8F7-6ED7A787D213\\",\\n \\"Mode\\": 0\\n}","errorExample":""},{"type":"xml","example":"<DescribeProtectionModuleModeResponse>\\n <LearnStatus>3</LearnStatus>\\n <RequestId>DE14845A-F46F-59BE-B8F7-6ED7A787D213</RequestId>\\n <Mode>0</Mode>\\n</DescribeProtectionModuleModeResponse>","errorExample":""}]', - 'title' => 'DescribeProtectionModuleMode', - 'requestParamsDescription' => ' ', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RuleGroupId\\": 1012,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"WafAiStatus\\": 1\\n}","type":"json"}]', + 'title' => 'DescribeDomainRuleGroup', + 'summary' => 'Queries the ID of the protection rule group bound to a domain and the status of the intelligent rule hosting feature by calling DescribeDomainRuleGroup.', + 'description' => 'This API operation is used to query the ID of the protection rule group bound to a specified domain and the status of the intelligent rule hosting feature under the rule protection engine.'."\n" + .'Note that to ensure system stability, the queries per second (QPS) for a single user is limited to 10. If the limit is exceeded, API calls will be throttled, which may affect your business. Please make API calls appropriately.', + 'requestParamsDescription' => 'When you call this API operation, in addition to the request parameters described in this topic, you must also include Alibaba Cloud API common request parameters. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format of this API operation, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'ModifyDomainIpv6Status' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2022-01-18T08:24:59.000Z', 'description' => 'Response parameters changed, Error codes changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainRuleGroup'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainRuleGroup', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeInstanceInfo' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'deprecated' => false, - 'systemTags' => [], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-mp9153****', - ], + 'schema' => ['description' => 'The ID of the WAF instance that you want to query.'."\n" + ."\n" + .'If you do not set this parameter, the information about all WAF instances in the Chinese mainland or outside the Chinese mainland is returned.', 'type' => 'string', 'required' => false, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. If you do not set this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ - 'name' => 'Enabled', + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'InstanceInfo' => [ + 'description' => 'The details of the WAF instance.', + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'Indicates whether the WAF instance has expired. Valid values:'."\n" + .'- **0**: expired.'."\n" + .'- **1**: not expired.'."\n" + ."\n" + .'> This parameter is not returned if **PayType** is **0** (WAF instance is not activated).', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'EndDate' => ['description' => 'The expiration time of the WAF instance. This value is a UNIX timestamp. Unit: seconds.'."\n" + ."\n" + .'> This parameter is not returned if **PayType** is **0** (WAF instance is not activated).', 'type' => 'integer', 'format' => 'int64', 'example' => '1512921600', 'title' => ''], + 'Version' => ['description' => 'The edition of the WAF instance. Valid values:'."\n" + ."\n" + .'<props="china">- **version_3**: Premium Edition in the Chinese mainland.</props>'."\n" + .'<props="china">- **version_4**: Business Edition in the Chinese mainland.</props>'."\n" + .'<props="china">- **version_5**: Ultimate Edition in the Chinese mainland.</props>'."\n" + .'<props="china">- **version_exclusive_cluster**: virtual exclusive cluster edition in the Chinese mainland.</props>'."\n" + .'<props="china">- **version_hybrid_cloud_standard**: Hybrid Cloud WAF Edition in the Chinese mainland.</props>'."\n" + .'<props="china">- **version_pro_asia**: Premium Edition outside the Chinese mainland.</props>'."\n" + .'<props="china">- **version_business_asia**: Business Edition outside the Chinese mainland.</props>'."\n" + .'<props="china">- **version_enterprise_asia**: Ultimate Edition outside the Chinese mainland.</props>'."\n" + .'<props="china">- **version_exclusive_cluster_asia**: virtual exclusive cluster edition outside the Chinese mainland.</props>'."\n" + .'<props="china">- **version_hybrid_cloud_standard_asia**: Hybrid Cloud WAF Edition outside the Chinese mainland.</props>'."\n" + .'<props="china">- **version_elastic_bill**: pay-as-you-go billing method edition.</props>'."\n" + .'<props="china">- **version_elastic_bill_new**: pay-as-you-go billing method 2.0 edition.</props>'."\n" + ."\n" + .'<props="china">If the returned version parameter value is not in the preceding list, confirm that you are using an Alibaba Cloud China Website (www.aliyun.com) account.</props> '."\n" + ."\n" + .'<props="intl">- **version_pro_china**: Premium Edition in the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_business_china**: Business Edition in the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_enterprise_china**: Ultimate Edition in the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_exclusive_china**: virtual exclusive cluster edition in the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_hybrid_cloud_standard_china**: Hybrid Cloud WAF Edition in the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_pro**: Premium Edition outside the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_business**: Business Edition outside the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_enterprise**: Ultimate Edition outside the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_exclusive**: virtual exclusive cluster edition outside the Chinese mainland.</props>'."\n" + .'<props="intl">- **version_hybrid_cloud_standard**: Hybrid Cloud WAF Edition outside the Chinese mainland.</props>'."\n" + ."\n" + .'<props="intl">If the returned version parameter value is not in the preceding list, confirm that you are using an Alibaba Cloud International Website (www.alibabacloud.com) account.</props>'."\n" + ."\n" + .'> This parameter is not returned if **PayType** is **0** (WAF instance is not activated).', 'type' => 'string', 'example' => 'version_3', 'title' => ''], + 'RemainDay' => ['description' => 'The remaining available days of the trial WAF instance.'."\n" + ."\n" + .'> This parameter is returned only if **Trial** is **1** (a trial WAF instance is activated).', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'Region' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn**: the Chinese mainland.'."\n" + .'- **cn-hongkong**: outside the Chinese mainland.'."\n" + ."\n" + .'> This parameter is not returned if **PayType** is **0** (WAF instance is not activated).', 'type' => 'string', 'example' => 'cn', 'title' => ''], + 'PayType' => ['description' => 'The activation status of the WAF instance. Valid values:'."\n" + ."\n" + .'- **0**: No WAF instance is activated under the current Alibaba Cloud account.'."\n" + .'- **1**: A subscription instance of WAF is activated under the current Alibaba Cloud account.'."\n" + .'<props="china">- **2**: A WAF instance that uses the pay-as-you-go billing method is activated under the current Alibaba Cloud account.</props>', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'InDebt' => ['description' => 'Indicates whether the WAF instance has an overdue payment. Valid values:'."\n" + ."\n" + .'- **0**: The instance has an overdue payment.'."\n" + .'- **1**: The instance does not have an overdue payment.'."\n" + ."\n" + .'> This parameter is not returned if **PayType** is **0** (WAF instance is not activated).', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'InstanceId' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> This parameter is not returned if **PayType** is **0** (WAF instance is not activated).', 'type' => 'string', 'example' => 'waf-cn-tl32ast****', 'title' => ''], + 'SubscriptionType' => ['description' => '<props="china">The billable method of the WAF instance. Valid values:</props>'."\n" + .'<props="china">- **Subscription**: subscription.</props>'."\n" + .'<props="china">- **PayAsYouGo**: pay-as-you-go billing method.</props>'."\n" + ."\n" + .'<props="intl">The billable method of the WAF instance. The value is fixed as **Subscription**, which indicates subscription.</props>'."\n" + ."\n" + .'> This parameter is not returned if **PayType** is **0** (WAF instance is not activated).', 'type' => 'string', 'example' => 'Subscription', 'title' => ''], + 'Trial' => ['description' => 'Indicates whether a trial WAF instance is activated under the current Alibaba Cloud account. Valid values:'."\n" + ."\n" + .'- **0**: No.'."\n" + .'- **1**: Yes.'."\n" + ."\n" + .'> This parameter is returned only if a trial WAF instance is activated under the current Alibaba Cloud account.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + ], 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '0', + 'title' => '', + 'example' => '', ], ], + ], + 'errorCodes' => [ + 403 => [ + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.', 'description' => ''], + ], + 500 => [ + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.', 'description' => ''], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"InstanceInfo\\": {\\n \\"Status\\": 1,\\n \\"EndDate\\": 1512921600,\\n \\"Version\\": \\"version_3\\",\\n \\"RemainDay\\": 1,\\n \\"Region\\": \\"cn\\",\\n \\"PayType\\": 1,\\n \\"InDebt\\": 1,\\n \\"InstanceId\\": \\"waf-cn-tl32ast****\\",\\n \\"SubscriptionType\\": \\"Subscription\\",\\n \\"Trial\\": 1\\n }\\n}","type":"json"}]', + 'title' => 'Get WAF instance information', + 'summary' => 'Queries the details of a WAF instance under the current Alibaba Cloud account.', + 'description' => 'This operation queries the details of a WAF instance under the current Alibaba Cloud account, such as the instance ID, edition, status, and expiration time. To ensure system stability, the queries per second (QPS) is limited to 50 per user. If the limit is exceeded, API calls are throttled, which may affect your business. Call this operation at a proper frequency.', + 'requestParamsDescription' => 'When you call this operation, you must include common request parameters in addition to the operation-specific request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeInstanceInfo'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeInstanceInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + ], + 'DescribeInstanceSpecInfo' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'systemTags' => ['operationType' => 'get'], + 'parameters' => [ + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance to query.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => false, 'example' => 'waf-cn-st2225l****', 'title' => ''], + ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => "\n" + .'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2960,84 +2732,278 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'E906513E-F6B5-495E-98DC-7BA8****1D76', 'title' => ''], + 'InstanceId' => ['description' => 'The instance ID of the WAF instance.', 'type' => 'string', 'example' => 'waf-cn-st2225l****', 'title' => ''], + 'ExpireTime' => ['description' => 'The expiration time of the WAF instance. The value is a UNIX timestamp in the format of milliseconds.'."\n" + ."\n" + .'> For instances that use the pay-as-you-go billing method, the returned value indicates the expiration time of the trial edition.', 'type' => 'integer', 'format' => 'int64', 'example' => '1677168000000', 'title' => ''], + 'Version' => ['description' => 'The version of the WAF instance. Valid values:'."\n" + ."\n" + .'<props="china">'."\n" + ."\n" + .'- **version_3**: Premium Edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_4**: Business edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_5**: Ultimate Edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_exclusive_cluster**: virtual exclusive cluster edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_hybrid_clou_standard**: hybrid cloud WAF edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_pro_asia**: Premium Edition outside China.'."\n" + ."\n" + .'- **version_business_asia**: Business edition outside China.'."\n" + ."\n" + .'- **version_enterprise_asia**: Ultimate Edition outside China.'."\n" + ."\n" + .'- **version_exclusive_cluster_asia**: virtual exclusive cluster edition outside China.'."\n" + ."\n" + .'- **version_hybrid_cloud_standard_asia**: hybrid cloud WAF edition outside China.'."\n" + ."\n" + .'- **version_elastic_bill**: pay-as-you-go billing method edition.'."\n" + ."\n" + .'- **version_elastic_bill_new**: pay-as-you-go billing method 2.0 edition.'."\n" + ."\n" + .'</props>'."\n" + ."\n" + .'<props="intl">'."\n" + ."\n" + .'- **version_pro_china**: Premium Edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_business_china**: Business edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_enterprise_china**: Ultimate Edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_exclusive_china**: virtual exclusive cluster edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_hybrid_cloud_standard_china**: hybrid cloud WAF edition in the Chinese mainland.'."\n" + ."\n" + .'- **version_pro**: Premium Edition outside China.'."\n" + ."\n" + .'- **version_business**: Business edition outside China.'."\n" + ."\n" + .'- **version_enterprise**: Ultimate Edition outside China.'."\n" + ."\n" + .'- **version_exclusive**: virtual exclusive cluster edition outside China.'."\n" + ."\n" + .'- **version_hybrid_cloud_standard**: hybrid cloud WAF edition outside China.'."\n" + ."\n" + .'</props>'."\n" + ."\n" + .'<props="china">If the returned version parameter value is not in the preceding list, confirm that you are using an Alibaba Cloud China Website (www.aliyun.com) account.</props>'."\n" + ."\n" + .'<props="intl">If the returned version parameter value is not in the preceding list, confirm that you are using an Alibaba Cloud International Website (www.alibabacloud.com) account.</props>', 'type' => 'string', 'example' => 'version_3', 'title' => ''], + 'InstanceSpecInfos' => [ + 'description' => 'The specification information of the WAF instance. The information is returned as an array of **Code** and **Value** pairs. **Code** indicates the specification code, and **Value** indicates the corresponding specification value.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Code' => ['description' => 'The specification code of the WAF instance. Valid values:'."\n" + ."\n" + .'- **100**: indicates whether HTTPS service protection is supported.'."\n" + .'- **101**: the daily service traffic threshold.'."\n" + .'- **102**: the mitigation threshold for HTTP flood attacks.'."\n" + .'- **103**: the total number of domain names that can be added for protection.'."\n" + .'- **104**: indicates whether wildcard domain names are supported.'."\n" + .'- **105**: the number of custom mitigation policies (ACL access control) rules that can be configured.'."\n" + .'- **106**: the number of back-to-origin IP addresses for domain names.'."\n" + .'- **107**: indicates whether servers outside Alibaba Cloud are supported.'."\n" + .'- **108**: indicates whether the custom advanced web access control feature is supported.'."\n" + .'- **109**: indicates whether non-standard ports are supported.'."\n" + .'- **110**: indicates whether the scan protection feature is supported.'."\n" + .'- **111**: indicates whether data risk control is supported.'."\n" + .'- **112**: the number of data risk control records that can be configured.'."\n" + .'- **113**: the number of primary domain names (top-level domain names) that can be added for protection.'."\n" + .'- **114**: the normal service bandwidth threshold.'."\n" + .'- **115**: the number of attached domain name packages.'."\n" + .'- **116**: indicates whether adding ECS IP addresses under different Alibaba Cloud accounts as origin server IP addresses is supported.'."\n" + .'- **117**: indicates whether adding Web Hosting IP addresses as origin server IP addresses is supported.'."\n" + .'- **118**: the number of data risk control rule scenarios that can be configured.'."\n" + .'- **119**: indicates whether the semantics analysis DPI engine feature is supported.'."\n" + .'- **12**: indicates whether the service network traffic analysis feature is supported.'."\n" + .'- **120**: indicates whether ICP filing verification is required for domain names added for protection.'."\n" + .'- **121**: indicates whether custom mitigation policies (HTTP flood attack prevention) rules can be configured.'."\n" + .'- **122**: the number of custom mitigation policies (HTTP flood attack prevention) rules that can be configured.'."\n" + .'- **123**: indicates whether the region-level IP blacklist feature is supported.'."\n" + .'- **124**: indicates whether web tamper-proofing is supported.'."\n" + .'- **125**: the number of custom tamper-proofing protection rules that can be configured.'."\n" + .'- **126**: indicates whether log collection is supported.'."\n" + .'- **127**: the number of non-standard ports that can be added.'."\n" + .'- **128**: the HTTP protocol ports that can be added.'."\n" + .'- **129**: the HTTPS protocol ports that can be added.'."\n" + .'- **13**: indicates whether switching the HTTP flood protection mode is supported.'."\n" + .'- **130**: indicates whether attacker profiling is supported.'."\n" + .'- **131**: indicates whether the sensitive information leak prevention feature is supported.'."\n" + .'- **132**: the number of sensitive information leak prevention rules that can be configured.'."\n" + .'- **133**: the condition fields that can be used in custom mitigation policies and whitelist policies.'."\n" + .'- **134**: the number of attached exclusive IP addresses.'."\n" + .'- **135**: indicates whether the data dashboard feature is supported.'."\n" + .'- **136**: the number of supported data dashboards.'."\n" + .'- **137**: indicates whether the deep learning engine feature is supported.'."\n" + .'- **138**: indicates whether full logs are supported.'."\n" + .'- **139**: the storage duration of full logs.'."\n" + .'- **14**: indicates whether viewing HTTP flood attack log details is supported.'."\n" + .'- **140**: the maximum storage capacity of full logs.'."\n" + .'- **141**: indicates whether the alerting settings feature is supported.'."\n" + .'- **142**: the number of times the full log storage space can be cleared.'."\n" + .'- **143**: indicates whether custom protection rule groups are supported.'."\n" + .'- **144**: the number of custom rule groups that can be configured.'."\n" + .'- **145**: indicates whether the general gateway proxy for protection modules is supported.'."\n" + .'- **146**: indicates whether the general rule proxy for protection modules is supported.'."\n" + .'- **147**: indicates whether the security expert service platform is supported.'."\n" + .'- **148**: indicates whether trial use is supported.'."\n" + .'- **149**: indicates whether transparent proxy mode is supported.'."\n" + .'- **150**: indicates whether IPv6 is supported.'."\n" + .'- **151**: indicates whether the proactive defense feature is supported.'."\n" + .'- **152**: the number of proactive defense rules that can be configured.'."\n" + .'- **153**: indicates whether HTTP 2.0 service protection is supported.'."\n" + .'- **154**: indicates whether the domain name configuration feature is supported.'."\n" + .'- **155**: indicates whether the asset discovery feature is supported.'."\n" + .'- **156**: indicates whether pre-release testing specifications are available.'."\n" + .'- **157**: indicates whether virtual exclusive clusters are supported.'."\n" + .'- **158**: the number of ports supported by virtual exclusive clusters.'."\n" + .'- **159**: indicates whether the account security feature is supported.'."\n" + .'- **160**: the number of interfaces for account security protection.'."\n" + .'- **162**: the number of whitelist rules that can be added.'."\n" + .'- **163**: the number of custom protection rules.'."\n" + .'- **164**: the number of IP blacklist rules.'."\n" + .'- **167**: indicates whether custom scan protection configuration is supported.'."\n" + .'- **168**: the number of Global Server Load Balancing (GSLB) protected domain names.'."\n" + .'- **169**: indicates whether intelligent load balancing is supported.'."\n" + .'- **171**: indicates whether the application protection feature is supported.'."\n" + .'- **172**: the number of application protection rules.'."\n" + .'- **173**: indicates whether the typical crawler behavior identification feature is supported.'."\n" + .'- **176**: indicates whether the legitimate crawler identification feature is supported.'."\n" + .'- **177**: indicates whether the crawler threat intelligence feature is supported.'."\n" + .'- **181**: the number of traffic redirection configurations (each corresponding to a specific instance IP address and port) that can be added for transparent access.'."\n" + .'- **190**: indicates whether HTTP flood attack prevention capabilities are supported.'."\n" + .'- **191**: indicates whether account security defense capabilities are supported.'."\n" + .'- **192**: indicates whether scan attack prevention capabilities are supported.'."\n" + .'- **193**: indicates whether custom TLS security policy is supported.'."\n" + .'- **194**: indicates whether advanced settings for custom TLS security policy are supported.'."\n" + .'- **196**: indicates whether transparent access supports attaching any interface.'."\n" + .'- **199**: indicates whether origin fetch over IPv6 is supported.'."\n" + .'- **200**: indicates whether scenario-specific anti-crawler configuration is supported.'."\n" + .'- **201**: the number of scenario-specific anti-crawler configurations.', 'type' => 'string', 'example' => '103', 'title' => ''], + 'Value' => ['description' => 'The value that corresponds to the WAF instance specification code. The value can be **true** (yes) or **false** (no), or a specific number.'."\n" + ."\n" + .'> For example, if **Code** is set to **103**, the **Value** is **640**. If **Code** is set to **104**, the **Value** is **true**.', 'type' => 'string', 'example' => '640', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<ModifyDomainIpv6StatusResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</ModifyDomainIpv6StatusResponse>","errorExample":""}]', - 'title' => 'ModifyDomainIpv6Status', - 'requestParamsDescription' => ' ', + 'errorCodes' => [ + 403 => [ + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.', 'description' => ''], + ], + 500 => [ + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.', 'description' => ''], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E906513E-F6B5-495E-98DC-7BA8****1D76\\",\\n \\"InstanceId\\": \\"waf-cn-st2225l****\\",\\n \\"ExpireTime\\": 1677168000000,\\n \\"Version\\": \\"version_3\\",\\n \\"InstanceSpecInfos\\": [\\n {\\n \\"Code\\": \\"103\\",\\n \\"Value\\": \\"640\\"\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query WAF instance specifications', + 'summary' => 'Queries the specification information of a WAF instance.', + 'requestParamsDescription' => 'When you call this operation, you must include the common request parameters of Alibaba Cloud APIs in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeProtectionModuleStatus' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeInstanceSpecInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeLogServiceStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ - 'name' => 'Domain', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call DescribeInstanceInfo to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf', - ], + 'schema' => ['description' => 'The region ID of Log Service. Valid values: '."\n" + .'- **cn**: the Chinese mainland (default)'."\n" + .'- **cn-hongkong**: outside China.', 'type' => 'string', 'required' => false, 'default' => 'cn', 'example' => 'cn', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, refer to [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ - 'name' => 'ResourceGroupId', + 'name' => 'PageNumber', 'in' => 'query', + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'DomainNames', + 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'type' => 'string', + 'description' => 'The list of domain names to query. You can specify up to 10 domain names at a time. If you do not specify this parameter, all domain names are queried.'."\n" + ."\n" + .'> You can call [DescribeDomainNames](~~86373~~) to query all domain names that are added to the current WAF instance for protection.', + 'type' => 'array', + 'items' => ['description' => 'The domain name.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyunXXXX.com', 'title' => ''], + 'required' => false, + 'maxItems' => 100, + 'title' => '', + 'example' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -3045,98 +3011,104 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'ModuleStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '63', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + 'DomainStatus' => [ + 'description' => 'The log collection status of the domain names (whether log collection is enabled).', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Domain' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'www.aliyun.com', 'title' => ''], + 'SlsLogActive' => ['description' => 'Indicates whether log collection is enabled for the domain name. Valid values:'."\n" + ."\n" + .'- **1**: enabled.'."\n" + .'- **0**: disabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"ModuleStatus\\": 1,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<DescribeProtectionModuleStatusResponse>\\n <ModuleStatus>1</ModuleStatus>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</DescribeProtectionModuleStatusResponse>","errorExample":""}]', - 'title' => 'DescribeProtectionModuleStatus', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 63,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"DomainStatus\\": [\\n {\\n \\"Domain\\": \\"www.aliyun.com\\",\\n \\"SlsLogActive\\": 1\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query log collection status', + 'summary' => 'Queries the log collection status (whether log collection is enabled) of domain names that are added to WAF for protection.', + 'requestParamsDescription' => 'When you call this operation, in addition to the request parameters described in this topic, you must include Alibaba Cloud API common request parameters. For more information about common request parameters, refer to [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the **request example** in this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'ModifyProtectionModuleStatus' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2022-08-23T11:43:34.000Z', 'description' => 'Request parameters changed, Error codes changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeLogServiceStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeLogServiceStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeProtectionModuleCodeConfig' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ - 'name' => 'Domain', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.aliyundoc.com', - ], - ], - [ - 'name' => 'DefenseType', + 'name' => 'CodeType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf', - ], + 'schema' => ['description' => 'The type of code to query. Set the value to **14**, which indicates the region codes applicable to the WAF region-level IP blacklist configuration.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '14', 'title' => ''], ], [ - 'name' => 'ModuleStatus', + 'name' => 'CodeValue', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The type of region codes to query. Valid values:'."\n" + .'- **0**: region codes within China.'."\n" + .'- **1**: region codes outside China.'."\n" + ."\n" + .'If you do not set this parameter, all types of region codes are queried.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the website domain name belongs in Resource Management. If you do not set this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['type' => 'string', 'default' => 'cn-hangzhou', 'description' => '', 'required' => false, 'title' => '', 'example' => ''], ], ], 'responses' => [ @@ -3144,92 +3116,378 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'CodeConfigs' => ['description' => 'The specific configuration of region codes. The value is a string converted from a JSON array. Each element in the JSON array represents a type of region code and contains the following fields:'."\n" + ."\n" + .'- **code**: Integer | The type of region code. Valid values: **0** (region codes within China) | **1** (region codes outside China).'."\n" + ."\n" + .'- **name**: String | All region codes of this type. Multiple region codes are separated by commas (,). For the meanings of specific region codes, see the description below the **Response parameters** table.'."\n" + ."\n" + .'- **env**: String | Indicates whether the region code is available. Valid values: **online** (the region code is available) | **offline** (the region code is unavailable).', 'type' => 'string', 'example' => '[{"code":0,"name":"310000,530000,150000,110000,TW_01,220000,510000,120000,640000,340000,370000,140000,440000,450000,650000,320000,360000,130000,410000,330000,460000,420000,430000,MO_01,620000,350000,540000,520000,210000,500000,610000,630000,HK_01,230000","env":"online"}]', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'BE3911B8-9D96-5B39-8875-503BBC9DA4BF', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyProtectionModuleStatus', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'ModifyProtectionModuleMode' => [ - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"CodeConfigs\\": \\"[{\\\\\\"code\\\\\\":0,\\\\\\"name\\\\\\":\\\\\\"310000,530000,150000,110000,TW_01,220000,510000,120000,640000,340000,370000,140000,440000,450000,650000,320000,360000,130000,410000,330000,460000,420000,430000,MO_01,620000,350000,540000,520000,210000,500000,610000,630000,HK_01,230000\\\\\\",\\\\\\"env\\\\\\":\\\\\\"online\\\\\\"}]\\",\\n \\"RequestId\\": \\"BE3911B8-9D96-5B39-8875-503BBC9DA4BF\\"\\n}","type":"json"}]', + 'title' => 'Query WAF protection module code configuration', + 'summary' => 'Queries the region codes that can be configured in the WAF region-level IP blacklist.', + 'description' => 'This operation queries the region codes that can be configured in the WAF region-level IP blacklist.'."\n" + .'The queries per second (QPS) limit for a single user is 100. If this limit is exceeded, API calls are throttled, which may affect your business. Call this operation at an appropriate frequency.', + 'requestParamsDescription' => 'When you call this operation, you must include common request parameters in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request example in the **Examples** section.', + 'responseParamsDescription' => '**Region codes within China (`"code": 0`)**.'."\n" + ."\n" + .'```'."\n" + .'{'."\n" + .' "310000": "Shanghai",'."\n" + .' "610000": "Shaanxi",'."\n" + .' "360000": "Jiangxi",'."\n" + .' "230000": "Heilongjiang",'."\n" + .' "530000": "Yunnan",'."\n" + .' "140000": "Shanxi",'."\n" + .' "440000": "Guangdong",'."\n" + .' "320000": "Jiangsu",'."\n" + .' "110000": "Beijing",'."\n" + .' "MO_01": "Macao (China)",'."\n" + .' "620000": "Gansu",'."\n" + .' "370000": "Shandong",'."\n" + .' "150000": "Inner Mongolia",'."\n" + .' "450000": "Guangxi",'."\n" + .' "410000": "Henan",'."\n" + .' "500000": "Chongqing",'."\n" + .' "120000": "Tianjin",'."\n" + .' "630000": "Qinghai",'."\n" + .' "460000": "Hainan",'."\n" + .' "640000": "Ningxia",'."\n" + .' "330000": "Zhejiang",'."\n" + .' "HK_01": "Hong Kong (China)",'."\n" + .' "420000": "Hubei",'."\n" + .' "430000": "Hunan",'."\n" + .' "130000": "Hebei",'."\n" + .' "510000": "Sichuan",'."\n" + .' "350000": "Fujian",'."\n" + .' "210000": "Liaoning",'."\n" + .' "220000": "Jilin",'."\n" + .' "340000": "Anhui",'."\n" + .' "520000": "Guizhou",'."\n" + .' "TW_01": "Taiwan (China)"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'**Region codes outside China (`"code": 1`)**.'."\n" + ."\n" + .'```'."\n" + .'{'."\n" + .' "KE": "Kenya",'."\n" + .' "KG": "Kyrgyzstan",'."\n" + .' "KH": "Cambodia",'."\n" + .' "KI": "Kiribati",'."\n" + .' "KM": "Comoros",'."\n" + .' "KN": "Saint Kitts and Nevis",'."\n" + .' "KP": "North Korea",'."\n" + .' "KR": "South Korea",'."\n" + .' "KW": "Kuwait",'."\n" + .' "KY": "Cayman Islands",'."\n" + .' "KZ": "Kazakhstan",'."\n" + .' "LA": "Laos",'."\n" + .' "LB": "Lebanon",'."\n" + .' "LC": "Saint Lucia",'."\n" + .' "LI": "Liechtenstein",'."\n" + .' "LK": "Sri Lanka",'."\n" + .' "LR": "Liberia",'."\n" + .' "LS": "Lesotho",'."\n" + .' "LT": "Lithuania",'."\n" + .' "LU": "Luxembourg",'."\n" + .' "LV": "Latvia",'."\n" + .' "LY": "Libya",'."\n" + .' "MA": "Morocco",'."\n" + .' "MC": "Monaco",'."\n" + .' "MD": "Moldova",'."\n" + .' "ME": "Montenegro",'."\n" + .' "MF": "Saint Martin",'."\n" + .' "MG": "Madagascar",'."\n" + .' "MH": "Marshall Islands",'."\n" + .' "MK": "North Macedonia",'."\n" + .' "ML": "Mali",'."\n" + .' "MM": "Myanmar",'."\n" + .' "MN": "Mongolia",'."\n" + .' "MP": "Northern Mariana Islands",'."\n" + .' "MQ": "Martinique",'."\n" + .' "MR": "Mauritania",'."\n" + .' "MS": "Montserrat",'."\n" + .' "MT": "Malta",'."\n" + .' "MU": "Mauritius",'."\n" + .' "MV": "Maldives",'."\n" + .' "MW": "Malawi",'."\n" + .' "MX": "Mexico",'."\n" + .' "MY": "Malaysia",'."\n" + .' "MZ": "Mozambique",'."\n" + .' "NA": "Namibia",'."\n" + .' "NC": "New Caledonia",'."\n" + .' "NE": "Niger",'."\n" + .' "NF": "Norfolk Island",'."\n" + .' "NG": "Nigeria",'."\n" + .' "NI": "Nicaragua",'."\n" + .' "NL": "Netherlands",'."\n" + .' "NO": "Norway",'."\n" + .' "NP": "Nepal",'."\n" + .' "NR": "Nauru",'."\n" + .' "NU": "Niue",'."\n" + .' "NZ": "New Zealand",'."\n" + .' "GA": "Gabon",'."\n" + .' "GB": "United Kingdom",'."\n" + .' "WS": "Samoa",'."\n" + .' "GD": "Grenada",'."\n" + .' "GE": "Georgia",'."\n" + .' "GF": "French Guiana",'."\n" + .' "GG": "Guernsey",'."\n" + .' "GH": "Ghana",'."\n" + .' "GI": "Gibraltar",'."\n" + .' "GL": "Greenland",'."\n" + .' "GM": "Gambia",'."\n" + .' "GN": "Guinea",'."\n" + .' "GP": "Guadeloupe",'."\n" + .' "GQ": "Equatorial Guinea",'."\n" + .' "GR": "Greece",'."\n" + .' "GT": "Guatemala",'."\n" + .' "GU": "Guam",'."\n" + .' "GW": "Guinea-Bissau",'."\n" + .' "GY": "Guyana",'."\n" + .' "HN": "Honduras",'."\n" + .' "HR": "Croatia",'."\n" + .' "HT": "Haiti",'."\n" + .' "YE": "Yemen",'."\n" + .' "HU": "Hungary",'."\n" + .' "YT": "Mayotte",'."\n" + .' "ID": "Indonesia",'."\n" + .' "IE": "Ireland",'."\n" + .' "IL": "Israel",'."\n" + .' "IM": "Isle of Man",'."\n" + .' "IN": "India",'."\n" + .' "IO": "British Indian Ocean Territory",'."\n" + .' "ZA": "South Africa",'."\n" + .' "IQ": "Iraq",'."\n" + .' "IR": "Iran",'."\n" + .' "IS": "Iceland",'."\n" + .' "IT": "Italy",'."\n" + .' "ZM": "Zambia",'."\n" + .' "JE": "Jersey",'."\n" + .' "ZW": "Zimbabwe",'."\n" + .' "JM": "Jamaica",'."\n" + .' "JO": "Jordan",'."\n" + .' "JP": "Japan",'."\n" + .' "SI": "Slovenia",'."\n" + .' "BY": "Belarus",'."\n" + .' "SK": "Slovakia",'."\n" + .' "BZ": "Belize",'."\n" + .' "SL": "Sierra Leone",'."\n" + .' "SM": "San Marino",'."\n" + .' "SN": "Senegal",'."\n" + .' "SO": "Somalia",'."\n" + .' "CA": "Canada",'."\n" + .' "SR": "Suriname",'."\n" + .' "SS": "South Sudan",'."\n" + .' "ST": "Sao Tome and Principe",'."\n" + .' "CD": "Democratic Republic of the Congo",'."\n" + .' "CF": "Central African Republic",'."\n" + .' "SV": "El Salvador",'."\n" + .' "CG": "Congo",'."\n" + .' "CH": "Switzerland",'."\n" + .' "SX": "Sint Maarten",'."\n" + .' "SY": "Syria",'."\n" + .' "CI": "Cote d\'Ivoire",'."\n" + .' "SZ": "Eswatini",'."\n" + .' "CK": "Cook Islands",'."\n" + .' "CL": "Chile",'."\n" + .' "CM": "Cameroon",'."\n" + .' "CN": "China",'."\n" + .' "CO": "Colombia",'."\n" + .' "TC": "Turks and Caicos Islands",'."\n" + .' "CR": "Costa Rica",'."\n" + .' "TD": "Chad",'."\n" + .' "CU": "Cuba",'."\n" + .' "CV": "Cabo Verde",'."\n" + .' "TG": "Togo",'."\n" + .' "CW": "Curacao",'."\n" + .' "TH": "Thailand",'."\n" + .' "CX": "Christmas Island",'."\n" + .' "TJ": "Tajikistan",'."\n" + .' "CY": "Cyprus",'."\n" + .' "CZ": "Czech Republic",'."\n" + .' "TK": "Tokelau",'."\n" + .' "TL": "Timor-Leste",'."\n" + .' "TM": "Turkmenistan",'."\n" + .' "TN": "Tunisia",'."\n" + .' "TO": "Tonga",'."\n" + .' "TR": "Turkey",'."\n" + .' "TT": "Trinidad and Tobago",'."\n" + .' "DE": "Germany",'."\n" + .' "TV": "Tuvalu",'."\n" + .' "DJ": "Djibouti",'."\n" + .' "TZ": "Tanzania",'."\n" + .' "DK": "Denmark",'."\n" + .' "DM": "Dominica",'."\n" + .' "DO": "Dominican Republic",'."\n" + .' "UA": "Ukraine",'."\n" + .' "UG": "Uganda",'."\n" + .' "DZ": "Algeria",'."\n" + .' "UM": "United States Minor Outlying Islands",'."\n" + .' "US": "United States",'."\n" + .' "EC": "Ecuador",'."\n" + .' "EE": "Estonia",'."\n" + .' "EG": "Egypt",'."\n" + .' "UY": "Uruguay",'."\n" + .' "UZ": "Uzbekistan",'."\n" + .' "VA": "Vatican City",'."\n" + .' "VC": "Saint Vincent and the Grenadines",'."\n" + .' "ER": "Eritrea",'."\n" + .' "ES": "Spain",'."\n" + .' "VE": "Venezuela",'."\n" + .' "ET": "Ethiopia",'."\n" + .' "VG": "British Virgin Islands",'."\n" + .' "VI": "United States Virgin Islands",'."\n" + .' "VN": "Vietnam",'."\n" + .' "VU": "Vanuatu",'."\n" + .' "FI": "Finland",'."\n" + .' "FJ": "Fiji",'."\n" + .' "FK": "Falkland Islands",'."\n" + .' "FM": "Micronesia",'."\n" + .' "FO": "Faroe Islands",'."\n" + .' "FR": "France",'."\n" + .' "WF": "Wallis and Futuna",'."\n" + .' "OM": "Oman",'."\n" + .' "PA": "Panama",'."\n" + .' "PE": "Peru",'."\n" + .' "PF": "French Polynesia",'."\n" + .' "PG": "Papua New Guinea",'."\n" + .' "PH": "Philippines",'."\n" + .' "PK": "Pakistan",'."\n" + .' "PL": "Poland",'."\n" + .' "PM": "Saint Pierre and Miquelon",'."\n" + .' "PR": "Puerto Rico",'."\n" + .' "PS": "Palestine",'."\n" + .' "PT": "Portugal",'."\n" + .' "PW": "Palau",'."\n" + .' "PY": "Paraguay",'."\n" + .' "QA": "Qatar",'."\n" + .' "AD": "Andorra",'."\n" + .' "AE": "United Arab Emirates",'."\n" + .' "AF": "Afghanistan",'."\n" + .' "AG": "Antigua and Barbuda",'."\n" + .' "AI": "Anguilla",'."\n" + .' "AL": "Albania",'."\n" + .' "AM": "Armenia",'."\n" + .' "AO": "Angola",'."\n" + .' "AP": "Asia Pacific",'."\n" + .' "AQ": "Antarctica",'."\n" + .' "AR": "Argentina",'."\n" + .' "AS": "American Samoa",'."\n" + .' "RE": "Reunion",'."\n" + .' "AT": "Austria",'."\n" + .' "AU": "Australia",'."\n" + .' "AW": "Aruba",'."\n" + .' "AX": "Aland Islands",'."\n" + .' "AZ": "Azerbaijan",'."\n" + .' "RO": "Romania",'."\n" + .' "BA": "Bosnia and Herzegovina",'."\n" + .' "BB": "Barbados",'."\n" + .' "RS": "Serbia",'."\n" + .' "BD": "Bangladesh",'."\n" + .' "BE": "Belgium",'."\n" + .' "RU": "Russia",'."\n" + .' "BF": "Burkina Faso",'."\n" + .' "RW": "Rwanda",'."\n" + .' "BG": "Bulgaria",'."\n" + .' "BH": "Bahrain",'."\n" + .' "BI": "Burundi",'."\n" + .' "BJ": "Benin",'."\n" + .' "BL": "Saint Barthelemy",'."\n" + .' "BM": "Bermuda",'."\n" + .' "BN": "Brunei",'."\n" + .' "BO": "Bolivia",'."\n" + .' "SA": "Saudi Arabia",'."\n" + .' "BQ": "Bonaire, Sint Eustatius and Saba",'."\n" + .' "SB": "Solomon Islands",'."\n" + .' "BR": "Brazil",'."\n" + .' "SC": "Seychelles",'."\n" + .' "SD": "Sudan",'."\n" + .' "BS": "Bahamas",'."\n" + .' "SE": "Sweden",'."\n" + .' "BT": "Bhutan",'."\n" + .' "SG": "Singapore",'."\n" + .' "BW": "Botswana"'."\n" + .'}.'."\n" + ."\n" + .'```.', + 'changeSet' => [ + ['createdAt' => '2021-12-07T10:18:56.000Z', 'description' => 'Request parameters changed, Error codes changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '100', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleCodeConfig'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleCodeConfig', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeProtectionModuleMode' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The domain name of the website to query.'."\n" + .'> The domain name must have been added to WAF for protection. You can call [DescribeDomainList](~~255880~~) to query all domain names that have been added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf', - ], - ], - [ - 'name' => 'Mode', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '0', - ], + 'schema' => ['description' => 'The protection module whose pattern you want to query. Valid values:'."\n" + ."\n" + .'- **waf**: rule protection engine.'."\n" + .'- **dld**: deep learning engine.'."\n" + .'- **ac_cc**: HTTP flood protection.'."\n" + .'- **antifraud**: data risk control.'."\n" + .'- **normalized**: proactive defense.', 'type' => 'string', 'required' => true, 'example' => 'waf', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the domain name belongs in Resource Management. If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['type' => 'string', 'default' => 'cn-hangzhou', 'description' => '', 'required' => false, 'title' => '', 'example' => ''], ], ], 'responses' => [ @@ -3237,129 +3495,236 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'DE14845A-F46F-59BE-B8F7-6ED7A787D213', 'title' => ''], + 'Mode' => ['description' => 'The current protection pattern of the protection module. The valid values and meanings of this parameter vary based on the **DefenseType** request parameter. The following list describes the details:'."\n" + ."\n" + .'- If **DefenseType** is set to **waf** (rule protection engine), the valid values of **Mode** are:'."\n" + ."\n" + .' - **0**: Block Mode.'."\n" + .' - **1**: Alerting pattern.'."\n" + ."\n" + .'- If **DefenseType** is set to **dld** (deep learning engine), the valid values of **Mode** are:'."\n" + ."\n" + .' - **0**: Alerting pattern.'."\n" + .' - **1**: Block Mode.'."\n" + ."\n" + .'- If **DefenseType** is set to **ac_cc** (HTTP flood protection), the valid values of **Mode** are:'."\n" + ."\n" + .' - **0**: Defense mode.'."\n" + .' - **1**: Defense-emergency pattern.'."\n" + ."\n" + .'- If **DefenseType** is set to **antifraud** (data risk control), the valid values of **Mode** are:'."\n" + ."\n" + .' - **0**: Alerting pattern.'."\n" + .' - **1**: Block Mode.'."\n" + .' - **2**: Strict Block Mode.'."\n" + ."\n" + .'- If **DefenseType** is set to **normalized** (proactive defense), the valid values of **Mode** are:'."\n" + ."\n" + .' - **0**: Alerting pattern.'."\n" + .' - **1**: Block Mode.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<ModifyProtectionModuleModeResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</ModifyProtectionModuleModeResponse>","errorExample":""}]', - 'title' => 'ModifyProtectionModuleMode', - 'requestParamsDescription' => ' ', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"DE14845A-F46F-59BE-B8F7-6ED7A787D213\\",\\n \\"Mode\\": 0\\n}","type":"json"}]', + 'title' => 'Query the current protection pattern of a domain name', + 'summary' => 'Retrieves the current protection pattern of a specified domain name, such as the RegEx protection engine, big data deep learning engine, HTTP flood protection, data risk control, and proactive defense.', + 'description' => 'Queries the current protection pattern used by a specified protection module (including the rule protection engine, deep learning engine, HTTP flood protection, data risk control, and proactive defense) in the website Protection Settings.'."\n" + ."\n" + .'You can specify the protection module to query by setting the **DefenseType** parameter. For more information about the valid values, see the description of the **DefenseType** request parameter.'."\n" + ."\n" + .'Before calling this operation, you must have called [CreateDomain](~~160780~~) to create a Website Config and add the website domain name to WAF for protection.'."\n" + ."\n" + .'To ensure system stability, the queries per second (QPS) is limited to 10 per user. If the limit is exceeded, API calls are throttled, which may affect your business. Call this operation appropriately.', + 'requestParamsDescription' => 'When you call this operation, you must include the common request parameters of Alibaba Cloud APIs in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeProtectionModuleRules' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleMode'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleMode', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeProtectionModuleRules' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['description' => 'The number of rules to return on each page in a paging query. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], ], [ 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The current page number in a paging query. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The domain name to query. Details:'."\n" + ."\n" + .'- When **DefenseType** is set to a value other than **ng_account** (querying website protection settings other than account security rules), this parameter is required.'."\n" + .' > You can invoke [DescribeDomainList](~~255880~~) to query all domain names that have been added to WAF for protection.'."\n" + ."\n" + .'- When **DefenseType** is set to **ng_account** (querying account security rule configurations), do not set this parameter. Otherwise, an error message is returned.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'ac_highfreq', - ], + 'schema' => ['description' => 'The type of protection feature configuration to query. Valid values:'."\n" + ."\n" + .'- **waf-codec**: rule protection DPI engine decoding settings.'."\n" + ."\n" + .'- **tamperproof**: web tamper-proofing rule configurations.'."\n" + ."\n" + .'- **dlp**: sensitive information leak prevention rule configurations.'."\n" + ."\n" + .'- **ng_account**: account security rule configurations.'."\n" + ."\n" + .'- **bot_crawler**: legitimate crawler rule configurations.'."\n" + ."\n" + .'- **bot_intelligence**: crawler threat intelligence rule configurations.'."\n" + ."\n" + .'- **antifraud**: data risk control protection request configurations.'."\n" + ."\n" + .'- **antifraud_js**: data risk control JS insertion page configurations.'."\n" + ."\n" + .'- **bot_algorithm**: intelligent algorithm rule configurations.'."\n" + ."\n" + .'- **bot_wxbb_pkg**: app protection version protection rules.'."\n" + ."\n" + .'- **bot_wxbb**: app protection path protection rules.'."\n" + ."\n" + .'- **ac_blacklist**: IP blacklist rule configurations.'."\n" + ."\n" + .'- **ac_highfreq**: automatic blocking rules for high-frequency web attack IP addresses.'."\n" + ."\n" + .'- **ac_dirscan**: folder scan protection rule configurations.'."\n" + ."\n" + .'- **ac_custom**: custom mitigation policy rule configurations.'."\n" + ."\n" + .'- **whitelist**: protection whitelist rule configurations.', 'type' => 'string', 'required' => true, 'example' => 'ac_highfreq', 'title' => ''], ], [ 'name' => 'Query', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'e2ZpbHRlcjp7InJ1bGVJZCI6NDI3NTV9LG9yZGVyQnk6ImdtdF9tb2RpZmllZCIsZGVzYzp0cnVlfQ==', - ], + 'schema' => ['description' => 'The filter and sorting settings for rules, expressed as a JSON format string. The following parameters are included:'."\n" + ."\n" + .'> This parameter must be in Base64-encoded format. Construct the JSON format string based on the following parameter description and then convert it to Base64 encoding.'."\n" + ."\n" + .'- **filter**: JSON format string | Optional | The filter condition. Described in JSON string format, which includes the following parameters:'."\n" + ."\n" + .' - **nameId**: String | Optional | Queries rules whose rule ID equals this parameter value or whose rule name contains this parameter value.'."\n" + ."\n" + .' - **scene**: String | Optional | The protection module to query. Valid values are the same as those of the **DefenseType** parameter.'."\n" + ."\n" + .' - **enabled**: Boolean | Optional | The rule status to query. Valid values:'."\n" + ."\n" + .' - **false**: Disabled.'."\n" + ."\n" + .' - **true**: Enabled.'."\n" + ."\n" + .' - **status**: Integer | Optional | The rule status to query. This parameter has the same meaning as the **enabled** parameter. Valid values:'."\n" + ."\n" + .' - **0**: Disabled.'."\n" + ."\n" + .' - **1**: Enabled.'."\n" + ."\n" + .' - **ruleId**: Integer | Optional | The rule ID to query.'."\n" + ."\n" + .' - **ruleIdList**: Array | Optional | The list of rule IDs to query. Separate multiple rule IDs with commas (,).'."\n" + ."\n" + .' - **sceneList**: Array | Optional | The list of protection modules to query. Valid values are the same as those of the **DefenseType** parameter. Separate multiple protection modules with commas (,).'."\n" + ."\n" + .' - **originList**: Array | Optional | The rule sources. Valid values: **system** (automatically generated by the system) and **custom** (custom-created). Separate multiple rule sources with commas (,).'."\n" + ."\n" + .' - **tag**: String | Optional | When the protection module is set to protection whitelist (**whitelist**), set this parameter to query protection whitelist rules that skip detection for a specified module. For the valid values and meanings of the **tag** parameter, refer to the description of the protection whitelist rule configuration in the response elements.'."\n" + ."\n" + .' - **origin**: String | Optional | When the protection module is set to protection whitelist (**whitelist**), set this parameter to query protection whitelist rules automatically added by the WAF intelligent rule hosting feature. The value is fixed as **ai**. If this parameter is not set, all protection whitelist rules are queried (including rules you manually added and rules automatically added by the intelligent rule hosting feature).'."\n" + ."\n" + .' - **category**: String | Optional | When the protection module is set to protection whitelist (**whitelist**), set this parameter to query a specified whitelist categorization. Valid values:'."\n" + ."\n" + .' - **waf**: website whitelist.'."\n" + ."\n" + .' - **ws**: Web Intrusion Prevention whitelist.'."\n" + ."\n" + .' - **ac**: Access Control/Rate Limiting whitelist.'."\n" + ."\n" + .' - **ds**: Data Security whitelist.'."\n" + ."\n" + .'- **orderBy**: String | Optional | The sorting field. Valid values:'."\n" + ."\n" + .' - **action**: the rule action. This value is valid only when querying custom mitigation policy rules.'."\n" + ."\n" + .' - **gmt_modified** (default): the last modification time.'."\n" + ."\n" + .' - **name**: the rule name.'."\n" + ."\n" + .' - **status**: the rule status.'."\n" + ."\n" + .'- **desc**: Boolean | Optional | Specifies whether to sort in descending order. Valid values:'."\n" + ."\n" + .' - **false**: Ascending order.'."\n" + ."\n" + .' - **true** (default): Descending order.', 'type' => 'string', 'required' => false, 'example' => 'e2ZpbHRlcjp7InJ1bGVJZCI6NDI3NTV9LG9yZGVyQnk6ImdtdF9tb2RpZmllZCIsZGVzYzp0cnVlfQ==', 'title' => ''], ], [ 'name' => 'Lang', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'zh', - ], + 'schema' => ['description' => 'The language of the rule name. Valid values:'."\n" + ."\n" + .'- **zh**: Chinese.'."\n" + .'- **en**: English.'."\n" + .'- **ja**: Japanese.', 'type' => 'string', 'required' => false, 'example' => 'zh', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2pz25js****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If this parameter is not set, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -3367,134 +3732,514 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'TotalCount' => ['description' => 'The total number of rule configurations returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], 'Rules' => [ - 'description' => '', + 'description' => 'The rule configuration information, including the rule ID, creation time, and status.', 'type' => 'array', 'items' => [ 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Time' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1570700044', - ], - 'Content' => [ - 'description' => '', - 'type' => 'object', - 'example' => '{"count":60,"interval":60,"ttl":300}', - ], - 'Version' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - ], - 'RuleId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '42755', - ], + 'Status' => ['description' => 'The rule status. Valid values:'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Time' => ['description' => 'The time when the rule was created. The value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1570700044', 'title' => ''], + 'Content' => ['description' => 'The rule configuration content, expressed as a string converted from a JSON object constructed with a series of parameters.'."\n" + ."\n" + .'> The specific parameters vary depending on the protection feature module configuration (**DefenseType**). For more information, refer to the **Content parameter description**.', 'type' => 'object', 'example' => '{"count":60,"interval":60,"ttl":300}', 'title' => ''], + 'Version' => ['description' => 'The version number of the current rule configuration.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], + 'RuleId' => ['description' => 'The rule ID.', 'type' => 'integer', 'format' => 'int64', 'example' => '42755', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Rules\\": [\\n {\\n \\"Status\\": 1,\\n \\"Time\\": 1570700044,\\n \\"Content\\": {\\n \\"count\\": 60,\\n \\"interval\\": 60,\\n \\"ttl\\": 300\\n },\\n \\"Version\\": 2,\\n \\"RuleId\\": 42755\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\n<DescribeProtectionModuleRulesResponse>\\n\\t<TotalCount>1</TotalCount>\\n\\t<Rules>\\n\\t\\t<Version>2</Version>\\n\\t\\t<Status>1</Status>\\n\\t\\t<Content>\\n\\t\\t\\t<count>60</count>\\n\\t\\t\\t<interval>60</interval>\\n\\t\\t\\t<ttl>300</ttl>\\n\\t\\t</Content>\\n\\t\\t<RuleId>42755</RuleId>\\n\\t\\t<Time>1570700044</Time>\\n\\t</Rules>\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</DescribeProtectionModuleRulesResponse>","errorExample":""}]', - 'title' => 'DescribeProtectionModuleRules', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Rules\\": [\\n {\\n \\"Status\\": 1,\\n \\"Time\\": 1570700044,\\n \\"Content\\": {\\n \\"count\\": 60,\\n \\"interval\\": 60,\\n \\"ttl\\": 300\\n },\\n \\"Version\\": 2,\\n \\"RuleId\\": 42755\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query WAF protection feature rule configuration records', + 'summary' => 'Queries the rule configuration records of WAF protection features, such as Web Intrusion Prevention, Data Security, Bot Management, Access Control or Rate Limiting, and Website Whitelist.', + 'description' => 'This operation queries the rule configuration records of specified WAF protection feature modules (including Web Intrusion Prevention, Data Security, Bot Management, Access Control or Rate Limiting, and Website Whitelist) with paging.'."\n" + .'You can specify the protection feature module by setting the **DefenseType** parameter. For the meanings of specific parameter values, refer to the description of the **DefenseType** request parameter.'."\n" + .'To ensure system stability, the queries per second (QPS) is limited to 50 per user. If the limit is exceeded, API calls are throttled, which may affect your business. Invoke this operation appropriately.', + 'requestParamsDescription' => 'When you call this operation, you must include common Alibaba Cloud API request parameters in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, refer to the request example in the **Examples** section.', + 'responseParamsDescription' => '**Content parameter description**.'."\n" + ."\n" + .' - The JSON string for rule protection engine decoding settings (**waf-codec**) contains the following parameters:'."\n" + ."\n" + .' - **codecList**: String | Required | The enabled decoding configuration items.'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "codecList":["url","base64"]'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for web tamper-proofing rule configurations (**tamperproof**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String | Required | The specific URL to protect.'."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **status**: Integer | Optional | The protection status of the rule:'."\n" + .' - **0** (default): Not in effect.'."\n" + .' - **1**: In effect.'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"example",'."\n" + .' "uri":"http://www.example.com/example",'."\n" + .' "status":1'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for sensitive information leak prevention rule configurations (**dlp**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **conditions**: Array | Required | The match conditions described in JSON string format. A maximum of two match conditions can be set, and the relationship between conditions is AND. The following parameters are included:'."\n" + ."\n" + .' - **key**: The match field.'."\n" + .' - **0**: the protected URL.'."\n" + .' - **10**: sensitive information.'."\n" + .' - **11**: the response code.'."\n" + .' - **operation**: The match logic. The value is fixed as **1**, which indicates Contains.'."\n" + .' - **value**: The match condition values described in JSON string format. Multiple condition values are supported. The following parameters are included:'."\n" + .' - **v**: Applicable only when the match field (**key**) is URL (**0**) or response code (**11**).'."\n" + .' - URL: When `"key":0`, the value is a URL address.'."\n" + .' - Response code: When `"key":11`, valid values include **400**, **401**, **402**, **403**, **404**, **405-499**, **500**, **501**, **502**, **503**, **504**, and **505-599**.'."\n" + .' - **k**: Applicable only when the match field (**key**) is sensitive information (**10**). Valid values:'."\n" + .' - **100**: ID card.'."\n" + .' - **101**: credit card.'."\n" + .' - **102**: phone number.'."\n" + .' - **103**: default sensitive words.'."\n" + .' - **action**: The match action.'."\n" + .' - **3**: Alert.'."\n" + .' - **10**: Sensitive information filtering. This action is applicable only to match conditions that contain sensitive information (`"key":10`).'."\n" + .' - **11**: Return the built-in block page. This action is applicable only to match conditions that contain response codes (`"key":11`).'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"example",'."\n" + .' "conditions":[{"key":11,"operation":1,"value":[{"v":401}]},{"key":"0","operation":1,"value":[{"v":"www.example.com"}]}],'."\n" + .' "action":3'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for account security rule configurations (**ng_account**) contains the following parameters:'."\n" + ."\n" + .' - **domain**: String | Required | The protected domain name.'."\n" + ."\n" + .' - **method**: String | Required | The request method to detect, including POST, GET, PUT, and DELETE. Multiple request methods are supported, separated by commas (,).'."\n" + ."\n" + .' - **url_path**: String | Required | The detection interface, expressed as a URL path that must start with a forward slash (/).'."\n" + ."\n" + .' - **account_left**: String | Required | The account parameter name.'."\n" + ."\n" + .' - **password_left**: String | Optional | The password parameter name.'."\n" + ."\n" + .' - **action**: String | Required | The protection action. Valid values:'."\n" + .' - **monitor**: Alert.'."\n" + .' - **block**: Block.'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "domain":"www.example.com",'."\n" + .' "method":"GET,POST",'."\n" + .' "url_path":"/example",'."\n" + .' "account_left":"aaa",'."\n" + .' "action":"monitor"'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for legitimate crawler rule configurations (**bot_crawler**) contains the following parameters:'."\n" + ."\n" + .' - **Status**: Integer | Required | Specifies whether to enable the rule. Valid values:'."\n" + .' - 0: Disabled.'."\n" + .' - 1: Enabled.'."\n" + .' - **Version**: Integer | Required | The rule version number.'."\n" + .' - **Content**: String | Required | The rule details described in JSON string format, which includes the following parameters:'."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **conditions**: Array | Optional | The protection path conditions. In legitimate crawler rule configurations, this value is fixed as empty, indicating all paths.'."\n" + .' - **expressions**: Array | Required | The rule conditional expressions that represent all rule condition information in a more readable format.'."\n" + .' - **bypassTags**: String | Required | The modules to skip detection. In legitimate crawler rule configurations, this value is fixed as **antibot**, indicating the Bot Management module.'."\n" + .' - **tags**: Array | Required | The protection feature module to which the rule belongs. In legitimate crawler rule configurations, this value is fixed as `["antibot"]`, indicating the Bot Management module.'."\n" + .' - **RuleId**: Integer | Required | The rule ID.'."\n" + .' - **Time**: String | Required | The last modification time of the rule, expressed as a UNIX timestamp in seconds.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "Status":0,'."\n" + .' "Version":1,'."\n" + .' "Content":{'."\n" + .' "name":"百度蜘蛛白名单",'."\n" + .' "conditions":[],'."\n" + .' "expressions":["remote_addr inl \'ioc.210d077a-cf34-49ad-a9b3-0aa48095c595\' && uri =^ \'/\'"],'."\n" + .' "bypassTags":"antibot",'."\n" + .' "tags":["antibot"]'."\n" + .' },'."\n" + .' "RuleId":20384,'."\n" + .' "Time":1585818161'."\n" + .' }'."\n" + .' ```'."\n" + .'- The JSON string for crawler threat intelligence rule configurations (**bot_intelligence**) contains the following parameters:'."\n" + ."\n" + .' - **Status**: Integer | Required | Specifies whether to enable the rule. Valid values:'."\n" + .' - 0: Disabled.'."\n" + .' - 1: Enabled.'."\n" + .' - **Version**: Integer | Required | The rule version number.'."\n" + .' - **Content**: String | Required | The rule details described in JSON string format, which includes the following parameters:'."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **action**: String | Required | The action. Valid values:'."\n" + .' - **monitor**: Monitor.'."\n" + .' - **captcha**: Slider CAPTCHA.'."\n" + .' - **captcha_strict**: Strict slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: Block.'."\n" + .' - **urlList**: Array | Required | The protection paths. A maximum of ten protection paths can be specified. Described in JSON string format, which includes the following parameters:'."\n" + .' - **mode**: String | Required | The match method, used together with the path keyword (**url**) parameter to specify the protection path. Valid values: **eq** (exact match), **prefix-match** (prefix match), and **regex** (regex match).'."\n" + .' - **url**: String | Required | The path keyword, which must start with a forward slash (/).'."\n" + .' - **keyType**: String | Required | The intelligence library type, which includes IP library (**ip**) and fingerprint library (**ua**).'."\n" + .' - **RuleId**: Integer | Required | The rule ID.'."\n" + .' - **Time**: String | Required | The last modification time of the rule, expressed as a UNIX timestamp in seconds.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "Status":1,'."\n" + .' "Version":1,'."\n" + .' "Content":{'."\n" + .' "name":"IDC IP库-腾讯云",'."\n" + .' "action":"captcha_strict",'."\n" + .' "urlList":[{"mode":"prefix-match","url":"/indexa"}, {"mode":"regex","url":"/"},{"mode":"eq","url":"/"}],'."\n" + .' "keyType":"ip"'."\n" + .' },'."\n" + .' "RuleId":922777,'."\n" + .' "Time":1585907112'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for data risk control protection request rule configurations (**antifraud**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String | Required | The specific protection request URL.'."\n" + .' '."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "uri": "http://1.example.com/example"'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for data risk control JS insertion page configurations (**antifraud_js**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String | Required | The URL of the page where the data risk control JS is to be inserted. The system inserts the data risk control JS into all pages under the specified URL path.'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "uri": "/example/example"'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for intelligent algorithm rule configurations (**bot_algorithm**) contains the following parameters:'."\n" + ."\n" + .' - **Status**: Integer | Required | Specifies whether to enable the rule. Valid values:'."\n" + .' - 0: Disabled.'."\n" + .' - 1: Enabled.'."\n" + .' - **Version**: Integer | Required | The rule version number.'."\n" + .' - **Content**: String | Required | The rule details described in JSON string format, which includes the following parameters:'."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **timeInterval**: Integer | Required | The detection period. Valid values: 30, 60, 120, 300, and 600. Unit: seconds.'."\n" + .' - **action**: String | Required | The action. Valid values:'."\n" + .' - **monitor**: Monitor.'."\n" + .' - **captcha**: Slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: Block. When Block is selected as the action, the block duration (**blocktime**) parameter must be set.'."\n" + .' - **blocktime**: Integer | Optional | The block duration. Unit: minutes. Valid values: 1 to 600.'."\n" + .' - **algorithmName**: String | Required | The algorithm name. Valid values:'."\n" + .' - **RR**: dedicated resource crawler identification algorithm.'."\n" + .' - **PR**: targeted path crawler identification algorithm.'."\n" + .' - **DPR**: parameter polling crawler identification algorithm.'."\n" + .' - **SR**: dynamic IP crawler identification algorithm.'."\n" + .' - **IND**: proxy device crawler identification algorithm.'."\n" + .' - **Periodicity**: periodicity crawler identification algorithm.'."\n" + .' - **config**: String | Required | The algorithm configuration information in JSON string format. The specific sub-parameters in the algorithm configuration depend on the selected algorithm name (**algorithmName**).'."\n" + .' - The configuration for the dedicated resource crawler identification algorithm (**RR**) includes the following sub-parameters:'."\n" + .' - **resourceType**: Integer | Optional | The requested resource type. Valid values:'."\n" + .' - **1**: dynamic resource type.'."\n" + .' - **2**: static resource type.'."\n" + .' - **-1**: custom resource type. When custom resource type is selected, set the **extensions** parameter to specify the resource suffixes in string format, separated by commas (,). For example, `css,jpg,xls`.'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The range of IP addresses to detect during the detection period. Only IP addresses with a URI of the requests greater than or equal to this value are detected. Specify the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float | Required | The risk determination condition, which is the threshold for the proportion of access requests to the specified resource type among all IP access requests. An IP address is determined as risky if the proportion exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration for the targeted path crawler identification algorithm (**PR**) includes the following sub-parameters:'."\n" + .' - **keyPathConfiguration**: Array | Optional | The request path information. A maximum of 10 paths can be specified. This sub-parameter is required only when the targeted path crawler identification algorithm is used. Described in JSON string format, which includes the following parameters:'."\n" + .' - **method**: String | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **url**: String | Required | The request path keyword, which must start with a forward slash (/).'."\n" + .' - **matchType**: String | Required | The match method, used together with the request path keyword (**url**) parameter to specify the request path. Valid values: **all** (exact match), **prefix** (prefix match), and **regex** (regex match).'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The range of IP addresses to detect during the detection period. Only IP addresses with a URI of the requests greater than or equal to this value are detected. Specify the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float | Required | The risk determination condition, which is the threshold for the proportion of access requests to the specified paths among all IP access requests (for the targeted path crawler identification algorithm). An IP address is determined as risky if the proportion exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration for the parameter polling crawler identification algorithm (**DPR**) includes the following sub-parameters:'."\n" + .' - **method**: String | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **urlPattern**: String | Required | The key parameter path, which must start with a forward slash (/). Use {} to represent key parameters. When multiple {} are configured, these parameters are concatenated as the key parameter. For example, `/company/{}/{}/{}/user.php?uid={}`.'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The range of IP addresses to detect during the detection period. Only IP addresses with a URI of the requests greater than or equal to this value are detected. Specify the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float | Required | The risk determination condition, which is the threshold for the proportion of distinct key parameter values among all IP access requests. An IP address is determined as risky if the proportion exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration for the dynamic IP crawler identification algorithm (**SR**) includes the following sub-parameters:'."\n" + .' - **maxRequestCountPerSrSession**: Integer | Required | The minimum number of requests per session used to define an abnormal session. A session is determined as abnormal if the number of requests in a single session is less than this value. Valid values: 1 to 8.'."\n" + .' - **minSrSessionCountPerIp**: Integer | Required | The risk determination condition, which is the threshold for the number of abnormal sessions among IP access requests. An IP address is determined as risky if the number of abnormal sessions in a single IP access request exceeds this value. Valid values: 5 to 300.'."\n" + .' - The configuration for the proxy device crawler identification algorithm (**IND**) includes the following sub-parameters:'."\n" + .' - **minIpCount**: Integer | Required | The malicious device determination condition, which is the threshold for the number of IP address changes associated with the device via WIFI. A device is determined as risky if the number exceeds this threshold. Valid values: 5 to 500.'."\n" + .' - **keyPathConfiguration**: Array | Optional | The detection path information. A maximum of 10 paths can be specified. Described in JSON string format, which includes the following parameters:'."\n" + .' - **method**: String | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **url**: String | Required | The detection path keyword, which must start with a forward slash (/).'."\n" + .' - **matchType**: String | Required | The match method, used together with the detection path keyword (**url**) parameter to specify the request path. Valid values: **all** (exact match), **prefix** (prefix match), and **regex** (regex match).'."\n" + .' - The configuration for the periodicity crawler identification algorithm (**Periodicity**) includes the following sub-parameters:'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The range of IP addresses to detect during the detection period. Only IP addresses with a URI of the requests greater than or equal to this value are detected. Specify the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **level**: Integer | Required | The risk determination level, which indicates the degree of periodicity in the access IP pattern. Valid values:'."\n" + .' - **0**: Obvious.'."\n" + .' - **1**: Moderate.'."\n" + .' - **2**: Weak.'."\n" + .' - **RuleId**: Integer | Required | The rule ID.'."\n" + .' - **Time**: String | Required | The last modification time of the rule, expressed as a UNIX timestamp in seconds.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "Status":1,'."\n" + .' "Version":1,'."\n" + .' "Content":{'."\n" + .' "name":"动态IP",'."\n" + .' "timeInterval":60,'."\n" + .' "action":"warn",'."\n" + .' "algorithmName":"IND",'."\n" + .' "config":{"minIpCount":5,"keyPathConfiguration":[{"method":"GET","matchType":"prefix","url":"/index"}]}'."\n" + .' },'."\n" + .' "RuleId":940180,'."\n" + .' "Time":1585832957'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for app protection version protection rule configurations (**bot_wxbb_pkg**) contains the following parameters:'."\n" + ."\n" + .' - **Version**: Integer | Required | The rule version number.'."\n" + .' - **Content**: String | Required | The rule details described in JSON string format, which includes the following parameters:'."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **action**: String | Required | The action. Valid values:'."\n" + .' - **test**: Monitor.'."\n" + .' - **close**: Block.'."\n" + .' - **nameList**: Array | Required | The legitimate version information. A maximum of five rules can be specified. Described in JSON string format, which includes the following parameters:'."\n" + .' - **name**: String | Required | The legitimate package name.'."\n" + .' - **signList**: Array | Required | The corresponding package signatures. A maximum of 15 signatures are supported, separated by commas (,).'."\n" + .' - **RuleId**: Integer | Required | The rule ID.'."\n" + .' - **Time**: String | Required | The last modification time of the rule, expressed as a UNIX timestamp in seconds.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "Version":0,'."\n" + .' "Content":{'."\n" + .' "nameList":[{"signList":["xxxxxx","xxxxx","xxxx","xx"],"name":"apk-xxxx"}],'."\n" + .' "name":"test",'."\n" + .' "action":"close"'."\n" + .' },'."\n" + .' "RuleId":271,'."\n" + .' "Time":1585836143'."\n" + .' }'."\n" + .' ```'."\n" + .'- The JSON string for app protection path protection rule configurations (**bot_wxbb**) contains the following parameters:'."\n" + ."\n" + .' - **Version**: Integer | Required | The rule version number.'."\n" + .' - **Content**: String | Required | The rule details described in JSON string format, which includes the following parameters:'."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **uri**: String | Required | The protection path, which must start with a forward slash (/).'."\n" + .' - **matchType**: String | Required | The match method. Valid values: **all** (exact match), **prefix** (prefix match), and **regex** (regex match).'."\n" + .' - **arg**: String | Required | The parameter inclusion, used together with the match method (**matchType**) parameter to specify the protection path configuration.'."\n" + .' - **action**: String | Required | The action. Valid values:'."\n" + .' - **test**: Monitor.'."\n" + .' - **close**: Block.'."\n" + .' - **wxbbVmpFieldType**: Integer | Optional | The custom signing field type. This parameter is not returned if no custom signing field is set in the rule. Valid values:'."\n" + .' - **0**: header.'."\n" + .' - **1**: parameter.'."\n" + .' - **2**: cookie.'."\n" + .' - **wxbbVmpFieldValue**: String | Optional | The custom signing field value. This parameter is not returned if no custom signing field is set in the rule.'."\n" + .' - **blockInvalidSign**: Boolean | Required | Specifies whether to perform the action on invalid signatures.'."\n" + .' - **blockProxy**: Boolean | Required | Specifies whether to perform the action on proxies.'."\n" + .' - **blockSimulator**: Boolean | Required | Specifies whether to perform the action on simulators.'."\n" + .' - **RuleId**: Integer | Required | The rule ID.'."\n" + .' - **Time**: String | Required | The last modification time of the rule, expressed as a UNIX timestamp in seconds.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "Version":6,'."\n" + .' "Content":{'."\n" + .' "blockInvalidSign":true,'."\n" + .' "wxbbVmpFieldValue":"test",'."\n" + .' "blockSimulator":true,'."\n" + .' "matchType":"all",'."\n" + .' "arg":"test",'."\n" + .' "name":"test",'."\n" + .' "action":"close",'."\n" + .' "blockProxy":true,'."\n" + .' "uri":"/index",'."\n" + .' "wxbbVmpFieldType":1'."\n" + .' },'."\n" + .' "RuleId":2585,'."\n" + .' "Time":1586241849'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for IP blacklist rule configurations (**ac_blacklist**) contains the following parameters:'."\n" + ."\n" + .' - **empty**: Boolean | Required | Indicates whether the blacklist is empty.'."\n" + .' - **remoteAddr**: Array | Required | The IP addresses in the blacklist.'."\n" + .' - **area**: String | Required | The Location Blacklist rule expressed as a JSON format string, which includes country codes (countryCodes), region codes (regionCodes), and whether to allow access (not) as specific parameters. Because the API operation returns blocked countries and regions in encoding format, view the specific blocked countries and regions in the console.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "empty":false,'."\n" + .' "remoteAddr":["1.XX.XX.1","12.XX.XX.2"]'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for automatic blocking rules for high-frequency web attack IP addresses (**ac_highfreq**) contains the following parameters:'."\n" + ."\n" + .' - **interval**: Integer | Required | The detection time range. Unit: seconds. Valid values: 5 to 1800.'."\n" + .' - **ttl**: Integer | Required | The IP blocking duration. Unit: seconds. Valid values: 60 to 86400.'."\n" + .' - **count**: Integer | Required | The web attack count threshold. Blocking is triggered when the number of attacks within the detection time range exceeds this value. Valid values: 2 to 50000.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "interval":60,'."\n" + .' "ttl":300,'."\n" + .' "count":60'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for directory scan protection rule configurations (**ac_dirscan**) contains the following parameters:'."\n" + ."\n" + .' - **interval**: Integer | Required | The detection time range. Unit: seconds. Valid values: 5 to 1800.'."\n" + .' - **ttl**: Integer | Required | The IP blocking duration. Unit: seconds.'."\n" + .' - **count**: Integer | Required | The access count threshold. Valid values: 2 to 50000.'."\n" + .' - **weight**: Float | Required | The 404 response code ratio threshold (percentage). Valid values: `(0,1]`.'."\n" + .' - **uriNum**: Integer | Required | The scanned directory count threshold. Valid values: 2 to 50000.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "interval":10,'."\n" + .' "ttl":1800,'."\n" + .' "count":50,'."\n" + .' "weight":0.7,'."\n" + .' "u.', 'extraInfo' => ' ', - ], - 'CreateProtectionModuleRule' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleRules'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleRules', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeProtectionModuleStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The domain name of the website to query.'."\n" + ."\n" + .'> You can call [DescribeDomainList](~~255880~~) to query all domain names that are added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'ac_custom', - ], - ], - [ - 'name' => 'Rule', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => ' {"action":"monitor","name":"test","scene":"custom_acl","conditions":[{"opCode":1,"key":"URL","values":"/example"}]}', - ], + 'schema' => ['description' => 'The WAF security protection feature module to query. Valid values:'."\n" + ."\n" + .'- **waf**: rule-based protection engine.'."\n" + .'- **dld**: deep learning engine.'."\n" + .'- **tamperproof**: web tamper-proofing.'."\n" + .'- **dlp**: sensitive information leak prevention.'."\n" + .'- **normalized**: proactive defense.'."\n" + .'- **bot_crawler**: legitimate crawlers.'."\n" + .'- **bot_intelligence**: crawler threat intelligence.'."\n" + .'- **antifraud**: data risk control.'."\n" + .'- **bot_algorithm**: intelligent algorithm.'."\n" + .'- **bot_wxbb**: app protection.'."\n" + .'- **bot_wxbb_pkg**: version protection in app protection.'."\n" + .'- **ac_cc**: HTTP flood protection.'."\n" + .'- **ac_blacklist**: IP blacklist.'."\n" + .'- **ac_highfreq**: blocking of high-frequency web attacks in scan protection.'."\n" + .'- **ac_dirscan**: directory traversal protection in scan protection.'."\n" + .'- **ac_scantools**: scan tool blocking in scan protection.'."\n" + .'- **ac_collaborative**: collaborative defense in scan protection.'."\n" + .'- **ac_custom**: custom protection policy.'."\n" + ."\n" + .'> Only one feature module can be set at a time.', 'type' => 'string', 'required' => true, 'example' => 'waf', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance to query.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2hw7****ftqi', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -3502,113 +4247,143 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'ModuleStatus' => ['description' => 'The enablement status of the protection feature module. Valid values:'."\n" + ."\n" + .'- **0**: The feature module is disabled.'."\n" + .'- **1**: The feature module is enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateProtectionModuleRuleResponse>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</CreateProtectionModuleRuleResponse>","errorExample":""}]', - 'title' => 'CreateProtectionModuleRule', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"ModuleStatus\\": 1,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + 'title' => 'Query the status of WAF protection features', + 'summary' => 'Queries the status of WAF protection features, including Web Intrusion Prevention, Data Security, Advanced Protection, Bot Management, Access Control, and Rate Limiting modules.', + 'description' => 'Queries the enablement status of a specified WAF protection feature module. You can set the **DefenseType** parameter to specify the protection feature module to query. For more information about the valid values, see the description of the **DefenseType** request parameter. To ensure system stability, the queries per second (QPS) for each user is limited to 50. If the limit is exceeded, API calls are throttled, which may affect your business. Call this operation appropriately.', + 'requestParamsDescription' => 'When you call this operation, you must include common Alibaba Cloud API request parameters in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request example in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'ModifyProtectionModuleRule' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeRuleGroups' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [], + 'systemTags' => [ + 'operationType' => 'get', + 'abilityTreeCode' => '93352', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], + ], 'parameters' => [ [ - 'name' => 'Domain', + 'name' => 'SourceIp', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The source IP address of the request. You do not need to specify this parameter. The system automatically obtains the value.', 'type' => 'string', 'required' => false, 'example' => '60.208.*.*', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'Lang', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'ac_custom', - ], + 'schema' => ['description' => 'The language of the response. Valid values:'."\n" + ."\n" + .'- **zh** (default): Chinese'."\n" + .'- **en**: English.', 'type' => 'string', 'required' => false, 'example' => 'zh', 'title' => ''], ], [ - 'name' => 'Rule', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => ' {"action":"monitor","name":"test","scene":"custom_acl","conditions":[{"opCode":1,"key":"URL","values":"/example"}]}', - ], + 'schema' => ['description' => 'The number of entries per page in a paginated query. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'CurrentPage', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '369998', - ], + 'schema' => ['description' => 'The page number of the current page in a paginated query. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'LockVersion', + 'name' => 'WafLang', + 'in' => 'query', + 'schema' => ['description' => 'The language of the response. Valid values:'."\n" + ."\n" + .'- **ZH** (default): Chinese'."\n" + .'- **EN**: English.', 'type' => 'string', 'required' => false, 'example' => 'ZH', 'title' => ''], + ], + [ + 'name' => 'Type', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The type of the rule group. Valid values:'."\n" + .'- Empty (default)'."\n" + .'- **10**: system rule group'."\n" + .'- **1**: custom rule group.', 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '2', + 'format' => 'int32', + 'required' => false, + 'enum' => ['1', '10'], + 'example' => '10', + 'title' => '', ], ], [ + 'name' => 'PolicyId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the rule group. Only a single value is supported.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1011', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], + ], + [ + 'name' => 'Region', + 'in' => 'query', + 'schema' => ['description' => 'The region ID. Valid values: '."\n" + .'- **cn**: Chinese mainland (default)'."\n" + .'- **cn-hongkong**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'default' => 'cn', 'example' => 'cn', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2**', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -3616,119 +4391,208 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '02E9A4B8-90FB-5F41-A049-*', 'title' => ''], + 'TaskStatus' => ['description' => 'The execution status of the current request. Valid values: '."\n" + .'- **0**: pending execution. '."\n" + .'- **1**: in progress. '."\n" + .'- **2**: completed.', 'type' => 'integer', 'format' => 'int32', 'example' => '2', 'title' => ''], + 'Total' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'WafTaskId' => ['description' => 'The WAF request ID.', 'type' => 'string', 'example' => '123', 'title' => ''], + 'RuleGroups' => [ + 'description' => 'The list of rule groups.', + 'type' => 'array', + 'items' => [ + 'description' => 'The list of rule groups.', + 'type' => 'object', + 'properties' => [ + 'Type' => ['description' => 'The type of the rule group. Valid values:'."\n" + .'- **10**: system rule group'."\n" + .'- **1**: custom rule group.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'RuleCnt' => ['description' => 'The number of rules in the current rule group.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'RuleGroupUpdateTime' => ['description' => 'The time when the rule group was last updated, in seconds (UNIX timestamp).', 'type' => 'integer', 'format' => 'int64', 'example' => '1711445265', 'title' => ''], + 'PolicyId' => ['description' => 'The ID of the rule group.', 'type' => 'integer', 'format' => 'int64', 'example' => '116562', 'title' => ''], + 'Name' => ['description' => 'The name of the rule group.', 'type' => 'string', 'example' => 'rule_group_test', 'title' => ''], + 'TemplatePolicyId' => ['description' => 'The template ID of the rule group.', 'type' => 'integer', 'format' => 'int64', 'example' => '1102', 'title' => ''], + 'RuleGroupTemplateName' => ['description' => 'The name of the rule group template.', 'type' => 'string', 'example' => 'rule_group_test', 'title' => ''], + 'Desc' => ['description' => 'The description of the rule group.', 'type' => 'string', 'example' => 'desc', 'title' => ''], + 'WafVersion' => ['description' => 'The version number of the current configuration, which is used for optimistic locking control.', 'type' => 'integer', 'format' => 'int64', 'example' => '11', 'title' => ''], + 'DomainList' => [ + 'description' => 'The list of domain names that reference the current rule group.', + 'type' => 'array', + 'items' => ['description' => 'The domain name that references the current rule group.', 'type' => 'string', 'example' => 'test.aliyundome.com', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<ModifyProtectionModuleRuleResponse>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</ModifyProtectionModuleRuleResponse>","errorExample":""}]', - 'title' => 'ModifyProtectionModuleRule', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'ModifyProtectionRuleStatus' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"02E9A4B8-90FB-5F41-A049-*\\",\\n \\"TaskStatus\\": 2,\\n \\"Total\\": 1,\\n \\"WafTaskId\\": \\"123\\",\\n \\"RuleGroups\\": [\\n {\\n \\"Type\\": 1,\\n \\"RuleCnt\\": 1,\\n \\"RuleGroupUpdateTime\\": 1711445265,\\n \\"PolicyId\\": 116562,\\n \\"Name\\": \\"rule_group_test\\",\\n \\"TemplatePolicyId\\": 1102,\\n \\"RuleGroupTemplateName\\": \\"rule_group_test\\",\\n \\"Desc\\": \\"desc\\",\\n \\"WafVersion\\": 11,\\n \\"DomainList\\": [\\n \\"test.aliyundome.com\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query regex rule groups by page', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleGroups'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleGroups', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'summary' => '', + ], + 'DescribeRules' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'systemTags' => [ - 'operationType' => 'update', - 'abilityTreeCode' => '93408', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'operationType' => 'get', + 'abilityTreeCode' => '93355', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ - 'name' => 'Domain', + 'name' => 'SourceIp', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The source IP address of the request. You do not need to specify this parameter. The system automatically obtains the value.', 'type' => 'string', 'required' => false, 'example' => '42.84.*.*', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'tamperproof', - ], + 'schema' => ['description' => 'The number of entries per page when paging. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '42755', - ], + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'RuleStatus', + 'name' => 'RuleIdKey', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the rule. Fuzzy match is supported.', 'type' => 'string', 'required' => false, 'example' => ' 1131*0', 'title' => ''], ], [ - 'name' => 'LockVersion', + 'name' => 'CveIdKey', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '2', - ], + 'schema' => ['description' => 'The CVE ID.', 'type' => 'string', 'required' => false, 'example' => 'CVE-*-*5', 'title' => ''], + ], + [ + 'name' => 'ProtectionType', + 'in' => 'query', + 'schema' => ['description' => 'The protection type. Valid values:'."\n" + .'- **11**: SQL injection '."\n" + .'- **12**: cross-site scripting (XSS) '."\n" + .'- **13**: code execution '."\n" + .'- **14**: CRLF '."\n" + .'- **15**: local file inclusion (LFI) '."\n" + .'- **16**: remote file inclusion (RFI)'."\n" + .'- **17**: webshell '."\n" + .'- **19**: cross-site request forgery '."\n" + .'- **20**: others '."\n" + .'- **21**: SEMA.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '11', 'title' => ''], + ], + [ + 'name' => 'ApplicationType', + 'in' => 'query', + 'schema' => ['description' => 'The application type. Valid values:'."\n" + .'- **0**: general'."\n" + .'- **1**: wordpress'."\n" + .'- **2**: dedecms'."\n" + .'- **3**: Discuz'."\n" + .'- **4**: phpcms'."\n" + .'- **5**: ecshop'."\n" + .'- **6**: shopex'."\n" + .'- **7**: Drupal'."\n" + .'- **8**: joomla'."\n" + .'- **9**: Metinfo'."\n" + .'- **10**: Struts2'."\n" + .'- **11**: SpringBoot'."\n" + .'- **12**: Jboss'."\n" + .'- **13**: weblogic'."\n" + .'- **14**: websphere'."\n" + .'- **15**: tomcat'."\n" + .'- **16**: es'."\n" + .'- **17**: ThinkPHP'."\n" + .'- **18**: fastjosn'."\n" + .'- **19**: ImageMagick'."\n" + .'- **20**: PHPWind'."\n" + .'- **21**: PHPAdmin'."\n" + .'- **99**: others.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], + ], + [ + 'name' => 'RiskLevel', + 'in' => 'query', + 'schema' => ['description' => 'The risk level of the check item to query. Valid values:'."\n" + ."\n" + .'- **0**: high'."\n" + .'- **1**: medium'."\n" + .'- **2**: low.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], + ], + [ + 'name' => 'RuleGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the regular expression rule group.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1012', 'title' => ''], + ], + [ + 'name' => 'Lang', + 'in' => 'query', + 'schema' => ['description' => 'The language of the rule name. Valid values:'."\n" + ."\n" + .'- **zh**: Chinese.'."\n" + .'- **en**: English.', 'type' => 'string', 'required' => false, 'example' => 'zh', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-*', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The region ID. Valid values: '."\n" + .'- **cn**: the Chinese mainland (default)'."\n" + .'- **cn-hongkong**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'default' => 'cn', 'example' => 'cn', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-*', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -3736,73 +4600,140 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', + 'RuleGroupTemplateId' => ['description' => 'The ID of the regular expression rule group.', 'type' => 'string', 'example' => '1012', 'title' => ''], + 'RuleGroupName' => ['description' => 'The name of the regular expression rule group.', 'type' => 'string', 'example' => 'test111', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-*', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of rules returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'RuleGroupTemplateName' => ['description' => 'The name of the rule group.', 'type' => 'string', 'example' => 'rule_group_test', 'title' => ''], + 'IsSubscribe' => ['description' => 'The automatic update status of the rule group.'."\n" + ."\n" + .'- 1: Automatic update is enabled.'."\n" + ."\n" + .'- 2: Automatic update is disabled.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Rules' => [ + 'description' => 'The list of rules.', + 'type' => 'array', + 'items' => [ + 'description' => 'The list of rules.', + 'type' => 'object', + 'properties' => [ + 'RiskLevel' => ['description' => 'The risk level of the rule. Valid values:'."\n" + ."\n" + .'- **0**: High.'."\n" + .'- **1**: Medium.'."\n" + .'- **2**: Low.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'UpdateTime' => ['description' => 'The time when the rule was last updated.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684120148.0', 'title' => ''], + 'Description' => ['description' => 'The description of the rule.', 'type' => 'string', 'example' => '默认', 'title' => ''], + 'CveUrl' => ['description' => 'The CVE URL.', 'type' => 'string', 'example' => 'https://avd.aliyun.com/', 'title' => ''], + 'ApplicationType' => ['description' => 'The application type. Valid values:'."\n" + .'- **0**: general'."\n" + .'- **1**: wordpress'."\n" + .'- **2**: dedecms'."\n" + .'- **3**: Discuz'."\n" + .'- **4**: phpcms'."\n" + .'- **5**: ecshop'."\n" + .'- **6**: shopex'."\n" + .'- **7**: Drupal'."\n" + .'- **8**: joomla'."\n" + .'- **9**: Metinfo'."\n" + .'- **10**: Struts2'."\n" + .'- **11**: SpringBoot'."\n" + .'- **12**: Jboss'."\n" + .'- **13**: weblogic'."\n" + .'- **14**: websphere'."\n" + .'- **15**: tomcat'."\n" + .'- **16**: es'."\n" + .'- **17**: ThinkPHP'."\n" + .'- **18**: fastjosn'."\n" + .'- **19**: ImageMagick'."\n" + .'- **20**: PHPWind'."\n" + .'- **21**: PHPAdmin'."\n" + .'- **99**: others.', 'type' => 'integer', 'format' => 'int32', 'example' => '15', 'title' => ''], + 'CveId' => ['description' => 'CVE ID。', 'type' => 'string', 'example' => 'CVE-2021-*', 'title' => ''], + 'ProtectionType' => ['description' => 'The protection type. Valid values:'."\n" + .'- **11**: SQL injection '."\n" + .'- **12**: cross-site scripting (XSS) '."\n" + .'- **13**: code execution '."\n" + .'- **14**: CRLF '."\n" + .'- **15**: local file inclusion (LFI) '."\n" + .'- **16**: remote file inclusion (RFI)'."\n" + .'- **17**: webshell '."\n" + .'- **19**: cross-site request forgery '."\n" + .'- **20**: others '."\n" + .'- **21**: SEMA.', 'type' => 'integer', 'format' => 'int32', 'example' => '11', 'title' => ''], + 'RuleName' => ['description' => 'The name of the rule.', 'type' => 'string', 'example' => 'rules_41', 'title' => ''], + 'RuleId' => ['description' => 'The ID of the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '42755', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<ModifyProtectionRuleStatusResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</ModifyProtectionRuleStatusResponse>","errorExample":""}]', - 'title' => 'ModifyProtectionRuleStatus', - 'requestParamsDescription' => ' ', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'DescribeDomainRuleGroup' => [ - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RuleGroupTemplateId\\": \\"1012\\",\\n \\"RuleGroupName\\": \\"test111\\",\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*\\",\\n \\"TotalCount\\": 1,\\n \\"RuleGroupTemplateName\\": \\"rule_group_test\\",\\n \\"IsSubscribe\\": 1,\\n \\"Rules\\": [\\n {\\n \\"RiskLevel\\": 0,\\n \\"UpdateTime\\": 1684120148,\\n \\"Description\\": \\"默认\\",\\n \\"CveUrl\\": \\"https://avd.aliyun.com/\\",\\n \\"ApplicationType\\": 15,\\n \\"CveId\\": \\"CVE-2021-*\\",\\n \\"ProtectionType\\": 11,\\n \\"RuleName\\": \\"rules_41\\",\\n \\"RuleId\\": 42755\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'List rules in a regular expression rule group by page', + 'changeSet' => [ + ['createdAt' => '2024-05-27T10:59:51.000Z', 'description' => 'Request parameters changed, Error codes changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRules'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRules', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'summary' => '', + ], + 'DescribeWafSourceIpSegment' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => ['operationType' => 'get'], 'parameters' => [ [ - 'name' => 'Domain', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.aliyundoc.com', - ], - ], - [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The ID of the WAF instance to query.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -3810,41 +4741,49 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RuleGroupId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1012', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'WafAiStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'AB2F5E31-EE96-4FD7-9560-45FF****77FF', 'title' => ''], + 'Ips' => ['description' => 'The list of back-to-origin IP addresses and CIDR blocks used by the IPv4 WAF protection cluster.', 'type' => 'string', 'example' => '47.XXX.XXX.192/26,……,47.XXX.XXX.0/24', 'title' => ''], + 'IpV6s' => ['description' => 'The list of back-to-origin IP addresses and CIDR blocks used by the IPv6 WAF protection cluster.', 'type' => 'string', 'example' => '39.XXX.XXX.0/24,……,2408:400a:XXXX:XXXX::/56', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RuleGroupId\\": 1012,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"WafAiStatus\\": 1\\n}","errorExample":""},{"type":"xml","example":"<DescribeDomainRuleGroupResponse>\\n <RuleGroupId>1012</RuleGroupId>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n <WafAiStatus>1</WafAiStatus>\\n</DescribeDomainRuleGroupResponse>","errorExample":""}]', - 'title' => 'DescribeDomainRuleGroup', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"AB2F5E31-EE96-4FD7-9560-45FF****77FF\\",\\n \\"Ips\\": \\"47.XXX.XXX.192/26,……,47.XXX.XXX.0/24\\",\\n \\"IpV6s\\": \\"39.XXX.XXX.0/24,……,2408:400a:XXXX:XXXX::/56\\"\\n}","type":"json"}]', + 'title' => 'Query back-to-origin CIDR blocks of a WAF instance', + 'summary' => 'Queries the back-to-origin IP addresses and CIDR blocks used by WAF protection clusters.', + 'requestParamsDescription' => 'When you call this operation, you must include common Alibaba Cloud API request parameters in addition to the operation-specific request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request example in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'SetDomainRuleGroup' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2022-09-08T14:06:07.000Z', 'description' => 'Error codes changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeWafSourceIpSegment'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeWafSourceIpSegment', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyDomain' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -3854,265 +4793,256 @@ 'systemTags' => [], 'parameters' => [ [ - 'name' => 'Domains', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '["www.aliyundoc.com"]', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****', 'title' => ''], ], [ - 'name' => 'RuleGroupId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1012', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****', 'title' => ''], ], [ - 'name' => 'WafVersion', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The domain name to configure.'."\n" + ."\n" + .'> You can call [DescribeDomainNames](~~86373~~) to query all domain names that have been added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'SourceIps', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The IP addresses or back-to-origin domain name of the origin server associated with the domain name. You can set only one of the two types:'."\n" + ."\n" + .'- To set origin server IP addresses, use the `["ip1","ip2",……]` format. You can add up to 20 IP addresses.'."\n" + .'- To set a back-to-origin domain name, use the `["domain"]` format. You can specify only one domain name.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method.', 'type' => 'string', 'required' => false, 'example' => '["39.XX.XX.197"]', 'title' => ''], ], [ - 'name' => 'ResourceGroupId', + 'name' => 'LoadBalancing', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2pz25js****', - ], + 'schema' => ['description' => 'The load balancing algorithm used for back-to-origin requests. Valid values:'."\n" + ."\n" + .'- **0**: IP Hash.'."\n" + .'- **1**: round-robin.'."\n" + .'- **2**: Least Time.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], [ - 'name' => 'WafAiStatus', + 'name' => 'HttpPort', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The list of HTTP ports, in the `[port1,port2,……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method. Setting this parameter indicates that the domain name uses the HTTP protocol. **HttpPort** and **HttpsPort** cannot both be empty.', 'type' => 'string', 'required' => false, 'example' => '[80]', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'HttpsPort', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The list of HTTPS ports, in the `[port1,port2,……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method. Setting this parameter indicates that the domain name uses the HTTPS protocol. **HttpPort** and **HttpsPort** cannot both be empty.', 'type' => 'string', 'required' => false, 'example' => '[443]', 'title' => ''], ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - ], - ], + [ + 'name' => 'Http2Port', + 'in' => 'query', + 'schema' => ['description' => 'The list of HTTP 2.0 ports, in the `[port1,port2,……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method, and **HttpsPort** is not empty, which indicates that the domain name uses the HTTPS protocol.', 'type' => 'string', 'required' => false, 'example' => '[443]', 'title' => ''], ], - ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<SetDomainRuleGroupResponse>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</SetDomainRuleGroupResponse>","errorExample":""}]', - 'title' => 'SetDomainRuleGroup', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'ModifyProtectionRuleCacheStatus' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'HttpsRedirect', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to enable HTTPS forced redirect. After HTTPS forced redirect is enabled, HTTP requests from clients are redirected to HTTPS requests. The default redirect port is 443. Valid values:'."\n" + ."\n" + .'- **0** (default): disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method, and **HttpsPort** is not empty, which indicates that the domain name uses the HTTPS protocol.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], - ], - 'systemTags' => [ - 'operationType' => 'get', - 'abilityTreeCode' => '93407', - 'abilityTreeNodes' => [ - 'FEATUREwafI1HM4C', + [ + 'name' => 'HttpToUserIp', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to enable HTTP back-to-origin. After HTTP back-to-origin is enabled, HTTPS requests are forwarded to the origin server over HTTP. The default back-to-origin port is 80. Valid values:'."\n" + ."\n" + .'- **0** (default): disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method, and **HttpsPort** is not empty, which indicates that the domain name uses the HTTPS protocol.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '0', 'example' => '0', 'title' => ''], ], - ], - 'parameters' => [ [ - 'name' => 'Domain', + 'name' => 'IsAccessProduct', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'Specifies whether a Layer 7 proxy such as Anti-DDoS Pro or CDN is deployed in front of WAF, meaning whether client traffic passes through another Layer 7 proxy before reaching WAF. Valid values:'."\n" + ."\n" + .'- **0**: no.'."\n" + .'- **1**: yes.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '0', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'AccessHeaderMode', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '42755', - ], + 'schema' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n" + ."\n" + .'- **0** (default): WAF reads the first value of the X-Forwarded-For (XFF) field in the request header as the client IP address.'."\n" + .'- **1**: WAF reads the value of a custom field that you specify in the request header as the client IP address.'."\n" + ."\n" + .'> This parameter is required only when **IsAccessProduct** is set to **1**, which indicates that a Layer 7 proxy is deployed in front of WAF.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'AccessHeaders', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'tamperproof', - ], + 'schema' => ['description' => 'The list of custom header fields used to obtain the originating IP address of the client, in the `["header1","header2",……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessHeaderMode** is set to **1**, which indicates that WAF reads the value of a custom field that you specify in the request header as the client IP address.', 'type' => 'string', 'required' => false, 'example' => '["X-Client-IP"]', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'LogHeaders', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The traffic tag field and value for the domain name, used to tag traffic processed by WAF.'."\n" + ."\n" + .'The value of this parameter is in the `[{"k":"_key_","v":"_value_"}]` format. `_key_` specifies the custom request header field, and `_value_` specifies the value of the field.'."\n" + ."\n" + .'By specifying a custom request header field and its value, WAF automatically adds the custom field value to the request header as a traffic tag when traffic for the domain name passes through WAF. This helps backend services collect relevant statistics.'."\n" + ."\n" + .'> If the custom header field already exists in the request, the system overwrites the existing value with the traffic tag value you specify.', 'type' => 'string', 'required' => false, 'example' => '[{"k":"ALIWAF-TAG","v":"Yes"}]', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ClusterType', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The type of the WAF protection cluster. Valid values:'."\n" + ."\n" + .'- **0** (default): physical cluster.'."\n" + .'- **1**: virtual cluster, which is a WAF exclusive cluster.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ - 'name' => 'ResourceGroupId', + 'name' => 'ConnectionTime', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The connection timeout period for the WAF exclusive cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method, and **ClusterType** is set to **1**, which indicates that the WAF exclusive cluster is used.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '5', 'example' => '5', 'title' => ''], ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - ], - ], + [ + 'name' => 'ReadTime', + 'in' => 'query', + 'schema' => ['description' => 'The read timeout period for the WAF exclusive cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method, and **ClusterType** is set to **1**, which indicates that the WAF exclusive cluster is used.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '120', 'example' => '120', 'title' => ''], ], - ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<ModifyProtectionRuleCacheStatusResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</ModifyProtectionRuleCacheStatusResponse>","errorExample":""}]', - 'title' => 'ModifyProtectionRuleCacheStatus', - 'requestParamsDescription' => ' ', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'DeleteProtectionModuleRule' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'WriteTime', + 'in' => 'query', + 'schema' => ['description' => 'The write timeout period for the WAF exclusive cluster. Unit: seconds.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method, and **ClusterType** is set to **1**, which indicates that the WAF exclusive cluster is used.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '120', 'example' => '120', 'title' => ''], ], - ], - 'systemTags' => [], - 'parameters' => [ [ - 'name' => 'Domain', + 'name' => 'AccessType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The Website Config method. Valid values:'."\n" + ."\n" + .'- **waf-cloud-dns** (default): CNAME record.'."\n" + ."\n" + .'- **waf-cloud-native**: transparent access.', 'type' => 'string', 'required' => false, 'example' => 'waf-cloud-dns', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'CloudNativeInstances', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'ac_custom', - ], + 'schema' => ['description' => 'The list of server and port configurations for transparent access. The value is a string converted from a JSON array. Each element in the JSON array is a struct that contains the following fields:'."\n" + ."\n" + .'- **ProtocolPortConfigs**: JSON Array type | Required | The list of protocol and port configurations. Each element in the JSON array is a struct that contains the following fields:'."\n" + .' - **Ports**: Array type | Required | The list of ports, in the `[port1,port2,……]` format.'."\n" + .' - **Protocol**: String type | Required | The protocol type. Valid values: **http**, **https**.'."\n" + .'- **CloudNativeProductName**: String type | Required | The type of the cloud service instance. Valid values: **ECS**, **SLB**, **ALB**.'."\n" + .'- **RedirectionTypeName**: String type | Required | The type of the traffic redirection port. Valid values: **ECS** (ECS port), **SLB-L4** (SLB Layer 4 port), **SLB-L7** (SLB Layer 7 port), **ALB** (ALB port).'."\n" + .'- **InstanceId**: String type | Required | The ID of the cloud service instance.'."\n" + .'- **IPAddressList**: Array type | Required | The list of public IP addresses of the cloud service instance, in the `["ip1","ip2",……]` format.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-native**, which indicates that the domain name is added by using the transparent access method.', 'type' => 'string', 'required' => false, 'example' => '[{"ProtocolPortConfigs":[{"Ports":[80],"Protocol":"http"}],"RedirectionTypeName":"ALB","InstanceId":"alb-s65nua68wdedsp****","IPAddressList":["182.XX.XX.113"],"CloudNativeProductName":"ALB"}]', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'IpFollowStatus', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '42754', - ], + 'schema' => ['description' => 'Specifies whether to enable IPv4/IPv6 back-to-origin protocol following when the origin server addresses include both IPv4 and IPv6 addresses. After this feature is enabled, WAF forwards requests from IPv4 addresses to IPv4 origin servers and requests from IPv6 addresses to IPv6 origin servers. Valid values:'."\n" + ."\n" + .'- **0** (default): disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'SniStatus', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-mp9153****', - ], + 'schema' => ['description' => 'Specifies whether to enable back-to-origin Server Name Indication (SNI). Back-to-origin SNI means that when WAF forwards client requests to the origin server and performs a TLS handshake with the origin server, WAF specifies the host to access through the SNI extension field (Server Name Indicator extension) and establishes an HTTPS connection with that host. If your origin server hosts multiple virtual hosts (corresponding to different domain names), enable back-to-origin SNI. Valid values:'."\n" + .'- **0**: disabled.'."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'For WAF instances in the Chinese mainland, back-to-origin SNI is disabled by default. For WAF instances outside the Chinese mainland, back-to-origin SNI is enabled by default.'."\n" + ."\n" + .'> This parameter is required only when **AccessType** is set to **waf-cloud-dns**, which indicates that the domain name is added by using the CNAME method, and **HttpsPort** is not empty, which indicates that the domain name uses the HTTPS protocol.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'SniHost', + 'in' => 'query', + 'schema' => ['description' => 'The custom value of the SNI extension field. If you do not set this parameter, the value of the **Host** field in the request header is used as the SNI extension field value by default.'."\n" + ."\n" + .'In most cases, you do not need to customize the SNI value unless your service has special configuration requirements and you want WAF to use an SNI value in back-to-origin requests that differs from the actual request Host.'."\n" + ."\n" + .'> This parameter is required only when **SniStatus** is set to **1**, which indicates that back-to-origin SNI is enabled.', 'type' => 'string', 'required' => false, 'example' => 'waf.example.com', 'title' => ''], + ], + [ + 'name' => 'Retry', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether WAF retries when back-to-origin fails. Valid values:'."\n" + ."\n" + .'- **true** (default): retry.'."\n" + ."\n" + .'- **false**: do not retry.', 'type' => 'boolean', 'default' => 'false', 'required' => false, 'example' => 'true', 'title' => ''], + ], + [ + 'name' => 'Keepalive', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n" + ."\n" + .'- **true** (default): enabled.'."\n" + ."\n" + .'- **false**: disabled.', 'type' => 'boolean', 'default' => 'false', 'required' => false, 'example' => 'true', 'title' => ''], + ], + [ + 'name' => 'KeepaliveRequests', + 'in' => 'query', + 'schema' => ['description' => 'The number of requests that reuse a persistent connection. Valid values: 60 to 1000.'."\n" + ."\n" + .'> This parameter specifies how many requests can reuse a persistent connection after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''], + ], + [ + 'name' => 'KeepaliveTimeout', + 'in' => 'query', + 'schema' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" + ."\n" + .'> This parameter specifies how long an idle persistent connection is kept before it is released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '1', 'default' => '15', 'required' => false, 'example' => '60', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If you do not set this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -4120,88 +5050,93 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1557B42F-B889-460A-B17F-1DE5C5AD7FF2', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"1557B42F-B889-460A-B17F-1DE5C5AD7FF2\\"\\n}","errorExample":""},{"type":"xml","example":"<DeleteProtectionModuleRuleResponse>\\n <RequestId>1557B42F-B889-460A-B17F-1DE5C5AD7FF2</RequestId>\\n</DeleteProtectionModuleRuleResponse>","errorExample":""}]', - 'title' => 'DeleteProtectionModuleRule', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Modify domain name configuration', + 'summary' => 'Modifies the configuration of a domain name that has been added to WAF.', + 'requestParamsDescription' => 'When you call this operation, you must include common Alibaba Cloud API request parameters in addition to the operation-specific request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeProtectionModuleCodeConfig' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2023-08-28T12:42:34.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-05-23T05:46:03.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2022-08-22T10:01:08.000Z', 'description' => 'Request parameters changed, Error codes changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomain'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyDomainIpv6Status' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'deprecated' => false, + 'systemTags' => [], 'parameters' => [ [ - 'name' => 'CodeType', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '14', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''], ], [ - 'name' => 'CodeValue', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['description' => 'The domain name that has been added.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'Enabled', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '', - ], + 'schema' => ['description' => 'Specifies whether to enable IPv6 security protection. Valid values:'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'string', 'required' => true, 'example' => '0', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2pz25js****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -4209,165 +5144,185 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'CodeConfigs' => [ - 'description' => '', - 'type' => 'string', - 'example' => '[{"code":0,"name":"310000,530000,150000,110000,TW_01,220000,510000,120000,640000,340000,370000,140000,440000,450000,650000,320000,360000,130000,410000,330000,460000,420000,430000,MO_01,620000,350000,540000,520000,210000,500000,610000,630000,HK_01,230000","env":"online"}]', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'BE3911B8-9D96-5B39-8875-503BBC9DA4BF', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"CodeConfigs\\": \\"[{\\\\\\"code\\\\\\":0,\\\\\\"name\\\\\\":\\\\\\"310000,530000,150000,110000,TW_01,220000,510000,120000,640000,340000,370000,140000,440000,450000,650000,320000,360000,130000,410000,330000,460000,420000,430000,MO_01,620000,350000,540000,520000,210000,500000,610000,630000,HK_01,230000\\\\\\",\\\\\\"env\\\\\\":\\\\\\"online\\\\\\"}]\\",\\n \\"RequestId\\": \\"BE3911B8-9D96-5B39-8875-503BBC9DA4BF\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<DescribeProtectionModuleCodeConfigResponse>\\r\\n\\t<RequestId>BE3911B8-9D96-5B39-8875-503BBC9DA4BF</RequestId>\\r\\n\\t<CodeConfigs>\\r\\n\\t\\t<code>0</code>\\r\\n\\t\\t<name>310000,530000,150000,110000,TW_01,220000,510000,120000,640000,340000,370000,140000,440000,450000,650000,320000,360000,130000,410000,330000,460000,420000,430000,MO_01,620000,350000,540000,520000,210000,500000,610000,630000,HK_01,230000</name>\\r\\n\\t\\t<env>online</env>\\r\\n\\t</CodeConfigs>\\r\\n</DescribeProtectionModuleCodeConfigResponse>","errorExample":""}]', - 'title' => 'DescribeProtectionModuleCodeConfig', + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Enable or disable iPv6 security protection for a domain name configuration', + 'summary' => 'Enables or disables the IPv6 security protection feature for a specified domain name configuration.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeRuleGroups' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomainIpv6Status'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomainIpv6Status', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyLogRetrievalStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - 'abilityTreeCode' => '93352', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], - ], + 'systemTags' => [], 'parameters' => [ [ - 'name' => 'SourceIp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '60.208.111.213', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'Lang', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'zh', - ], + 'schema' => ['description' => 'The domain name that has been added.'."\n" + ."\n" + .'> You can call [DescribeDomainNames](~~86373~~) to query all added domain names.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'Enabled', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['description' => 'Specifies whether to enable the log search feature. Valid values:'."\n" + ."\n" + .'- **0**: disables the feature.'."\n" + ."\n" + .'- **1**: enables the feature.'."\n" + ."\n" + .'> WAF records access request logs for a domain name only after the log search feature is enabled for the domain name. If you disable the log search feature, access request logs during the disabled period are not recorded. Even if you re-enable the log search feature, you cannot query access request logs generated during the disabled period.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], ], [ - 'name' => 'CurrentPage', + 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ - 'name' => 'WafLang', + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + ], 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'ZH', + 'title' => '', + 'example' => '', ], ], + ], + 'errorCodes' => [ + 403 => [ + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.', 'description' => ''], + ], + 500 => [ + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.', 'description' => ''], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + 'title' => 'Enable or disable the log search feature for a specified domain name', + 'summary' => 'Enables or disables the log search feature for a specified domain name.', + 'description' => 'The log search feature has been upgraded to Simple Log Service for WAF. For more information, see [WAF Log Service](~~100503~~). This operation is applicable only to existing users who still have the log search feature. To enable or disable Simple Log Service for WAF for a domain name, call [ModifyLogServiceStatus](~~162742~~).', + 'requestParamsDescription' => 'When you call this operation, you must include the common request parameters of Alibaba Cloud APIs in addition to the request parameters described in this topic. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyLogRetrievalStatus'], + ], + ], + 'ramActions' => [ [ - 'name' => 'Type', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'enum' => [ - '1', - '10', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyLogRetrievalStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], + ], + ], + 'ModifyLogServiceStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'PolicyId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1011', - ], + 'AK' => [], ], + ], + 'systemTags' => [], + 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'You can call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'Region', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn', - 'default' => 'cn', - ], + 'schema' => ['description' => 'The domain name that has been added.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], + ], + [ + 'name' => 'Enabled', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to enable the log collection feature. Valid values:'."\n" + ."\n" + .'- **0**: disabled'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek23puu7m3kmea', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -4375,273 +5330,261 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '02E9A4B8-90FB-5F41-A049-C82277EB82FB', - ], - 'TaskStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '2', - ], - 'Total' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'WafTaskId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '123', - ], - 'RuleGroups' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Type' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'RuleCnt' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'RuleGroupUpdateTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1711445265', - ], - 'PolicyId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '116562', - ], - 'Name' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rule_group_test', - ], - 'TemplatePolicyId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1102', - ], - 'RuleGroupTemplateName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rule_group_test', - ], - 'Desc' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'desc', - ], - 'WafVersion' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '11', - ], - 'DomainList' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test.aliyundome.com', - ], - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"02E9A4B8-90FB-5F41-A049-*\\",\\n \\"TaskStatus\\": 2,\\n \\"Total\\": 1,\\n \\"WafTaskId\\": \\"123\\",\\n \\"RuleGroups\\": [\\n {\\n \\"Type\\": 1,\\n \\"RuleCnt\\": 1,\\n \\"RuleGroupUpdateTime\\": 1711445265,\\n \\"PolicyId\\": 116562,\\n \\"Name\\": \\"rule_group_test\\",\\n \\"TemplatePolicyId\\": 1102,\\n \\"RuleGroupTemplateName\\": \\"rule_group_test\\",\\n \\"Desc\\": \\"desc\\",\\n \\"WafVersion\\": 11,\\n \\"DomainList\\": [\\n \\"test.aliyundome.com\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeRules' => [ - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 403 => [ + ['errorCode' => 'Forbbiden', 'errorMessage' => 'User not authorized to operate on the specified resource.', 'description' => ''], + ], + 500 => [ + ['errorCode' => 'InternalError', 'errorMessage' => 'The request processing has failed due to some unknown error.', 'description' => ''], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + 'title' => 'Enable or disable log collection for a specified domain name configuration', + 'summary' => 'Enables or disables the log collection feature for a specified domain name configuration by calling the ModifyLogServiceStatus operation.', + 'description' => 'Before you enable the log collection feature for a domain name configuration, make sure that the real-time log query and analysis feature is activated for the WAF instance and that WAF is authorized to deliver recorded logs to your dedicated Simple Log Service Logstore.'."\n" + ."\n" + .'For more information, see [Real-time log query and analysis](~~100503~~).', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyLogServiceStatus'], + ], ], - 'security' => [ + 'ramActions' => [ [ - 'AK' => [], + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyLogServiceStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], ], - 'systemTags' => [ - 'operationType' => 'get', - 'abilityTreeCode' => '93355', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', + ], + 'ModifyProtectionModuleMode' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], ], ], + 'systemTags' => [], 'parameters' => [ [ - 'name' => 'SourceIp', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '42.84.*.*', - ], + 'schema' => ['description' => 'The domain name that has been added to WAF.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['description' => 'The protection module. Valid values:'."\n" + ."\n" + .'- **waf**: RegEx protection engine'."\n" + ."\n" + .'- **dld**: big data deep learning engine'."\n" + ."\n" + .'- **ac_cc**: CC attack protection'."\n" + ."\n" + .'- **antifraud**: data risk control'."\n" + ."\n" + .'- **normalized**: proactive defense.', 'type' => 'string', 'required' => true, 'example' => 'waf', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'Mode', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The protection mode.'."\n" + ."\n" + .'> The meaning of the **Mode** value varies depending on the specified protection module (**DefenseType**).'."\n" + ."\n" + .'- RegEx protection engine (**waf**)'."\n" + .' - **0**: Block mode.'."\n" + .' - **1**: Warn mode.'."\n" + .'- Big data deep learning engine (**dld**)'."\n" + .' - **0**: Warn mode.'."\n" + .' - **1**: Block mode.'."\n" + .'- CC attack protection (**ac_cc**)'."\n" + .' - **0**: Protection mode.'."\n" + .' - **1**: Protection-emergency mode.'."\n" + .'- Data risk control (**antifraud**)'."\n" + .' - **0**: Warn mode.'."\n" + .' - **1**: Block mode.'."\n" + .' - **2**: Strict block mode.'."\n" + .'- Proactive defense (**normalized**)'."\n" + .' - **1**: Block mode.'."\n" + .' - **0**: Warn mode.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '0', 'title' => ''], ], [ - 'name' => 'RuleIdKey', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => ' 1131*0', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'CveIdKey', + 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'CVE ID', - 'type' => 'string', - 'required' => false, - 'example' => 'CVE-*-*5', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. Default value: empty, which indicates the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], [ - 'name' => 'ProtectionType', + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + ], 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '11', + 'title' => '', + 'example' => '', ], ], + ], + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Modify WAF protection mode', + 'summary' => 'Modifies the WAF protection mode for modules such as the RegEx protection engine, big data deep learning engine, CC attack protection, data risk control, and proactive defense.', + 'description' => 'You can specify the protection module by setting the **DefenseType** parameter. For more information about the valid values, see the description of the **DefenseType** request parameter.', + 'requestParamsDescription' => ' ', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionModuleMode'], + ], + ], + 'ramActions' => [ [ - 'name' => 'ApplicationType', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionModuleMode', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + ], + 'ModifyProtectionModuleRule' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'systemTags' => [], + 'parameters' => [ [ - 'name' => 'RiskLevel', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['description' => 'The domain name whose rule configurations you want to modify.'."\n" + ."\n" + .'> You can call [DescribeDomainNames](~~86373~~) to query all domain names that are added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'RuleGroupId', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1012', - ], + 'schema' => ['description' => 'The protection feature module to which the rule configuration belongs. Valid values:'."\n" + ."\n" + .'- **tamperproof**: web tamper-proofing rules.'."\n" + ."\n" + .'- **dlp**: sensitive information leak prevention rules.'."\n" + ."\n" + .'- **ng_account**: account security rules.'."\n" + ."\n" + .'- **bot_intelligence**: crawler threat intelligence.'."\n" + ."\n" + .'- **antifraud**: data risk control protection requests.'."\n" + ."\n" + .'- **antifraud_js**: data risk control JS insertion pages.'."\n" + ."\n" + .'- **bot_algorithm**: intelligent algorithm rules for bot management.'."\n" + ."\n" + .'- **bot_wxbb_pkg**: version protection rules for app protection.'."\n" + ."\n" + .'- **bot_wxbb**: path protection rules for app protection.'."\n" + ."\n" + .'- **ac_blacklist**: IP blacklist rules.'."\n" + ."\n" + .'- **ac_highfreq**: automatic blocking rules for high-frequency web attack IP addresses.'."\n" + ."\n" + .'- **ac_dirscan**: folder scan protection rules.'."\n" + ."\n" + .'- **ac_custom**: custom mitigation policy rules.'."\n" + ."\n" + .'- **whitelist**: whitelist rules.', 'type' => 'string', 'required' => true, 'example' => 'ac_custom', 'title' => ''], ], [ - 'name' => 'Lang', + 'name' => 'Rule', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'zh', - ], + 'schema' => ['description' => 'The rule configuration content, specified as a string converted from a JSON object constructed with a series of parameters.'."\n" + ."\n" + .'> The specific parameters vary depending on the protection module configuration (**DefenseType**) you specify. For more information, see the detailed description of the Rule parameter.', 'type' => 'string', 'required' => true, 'example' => ' {"action":"monitor","name":"test","scene":"custom_acl","conditions":[{"opCode":1,"key":"URL","values":"/example"}]}', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-*', - ], + 'schema' => ['description' => 'The ID of the rule configuration to modify.'."\n" + ."\n" + .'> You can call [DescribeProtectionModuleRules](~~100398~~) to query the IDs of all created rules.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '369998', 'title' => ''], ], [ - 'name' => 'Region', + 'name' => 'LockVersion', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn', - 'default' => 'cn', - ], + 'schema' => ['description' => 'The version number of the rule configuration to modify.'."\n" + ."\n" + .'> You can call [DescribeProtectionModuleRules](~~100398~~) to query the version number of a rule configuration.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2', 'title' => ''], + ], + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-*', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2lav****s77i', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -4649,112 +5592,564 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RuleGroupTemplateId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1012', - ], - 'RuleGroupName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test111', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-*', - ], - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'RuleGroupTemplateName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rule_group_test', - ], - 'IsSubscribe' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Rules' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RiskLevel' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'UpdateTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1684120148.0', - ], - 'Description' => [ - 'description' => '', - 'type' => 'string', - 'example' => '', - ], - 'CveUrl' => [ - 'description' => '', - 'type' => 'string', - ], - 'ApplicationType' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '15', - ], - 'CveId' => [ - 'description' => 'CVE ID。', - 'type' => 'string', - 'example' => 'CVE-2021-*', - ], - 'ProtectionType' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '11', - ], - 'RuleName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rules_41', - ], - 'RuleId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '42755', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RuleGroupTemplateId\\": \\"1012\\",\\n \\"RuleGroupName\\": \\"test111\\",\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*\\",\\n \\"TotalCount\\": 1,\\n \\"RuleGroupTemplateName\\": \\"rule_group_test\\",\\n \\"IsSubscribe\\": 1,\\n \\"Rules\\": [\\n {\\n \\"RiskLevel\\": 0,\\n \\"UpdateTime\\": 1684120148,\\n \\"Description\\": \\"默认\\",\\n \\"CveUrl\\": \\"https://avd.aliyun.com/\\",\\n \\"ApplicationType\\": 15,\\n \\"CveId\\": \\"CVE-2021-*\\",\\n \\"ProtectionType\\": 11,\\n \\"RuleName\\": \\"rules_41\\",\\n \\"RuleId\\": 42755\\n }\\n ]\\n}","type":"json"}]', - ], - 'ModifyLogRetrievalStatus' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Modify WAF protection feature configuration rules', + 'summary' => 'Modifies the configuration rules of WAF protection features, such as web intrusion prevention, data security, advanced protection, bot management, access control, throttling, and whitelists.', + 'description' => 'This operation modifies the rule configurations of a specified WAF protection module, including web intrusion prevention, data security, advanced protection, bot management, access control or throttling, and whitelist modules. You can specify the protection module by setting the **DefenseType** parameter. For more information about the valid values, see the description of the **DefenseType** request parameter.'."\n" + .'To ensure system stability, the queries per second (QPS) is limited to 10 per user. If the limit is exceeded, API calls are throttled, which may affect your business. Call this operation appropriately.', + 'requestParamsDescription' => '**Detailed description of the Rule parameter**.'."\n" + ."\n" + .' - The JSON string for web tamper-proofing rule configuration (**tamperproof**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String | Required | The specific URL to protect.'."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **status**: Integer | Optional | The protection status of the rule. Valid values:'."\n" + .' - **0** (default): Not in effect.'."\n" + .' - **1**: In effect.'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"example",'."\n" + .' "uri":"http://www.example.com/example",'."\n" + .' "status":1 '."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for sensitive information leak prevention rule configuration (**dlp**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **conditions**: Array | Required | The match conditions described in JSON string format. You can specify up to two match conditions, and the conditions have an AND relationship. The following parameters are included:'."\n" + .' - **key**: The match item.'."\n" + .' - **0**: the URL to protect.'."\n" + .' - **10**: sensitive information.'."\n" + .' - **11**: the response code.'."\n" + .' > You cannot set match conditions for both the response code (**11**) and sensitive information (**10**) in the **conditions** parameter at the same time.'."\n" + .' - **operation**: The match logic. The value is fixed as **1**, which indicates Contains.'."\n" + .' - **value**: The match condition values described in JSON string format. Multiple condition values are supported. The following parameters are included:'."\n" + .' - **v**: Applicable only when the match item (**key**) is URL (**0**) or response code (**11**).'."\n" + .' - URL: When `"key":0`, the value is a URL address.'."\n" + .' - Response code: When `"key":11`, valid values include **400**, **401**, **402**, **403**, **404**, **405-499**, **500**, **501**, **502**, **503**, **504**, and **505-599**.'."\n" + .' - **k**: Applicable only when the match item (**key**) is sensitive information (**10**). Valid values:'."\n" + .' - **100**: ID card.'."\n" + .' - **101**: credit card.'."\n" + .' - **102**: phone number.'."\n" + .' - **103**: default sensitive words.'."\n" + .' - **action**: The match action.'."\n" + .' - **3**: alert.'."\n" + .' - **10**: sensitive information filtering. This action applies only to match conditions that contain sensitive information (`"key":10`).'."\n" + .' - **11**: return the built-in block page. This action applies only to match conditions that contain a response code (`"key":11`).'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"example",'."\n" + .' "conditions":[{"key":11,"operation":1,"value":[{"v":401}]},{"key":"0","operation":1,"value":[{"v":"www.example.com"}]}],'."\n" + .' "action":3'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for account security rule configuration (**ng_account**) contains the following parameters:'."\n" + ."\n" + .' - **url_path**: String | Required | The detection interface, expressed as a URL path. It must start with a forward slash (/).'."\n" + .' - **method**: String | Required | The request method to detect, including POST, GET, PUT, and DELETE. Multiple request methods are supported and separated by commas (,).'."\n" + .' - **account_left**: String | Required | The account parameter name.'."\n" + .' - **password_left**: String | Optional | The password parameter name.'."\n" + .' - **action**: String | Required | The protection action. Valid values:'."\n" + .' - **monitor**: alert.'."\n" + .' - **block**: block.'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "url_path":"/example",'."\n" + .' "method":"POST,GET,PUT,DELETE",'."\n" + .' "account_left":"aaa",'."\n" + .' "password_left:"123",'."\n" + .' "action":"monitor"'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for crawler threat intelligence configuration in bot management (**bot_intelligence**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name. It must correspond to the rule ID (**RuleId**) parameter.'."\n" + .' - **urlList**: Array | Required | The protection paths. You can specify up to 10 protection paths. Expressed in JSON string format with the following parameters:'."\n" + .' - **mode**: String | Required | The match method, used in combination with the path keyword (**url**) parameter to specify the protection path. Valid values: **eq** (exact match), **prefix-match** (prefix match), **regex** (regular expression match).'."\n" + .' - **url**: String | Required | The path keyword. It must start with a forward slash (/).'."\n" + .' - **action**: String | Required | The disposition action. Valid values:'."\n" + .' - **monitor**: monitor.'."\n" + .' - **captcha**: slider CAPTCHA.'."\n" + .' - **captcha_strict**: strict slider CAPTCHA. '."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: block.'."\n" + .' - **status**: Integer | Required | The enabled status. Valid values:'."\n" + .' - **0**: disabled.'."\n" + .' - **1**: enabled.'."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "urlList":['."\n" + .' {"mode":"prefix-match","url":"/indexa"},'."\n" + .' {"mode":"regex","url":"/"},'."\n" + .' {"mode":"eq","url":"/"}],'."\n" + .' "name":"IDC IP库-腾讯云",'."\n" + .' "action":"captcha_strict",'."\n" + .' "status":1'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for intelligent algorithm rule configuration in bot management (**bot_algorithm**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **algorithmName**: String | Required | The algorithm name. Valid values:'."\n" + .' - **RR**: dedicated resource crawler identification algorithm.'."\n" + .' - **PR**: targeted path crawler identification algorithm.'."\n" + .' - **DPR**: parameter polling crawler identification algorithm.'."\n" + .' - **SR**: dynamic IP crawler identification algorithm.'."\n" + .' - **IND**: proxy device crawler identification algorithm.'."\n" + .' - **Periodicity**: periodicity crawler identification algorithm.'."\n" + .' - **timeInterval**: Integer | Required | The detection interval. Unit: seconds. Valid values: 30, 60, 120, 300, and 600.'."\n" + .' - **action**: String | Required | The disposition action. Valid values:'."\n" + .' - **monitor**: monitor.'."\n" + .' - **captcha**: slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: block. If you select block as the disposition action, you must specify the block duration (**blocktime**) parameter.'."\n" + .' - **blocktime**: Integer | Optional | The block duration. Unit: minutes. Valid values: 1 to 600.'."\n" + .' - **config**: String | Required | The algorithm configuration information, expressed in JSON string format. The specific sub-parameters in the algorithm configuration vary depending on the selected algorithm name (**algorithmName**).'."\n" + .' - The configuration information for the dedicated resource crawler identification algorithm (**RR**) contains the following sub-parameters:'."\n" + .' - **resourceType**: Integer | Optional | The type of requested resource. Valid values:'."\n" + .' - **1**: dynamic resource type.'."\n" + .' - **2**: static resource type.'."\n" + .' - **-1**: custom resource type. If you select custom resource type, you must also specify the **extensions** parameter to define specific resource suffixes in string format, separated by commas (,). Example: `css,jpg,xls`.'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The scope of IP addresses to detect within the detection interval. Only IP addresses with a URI of the requests greater than or equal to the specified value are detected. This parameter specifies the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float | Required | The risk determination condition, which is the threshold for the proportion of access requests to the specified resource type among all IP access requests. An IP address is determined as risky if the proportion exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration information for the targeted path crawler identification algorithm (**PR**) contains the following sub-parameters:'."\n" + .' - **keyPathConfiguration**: Array | Optional | The request path information. You can specify up to 10 paths. This sub-parameter is required only when using the targeted path crawler identification algorithm. Expressed in JSON string format with the following parameters:'."\n" + .' - **method**: String | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **url**: String | Required | The request path keyword. It must start with a forward slash (/).'."\n" + .' - **matchType**: String | Required | The match method, used in combination with the request path keyword (**url**) parameter to specify the request path. Valid values: **all** (exact match), **prefix** (prefix match), **regex** (regular expression match).'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The scope of IP addresses to detect within the detection interval. Only IP addresses with a URI of the requests greater than or equal to the specified value are detected. This parameter specifies the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float | Required | The risk determination condition, which is the threshold for the proportion of access requests to the specified paths among all IP access requests. An IP address is determined as risky if the proportion exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration information for the parameter polling crawler identification algorithm (**DPR**) contains the following sub-parameters:'."\n" + .' - **method**: String | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **urlPattern**: String | Required | The key parameter path. It must start with a forward slash (/). Use {} to represent key parameters. When multiple {} are configured, these parameters are concatenated as the key parameter. Example: `/company/{}/{}/{}/user.php?uid={}`.'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The scope of IP addresses to detect within the detection interval. Only IP addresses with a URI of the requests greater than or equal to the specified value are detected. This parameter specifies the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **minRatio**: Float | Required | The risk determination condition, which is the threshold for the proportion of distinct key parameter values among all IP access requests. An IP address is determined as risky if the proportion exceeds this threshold. Valid values: 0.01 to 1.'."\n" + .' - The configuration information for the dynamic IP crawler identification algorithm (**SR**) contains the following sub-parameters:'."\n" + .' - **maxRequestCountPerSrSession**: Integer | Required | Defines an abnormal session by setting the minimum number of requests per session. A session is determined as abnormal if the number of requests in a single session is less than this value. Valid values: 1 to 8.'."\n" + .' - **minSrSessionCountPerIp**: Integer | Required | The risk determination condition, which is the threshold for the number of abnormal sessions in IP access requests. An IP address is determined as risky if the number of abnormal sessions in a single IP access request exceeds this value. Valid values: 5 to 300.'."\n" + .' - The configuration information for the proxy device crawler identification algorithm (**IND**) contains the following sub-parameters:'."\n" + .' - **minIpCount**: Integer | Required | The malicious device determination condition, which is the threshold for the number of IP address changes associated with the device through Wi-Fi. A device is determined as risky if the number exceeds this threshold. Valid values: 5 to 500.'."\n" + .' - **keyPathConfiguration**: Array | Optional | The detection path information. You can specify up to 10 paths. Expressed in JSON string format with the following parameters:'."\n" + .' - **method**: String | Required | The request method. Valid values: **POST**, **GET**, **PUT**, **DELETE**, **HEAD**, and **OPTIONS**.'."\n" + .' - **url**: String | Required | The detection path keyword. It must start with a forward slash (/).'."\n" + .' - **matchType**: String | Required | The match method, used in combination with the detection path keyword (**url**) parameter to specify the request path. Valid values: **all** (exact match), **prefix** (prefix match), **regex** (regular expression match).'."\n" + .' - The configuration information for the periodicity crawler identification algorithm (**Periodicity**) contains the following sub-parameters:'."\n" + .' - **minRequestCountPerIp**: Integer | Required | The scope of IP addresses to detect within the detection interval. Only IP addresses with a URI of the requests greater than or equal to the specified value are detected. This parameter specifies the minimum URI of the requests. Valid values: 5 to 10000.'."\n" + .' - **level**: Integer | Required | The risk determination level, which indicates the degree of periodicity in the access IP pattern. Valid values:'."\n" + .' - **0**: obvious.'."\n" + .' - **1**: moderate.'."\n" + .' - **2**: weak.'."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"代理设备爬虫识别",'."\n" + .' "algorithmName":"IND",'."\n" + .' "timeInterval":"60",'."\n" + .' "action":"warn",'."\n" + .' "config":{'."\n" + .' "minIpCount":5,'."\n" + .' "keyPathConfiguration":[{"url":"/index","method":"GET","matchType":"prefix"}]'."\n" + .' }'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for version protection rule configuration in app protection (**bot_wxbb_pkg**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **action**: String | Required | The disposition action. Valid values:'."\n" + .' - **test**: monitor.'."\n" + .' - **close**: block.'."\n" + .' - **nameList**: Array | Required | The legitimate version information. You can specify up to five rules. Expressed in JSON string format with the following parameters:'."\n" + .' - **name**: String | Required | The legitimate package name.'."\n" + .' - **signList**: Array | Required | The corresponding package signatures. You can specify up to 15 signatures, separated by commas (,).'."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"test",'."\n" + .' "action":"close",'."\n" + .' "nameList":[{'."\n" + .' "name":"apk-xxxx",'."\n" + .' "signList":["xxxxxx","xxxxx","xxxx","xx"]'."\n" + .' }]'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for path protection rule configuration in app protection (**bot_wxbb**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **uri**: String | Required | The protection path. It must start with a forward slash (/).'."\n" + .' - **matchType**: String | Required | The match method. Valid values: **all** (exact match), **prefix** (prefix match), **regex** (regular expression match).'."\n" + .' - **arg**: String | Required | The parameter inclusion, used in combination with the match method (**matchType**) parameter to specify the protection path configuration.'."\n" + .' - **action**: String | Required | The disposition action. Valid values:'."\n" + .' - **test**: monitor.'."\n" + .' - **close**: block.'."\n" + .' - **hasTag**: Boolean | Required | Specifies whether a custom signature field is required.'."\n" + .' - **true**: Yes. If you select this option, you must specify the **wxbbVmpFieldType** and **wxbbVmpFieldValue** parameters to define the type and value of the signature field.'."\n" + .' - **false**: No.'."\n" + .' - **wxbbVmpFieldType**: Integer | Optional | The type of the custom signature field. Required when the **hasTag** parameter is set to **true**. Valid values:'."\n" + .' - **0**: header.'."\n" + .' - **1**: parameter.'."\n" + .' - **2**: cookie.'."\n" + .' - **wxbbVmpFieldValue**: String | Optional | The value of the custom signature field. Required when the **hasTag** parameter is set to **true**.'."\n" + .' - **blockInvalidSign**: Integer | Required | Specifies whether to apply the disposition action to invalid signatures. The value is fixed as **1**. This is the default mitigation policy for path protection rules.'."\n" + .' - **blockProxy**: Integer | Optional | Specifies whether to apply the disposition action to proxies. The value is fixed as **1**. Do not specify this parameter if you do not need to apply the disposition action to proxy behavior.'."\n" + .' - **blockSimulator**: Integer | Optional | Specifies whether to apply the disposition action to simulators. The value is fixed as **1**. Do not specify this parameter if you do not need to apply the disposition action to simulator behavior.'."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"test",'."\n" + .' "uri":"/index",'."\n" + .' "matchType":"all",'."\n" + .' "arg":"test",'."\n" + .' "action":"close",'."\n" + .' "hasTag":true,'."\n" + .' "wxbbVmpFieldType":2,'."\n" + .' "wxbbVmpFieldValue":"test",'."\n" + .' "blockInvalidSign":1,'."\n" + .' "blockProxy":1'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string for data risk control protection request configuration (**antifraud**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String | Required | The specific protection request URL.'."\n" + .' '."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "uri": "http://1.example.com/example"'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for data risk control JS insertion page configuration (**antifraud_js**) contains the following parameters:'."\n" + ."\n" + .' - **uri**: String | Required | The URL of the page where the data risk control JS is to be inserted. The system inserts the data risk control JS into all pages under the specified URL path. The value must start with a forward slash (/).'."\n" + ."\n" + .' - **Example**.'."\n" + ."\n" + .' ```'."\n" + .' {'."\n" + .' "uri": "/example/example"'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for IP blacklist rule configuration (**ac_blacklist**) contains the following parameters:'."\n" + ."\n" + .' - **remoteAddr**: Array | Optional | The IP addresses in the blacklist. IP addresses and CIDR blocks are supported. Separate multiple IP addresses with commas (,). You can add up to 200 IP addresses. An empty value clears the IP blacklist.'."\n" + ."\n" + .' - **area**: Array | Optional | The regions in the region-level IP blacklist. Expressed as a string converted from a JSON array. Each element in the JSON array is a structure that contains the following fields:'."\n" + ."\n" + .' - **countryCodes**: Array | Required | The country codes. If only `["CN"]` is specified, it indicates blocking regions within the Chinese mainland, and you must also specify **regionCodes**. If a value other than `["CN"]` is specified, it indicates blocking regions outside China, and **regionCodes** is not required. You can call [DescribeProtectionModuleCodeConfig](~~201108~~) to query region codes within and outside China.'."\n" + ."\n" + .' - **regionCodes**: Array | Optional | The region codes within China.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' { "remoteAddr": [ "1.XX.XX.1", "2.XX.XX.2" ], "area": [ { "countryCodes": [ "CN" ], "regionCodes": [ "310000", "530000" ] }, { "countryCodes": [ "AD", "AL" ] } ] }'."\n" + .' }'."\n" + .' ```'."\n" + .'- The JSON string for automatic blocking rule configuration for high-frequency web attack IP addresses (**ac_highfreq**) contains the following parameters:'."\n" + ."\n" + .' - **interval**: Integer | Required | The detection time range. Unit: seconds. Valid values: 5 to 1800.'."\n" + .' - **ttl**: Integer | Required | The IP blocking duration. Unit: seconds. Valid values: 60 to 86400.'."\n" + .' - **count**: Integer | Required | The web attack count threshold. If the number of attacks within the detection time range exceeds this value, blocking is triggered. Valid values: 2 to 50000.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "interval":60,'."\n" + .' "ttl":300,'."\n" + .' "count":60'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The JSON string for directory scan protection rule configuration (**ac_dirscan**) contains the following parameters:'."\n" + ."\n" + .' - **interval**: Integer | Required | The detection time range. Unit: seconds. Valid values: 5 to 1800.'."\n" + .' - **ttl**: Integer | Required | The IP blocking duration. Unit: seconds. Valid values: 60 to 86400.'."\n" + .' - **count**: Integer | Required | The access count threshold. Valid values: 2 to 50000.'."\n" + .' - **weight**: Float | Required | The 404 response code ratio threshold (percentage). Valid values: 0 to 1.'."\n" + .' - **uriNum**: Integer | Required | The scanned directory count threshold. Valid values: 2 to 50000.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "interval":10,'."\n" + .' "ttl":1800,'."\n" + .' "count":50,'."\n" + .' "weight":0.7,'."\n" + .' "uriNum":20 '."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .'- The custom mitigation policy rule configuration (**ac_custom**) uses the **scene** parameter in its corresponding JSON string to set ACL access control rules and CC attack protection rules.'."\n" + ."\n" + .' - To set an ACL access control rule (the **scene** parameter value is **custom_acl**), the corresponding JSON string contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **scene**: String | Required | The protection type. When setting an ACL access control rule, the value is fixed as **custom_acl**.'."\n" + .' - **action**: String | Required | The disposition action. Valid values:'."\n" + .' - **monitor**: monitor.'."\n" + .' - **captcha**: slider CAPTCHA.'."\n" + .' - **captcha_strict**: strict slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: block.'."\n" + .' - **conditions**: Array | Required | The match conditions. You can specify up to 5 match conditions. Described in JSON string format with the following parameters:'."\n" + ."\n" + .' - **key**: The match field. Valid values: **URL**, **IP**, **Referer**, **User-Agent**, **Params**, **Cookie**, **Content-Type**, **Content-Length**, **X-Forwarded-For**, **Post-Body**, **Http-Method**, **Header**, and **URLPath**.'."\n" + ."\n" + .' - **opCode**: The logical operator. Valid values:'."\n" + .' - **0**: does not contain or does not belong to.'."\n" + .' - **1**: contains or belongs to.'."\n" + .' - **2**: does not exist.'."\n" + .' - **10**: does not equal.'."\n" + .' - **11**: equals.'."\n" + .' - **20**: length is less than.'."\n" + .' - **21**: length equals.'."\n" + .' - **22**: length is greater than.'."\n" + .' - **30**: value is less than.'."\n" + .' - **31**: value equals.'."\n" + .' - **32**: value is greater than.'."\n" + ."\n" + .' - **values**: The match content. Specify the appropriate content as needed, expressed as a String type.'."\n" + ."\n" + .' > The valid values of the logical operator (**opCode**) and match content (**values**) parameters depend on the specified match field (**key**). For more information about supported match condition configurations, see [Match condition field description](~~147945~~).'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "action":"monitor",'."\n" + .' "name":"test",'."\n" + .' "scene":"custom_acl",'."\n" + .' "conditions":[{"opCode":1,"key":"URL","values":"/example"}]'."\n" + .' }'."\n" + .' ```.'."\n" + ."\n" + .' - To set a CC attack protection rule (the **scene** parameter value is **custom_cc**), the corresponding JSON string contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + .' - **scene**: String | Required | The protection type. When setting a CC attack protection rule, the value is fixed as **custom_cc**.'."\n" + .' - **conditions**: Array | Required | The match conditions. You can specify up to 5 match conditions. Described in JSON string format with the following parameters:'."\n" + ."\n" + .' - **key**: The match field. Valid values: **URL**, **IP**, **Referer**, **User-Agent**, **Params**, **Cookie**, **Content-Type**, **Content-Length**, **X-Forwarded-For**, **Post-Body**, **Http-Method**, **Header**, and **URLPath**.'."\n" + ."\n" + .' - **opCode**: The logical operator. Valid values:'."\n" + ."\n" + .' - **0**: does not contain or does not belong to.'."\n" + .' - **1**: contains or belongs to.'."\n" + .' - **2**: does not exist.'."\n" + .' - **10**: does not equal.'."\n" + .' - **11**: equals.'."\n" + .' - **20**: length is less than.'."\n" + .' - **21**: length equals.'."\n" + .' - **22**: length is greater than.'."\n" + .' - **30**: value is less than.'."\n" + .' - **31**: value equals.'."\n" + .' - **32**: value is greater than.'."\n" + ."\n" + .' - **values**: The match content. Specify the appropriate content as needed, expressed as a String type.'."\n" + ."\n" + .' > The valid values of the logical operator (**opCode**) and match content (**values**) parameters depend on the specified match field (**key**).'."\n" + ."\n" + .' - **action**: String | Required | The disposition action. Valid values:'."\n" + ."\n" + .' - **monitor**: monitor.'."\n" + .' - **captcha**: slider CAPTCHA.'."\n" + .' - **captcha_strict**: strict slider CAPTCHA.'."\n" + .' - **js**: JavaScript verification.'."\n" + .' - **block**: block.'."\n" + ."\n" + .' - **ratelimit**: JSON format | Required | The frequency settings. Described in JSON string format with the following parameters:'."\n" + ."\n" + .' - **target**: String | Required | The type of statistical object. Valid values:'."\n" + .' - **remote_addr**: IP.'."\n" + .' - **cookie.acw_tc**: session.'."\n" + .' - **queryarg**: custom parameter. If you select custom parameter, you must specify the name of the custom parameter in the **subkey** parameter.'."\n" + .' - **cookie**: custom cookie. If you select custom cookie, you must specify the cookie content in the **subkey** parameter.'."\n" + .' - **header**: custom header. If you select custom header, you must specify the header content in the **subkey** parameter.'."\n" + .' - **subkey**: String | Optional | Required when the **target** parameter is set to **cookie**, **header**, or **queryarg**. Specify the corresponding information in the **subkey** parameter.'."\n" + ."\n" + .' - **interval**: Integer | Required | The statistical duration (unit: seconds), which is the statistical period for access counts. Used in combination with the threshold (**threshold**) parameter.'."\n" + ."\n" + .' - **threshold**: Integer | Required | The threshold for the number of times a single statistical object can access the protected address within the detection duration.'."\n" + ."\n" + .' - **status**: JSON format | Optional | The response code frequency settings. Described in JSON string format with the following parameters:'."\n" + ."\n" + .' - **code**: Integer | Required | The specified response code.'."\n" + ."\n" + .' - **count**: Integer | Optional | The occurrence count threshold. The protection rule is triggered when the specified response code occurs more than this threshold number of times. Valid values: 1 to 999999999. You can specify either the **count** parameter or the **ratio** parameter, but not both.'."\n" + ."\n" + .' - **ratio**: Integer | Optional | The occurrence ratio threshold (percentage). The protection rule is triggered when the proportion of the specified response code exceeds this threshold. Valid values: 1 to 100. You can specify either the **count** parameter or the **ratio** parameter, but not both.'."\n" + ."\n" + .' - **scope**: String | Required | The effective scope. Valid values:'."\n" + ."\n" + .' - **rule**: within the current feature match scope.'."\n" + ."\n" + .' - **domain**: within the domain name scope of the current rule.'."\n" + .' '."\n" + .' - **ttl**: Integer | Required | The duration for which the disposition action takes effect. Unit: seconds. Valid values: 60 to 86400.'."\n" + ."\n" + .' - **Example**'."\n" + .' ```'."\n" + .' {'."\n" + .' "name":"CC 防护",'."\n" + .' "conditions":[{"opCode":1,"key":"URL","values":"/example"}],'."\n" + .' "action":"block", '."\n" + .' "scene":"custom_cc", '."\n" + .' "ratelimit":{'."\n" + .' "target": "remote_addr", '."\n" + .' "interval": 300,'."\n" + .' "threshold": 2000,'."\n" + .' "status": {'."\n" + .' "code": 404,'."\n" + .' "count": 200'."\n" + .' },'."\n" + .' "scope": "rule",'."\n" + .' "ttl": 1800'."\n" + .' }'."\n" + .' ```'."\n" + ."\n" + .'- The JSON string for website whitelist rule configuration (**whitelist**) contains the following parameters:'."\n" + ."\n" + .' - **name**: String | Required | The rule name.'."\n" + ."\n" + .' - **tags**: Array | Required | The modules to skip. The modules that can be skipped (**tags**) vary depending on the type of whitelist rule. The details are as follows:'."\n" + ."\n" + .' > The values of **tags** can only include the values listed under the specific whitelist type. For example, the **tags** values cannot contain both **regular** and **cc** at the same time, because **regular** belongs to the web intrusion prevention whitelist and **cc** belongs to the access control or throttling whitelist.'."\n" + ."\n" + .' - To set a global whitelist, set **tags** to:'."\n" + .' - **waf**: skips all protection modules.'."\n" + ."\n" + .' - To set a web intrusion prevention whitelist, set **tags** to one or more of the following values:'."\n" + .' - **regular**: skips the protection rules engine, which includes all protection rules.'."\n" + .' - **regular_rule**: skips the specified protection rules in the protection rules engine. If you select this value, you must set the rule IDs to skip by using the **regularRules** parameter.'."\n" + .' - **regular_type**: skips the specified types of protection rules in the protection rules engine. If you select this value, you must set the rule types to skip by using the **regularTypes** parameter.'."\n" + .' - **deeplearning**: skips the deep learning engine.'."\n" + ."\n" + .' - To set an access control or throttling whitelist, set **tags** to one or more of the following values:'."\n" + .' - **cc**: skips the CC security protection module.'."\n" + .' - **customrule**: skips the custom mitigation policy module.'."\n" + .' - **blacklist**: skips the IP blacklist module.'."\n" + .' - **antiscan**: skips the scan protection module.'."\n" + ."\n" + .' - To set a data security whitelist, set **tags** to one or more of the following values:'."\n" + .' - **dlp**: skips the sensitive information leak prevention module.'."\n" + .' - **tamperproof**: skips the website tamper-proofing module.'."\n" + .' - **account**: skips the account security module.'."\n" + ."\n" + .' - To set a bot management whitelist, set **tags** to one or more of the following values:'."\n" + .' - **bot_intelligence**: skips the crawler threat intelligence module.'."\n" + .' - **bot_algorithm**: skips the typical crawler behavior identification module.'."\n" + .' - **bot_wxbb**: skips the app protection module.'."\n" + .' - **antifraud**: skips the data risk control module.'."\n" + ."\n" + .' - **regularRules**: Array | Optional | The list of protection rule IDs to skip. Required if the value of the **tags** parameter contains **regular_rule**. You can go to the **Protection Rule Group** page in the [WAF console](https://yundun.console.aliyun.com/?p=wafnext) and create a rule group to query all web attack protection rules and obtain their IDs. For more information, see [Customize protection rule groups](~~99262~~).'."\n" + .' - **regularTypes**: Array | Optional | The list of protection rule types to skip. Required if the value of the **tags** parameter contains **regular_type**. Valid values:'."\n" + .' - **sqli**: SQL injection.'."\n" + .' - **xss**: cross-site scripting.'."\n" + .' - **code_exec**: code execution.'."\n" + .' - **lfilei**: local file inclusion.'."\n" + .' - **rfilei**: remote file inclusion.'."\n" + .' - **webshell**: WebShell.'."\n" + .' - **vvip**: custom protection rules.'."\n" + .' - **other**: other types.'."\n" + ."\n" + .' - **conditions**: Array | Required | The match conditions. You can specify up to 5 match conditions. Described in JSON string format with the following parameters:'."\n" + ."\n" + .' - **key**: The match field. Valid values: **URL**, **IP**, **Referer**, **User-Agent**, **Params**, **Cookie**, **Content-Type**, **Content-Length**, **X-Forwarded-For**, **Post-Body**, **Http-Method**, **Header**, and **URLPath**.'."\n" + ."\n" + .' - **opCode**: The logical operator. Valid values:'."\n" + ."\n" + .' - **0**: does not contain or does not belong to.'."\n" + ."\n" + .' - **1**: contains or belongs to.'."\n" + ."\n" + .' - **2**: does not exist.'."\n" + ."\n" + .' - **10**: does not equal.'."\n" + ."\n" + .' - **11**: equals.'."\n" + ."\n" + .' - **20**: length is less than.'."\n" + ."\n" + .' - **21**: length equals.'."\n" + ."\n" + .' - **22**: length is greater than.'."\n" + ."\n" + .' - **30**: value is less than.'."\n" + ."\n" + .' - **31**: value equals.'."\n" + ."\n" + .' - **32**: value is greater than.'."\n" + ."\n" + .' '."\n" + ."\n" + .' - **values**: The match content. Specify the appropriate content as needed, expressed as a String type.'."\n" + ."\n" + .' > The valid values of the logical operator (**opCode**) and match content (**values**) parameters depend on the specified match field (**key**).'."\n" + ."\n" + .' - **Example**'."\n" + .' '."\n" + .' ```'."\n" + .' {'."\n" + .' "name": "test",'."\n" + .' "tags": ["cc","customrule"],'."\n" + .' "conditions":[{"opCode":1,"key":"URL","values":"/example"}],'."\n" + .' }'."\n" + .' ```'."\n" + ."\n\n" + ."\n" + .'When calling this operation, in addition to the request parameters described in this topic, you must also include the Alibaba Cloud common request parameters. For more information about common request parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the format of API requests, see the request examples in the **Examples** section of this topic.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionModuleRule'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionModuleRule', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyProtectionModuleStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -4763,50 +6158,68 @@ 'systemTags' => [], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The domain name of the website to operate on.'."\n" + ."\n" + .'> You can call [DescribeDomainList](~~255880~~) to query all domain names that are added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The WAF security protection module to operate on. Valid values:'."\n" + ."\n" + .'- **waf**: rule-based protection policy engine.'."\n" + .'- **dld**: deep learning engine.'."\n" + .'- **tamperproof**: web tamper-proofing.'."\n" + .'- **dlp**: sensitive information leak prevention.'."\n" + .'- **normalized**: proactive defense.'."\n" + .'- **bot_crawler**: legitimate crawlers.'."\n" + .'- **bot_intelligence**: crawler threat intelligence.'."\n" + .'- **antifraud**: data risk control.'."\n" + .'- **bot_algorithm**: intelligent algorithm.'."\n" + .'- **bot_wxbb**: app protection.'."\n" + .'- **bot_wxbb_pkg**: version protection in app protection.'."\n" + .'- **ac_cc**: HTTP flood protection.'."\n" + .'- **ac_blacklist**: IP blacklist.'."\n" + .'- **ac_highfreq**: blocking of high-frequency web attacks in scan protection.'."\n" + .'- **ac_dirscan**: folder traverse protection in scan protection.'."\n" + .'- **ac_scantools**: scan tool blocking in scan protection.'."\n" + .'- **ac_collaborative**: collaborative defense in scan protection.'."\n" + .'- **ac_custom**: custom protection policy.'."\n" + ."\n" + .'> You can set only one feature module at a time.', 'type' => 'string', 'required' => true, 'example' => 'waf', 'title' => ''], ], [ - 'name' => 'Enabled', + 'name' => 'ModuleStatus', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The status of the protection module. Valid values:'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance to operate on.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekztsixucs****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -4814,95 +6227,98 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + 'title' => 'Enable or disable a specified WAF protection feature', + 'summary' => 'Enables or disables a specified WAF protection feature, such as web intrusion prevention, data security, advanced protection, bot management, access control, or throttling.', + 'description' => 'This operation enables or disables a specified WAF protection module.'."\n" + .'You can set the **DefenseType** parameter to specify the protection module to operate on. For more information about the valid values, see the description of the **DefenseType** request parameter.'."\n" + .'To ensure system stability, the China Chinese mainland per-user queries per second (QPS) limit is 20. If this limit is exceeded, API calls are throttled, which may affect your business. Call this operation at a reasonable frequency.', + 'requestParamsDescription' => 'In addition to the request parameters described in this topic, you must include Alibaba Cloud API common parameters in your request. For more information about common parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request example in the **Examples** section of this topic.', + 'responseParamsDescription' => ' ', + 'extraInfo' => ' ', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionModuleStatus'], ], - 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', + ], + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionModuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<ModifyLogRetrievalStatusResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</ModifyLogRetrievalStatusResponse>","errorExample":""}]', - 'title' => 'ModifyLogRetrievalStatus', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', ], - 'ModifyLogServiceStatus' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'ModifyProtectionRuleCacheStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [], + 'systemTags' => [ + 'operationType' => 'get', + 'abilityTreeCode' => '93407', + 'abilityTreeNodes' => ['FEATUREwafI1HM4C'], + ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The domain name that has been added.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The ID of the rule.'."\n" + .'> Call the [DescribeProtectionModuleRules](~~100398~~) operation to query the IDs of all rules.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '42755', 'title' => ''], ], [ - 'name' => 'Enabled', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The protection module. Set the value to **tamperproof**.', 'type' => 'string', 'required' => true, 'example' => 'tamperproof', 'title' => ''], ], [ - 'name' => 'ResourceGroupId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + .'> Call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => "\n" + .'The ID of the resource group to which the WAF instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], ], 'responses' => [ @@ -4910,130 +6326,118 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 403 => [ - [ - 'errorCode' => 'Forbbiden', - 'errorMessage' => 'User not authorized to operate on the specified resource.', - ], - ], - 500 => [ - [ - 'errorCode' => 'InternalError', - 'errorMessage' => 'The request processing has failed due to some unknown error.', - ], - ], - ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<ModifyLogServiceStatusResponse>\\r\\n\\t<RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\r\\n</ModifyLogServiceStatusResponse>","errorExample":""}]', - 'title' => 'ModifyLogServiceStatus', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + 'title' => 'Update the cache of a page protected by a web tamper-proofing rule', + 'summary' => 'Updates the cache of a page protected by a specified web tamper-proofing rule.', 'requestParamsDescription' => ' ', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeLogServiceStatus' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2024-06-25T11:40:13.000Z', 'description' => 'Request parameters changed, Error codes changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionRuleCacheStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionRuleCacheStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyProtectionRuleStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', + 'abilityTreeCode' => '93408', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], + 'schema' => ['description' => 'The domain name that has been added.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'Region', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn', - 'default' => 'cn', - ], + 'schema' => ['description' => 'The protection feature module. Valid values:'."\n" + ."\n" + .'- **tamperproof**: web tamper-proofing'."\n" + ."\n" + .'- **bot_crawler**: the legitimate search engine whitelist in the legitimate crawlers feature module'."\n" + ."\n" + .'- **bot_intelligence**: crawler threat intelligence'."\n" + ."\n" + .'- **ac_custom**: custom protection policy'."\n" + ."\n" + .'- **whitelist**: website whitelist', 'type' => 'string', 'required' => true, 'example' => 'tamperproof', 'title' => ''], ], [ - 'name' => 'ResourceGroupId', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2pz25js****', - ], + 'schema' => ['description' => 'The ID of the protection rule.'."\n" + ."\n" + .'> You can call the [DescribeProtectionModuleRules](~~100398~~) operation to query all rule IDs.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '42755', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'RuleStatus', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The status of the protection rule. Valid values:'."\n" + ."\n" + .'- **0**: disabled'."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'LockVersion', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The version number of the rule configuration record.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2', 'title' => ''], ], [ - 'name' => 'DomainNames', + 'name' => 'InstanceId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], - 'required' => false, - 'example' => 'www.aliyun.com', - 'maxItems' => 100, - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs in Resource Management. By default, this parameter is empty, which indicates that the instance belongs to the default resource group.'."\n" + ."\n" + .'For more information about resource groups, see [Create a resource group](~~94485~~).', 'type' => 'string', 'required' => false, 'example' => 'rg-atstuj3rtop****', 'title' => ''], ], ], 'responses' => [ @@ -5041,91 +6445,88 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'C2E97B3F-1623-4CDF-A7E2-FD9D4CF1027A', - ], - 'DomainStatus' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Domain' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'www.aliyun.com', - ], - 'SlsLogActive' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"TotalCount\\": 63,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"DomainStatus\\": [\\n {\\n \\"Domain\\": \\"www.aliyun.com\\",\\n \\"SlsLogActive\\": 1\\n }\\n ]\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<DescribeLogServiceStatusResponse>\\r\\n\\t<RequestId>C2E97B3F-1623-4CDF-A7E2-FD9D4CF1027A</RequestId>\\r\\n\\t<TotalCount>1</TotalCount>\\r\\n\\t<DomainStatus>\\r\\n\\t\\t<Domain>www.aliyun.com</Domain>\\r\\n\\t\\t<SlsLogActive>1</SlsLogActive>\\r\\n\\t</DomainStatus>\\r\\n</DescribeLogServiceStatusResponse>","errorExample":""}]', - 'title' => 'DescribeLogServiceStatus', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Enable or disable WAF protection modules for a domain name', + 'summary' => 'Enables or disables WAF protection feature modules for a domain name, such as web tamper-proofing, legitimate crawlers, crawler threat intelligence, custom protection policies, and website whitelists.', + 'description' => 'You can specify the protection module by setting the **DefenseType** parameter. For more information about the valid values, see the description of the **DefenseType** request parameter.', + 'requestParamsDescription' => ' ', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', - ], - 'DescribeWafSourceIpSegment' => [ - 'methods' => [ - 'post', - 'get', + 'changeSet' => [ + ['createdAt' => '2024-06-25T11:40:13.000Z', 'description' => 'Request parameters changed, Error codes changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionRuleStatus'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionRuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'MoveResourceGroup' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'systemTags' => [ - 'operationType' => 'get', - ], + 'systemTags' => [], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'ResourceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], + 'schema' => ['description' => 'The ID of the WAF resource to move.'."\n" + ."\n" + .'After you configure a Website Config for a domain name in WAF, the domain name represents a WAF resource. A WAF resource uses a resource ID (ResourceId) as its unique identity in Resource Management. The resource ID of a WAF resource is in the format of `<InstanceId>~<Domain>`:'."\n" + ."\n" + .'- `<InstanceId>` specifies the ID of the current WAF instance. You can invoke the [DescribeInstanceInfo](~~140857~~) operation in the WAF API to query the ID of the current WAF instance.'."\n" + ."\n" + .'- `<Domain>` specifies the website domain name that is added to the WAF instance for protection. You can invoke the [DescribeDomainList](~~255880~~) operation in the WAF API to query all domain names added to the WAF instance for protection.'."\n" + ."\n" + .'- `<InstanceId>` and `<Domain>` are connected by `~` to form the resource ID of the WAF domain name resource.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-09k1rd5****~www.example.com', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2pz25js****', - ], + 'schema' => ['description' => 'The ID of the resource group to which you want to move the WAF resource.'."\n" + ."\n" + .'After you create a resource group in Resource Management, a unique identifier is generated for the resource group, which is the resource group ID (ResourceGroupId).'."\n" + ."\n" + .'You can view all resource group IDs on the **Resource Group** page in the [Resource Management console](https://resourcemanager.console.aliyun.com/resource-groups), or call the [ListResourceGroups](~~158855~~) operation provided by Resource Management to query all resource group IDs.', 'type' => 'string', 'required' => true, 'example' => 'rg-atstuj3rtop****', 'title' => ''], + ], + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => ['description' => 'The type of the WAF resource. Set the value to **domain**, which indicates that the WAF resource type is domain name only.', 'type' => 'string', 'required' => true, 'example' => 'domain', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -5133,86 +6534,112 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'AB2F5E31-EE96-4FD7-9560-45FF5D5377FF', - ], - 'Ips' => [ - 'description' => '', - 'type' => 'string', - 'example' => '47.XXX.XXX.192/26,……,47.XXX.XXX.0/24', - ], - 'IpV6s' => [ - 'description' => '', - 'type' => 'string', - 'example' => '39.XXX.XXX.0/24,……,2408:400a:XXXX:XXXX::/56', - ], + 'RequestId' => ['description' => 'The ID of the request. Alibaba Cloud generates a unique identifier for each request. You can use the request ID to troubleshoot issues.', 'type' => 'string', 'example' => 'C33EB3D5-AF96-43CA-9C7E-37A8****6A1E', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"AB2F5E31-EE96-4FD7-9560-45FF****77FF\\",\\n \\"Ips\\": \\"47.XXX.XXX.192/26,……,47.XXX.XXX.0/24\\",\\n \\"IpV6s\\": \\"39.XXX.XXX.0/24,……,2408:400a:XXXX:XXXX::/56\\"\\n}","errorExample":""},{"type":"xml","example":"<?xml version=\\"1.0\\" encoding=\\"UTF-8\\" ?>\\r\\n<DescribeWafSourceIpSegmentResponse>\\r\\n\\t<RequestId>AB2F5E31-EE96-4FD7-9560-45FF5D5377FF</RequestId>\\r\\n\\t<IpV6s>39.XXX.XXX.0/24,……,2408:400a:XXXX:XXXX::/56</IpV6s>\\r\\n\\t<Ips>47.XXX.XXX.192/26,……,47.XXX.XXX.0/24</Ips>\\r\\n</DescribeWafSourceIpSegmentResponse>\\t","errorExample":""}]', - 'title' => 'DescribeWafSourceIpSegment', - 'responseParamsDescription' => ' ', - 'extraInfo' => ' ', - ], - 'MoveResourceGroup' => [ - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'errorCodes' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C33EB3D5-AF96-43CA-9C7E-37A8****6A1E\\"\\n}","type":"json"}]', + 'title' => 'Move a resource to a new resource group', + 'summary' => 'Moves a WAF resource to a different resource group.', + 'description' => 'A WAF resource represents a domain name that is added to WAF for protection. A resource group is a mechanism for organizing and managing resources within an Alibaba Cloud account. Resource groups help you manage resources across multiple projects or applications and simplify user authorization management within a single account. Domain name resources added to WAF belong to the default resource group by default. You can move WAF domain name resources to a custom resource group for grouped resource management.'."\n" + ."\n" + .'You can create a resource group in the Alibaba Cloud Management Console. For related operations, see [Create a resource group](https://www.alibabacloud.com/help/en/resource-management/user-guide/create-a-resource-group). You can also create a resource group by invoking the Resource Management API. For more information, see [CreateResourceGroup](https://www.alibabacloud.com/help/en/resource-management/api-createresourcegroup).'."\n" + ."\n" + .'For more information about resource groups, see [What is Resource Management?](https://www.alibabacloud.com/help/en/resource-management/product-overview/what-is-resource-management).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'MoveResourceGroup'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:MoveResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'SetDomainRuleGroup' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], + 'deprecated' => false, 'systemTags' => [], 'parameters' => [ [ - 'name' => 'ResourceId', + 'name' => 'Domains', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-09k1rd5****~www.example.com', - ], + 'schema' => ['description' => 'The list of domain names for which you want to configure the protection rule group. Specify the value as a string converted from an array.'."\n" + ."\n" + .'You can specify multiple domain names at a time in the following format: `["<Domain name 1>","<Domain name 2>",...]`.'."\n" + ."\n" + .'> You can call [DescribeDomainList](~~255880~~) to query all domain names that have been added to WAF for protection.', 'type' => 'string', 'required' => true, 'example' => '["www.aliyundoc.com"]', 'title' => ''], + ], + [ + 'name' => 'RuleGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the protection rule group to apply to the rule-based protection engine. Valid values:'."\n" + ."\n" + .'- **1011**: the built-in Strict rule group of WAF.'."\n" + .'- **1012**: the built-in Medium rule group of WAF.'."\n" + .'- **1013**: the built-in Loose rule group of WAF.'."\n" + ."\n" + .'In addition to the built-in rule groups listed above, you can also specify the ID of a custom rule group.'."\n" + ."\n" + .'> You can obtain the ID of a custom rule group on the **Protection Rule Group** page in the [Web Application Firewall console](https://yundun.console.aliyun.com/?p=wafnext).', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1012', 'title' => ''], + ], + [ + 'name' => 'WafVersion', + 'in' => 'query', + 'schema' => ['description' => 'The version number for the current configuration, which is used for optimistic locking control.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'ResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'rg-atstuj3rtop****', - ], + 'schema' => ['description' => 'The ID of the resource group to which the domain name belongs in Resource Management.'."\n" + ."\n" + .'If you do not specify this parameter, the default resource group is used.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2pz25js****', 'title' => ''], ], [ - 'name' => 'ResourceType', + 'name' => 'WafAiStatus', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'domain', - ], + 'schema' => ['description' => 'Specifies whether to enable the intelligent rule hosting feature. Valid values:'."\n" + .'- **0**: disabled.'."\n" + .'- **1** (default): enabled.'."\n" + ."\n" + .'Intelligent rule hosting means that WAF intelligently learns the behavior patterns of historical business traffic, identifies protection rules that may cause false positives for normal business, and automatically configures web intrusion protection whitelists to block the corresponding protection rules in specific business protection scenarios. After the false positive risk is eliminated, the blocked protection rules are restored.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -5220,30 +6647,1319 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'C33EB3D5-AF96-43CA-9C7E-37A81BC06A1E', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C33EB3D5-AF96-43CA-9C7E-37A8****6A1E\\"\\n}","type":"json"}]', - 'title' => 'MoveResourceGroup', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'Configure a protection rule group for a domain name', + 'summary' => 'Configures the protection rule group used by the regular expression protection engine for a specified domain name. In addition to the three system default protection rule groups, you can also select a custom rule group.', + 'description' => 'Configures the protection rule group for the rule-based protection engine and the status of the intelligent rule hosting feature for a specified domain name.'."\n" + .'When configuring a protection rule group, you can use the built-in Normal, Strict, and Loose protection rule groups provided by WAF, or select a custom rule group. To ensure system stability, the queries per second (QPS) is limited to 10 per user. If the limit is exceeded, API calls are throttled, which may affect your business. Call this operation at an appropriate frequency.'."\n" + ."\n" + .'><notice> Creating custom rule groups through the API is not currently supported. You must first create a rule group and obtain the corresponding rule group ID on the **System Management** > **Protection Rule Group** page in the [Web Application Firewall console](https://yundun.console.aliyun.com/?p=wafnext) before you can call this operation to apply a custom rule group to a domain name.'."\n" + .'></notice>.', + 'requestParamsDescription' => 'When you call this operation, you must include common Alibaba Cloud API request parameters in addition to the operation-specific request parameters described in this topic. For more information about common parameters, see [Common parameters](~~162719~~).'."\n" + ."\n" + .'For the request format, see the request examples in the **Examples** section of this topic.', 'responseParamsDescription' => ' ', 'extraInfo' => ' ', + 'changeSet' => [ + ['createdAt' => '2022-01-18T08:24:59.000Z', 'description' => 'Request parameters changed, Error codes changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'SetDomainRuleGroup'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:SetDomainRuleGroup', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], ], ], 'endpoints' => [ + ['regionId' => 'ap-southeast-1', 'regionName' => 'Singapore', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'wafopenapi.ap-southeast-1.aliyuncs.com', 'endpoint' => 'wafopenapi.ap-southeast-1.aliyuncs.com', 'vpc' => 'wafopenapi-intl.vpc-proxy.aliyuncs.com'], + ['regionId' => 'cn-hangzhou', 'regionName' => 'China (Hangzhou)', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'wafopenapi.cn-hangzhou.aliyuncs.com', 'endpoint' => 'wafopenapi.cn-hangzhou.aliyuncs.com', 'vpc' => 'wafopenapi.vpc-proxy.aliyuncs.com'], + ], + 'errorCodes' => [ + ['code' => '10900', 'message' => 'Invalid parameter', 'http_code' => 400, 'description' => 'Invalid parameter'], + ['code' => '11001', 'message' => 'Internal server error', 'http_code' => 400, 'description' => 'System internal error'], + ['code' => '500', 'message' => 'Internal server error', 'http_code' => 500, 'description' => 'Internal System Error'], + ['code' => 'AccountSafeUsed', 'message' => 'The feature of account security is being used.', 'http_code' => 400, 'description' => 'The account security feature is in use.'], + ['code' => 'AclIpCountOverLimit', 'message' => 'Ip count in ACL rule is over limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the custom rule (ACL) exceeds the limit.'], + ['code' => 'AclParamError', 'message' => 'Acl param invalid.', 'http_code' => 400, 'description' => 'The ACL parameter is invalid.'], + ['code' => 'AntifraudOrAntifriaudJsUsed', 'message' => 'The feature of data risk control is being used.', 'http_code' => 400, 'description' => 'The data risk control feature is in use.'], + ['code' => 'BotAlgorithmUsed', 'message' => 'The feature of crawler behavior algorithm is being used.', 'http_code' => 400, 'description' => 'The typical bot behavior identification feature is in effect.'], + ['code' => 'BusinessDomainNotRecord', 'message' => 'The specified domain name is not ICP filed.', 'http_code' => 400, 'description' => 'The specified domain name does not have an ICP filing.'], + ['code' => 'BusinessInvalidArgument', 'message' => 'The specified parameters are invalid.', 'http_code' => 403, 'description' => 'The specified parameter is invalid.'], + ['code' => 'BusinessInvalidDomainIpInvalid', 'message' => 'The IP address cannot be added.', 'http_code' => 403, 'description' => 'The IP address cannot be added.'], + ['code' => 'BusinessInvalidIpv6', 'message' => 'Back-to-origin IPv6 addresses are not supported. To add these IP addresses, you must enable the feature of forwarding requests to origin servers over IPv6.', 'http_code' => 403, 'description' => 'Back-to-origin IPv6 addresses are not supported. To add these IP addresses, you must enable the feature of forwarding requests to origin servers over IPv6.'], + ['code' => 'BusinessInvalidSourceIp', 'message' => 'The origin fetch address includes disallowed IP addresses or domains.', 'http_code' => 400, 'description' => 'The back-to-origin addresses include IP addresses and domain names that are not allowed.'], + ['code' => 'BusinessIpDomain', 'message' => 'The current access domain does not support in IP format.', 'http_code' => 400, 'description' => 'The IP address format is not supported.'], + ['code' => 'BusinessMainDomainNotSupport', 'message' => 'The added primary domain name is not supported.', 'http_code' => 403, 'description' => 'The added second-level domain name is not supported.'], + ['code' => 'BusinessSourceIpSupportVirtuaIp', 'message' => 'You can only add wan net ip.', 'http_code' => 403, 'description' => 'Currently, it is a customized version of shared virtual host, and only the IP address of Wanwang virtual host can be added.'], + ['code' => 'BusinessViolation', 'message' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.', 'http_code' => 400, 'description' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.'], + ['code' => 'CertDomainNotMatch', 'message' => 'The certificate does not include this domain.', 'http_code' => 400, 'description' => 'This certificate does not contain the domain name.'], + ['code' => 'CertExpiredError', 'message' => 'The certificate has expired. Do not continue using this certificate.', 'http_code' => 400, 'description' => 'The certificate is expired. You can no longer use this certificate.'], + ['code' => 'CertFormatError', 'message' => 'The certificate is malformed.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'], + ['code' => 'CertKeyNotMatch', 'message' => 'The certificate file and private key do not match.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key of the certificate.'], + ['code' => 'CertNameDuplicateError', 'message' => 'The certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate already exists.'], + ['code' => 'CertNameExisted', 'message' => 'The certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate already exists.'], + ['code' => 'CertNotExist', 'message' => 'The certificate is not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'], + ['code' => 'ComboError', 'message' => 'No package information is available.', 'http_code' => 400, 'description' => 'No software package information is available.'], + ['code' => 'CustomAclOrCcUsed', 'message' => 'The feature of advanced conditions is being used.', 'http_code' => 400, 'description' => 'The custom rule (ACL) is in use.'], + ['code' => 'CustomRulesGroupUsed', 'message' => 'The feature of custom rule group is being used.', 'http_code' => 400, 'description' => 'The custom policy group is in use.'], + ['code' => 'CustomSpeedLimitUsed', 'message' => 'The feature of custom throttling is being used.', 'http_code' => 400, 'description' => 'The custom rule (throttling) is in use.'], + ['code' => 'Defense.Contro.DefenseTemplateSubSceneNotExist', 'message' => 'The protection scenario template sub-scene does not exist.', 'http_code' => 400, 'description' => 'The protection scenario template sub-scene does not exist.'], + ['code' => 'Defense.Control.DefenseActonExpiredTimeInvalid', 'message' => 'The expiration time of the rule action is invalid.', 'http_code' => 400, 'description' => 'The expiration time of the rule action is invalid.'], + ['code' => 'Defense.Control.DefenseAddressBookInUse', 'message' => 'The address book is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'The address book is in use and cannot be deleted. Rules for using this address book: %s.'], + ['code' => 'Defense.Control.DefenseAddressFileFormatError', 'message' => 'The format of the uploaded address book file is incorrect.', 'http_code' => 400, 'description' => 'The format of the uploaded address book file is incorrect.'], + ['code' => 'Defense.Control.DefenseAddressInvalid', 'message' => 'The address in the address book is illegal.', 'http_code' => 400, 'description' => 'The address in the address book is illegal.'], + ['code' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'message' => 'Address book operations are too frequent.', 'http_code' => 400, 'description' => 'Address book operations are too frequent. Please try again later.'], + ['code' => 'Defense.Control.DefenseAddressOversize', 'message' => 'The number of addresses in the address book exceeds the limit.', 'http_code' => 400, 'description' => 'The number of addresses in the address book exceeds the limit.'], + ['code' => 'Defense.Control.DefenseAddressUploading', 'message' => 'The address book file is being uploaded, please try again later.', 'http_code' => 400, 'description' => 'The address book file is being uploaded, please try again later.'], + ['code' => 'Defense.Control.DefenseAiAssetPositionInvalid', 'message' => 'The position parameter of the large model protection asset is incorrect.', 'http_code' => 400, 'description' => 'The position parameter of the large model protection asset is incorrect.'], + ['code' => 'Defense.Control.DefenseAiWhitelistStatusInvalid', 'message' => 'The status of ai whitelist is invalid.', 'http_code' => 400, 'description' => 'The status of the intelligent whitelist is invalid.'], + ['code' => 'Defense.Control.DefenseAntiscanRuleConfigInvalid', 'message' => 'The configuration of anti scanning rules in the scanning protection policy is illegal.', 'http_code' => 400, 'description' => 'The configuration of the scan protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseAntiscanRuleConfigInvalid', 'message' => 'The configuration of the scan protection rule is invalid.', 'http_code' => 400, 'description' => 'The configuration of the scan protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseApisecRuleRegexInvalid', 'message' => 'The regular expression in the API security rule is invalid. Error reason: %s.', 'http_code' => 400, 'description' => 'The regular expression in an API security rule is invalid. Error reason:%s.'], + ['code' => 'Defense.Control.DefenseAssetConditionDuplicate', 'message' => 'The match conditions of the asset is duplicated with other assets.', 'http_code' => 400, 'description' => 'The match conditions of the asset is duplicated with other assets.'], + ['code' => 'Defense.Control.DefenseAssetConditionInvalid', 'message' => 'The protection asset flow matching condition is incorrect.', 'http_code' => 400, 'description' => 'The protection asset flow matching condition is incorrect.'], + ['code' => 'Defense.Control.DefenseAssetConfigInvalid', 'message' => 'The protection asset is configured incorrectly.', 'http_code' => 400, 'description' => 'The protection asset is configured incorrectly.'], + ['code' => 'Defense.Control.DefenseAssetCountOversize', 'message' => 'The number of protected assets exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected assets exceeds the limit.'], + ['code' => 'Defense.Control.DefenseAssetExist', 'message' => 'Protective asset configuration already exists.', 'http_code' => 400, 'description' => 'Protective asset configuration already exists.'], + ['code' => 'Defense.Control.DefenseAssetNameComplicate', 'message' => 'The name of the asset duplicates another asset.', 'http_code' => 400, 'description' => 'The name of the asset duplicates another asset.'], + ['code' => 'Defense.Control.DefenseAssetNameInvalid', 'message' => 'The asset name is illegal.', 'http_code' => 400, 'description' => 'The asset name is illegal.'], + ['code' => 'Defense.Control.DefenseAssetNotExist', 'message' => 'Protective asset does not exist.', 'http_code' => 400, 'description' => 'Protective asset does not exist.'], + ['code' => 'Defense.Control.DefenseAssetNotSupported', 'message' => 'The protected assets feature is not supported.', 'http_code' => 400, 'description' => 'The protected assets feature is not supported.'], + ['code' => 'Defense.Control.DefenseAssetStatusInvalid', 'message' => 'The asset status is illegal.', 'http_code' => 400, 'description' => 'The asset status is illegal.'], + ['code' => 'Defense.Control.DefenseBookTypeInvalid', 'message' => 'The address book type is illegal.', 'http_code' => 400, 'description' => 'The address book type is illegal.'], + ['code' => 'Defense.Control.DefenseBotManagerWebSdkNotSupport', 'message' => 'Fencing object does not support automatic integration with WebSdk.', 'http_code' => 400, 'description' => 'Fencing object does not support automatic integration with WebSdk.'], + ['code' => 'Defense.Control.DefenseBotResourceCrossBindError', 'message' => 'The same protection object in a Bot scene cannot be integrated and bound at the same time.', 'http_code' => 400, 'description' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.'], + ['code' => 'Defense.Control.DefenseBotResourceCrossBindError', 'message' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.', 'http_code' => 400, 'description' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.'], + ['code' => 'Defense.Control.DefenseClientSideDetectionConfigInvalid', 'message' => 'The client-side protection detection rule is incorrectly configured.', 'http_code' => 400, 'description' => 'The client-side protection detection rule is incorrectly configured.'], + ['code' => 'Defense.Control.DefenseCodecRuleAlreadyExist', 'message' => 'Duplicate anti scanning rules in the scanning protection strategy.', 'http_code' => 400, 'description' => 'The scan protection rule exists.'], + ['code' => 'Defense.Control.DefenseCodecRuleAlreadyExist', 'message' => 'The scan protection rule exists.', 'http_code' => 400, 'description' => 'The scan protection rule exists.'], + ['code' => 'Defense.Control.DefenseConfigNotSupported', 'message' => 'The defense configuration is not supported.', 'http_code' => 400, 'description' => 'The protection feature is not supported.'], + ['code' => 'Defense.Control.DefenseCustomResponseHeadersOutOfSize', 'message' => 'The number of custom headers of custom response rules in the protection policy exceeds the limit.', 'http_code' => 400, 'description' => 'The number of custom Header fields in the custom response rule exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseCustomResponseHeadersOutOfSize', 'message' => 'The number of custom Header fields in the custom response rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of custom Header fields in the custom response rule exceeds the limit.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleActionInvalid', 'message' => 'The custom response rule action does not match the rule action.', 'http_code' => 400, 'description' => 'Custom response rule action does not match rule action'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleConfigInvalid', 'message' => 'Illegal configuration of custom response rule in protection policy.', 'http_code' => 400, 'description' => 'The configuration of the custom response rule is invalid.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleConfigInvalid', 'message' => 'The configuration of the custom response rule is invalid.', 'http_code' => 400, 'description' => 'The configuration of the custom response rule is invalid.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleExist', 'message' => 'The custom response rule in the protection policy already exists.', 'http_code' => 400, 'description' => 'The custom response rule exists.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleExist', 'message' => 'The custom response rule exists.', 'http_code' => 400, 'description' => 'The custom response rule exists.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleInUse', 'message' => 'The custom response rule is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'Custom response rule in use, list of associated rules:%s, list of associated objects:%s'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleNotExist', 'message' => 'The custom response rule does not exist.', 'http_code' => 400, 'description' => 'The custom response rule does not exist.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleNotPermitDelete', 'message' => 'The custom response rule in the protection policy cannot be deleted', 'http_code' => 400, 'description' => 'You cannot delete custom response rules.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleNotPermitDelete', 'message' => 'You cannot delete custom response rules.', 'http_code' => 400, 'description' => 'You cannot delete custom response rules.'], + ['code' => 'Defense.Control.DefenseDownloadOssFileFailed', 'message' => 'Failed to parse OSS files.', 'http_code' => 400, 'description' => 'Failed to parse OSS files.'], + ['code' => 'Defense.Control.DefenseExtensionPluginContentNotEmpty', 'message' => 'Extension content cannot be empty.', 'http_code' => 400, 'description' => 'Extension content cannot be empty.'], + ['code' => 'Defense.Control.DefenseExtensionPluginIdInvalid', 'message' => 'Invalid extension ID.', 'http_code' => 400, 'description' => 'Invalid extension ID.'], + ['code' => 'Defense.Control.DefenseExtensionPluginIdNotEmpty', 'message' => 'Extension ID is not allowed to be empty.', 'http_code' => 400, 'description' => 'Extension ID is not allowed to be empty.'], + ['code' => 'Defense.Control.DefenseExtensionPluginParamsNotEmpty', 'message' => 'Extension parameter cannot be empty.', 'http_code' => 400, 'description' => 'Extension parameter cannot be empty.'], + ['code' => 'Defense.Control.DefenseExtensionPluginParamsTypeNotSupport', 'message' => 'The extension parameter type is not supported.', 'http_code' => 400, 'description' => 'The extension parameter type is not supported.'], + ['code' => 'Defense.Control.DefenseExtensionPluginParamsValueTypeNotMatch', 'message' => 'Extension parameter value does not match type.', 'http_code' => 400, 'description' => 'Extension parameter value does not match type.'], + ['code' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'message' => 'The Extension rule is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'Extension rule in use, association rule list:%s'], + ['code' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'message' => 'Extension rule in use, list of association rules:%s.', 'http_code' => 400, 'description' => 'Extension rule in use, list of association rules:%s.'], + ['code' => 'Defense.Control.DefenseInOperation', 'message' => 'Protection configuration is operating, please try again later.', 'http_code' => 400, 'description' => 'Protection configuration is operating, please try again later.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpEmpty', 'message' => 'The IP in the IP blacklist cannot be empty.', 'http_code' => 400, 'description' => 'You must add IP addresses to the IP address blacklist.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpEmpty', 'message' => 'You must add IP addresses to the IP address blacklist.', 'http_code' => 400, 'description' => 'You must add IP addresses to the IP address blacklist.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpInvalid', 'message' => 'Illegal IP in IP blacklist.', 'http_code' => 400, 'description' => 'The IP addresses in the IP address blacklist are invalid.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpInvalid', 'message' => 'The IP addresses in the IP address blacklist are invalid.', 'http_code' => 400, 'description' => 'The IP addresses in the IP address blacklist are invalid.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpOutOfRange', 'message' => 'The number of IPS in the IP blacklist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist exceeds the limit.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpOutOfRange', 'message' => 'The number of IP addresses in the IP address blacklist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist exceeds the limit.'], + ['code' => 'Defense.Control.DefenseIpCountOversize', 'message' => 'The number of IPs exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IPs exceeds the limit.'], + ['code' => 'Defense.Control.DefenseLogModifyStatusFailed', 'message' => 'Failed to modify protected object state through log service.', 'http_code' => 400, 'description' => 'Failed to change the Log Service configuration for the protected object.'], + ['code' => 'Defense.Control.DefenseLogModifyStatusFailed', 'message' => 'Failed to change the status of the protected object.', 'http_code' => 400, 'description' => 'Failed to change the status of the protected object.'], + ['code' => 'Defense.Control.DefenseLogTimeExpired', 'message' => 'The time for querying logs has expired.', 'http_code' => 400, 'description' => 'The query log time has expired.'], + ['code' => 'Defense.Control.DefenseMajorProtectionRuleConfigInvalid', 'message' => 'The rules that are configured in the protection template for major events are invalid.', 'http_code' => 400, 'description' => 'The rules that are configured in the protection template for major events are invalid.'], + ['code' => 'Defense.Control.DefenseMajorProtectionRuleExist', 'message' => 'The rules that are configured in the protection template for major events already exist.', 'http_code' => 400, 'description' => 'The rules that are configured in the protection template for major events already exist.'], + ['code' => 'Defense.Control.DefenseOssFileNotFound', 'message' => 'Failed to find the OSS files that are uploaded.', 'http_code' => 400, 'description' => 'Failed to find the OSS files that are uploaded.'], + ['code' => 'Defense.Control.DefensePolicyInUse', 'message' => 'The custom regular rule group is referenced by the template and cannot be deleted.', 'http_code' => 400, 'description' => 'The custom regular expression rule group is referenced by the template and cannot be deleted.'], + ['code' => 'Defense.Control.DefensePolicyNotFound', 'message' => 'Regular rule group does not exist.', 'http_code' => 400, 'description' => 'The regular expression rule group does not exist.'], + ['code' => 'Defense.Control.DefensePolicyNotFound', 'message' => 'The regular expression rule group does not exist.', 'http_code' => 400, 'description' => 'The regular expression rule group does not exist.'], + ['code' => 'Defense.Control.DefensePolicyOwnedByAnotherUser', 'message' => 'Custom regular rule group does not belong to this user.', 'http_code' => 400, 'description' => 'The regular expression rule group does not belong to the user.'], + ['code' => 'Defense.Control.DefensePolicyOwnedByAnotherUser', 'message' => 'The regular expression rule group does not belong to the user.', 'http_code' => 400, 'description' => 'The regular expression rule group does not belong to the user.'], + ['code' => 'Defense.Control.DefensePolicyRuleAlreadyExist', 'message' => 'Regular rule group rule in basic protection policy already exists.', 'http_code' => 400, 'description' => 'Regular expression rules exist in the basic protection rule module.'], + ['code' => 'Defense.Control.DefensePolicyRuleAlreadyExist', 'message' => 'Regular expression rules exist.', 'http_code' => 400, 'description' => 'Regular expression rules exist.'], + ['code' => 'Defense.Control.DefenseResourceAccessNotDelete', 'message' => 'The protection object from access cannot be deleted.', 'http_code' => 400, 'description' => 'You cannot delete the protected objects that are automatically synchronized.'], + ['code' => 'Defense.Control.DefenseResourceAccessNotDelete', 'message' => 'You cannot delete the protected objects that are automatically synchronized.', 'http_code' => 400, 'description' => 'You cannot delete the protected objects that are automatically synchronized.'], + ['code' => 'Defense.Control.DefenseResourceAddDeleteSameTime', 'message' => 'The protected objects in the protection group cannot be bound and unbound at the same time.', 'http_code' => 400, 'description' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.'], + ['code' => 'Defense.Control.DefenseResourceAddDeleteSameTime', 'message' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.', 'http_code' => 400, 'description' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.'], + ['code' => 'Defense.Control.DefenseResourceAlreadyInCustom', 'message' => 'The protection object has been bound with a custom protection policy.', 'http_code' => 400, 'description' => 'The protected object is bound to a custom protection rule.'], + ['code' => 'Defense.Control.DefenseResourceAlreadyInCustom', 'message' => 'The protected object is bound to a custom protection template.', 'http_code' => 400, 'description' => 'The protected object is bound to a custom protection template.'], + ['code' => 'Defense.Control.DefenseResourceAndGroupConflict', 'message' => 'The name of the protected object is the same as the name of the protected object group.', 'http_code' => 400, 'description' => 'The name of the protected object is the same as the name of the protected object group.'], + ['code' => 'Defense.Control.DefenseResourceCountOverSize', 'message' => 'The number of protected objects exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceDetailInvalid', 'message' => 'The detail field of the protected object is illegal.', 'http_code' => 400, 'description' => 'The detail field for the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceDetailInvalid', 'message' => 'The detail field of the protected object is invalid.', 'http_code' => 400, 'description' => 'The detail field for the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceDetailNotEmpty', 'message' => 'The details of the protected object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the detail field for the protected object.'], + ['code' => 'Defense.Control.DefenseResourceDetailNotEmpty', 'message' => 'You must configure the detail field of the protected object.', 'http_code' => 400, 'description' => 'You must configure the detail field for the protected object.'], + ['code' => 'Defense.Control.DefenseResourceExist', 'message' => 'Protection object already exists.', 'http_code' => 400, 'description' => 'The protected object exists.'], + ['code' => 'Defense.Control.DefenseResourceExist', 'message' => 'The protected object exists.', 'http_code' => 400, 'description' => 'The protected object exists.'], + ['code' => 'Defense.Control.DefenseResourceGroupCountOverSize', 'message' => 'The number of protection groups exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected object groups exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseResourceGroupCountOverSize', 'message' => 'The number of protected object groups exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected object groups exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceGroupDescriptionInvalid', 'message' => 'Illegal protection group description information.', 'http_code' => 400, 'description' => 'The description of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupDescriptionInvalid', 'message' => 'The description of the protected object group is invalid.', 'http_code' => 400, 'description' => 'The description of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupExist', 'message' => 'Protection group already exists.', 'http_code' => 400, 'description' => 'The protected object group exists.'], + ['code' => 'Defense.Control.DefenseResourceGroupExist', 'message' => 'The protected object group exists.', 'http_code' => 400, 'description' => 'The protected object group exists.'], + ['code' => 'Defense.Control.DefenseResourceGroupNameInvalid', 'message' => 'Illegal protection group name.', 'http_code' => 400, 'description' => 'The name of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupNameInvalid', 'message' => 'The name of the protected object group is invalid.', 'http_code' => 400, 'description' => 'The name of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupNotExist', 'message' => 'Protection group does not exist.', 'http_code' => 400, 'description' => 'The protected object group does not exist.'], + ['code' => 'Defense.Control.DefenseResourceGroupNotExist', 'message' => 'The protected object group does not exist.', 'http_code' => 400, 'description' => 'The protected object group does not exist.'], + ['code' => 'Defense.Control.DefenseResourceInGroupCountOverSize', 'message' => 'The number of protected objects in the protection group exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protected object group exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseResourceInGroupCountOverSize', 'message' => 'The number of protected objects in the protected object group exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protected object group exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceInTemplateCountOverSize', 'message' => 'The number of protected objects in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protection template exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceInvalid', 'message' => 'The name of the protected object is illegal.', 'http_code' => 400, 'description' => 'The name of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceInvalid', 'message' => 'The name of the protected object is invalid.', 'http_code' => 400, 'description' => 'The name of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceModelInvalid', 'message' => 'The model of the protected object is illegal.', 'http_code' => 400, 'description' => 'The model of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceModelInvalid', 'message' => 'The model of the protected object is invalid.', 'http_code' => 400, 'description' => 'The model of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceNameAndAssetConflict', 'message' => 'The protected object or protection group name is the same as the protected asset ID.', 'http_code' => 400, 'description' => 'The protected object or protection group name is the same as the protected asset ID.'], + ['code' => 'Defense.Control.DefenseResourceNotExist', 'message' => 'Protection object does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'], + ['code' => 'Defense.Control.DefenseResourceNotExist', 'message' => 'The protected object does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotEmpty', 'message' => 'The protection form of the protected object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the protection pattern of the protected object.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotEmpty', 'message' => 'You must configure the protection pattern of the protected object.', 'http_code' => 400, 'description' => 'You must configure the protection pattern of the protected object.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotFound', 'message' => 'The protection form of the protected object is illegal.', 'http_code' => 400, 'description' => 'The protection pattern of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotFound', 'message' => 'The protection pattern of the protected object is invalid.', 'http_code' => 400, 'description' => 'The protection pattern of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceProductNotEmpty', 'message' => 'The product information of the protection object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the service information about the protected object.'], + ['code' => 'Defense.Control.DefenseResourceProductNotEmpty', 'message' => 'You must configure the service information about the protected object.', 'http_code' => 400, 'description' => 'You must configure the service information about the protected object.'], + ['code' => 'Defense.Control.DefenseResourceRelationExist', 'message' => 'The protection object has been bound.', 'http_code' => 400, 'description' => 'The protected object is added to a protected object group.'], + ['code' => 'Defense.Control.DefenseResourceRelationExist', 'message' => 'The protected object is added to a protected object group.', 'http_code' => 400, 'description' => 'The protected object is added to a protected object group.'], + ['code' => 'Defense.Control.DefenseResourceRelationNotExist', 'message' => 'The protected object is not added to the protected object group.', 'http_code' => 400, 'description' => 'The fencing object is not added to the fencing object group'], + ['code' => 'Defense.Control.DefenseResourceRuleAccountDecodeTypeInvalid', 'message' => 'The decoding type in the account extraction rule is invalid.', 'http_code' => 400, 'description' => 'The decoding type in the account extraction rule is invalid.'], + ['code' => 'Defense.Control.DefenseResourceRuleAccountOversize', 'message' => 'The number of extracted configurations in the account extraction rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of extracted configurations in the account extraction rule exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceRuleAccountPriorityInvalid', 'message' => 'The configuration priority in the account extraction rule is invalid.', 'http_code' => 400, 'description' => 'The configuration priority in the account extraction rule is invalid.'], + ['code' => 'Defense.Control.DefenseResourceRuleNotPermitModify', 'message' => 'This protected resource rule cannot be modified.', 'http_code' => 400, 'description' => 'This protected resource rule cannot be modified.'], + ['code' => 'Defense.Control.DefenseResourceRuleNotPermitUpdateStatus', 'message' => 'This protected resource rule does not allow update status.', 'http_code' => 400, 'description' => 'This protected resource rule does not allow update status'], + ['code' => 'Defense.Control.DefenseResourceTemplateIdInvalid', 'message' => 'When querying the protection objects or protection groups that can be bound in the protection policy, the protection policy ID is invalid.', 'http_code' => 400, 'description' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.'], + ['code' => 'Defense.Control.DefenseResourceTemplateIdInvalid', 'message' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.', 'http_code' => 400, 'description' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.'], + ['code' => 'Defense.Control.DefenseResponseStatusInvalid', 'message' => 'Response log switch status is illegal.', 'http_code' => 400, 'description' => 'The status of the response log switch is invalid.'], + ['code' => 'Defense.Control.DefenseRuleAccountProtectorConfigInvalid', 'message' => 'Account Security Rule configuration error.', 'http_code' => 400, 'description' => 'Error configuring account security rules in protection rules. %s'], + ['code' => 'Defense.Control.DefenseRuleActionInvalid', 'message' => 'Illegal action of protection rules.', 'http_code' => 400, 'description' => 'The action that is defined in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleActionInvalid', 'message' => 'The action that is defined in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The action that is defined in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleAttackLevelConflict', 'message' => 'The attack level of the large model prompt word attack protection rule is repeated.', 'http_code' => 400, 'description' => 'The attack level of the large model prompt word attack protection rule is repeated.'], + ['code' => 'Defense.Control.DefenseRuleAutoOriginInvalid', 'message' => 'The origin of auto rules is invalid.', 'http_code' => 400, 'description' => 'The origin of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleAutoUpdateInvalid', 'message' => 'Invalid automatic update configuration.', 'http_code' => 400, 'description' => 'Invalid automatic update configuration.'], + ['code' => 'Defense.Control.DefenseRuleBotConfigInvalid', 'message' => 'Illegal Bot Scene Rule Configuration.', 'http_code' => 400, 'description' => 'The scenario-specific configuration is invalid.'], + ['code' => 'Defense.Control.DefenseRuleBotTrafficInvalid', 'message' => 'Illegal traffic characteristics in Bot scene.', 'http_code' => 400, 'description' => 'The traffic characteristics in the scenario-specific configuration are invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionEmpty', 'message' => 'The flow characteristic in the protection rule cannot be empty.', 'http_code' => 400, 'description' => 'You must configure traffic characteristics in the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleConditionEmpty', 'message' => 'You must configure the traffic characteristics in the protection rule.', 'http_code' => 400, 'description' => 'You must configure traffic characteristics in the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleConditionKeyInvalid', 'message' => 'Invalid flow characteristic matching field of protection rule.', 'http_code' => 400, 'description' => 'The match field in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionKeyInvalid', 'message' => 'The match field in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The match field in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionOpValueInvalid', 'message' => 'Invalid protection rule flow characteristic logic symbol.', 'http_code' => 400, 'description' => 'The logical operator in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionOpValueInvalid', 'message' => 'The logical operator in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The logical operator in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionOversize', 'message' => 'The number of flow characteristics of the protection rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of traffic features in the protection rule exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseRuleConditionValueInvalid', 'message' => 'Matching content of flow characteristics of invalid protection rules.', 'http_code' => 400, 'description' => 'The match content in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionValueInvalid', 'message' => 'The match content in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The match content in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConfigNotPermitModify', 'message' => 'The protection scenario rule cannot be modified.', 'http_code' => 400, 'description' => 'The protection scenario rule cannot be modified.'], + ['code' => 'Defense.Control.DefenseRuleContentModerationConfigInvalid', 'message' => 'Large model content security scenario protection rule configuration error.', 'http_code' => 400, 'description' => 'Large model content security scenario protection rule configuration error.'], + ['code' => 'Defense.Control.DefenseRuleCountOverSize', 'message' => 'The number of protection rules exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection rules exceeds the limit.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountEmpty', 'message' => 'Number of protection rules created or modified at a time cannot be empty.', 'http_code' => 400, 'description' => 'You must specify the number of protection rules that you want to create or modify at the same time.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountEmpty', 'message' => 'You must specify the number of protection rules that you want to create or modify at the same time.', 'http_code' => 400, 'description' => 'You must specify the number of protection rules that you want to create or modify at the same time.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountOverSize', 'message' => 'The number of protection resources in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected resources in the protection template exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountOverSize', 'message' => 'The number of protected resources in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected resources in the protection template exceeds the limit.'], + ['code' => 'Defense.Control.DefenseRuleDetectAttackLevelConflict', 'message' => 'The detection type and attack level in the content security protection rules of the large model are the same.', 'http_code' => 400, 'description' => 'The detection type and attack level in the content security protection rules of the large model are the same.'], + ['code' => 'Defense.Control.DefenseRuleDistinctConditionOpValueInvalid', 'message' => 'Invalid traffic feature logic symbol for protection deduplication statistics rule.', 'http_code' => 400, 'description' => 'Invalid traffic feature logic symbol for protection deduplication statistics rule'], + ['code' => 'Defense.Control.DefenseRuleDistinctConditionValueInvalid', 'message' => 'The threshold configuration of the deduplication statistics of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The threshold configuration of the deduplication statistics of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleGrayConfigInvalid', 'message' => 'The gray-scale effective configuration of the rule is invalid.', 'http_code' => 400, 'description' => 'Invalid canary release configurations for protection rules'], + ['code' => 'Defense.Control.DefenseRuleIdConflict', 'message' => 'The protection rule ID is duplicate.', 'http_code' => 400, 'description' => 'The protection rule ID is duplicate.'], + ['code' => 'Defense.Control.DefenseRuleNameAlreadyInUse', 'message' => 'Protection rule duplicate name.', 'http_code' => 400, 'description' => 'The name of the protection rule exists.'], + ['code' => 'Defense.Control.DefenseRuleNameAlreadyInUse', 'message' => 'The name of the protection rule exists.', 'http_code' => 400, 'description' => 'The name of the protection rule exists.'], + ['code' => 'Defense.Control.DefenseRuleNameConflict', 'message' => 'Duplicate protection rule name in batch request.', 'http_code' => 400, 'description' => 'Duplicate protection rule names are specified in the batch of requests.'], + ['code' => 'Defense.Control.DefenseRuleNameConflict', 'message' => 'Duplicate protection rule names are specified in the batch of requests.', 'http_code' => 400, 'description' => 'Duplicate protection rule names are specified in the batch of requests.'], + ['code' => 'Defense.Control.DefenseRuleNameInvalid', 'message' => 'Illegal protection rule name.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleNameInvalid', 'message' => 'The name of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleNotExist', 'message' => 'Protection rule does not exist.', 'http_code' => 400, 'description' => 'The protection rule does not exist.'], + ['code' => 'Defense.Control.DefenseRuleNotExist', 'message' => 'The protection rule does not exist.', 'http_code' => 400, 'description' => 'The protection rule does not exist.'], + ['code' => 'Defense.Control.DefenseRuleNotPermitCreate', 'message' => 'This protection scenario rule is not allowed to be created.', 'http_code' => 400, 'description' => 'This protection scenario rule is not allowed to be created.'], + ['code' => 'Defense.Control.DefenseRuleNotPermitDelete', 'message' => 'The protection scenario rule cannot be deleted.', 'http_code' => 400, 'description' => 'The protection scenario rule cannot be deleted.'], + ['code' => 'Defense.Control.DefenseRuleOriginEmpty', 'message' => 'The source of protection rule cannot be empty.', 'http_code' => 400, 'description' => 'You must specify the source of the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleOriginEmpty', 'message' => 'You must specify the source of the protection rule.', 'http_code' => 400, 'description' => 'You must specify the source of the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitInvalid', 'message' => 'Speed limit configuration of invalid protection rules.', 'http_code' => 400, 'description' => 'The rate-limiting configuration of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitInvalid', 'message' => 'The rate-limiting configuration of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The rate-limiting configuration of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitTargetInvalid', 'message' => 'Invalid protection rule speed limit target.', 'http_code' => 400, 'description' => 'The rate-limiting statistical object of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitTargetInvalid', 'message' => 'The rate-limiting threshold of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The rate-limiting threshold of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleStatusInvalid', 'message' => 'Illegal protection rule status.', 'http_code' => 400, 'description' => 'The status of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleStatusInvalid', 'message' => 'The status of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The status of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleStatusNotSupported', 'message' => 'The operation is not supported in the current protection rule state.', 'http_code' => 400, 'description' => 'The operation is not supported in the current protection rule state'], + ['code' => 'Defense.Control.DefenseRuleTamperProofConfigInvalid', 'message' => 'Site tamper prevention configuration error in protection rules.', 'http_code' => 400, 'description' => 'The website tamper-proofing configuration is invalid.'], + ['code' => 'Defense.Control.DefenseRuleTamperProofProtocolConflict', 'message' => 'Site tamper-proof protocol conflict in protection rules.', 'http_code' => 400, 'description' => 'The protocol in the website tamper-proofing rule conflicts.'], + ['code' => 'Defense.Control.DefenseRuleTimeConfigInvalid', 'message' => 'The timing configuration of the rule is invalid.', 'http_code' => 400, 'description' => 'Invalid validity period configurations for protection rules'], + ['code' => 'Defense.Control.DefenseRuleUpstreamActionConfigInvalid', 'message' => 'The configuration of the upstream tagging action is invalid.', 'http_code' => 400, 'description' => 'Invalid configurations for marking back-to-origin requests'], + ['code' => 'Defense.Control.DefenseRuleUrlConflict', 'message' => 'Page tamper-proof rule URL duplication.', 'http_code' => 400, 'description' => 'The protected URL in the website tamper-proofing rule already exists.'], + ['code' => 'Defense.Control.DefenseSaleSpecValueInvalid', 'message' => 'Sales Rule Configuration Exception.', 'http_code' => 400, 'description' => 'The configuration of the sales rule is abnormal.'], + ['code' => 'Defense.Control.DefenseSaleSpecValueInvalid', 'message' => 'The configuration of the sales rule is abnormal.', 'http_code' => 400, 'description' => 'The configuration of the sales rule is abnormal.'], + ['code' => 'Defense.Control.DefenseSceneNotSupported', 'message' => 'This protection scenario is not supported.', 'http_code' => 400, 'description' => 'The protection scenario is not supported.'], + ['code' => 'Defense.Control.DefenseSceneNotSupported', 'message' => 'The protection scenario is not supported.', 'http_code' => 400, 'description' => 'The protection scenario is not supported.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindNotSupportAsset', 'message' => 'The protection template does not support binding or unbinding protected assets. Only protected objects and protected groups are supported.', 'http_code' => 400, 'description' => 'The protection template does not support binding or unbinding protected assets. Only protected objects and protected groups are supported.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindOnlySupportAsset', 'message' => 'The protection template only supports binding or unbinding protected assets, but does not support binding or unbinding protected objects and protected groups.', 'http_code' => 400, 'description' => 'The protection template only supports binding or unbinding protected assets, but does not support binding or unbinding protected objects and protection groups.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceInvalid', 'message' => 'If the resource bound or unbound by the protection template is invalid, it may have been added to other user-defined templates or protection groups.', 'http_code' => 400, 'description' => 'The protected resource that is bound to or unbound from the protection template is invalid. The protected resource is bound to other custom templates or added to protected object groups.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceInvalid', 'message' => 'The protected object that is bound to or unbound from the protection template is invalid. The protected object is bound to other custom templates or added to protected object groups.', 'http_code' => 400, 'description' => 'The protected resource that is bound to or unbound from the protection template is invalid. The protected resource is bound to other custom templates or added to protected object groups.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceNotFound', 'message' => 'The resource bound or unbound by the protection template was not found.', 'http_code' => 400, 'description' => 'Failed to find the protected resource that is bound to or unbound from the protection template.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceNotFound', 'message' => 'Failed to find the protected object that is bound to or unbound from the protection template.', 'http_code' => 400, 'description' => 'Failed to find the protected resource that is bound to or unbound from the protection template.'], + ['code' => 'Defense.Control.DefenseTemplateCountOverSize', 'message' => 'The number of protective templates exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection templates exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseTemplateCountOverSize', 'message' => 'The number of protection templates exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection templates exceeds the limit.'], + ['code' => 'Defense.Control.DefenseTemplateDescriptionInvalid', 'message' => 'Illegal protection template description.', 'http_code' => 400, 'description' => 'The description of the protection template is invalid.'], + ['code' => 'Defense.Control.DefenseTemplateDetailInvalid', 'message' => 'Protection template configuration details field is invalid.', 'http_code' => 400, 'description' => 'Protection template configuration details field is invalid'], + ['code' => 'Defense.Control.DefenseTemplateInGrayOperation', 'message' => 'Protection template grayscale upgrade operation, please try again later.', 'http_code' => 400, 'description' => 'Protection template grayscale upgrade operation, please try again later'], + ['code' => 'Defense.Control.DefenseTemplateInOperation', 'message' => 'Protective template operation, please try again later.', 'http_code' => 400, 'description' => 'The protection template is in use. Try again later.'], + ['code' => 'Defense.Control.DefenseTemplateNameInUse', 'message' => 'Protection template name has been used.', 'http_code' => 400, 'description' => 'The name of the protection template is being used.'], + ['code' => 'Defense.Control.DefenseTemplateNameInUse', 'message' => 'The name of the protection template is being used.', 'http_code' => 400, 'description' => 'The name of the protection template is being used.'], + ['code' => 'Defense.Control.DefenseTemplateNotExist', 'message' => 'Protective template does not exist.', 'http_code' => 400, 'description' => 'The protection template does not exist.'], + ['code' => 'Defense.Control.DefenseTemplateNotExist', 'message' => 'The protection template does not exist.', 'http_code' => 400, 'description' => 'The protection template does not exist.'], + ['code' => 'Defense.Control.DefenseTemplateOwnedByAnotherUser', 'message' => 'Protection template does not belong to this user.', 'http_code' => 400, 'description' => 'The protection template does not belong to the user.'], + ['code' => 'Defense.Control.DefenseTemplateOwnedByAnotherUser', 'message' => 'The protection template does not belong to the user.', 'http_code' => 400, 'description' => 'The protection template does not belong to the user.'], + ['code' => 'Defense.Control.DefenseTemplateRuleNotPermitCreate', 'message' => 'You cannot create protection rules.', 'http_code' => 400, 'description' => 'This protection module rule does not allow creation'], + ['code' => 'Defense.Control.DefenseTemplateRuleNotPermitDelete', 'message' => 'Rules in this protection policy are not allowed to be deleted.', 'http_code' => 400, 'description' => 'You cannot delete protection rules from the protection template.'], + ['code' => 'Defense.Control.DefenseTemplateRuleNotPermitDelete', 'message' => 'You cannot delete protection rules.', 'http_code' => 400, 'description' => 'You cannot delete protection rules.'], + ['code' => 'Defense.Control.DefenseTemplateRuleStatusNotPermitModify', 'message' => 'The status of this protection rule cannot be modified.', 'http_code' => 400, 'description' => 'The status of the protection rule cannot be modified.'], + ['code' => 'Defense.Control.DefenseTemplateStatusInvalid', 'message' => 'Illegal status of protective template.', 'http_code' => 400, 'description' => 'The status of the protection template is invalid.'], + ['code' => 'Defense.Control.DefenseTemplateStatusInvalid', 'message' => 'The status of the protection template is invalid.', 'http_code' => 400, 'description' => 'The status of the protection template is invalid.'], + ['code' => 'Defense.Control.DefenseTemplateTypeBindUnbindResourceInvalid', 'message' => 'Only user-defined protection templates can bind or unbind protection resources.', 'http_code' => 400, 'description' => 'Only custom protection templates can be bound to or unbound from protected resources.'], + ['code' => 'Defense.Control.DefenseTemplateTypeBindUnbindResourceInvalid', 'message' => 'Only custom protection templates can be bound to or unbound from protected resources.', 'http_code' => 400, 'description' => 'Only custom protection templates can be bound to or unbound from protected resources.'], + ['code' => 'Defense.Control.DefenseTemplateUserDefaultExist', 'message' => 'User default protection template already exists.', 'http_code' => 400, 'description' => 'The default protection template exists.'], + ['code' => 'Defense.Control.DefenseTemplateUserDefaultExist', 'message' => 'The default protection template exists.', 'http_code' => 400, 'description' => 'The default protection template exists.'], + ['code' => 'Defense.Control.DefenseTemplateUserDefaultNotSupport', 'message' => 'The default protection template is not supported.', 'http_code' => 400, 'description' => 'The default protection template is not supported.'], + ['code' => 'Defense.Control.DefenseTestActionInvalid', 'message' => 'Illegal test of protective function action.', 'http_code' => 400, 'description' => 'The action that is used to test the protection feature is invalid.'], + ['code' => 'Defense.Control.DefenseTestExpiredTimeInvalid', 'message' => 'Illegal timeout for testing protective functions.', 'http_code' => 400, 'description' => 'The timeout period to test the protection feature is invalid.'], + ['code' => 'Defense.Control.DefenseTestUserIpInvalid', 'message' => 'Illegal user IP to test protection function.', 'http_code' => 400, 'description' => 'The IP address that is used to test the protection feature is invalid.'], + ['code' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', 'message' => 'Threat Intelligence Rule configuration error.', 'http_code' => 400, 'description' => 'Threat Intelligence Rule configuration error. %s'], + ['code' => 'Defense.Control.DefenseTraceIdInvalid', 'message' => 'The format of the log request ID is incorrect.', 'http_code' => 400, 'description' => 'The log request ID format is incorrect'], + ['code' => 'Defense.Control.DefenseTrafficGuideAlreadyExist', 'message' => 'Drainage strategy already exists.', 'http_code' => 400, 'description' => 'Drainage strategy already exists.'], + ['code' => 'Defense.Control.DefenseTrafficGuideConfigModelInvalid', 'message' => 'Drainage strategy mode is invalid.', 'http_code' => 400, 'description' => 'Drainage strategy mode is invalid.'], + ['code' => 'Defense.Control.DefenseTrafficGuideConfigProductInvalid', 'message' => 'Drainage strategy products are ineffective.', 'http_code' => 400, 'description' => 'The traffic‑generation strategy product is ineffective.'], + ['code' => 'Defense.Control.DefenseTrafficGuideConfigStrategyInvalid', 'message' => 'The drainage strategy is ineffective.', 'http_code' => 400, 'description' => 'The drainage strategy is ineffective.'], + ['code' => 'Defense.Control.DefenseTrafficGuideCountOverSize', 'message' => 'Only one drainage strategy is supported.', 'http_code' => 400, 'description' => 'Only one drainage strategy is supported.'], + ['code' => 'Defense.Control.DefenseTrafficGuideRuleCountOverSize', 'message' => 'The number of regular or precise rules for drainage policies exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular or precise rules for drainage policies exceeds the limit.'], + ['code' => 'Defense.Control.DefenseUploadOssFileFailed', 'message' => 'Failed to upload OSS files.', 'http_code' => 400, 'description' => 'Failed to upload the OSS file.'], + ['code' => 'Defense.Control.DefenseVastIpDescriptionInvalid', 'message' => 'The description of the IP address blacklist is invalid.', 'http_code' => 400, 'description' => 'The description of the IP address blacklist is invalid.'], + ['code' => 'Defense.Control.DefenseVastIpExpiredTimeInvalid', 'message' => 'The expiration time of the IP address blacklist for protection for major events is invalid.', 'http_code' => 400, 'description' => 'The expiration time of the IP address blacklist for protection for major events is invalid.'], + ['code' => 'Defense.Control.DefenseVastIpFileEmpty', 'message' => 'The content of the IP address blacklist file for protection for major events is empty.', 'http_code' => 400, 'description' => 'The IP address blacklist file for protection for major events is empty.'], + ['code' => 'Defense.Control.DefenseVastIpFileFormatError', 'message' => 'The format of the IP address blacklist file for protection for major events is invalid.', 'http_code' => 400, 'description' => 'The format of the IP address blacklist file for protection for major events is invalid.'], + ['code' => 'Defense.Control.DefenseVastIpFileOversize', 'message' => 'The number of IP addresses in the IP address blacklist file for protection for major events exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist file for protection for major events exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseVastIpOperationCountOversize', 'message' => 'The number of IP addresses that are operated each time exceeds the upper limit. The IP addresses are the IP addresses in the IP address blacklist for protection for major events.', 'http_code' => 400, 'description' => 'The number of IP addresses that are operated each time exceeds the upper limit. The IP addresses are the IP addresses in the IP address blacklist for protection for major events.'], + ['code' => 'Defense.Control.DefenseVastIpTotalCountOversize', 'message' => 'The total number of IP addresses in the IP address blacklist for protection for major events exceeds the upper limit.', 'http_code' => 400, 'description' => 'The total number of IP addresses in the IP address blacklist for protection for major events exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseVastIpUploadFormError', 'message' => 'Failed to obtain the information about the uploaded IP address blacklist file for protection for major events.', 'http_code' => 400, 'description' => 'Failed to obtain the information about the uploaded IP address blacklist file for protection for major events.'], + ['code' => 'Defense.Control.DefenseWafCustomRuleCompileFailed', 'message' => 'Custom regular rule compilation failed.', 'http_code' => 400, 'description' => 'Custom regular rule compilation failed'], + ['code' => 'Defense.Control.DefenseWafCustomRuleConfigInvalid', 'message' => 'Invalid custom regular rule configuration.', 'http_code' => 400, 'description' => 'Invalid custom regular rule configuration.'], + ['code' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', 'message' => 'The whitelist protection rule does not exist.', 'http_code' => 400, 'description' => 'The whitelist protection rule does not exist. Rule ID:%s.'], + ['code' => 'Defense.Control.DefenseWhitelistBypassTagInvalid', 'message' => 'The white mark in the white list is invalid.', 'http_code' => 400, 'description' => 'The whitelist tag is invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistBypassTagInvalid', 'message' => 'The whitelist parameter is invalid.', 'http_code' => 400, 'description' => 'The whitelist parameter is invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistCategoryInvalid', 'message' => 'Invalid whitelist whitelist policy module.', 'http_code' => 400, 'description' => 'Protection modules defined in the whitelist are invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistCategoryInvalid', 'message' => 'Protection modules defined in the whitelist are invalid.', 'http_code' => 400, 'description' => 'Protection modules that are defined in the whitelist are invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistConfigInvalid', 'message' => 'The whitelist rule is misconfigured.', 'http_code' => 400, 'description' => 'Error configuring whitelist rule: %s.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularRuleSize', 'message' => 'The number of white regular rule IDS in the white list exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular expression rules in the whitelist exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularRuleSize', 'message' => 'The number of regular expression rules in the whitelist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular expression rules in the whitelist exceeds the limit.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularTypeSize', 'message' => 'The number of white regular rule types in the white list exceeds the limit.', 'http_code' => 400, 'description' => 'The number of types of regular expression rules in the whitelist exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularTypeSize', 'message' => 'The number of types of regular expression rules in the whitelist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of types of regular expression rules in the whitelist exceeds the limit.'], + ['code' => 'Defense.Control.InvalidDefenseRuleID', 'message' => 'The protection rule ID is invalid.', 'http_code' => 400, 'description' => 'The protection rule ID is invalid.'], + ['code' => 'Defense.Control.InvalidParameter', 'message' => 'Invalid parameter.', 'http_code' => 400, 'description' => 'The parameter is invalid.'], + ['code' => 'Defense.Control.InvalidParameter', 'message' => 'The parameter is invalid.', 'http_code' => 400, 'description' => 'The parameter is invalid.'], + ['code' => 'Defense.Control.ProductNotSupportRule', 'message' => 'Access mode does not support this protection scenario rule.%s.', 'http_code' => 400, 'description' => 'Access mode does not support this protection scenario rule.%s.'], + ['code' => 'DlpUsed', 'message' => 'The feature of data leakage prevention is being used.', 'http_code' => 400, 'description' => 'The data leakage prevention feature is in effect.'], + ['code' => 'DomainDuplicateError', 'message' => 'The domain has been configured.', 'http_code' => 400, 'description' => 'The configuration of the domain name is complete.'], + ['code' => 'DomainNotBeianOrInBlackList', 'message' => 'The domain does not have an ICP filling or has been blacklisted.', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or is added to the blacklist.'], + ['code' => 'DomainNotBeianOrInBlackList', 'message' => 'Blacklist or Domain Names That Do Not Have ICP Filings', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or has committed a penalty.'], + ['code' => 'DomainNotExist', 'message' => 'The specified domain does not exist.', 'http_code' => 400, 'description' => 'The specified domain name does not exist.'], + ['code' => 'DomainQuotaExceed', 'message' => 'Domain Quota Exceed.', 'http_code' => 400, 'description' => 'The quota of domain names is reached.'], + ['code' => 'DomainRetSourceNotSupport', 'message' => 'Your waf does not support return to domain.', 'http_code' => 400, 'description' => 'Your WAF instance does not support back-to-origin domain names.'], + ['code' => 'DomainUsedByOthers', 'message' => 'The domain name is being used by another owner.', 'http_code' => 400, 'description' => 'The domain name is being used by another user.'], + ['code' => 'DrainageOverrun', 'message' => 'The number of ports for which WAF protection is enabled exceeds the quota.', 'http_code' => 403, 'description' => 'The number of connected ports exceeds the system limit.'], + ['code' => 'ExtensiveDomainUsedError', 'message' => 'Another user has used this wildcard domain in Waf.', 'http_code' => 400, 'description' => 'The wildcard domain is already used.'], + ['code' => 'FunctionAvailableError', 'message' => 'The function is not available.', 'http_code' => 403, 'description' => 'The function is not available.'], + ['code' => 'IllegalDefaultCertificate', 'message' => 'The default certificate does not exist.', 'http_code' => 403, 'description' => 'The default certificate for transparent access is invalid.'], + ['code' => 'InternalError', 'message' => 'Unknown error.', 'http_code' => 500, 'description' => 'Request processing failed due to unknown error'], + ['code' => 'InvalidIncludeSubDomainWithPreload', 'message' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'http_code' => 400, 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'], + ['code' => 'InvalidParameter', 'message' => 'Invalid parameter.', 'http_code' => 400, 'description' => 'Invalid parameter'], + ['code' => 'InvalidParameters', 'message' => 'Invalid parameters.', 'http_code' => 400, 'description' => 'The parameters are illegal.'], + ['code' => 'Log.Control.ApisecSpecInfoNotFound', 'message' => 'API security service has not been activated.', 'http_code' => 400, 'description' => 'API security service has not been activated.'], + ['code' => 'Log.Control.AssumeRoleFailed', 'message' => 'Insufficient permissions, please authorize.', 'http_code' => 400, 'description' => 'You do not have the required permissions. Obtain the required permissions.'], + ['code' => 'Log.Control.AssumeRoleFailed', 'message' => 'You do not have the required permissions. Obtain the required permissions.', 'http_code' => 400, 'description' => 'You do not have the required permissions. Obtain the required permissions.'], + ['code' => 'Log.Control.BatchDescribeSlsDispatchStatusFailed', 'message' => 'Query whether SLS service is open error.', 'http_code' => 400, 'description' => 'Failed to check whether Log Service is activated.'], + ['code' => 'Log.Control.BatchDescribeSlsDispatchStatusFailed', 'message' => 'Failed to check whether Log Service is activated.', 'http_code' => 400, 'description' => 'Failed to check whether Log Service is activated.'], + ['code' => 'Log.Control.BatchDescribeSlsLogStoreFailed', 'message' => 'Failed to obtain the logstore list of Log Service SLS.', 'http_code' => 400, 'description' => 'Failed to obtain the logstore list of Log Service SLS.'], + ['code' => 'Log.Control.BatchDescribeSlsProjectFailed', 'message' => 'Failed to obtain the project list of Log Service SLS.', 'http_code' => 400, 'description' => 'Failed to obtain the project list of Log Service SLS.'], + ['code' => 'Log.Control.ClusterDeliveryNameEmpty', 'message' => 'When you enable WAF cluster outgoing logs, the outgoing configuration name cannot be empty.', 'http_code' => 400, 'description' => 'When you enable WAF cluster outgoing logs, the outgoing configuration name cannot be empty.'], + ['code' => 'Log.Control.CreateEtlMetaFailed', 'message' => 'Open Log Distribution Failed.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'], + ['code' => 'Log.Control.CreateEtlMetaFailed', 'message' => 'Failed to enable the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'], + ['code' => 'Log.Control.CreateProjectLogstoreFailed', 'message' => 'Failed to create Projects and Logstores.', 'http_code' => 400, 'description' => 'Failed to create a project and a Logstore.'], + ['code' => 'Log.Control.CreateProjectLogstoreFailed', 'message' => 'Failed to create a project and a Logstore.', 'http_code' => 400, 'description' => 'Failed to create a project and a Logstore.'], + ['code' => 'Log.Control.DeleteEtlMetaFailed', 'message' => 'Failed to close log distribution.', 'http_code' => 400, 'description' => 'Failed to disable the Log Service for WAF feature.'], + ['code' => 'Log.Control.DeleteEtlMetaFailed', 'message' => 'Failed to disable the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to disable the Log Service for WAF feature.'], + ['code' => 'Log.Control.DeleteLogStoreFailed', 'message' => 'Failed to delete LogStore.', 'http_code' => 400, 'description' => 'Failed to delete the Logstore.'], + ['code' => 'Log.Control.DeleteLogStoreFailed', 'message' => 'Failed to delete the Logstore.', 'http_code' => 400, 'description' => 'Failed to delete the Logstore.'], + ['code' => 'Log.Control.DeliveryConfigCountExceed', 'message' => 'The count of WAF outgoing configurations exceeds the limit.', 'http_code' => 400, 'description' => 'The number of WAF outgoing configurations exceeds the limit.'], + ['code' => 'Log.Control.DeliveryConfigInUse', 'message' => 'WAF cluster outgoing configuration is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'The delivery configuration is in use and cannot be deleted.'], + ['code' => 'Log.Control.DeliveryConfigNameDuplicate', 'message' => 'WAF outgoing configuration name is duplicate.', 'http_code' => 400, 'description' => 'WAF outgoing configuration name is duplicate.'], + ['code' => 'Log.Control.DeliveryConfigNotExist', 'message' => 'The WAF cluster log outgoing configuration does not exist.', 'http_code' => 400, 'description' => 'The WAF cluster log outgoing configuration does not exist.'], + ['code' => 'Log.Control.DescribeLogstoreInfoFailed', 'message' => 'Failed to view LogStore information.', 'http_code' => 400, 'description' => 'Failed to view the Logstore information.'], + ['code' => 'Log.Control.DescribeLogstoreInfoFailed', 'message' => 'Failed to view the Logstore information.', 'http_code' => 400, 'description' => 'Failed to view the Logstore information.'], + ['code' => 'Log.Control.DescribeSlsAuthFailed', 'message' => 'Error querying user for authorization to operate SLS resource.', 'http_code' => 400, 'description' => 'Failed to check whether a user is authorized to manage Log Service resources.'], + ['code' => 'Log.Control.DescribeSlsAuthFailed', 'message' => 'Failed to check whether a user is authorized to manage Log Service resources.', 'http_code' => 400, 'description' => 'Failed to check whether a user is authorized to manage Log Service resources.'], + ['code' => 'Log.Control.DescribeSlsDispatchStatusFailed', 'message' => 'Query Log Distribution Status Error.', 'http_code' => 400, 'description' => 'Failed to query the status of the Log Service for WAF feature.'], + ['code' => 'Log.Control.DescribeSlsDispatchStatusFailed', 'message' => 'Failed to query the status of the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to query the status of the Log Service for WAF feature.'], + ['code' => 'Log.Control.EtlMetaExistError', 'message' => 'Log distribution already exists.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is enabled.'], + ['code' => 'Log.Control.EtlMetaExistError', 'message' => 'The Log Service for WAF feature is enabled.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is enabled.'], + ['code' => 'Log.Control.EtlMetaNotExist', 'message' => 'Log distribution configuration does not exist.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is not enabled.'], + ['code' => 'Log.Control.EtlMetaNotExist', 'message' => 'The Log Service for WAF feature is not enabled.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is not enabled.'], + ['code' => 'Log.Control.HybridCloudNotSupport', 'message' => 'The hybrid cloud extension node is not supported. Please purchase and try again.', 'http_code' => 400, 'description' => 'The hybrid cloud extension node is not supported. Please purchase and try again.'], + ['code' => 'Log.Control.HybridClusterNotExist', 'message' => 'The hybrid cloud cluster does not exist.', 'http_code' => 400, 'description' => 'The hybrid cloud cluster does not exist.'], + ['code' => 'Log.Control.InDebtError', 'message' => 'You have a bill in arrears and do not meet the requirements for automatic logging service. Please recharge your bill and settle it before trying again.', 'http_code' => 400, 'description' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.'], + ['code' => 'Log.Control.InDebtError', 'message' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.', 'http_code' => 400, 'description' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.'], + ['code' => 'Log.Control.InvalidAssertKey', 'message' => 'The AssertKey is invalid.', 'http_code' => 400, 'description' => 'Invalid AssertKey parameter'], + ['code' => 'Log.Control.InvalidInstanceId', 'message' => 'The instance ID is invalid.', 'http_code' => 400, 'description' => 'The instance ID is invalid.'], + ['code' => 'Log.Control.InvalidParameter', 'message' => 'The parameter is invalid.', 'http_code' => 400, 'description' => 'The request parameter is invalid. Please verify the request parameter.'], + ['code' => 'Log.Control.InvalidParameter', 'message' => 'Parameter error. Check and correct the parameter and try again.', 'http_code' => 400, 'description' => 'Parameter error. Check and correct the parameter and try again.'], + ['code' => 'Log.Control.InvalidSlsParam', 'message' => 'Invalid parameters for Log Service SLS.', 'http_code' => 400, 'description' => 'Invalid parameters for Log Service SLS'], + ['code' => 'Log.Control.InvalidUserId', 'message' => 'Invalid user id.', 'http_code' => 400, 'description' => 'The user ID is invalid.'], + ['code' => 'Log.Control.InvalidUserId', 'message' => 'The user ID is invalid.', 'http_code' => 400, 'description' => 'The user ID is invalid.'], + ['code' => 'Log.Control.KafkaConfigParamError', 'message' => 'The Kafka log outgoing configuration parameter is incorrect.', 'http_code' => 400, 'description' => 'The Kafka log outgoing configuration parameter is incorrect.'], + ['code' => 'Log.Control.LogServiceNotSupport', 'message' => 'Log Service is not supported. Please try again after purchasing.', 'http_code' => 400, 'description' => 'Log Service is not supported. Please try again after purchasing.'], + ['code' => 'Log.Control.ModifyEtlMetaFailed', 'message' => 'Failed to modify log distribution configuration.', 'http_code' => 400, 'description' => 'Failed to modify the configuration of the Log Service for WAF feature.'], + ['code' => 'Log.Control.ModifyEtlMetaFailed', 'message' => 'Failed to modify the configuration of the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to modify the configuration of the Log Service for WAF feature.'], + ['code' => 'Log.Control.ModifyUserLogFieldConfigError', 'message' => 'The user failed to modify the log field.', 'http_code' => 400, 'description' => 'Failed to modify the log fields.'], + ['code' => 'Log.Control.ModifyUserLogFieldConfigError', 'message' => 'Failed to modify the log fields.', 'http_code' => 400, 'description' => 'Failed to modify the log fields.'], + ['code' => 'Log.Control.ModifyUserLogSpecError', 'message' => 'modify user log spec code failed, please try again later.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'], + ['code' => 'Log.Control.OpenSlsServiceFailed', 'message' => 'Failed to open SLS.', 'http_code' => 400, 'description' => 'Failed to activate Log Service.'], + ['code' => 'Log.Control.OpenSlsServiceFailed', 'message' => 'Failed to activate Log Service.', 'http_code' => 400, 'description' => 'Failed to activate Log Service.'], + ['code' => 'Log.Control.ResourceCountTooMuch', 'message' => 'When querying the log delivery status of protected resources, the number of protected resources exceeds the limit.', 'http_code' => 400, 'description' => 'When querying the log delivery status of protected resources, the number of protected resources exceeds the limit.'], + ['code' => 'Log.Control.ResourceDeliveryNameEmpty', 'message' => 'When you enable external log delivery for protected resources, the external delivery configuration name cannot be empty.', 'http_code' => 400, 'description' => 'When you enable external log delivery for protected resources, the external delivery configuration name cannot be empty.'], + ['code' => 'Log.Control.ResourceNotExist', 'message' => 'The protected resource does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'], + ['code' => 'Log.Control.ResourceNotSupportDelivery', 'message' => 'The protected resource does not support enabling external log delivery.', 'http_code' => 400, 'description' => 'The protected resource does not support enabling external log delivery.'], + ['code' => 'Log.Control.SlsLogStoreNotExist', 'message' => 'LogStore for SLS does not exist.', 'http_code' => 400, 'description' => 'The Logstore does not exist.'], + ['code' => 'Log.Control.SlsLogStoreNotExist', 'message' => 'The Logstore does not exist.', 'http_code' => 400, 'description' => 'The Logstore does not exist.'], + ['code' => 'Log.Control.SlsProjectNotExist', 'message' => 'Projects for SLS do not exist.', 'http_code' => 400, 'description' => 'The project does not exist.'], + ['code' => 'Log.Control.SlsProjectNotExist', 'message' => 'The project does not exist.', 'http_code' => 400, 'description' => 'The project does not exist.'], + ['code' => 'Log.Control.SyslogConfigParamError', 'message' => 'Syslog outgoing configuration parameter error.', 'http_code' => 400, 'description' => 'Syslog outgoing configuration parameter error.'], + ['code' => 'Log.Control.UserLogFieldIsUpdating', 'message' => 'The user log field is being configured.', 'http_code' => 400, 'description' => 'The log fields are being configured.'], + ['code' => 'Log.Control.UserLogFieldIsUpdating', 'message' => 'The log field is being configured.', 'http_code' => 400, 'description' => 'The log field is being configured.'], + ['code' => 'Log.Control.UserLogOpenedError', 'message' => 'Log Service activation failed.', 'http_code' => 400, 'description' => 'Log Service activation failed.'], + ['code' => 'Log.Control.UserRegionNotFound', 'message' => 'User region not found.', 'http_code' => 400, 'description' => 'User region not found.'], + ['code' => 'NoPermission', 'message' => 'The current operation is not authorized. Please contact the main account to perform authorization after the RAM console is authorized.', 'http_code' => 400, 'description' => 'You are not authorized to perform this operation. Contact the owner of the Alibaba Cloud account to obtain authorization in the RAM console.'], + ['code' => 'NoPermissonCreatesServiceLinkedRole', 'message' => 'No Permisson Create Service Linked Role.', 'http_code' => 400, 'description' => 'You do not have the permissions to create the service-linked role.'], + ['code' => 'NormalizedUsed', 'message' => 'The feature of positive security model is being used.', 'http_code' => 400, 'description' => 'The positive security model is in use'], + ['code' => 'ParamError', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The requested parameter is invalid.'], + ['code' => 'PropertyConvertFailed', 'message' => 'The property convert failed.', 'http_code' => 400, 'description' => 'Request processing failed due to an unknown error.'], + ['code' => 'Rasp.Attach.DeleteFail', 'message' => 'The access record in the access switch ON state cannot be deleted.', 'http_code' => 200, 'description' => 'The access record in the access switch ON state cannot be deleted.'], + ['code' => 'Rasp.Sale.NotExist', 'message' => 'User not purchased.', 'http_code' => 400, 'description' => 'The user has not purchased a RASP instance.'], + ['code' => 'Rasp.UnexpectedError', 'message' => 'Unknown error.', 'http_code' => 500, 'description' => 'Request processing failed due to unknown error'], + ['code' => 'RedirectionStarting', 'message' => 'WAF protection is being enabled for the port. Try again later.', 'http_code' => 403, 'description' => 'WAF protection is being enabled for the port. Try again later.'], + ['code' => 'RequestError', 'message' => 'The system is unavailable. Please try again later.', 'http_code' => 400, 'description' => 'The system is unavailable. Try again later.'], + ['code' => 'RiskyDomain', 'message' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.', 'http_code' => 400, 'description' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.'."\n"], + ['code' => 'RoleAlreadyExists', 'message' => 'Service Linked Role Already Exists.', 'http_code' => 400, 'description' => 'The role already exists.'], + ['code' => 'RsListenPortError', 'message' => 'The specified origin server listening port is invalid.', 'http_code' => 403, 'description' => 'The specified origin server listening port is invalid.'], + ['code' => 'Rule.Service.CustomRuleGroupCountGreaterMaxCapacity', 'message' => 'The number of custom rule groups exceeds the purchase limit.', 'http_code' => 400, 'description' => 'The number of custom rule groups exceeds the upper limit.'], + ['code' => 'Rule.Service.CustomRuleGroupCountGreaterMaxCapacity', 'message' => 'The number of custom rule groups exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of custom rule groups exceeds the upper limit.'], + ['code' => 'Rule.Service.GenericException', 'message' => 'Internal error.', 'http_code' => 400, 'description' => 'An internal error occurred.'], + ['code' => 'Rule.Service.GenericException', 'message' => 'A system error occurred.', 'http_code' => 400, 'description' => 'A system error occurred.'], + ['code' => 'Rule.Service.InternalUnknownError', 'message' => 'Unknown error.', 'http_code' => 400, 'description' => 'An unknown error occurred.'], + ['code' => 'Rule.Service.InternalUnknownError', 'message' => 'An unknown error occurred.', 'http_code' => 400, 'description' => 'An unknown error occurred.'], + ['code' => 'Rule.Service.InvalidParameter', 'message' => 'Parameter check failed.', 'http_code' => 400, 'description' => 'Failed to verify parameters.'], + ['code' => 'Rule.Service.InvalidParameter', 'message' => 'Failed to verify parameters.', 'http_code' => 400, 'description' => 'Failed to verify parameters.'], + ['code' => 'Rule.Service.NotFoundObject', 'message' => 'No corresponding data found.', 'http_code' => 400, 'description' => 'Failed to find the specified data.'], + ['code' => 'Rule.Service.NotFoundObject', 'message' => 'Failed to find the specified data.', 'http_code' => 400, 'description' => 'Failed to find the specified data.'], + ['code' => 'Rule.Service.NotFoundPolicy', 'message' => 'Rule group not found.', 'http_code' => 400, 'description' => 'No rule groups found.'], + ['code' => 'Rule.Service.NotFoundPolicy', 'message' => 'No rule groups found.', 'http_code' => 400, 'description' => 'No rule groups are found.'], + ['code' => 'Rule.Service.NotFoundRule', 'message' => 'No rules found.', 'http_code' => 400, 'description' => 'No rules are found.'], + ['code' => 'Rule.Service.NotSupportedCustomRuleGroup', 'message' => 'Custom rule group not purchased, please upgrade.', 'http_code' => 400, 'description' => 'The custom rule group is not supported. Upgrade your instance and try again.'], + ['code' => 'Rule.Service.NotSupportedCustomRuleGroup', 'message' => 'The custom rule group is not supported.', 'http_code' => 400, 'description' => 'The custom rule group is not supported.'], + ['code' => 'Rule.Service.NotSupportedOperation', 'message' => 'This operation is not supported.', 'http_code' => 400, 'description' => 'The operation is not supported.'], + ['code' => 'Rule.Service.NotSupportedOperation', 'message' => 'The operation is not supported.', 'http_code' => 400, 'description' => 'The operation is not supported.'], + ['code' => 'Rule.Service.ParameterFormatError', 'message' => 'Parameter format error.', 'http_code' => 400, 'description' => 'The parameter format is invalid.'], + ['code' => 'Rule.Service.ParameterFormatError', 'message' => 'The format of the parameter is invalid.', 'http_code' => 400, 'description' => 'The format of the parameter is invalid.'], + ['code' => 'Rule.Service.ParameterIsEmpty', 'message' => 'Empty parameter.', 'http_code' => 400, 'description' => 'You must configure the parameter.'], + ['code' => 'Rule.Service.ParameterIsEmpty', 'message' => 'You must configure the parameter.', 'http_code' => 400, 'description' => 'You must configure the parameter.'], + ['code' => 'Rule.Service.ParameterNotInRange', 'message' => 'Parameter exceeded expected range.', 'http_code' => 400, 'description' => 'The parameter value is invalid.'], + ['code' => 'Rule.Service.ParameterNotInRange', 'message' => 'The parameter value is invalid.', 'http_code' => 400, 'description' => 'The parameter value is invalid.'], + ['code' => 'Rule.Service.PolicyNameAlreadyExist', 'message' => 'Rule group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'], + ['code' => 'Rule.Service.PolicyNameAlreadyExist', 'message' => 'The group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'], + ['code' => 'Rule.Service.PolicyStatusError', 'message' => 'Rule group in use, unable to operate.', 'http_code' => 400, 'description' => 'The rule group is in use and cannot be applied.'], + ['code' => 'Rule.Service.PolicyStatusError', 'message' => 'The rule group is in use and cannot be operated.', 'http_code' => 400, 'description' => 'The rule group is in use and cannot be operated.'], + ['code' => 'RuleNameDuplicated', 'message' => 'Rule name already in use.', 'http_code' => 400, 'description' => 'The name of the rule is used.'], + ['code' => 'RuleNameInvalidError', 'message' => 'The name of rule is invalid.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'], + ['code' => 'RuleNotExist', 'message' => 'The specified rule does not exist.', 'http_code' => 400, 'description' => 'The specified protection rule does not exist.'], + ['code' => 'RuleQueryParamError', 'message' => 'The request parameter is invalid.', 'http_code' => 403, 'description' => 'The request parameter is invalid.'], + ['code' => 'SecondLevelDomainQuotaExceed', 'message' => 'Second Level Domain Quota Exceed.', 'http_code' => 403, 'description' => 'Second Level Domain Quota Exceed.'], + ['code' => 'TamperproofUsed', 'message' => 'The feature of website tamper-proofing is being used.', 'http_code' => 400, 'description' => 'The website tamper-proofing feature is in use.'], + ['code' => 'TestErrorCode.%s.', 'message' => 'TestErrorMsg.%s.', 'http_code' => 400, 'description' => 'Error code of the test'], + ['code' => 'UnderDDoS', 'message' => 'The current WAF instance is in the defense/blackhole state, and it is not allowed to enable the Exclusive IP/GSLB configuration', 'http_code' => 400, 'description' => 'Traffic scrubbing or blackhole filtering is triggered for the WAF instance. You cannot enable Exclusive IP Address or Shared Cluster-based Intelligent Load Balancing.'], + ['code' => 'UserMigrating', 'message' => 'WAF user is migrating, the operation of resource does not support.', 'http_code' => 400, 'description' => 'WAF users are being migrated and cannot access resources.'], + ['code' => 'UserNotFound', 'message' => 'The specified user does not exist.', 'http_code' => 403, 'description' => 'The specified user does not exist.'], + ['code' => 'VasdUsedUp', 'message' => 'The resource package has been used up. For example, all VIP addresses are used.', 'http_code' => 403, 'description' => 'The resource package has been used up. For example, all VIP addresses are used.'], + ['code' => 'VerifyDomainCountExceed', 'message' => 'The number of domain names exceeds the limit. You can upgrade the domain package.', 'http_code' => 400, 'description' => 'The number of domain names exceeds the upper limit. You can upgrade the extra domain package.'], + ['code' => 'VerifyHttpPortNotSupport', 'message' => 'An invalid HTTP port is specified.', 'http_code' => 400, 'description' => 'The specified HTTP port is invalid.'], + ['code' => 'VerifyInfoLeakageNotSupport', 'message' => 'Information leakage prevention is not supported.', 'http_code' => 403, 'description' => 'Data leak prevention is not supported.'], + ['code' => 'VerifyMainDomainCountExceed', 'message' => 'The number of primary domains exceeds the limit. You can upgrade the domain package.', 'http_code' => 400, 'description' => 'The number of second-level domain names exceeds the upper limit. You can upgrade the domain name package.'], + ['code' => 'VerifyRuleCountExceed', 'message' => 'The number of rules exceeds the limit.', 'http_code' => 400, 'description' => 'The number of rules exceeds the upper limit.'], + ['code' => 'VerifyScreenNotSupport', 'message' => 'Large screens are not supported.', 'http_code' => 403, 'description' => 'The data visualization feature is not supported.'], + ['code' => 'VerifyTamperproofNotSupport', 'message' => 'Tamper resistance is not supported.', 'http_code' => 403, 'description' => 'Website tamper-proofing is not supported.'], + ['code' => 'Waf.Control.AllAccessCnameNeedMigrate', 'message' => 'The user access configuration has not been migrated yet. Please confirm after migration.', 'http_code' => 400, 'description' => 'The migration of domain name configurations is not complete.'], + ['code' => 'Waf.Control.ApisecDefaultRuleNotSupportDelete', 'message' => 'The default rules for API security do not support deletion.', 'http_code' => 400, 'description' => 'The default rules for API security do not support deletion.'], + ['code' => 'Waf.Control.ApisecExportTypeExist', 'message' => 'API security export task already exists.', 'http_code' => 400, 'description' => 'API security export task already exists.'], + ['code' => 'Waf.Control.ApisecInSystemUpdate', 'message' => 'API security service upgrade, expected to last 90 minutes, please try again later.', 'http_code' => 400, 'description' => 'API security service upgrade, expected to last 90 minutes, please try again later.'], + ['code' => 'Waf.Control.ApisecIsInitializing', 'message' => 'API security service initialization, expected to last for 1 minute, please try again later.', 'http_code' => 400, 'description' => 'API security service initialization, expected to last for 1 minute, please try again later.'], + ['code' => 'Waf.Control.ApisecNotSupport', 'message' => 'The API security module is not supported.', 'http_code' => 400, 'description' => 'The API security module is not supported.'], + ['code' => 'Waf.Control.ApisecRuleHostParameterConflict', 'message' => 'The content of the domain name field in the API security rule is duplicate.', 'http_code' => 400, 'description' => 'The content of the domain name field in the API security rule is duplicate.'], + ['code' => 'Waf.Control.ApisecRuleInOperation', 'message' => 'The API security policy configuration is operating, please try again later.', 'http_code' => 400, 'description' => 'The API security policy configuration is operating, please try again later.'], + ['code' => 'Waf.Control.ApisecRuleNotExist', 'message' => 'API security rule does not exist.', 'http_code' => 400, 'description' => 'API security rule does not exist.'], + ['code' => 'Waf.Control.CloudProductInfoEmpty', 'message' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'http_code' => 400, 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'."\n"], + ['code' => 'Waf.Control.CloudProductInfoNotMartch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'], + ['code' => 'Waf.Control.CnameBatchOpsFailedDomains', 'message' => 'Failed to upgrade the domain name to WAF3.0 or roll back the domain name to WAF2.0.', 'http_code' => 400, 'description' => 'Failed to upgrade the domain name to WAF3.0 or roll back the domain name to WAF2.0.'], + ['code' => 'Waf.Control.Conflict', 'message' => 'Configuration Conflict', 'http_code' => 400, 'description' => 'A configuration conflict occurs. Try again later.'], + ['code' => 'Waf.Control.DefenseResourceCountOverSize', 'message' => 'The maximum number of protected objects is exceeded.', 'http_code' => 400, 'description' => 'The number of protected objects exceeds the upper limit.'], + ['code' => 'Waf.Control.DefenseResourceEmpty', 'message' => 'CloudResourceId parameter is illegal.', 'http_code' => 400, 'description' => 'CloudResourceId parameter is illegal'], + ['code' => 'Waf.Control.DomainAndDomainIdBothEmpty', 'message' => 'domain and domainId cannot be empty at the same time.', 'http_code' => 400, 'description' => 'The domain name and domain name ID cannot be empty at the same time.'."\n"], + ['code' => 'Waf.Control.DomainAndDomainIdNotMatch', 'message' => 'domain and domainId do not match.', 'http_code' => 400, 'description' => 'The input parameters Domain and DomainId do not match'."\n"], + ['code' => 'Waf.Control.DomainExist', 'message' => 'The domain has been configured.', 'http_code' => 400, 'description' => 'The domain name already exists. Select an appropriate domain name again.'], + ['code' => 'Waf.Control.DomainExist', 'message' => 'The domain name already exists.', 'http_code' => 400, 'description' => 'The domain name already exists.'], + ['code' => 'Waf.Control.DomainFormatInvalid', 'message' => 'Incorrect domain name format.', 'http_code' => 400, 'description' => 'Incorrect domain name format.'], + ['code' => 'Waf.Control.DomainIdIsIllegal', 'message' => 'The input parameter, the domainId is illegal.', 'http_code' => 400, 'description' => 'Illegal entry DomainId'], + ['code' => 'Waf.Control.DomainNotEmpty', 'message' => 'The domain name must be specified.', 'http_code' => 400, 'description' => 'The domain name is not specified.'], + ['code' => 'Waf.Control.DomainOwnerNotVerify', 'message' => 'The user domain ownership is not verified.', 'http_code' => 400, 'description' => 'The ownership of the domain name is not verified.'], + ['code' => 'Waf.Control.DomainsNotEmpty', 'message' => 'The domain name list cannot be empty.', 'http_code' => 400, 'description' => 'You must select at least one domain name.'], + ['code' => 'Waf.Control.DomainTxtRecordValidateFailed', 'message' => 'Failed to verify the ownership of the primary domain name', 'http_code' => 400, 'description' => 'Failed to verify the ownership of the second-level domain name. Enter the second-level domain name that you own.'], + ['code' => 'Waf.Control.ExportDomainsExist', 'message' => 'The domain name export task is in progress. Please do not export it repeatedly.', 'http_code' => 400, 'description' => 'The task of exporting domain names is running. Do not repeat the export.'], + ['code' => 'Waf.Control.ExportingTasksMoreThanFifty', 'message' => 'The number of tasks being exported cannot exceed 50', 'http_code' => 400, 'description' => 'The number of tasks being exported cannot exceed 50.'], + ['code' => 'Waf.Control.FingerStatusNotEmpty', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The request parameters are invalid. Verify the request parameters.'], + ['code' => 'Waf.Control.InstanceExpired', 'message' => 'The instance has expired and does not support POC.', 'http_code' => 400, 'description' => 'The instance has expired and does not support POC.'], + ['code' => 'Waf.Control.InstanceStatusNotSupport', 'message' => 'Migration is not supported in the current instance state.', 'http_code' => 400, 'description' => 'Instances in this state cannot be migrated.'], + ['code' => 'Waf.Control.InsufficientPocQuota', 'message' => 'Insufficient POC quota.', 'http_code' => 400, 'description' => 'Insufficient POC quota.'], + ['code' => 'Waf.Control.InvalidApisecComplianceCode', 'message' => 'The information data type in the compliance check rule is invalid.', 'http_code' => 400, 'description' => 'The information data type in the compliance check rule is invalid.'], + ['code' => 'Waf.Control.InvalidApisecRuleCondition', 'message' => 'The condition parameter in the API security rule is invalid.', 'http_code' => 400, 'description' => 'The condition parameter in the API security rule is invalid.'], + ['code' => 'Waf.Control.InvalidApisecRuleParam', 'message' => 'The API security rule parameter is invalid.', 'http_code' => 400, 'description' => 'The API security rule parameter is invalid.'], + ['code' => 'Waf.Control.InvalidApisecTrafficTime', 'message' => 'The time parameter for API security compliance check is invalid.', 'http_code' => 400, 'description' => 'The time parameter for API security compliance check is invalid.'], + ['code' => 'Waf.Control.InvalidApisecWhitelistTags', 'message' => 'The tags parameter in the API security whitelist rule is invalid.', 'http_code' => 400, 'description' => 'The tags parameter in the API security whitelist rule is invalid.'], + ['code' => 'Waf.Control.InvalidDelegatedUserId', 'message' => 'Invalid delegated administrator user ID.', 'http_code' => 400, 'description' => 'Invalid delegated administrator user ID.'], + ['code' => 'Waf.Control.InvalidMemberUserId', 'message' => 'Invalid member account user ID.', 'http_code' => 400, 'description' => 'Invalid member account user ID.'], + ['code' => 'Waf.Control.InvalidParameter', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The request parameters are invalid. Verify the request parameters.'], + ['code' => 'Waf.Control.MemberHasWafInstance', 'message' => 'The member account already holds a WAF instance and cannot be managed by a delegated administrator account.', 'http_code' => 400, 'description' => 'The member account already holds a WAF instance and cannot be managed by an administrator account.'], + ['code' => 'Waf.Control.MemberNotExist', 'message' => 'The member account does not exist. Please check and try again.', 'http_code' => 400, 'description' => 'The member account does not exist. Please check and try again.'], + ['code' => 'Waf.Control.MemberUserInBatchTooMuch', 'message' => 'The number of member accounts for batch operations exceeds the limit.', 'http_code' => 400, 'description' => 'The number of member accounts for batch operations exceeds the limit.'], + ['code' => 'Waf.Control.MemberUserOverLimit', 'message' => 'The number of managed member accounts has exceeded the WAF instance specification limit. Please upgrade and try again.', 'http_code' => 400, 'description' => 'The number of managed member accounts exceeds the WAF instance specification limit. Upgrade and try again.'], + ['code' => 'Waf.Control.MigrateTaskExist', 'message' => 'The migration task already exists.', 'http_code' => 400, 'description' => 'The migration task already exists.'], + ['code' => 'Waf.Control.ModuleCodeInvalid', 'message' => 'The code of the pricing module is incorrect.', 'http_code' => 400, 'description' => 'The code of the pricing module is incorrect.'], + ['code' => 'Waf.Control.NotRollBack', 'message' => 'During the migration, the domain name has been modified or added to the access configuration in V3. You cannot roll back or abort the upgrade.', 'http_code' => 400, 'description' => 'During the migration, the domain name has been modified or added to the access configuration in V3. You cannot roll back or abort the upgrade.'], + ['code' => 'Waf.Control.NotSupportRd', 'message' => 'The user\'s WAF instance does not support multi-account management. Please upgrade and try again.', 'http_code' => 400, 'description' => 'The user\'s WAF instance does not support multi-account management. Please upgrade and try again.'], + ['code' => 'Waf.Control.PocFunctionBought', 'message' => 'The function specified to enable POC has already been purchased.', 'http_code' => 400, 'description' => 'The function specified to enable POC has already been purchased.'], + ['code' => 'Waf.Control.PocIllegalType', 'message' => 'Type field value is incorrect when enabling POC.', 'http_code' => 400, 'description' => 'Type field value is incorrect when enabling POC.'], + ['code' => 'Waf.Control.PocInvalidEdition', 'message' => 'The WAF version does not support the POC function.', 'http_code' => 400, 'description' => 'The WAF version does not support the POC function.'], + ['code' => 'Waf.Control.PocRepeatedEnable', 'message' => 'POC has been enabled and cannot be repeated.', 'http_code' => 400, 'description' => 'POC has been enabled and cannot be repeated.'], + ['code' => 'Waf.Control.ResourceDirectoryNotExist', 'message' => 'The user has not activated the resource directory. Please try again after activating.', 'http_code' => 400, 'description' => 'The user has not activated the resource directory. Please try again after activating.'], + ['code' => 'Waf.Control.TopDomainNotEmpty', 'message' => 'The top-level domain must be specified.', 'http_code' => 400, 'description' => 'The second-level domain name is not specified.'], + ['code' => 'Waf.Control.UserAlreadyMigrated', 'message' => 'The user configuration has been migrated to the new version of WAF.', 'http_code' => 400, 'description' => 'User configurations are migrated to WAF 3.0.'], + ['code' => 'Waf.Control.UserMigrating', 'message' => 'The user is not allowed to access the configuration during the migration.', 'http_code' => 400, 'description' => 'The user is not allowed to access the configuration during the migration.'], + ['code' => 'Waf.Control.VerifyRecordNotFound', 'message' => 'The verification record does not exist.', 'http_code' => 400, 'description' => 'The verification record does not exist.'], + ['code' => 'Waf.HybridCloud.AccessModeInvalid', 'message' => 'The access type is invalid.', 'http_code' => 400, 'description' => 'The access type is invalid.'], + ['code' => 'Waf.HybridCloud.AccessModeIsEmpty', 'message' => 'The access mode cannot be empty.', 'http_code' => 400, 'description' => 'The access mode cannot be empty.'], + ['code' => 'Waf.HybridCloud.AccessRegionInvalid', 'message' => 'The access region is invalid.', 'http_code' => 400, 'description' => 'The region is invalid.'], + ['code' => 'Waf.HybridCloud.ApisecRuleConfigConflict', 'message' => 'API security rule configuration conflicts.', 'http_code' => 400, 'description' => 'API security rule configuration conflicts'], + ['code' => 'Waf.HybridCloud.ApisecRuleParamError', 'message' => 'API security rule parameter exception.', 'http_code' => 400, 'description' => 'API security rule parameter exception'], + ['code' => 'Waf.HybridCloud.ApisecRuleServiceError', 'message' => 'API security rule service exception.', 'http_code' => 400, 'description' => 'API security rule service exception'], + ['code' => 'Waf.HybridCloud.ClusterIdNotEmpty', 'message' => 'The cluster ID cannot be empty.', 'http_code' => 400, 'description' => 'The cluster ID cannot be empty.'], + ['code' => 'Waf.HybridCloud.ClusterNameEmpty', 'message' => 'The cluster name cannot be empty.', 'http_code' => 400, 'description' => 'The cluster name cannot be empty.'], + ['code' => 'Waf.HybridCloud.ClusterNameExist', 'message' => 'The cluster name already exists.', 'http_code' => 400, 'description' => 'The cluster name already exists.'], + ['code' => 'Waf.HybridCloud.ClusterNotFound', 'message' => 'No cluster information found.', 'http_code' => 400, 'description' => 'No cluster information is found.'], + ['code' => 'Waf.HybridCloud.ClusterRuleAlreadyExists', 'message' => 'Cluster rule already exists.', 'http_code' => 400, 'description' => 'Cluster rule already exists.'], + ['code' => 'Waf.HybridCloud.ClusterRuleContentEmpty', 'message' => 'Cluster rule content cannot be empty.', 'http_code' => 400, 'description' => 'Cluster rule content cannot be empty.'], + ['code' => 'Waf.HybridCloud.ClusterRuleDontUsed', 'message' => 'Cluster rules have been updated to a new version. For more information, see the latest API documentation.', 'http_code' => 400, 'description' => 'Cluster rules have been updated to a new version. For more information, see the latest API documentation.'], + ['code' => 'Waf.HybridCloud.ClusterRuleNotFound', 'message' => 'The cluster rule resource ID does not exist.', 'http_code' => 400, 'description' => 'The cluster rule resource ID does not exist.'], + ['code' => 'Waf.HybridCloud.ClusterRuleResourceIdEmpty', 'message' => 'Cluster rule resource ID cannot be empty.', 'http_code' => 400, 'description' => 'Cluster rule resource ID cannot be empty'], + ['code' => 'Waf.HybridCloud.ClusterRuleStatusIsEmpty', 'message' => 'The rule status of the service-oriented cluster cannot be empty', 'http_code' => 400, 'description' => 'The rule status must be specified.'], + ['code' => 'Waf.HybridCloud.ClusterRuleTypeDontUpdate', 'message' => 'The cluster rule type cannot be modified.', 'http_code' => 400, 'description' => 'The cluster rule type cannot be modified.'], + ['code' => 'Waf.HybridCloud.ClusterRuleTypeIsEmpty', 'message' => 'The service-oriented cluster rule type cannot be empty', 'http_code' => 400, 'description' => 'The rule type must be specified.'], + ['code' => 'Waf.HybridCloud.ClusterRuleTypeNotExist', 'message' => 'The cluster rule type is incorrect.', 'http_code' => 400, 'description' => 'The cluster rule type is incorrect.'], + ['code' => 'Waf.HybridCloud.ExactRuleCountOverSize', 'message' => 'The number of precise matching rules exceeds the limit', 'http_code' => 400, 'description' => 'The number of exact match rules exceeds the limit.'], + ['code' => 'Waf.HybridCloud.GroupCreationError', 'message' => 'You must create storage groups, management groups, and protection groups in sequence.', 'http_code' => 400, 'description' => 'You must create groups in sequence.'], + ['code' => 'Waf.HybridCloud.GroupDeleteDomainReferError', 'message' => 'You cannot delete the group because the domain names in the group are in use. Remove the domain names from the group first.', 'http_code' => 400, 'description' => 'You cannot delete the group because the domain names in the group are in use. Remove the domain names from the group first.'], + ['code' => 'Waf.HybridCloud.GroupDeleteDomainReferError', 'message' => 'A domain name is currently using this protection group. Please delete the domain name reference relationship before proceeding.', 'http_code' => 400, 'description' => 'A domain name is currently using this protection group. Delete the domain name reference relationship before performing the operation.'], + ['code' => 'Waf.HybridCloud.GroupDeleteNodeInError', 'message' => 'You cannot delete the group. Remove the nodes from the group first.', 'http_code' => 400, 'description' => 'The group cannot be deleted. Remove nodes from the group first.'], + ['code' => 'Waf.HybridCloud.GroupDeletionError', 'message' => 'You must delete protection groups, management groups, and storage groups in sequence.', 'http_code' => 400, 'description' => 'Delete groups in sequence.'], + ['code' => 'Waf.HybridCloud.GroupIdInvalid', 'message' => 'The group ID is invalid.', 'http_code' => 400, 'description' => 'The group ID is invalid.'], + ['code' => 'Waf.HybridCloud.GroupLocationNotEmpty', 'message' => 'The group region cannot be empty.', 'http_code' => 400, 'description' => 'The group region cannot be empty.'], + ['code' => 'Waf.HybridCloud.GroupNameNotEmpty', 'message' => 'The group name cannot be empty.', 'http_code' => 400, 'description' => 'The group name cannot be empty.'], + ['code' => 'Waf.HybridCloud.GroupProtectionNodeOverrun', 'message' => 'The number of protected nodes exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of protected nodes exceeds the upper limit.'], + ['code' => 'Waf.HybridCloud.GroupVagentIdInvalid', 'message' => 'The group ID is invalid.', 'http_code' => 400, 'description' => 'The group ID is invalid.'], + ['code' => 'Waf.HybridCloud.HttpPortIsEmpty', 'message' => 'The HTTP ports cannot be empty.', 'http_code' => 400, 'description' => 'The HTTP ports cannot be empty.'], + ['code' => 'Waf.HybridCloud.HttpsPortIsEmpty', 'message' => 'The HTTPS ports cannot be empty.', 'http_code' => 400, 'description' => 'The HTTPS ports cannot be empty.'], + ['code' => 'Waf.HybridCloud.HybridCloudApisecNotSupport', 'message' => 'WAF instances do not support hybrid cloud API security.', 'http_code' => 400, 'description' => 'WAF instances do not support hybrid cloud API security'], + ['code' => 'Waf.HybridCloud.HybridCloudNotsupport', 'message' => 'Hybrid cloud is not supported.', 'http_code' => 400, 'description' => 'Hybrid clouds are not supported.'], + ['code' => 'Waf.HybridCloud.InternalError', 'message' => 'Internal service error.', 'http_code' => 400, 'description' => 'Internal Service Error'], + ['code' => 'Waf.HybridCloud.InvalidGroupType', 'message' => 'The group type is invalid.', 'http_code' => 400, 'description' => 'The group type is invalid.'], + ['code' => 'Waf.HybridCloud.InvalidHttpPort', 'message' => 'The HTTP port is invalid.', 'http_code' => 400, 'description' => 'The HTTP port is invalid.'], + ['code' => 'Waf.HybridCloud.InvalidHttpsPort', 'message' => 'The HTTPS port is invalid.', 'http_code' => 400, 'description' => 'The HTTPS port is invalid.'], + ['code' => 'Waf.HybridCloud.LoadBalanceIpNotEmpty', 'message' => 'The server IP address for load balancing cannot be empty.', 'http_code' => 400, 'description' => 'The server IP address for load balancing cannot be empty.'], + ['code' => 'Waf.HybridCloud.ProtectionCountOrverLoad', 'message' => 'The number of protected domains exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of protected nodes exceeds the specification.'], + ['code' => 'Waf.HybridCloud.ProtectionServerCountInvalid', 'message' => 'The number of protected domains is invalid.', 'http_code' => 400, 'description' => 'The number of protected nodes is invalid.'], + ['code' => 'Waf.HybridCloud.PullinRuleFormatInvalid', 'message' => 'Incorrect format of drainage rules', 'http_code' => 400, 'description' => 'The format of traffic redirection rules is invalid.'], + ['code' => 'Waf.HybridCloud.RegexRuleCountOverSize', 'message' => 'The number of regular matching rules exceeds the limit', 'http_code' => 400, 'description' => 'The number of regular expression rules exceeds the limit.'], + ['code' => 'Waf.HybridCloud.SdkInfoNotExist', 'message' => 'SDK info not exist.', 'http_code' => 400, 'description' => 'The traffic redirection node does not exist.'], + ['code' => 'Waf.HybridCloud.SdkMidIsEmpty', 'message' => 'Machine unique identifier mid cannot be empty', 'http_code' => 400, 'description' => 'The machine ID must be specified.'], + ['code' => 'Waf.HybridCloud.ServerContinentsInvalid', 'message' => 'The continent is invalid.', 'http_code' => 400, 'description' => 'The continent is invalid.'], + ['code' => 'Waf.HybridCloud.ServerContinestsUnuseable', 'message' => 'The continent is not supported.', 'http_code' => 400, 'description' => 'The continent is not supported.'], + ['code' => 'Waf.HybridCloud.ServerMidInvalid', 'message' => 'The machine ID is invalid.', 'http_code' => 400, 'description' => 'The machine ID is invalid.'], + ['code' => 'Waf.HybridCloud.ServerMidNotExist', 'message' => 'The machine ID does not exist.', 'http_code' => 400, 'description' => 'The machine ID does not exist.'], + ['code' => 'Waf.HybridCloud.ServerOperatorInvalid', 'message' => 'The operator is invalid.', 'http_code' => 400, 'description' => 'The operator is invalid.'], + ['code' => 'Waf.HybridCloud.ServerOperatorUnuseable', 'message' => 'The operator is not supported.', 'http_code' => 400, 'description' => 'The operator is not supported.'], + ['code' => 'Waf.HybridCloud.ServerRegionCodeInvalid', 'message' => 'The city is invalid.', 'http_code' => 400, 'description' => 'The city is invalid.'], + ['code' => 'Waf.HybridCloud.ServerRegionCodeUnuseable', 'message' => 'The city is not supported.', 'http_code' => 400, 'description' => 'The city is not supported.'], + ['code' => 'Waf.HybridCloud.ServerRegionTypeInvalid', 'message' => 'The region type is invalid.', 'http_code' => 400, 'description' => 'The region type is invalid.'], + ['code' => 'Waf.HybridCloud.ServerUpdateFailed', 'message' => 'Failed to update the server information.', 'http_code' => 400, 'description' => 'Failed to update the server information.'], + ['code' => 'Waf.HybridCloud.UniqueClusterGroupType', 'message' => 'You can create only one group of this type in a cluster.', 'http_code' => 400, 'description' => 'You can create only one group of this type in a cluster.'], + ['code' => 'Waf.HybridCloud.UniqueGroupName', 'message' => 'The group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'], + ['code' => 'Waf.HybridCloud.UserNoPermission', 'message' => 'You do not have the permissions to perform this operation.', 'http_code' => 400, 'description' => 'You do not have the permissions to perform this operation.'], + ['code' => 'Waf.Instance.MaxTransparentIpPortCountLimit', 'message' => 'The number of transparent access exceeds the current maximum number that can be added', 'http_code' => 400, 'description' => 'The maximum number of instances that you can add to WAF in transparent proxy mode is exceeded.'], + ['code' => 'Waf.Instance.ValidFaild', 'message' => 'WAF instance check failed. Check whether the instance ID is correct.', 'http_code' => 400, 'description' => 'WAF instance check failed. Check whether the instance ID is correct.'], + ['code' => 'Waf.Pullin.AbnormalStatus', 'message' => 'The status of the access resource is abnormal. Resource:%s.', 'http_code' => 400, 'description' => 'The status of the access resource is abnormal. Resource:%s.'], + ['code' => 'Waf.Pullin.AlreadyAccessed', 'message' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', 'http_code' => 400, 'description' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.'], + ['code' => 'Waf.Pullin.BackedInBacklist', 'message' => 'The input back-to-source IP is in the system blacklist, please update the back-to-source IP.', 'http_code' => 400, 'description' => 'The back-to-origin IP address is in the blacklist. Change the back-to-origin IP address.'], + ['code' => 'Waf.Pullin.BackendPortIncompatible', 'message' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.', 'http_code' => 400, 'description' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.'], + ['code' => 'Waf.Pullin.BackendPortNotMatched', 'message' => 'The back-to-source port does not match the listening port. Listening protocol:%s, listening port:%s, back-to-source port:%s.', 'http_code' => 400, 'description' => 'The back-to-source port does not match the listening port. Listening protocol:%s, listening port:%s, back-to-source port:%s.'], + ['code' => 'Waf.Pullin.BackupBackendConflict', 'message' => 'The backup backend configuration conflicts.', 'http_code' => 400, 'description' => 'The backup link back-to-source configuration conflicts.'], + ['code' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'message' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'http_code' => 400, 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'], + ['code' => 'Waf.Pullin.BusinessDomainNotRecord', 'message' => 'The domain name does not have an ICP filing.', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing.'], + ['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.', 'http_code' => 400, 'description' => 'Domain name business is suspected of violating regulations. If you have any questions, please go through the work order process.'], + ['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'Domain services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'http_code' => 400, 'description' => 'Domain services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'], + ['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'http_code' => 400, 'description' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'], + ['code' => 'Waf.Pullin.CertAuthFailed', 'message' => 'Certificate authorization failed.', 'http_code' => 400, 'description' => 'Failed to perform certificate authentication.'], + ['code' => 'Waf.Pullin.CertAuthFailed', 'message' => 'Failed to perform certificate authentication.', 'http_code' => 400, 'description' => 'Failed to perform certificate authentication.'], + ['code' => 'Waf.Pullin.CertExist', 'message' => 'Certificate already exists.', 'http_code' => 400, 'description' => 'The certificate exists.'], + ['code' => 'Waf.Pullin.CertExist', 'message' => 'The certificate exists.', 'http_code' => 400, 'description' => 'The certificate exists.'], + ['code' => 'Waf.Pullin.CertExpired', 'message' => 'Certificate has expired.', 'http_code' => 400, 'description' => 'The certificate is expired.'], + ['code' => 'Waf.Pullin.CertExpired', 'message' => 'The certificate has expired.', 'http_code' => 400, 'description' => 'The certificate has expired.'], + ['code' => 'Waf.Pullin.CertExpired', 'message' => 'Certificate expired, certificate ID:%s .', 'http_code' => 400, 'description' => 'Certificate expired, certificate ID:%s.'], + ['code' => 'Waf.Pullin.CertKeyEmpty', 'message' => 'Certificate private key is empty.', 'http_code' => 400, 'description' => 'The private key of the certificate is empty.'], + ['code' => 'Waf.Pullin.CertKeyEmpty', 'message' => 'The private key of the certificate is empty.', 'http_code' => 400, 'description' => 'The private key of the certificate is empty.'], + ['code' => 'Waf.Pullin.CertKeyNotMatch', 'message' => 'Certificate file does not match private key.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key.'], + ['code' => 'Waf.Pullin.CertKeyNotMatch', 'message' => 'The certificate file does not match the private key.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key.'], + ['code' => 'Waf.Pullin.CertNameExist', 'message' => 'Certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate is being used.'], + ['code' => 'Waf.Pullin.CertNameExist', 'message' => 'The name of the certificate is being used.', 'http_code' => 400, 'description' => 'The name of the certificate is being used.'], + ['code' => 'Waf.Pullin.CertNotExist', 'message' => 'Certificate does not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'], + ['code' => 'Waf.Pullin.CertNotExist', 'message' => 'The certificate does not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'], + ['code' => 'Waf.Pullin.CertNotExist', 'message' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'http_code' => 400, 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'], + ['code' => 'Waf.Pullin.CertNotMatchDomain', 'message' => 'The domain name is not included in the certificate.', 'http_code' => 400, 'description' => 'The domain name is not included in the certificate.'], + ['code' => 'Waf.Pullin.CertSaveFailed', 'message' => 'Certificate save failed.', 'http_code' => 400, 'description' => 'Failed to store the certificate.'], + ['code' => 'Waf.Pullin.CertSaveFailed', 'message' => 'Failed to store the certificate.', 'http_code' => 400, 'description' => 'Failed to store the certificate.'], + ['code' => 'Waf.Pullin.ClientCertificateOpened', 'message' => 'Clb Instance port Client Certiticate is opened.', 'http_code' => 400, 'description' => 'Mutual authentication is enabled for the ports of CLB instances. The ports cannot be added to WAF.'], + ['code' => 'Waf.Pullin.CloudProductParamEmpty', 'message' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'http_code' => 400, 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'], + ['code' => 'Waf.Pullin.CloudProductParamNotMarch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'], + ['code' => 'Waf.Pullin.CloudProductParamNotMatch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'."\n"], + ['code' => 'Waf.Pullin.CloudResourceInvalid', 'message' => 'CloudResourceId parameter is illegal.', 'http_code' => 400, 'description' => 'CloudResourceId parameter is illegal'], + ['code' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', 'message' => 'domain and domainId cannot be empty at the same time.', 'http_code' => 400, 'description' => 'The domain name and domain name ID cannot be empty at the same time.'], + ['code' => 'Waf.Pullin.DomainAndDomainIdNotMatch', 'message' => 'domain and domainId do not match.', 'http_code' => 400, 'description' => 'The input parameters Domain and DomainId do not match.'], + ['code' => 'Waf.Pullin.DomainExistInOldWaf', 'message' => 'Domain name exists in WAF 2.0.', 'http_code' => 400, 'description' => 'The domain name is added to WAF of the earlier version.'], + ['code' => 'Waf.Pullin.DomainExistInOldWaf', 'message' => 'The domain name is added to WAF of the earlier version.', 'http_code' => 403, 'description' => 'The domain name is already configured in WAF 2.0.'], + ['code' => 'Waf.Pullin.DomainIdIsIllegal', 'message' => 'The input parameter, the domainId is illegal.', 'http_code' => 400, 'description' => 'Illegal entry DomainId'], + ['code' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'message' => 'The domain does not have an ICP filling or has been blacklisted.', 'http_code' => 400, 'description' => 'The domain name is not filed or is on the blacklist.'], + ['code' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'message' => 'Blacklist or Domain Names That Do Not Have ICP Filings', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or has committed a penalty.'], + ['code' => 'Waf.Pullin.DomainOwnedByOtherUser', 'message' => 'The domain name is already in use by another user.', 'http_code' => 400, 'description' => 'The domain name is used by another user.'], + ['code' => 'Waf.Pullin.DomainOwnedByOtherUser', 'message' => 'The domain name is used by other users.', 'http_code' => 400, 'description' => 'The domain name is used by another user.'], + ['code' => 'Waf.Pullin.DuplicateCertificateId', 'message' => 'Duplicate certificate ID', 'http_code' => 400, 'description' => 'The ID of the certificate already exists.'], + ['code' => 'Waf.Pullin.ExtensiveDomainUsedError', 'message' => 'The generic domain name is already in use by other users.', 'http_code' => 400, 'description' => 'The wildcard domain name is used by another user.'], + ['code' => 'Waf.Pullin.ExtensiveDomainUsedError', 'message' => 'The wildcard domain name is used by other users.', 'http_code' => 400, 'description' => 'The wildcard domain name is used by other users.'], + ['code' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', 'message' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', 'http_code' => 400, 'description' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.'], + ['code' => 'Waf.Pullin.Http2OriginMustOnHttp2Enable', 'message' => 'When HTTP2 origin is enabled, HTTP2 listening must be enabled.', 'http_code' => 400, 'description' => 'When HTTP2 back-to-source is enabled, HTTP2 listening must be enabled.'], + ['code' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', 'message' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', 'http_code' => 400, 'description' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.'], + ['code' => 'Waf.Pullin.InsufficientExclusiveVip', 'message' => 'The number of exclusive IP addresses that you have purchased is insufficient. Purchase more on the upgrade page.', 'http_code' => 400, 'description' => 'The number of exclusive IP addresses that you have purchased is insufficient. Purchase more on the upgrade page.'], + ['code' => 'Waf.Pullin.InvalidAttachKey', 'message' => 'Invalid parameter name.', 'http_code' => 400, 'description' => 'The name of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidAttachKey', 'message' => 'The name of the parameter is invalid.', 'http_code' => 400, 'description' => 'The name of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidAttachValue', 'message' => 'Invalid parameter value.', 'http_code' => 400, 'description' => 'The value of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidAttachValue', 'message' => 'The value of the parameter is invalid.', 'http_code' => 400, 'description' => 'The value of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidBackend', 'message' => 'Invalid return information.', 'http_code' => 400, 'description' => 'The back-to-origin information is invalid.'], + ['code' => 'Waf.Pullin.InvalidBackend', 'message' => 'The back-to-origin information is invalid.', 'http_code' => 400, 'description' => 'The back-to-origin information is invalid.'], + ['code' => 'Waf.Pullin.InvalidCertByHttpProtocol', 'message' => 'HTTP protocol cannot enter certificate', 'http_code' => 400, 'description' => 'You cannot enter a certificate for the HTTP protocol.'], + ['code' => 'Waf.Pullin.InvalidCertByHttpsProtocol', 'message' => 'HTTPS protocol must enter a certificate', 'http_code' => 400, 'description' => 'You must enter a certificate for the HTTPS protocol.'], + ['code' => 'Waf.Pullin.InvalidCertFormat', 'message' => 'Certificate format error.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'], + ['code' => 'Waf.Pullin.InvalidCertFormat', 'message' => 'The format of the certificate is invalid.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'], + ['code' => 'Waf.Pullin.InvalidCertIdentifier', 'message' => 'Invalid certificate ID, certificate ID:%s.', 'http_code' => 400, 'description' => 'Invalid certificate ID, certificate ID:%s.'], + ['code' => 'Waf.Pullin.InvalidCipherSuit', 'message' => 'Invalid CipherSuit', 'http_code' => 400, 'description' => 'The cipher suite is invalid.'], + ['code' => 'Waf.Pullin.InvalidClusterPort', 'message' => 'The cluster port is invalid.', 'http_code' => 400, 'description' => 'HybridCloud cluster port is invalid.'], + ['code' => 'Waf.Pullin.InvalidCustomCiphers', 'message' => 'Invalid custom cipher suite.', 'http_code' => 400, 'description' => 'Invalid custom cipher suite.'], + ['code' => 'Waf.Pullin.InvalidDefaultCert', 'message' => 'Invalid default certificate.', 'http_code' => 400, 'description' => 'The default certificate is invalid.'], + ['code' => 'Waf.Pullin.InvalidDomain', 'message' => 'Invalid domain name.', 'http_code' => 400, 'description' => 'The domain name is invalid.'], + ['code' => 'Waf.Pullin.InvalidDomain', 'message' => 'The domain name is invalid.', 'http_code' => 400, 'description' => 'The domain name is invalid.'], + ['code' => 'Waf.Pullin.InvalidHttp2OriginWithProxyProtocol', 'message' => 'http2Origin and proxyProtocol cannot be opened at the same time.', 'http_code' => 400, 'description' => 'http2Origin and proxyProtocol cannot be opened at the same time.'], + ['code' => 'Waf.Pullin.InvalidIncludeSubDomainWithPreload', 'message' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'http_code' => 400, 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'], + ['code' => 'Waf.Pullin.InvalidMaxAgeWithPreload', 'message' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000.', 'http_code' => 400, 'description' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000'], + ['code' => 'Waf.Pullin.InvalidProtocolPort', 'message' => 'Protocol port not entered.', 'http_code' => 400, 'description' => 'You must specify the port.'], + ['code' => 'Waf.Pullin.InvalidProtocolPort', 'message' => 'The port is not specified.', 'http_code' => 400, 'description' => 'The port is not specified.'], + ['code' => 'Waf.Pullin.InvalidPunishScope', 'message' => 'The punish scope parameter is invalid.', 'http_code' => 400, 'description' => 'The penalty dimension parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidRequestHeader', 'message' => 'Invalid Enable Traffic Marker parameter.', 'http_code' => 400, 'description' => 'The Enable Traffic Mark parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidRequestHeader', 'message' => 'The Enable Traffic Mark parameter is invalid.', 'http_code' => 400, 'description' => 'The Enable Traffic Mark parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidResource', 'message' => 'Invalid resource.', 'http_code' => 400, 'description' => 'The resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidResource', 'message' => 'The resource is invalid.', 'http_code' => 400, 'description' => 'The resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidResourceProduct', 'message' => 'Invalid cloud product type.', 'http_code' => 400, 'description' => 'The cloud service type is invalid.'], + ['code' => 'Waf.Pullin.InvalidResourceStatus', 'message' => 'Invalid resource state.', 'http_code' => 400, 'description' => 'The status of the resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidResourceStatus', 'message' => 'The status of the resource is invalid.', 'http_code' => 400, 'description' => 'The status of the resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidServiceAttachData', 'message' => 'Invalid cloud product parameters.', 'http_code' => 400, 'description' => 'The cloud service parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidServiceAttachData', 'message' => 'The Cloud Service parameter is invalid.', 'http_code' => 400, 'description' => 'The Cloud Service parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidTLS', 'message' => 'invalid TLS', 'http_code' => 400, 'description' => 'The TLS parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidUserStatus', 'message' => 'Invalid user state.', 'http_code' => 400, 'description' => 'The status of the user is invalid.'], + ['code' => 'Waf.Pullin.InvalidUserStatus', 'message' => 'The status of the user is invalid.', 'http_code' => 400, 'description' => 'The status of the user is invalid.'], + ['code' => 'Waf.Pullin.MaxCertCountLimit', 'message' => 'The number of selected certificate IDs exceeds the maximum number in the system.', 'http_code' => 400, 'description' => 'The number of selected certificate IDs exceeds the maximum number in the system.'], + ['code' => 'Waf.Pullin.MaxDomainCountLimit', 'message' => 'Exceeds the maximum number of domain names that can be entered', 'http_code' => 400, 'description' => 'The maximum number of domain names that you can enter is exceeded.'], + ['code' => 'Waf.Pullin.MaxProductCountLimit', 'message' => '可接入的云产品数不足', 'http_code' => 400, 'description' => 'The maximum number of instances that you can add to WAF is exceeded.'], + ['code' => 'Waf.Pullin.MustListenHTTPS', 'message' => 'The domain name must listen to the HTTPS protocol. Domain:%s.', 'http_code' => 400, 'description' => 'The domain name must listen to the HTTPS protocol. Domain name:%s.'], + ['code' => 'Waf.Pullin.OnlyBeOneDefaultCert', 'message' => 'There can be only one default certificate.', 'http_code' => 400, 'description' => 'There can be only one default certificate.'], + ['code' => 'Waf.Pullin.OpenExclusiveIpInNotShare', 'message' => 'Turn on exclusive IP, only share cluster can be selected.', 'http_code' => 400, 'description' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.OpenExclusiveIpInNotShare', 'message' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.', 'http_code' => 400, 'description' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.OpenExclusiveIpIPv6', 'message' => 'Exclusive IP and Ipv6, cannot be enabled at the same time.', 'http_code' => 400, 'description' => 'Exclusive IP and Ipv6 cannot be enabled at the same time.'], + ['code' => 'Waf.Pullin.OpenIPv6InNotShare', 'message' => 'Turn on IPv6, share cluster is the only option.', 'http_code' => 400, 'description' => 'If you turn on IPv6, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.OpenIPv6InNotShare', 'message' => 'If you turn on IPv6, you can select only a shared cluster.', 'http_code' => 400, 'description' => 'If you turn on IPv6, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.PortProcessing', 'message' => 'Port is processing', 'http_code' => 400, 'description' => 'The port is being processed. Try again later.'], + ['code' => 'Waf.Pullin.PortProcessing', 'message' => 'The port is being processed, please try again later.', 'http_code' => 400, 'description' => 'The port is being processed, please try again later.'], + ['code' => 'Waf.Pullin.ProtocolNotSet', 'message' => 'Protocol not entered.', 'http_code' => 400, 'description' => 'You must specify the protocol.'], + ['code' => 'Waf.Pullin.ProtocolNotSet', 'message' => 'You must specify the protocol.', 'http_code' => 400, 'description' => 'You must specify the protocol.'], + ['code' => 'Waf.Pullin.ResourceAllocationFailed', 'message' => 'Failed to allocate resources.', 'http_code' => 400, 'description' => 'Failed to allocate resources.'], + ['code' => 'Waf.Pullin.ResourceCreating', 'message' => 'Accessed resources are being created.', 'http_code' => 400, 'description' => 'The resource is being created.'], + ['code' => 'Waf.Pullin.ResourceCreating', 'message' => 'The resource is being created.', 'http_code' => 400, 'description' => 'The resource is being created.'], + ['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'Accessed resource already exists.', 'http_code' => 400, 'description' => 'The resource exists.'], + ['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'The resource exists.', 'http_code' => 400, 'description' => 'The resource exists.'], + ['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'Access resource already exists, resource:%s.', 'http_code' => 400, 'description' => 'Access resource already exists, existing resource:%s.'], + ['code' => 'Waf.Pullin.ResourceInstanceIdNotExist', 'message' => 'The instance ID does not exist.', 'http_code' => 400, 'description' => 'The instance ID does not exist.'], + ['code' => 'Waf.Pullin.ResourceInstanceIpNotMatched', 'message' => 'The instance does not match the Public IP, please click Synchronize and try again.', 'http_code' => 400, 'description' => 'The ID of the instance does not match the IP address of the instance. Click Synchronize Instances and retry.'], + ['code' => 'Waf.Pullin.ResourceInstancePortNotExist', 'message' => 'The port of the instance does not exist.', 'http_code' => 400, 'description' => 'The port number does not exist.'], + ['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'Access resource does not exist.', 'http_code' => 400, 'description' => 'The resource does not exist.'], + ['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'The resource does not exist.', 'http_code' => 400, 'description' => 'The resource does not exist.'], + ['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'The accessed resource already exists. Resource:%s.', 'http_code' => 400, 'description' => 'The accessed resource already exists. Resource:%s.'], + ['code' => 'Waf.Pullin.ResourceOwnerError', 'message' => 'Resource attribution user is incorrect.', 'http_code' => 400, 'description' => 'The user to which the resource belongs is invalid.'], + ['code' => 'Waf.Pullin.ResourceOwnerError', 'message' => 'The user to which the resource belongs is invalid.', 'http_code' => 400, 'description' => 'The user to which the resource belongs is invalid.'], + ['code' => 'Waf.Pullin.ResourceProcessing', 'message' => 'The resource is in operation, please try again later.', 'http_code' => 400, 'description' => 'The resource is in operation, please try again later.'], + ['code' => 'Waf.Pullin.RiskyDomain', 'message' => 'RT001, sorry, this domain name cannot be added due to security problems. You can appeal through the work order.', 'http_code' => 400, 'description' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.'], + ['code' => 'Waf.Pullin.UnderDDoS', 'message' => 'The current WAF instance is in the defense/blackhole state, and it is not allowed to enable the Exclusive IP/GSLB configuration', 'http_code' => 400, 'description' => 'Traffic scrubbing or blackhole filtering is triggered for the WAF instance. You cannot enable Exclusive IP Address or Shared Cluster-based Intelligent Load Balancing.'], + ['code' => 'Waf.Pullin.UnSupportedPort', 'message' => 'Return port not supported.', 'http_code' => 400, 'description' => 'The port over which requests are redirected to the origin server is not supported.'], + ['code' => 'Waf.Pullin.UnSupportedPort', 'message' => 'The port over which requests are redirected to the origin server is not supported.', 'http_code' => 400, 'description' => 'The port over which requests are redirected to the origin server is not supported.'], + ['code' => 'Waf.Report.%s', 'message' => 'Invalid parameter:%s.', 'http_code' => 400, 'description' => 'Invalid parameter:%s'], + ['code' => 'Waf.Report.InternalError', 'message' => 'Server error occurred in report service.', 'http_code' => 400, 'description' => 'Report Service Internal Error'], + ['code' => 'WafMigrating', 'message' => 'WAF user is migrating, the operation of resource does not support.', 'http_code' => 400, 'description' => 'WAF users are not allowed to access related resources during migration.'], + ['code' => 'WxbbOrWxbbJsUsed', 'message' => 'The feature of app protection is being used.', 'http_code' => 400, 'description' => 'The app protection feature is in use.'], + ['code' => 'Defense.Control.InvalidDefenseRuleConfig', 'message' => 'Invalid protection rule configuration. %s.', 'http_code' => 400, 'description' => 'Invalid protection rule configuration.'], + ], + 'changeSet' => [ + [ + 'apis' => [ + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'ModifyProtectionRuleCacheStatus'], + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'ModifyProtectionRuleStatus'], + ], + 'createdAt' => '2024-06-25T11:40:34.000Z', + 'description' => '', + ], [ - 'regionId' => 'cn-hangzhou', - 'endpoint' => 'wafopenapi.cn-hangzhou.aliyuncs.com', + 'apis' => [ + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'DescribeRules'], + ], + 'createdAt' => '2024-05-27T11:00:11.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2023-08-28T12:42:52.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeDomain'], + ], + 'createdAt' => '2023-08-22T06:08:44.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Response parameters changed, Error codes changed', 'api' => 'DescribeDomain'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2023-05-23T05:46:17.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed, Error codes changed', 'api' => 'DescribeCertificates'], + ], + 'createdAt' => '2023-04-18T02:30:52.000Z', + 'description' => '', ], [ - 'regionId' => 'ap-southeast-1', - 'endpoint' => 'wafopenapi.ap-southeast-1.aliyuncs.com', + 'apis' => [ + ['description' => 'Error codes changed', 'api' => 'DescribeWafSourceIpSegment'], + ], + 'createdAt' => '2022-09-08T14:06:27.000Z', + 'description' => '接口迁移', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'DescribeLogServiceStatus'], + ], + 'createdAt' => '2022-08-23T11:43:54.000Z', + 'description' => '修改接口参数的默认值', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'CreateDomain'], + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2022-08-22T10:01:24.000Z', + 'description' => 'WAF2.0,开放超时时间的参数。', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed, Error codes changed', 'api' => 'DescribeDomainRuleGroup'], + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'SetDomainRuleGroup'], + ], + 'createdAt' => '2022-01-18T09:08:42.000Z', + 'description' => '支持智能规则加白', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Error codes changed', 'api' => 'DescribeProtectionModuleCodeConfig'], + ], + 'createdAt' => '2021-12-07T15:36:25.000Z', + 'description' => '优化参数说明', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed, Error codes changed', 'api' => 'DescribeDomainAdvanceConfigs'], + ], + 'createdAt' => '2021-10-20T13:22:26.000Z', + 'description' => '修改返回值类型', + ], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomainIpv6Status'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainList'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionModuleMode'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomain'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyLogRetrievalStatus'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionModuleStatus'], + ['threshold' => '-1', 'countWindow' => 1, 'regionId' => '*'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionRuleStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertificates'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeLogServiceStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeWafSourceIpSegment'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'MoveResourceGroup'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainRuleGroup'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomain'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertMatchStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionRuleCacheStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCertificateByCertificateId'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCertificate'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainAdvanceConfigs'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleMode'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleGroups'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyProtectionModuleRule'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainBasicConfigs'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRules'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'SetDomainRuleGroup'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainNames'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeInstanceInfo'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteProtectionModuleRule'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyLogServiceStatus'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleRules'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDomain'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDomain'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateProtectionModuleRule'], + ['threshold' => '100', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProtectionModuleCodeConfig'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteInstance'], + ], + ], + 'ram' => [ + 'productCode' => 'WAF', + 'productName' => 'Web Application Firewall', + 'ramCodes' => ['yundun-waf'], + 'ramLevel' => 'OPERATION', + 'ramConditions' => [], + 'ramActions' => [ + [ + 'apiName' => 'ModifyDomain', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeProtectionModuleRules', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleRules', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomainAdvanceConfigs', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainAdvanceConfigs', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeInstanceInfo', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeInstanceInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomainNames', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainNames', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyProtectionRuleCacheStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionRuleCacheStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeProtectionModuleStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeRuleGroups', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleGroups', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeInstanceSpecInfo', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeInstanceSpecInfo', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyProtectionModuleMode', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionModuleMode', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteDomain', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomain', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeRules', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRules', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeCertMatchStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCertMatchStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateCertificate', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCertificate', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyProtectionRuleStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionRuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteInstance', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteInstance', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateDomain', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDomain', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'MoveResourceGroup', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:MoveResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeLogServiceStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeLogServiceStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomainBasicConfigs', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainBasicConfigs', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeProtectionModuleMode', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleMode', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomainRuleGroup', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainRuleGroup', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyProtectionModuleStatus', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionModuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeWafSourceIpSegment', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeWafSourceIpSegment', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'SetDomainRuleGroup', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:SetDomainRuleGroup', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateProtectionModuleRule', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateProtectionModuleRule', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyLogServiceStatus', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyLogServiceStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateCertificateByCertificateId', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCertificateByCertificateId', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyLogRetrievalStatus', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyLogRetrievalStatus', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyProtectionModuleRule', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyProtectionModuleRule', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDomainIpv6Status', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomainIpv6Status', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomainList', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainList', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeCertificates', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCertificates', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteProtectionModuleRule', + 'description' => '', + 'operationType' => '', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteProtectionModuleRule', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeProtectionModuleCodeConfig', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProtectionModuleCodeConfig', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAF', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'resourceTypes' => [ + ['validationType' => 'always', 'resourceType' => 'Instance', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:Instance/InstanceId'], + ['validationType' => 'always', 'resourceType' => 'Domain', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:Domain/*'], + ['validationType' => 'always', 'resourceType' => 'Domain', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:Domain/DomainId'], + ['validationType' => 'always', 'resourceType' => 'Certificate', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:Certificate/*'], ], ], ]; diff --git a/data/en_us/waf-openapi/2021-10-01/api-docs.php b/data/en_us/waf-openapi/2021-10-01/api-docs.php index 7d08d66..588198e 100644 --- a/data/en_us/waf-openapi/2021-10-01/api-docs.php +++ b/data/en_us/waf-openapi/2021-10-01/api-docs.php @@ -1,395 +1,116 @@ <?php return [ 'version' => '1.0', - 'info' => [ - 'style' => 'RPC', - 'product' => 'waf-openapi', - 'version' => '2021-10-01', - ], + 'info' => ['style' => 'RPC', 'product' => 'waf-openapi', 'version' => '2021-10-01'], 'directories' => [ [ - 'id' => 395372, - 'title' => null, + 'children' => ['CreatePostpaidInstance', 'DescribeInstance'], 'type' => 'directory', - 'children' => [ - 'CreatePostpaidInstance', - 'DescribeInstance', - 'ReleaseInstance', - ], + 'title' => 'Instance information', ], [ - 'id' => 395376, - 'title' => null, - 'type' => 'directory', 'children' => [ [ - 'id' => 395377, - 'title' => null, + 'children' => ['DescribeAbnormalCloudResources', 'ReCreateCloudResource', 'SyncProductInstance', 'DescribeCloudResources', 'DescribeResourcePort', 'DescribeProductInstances', 'DescribeResourceSupportRegions', 'DescribeResourceRegionId', 'DescribeResourceInstanceCerts', 'ModifyCloudResource', 'DescribeCloudResourceAccessedPorts', 'DescribeCloudResourceAccessPortDetails', 'ModifyCloudResourceCert', 'DescribeCloudResourceList', 'ModifyCloudResourceDefaultCert', 'DeleteCloudResourceExtensionCert', 'CreateCloudResourceExtensionCert'], 'type' => 'directory', - 'children' => [ - 'DescribeAbnormalCloudResources', - 'ReCreateCloudResource', - 'SyncProductInstance', - 'DescribeCloudResources', - 'DescribeProductInstances', - 'DescribeResourceSupportRegions', - 'DescribeResourceRegionId', - 'DescribeResourceInstanceCerts', - 'CreateCloudResource', - 'ModifyCloudResource', - 'DeleteCloudResource', - 'DescribeCloudResourceAccessedPorts', - 'DescribeCloudResourceAccessPortDetails', - 'ModifyCloudResourceCert', - 'DescribeCloudResourceList', - 'ModifyCloudResourceDefaultCert', - 'DeleteCloudResourceExtensionCert', - 'CreateCloudResourceExtensionCert', - ], - ], - [ - 'id' => 395396, - 'title' => null, + 'title' => 'Cloud service access', + ], + [ + 'children' => ['DescribeDomainUsedPorts', 'ModifyDomain', 'DescribeDomains', 'DescribePunishedDomains', 'ModifyDomainPunishStatus', 'DescribeCertDetail', 'DescribeCerts', 'DescribeDomainDNSRecord', 'DescribeWafSourceIpSegment', 'CreateSM2Cert', 'DescribeCnameCount', 'DescribeDefaultHttps', 'ModifyDefaultHttps', 'CreateCerts', 'VerifyDomainOwner', 'DescribeVerifyContent', 'ModifyDomainCert'], 'type' => 'directory', - 'children' => [ - 'DescribeDomainUsedPorts', - 'CreateDomain', - 'ModifyDomain', - 'DeleteDomain', - 'DescribeDomains', - 'DescribeDomainDetail', - 'DescribePunishedDomains', - 'ModifyDomainPunishStatus', - 'DescribeCertDetail', - 'DescribeCerts', - 'DescribeDomainDNSRecord', - 'DescribeWafSourceIpSegment', - 'DescribeResourcePort', - 'DescribeDDoSStatus', - 'CreateSM2Cert', - 'DescribeCnameCount', - 'DescribeDefaultHttps', - 'ModifyDefaultHttps', - 'CreateCerts', - 'VerifyDomainOwner', - 'DescribeVerifyContent', - 'ModifyDomainCert', - ], - ], - [ - 'id' => 395419, - 'title' => null, + 'title' => 'CNAME access', + ], + [ + 'children' => ['DescribeHybridCloudResources', 'DescribeHybridCloudProtectableCount'], 'type' => 'directory', - 'children' => [ - 'DescribeHybridCloudResources', - 'DescribeHybridCloudProtectableCount', - ], + 'title' => 'Hybrid cloud access', ], ], + 'type' => 'directory', + 'title' => 'Access configuration', ], [ - 'id' => 395422, - 'title' => null, - 'type' => 'directory', 'children' => [ [ - 'id' => 395423, - 'title' => null, + 'children' => ['CreateDefenseResource', 'DeleteDefenseResource', 'CreateDefenseResourceGroup', 'ModifyDefenseResourceGroup', 'DeleteDefenseResourceGroup', 'DescribeDefenseResourceGroup', 'DescribeDefenseResourceGroups', 'DescribeDefenseResourceGroupNames', 'DescribeDefenseResource', 'DescribeDefenseResources', 'DescribeDefenseResourceNames', 'DescribeDefenseResourceOwnerUid', 'ModifyDefenseResourceXff', 'DescribePauseProtectionStatus', 'DescribeDefenseGroupValidResources'], 'type' => 'directory', + 'title' => 'Protected objects', + ], + [ 'children' => [ - 'CreateDefenseResource', - 'DeleteDefenseResource', - 'CreateDefenseResourceGroup', - 'ModifyDefenseResourceGroup', - 'DeleteDefenseResourceGroup', - 'DescribeDefenseResourceGroup', - 'DescribeDefenseResourceGroups', - 'DescribeDefenseResourceGroupNames', - 'DescribeDefenseResource', - 'DescribeDefenseResources', - 'DescribeDefenseResourceNames', - 'DescribeDefenseResourceOwnerUid', - 'ModifyDefenseResourceXff', - 'DescribePauseProtectionStatus', - 'DescribeDefenseGroupValidResources', - ], - ], - [ - 'id' => 395439, - 'title' => null, + 'DescribeBaseRuleChangeLog', 'CreateDefenseTemplate', 'ModifyDefenseTemplate', 'ModifyDefenseTemplateStatus', 'CopyDefenseTemplate', 'DeleteDefenseTemplate', 'DescribeDefenseTemplate', 'DescribeDefenseTemplates', 'ModifyTemplateResources', 'DescribeTemplateResources', 'DescribeTemplateResourceCount', 'DescribeDefenseTemplateValidResources', 'DescribeDefenseTemplateValidGroups', 'DescribeDefenseResourceTemplates', 'CreateDefenseRule', 'ModifyDefenseRule', 'ModifyDefenseRuleStatus', 'DeleteDefenseRule', 'DescribeDefenseRules', 'DescribeDefenseRule', + 'ModifyDefenseRuleCache', 'DeleteDefenseRuleBlockIp', 'DescribeRelatedDefenseRules', 'DescribeIpAbroadCountryInfos', 'DescribeRuleGroups', 'ModifyDefenseSceneConfig', 'DescribeDefenseSceneConfig', 'DescribeDefenseRuleStatistics', 'DescribeBaseSystemRules', 'DescribeCustomBaseRuleCompileResult', 'DescribeBotRuleLabels', 'DescribeBotAppKey', + ], 'type' => 'directory', - 'children' => [ - 'CreateDefenseTemplate', - 'ModifyDefenseTemplate', - 'ModifyDefenseTemplateStatus', - 'CopyDefenseTemplate', - 'DeleteDefenseTemplate', - 'DescribeDefenseTemplate', - 'DescribeDefenseTemplates', - 'ModifyTemplateResources', - 'DescribeTemplateResources', - 'DescribeTemplateResourceCount', - 'DescribeDefenseTemplateValidResources', - 'DescribeDefenseTemplateValidGroups', - 'DescribeDefenseResourceTemplates', - 'CreateDefenseRule', - 'ModifyDefenseRule', - 'ModifyDefenseRuleStatus', - 'DeleteDefenseRule', - 'DescribeDefenseRules', - 'DescribeDefenseRule', - 'ModifyDefenseRuleCache', - 'DeleteDefenseRuleBlockIp', - 'DescribeRelatedDefenseRules', - 'DescribeIpAbroadCountryInfos', - 'DescribeRuleGroups', - 'ModifyDefenseSceneConfig', - 'DescribeDefenseSceneConfig', - 'DescribeDefenseRuleStatistics', - 'DescribeBaseSystemRules', - 'DescribeCustomBaseRuleCompileResult', - 'DescribeBotRuleLabels', - 'DescribeBotAppKey', - ], - ], - [ - 'id' => 395471, - 'title' => null, + 'title' => 'Protection rules', + ], + [ + 'children' => ['CreateMajorProtectionBlackIp', 'ModifyMajorProtectionBlackIp', 'DeleteMajorProtectionBlackIp', 'ClearMajorProtectionBlackIp', 'DescribeMajorProtectionBlackIps'], 'type' => 'directory', - 'children' => [ - 'CreateMajorProtectionBlackIp', - 'ModifyMajorProtectionBlackIp', - 'DeleteMajorProtectionBlackIp', - 'ClearMajorProtectionBlackIp', - 'DescribeMajorProtectionBlackIps', - ], + 'title' => 'Critical event protection', ], [ - 'id' => 395477, - 'title' => null, + 'children' => ['AddAddress', 'DescribeAddresses', 'DeleteAddress', 'ClearAddress'], 'type' => 'directory', - 'children' => [ - 'AddAddress', - 'DescribeAddresses', - 'DeleteAddress', - 'ClearAddress', - ], + 'title' => 'Address books', ], ], - ], - [ - 'id' => 395482, - 'title' => null, 'type' => 'directory', - 'children' => [ - 'DeleteApisecAbnormals', - 'ModifyApisecAbnormals', - 'DescribeApisecAssetTrend', - 'DescribeApisecAbnormalDomainStatistic', - 'DescribeApisecEventDomainStatistic', - 'DescribeApisecSensitiveDomainStatistic', - 'ModifyApisecEvents', - 'DeleteApisecEvents', - 'ModifyApisecLogDeliveryStatus', - 'CreateApiExport', - 'DescribeApiExports', - 'DescribeApisecAbnormals', - 'DescribeApisecApiResources', - 'ModifyApisecStatus', - 'ModifyApisecModuleStatus', - 'ModifyApisecApiResource', - 'DescribeUserEventType', - 'DescribeUserEventTrend', - 'DescribeUserAsset', - 'DescribeUserApiRequest', - 'DescribeUserAbnormalType', - 'DescribeUserAbnormalTrend', - 'DescribeSensitiveStatistic', - 'DescribeSensitiveRequests', - 'DescribeSensitiveRequestLog', - 'DescribeSensitiveOutboundTrend', - 'DescribeSensitiveOutboundStatistic', - 'DescribeSensitiveOutboundDistribution', - 'DescribeSensitiveDetectionResult', - 'DescribeSensitiveApiStatistic', - 'DescribeFreeUserEvents', - 'DescribeFreeUserEventTypes', - 'DescribeFreeUserEventCount', - 'DescribeFreeUserAssetCount', - 'DescribeApisecUserOperations', - 'DescribeApisecSuggestions', - 'DescribeApisecStatistics', - 'DescribeApisecRules', - 'DescribeApisecProtectionResources', - 'DescribeApisecProtectionGroups', - 'DescribeApisecMatchedHosts', - 'DescribeApisecEvents', - 'DescribeApisecEventDetail', - 'DescribeApisecLogDeliveries', - 'DescribeApisecSlsLogStores', - 'DescribeApisecSlsProjects', - 'ModifyApisecLogDelivery', - 'DescribeApisecExamples', - ], + 'title' => 'Protection configuration', ], [ - 'id' => 395531, - 'title' => null, - 'type' => 'directory', 'children' => [ - 'DescribeNetworkFlowTimeSeriesMetric', - 'DescribeSecurityEventTopNMetric', - 'DescribeSecurityEventTimeSeriesMetric', - 'DescribeSecurityEventLogs', - 'DescribeNetworkFlowTopNMetric', - 'DescribeFlowChart', - 'DescribePeakTrend', - 'DescribeResponseCodeTrendGraph', - 'DescribeVisitUas', - 'DescribeVisitTopIp', - 'DescribeRuleHitsTopResource', - 'DescribeRuleHitsTopRuleId', - 'DescribeRuleHitsTopTuleType', - 'DescribeRuleHitsTopUrl', - 'DescribeRuleHitsTopClientIp', - 'DescribeFlowTopResource', - 'DescribeRuleHitsTopUa', - 'DescribeFlowTopUrl', - 'DescribeThreatEventDetail', - 'DescribeThreatEvent', - 'DescribeThreatEventTopMetric', - 'DescribeAlarmList', - 'DescribeAlarmBanner', + 'DeleteApisecAbnormals', 'ModifyApisecAbnormals', 'DescribeApisecAssetTrend', 'DescribeApisecAbnormalDomainStatistic', 'DescribeApisecEventDomainStatistic', 'DescribeApisecSensitiveDomainStatistic', 'ModifyApisecEvents', 'DeleteApisecEvents', 'ModifyApisecLogDeliveryStatus', 'CreateApiExport', 'DescribeApiExports', 'DescribeApisecAbnormals', 'DescribeApisecApiResources', 'ModifyApisecStatus', 'ModifyApisecModuleStatus', 'ModifyApisecApiResource', 'DescribeUserEventType', 'DescribeUserEventTrend', 'DescribeUserAsset', 'DescribeUserApiRequest', + 'DescribeUserAbnormalType', 'DescribeUserAbnormalTrend', 'DescribeSensitiveStatistic', 'DescribeSensitiveRequests', 'DescribeSensitiveRequestLog', 'DescribeSensitiveOutboundTrend', 'DescribeSensitiveOutboundStatistic', 'DescribeSensitiveOutboundDistribution', 'DescribeSensitiveDetectionResult', 'DescribeSensitiveApiStatistic', 'DescribeFreeUserEvents', 'DescribeFreeUserEventTypes', 'DescribeFreeUserEventCount', 'DescribeFreeUserAssetCount', 'DescribeApisecUserOperations', 'DescribeApisecSuggestions', 'DescribeApisecStatistics', 'DescribeApisecRules', 'DescribeApisecProtectionResources', 'DescribeApisecProtectionGroups', + 'DescribeApisecMatchedHosts', 'DescribeApisecEvents', 'DescribeApisecEventDetail', 'DescribeApisecLogDeliveries', 'DescribeApisecSlsLogStores', 'DescribeApisecSlsProjects', 'ModifyApisecLogDelivery', 'DescribeApisecExamples', ], - ], - [ - 'id' => 395555, - 'title' => null, 'type' => 'directory', - 'children' => [ - 'DescribeUserLogFieldConfig', - 'ModifyUserLogFieldConfig', - 'DescribeCommonLogFields', - 'ModifyUserWafLogStatus', - 'DescribeUserWafLogStatus', - 'DescribeUserSlsLogRegions', - 'DescribeSlsAuthStatus', - 'DescribeSlsLogStoreStatus', - 'DescribeSlsLogStore', - 'ModifyResourceLogStatus', - 'DescribeResourceLogStatus', - 'CreateLogDeliveryConfig', - 'ModifyLogDeliveryConfig', - 'DeleteLogDeliveryConfig', - 'DescribeLogDeliveryConfig', - 'DescribeLogDeliveryConfigs', - 'ModifyResourceLogFieldConfig', - 'DescribeResourceLogFieldConfig', - 'ModifyResourceLogDeliveryStatus', - 'DescribeResourceLogDeliveryStatus', - ], + 'title' => 'API security', ], [ - 'id' => 395576, - 'title' => null, + 'children' => ['DescribeNetworkFlowTimeSeriesMetric', 'DescribeSecurityEventTopNMetric', 'DescribeSecurityEventTimeSeriesMetric', 'DescribeSecurityEventLogs', 'DescribeNetworkFlowTopNMetric', 'DescribeFlowChart', 'DescribePeakTrend', 'DescribeResponseCodeTrendGraph', 'DescribeVisitUas', 'DescribeVisitTopIp', 'DescribeRuleHitsTopResource', 'DescribeRuleHitsTopTuleType', 'DescribeFlowTopResource', 'DescribeFlowTopUrl', 'DescribeThreatEventDetail', 'DescribeThreatEvent', 'DescribeThreatEventTopMetric', 'DescribeAlarmList', 'DescribeAlarmBanner'], 'type' => 'directory', - 'children' => [ - 'DescribeHybridCloudClusterServers', - 'DescribeHybridCloudBasicMonitor', - 'CreateHybridCloudCluster', - 'DescribeHybridCloudServerRegions', - 'DescribeHybridCloudUnassignedMachines', - 'ModifyHybridCloudClusterBypassStatus', - 'DescribeHybridCloudUser', - 'DescribeHybridCloudGroups', - 'CreateHybridCloudGroup', - 'DescribeHybridCloudClusterRule', - 'DescribeHybridCloudClusters', - 'ModifyHybridCloudClusterRule', - 'ModifyHybridCloudGroup', - 'ModifyHybridCloudGroupExpansionServer', - 'ModifyHybridCloudGroupShrinkServer', - 'ModifyHybridCloudSdkPullinStatus', - 'ModifyHybridCloudServer', - 'DeleteHybridCloudClusterRule', - 'CreateHybridCloudClusterRule', - 'DescribeHybridCloudClusterRules', - 'DescribeHybridCloudProcessMonitor', - 'DescribeHybridCloudResourceDetail', - 'DescribeHybridCloudSdkServers', - 'DescribeHybridCloudSupportRegions', - 'DescribeHybridCloudUnsupportPorts', - 'DeleteHybridCloudGroup', - 'ModifyHybridCloudCluster', - ], + 'title' => 'Report information', ], [ - 'id' => 395604, - 'title' => null, + 'children' => ['DescribeUserLogFieldConfig', 'ModifyUserLogFieldConfig', 'DescribeCommonLogFields', 'ModifyUserWafLogStatus', 'DescribeUserWafLogStatus', 'DescribeUserSlsLogRegions', 'DescribeSlsAuthStatus', 'DescribeSlsLogStoreStatus', 'DescribeSlsLogStore', 'ModifyResourceLogStatus', 'DescribeResourceLogStatus', 'CreateLogDeliveryConfig', 'ModifyLogDeliveryConfig', 'DeleteLogDeliveryConfig', 'DescribeLogDeliveryConfig', 'DescribeLogDeliveryConfigs', 'ModifyResourceLogFieldConfig', 'DescribeResourceLogFieldConfig', 'ModifyResourceLogDeliveryStatus', 'DescribeResourceLogDeliveryStatus'], 'type' => 'directory', - 'children' => [ - 'CreateMemberAccounts', - 'ModifyMemberAccount', - 'DeleteMemberAccount', - 'DescribeAccountDelegatedStatus', - 'DescribeMemberAccounts', - ], + 'title' => 'Log configuration', ], [ - 'id' => 395610, - 'title' => null, - 'type' => 'directory', 'children' => [ - 'ChangeResourceGroup', + 'DescribeHybridCloudClusterServers', 'DescribeHybridCloudBasicMonitor', 'CreateHybridCloudCluster', 'DescribeHybridCloudServerRegions', 'DescribeHybridCloudUnassignedMachines', 'ModifyHybridCloudClusterBypassStatus', 'DescribeHybridCloudUser', 'DescribeHybridCloudGroups', 'CreateHybridCloudGroup', 'DescribeHybridCloudClusterRule', 'DescribeHybridCloudClusters', 'ModifyHybridCloudClusterRule', 'ModifyHybridCloudGroup', 'ModifyHybridCloudGroupExpansionServer', 'ModifyHybridCloudGroupShrinkServer', 'ModifyHybridCloudSdkPullinStatus', 'ModifyHybridCloudServer', 'DeleteHybridCloudClusterRule', 'CreateHybridCloudClusterRule', 'DescribeHybridCloudClusterRules', + 'DescribeHybridCloudProcessMonitor', 'DescribeHybridCloudResourceDetail', 'DescribeHybridCloudSdkServers', 'DescribeHybridCloudSupportRegions', 'DescribeHybridCloudUnsupportPorts', 'DeleteHybridCloudGroup', 'ModifyHybridCloudCluster', ], + 'type' => 'directory', + 'title' => 'Hybrid cloud cluster management', ], [ - 'id' => 395612, - 'title' => null, + 'children' => ['CreateMemberAccounts', 'ModifyMemberAccount', 'DeleteMemberAccount', 'DescribeAccountDelegatedStatus', 'DescribeMemberAccounts'], 'type' => 'directory', - 'children' => [ - 'ListTagKeys', - 'UntagResources', - 'ListTagResources', - 'ListTagValues', - 'TagResources', - ], + 'title' => 'Multi-account management', ], [ - 'id' => 395618, - 'title' => null, + 'children' => ['DescribeChargeResult', 'DescribeChargeModule'], 'type' => 'directory', - 'children' => [ - 'DescribeChargeResult', - 'DescribeChargeModule', - ], + 'title' => 'Pricing inquiry', ], [ - 'id' => 395621, - 'title' => null, - 'type' => 'directory', 'children' => [ - 'ModifyPauseProtectionStatus', - 'CreatePocFunction', - 'DescribePocFunctions', - 'DescribeRoleAuthStatus', - 'InitializeWafOperationRole', + 'ModifyPauseProtectionStatus', 'CreatePocFunction', 'DescribePocFunctions', 'DescribeRoleAuthStatus', 'InitializeWafOperationRole', 'DescribeElasticBills', 'DescribePrepayDailyBills', 'DescribeUserTraffic', 'ChangeResourceGroup', 'CreateCloudResource', 'CreateDomain', 'DeleteCloudResource', 'DeleteDomain', 'DescribeDDoSStatus', 'DescribeDomainDetail', 'DescribePostpayBills', 'DescribeRuleHitsTopClientIp', 'DescribeRuleHitsTopRuleId', 'DescribeRuleHitsTopUa', 'DescribeRuleHitsTopUrl', + 'ListTagKeys', 'ListTagResources', 'ListTagValues', 'ReleaseInstance', 'TagResources', 'UntagResources', ], + 'type' => 'directory', + 'title' => 'Others', ], ], 'components' => [ 'schemas' => [], ], 'apis' => [ - 'CreatePostpaidInstance' => [ - 'summary' => 'Creates a pay-as-you-go Web Application Firewall (WAF) 3.0 instance.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'AddAddress' => [ + 'summary' => 'Adds addresses to an address book.', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -397,38 +118,42 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '166793', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeCode' => '124760', + 'abilityTreeNodes' => ['FEATUREwaf4TDPM4'], ], 'parameters' => [ [ - 'name' => 'RegionId', + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], + ], + [ + 'name' => 'RuleId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the address book.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''], + ], + [ + 'name' => 'AddressList', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'description' => 'The list of addresses to add.', + 'type' => 'array', + 'items' => ['description' => 'A single address. Supports **IP** addresses or **IP** CIDR blocks, and supports both **IPv4** and **IPv6**.', 'type' => 'string', 'required' => false, 'example' => 'XX.XX.XX.XX', 'title' => ''], + 'required' => true, + 'title' => '', + 'example' => '', ], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm4gh****wela', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -437,569 +162,135 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '73A4E786-8235-50C0-9631-87C8****4A36', - ], - 'InstanceId' => [ - 'title' => '实例ID', - 'description' => 'The ID of the WAF instance.'."\n", - 'type' => 'string', - 'example' => 'waf_v2_public_cn-x0r****gr1i', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"73A4E786-8235-50C0-9631-87C8****4A36\\",\\n \\"InstanceId\\": \\"waf_v2_public_cn-x0r****gr1i\\"\\n}","type":"json"}]', - 'title' => 'CreatePostpaidInstance', - ], - 'DescribeInstance' => [ - 'summary' => 'Queries the details of a Web Application Firewall (WAF) instance within the current Alibaba Cloud account.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Defense.Control.DefenseAddressInvalid', 'errorMessage' => 'The address in the address book is illegal.', 'description' => 'The address in the address book is illegal.'], + ['errorCode' => 'Defense.Control.DefenseAddressOversize', 'errorMessage' => 'The number of addresses in the address book exceeds the limit.', 'description' => 'The number of addresses in the address book exceeds the limit.'], + ['errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'errorMessage' => 'Address book operations are too frequent.', 'description' => 'Address book operations are too frequent. Please try again later.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Add addresses to an address book', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:AddAddress', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\"\\n}","type":"json"}]', + ], + 'ChangeResourceGroup' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '107334', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], - 'autoTest' => true, + 'abilityTreeCode' => '164132', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ + 'name' => 'ResourceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF resource to operate on.', 'type' => 'string', 'required' => true, 'example' => 'demo.aliyun.com-waf', 'title' => ''], + ], + [ + 'name' => 'NewResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the new resource group. You can view available resource groups in the resource group console.', 'type' => 'string', 'required' => true, 'example' => 'rg-aek2mcq***', 'title' => ''], + ], + [ + 'name' => 'ResourceType', + 'in' => 'query', + 'schema' => ['description' => 'The resource type. Fixed value: defenseresource.', 'type' => 'string', 'required' => true, 'example' => 'defenseresource', 'title' => ''], + ], + [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'Schema of Response', 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => 'The status of the WAF instance. Valid values:'."\n" - ."\n" - .'* **1:** The WAF instance is in a normal state.'."\n" - .'* **2:** The WAF instance has expired.'."\n" - .'* **3:** The WAF instance has been released.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Details' => [ - 'title' => '实例详情', - 'description' => 'The details of the WAF instance.'."\n", - 'type' => 'object', - 'properties' => [ - 'DefenseObjectInGroupMaxCount' => [ - 'title' => '一个防护组内最大包含对象数量', - 'description' => 'The maximum number of protected objects that can be included in a protected object group.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'Tamperproof' => [ - 'description' => 'Indicates whether the website tamper-proofing module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The website tamper-proofing module is supported.'."\n" - .'* **false:** The website tamper-proofing module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'BotApp' => [ - 'description' => 'Indicates whether bot management for app protection is supported. Valid values:'."\n" - ."\n" - .'* **true:** Bot management for app protection is supported.'."\n" - .'* **false:** Bot management for app protection is not supported.'."\n", - 'type' => 'string', - 'example' => 'true', - ], - 'IpBlacklistRuleInTemplateMaxCount' => [ - 'title' => 'IP黑名单模板包含规则数', - 'description' => 'The maximum number of rules that can be included in an IP address blacklist rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'WhitelistRuleCondition' => [ - 'title' => '白名单规则匹配条件', - 'description' => 'The match fields that can be used in a whitelist rule. For more information, see **Match condition parameters** in the "**Parameters of whitelist rules (whitelist)**" section in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'example' => 'URL', - ], - 'CustomRuleCondition' => [ - 'title' => '自定义规则匹配条件', - 'description' => 'The match conditions that can be used in a custom rule. For more information, see **Match condition parameters** in the "**Parameters of custom rules (custom_acl)**" section in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'example' => 'URL', - ], - 'CustomResponse' => [ - 'title' => '支持自定义响应', - 'description' => 'Indicates whether the custom response module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The custom response module is supported.'."\n" - .'* **false:** The custom response module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'HttpPorts' => [ - 'title' => 'HTTP端口可用范围', - 'description' => 'The HTTP port range that is supported. For more information, see [View supported ports](~~385578~~).'."\n", - 'type' => 'string', - 'example' => '80', - ], - 'Gslb' => [ - 'title' => 'Gslb', - 'description' => 'Indicates whether global server load balancing (GSLB) is supported. Valid values:'."\n" - ."\n" - .'* **true:** GSLB is supported.'."\n" - .'* **false:** GSLB is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'Ipv6' => [ - 'title' => 'Ipv6', - 'description' => 'Indicates whether IPv6 is supported. Valid values:'."\n" - ."\n" - .'* **true:** IPv6 is supported.'."\n" - .'* **false:** IPv6 is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'Bot' => [ - 'description' => 'Indicates whether the bot management module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The bot management module is supported.'."\n" - .'* **false:** The bot management module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CustomRule' => [ - 'title' => '支持自定义规则', - 'description' => 'Indicates whether the custom rule module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The custom rule module is supported.'."\n" - .'* **false:** The custom rule module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'IpBlacklist' => [ - 'title' => '支持IP黑名单', - 'description' => 'Indicates whether the IP address blacklist module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The IP address blacklist module is supported.'."\n" - .'* **false:** The IP address blacklist module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CnameResourceMaxCount' => [ - 'title' => '最大可添加CNAME数', - 'description' => 'The maximum number of CNAMEs that can be added.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], - 'BackendMaxCount' => [ - 'title' => '最大回源数', - 'description' => 'The maximum number of back-to-origin IP addresses that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'ExclusiveIp' => [ - 'title' => '独享IP', - 'description' => 'Indicates whether exclusive IP addresses are supported. Valid values:'."\n" - ."\n" - .'* **true:** Exclusive IP addresses are supported.'."\n" - .'* **false:** Exclusive IP addresses are not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CustomResponseRuleInTemplateMaxCount' => [ - 'title' => '自定义响应模板包含规则数', - 'description' => 'The maximum number of rules that can be included in a custom response rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'IpBlacklistIpInRuleMaxCount' => [ - 'title' => 'IP黑名单规则包含IP数', - 'description' => 'The maximum number of IP addresses that can be added to an IP address blacklist rule.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '200', - ], - 'AclRuleMaxIpCount' => [ - 'description' => 'The maximum number of IP addresses that can be added to the match content of a match condition. For more information, see [Match conditions](~~374354~~).'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'BotTemplateMaxCount' => [ - 'description' => 'The maximum number of bot management rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '50', - ], - 'DefenseGroupMaxCount' => [ - 'title' => '最大防护组数量', - 'description' => 'The maximum number of protected object groups that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'VastIpBlacklistInFileMaxCount' => [ - 'title' => '海量IP单次上传文件IP的最大数量', - 'description' => 'The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist in a batch.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2,000', - ], - 'AntiScanTemplateMaxCount' => [ - 'title' => '扫描防护模板数', - 'description' => 'The maximum number of scan protection rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'WhitelistLogical' => [ - 'title' => '白名单规则匹配条件', - 'description' => 'The logical operators that can be used in a whitelist rule. For more information, see **Match condition parameters** in the "**Parameters of whitelist rules (whitelist)**" section in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'example' => 'contain', - ], - 'CustomRuleTemplateMaxCount' => [ - 'title' => '自定义规则模板数', - 'description' => 'The maximum number of custom rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'TamperproofTemplateMaxCount' => [ - 'description' => 'The maximum number of website tamper-proofing rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '50', - ], - 'IpBlacklistTemplateMaxCount' => [ - 'title' => '/黑名单模板数', - 'description' => 'The maximum number of IP address blacklist rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'HttpsPorts' => [ - 'title' => 'HTTPS端口可用范围', - 'description' => 'The HTTPS port range that is supported. For more information, see [View supported ports](~~385578~~).'."\n", - 'type' => 'string', - 'example' => '443', - ], - 'DlpTemplateMaxCount' => [ - 'description' => 'The maximum number of data leakage prevention rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '50', - ], - 'CustomRuleRatelimitor' => [ - 'title' => '自定义规则限速对象', - 'description' => 'The statistical object for rate limiting in a custom rule.'."\n", - 'type' => 'string', - 'example' => 'header', - ], - 'DefenseObjectMaxCount' => [ - 'title' => '最大防护对象数量', - 'description' => 'The maximum number of protected objects that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20,000', - ], - 'Dlp' => [ - 'description' => 'Indicates whether the data leakage prevention module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The data leakage prevention module is supported.'."\n" - .'* **false:** The data leakage prevention module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'DefenseObjectInTemplateMaxCount' => [ - 'title' => '一个模板内关联对象的最大数量', - 'description' => 'The maximum number of protected objects to which a protection rule template can be applied.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'CustomRuleAction' => [ - 'title' => '包含字符串', - 'description' => 'The action that can be included in a custom rule.'."\n", - 'type' => 'string', - 'example' => 'block', - ], - 'TamperproofRuleInTemplateMaxCount' => [ - 'description' => 'The maximum number of rules that can be included in a website tamper-proofing rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '50', - ], - 'DlpRuleInTemplateMaxCount' => [ - 'description' => 'The maximum number of rules that can be included in a data leakage prevention rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '50', - ], - 'WhitelistTemplateMaxCount' => [ - 'title' => '白名单模板数', - 'description' => 'The maximum number of whitelist rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'MajorProtection' => [ - 'title' => '是否支持重保', - 'description' => 'Indicates whether major event protection is supported. Valid values:'."\n" - ."\n" - .'* **true:** Major event protection is supported.'."\n" - .'* **false:** Major event protection is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'BaseWafGroupRuleTemplateMaxCount' => [ - 'title' => '基础防护规则最大数量', - 'description' => 'The maximum number of basic protection rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'BotWeb' => [ - 'description' => 'Indicates whether bot management for website protection is supported. Valid values:'."\n" - ."\n" - .'* **true:** Bot management for website protection is supported.'."\n" - .'* **false:** Bot management for website protection is not supported.'."\n", - 'type' => 'string', - 'example' => 'true', - ], - 'CustomRuleInTemplateMaxCount' => [ - 'title' => '自定义规则模板包含规则数', - 'description' => 'The maximum number of rules that can be included in a custom rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'VastIpBlacklistInOperationMaxCount' => [ - 'title' => '海量IP单次页面操作的最大数量', - 'description' => 'The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist on a page.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '500', - ], - 'WhitelistRuleInTemplateMaxCount' => [ - 'title' => '白名单模板包含规则数', - 'description' => 'The maximum number of rules that can be included in a whitelist rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'AntiScan' => [ - 'title' => '支持扫描防护', - 'description' => 'Indicates whether the scan protection module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The scan protection module is supported.'."\n" - .'* **false:** The scan protection module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CustomResponseTemplateMaxCount' => [ - 'title' => '自定义响应模板数', - 'description' => 'The maximum number of custom response rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'BaseWafGroupRuleInTemplateMaxCount' => [ - 'title' => '基础防护规则', - 'description' => 'The maximum number of protection rules that can be included in a basic protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'MajorProtectionTemplateMaxCount' => [ - 'title' => '重保模板的最大数量', - 'description' => 'The maximum number of major event protection rule templates that can be configured.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'BaseWafGroup' => [ - 'title' => '基础防护', - 'description' => 'Indicates whether the basic protection rule module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The basic protection rule module is supported.'."\n" - .'* **false:** The basic protection rule module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'Whitelist' => [ - 'title' => '是否支持白名单', - 'description' => 'Indicates whether the whitelist module is supported. Valid values:'."\n" - ."\n" - .'* **true:** The whitelist module is supported.'."\n" - .'* **false:** The whitelist module is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'LogService' => [ - 'title' => '日志服务是否开启', - 'description' => 'Indicates whether the log collection feature is supported. Valid values:'."\n" - ."\n" - .'* **true:** The log collection feature is supported.'."\n" - .'* **false:** The log collection feature is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'VastIpBlacklistMaxCount' => [ - 'title' => '海量IP的最大数量(单用户)', - 'description' => 'The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist per Alibaba Cloud account.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '50,000', - ], - 'FreeQps' => [ - 'title' => '包年包月版本默认QPS规格。', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1000', - ], - 'ExtendQps' => [ - 'title' => '包年包月版本扩展QPS。', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '10000', - ], - 'ElasticQps' => [ - 'title' => '包年包月版本的弹性后付费QPS。', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '2000', - ], - 'QpsBillingCap' => [ - 'title' => '按量付费版本的QPS阈值保护。', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '2000', - ], - ], - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', - ], - 'EndTime' => [ - 'description' => 'The expiration time of the WAF instance.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '4809859200000', - ], - 'InstanceId' => [ - 'title' => '实例ID', - 'description' => 'The ID of the WAF instance.'."\n", - 'type' => 'string', - 'example' => 'waf-cn-xxx', - ], - 'InDebt' => [ - 'description' => 'Indicates whether the WAF instance has overdue payments. Valid values:'."\n" - ."\n" - .'* **0**: The WAF instance does not have overdue payments.'."\n" - .'* **1**: The WAF instance has overdue payments.'."\n", - 'type' => 'string', - 'example' => '1', - ], - 'StartTime' => [ - 'description' => 'The purchase time of the WAF instance. The time is in the UNIX timestamp format. The time is displayed in UTC. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1668496310000', - ], - 'RegionId' => [ - 'title' => 'RegionId', - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], - 'PayType' => [ - 'description' => 'The billing method of the WAF instance. Valid values:'."\n" - ."\n" - .'* **POSTPAY:** The WAF instance uses the pay-as-you-go billing method.'."\n" - .'* **PREPAY:** The WAF instance uses the subscription billing method.'."\n", - 'type' => 'string', - 'example' => 'POSTPAY', - ], - 'Edition' => [ - 'title' => '套餐', - 'description' => 'The edition of the WAF instance.'."\n", - 'type' => 'string', - 'example' => 'default_version', - ], - 'ProcessStatus' => [ - 'type' => 'string', - ], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '0A916D48-D206-5654-8D37-***'], ], - 'description' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": 1,\\n \\"Details\\": {\\n \\"DefenseObjectInGroupMaxCount\\": 100,\\n \\"Tamperproof\\": true,\\n \\"BotApp\\": \\"true\\",\\n \\"IpBlacklistRuleInTemplateMaxCount\\": 100,\\n \\"WhitelistRuleCondition\\": \\"URL\\",\\n \\"CustomRuleCondition\\": \\"URL\\",\\n \\"CustomResponse\\": true,\\n \\"HttpPorts\\": \\"80\\",\\n \\"Gslb\\": true,\\n \\"Ipv6\\": true,\\n \\"Bot\\": true,\\n \\"CustomRule\\": true,\\n \\"IpBlacklist\\": true,\\n \\"CnameResourceMaxCount\\": 1000,\\n \\"BackendMaxCount\\": 20,\\n \\"ExclusiveIp\\": true,\\n \\"CustomResponseRuleInTemplateMaxCount\\": 100,\\n \\"IpBlacklistIpInRuleMaxCount\\": 200,\\n \\"AclRuleMaxIpCount\\": 100,\\n \\"BotTemplateMaxCount\\": 50,\\n \\"DefenseGroupMaxCount\\": 100,\\n \\"VastIpBlacklistInFileMaxCount\\": 0,\\n \\"AntiScanTemplateMaxCount\\": 20,\\n \\"WhitelistLogical\\": \\"contain\\",\\n \\"CustomRuleTemplateMaxCount\\": 20,\\n \\"TamperproofTemplateMaxCount\\": 50,\\n \\"IpBlacklistTemplateMaxCount\\": 20,\\n \\"HttpsPorts\\": \\"443\\",\\n \\"DlpTemplateMaxCount\\": 50,\\n \\"CustomRuleRatelimitor\\": \\"header\\",\\n \\"DefenseObjectMaxCount\\": 0,\\n \\"Dlp\\": true,\\n \\"DefenseObjectInTemplateMaxCount\\": 100,\\n \\"CustomRuleAction\\": \\"block\\",\\n \\"TamperproofRuleInTemplateMaxCount\\": 50,\\n \\"DlpRuleInTemplateMaxCount\\": 50,\\n \\"WhitelistTemplateMaxCount\\": 20,\\n \\"MajorProtection\\": true,\\n \\"BaseWafGroupRuleTemplateMaxCount\\": 20,\\n \\"BotWeb\\": \\"true\\",\\n \\"CustomRuleInTemplateMaxCount\\": 100,\\n \\"VastIpBlacklistInOperationMaxCount\\": 500,\\n \\"WhitelistRuleInTemplateMaxCount\\": 100,\\n \\"AntiScan\\": true,\\n \\"CustomResponseTemplateMaxCount\\": 20,\\n \\"BaseWafGroupRuleInTemplateMaxCount\\": 100,\\n \\"MajorProtectionTemplateMaxCount\\": 20,\\n \\"BaseWafGroup\\": true,\\n \\"Whitelist\\": true,\\n \\"LogService\\": true,\\n \\"VastIpBlacklistMaxCount\\": 0,\\n \\"FreeQps\\": 1000,\\n \\"ExtendQps\\": 10000,\\n \\"ElasticQps\\": 2000,\\n \\"QpsBillingCap\\": 2000\\n },\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"EndTime\\": 4809859200000,\\n \\"InstanceId\\": \\"waf-cn-xxx\\",\\n \\"InDebt\\": \\"1\\",\\n \\"StartTime\\": 1668496310000,\\n \\"RegionId\\": \\"cn-hangzhou\\",\\n \\"PayType\\": \\"POSTPAY\\",\\n \\"Edition\\": \\"default_version\\",\\n \\"ProcessStatus\\": \\"order_pending_payment\\"\\n}","type":"json"}]', - 'title' => 'DescribeInstance', - ], - 'ReleaseInstance' => [ - 'summary' => 'Releases a Web Application Firewall (WAF) 3.0 instance.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'Change resource group', + 'summary' => 'Modifies the resource group to which a protected object belongs.', + 'changeSet' => [ + ['createdAt' => '2024-11-13T11:01:28.000Z', 'description' => 'Request parameters changed, Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ChangeResourceGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + 'additionalActions' => [ + ['action' => 'yundun-waf:ChangeResourceGroup', 'validationType' => 'always'], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0A916D48-D206-5654-8D37-***\\"\\n}","type":"json"}]', + ], + 'ClearAddress' => [ + 'summary' => 'Clears all addresses from an address book.', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -1010,47 +301,26 @@ 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '115002', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], - 'autoTest' => true, + 'abilityTreeCode' => '124760', + 'abilityTreeNodes' => ['FEATUREwaf4TDPM4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> Obtain the ID of the WAF instance by calling the [DescribeInstance](~~433756~~) operation.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz****hw0u', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the address book.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -1059,368 +329,382 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '65626467-8002-5022-9F5F-***', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '276D7566-31C9-4192-9DD1-51B10D*****', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"65626467-8002-5022-9F5F-***\\"\\n}","type":"json"}]', - 'title' => 'ReleaseInstance', - ], - 'DescribeAbnormalCloudResources' => [ - 'summary' => '查询异常的云产品接入资源', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'errorMessage' => 'Address book operations are too frequent.', 'description' => 'Address book operations are too frequent. Please try again later.'], + ], ], - 'schemes' => [ - 'https', + 'title' => 'Clear all addresses from an address book', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:ClearAddress', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"276D7566-31C9-4192-9DD1-51B10D*****\\"\\n}","type":"json"}]', + ], + 'ClearMajorProtectionBlackIp' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'none', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '265430', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafMF0FT6', - ], + 'abilityTreeCode' => '124771', + 'abilityTreeNodes' => ['FEATUREwaf2KYU04'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], + ], + [ + 'name' => 'TemplateId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '5132', 'title' => ''], + ], + [ + 'name' => 'RuleId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the IP blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20012033', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response', + 'description' => 'The data returned.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request', - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-***', - ], - 'AbnormalCloudResources' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'ResourceInstanceId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'lb-***', - ], - 'ResourceInstancePort' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '80', - ], - 'ResourceInstanceName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test-name', - ], - 'ResourceProduct' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'clb7', - ], - 'Reason' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'CertExpired', - ], - 'Details' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Code' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'CertExpired', - ], - 'CertName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test-name', - ], - 'ProductCertId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'ProductCertName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test-name', - ], - 'ProductDomainExtension' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'www.test.com', - ], - 'AppliedType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'default', - ], - 'CommonName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'www.test.com'."\n", - ], - 'ExpireTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1735009193', - ], - ], - ], - ], - 'CloudResourceId' => [ - 'type' => 'string', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.CertNotExist', - 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.ResourceNotExist', - 'errorMessage' => 'The accessed resource already exists. Resource:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.AlreadyAccessed', - 'errorMessage' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', + 'title' => 'ClearMajorProtectionBlackIp', + 'summary' => 'Clears the IP blacklist for a critical event protection rule.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ClearMajorProtectionBlackIp'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:ClearMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-***\\",\\n \\"AbnormalCloudResources\\": [\\n {\\n \\"ResourceInstanceId\\": \\"lb-***\\",\\n \\"ResourceInstancePort\\": 80,\\n \\"ResourceInstanceName\\": \\"test-name\\",\\n \\"ResourceProduct\\": \\"clb7\\",\\n \\"Reason\\": \\"CertExpired\\",\\n \\"Details\\": [\\n {\\n \\"Code\\": \\"CertExpired\\",\\n \\"CertName\\": \\"test-name\\",\\n \\"ProductCertId\\": \\"123-cn-hangzhou\\",\\n \\"ProductCertName\\": \\"test-cert-name\\",\\n \\"ProductDomainExtension\\": \\"www.test.com\\",\\n \\"AppliedType\\": \\"default\\",\\n \\"CommonName\\": \\"www.test.com\\\\n\\",\\n \\"ExpireTime\\": 1735009193\\n }\\n ],\\n \\"CloudResourceId\\": \\"lb-***-80-clb7\\"\\n }\\n ]\\n}","type":"json"}]', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]', ], - 'ReCreateCloudResource' => [ - 'summary' => '重新接入云产品', - 'methods' => [ - 'post', + 'CopyDefenseTemplate' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'readAndWrite', + 'systemTags' => ['operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free'], + 'parameters' => [ + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-lbj****x10g', 'title' => ''], + ], + [ + 'name' => 'TemplateId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the protection template that you want to copy.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the newly created protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '12346', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + ], + ], + 'title' => 'CopyDefenseTemplate', + 'summary' => 'Copies a protection template.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CopyDefenseTemplate'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CopyDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"TemplateId\\": 12346\\n}","type":"json"}]', + ], + 'CreateApiExport' => [ + 'summary' => 'Creates an API security data export task.', + 'methods' => ['get', 'post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'none', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '264065', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafMF0FT6', - ], + 'abilityTreeCode' => '156330', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zxu3***', 'title' => ''], ], [ - 'name' => 'ResourceInstanceId', + 'name' => 'Region', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'lb-bp1*****jqnnqk5uj2p', - 'deprecated' => true, - ], + 'schema' => ['description' => 'The language type. Valid values:'."\n" + ."\n" + .'- **cn** (default): Chinese.'."\n" + .'- **en**: English.', 'type' => 'string', 'required' => false, 'default' => 'cn', 'example' => 'cn', 'title' => ''], ], [ - 'name' => 'Port', + 'name' => 'ZoneId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '443', - 'deprecated' => true, - ], + 'schema' => ['description' => 'The time zone ID.', 'type' => 'string', 'required' => false, 'example' => 'Asia/Shanghai', 'title' => ''], ], [ - 'name' => 'ResourceProduct', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'clb7', - 'enum' => [ - 'clb7', - ], - 'deprecated' => true, - ], + 'schema' => ['description' => 'The type of the export task. Valid values:'."\n" + ."\n" + .'- **apisec_api** (default): API asset task.'."\n" + ."\n" + .'- **apisec_abnormal**: API risk task.'."\n" + ."\n" + .'- **apisec_event**: API security event task.', 'type' => 'string', 'required' => false, 'default' => 'apisec_api', 'example' => 'apisec_api', 'title' => ''], ], [ - 'name' => 'CloudResourceId', + 'name' => 'Param', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The extended parameters of the export task. You can filter the exported content by specifying conditions. The value is a JSON string constructed from a series of parameters.'."\n" + .'> The specific parameters vary depending on the specified **export task type** (**Type**). For more information, refer to **Export task parameter description**.', 'type' => 'string', 'required' => false, 'example' => '{'."\n" + .' "startTime": 1741449600,'."\n" + .' "endTime": 1744079820,'."\n" + .' "sensitiveLevel": "L1"'."\n" + .'}', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '993', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '62382992-F9AA-52B2-9147-66B3B9E51D74', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.CertNotExist', - 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.ResourceNotExist', - 'errorMessage' => 'The accessed resource already exists. Resource:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.AlreadyAccessed', - 'errorMessage' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.CertExpired', - 'errorMessage' => 'Certificate expired, certificate ID:%s .', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudProductParamNotMatch', - 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudResourceInvalid', - 'errorMessage' => 'CloudResourceId parameter is illegal.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudProductParamEmpty', - 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Create an API security data export task', + 'requestParamsDescription' => '## Export task parameter description.'."\n" + .'### API asset task (**apisec_api**)'."\n" + .'#### Parameter description'."\n" + .'For detailed valid values of the parameters, refer to the parameters with the same names in the [DescribeApisecApiResources](~~DescribeApisecApiResources~~) operation.'."\n" + .'|Name|Type|Example|Description|'."\n" + .'| ----------| ------------ | ---------- | -----------|'."\n" + .'|startTime | Integer|1741449600| The start time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n" + .'| EndTime | Integer|1744097760| The end time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n" + .'| MatchedHost | String|a.aliyun.com| The domain name or IP address to which the API belongs.|'."\n" + .'| ApiFormat | String|/auth/login| The API path.|'."\n" + .'| SensitiveType | String|1004| The type of sensitive data in the response.|'."\n" + .'| ApiStatus | String|OfflineInterface| The status of the API.|'."\n" + .'| Follow | Long|0| Specifies whether the API is followed.|'."\n" + .'| ApiType | String| innerAPI | The service object.|'."\n" + .'| ApiTag | String|SendMail| The business purpose of the API.|'."\n" + .'| SensitiveLevel | String| L3 | The sensitivity level of the API.|'."\n" + .'| ApiMethod | String| POST | The request method of the API.|'."\n" + .'| RequestSensitiveType | String|1004,1005| The type of sensitive information in the request.|'."\n" + .'| AuthFlag | String|0| Specifies whether an authentication field exists.|'."\n" + ."\n\n" + .'### API risk task (**apisec_abnormal**)'."\n" + .'#### Parameter description'."\n" + .'For detailed valid values of the parameters, refer to the parameters with the same names in the [DescribeApisecAbnormals](~~DescribeApisecAbnormals~~) operation.'."\n" + .'|Name|Type|Example|Description|'."\n" + .'| ----------| ------------ | ---------- | -----------|'."\n" + .'|startTime | Integer|1741449600| The start time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n" + .'| EndTime | Integer|1744097760| The end time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n" + .'| MatchedHost | String|a.aliyun.com| The domain name or IP address to which the API belongs.|'."\n" + .'| ApiFormat | String|/api/users/login| The API path.|'."\n" + .'| AbnormalLevel | String|medium| The risk level.|'."\n" + .'| AbnormalTag | String| LackOfSpeedLimit | The risk type.|'."\n" + .'| UserStatus | String| Confirmed | The risk status.|'."\n" + .'| Origin | String| custom | The source of the risk type.|'."\n" + .'| ApiTag | String|SendMail| The business purpose of the API.|'."\n" + ."\n\n" + .'### API event task (**apisec_event**)'."\n" + .'#### Parameter description'."\n" + .'For detailed valid values of the parameters, refer to the parameters with the same names in the [DescribeApisecEvents](~~DescribeApisecEvents~~) operation.'."\n" + .'|Name|Type|Example|Description|'."\n" + .'| ----------| ------------ | ---------- | -----------|'."\n" + .'| StartTs | Integer|1741449600| The start time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n" + .'| EndTs | Integer|1744097760| The end time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n" + .'| MatchedHost | String|a.aliyun.com| The domain name or IP address to which the API belongs.|'."\n" + .'| ApiFormat | String|/api/users/login| The API path.|'."\n" + .'| EventLevel | String|medium| The event level.|'."\n" + .'| EventTag | String| ObtainSensitiveUnauthorized | The event type.|'."\n" + .'| UserStatus | String| Confirmed | The event status.|'."\n" + .'| Origin | String| custom | The source of the event type.|'."\n" + .'| ApiTag | String|SendMail| The business purpose of the API.|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateApiExport'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateApiExport', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"62382992-F9AA-52B2-9147-66B3B9E51D74\\"\\n}","type":"json"}]', ], - 'SyncProductInstance' => [ - 'summary' => 'Synchronizes Elastic Compute Service (ECS), Classic Load Balancer (CLB), and Network Load Balancer (NLB) instances to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'CreateCerts' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -1431,47 +715,44 @@ 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '143827', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeCode' => '167792', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ + 'name' => 'CertName', + 'in' => 'query', + 'schema' => ['description' => 'The certificate name.', 'type' => 'string', 'required' => false, 'example' => 'testrsa1', 'title' => ''], + ], + [ + 'name' => 'CertContent', + 'in' => 'query', + 'schema' => ['description' => 'The content of the certificate file.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN CERTIFICATE----- 62EcYPWd2****s6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02S****gIEeg== -----END CERTIFICATE----- ', 'title' => ''], + ], + [ + 'name' => 'CertKey', + 'in' => 'query', + 'schema' => ['description' => 'The content of the private key file that corresponds to the certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3U****RgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8****K5G04RtKadOw== -----END RSA PRIVATE KEY----- ', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-zsk****fb09', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-20p****nw01', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm4co****f5qa', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -1480,568 +761,570 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '45BA2382-7C3F-5B29-9A83-C3BCE586****', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5BBA38B1-07AE-559F-8766-AB50****C300', 'title' => ''], + 'CertIdentifier' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '123456-cn-hangzhou', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"45BA2382-7C3F-5B29-9A83-C3BCE586****\\"\\n}","type":"json"}]', - 'title' => 'SyncProductInstance', - 'description' => 'SyncProductInstance is an asynchronous operation. You can call the [DescribeProductInstances](~~2743168~~) operation to query the status of the task.'."\n", - ], - 'DescribeCloudResources' => [ - 'summary' => 'Queries cloud service resources that are added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Upload an international certificate to WAF for cNAME-based access', + 'summary' => 'Uploads an international certificate to WAF for CNAME-based access.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCerts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5BBA38B1-07AE-559F-8766-AB50****C300\\",\\n \\"CertIdentifier\\": \\"123456-cn-hangzhou\\"\\n}","type":"json"}]', + ], + 'CreateCloudResource' => [ + 'summary' => 'Connects a cloud service to WAF in cloud native mode. Currently, only ECS and CLB are supported.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '112176', - 'abilityTreeNodes' => [ - 'FEATUREwafJ7PT1V', - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafM61JTL', - 'FEATUREwafFJZ9SV', - 'FEATUREwafL6Q7OZ', - ], + 'abilityTreeCode' => '226535', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-lbj****cn0c', - 'default' => '', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''], ], [ - 'name' => 'ResourceInstanceId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '资源的实例ID', - 'description' => 'The ID of the resource.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'alb-43glijk0fr****gths', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'ResourceName', + 'name' => 'Listen', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'title' => '资源的实例名称', - 'description' => 'The name of the resource.'."\n", - 'type' => 'string', - 'deprecated' => true, - 'required' => false, - 'example' => 'alb-name', + 'description' => 'The listening configuration.', + 'type' => 'object', + 'properties' => [ + 'TLSVersion' => ['description' => 'The TLS version to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + .'- **tlsv1**'."\n" + .'- **tlsv1.1**'."\n" + .'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Specifies whether TLS 1.3 is supported. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of cipher suite to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites. This value is available only when **TLSVersion** is set to **tlsv1.2**.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + 'CustomCiphers' => [ + 'description' => 'The specific custom cipher suites to add. This parameter is used only when **CipherSuite** is set to **99**.', + 'type' => 'array', + 'items' => ['description' => 'The specific custom cipher suites to add. This parameter is used only when **CipherSuite** is set to **99**.', 'type' => 'string', 'required' => false, 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'ResourceProduct' => [ + 'description' => 'The cloud service type. Valid values:'."\n" + ."\n" + .'- **clb4**: Layer 4 CLB.'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **ecs**: ECS.'."\n" + .'- **nlb**: NLB.'."\n" + .'- **ddos**: Anti-DDoS.', + 'type' => 'string', + 'required' => true, + 'enum' => ['ecs', 'clb4', 'clb7', 'nlb', 'ddos'], + 'example' => 'clb4', + 'title' => '', + ], + 'Port' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''], + 'ResourceInstanceId' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'required' => false, 'example' => 'lb-bp1*****', 'title' => ''], + 'Protocol' => [ + 'description' => 'The protocol type. Valid values:'."\n" + .'- **http**: HTTP.'."\n" + .'- **https**: HTTPS.', + 'type' => 'string', + 'required' => false, + 'enum' => ['http', 'https'], + 'example' => 'http', + 'title' => '', + ], + 'Certificates' => [ + 'description' => 'The list of certificate IDs.', + 'type' => 'array', + 'items' => [ + 'description' => 'The certificate information.', + 'type' => 'object', + 'properties' => [ + 'CertificateId' => ['description' => 'The ID of the certificate to add.'."\n" + ."\n" + .'> You can call [DescribeResourceInstanceCerts](~~2718120~~) to query the IDs of all SSL certificates associated with the cloud service instance.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''], + 'AppliedType' => ['description' => 'The certificate type for the HTTPS protocol. Valid values:'."\n" + ."\n" + .'- **default**: default certificate.'."\n" + ."\n" + .'- **extension**: extended certificate.', 'type' => 'string', 'required' => false, 'example' => 'default', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'Http2Enabled' => ['description' => 'Specifies whether to enable HTTP/2. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 is enabled.'."\n" + ."\n" + .'- **false** (default): HTTP/2 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'ResourceRegionId' => ['description' => 'The region ID of the cloud service.'."\n" + ."\n\n" + ."\n" + .'> This parameter is required when the instance ID to be connected has not been synchronized to WAF.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + 'Domain' => ['description' => 'The domain name connected to WAF.'."\n" + .'> This parameter is required only when the cloud service type is ddos. For other service types, leave this field empty.', 'type' => 'string', 'required' => false, 'example' => 'www.c**sw.net', 'title' => ''], + ], + 'required' => true, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ResourceRegionId', + 'name' => 'Redirect', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'title' => '资源归属RegionId', - 'description' => 'The region ID of the resource. For information about region IDs, see the following table.'."\n" - ."\n" - .'> Different cloud services are available in different regions. The specified cloud service must be available in the specified region.'."\n", - 'type' => 'string', + 'description' => 'The forwarding configuration.', + 'type' => 'object', + 'properties' => [ + 'RequestHeaders' => [ + 'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**], where **_key_** specifies the custom request header field and **_value_** specifies the value of the field.'."\n" + ."\n" + .'> If the custom header field already exists in the request, the system overwrites the value of the field with the specified traffic mark value.', + 'type' => 'array', + 'items' => [ + 'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**], where **_key_** specifies the custom request header field and **_value_** specifies the value of the field.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'key1', 'title' => ''], + 'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'value1', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'maxItems' => 5, + 'title' => '', + 'example' => '', + ], + 'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n" + ."\n" + .'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n" + ."\n" + .'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n" + ."\n" + .'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + 'XffHeaders' => [ + 'description' => 'The list of custom header fields used to obtain the client IP address, in the format of [**"header1","header2",...**].'."\n" + ."\n" + .'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.', + 'type' => 'array', + 'items' => ['description' => 'The list of custom header fields used to obtain the client IP address, in the format of [**"header1","header2",...**].'."\n" + ."\n" + .'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.', 'type' => 'string', 'required' => false, 'example' => 'header1', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n" + .'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'example' => '1', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n" + .'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'example' => '1', 'title' => ''], + 'Keepalive' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n" + ."\n" + .'- **true** (default): Persistent connections are enabled.'."\n" + ."\n" + .'- **false**: Persistent connections are disabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], + 'KeepaliveRequests' => ['description' => 'The number of requests that can reuse a persistent connection. Valid values: 60 to 1000.'."\n" + ."\n" + .'> After persistent connections are enabled, this parameter specifies how many requests can reuse a persistent connection.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 10 to 3600. Default value: 3600. Unit: seconds.'."\n" + ."\n" + .'> Specifies how long an idle persistent connection can remain open before it is released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '3600', 'required' => false, 'example' => '3600', 'title' => ''], + 'XffProto' => ['description' => 'Specifies whether to use X-Forward-For-Proto to pass the protocol used by WAF. Valid values:'."\n" + ."\n" + .'- **true** (default): The protocol used by WAF is passed.'."\n" + ."\n" + .'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.'."\n" + .'> Only Ultimate Edition supports this parameter.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'required' => false], + ], 'required' => false, - 'example' => 'cn-beijing', + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ResourceProduct', + 'name' => 'Tag', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'title' => '资源所属产品', - 'description' => 'The cloud service to which the resource belongs. If you do not specify this parameter, the system automatically returns the Application Load Balancer (ALB), Microservices Engine (MSE), Function Compute, and Serverless App Engine (SAE) resources that are added to WAF. Valid values:'."\n" - ."\n" - .'* **alb**: ALB.'."\n" - .'* **mse**: MSE.'."\n" - .'* **fc**: Function Compute.'."\n" - .'* **sae**: SAE.'."\n" - .'* **ecs**: Elastic Compute Service (ECS).'."\n" - .'* **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **nlb**: Network Load Balancer (NLB).'."\n" - ."\n" - .'> Different cloud services are available in different regions. The specified cloud service must be available in the specified region.'."\n", - 'type' => 'string', + 'title' => '', + 'description' => 'The list of tags. A maximum of 20 tags can be specified.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Key' => ['title' => '', 'description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'TagKey1'], + 'Value' => ['title' => '', 'description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1'], + ], + 'required' => false, + 'description' => '', + 'title' => '', + 'example' => '', + ], 'required' => false, - 'example' => 'alb', + 'maxItems' => 21, + 'example' => '', ], ], [ - 'name' => 'PageNumber', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'OwnerUserId', 'in' => 'query', + 'schema' => ['description' => 'The UID of the current resource ownership.', 'type' => 'string', 'required' => false, 'example' => '123', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '100', - 'minimum' => '10', - 'example' => '10', - 'default' => '10', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''], + 'CloudResourceId' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF.', 'type' => 'string', 'example' => 'lb-***', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"CloudResourceId\\": \\"lb-***\\"\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Connect a cloud service to WAF', + 'changeSet' => [ + ['createdAt' => '2024-12-12T08:00:42.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-10-10T12:43:20.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCloudResource'], + ], + ], + 'ramActions' => [ [ - 'name' => 'ResourceRouteName', - 'in' => 'query', - 'schema' => [ - 'description' => 'The route name. You can use this parameter if you set ResourceProduct to mse.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'mse-default-traffic', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCloudResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], ], ], + ], + ], + 'CreateCloudResourceExtensionCert' => [ + 'path' => '', + 'methods' => ['post'], + 'schemes' => ['https'], + 'security' => [ [ - 'name' => 'ResourceDomain', - 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name. You can use this parameter if you set ResourceProduct to fc or sae.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'fc-domain-test', - ], + 'AK' => [], ], + ], + 'operationType' => 'write', + 'deprecated' => false, + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'], + ], + 'parameters' => [ [ - 'name' => 'ResourceFunction', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The function name. You can use this parameter if you set ResourceProduct to fc.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'fc-test', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'OwnerUserId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud account to which the resource belongs.', - 'type' => 'string', - 'required' => false, - 'example' => '11769793******', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''], ], [ - 'name' => 'ResourceInstanceName', + 'name' => 'CloudResourceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test-name', - ], + 'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF during cloud native mode access.'."\n" + ."\n" + .'> You can call the [CreateCloudResource](~~2839876~~) operation to connect a resource, and then view the resource ID in the response.', 'type' => 'string', 'required' => true, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'CertId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm4gh****wela', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'Schema of Response', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of cloud service resources returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '121', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'C327F81A-CCE2-5B21-817C-F93E29C5****', - ], - 'CloudResources' => [ - 'description' => 'The cloud service resources that are added to WAF.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The cloud service resource.'."\n", - 'type' => 'object', - 'properties' => [ - 'ResourceRouteName' => [ - 'description' => 'The route name. This parameter has a value only if the value of ResourceProduct is mse.'."\n", - 'type' => 'string', - 'example' => 'test-route-name', - ], - 'ResourceRegionId' => [ - 'title' => 'RegionId', - 'description' => 'The region ID of the resource.'."\n", - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], - 'ResourceFunction' => [ - 'description' => 'The function name. This parameter has a value only if the value of ResourceProduct is fc.'."\n", - 'type' => 'string', - 'example' => 'test-resource-function', - ], - 'ResourceName' => [ - 'title' => '实例名称', - 'description' => 'The name of the resource.'."\n", - 'type' => 'string', - 'deprecated' => true, - 'example' => 'test-resource-name', - ], - 'ResourceInstance' => [ - 'description' => 'The ID of the resource.'."\n", - 'type' => 'string', - 'deprecated' => true, - 'example' => 'alb-ffff****', - 'title' => '', - ], - 'ResourceProduct' => [ - 'description' => 'The cloud service to which the resource belongs. Valid values:'."\n" - ."\n" - .'* **alb**: ALB.'."\n" - .'* **mse**: MSE.'."\n" - .'* **fc**: Function Compute.'."\n" - .'* **sae**: SAE.'."\n" - .'* **ecs**: ECS.'."\n" - .'* **clb4**: Layer 4 CLB.'."\n" - .'* **clb7**: Layer 7 CLB.'."\n", - 'type' => 'string', - 'example' => 'alb', - ], - 'ResourceService' => [ - 'description' => 'The service name. This parameter has a value only if the value of ResourceProduct is fc.'."\n", - 'type' => 'string', - 'example' => 'test-resource-service', - ], - 'ResourceDomain' => [ - 'description' => 'The domain name. This parameter has a value only if the value of ResourceProduct is fc or sae.'."\n", - 'type' => 'string', - 'example' => 'test-resource-domain', - ], - 'OwnerUserId' => [ - 'description' => 'The ID of the Alibaba Cloud account to which the resource belongs.', - 'type' => 'string', - 'example' => '11769793******', - ], - 'HttpPortCount' => [ - 'description' => 'The number of the HTTP ports that are added to WAF.'."\n" - ."\n" - .'> This parameter is returned only if the cloud service is ECS or CLB.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'HttpsPortCount' => [ - 'description' => 'The number of the HTTPS ports that are added to WAF.'."\n" - ."\n" - .'> This parameter is returned only if the cloud service is ECS or CLB.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'ResourceInstanceIp' => [ - 'description' => 'The IP address of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'example' => '1.1.1.1', - ], - 'ResourceInstanceId' => [ - 'description' => 'The ID of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'example' => 'lb-uf60ub45fr9b***', - ], - 'ResourceInstanceName' => [ - 'description' => 'The name of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'example' => 'test-name', - ], - ], - ], - ], + 'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 121,\\n \\"RequestId\\": \\"C327F81A-CCE2-5B21-817C-F93E29C5****\\",\\n \\"CloudResources\\": [\\n {\\n \\"ResourceRouteName\\": \\"test-route-name\\",\\n \\"ResourceRegionId\\": \\"cn-hangzhou\\",\\n \\"ResourceFunction\\": \\"test-resource-function\\",\\n \\"ResourceName\\": \\"test-resource-name\\",\\n \\"ResourceInstance\\": \\"alb-ffff****\\",\\n \\"ResourceProduct\\": \\"alb\\",\\n \\"ResourceService\\": \\"test-resource-service\\",\\n \\"ResourceDomain\\": \\"test-resource-domain\\",\\n \\"OwnerUserId\\": \\"11769793******\\",\\n \\"HttpPortCount\\": 1,\\n \\"HttpsPortCount\\": 1,\\n \\"ResourceInstanceIp\\": \\"1.1.1.1\\",\\n \\"ResourceInstanceId\\": \\"lb-uf60ub45fr9b***\\",\\n \\"ResourceInstanceName\\": \\"test-name\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeCloudResources', - 'requestParamsDescription' => '|Region ID|Region name|Supported service|'."\n" - .'|---|---|---|'."\n" - .'|cn-hangzhou|China (Hangzhou)|SAE,ALB,FC,MSE,ECS,CLB|'."\n" - .'|cn-shanghai|China (Shanghai)|SAE,ALB,FC,MSE,ECS,CLB|'."\n" - .'|cn-shenzhen|China (Shenzhen)|SAE,ALB,FC,MSE,ECS,CLB|'."\n" - .'|cn-beijing|China (Beijing)|SAE,ALB,FC,MSE,ECS,CLB|'."\n" - .'|cn-zhangjiakou|China (Zhangjiakou)|SAE,ALB,FC,MSE,ECS,CLB|'."\n" - .'|cn-chengdu|China (Chengdu)|ALB,ECS,CLB|'."\n" - .'|cn-qingdao|China (Qingdao)|ALB,ECS,CLB|'."\n" - .'|cn-guangzhou|China (Guangzhou)|ALB|'."\n" - .'|cn-wulanchabu|China (Ulanqab)|ALB|'."\n" - .'|cn-hongkong|China (Hong Kong)|ALB,MSE,ECS,CLB|'."\n" - .'|cn-fuzhou|China (Fuzhou - Local Region)|ALB|'."\n" - .'|ap-southeast-6|Philippines (Manila)|ALB|'."\n" - .'|ap-southeast-5|Indonesia (Jakarta)|ALB,ECS,CLB|'."\n" - .'|ap-northeast-1|Japan (Tokyo)|ALB|'."\n" - .'|ap-southeast-3|Malaysia (Kuala Lumpur)|ALB,MSE,ECS,CLB|'."\n" - .'|ap-southeast-1|Singapore|ALB,MSE|'."\n" - .'|eu-central-1|Germany (Frankfurt)|ALB|'."\n" - .'|us-west-1|US (Silicon Valley)|ALB|'."\n" - .'|us-east-1|US (Virginia)|ALB|', - ], - 'DescribeProductInstances' => [ - 'summary' => 'Queries the cloud service instances to be added to Web Application Firewall (WAF) in transparent proxy mode.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'Add an extension certificate for a cloud native mode resource', + 'summary' => 'Adds an extension certificate for a cloud native mode resource.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCloudResourceExtensionCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + ], + 'CreateDefenseResource' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '144614', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - ], + 'abilityTreeCode' => '106302', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-zxu****9d02', - ], + 'schema' => ['description' => 'The name of the protected object.'."\n" + ."\n" + .'> - Only protected objects of hybrid cloud deployments support custom names.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'abctest.com'], ], [ - 'name' => 'ResourceInstanceId', + 'name' => 'Product', 'in' => 'query', - 'schema' => [ - 'title' => '资源的实例ID', - 'description' => 'The ID of the instance.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'lb-2zeugkfj81jvo****4tqm', - ], + 'schema' => ['description' => 'The name of the Alibaba Cloud service. Valid values:'."\n" + ."\n" + .'- **alb**: Application Load Balancer (ALB).'."\n" + ."\n" + .'- **ecs**: Elastic Compute Service (ECS).'."\n" + ."\n" + .'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **nlb**: Network Load Balancer (NLB).'."\n" + ."\n" + .'- **waf**: Web Application Firewall (WAF).', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ecs'], ], [ - 'name' => 'ResourceName', + 'name' => 'ResourceGroup', 'in' => 'query', - 'schema' => [ - 'title' => '资源的实例名称', - 'description' => 'The name of the instance.'."\n", - 'type' => 'string', - 'deprecated' => true, - 'required' => false, - 'example' => 'exampleResourceName', - ], + 'schema' => ['description' => 'The name of the protection group to which the protected object is added.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'testGroup'], ], [ - 'name' => 'ResourceRegionId', + 'name' => 'ResourceOrigin', 'in' => 'query', - 'schema' => [ - 'title' => '资源归属RegionId', - 'description' => 'The region ID of the instance. Valid values:'."\n" - ."\n" - .'* **cn-chengdu**: China (Chengdu).'."\n" - .'* **cn-beijing**: China (Beijing).'."\n" - .'* **cn-zhangjiakou**: China (Zhangjiakou).'."\n" - .'* **cn-hangzhou**: China (Hangzhou).'."\n" - .'* **cn-shanghai**: China (Shanghai).'."\n" - .'* **cn-shenzhen**: China (Shenzhen).'."\n" - .'* **cn-qingdao**: China (Qingdao).'."\n" - .'* **cn-hongkong**: China (Hong Kong).'."\n" - .'* **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" - .'* **ap-southeast-5**: Indonesia (Jakarta).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The origin type of the protected object. Valid values:'."\n" + ."\n" + .'- **custom**: a user-defined protected object.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'custom'], ], [ - 'name' => 'ResourceProduct', + 'name' => 'Pattern', 'in' => 'query', - 'schema' => [ - 'title' => '资源所属产品', - 'description' => 'The cloud service to which the instance belongs. Valid values:'."\n" - ."\n" - .'* **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **ecs**: Elastic Compute Service (ECS).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'clb7', - ], + 'schema' => ['description' => 'The type of the protected object. Valid values:'."\n" + ."\n" + .'- **domain**: domain name.'."\n" + ."\n" + .'- **multi\\_service**: hybrid cloud deployment.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'domain'], ], [ - 'name' => 'PageNumber', + 'name' => 'Detail', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The configuration details of the protected object, in JSON format.'."\n" + ."\n" + .'> The required parameters vary based on the values of **Product** and **Pattern**. For more information, see the **Description of the Detail parameter** section.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '{\\"domain\\": \\"zhhclb4test096-05111.test.com\\"}'], ], [ - 'name' => 'PageSize', + 'name' => 'XffStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '100', - 'minimum' => '10', - 'example' => '10', - ], + 'schema' => ['description' => 'Indicates whether the X-Forwarded-For (XFF) proxy feature is enabled. Valid values:'."\n" + ."\n" + .'- **0** (default): disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'required' => false, 'example' => '0'], ], [ - 'name' => 'ResourceIp', + 'name' => 'CustomHeaders', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'description' => 'The public IP address of the instance.'."\n", - 'type' => 'string', - 'deprecated' => true, + 'title' => '', + 'description' => 'The custom header fields used to obtain the actual client IP address when XFF proxy is enabled.'."\n" + ."\n" + .'> If XffStatus is set to 1, WAF uses the first IP address from the specified header field as the client IP address to prevent XFF forgery. If you specify multiple header fields, WAF reads them in order. If no valid client IP address is found in the specified header fields, WAF falls back to the first IP address in the X-Forwarded-For header field.', + 'type' => 'array', + 'items' => ['description' => 'The name of a custom header field from which WAF extracts the client IP address.', 'type' => 'string', 'required' => false, 'example' => 'x-forwarded-for', 'title' => ''], 'required' => false, - 'example' => '1.X.X.1', + 'example' => '', ], ], [ - 'name' => 'OwnerUserId', + 'name' => 'Description', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud account to which the resource belongs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1704********9107', - ], + 'schema' => ['description' => 'The description of the protected object.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'test'], ], [ - 'name' => 'ResourceInstanceIp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The IP address of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1.X.X.1', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-4xl*******', 'title' => ''], ], [ - 'name' => 'ResourceInstanceName', + 'name' => 'OwnerUserId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demoInstanceName', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud account to which the protected object belongs. This parameter is required only in multi-account scenarios. By default, the protected object belongs to the WAF administrator account.', 'type' => 'string', 'required' => false, 'example' => '123221XXX', 'title' => ''], ], [ - 'name' => 'ResourceInstanceAccessStatus', + 'name' => 'Tag', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'type' => 'string', - 'enum' => [ - 'all', - 'part', - 'non', - 'any', + 'title' => '', + 'description' => 'A list of tags. You can add up to 20 tags.', + 'type' => 'array', + 'items' => [ + 'description' => 'The tag object.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The key of the tag.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'demoTagKey'], + 'Value' => ['description' => 'The value of the tag.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'TagValue1'], + ], + 'required' => false, + 'title' => '', + 'example' => '', ], + 'required' => false, + 'maxItems' => 21, + 'example' => '', ], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekz6ql****5uzi', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -2049,561 +1332,1239 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'FDCBAE1E-2B3F-5C13-AD20-844B9473****', - ], - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'ProductInstances' => [ - 'description' => 'The information about the instances.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the instance.'."\n", - 'type' => 'object', - 'properties' => [ - 'ResourceInstanceId' => [ - 'title' => '实例ID', - 'description' => 'The ID of the instance.'."\n", - 'type' => 'string', - 'example' => 'i-2ze1tm4pvghp****cluv', - ], - 'ResourceName' => [ - 'title' => '实例名称', - 'description' => 'The name of the instance.'."\n", - 'type' => 'string', - 'deprecated' => true, - 'example' => 'ecs-test', - ], - 'ResourceRegionId' => [ - 'title' => 'RegionId', - 'description' => 'The region ID of the instance. Valid values:'."\n" - ."\n" - .'* **cn-chengdu**: China (Chengdu).'."\n" - .'* **cn-beijing**: China (Beijing).'."\n" - .'* **cn-zhangjiakou**: China (Zhangjiakou).'."\n" - .'* **cn-hangzhou**: China (Hangzhou).'."\n" - .'* **cn-shanghai**: China (Shanghai).'."\n" - .'* **cn-shenzhen**: China (Shenzhen).'."\n" - .'* **cn-qingdao**: China (Qingdao).'."\n" - .'* **cn-hongkong**: China (Hong Kong).'."\n" - .'* **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" - .'* **ap-southeast-5**: Indonesia (Jakarta).'."\n", - 'type' => 'string', - 'example' => 'cn-beijing', - ], - 'ResourceProduct' => [ - 'description' => 'The cloud service to which the instance belongs. Valid values:'."\n" - ."\n" - .'* **clb4**: Layer 4 CLB.'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **ecs**: ECS.'."\n", - 'type' => 'string', - 'example' => 'clb4', - ], - 'ResourcePorts' => [ - 'description' => 'The information about the ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Port' => [ - 'description' => 'The port number.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '443', - ], - 'Protocol' => [ - 'description' => 'The protocol type. Valid values:'."\n" - ."\n" - .'* **http**'."\n" - .'* **https**'."\n", - 'type' => 'string', - 'example' => 'https', - ], - 'Certificates' => [ - 'description' => 'The information about the certificates.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'CertificateName' => [ - 'description' => 'The name of the certificate.'."\n", - 'type' => 'string', - 'example' => 'trafficxxxx.cn', - ], - 'CertificateId' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'example' => '10106183', - ], - 'Domain' => [ - 'type' => 'string', - ], - 'AppliedType' => [ - 'type' => 'string', - ], - ], - ], - ], - ], - ], - ], - 'ResourceIp' => [ - 'description' => 'The public IP address of the instance.'."\n", - 'type' => 'string', - 'deprecated' => true, - 'example' => '1.X.X.1', - ], - 'OwnerUserId' => [ - 'description' => 'The ID of the Alibaba Cloud account to which the resource belongs.', - 'type' => 'string', - 'example' => '1704********9107', - ], - 'ResourceInstanceIp' => [ - 'description' => 'The IP address of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'example' => '1.X.X.1', - ], - 'ResourceInstanceName' => [ - 'description' => 'The name of the instance that is added to WAF.'."\n", - 'type' => 'string', - 'example' => 'demoInstanceName', - ], - 'AccessPorts' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - ], - 'ResourceInstanceAccessStatus' => [ - 'type' => 'string', - ], - 'AccessPortAndProtocols' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Port' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'Protocol' => [ - 'type' => 'string', - ], - 'CertificateIds' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], - ], - ], - ], - ], - 'AccessInstanceId' => [ - 'type' => 'string', - ], - 'ResourceInstanceEdition' => [ - 'type' => 'string', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '1738C613-D054-5191-888B-DC0CF4C3A4A0', 'title' => ''], + 'Resource' => ['description' => 'The name of the protected object that is created.', 'type' => 'string', 'example' => 'cdX.XXX-call.cn-alb', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"FDCBAE1E-2B3F-5C13-AD20-844B9473****\\",\\n \\"TotalCount\\": 100,\\n \\"ProductInstances\\": [\\n {\\n \\"ResourceInstanceId\\": \\"i-2ze1tm4pvghp****cluv\\",\\n \\"ResourceName\\": \\"ecs-test\\",\\n \\"ResourceRegionId\\": \\"cn-beijing\\",\\n \\"ResourceProduct\\": \\"clb4\\",\\n \\"ResourcePorts\\": [\\n {\\n \\"Port\\": 443,\\n \\"Protocol\\": \\"https\\",\\n \\"Certificates\\": [\\n {\\n \\"CertificateName\\": \\"demoCertName\\",\\n \\"CertificateId\\": \\"1234567\\",\\n \\"Domain\\": \\"www.test.com\\",\\n \\"AppliedType\\": \\"default\\"\\n }\\n ]\\n }\\n ],\\n \\"ResourceIp\\": \\"1.X.X.1\\",\\n \\"OwnerUserId\\": \\"1704********9107\\",\\n \\"ResourceInstanceIp\\": \\"1.X.X.1\\",\\n \\"ResourceInstanceName\\": \\"demoInstanceName\\",\\n \\"AccessPorts\\": [\\n 80\\n ],\\n \\"ResourceInstanceAccessStatus\\": \\"all\\",\\n \\"AccessPortAndProtocols\\": [\\n {\\n \\"Port\\": 443,\\n \\"Protocol\\": \\"http\\",\\n \\"CertificateIds\\": [\\n \\"5379758\\"\\n ]\\n }\\n ],\\n \\"AccessInstanceId\\": \\"i-2ze1tm4pvghp****cluv\\\\n\\",\\n \\"ResourceInstanceEdition\\": \\"ecs.e-c1m1.large\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeProductInstances', - ], - 'DescribeResourceSupportRegions' => [ - 'summary' => 'Queries the region IDs of the Classic Load Balancer (CLB) and Elastic Compute Service (ECS) instances that are added to Web Application Firewall (WAF) in cloud native mode.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.ResourceExsit', 'errorMessage' => 'Access resource already exists, resource:%s.', 'description' => 'Access resource already exists, existing resource:%s.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'CreateDefenseResource', + 'summary' => 'Creates a protected object.', + 'requestParamsDescription' => '## Description of the Detail parameter'."\n" + ."\n" + .'### ALB domain name (Product is set to alb and Pattern is set to domain)'."\n" + ."\n" + .'Adds a protected object for the domain name of an Application Load Balancer (ALB) instance protected by WAF.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ---------- | ------ | -------- | ------------------- | ----------------------------------------------------------- |'."\n" + .'| instanceId | String | Yes | alb-cj3w3********1x | The ID of the ALB instance that is protected by WAF. |'."\n" + .'| domain | String | Yes | alb.test.com | The domain name that you want to add to WAF for protection. |'."\n" + ."\n" + .'#### Sample request'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "domain": "alb.test.com",'."\n" + .' "instanceId": "alb-cj3w3********1x"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### ECS domain name (Product is set to ecs and Pattern is set to domain)'."\n" + ."\n" + .'Adds a protected object for the domain name of an Elastic Compute Service (ECS) instance protected by WAF.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ------ | ------ | -------- | ------------ | ----------------------------------------------------------- |'."\n" + .'| domain | String | Yes | ecs.test.com | The domain name that you want to add to WAF for protection. |'."\n" + ."\n" + .'#### Sample request'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "domain": "ecs.test.com"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### CLB domain name (Product is set to clb4 or clb7 and Pattern is set to domain)'."\n" + ."\n" + .'Adds a protected object for the domain name of a Classic Load Balancer (CLB) instance protected by WAF.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ------ | ------ | -------- | ------------ | ----------------------------------------------------------- |'."\n" + .'| domain | String | Yes | clb.test.com | The domain name that you want to add to WAF for protection. |'."\n" + ."\n" + .'#### Sample request'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "domain": "clb.test.com"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### NLB domain name (Product is set to nlb and Pattern is set to domain)'."\n" + ."\n" + .'Adds a protected object for the domain name of a Network Load Balancer (NLB) instance protected by WAF.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ------ | ------ | -------- | ------------ | ----------------------------------------------------------- |'."\n" + .'| domain | String | Yes | nlb.test.com | The domain name that you want to add to WAF for protection. |'."\n" + ."\n" + .'#### Sample request'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "domain": "nlb.test.com"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### WAF hybrid cloud deployment (Product is set to waf and Pattern is set to multi\\_service)'."\n" + ."\n" + .'Creates a protected object for a URL path of a domain name in a hybrid cloud WAF cluster.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ------ | ------ | -------- | ---------- | ------------------------------------------------------------------------- |'."\n" + .'| domain | String | Yes | a.test.com | The domain name or IP address that you want to add to WAF for protection. |'."\n" + .'| url | String | Yes | /abc | The URL path. |'."\n" + ."\n" + .'#### Sample request'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "domain": "a.test.com",'."\n" + .' "url": "/abc"'."\n" + .'}'."\n" + .'```', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1738C613-D054-5191-888B-DC0CF4C3A4A0\\",\\n \\"Resource\\": \\"cdX.XXX-call.cn-alb\\"\\n}","type":"json"}]', + ], + 'CreateDefenseResourceGroup' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '144618', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeCode' => '106349', + 'abilityTreeNodes' => ['FEATUREwafHQWDCC'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to view the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ResourceProduct', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => 'The cloud service. Valid values:'."\n" - ."\n" - .'* **clb4**: Layer 4 CLB.'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **ecs**: ECS.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'clb7', - ], + 'schema' => ['description' => 'The name of the protected object group. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (\\_), periods (.), and hyphens (-).', 'type' => 'string', 'required' => true, 'example' => 'group221', 'title' => ''], + ], + [ + 'name' => 'AddList', + 'in' => 'query', + 'schema' => ['description' => 'The protected objects to add to the protected object group. You can add multiple protected objects. Separate them with commas (,).', 'type' => 'string', 'required' => false, 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com'."\n", 'title' => ''], + ], + [ + 'name' => 'Description', + 'in' => 'query', + 'schema' => ['description' => 'The description of the protected object group. The description can be up to 512 characters long.', 'type' => 'string', 'required' => false, 'example' => 'test_domain', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzpks****kdjq', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The result of the request.'."\n", + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'SupportRegions' => [ - 'description' => 'An array of region IDs of the CLB and ECS instances that are added to WAF in cloud native mode.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the regions.'."\n", - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '58FD****-3D56-5DE8-91E0-96A26BABFFDD', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5D69B341-4F97-58E7-9E16-1B17FE7A9E98', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SupportRegions\\": [\\n \\"cn-hangzhou\\"\\n ],\\n \\"RequestId\\": \\"58FDF266-3D56-5DE8-91E0-96A26BAB****\\"\\n}","type":"json"}]', - 'title' => 'DescribeResourceSupportRegions', - ], - 'DescribeResourceRegionId' => [ - 'summary' => 'Queries the region IDs of the resources that are added to Web Application Firewall (WAF) by using the SDK integration mode. The resources refer to Application Load Balancer (ALB) and Microservices Engine (MSE) instances.', - 'methods' => [ - 'post', - 'get', + 'title' => 'CreateDefenseResourceGroup', + 'summary' => 'Creates a protected object group.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseResourceGroup'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5D69B341-4F97-58E7-9E16-1B17FE7A9E98\\"\\n}","type":"json"}]', + ], + 'CreateDefenseRule' => [ + 'summary' => 'Create a web core protection rule.', + 'methods' => ['post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '112185', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], - 'autoTest' => true, + 'abilityTreeCode' => '106379', + 'abilityTreeNodes' => ['FEATUREwaf1LM6V0', 'FEATUREwafI1HM4C', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwaf6XNOII', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafS64FX9', 'FEATUREwafOVI09M', 'FEATUREwafIFHX6M', 'FEATUREwafF105ZO'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to get the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-****', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the protection rule template.'."\n" + ."\n" + .'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1122', 'title' => ''], + ], + [ + 'name' => 'DefenseScene', + 'in' => 'query', + 'schema' => ['description' => 'The scenario to which the protection rule is applied.'."\n" + ."\n" + .'If **DefenseType** is set to **template**, valid values are:'."\n" + ."\n" + .'- **waf\\_group**: basic protection.'."\n" + ."\n" + .'- **waf\\_base**: web core protection.'."\n" + ."\n" + .'- **antiscan**: scan protection.'."\n" + ."\n" + .'- **ip\\_blacklist**: IP address blacklist.'."\n" + ."\n" + .'- **custom\\_acl**: custom rule.'."\n" + ."\n" + .'- **whitelist**: whitelist.'."\n" + ."\n" + .'- **region\\_block**: geo-blocking.'."\n" + ."\n" + .'- **custom\\_response**: custom response.'."\n" + ."\n" + .'- **cc**: HTTP flood protection.'."\n" + ."\n" + .'- **tamperproof**: webpage tamper-proofing.'."\n" + ."\n" + .'- **dlp**: data leakage prevention.'."\n" + ."\n" + .'- **spike\\_throttle**: rate limiting for bursts of traffic.'."\n" + ."\n" + .'- **bot\\_manager**: bot management.'."\n" + ."\n" + .'If **DefenseType** is set to **resource**, valid values are:'."\n" + ."\n" + .'- **account\\_identifier**: account identification.'."\n" + ."\n" + .'- **custom\\_response**: custom response.'."\n" + ."\n" + .'- **waf\\_codec**: decoding.'."\n" + ."\n" + .'If **DefenseType** is set to **global**, valid values are:'."\n" + ."\n" + .'- **regular\\_custom**: custom regular expression.'."\n" + ."\n" + .'- **address\\_book**: address book.'."\n" + ."\n" + .'- **custom\\_response**: custom response.'."\n" + ."\n" + .'> You can apply a global custom response to a protected object or a rule. If you configure custom response rules at different levels, the rule with the finest-grained scope takes precedence. The priority is as follows: rule > protected object > default page.', 'type' => 'string', 'required' => true, 'example' => 'waf_group', 'title' => ''], + ], + [ + 'name' => 'Rules', + 'in' => 'formData', + 'schema' => ['description' => 'The details of the protection rule. This value is a JSON string.'."\n" + ."\n" + .'> The parameters in the JSON string vary based on the value of **DefenseScene**. For more information, see **Protection rule parameters**.', 'type' => 'string', 'required' => true, 'example' => 'waf_group', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'DefenseType', + 'in' => 'query', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", + 'description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **template** (default): a template-based protection rule.'."\n" + ."\n" + .'- **resource**: a rule for a specific protected object.'."\n" + ."\n" + .'- **global**: a global protection rule.', 'type' => 'string', + 'default' => 'template', + 'enum' => ['template', 'global', 'resource'], 'required' => false, - 'example' => 'rg-aek2lrm****6pnq', + 'example' => 'template', + 'title' => '', ], ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The protected object to which the rule applies.'."\n" + ."\n" + .'> This parameter is required only when **DefenseType** is set to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'sec****-waf', 'title' => ''], + ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ + 'description' => 'The response is an object with the following structure.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'F5905D3F-F674-5177-9E48-466DD3B8****', - ], - 'ResourceRegionIds' => [ - 'description' => 'The region IDs of the resources that are added to Web Application Firewall (WAF) by using the SDK integration mode.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The region ID. For information about the corresponding region names of the region IDs, see [Regions and zones](https://www.alibabacloud.com/help/en/cloud-migration-guide-for-beginners/latest/regions-and-zones?spm=a2c63.l28256.0.0.6d821b76nPrm0F).', - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', 'title' => ''], + 'RuleIds' => ['description' => 'The comma-separated IDs of the created protection rules.', 'type' => 'string', 'example' => '22215,23354,462165', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F5905D3F-F674-5177-9E48-466DD3B8****\\",\\n \\"ResourceRegionIds\\": [\\n \\"cn-hangzhou\\"\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeResourceRegionId', - ], - 'DescribeResourceInstanceCerts' => [ - 'summary' => 'Queries the certificates that are used in cloud service instances. The certificates returned include the certificates within the delegated administrator account and the certificates within members to which specific instances belong. For example, the delegated administrator account has certificate 1, instance lb-xx-1 belongs to member B, and member B has certificate 2. If you specify instance lb-xx-1 in the request, certificate 1 and certificate 2 are returned.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', 'errorMessage' => 'The whitelist protection rule does not exist.', 'description' => 'The whitelist protection rule does not exist. Rule ID:%s.'], + ['errorCode' => 'Defense.Control.DefenseWhitelistConfigInvalid', 'errorMessage' => 'The whitelist rule is misconfigured.', 'description' => 'Error configuring whitelist rule: %s.'], + ['errorCode' => 'Defense.Control.DefenseBookTypeInvalid', 'errorMessage' => 'The address book type is illegal.', 'description' => 'The address book type is illegal.'], + ['errorCode' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', 'errorMessage' => 'Threat Intelligence Rule configuration error.', 'description' => 'Threat Intelligence Rule configuration error. %s'], + ['errorCode' => 'Defense.Control.DefenseIpCountOversize', 'errorMessage' => 'The number of IPs exceeds the limit.', 'description' => 'The number of IPs exceeds the limit.'], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"RuleIds\\": \\"22215,23354,462165\\"\\n}","type":"json"}]', + 'title' => 'CreateDefenseRule', + 'requestParamsDescription' => '**Protection rule parameters**'."\n" + ."\n" + .'## Template protection rule (**template**)'."\n" + ."\n" + .'When **DefenseType** is set to **template**, the rule configuration is as follows.'."\n" + ."\n" + .'### Basic protection rules (**waf\\_group**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| -------------- | ------- | -------- | --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n" + .'| status | Integer | Required | 1 | Specifies the initial status of the defense rule. To change the status later, call the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: disabled.<br>\\- **1** (default): enabled. |'."\n" + .'| action | String | Required | block | Specifies the action for the defense rule. Valid values:<br>\\- **block**: blocks matching requests.<br>\\- **monitor**: monitors matching requests. |'."\n" + .'| policyId | Long | Optional | 1012 | Specifies the ID of the defense rule group. Defaults to the medium rule group (1012). |'."\n" + .'| protectionType | String | Optional | sema | Specifies the type of defense rule. Valid values:<br>\\- **regular** (default): regular expression protection.<br>\\- **sema**: semantic protection. |'."\n" + .'| config | String | Optional | {"nonInjectionSql":1} | Specifies the custom configuration as a JSON string. For a detailed list of settings, refer to the config object documentation. |'."\n" + ."\n" + .'**Parameters**'."\n" + ."\n" + .'- When **protectionType** is set to **sema**, where the basic protection rule is semantic protection.'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| --------------- | ------- | -------- | ------- | --------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| nonInjectionSql | Integer | Yes | 1 | Indicates whether non-injection attack detection is enabled. Valid values:<br>\\- **0**: disabled.<br>\\- **1** (default): enabled. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "DefenseScene": "waf_group",'."\n" + .' "TemplateId": 322,'."\n" + .' "InstanceId": "waf_cn****",'."\n" + .' "Rules": "[{\\"status\\":1,\\"policyId\\":1012,\\"action\\":\\"block\\"},{\\"status\\":1,\\"action\\":\\"block\\",\\"protectionType\\":\\"sema\\",\\"config\\":\\"{\\\\\\"nonInjectionSql\\\\\\":1}\\"}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### New core web protection (**waf\\_base**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ---------- | ------- | -------- | ----------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| autoUpdate | Boolean | Required | true | Specifies whether to enable automatic updates. Valid values:<br>\\- **true**: Enables automatic updates.<br>\\- **false**: Disables automatic updates. |'."\n" + .'| config | Array | Required | \\[{"ruleType":"system","ruleDetail":[{"ruleId":13000412,"ruleStatus":1,"ruleAction":"block"}]}] | The rule configuration to modify.><notice>Call the DescribeBaseSystemRules operation to query the template\'s system protection rule configuration. Call the DescribeDefenseRules operation to query the template\'s custom regular expression rule configuration.></notice> |'."\n" + ."\n" + .'**`config`: Configuration details**'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ------------------------ | ------ | -------- | ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| ruleType | String | Required | system | The rule type. Valid values:<br>\\- **system**: A system rule for Basic Protection.<br>\\- **custom**: A custom regular expression rule for Basic Protection. |'."\n" + .'| ruleBatchOperationConfig | String | Optional | default | Specifies the batch operation for rules. This parameter cannot be used with the `RuleDetail` parameter. Valid values:<br>\\- **default**: Restores the default settings.<br>\\- **all_on**: Enables all rules.<br>\\- **all_off**: Disables all rules.<br>\\- **all_block**: Sets the action of all rules to Block.<br>\\- **all_monitor**: Sets the action of all rules to Monitor. |'."\n" + .'| ruleDetail | Array | Optional | \\[{"ruleId":13000412,"ruleStatus":1,"ruleAction":"block"}]] | The details of the rules to modify. Properties:<br>\\- **ruleId**: The rule ID.<br>\\- **ruleStatus**: The rule status.<br>\\- **ruleAction**: The rule action. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "DefenseScene": "waf_base",'."\n" + .' "TemplateId": 322,'."\n" + .' "InstanceId": "waf_cn****",'."\n" + .' "Rules": "[{\\"autoUpdate\\":true,\\"config\\":[{\\"ruleType\\":\\"system\\",\\"ruleDetail\\":[{\\"ruleId\\":13000412,\\"ruleStatus\\":1,\\"ruleAction\\":\\"block\\"}]}]}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Antiscan rules'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| -------------- | ------- | -------- | ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| protectionType | String | required | highfreq | The subtype of the scan protection rule. Valid values:<br>\\- **highfreq**: high-frequency scan blocking.<br>\\- **dirscan**: directory traversal blocking.<br>\\- **scantools**: scan tool blocking. |'."\n" + .'| status | Integer | required | 1 | The status of the protection rule. This parameter is used only when you create a protection rule. To modify the status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: disabled.<br>\\- **1** (default): enabled. |'."\n" + .'| action | String | required | block | The action for the protection rule. Valid values:<br>\\- **block**: blocks matching requests.<br>\\- **monitor**: monitors matching requests. |'."\n" + .'| actionExternal | JSON | optional | {"responseRuleId":123444} | Specifies the extended configuration for the rule\'s action, allowing you to define a custom response. For example, if the **action** parameter is set to **block**, you can specify a custom block page. |'."\n" + .'| config | String | optional | {"target":"remote_addr","interval":60,"ttl":180,"count":20} | Custom configuration, specified as a JSON string. For more information, see **Details of the config parameter**. |'."\n" + ."\n" + .'**Detailed configuration**'."\n" + ."\n" + .'- When **protectionType** is set to **highfreq** (for high-frequency scan blocking)'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| ----------- | ------- | -------- | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| target | String | Yes | remote_addr | The statistic object type. Valid values:<br>\\- **remote_addr** (default): IP address.<br>\\- **cookie.acw_tc**: session.<br>\\- **header**: custom header. If you select this value, specify the header field in the **subKey** parameter.<br>\\- **queryarg**: custom parameter. If you select this value, specify the parameter name in the **subKey** parameter.<br>\\- **cookie**: custom cookie. If you select this value, specify the cookie name in the **subKey** parameter. |'."\n" + .'| subKey | String | No | abc | The specific field of the statistic object. Required when **target** is set to **cookie**, **header**, or **queryarg**. |'."\n" + .'| interval | Integer | No | 60 | The detection duration in seconds. The default value is 60.<br>The value must be an integer from 5 to 1,800. |'."\n" + .'| ttl | Integer | No | 1800 | The blocking duration in seconds. The default value is 1,800.<br>The value must be an integer from 60 to 86,400. |'."\n" + .'| count | Integer | No | 20 | Maximum number of times a basic protection rule can be triggered. The default value is 20.<br>The value must be an integer from 3 to 50,000. |'."\n" + .'| ruleIdCount | Integer | No | 2 | Maximum number of triggered rules. The default value is 2.<br>The value must be an integer from 1 to 50. |'."\n" + ."\n" + .'- When **protectionType** is set to **dirscan** (the scan protection rule for blocking directory traversal)'."\n" + ."\n" + .'| Parameter | Type | Required | Value | Description |'."\n" + .'| --------- | ------- | -------- | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| target | String | Required | remote_addr | The target object for statistics and blocking. Valid values:<br>\\- **remote_addr** (default): IP<br>\\- **cookie.acw_tc**: session<br>\\- **header**: custom header<br>\\- **queryarg**: custom parameter<br>\\- **cookie**: custom cookie |'."\n" + .'| subKey | String | Optional | 1 | The sub-key of the target object. Specify this parameter only when target is set to **header, queryarg, or cookie**. |'."\n" + .'| interval | Integer | Optional | 60 | The detection duration, in seconds.<br>Valid values: 5 to 1,800. Default: 60. |'."\n" + .'| ttl | Integer | Optional | 1800 | The block duration, in seconds.<br>Valid values: 60 to 86,400. Default: 1,800. |'."\n" + .'| count | Integer | Optional | 20 | The maximum number of times a basic protection rule can be triggered.<br>Valid values: 3 to 50,000. Default: 20. |'."\n" + .'| weight | Float | Optional | 0.5 | The ratio of 404 response codes.<br>Valid values: 0.01 to 1.0 (with a precision of two decimal places). Default: 0.7. |'."\n" + .'| uriNum | Integer | Optional | 50 | The maximum number of non-existent directories.<br>Valid values: 2 to 50,000. Default: 50. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 2222,'."\n" + .' "DefenseScene": "antiscan",'."\n" + .' "Rules": "[{\\"protectionType\\":\\"scantools\\",\\"action\\":\\"block\\",\\"status\\":1},{\\"protectionType\\":\\"dirscan\\",\\"status\\":1,\\"action\\":\\"block\\",\\"config\\":\\"{\\\\\\"target\\\\\\":\\\\\\"remote_addr\\\\\\",\\\\\\"interval\\\\\\":10,\\\\\\"ttl\\\\\\":1800,\\\\\\"weight\\\\\\":0.7,\\\\\\"uriNum\\\\\\":50,\\\\\\"count\\\\\\":50}\\"},{\\"protectionType\\":\\"highfreq\\",\\"status\\":1,\\"action\\":\\"block\\",\\"config\\":\\"{\\\\\\"target\\\\\\":\\\\\\"remote_addr\\\\\\",\\\\\\"interval\\\\\\":60,\\\\\\"ttl\\\\\\":1800,\\\\\\"count\\\\\\":20,\\\\\\"ruleIdCount\\\\\\":2}\\"}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### IP blacklist (**ip\\_blacklist**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| -------------- | ------- | -------- | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n" + .'| name | String | Required | iptest | The name of the ip blacklist rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| status | Integer | Required | 1 | The rule status. Use this parameter only when you create a protection rule. To modify the rule status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: disable<br>\\- **1** (default): enable |'."\n" + .'| action | String | Required | block | The rule action. Valid values:<br>\\- **block**: Blocks requests.<br>\\- **monitor**: Monitors requests. |'."\n" + .'| actionExternal | JSON | Optional | {"responseRuleId":123444} | Extended configuration for the rule action. This parameter applies only to the new custom response feature. When **action** is set to **block**, you can specify a custom block page. |'."\n" + .'| remoteAddr | Array | Required | \\["1.1.XX.XX", "3.1.XX.XX/24"] | The IP addresses or CIDR blocks to add to the ip blacklist. Use the format ["ip1","ip2",...]. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 2222,'."\n" + .' "DefenseScene": "ip_blacklist",'."\n" + .' "Rules": "[{\\"name\\":\\"iptest1\\",\\"remoteAddr\\":[\\"1.1.1.2\\",\\"3.3.3.3/24\\"],\\"action\\":\\"monitor\\",\\"status\\":1},{\\"name\\":\\"iptest2\\",\\"remoteAddr\\":[\\"4.4.4.4\\",\\"5.5.5.5/32\\"],\\"action\\":\\"block\\",\\"status\\":1}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Custom rule (**custom\\_acl**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| -------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Yes | iptest | The name of the custom ACL rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| status | Integer | Yes | 1 | Specifies the status of the protection rule. This parameter applies only when you create a protection rule. To change the status of an existing rule, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: disabled<br>\\- **1** (default): enabled |'."\n" + .'| action | String | Yes | block | Specifies the action of the protection rule. Valid values:<br>\\- **block**: Blocks the request.<br>\\- **monitor**: Monitors the request.<br>\\- **js**: Triggers a JS challenge.<br>\\- **captcha**: Triggers a CAPTCHA.<br>\\- **captcha_strict**: Triggers a strict CAPTCHA.<br>**Note** The actions available for custom ACL rules are limited to those shown in the **WAF console**. |'."\n" + .'| actionExternal | JSON | No | {"responseRuleId":123444} | Specifies the extended configuration for the protection rule action. This parameter is available only for the new version of custom responses. When **action** is set to **block**, you can specify a custom block page. When **action** is set to **captcha**/ **captcha_strict**, you can specify a custom CAPTCHA page. |'."\n" + .'| conditions | Array | Yes | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | Specifies the match conditions for the ACL rule. The value is a JSON string. You can specify up to five match conditions. For more information, see the description of `conditions` in [Parameters of protection rules](~~3026503~~). |'."\n" + .'| ccStatus | Integer | Yes | 1 | Specifies whether to enable rate limiting. Valid values:<br>\\- **0**: Disables rate limiting.<br>\\- **1**: Enables rate limiting. |'."\n" + .'| ratelimit | JSON | No | {"target":"remote_addr","interval":5,"threshold":2,"ttl":1800,"status":{"code":404,"count":2}} | Specifies the detailed configuration for rate limiting. The value is a JSON string. This parameter is required only when `ccStatus` is set to **1**. For more information, see the description of `ratelimit` in [Parameters of protection rules](~~3026503~~). |'."\n" + .'| effect | String | No | rule | Specifies the scope of rate limiting. This parameter is required only when `ccStatus` is set to **1**. Valid values:<br>\\- **service**: Applies to the protected object.<br>\\- **rule**: Applies to the single rule. |'."\n" + .'| grayStatus | Integer | No | 1 | Specifies whether to enable grayscale release for the rule. Valid values:<br>\\- **0** (default): Disables grayscale release.<br>\\- **1**: Enables grayscale release. |'."\n" + .'| grayConfig | JSON | No | {"grayTarget":"header","grayRate":80,"graySubKey":"test"} | Specifies the configuration for the grayscale release. The value is a JSON string. This parameter is required only when `grayStatus` is set to **1**. For more information, see the description of `grayConfig` in [Parameters of protection rules](~~3026503~~). |'."\n" + .'| timeConfig | JSON | No | {"timeScope":"period","timeZone":8,"timePeriods":[{"start":1758771729787,"end":1758816000000}]} | Specifies the schedule that determines when the rule is active. The value is a JSON string. For more information, see the description of `timeConfig` in [Parameters of protection rules](~~3026503~~). |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'The provided document was analyzed for user interface (UI) terms according to the established criteria.'."\n" + ."\n\n" + ."\n\n" + .'The document contains a JSON code example, which consists of API parameters and code variables. Per the exclusion criteria, these are not considered UI elements such as buttons, menus, or labels.'."\n" + ."\n\n" + ."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 6242,'."\n" + .' "DefenseScene": "custom_acl",'."\n" + .' "Rules":"[{\\"name\\":\\"acl_test\\",\\"action\\":\\"block\\",\\"conditions\\":[{\\"key\\":\\"URL\\",\\"opValue\\":\\"contain\\",\\"values\\":\\"abc\\"}],\\"ratelimit\\":{\\"target\\":\\"remote_addr\\",\\"interval\\":5,\\"threshold\\":2,\\"ttl\\":1800,\\"status\\":{\\"code\\":404,\\"count\\":2}},\\"ccStatus\\":1,\\"effect\\":\\"rule\\",\\"status\\":1,\\"origin\\":\\"custom\\",\\"timeConfig\\":{\\"timeScope\\":\\"cycle\\",\\"timeZone\\":8,\\"weekTimePeriods\\":[{\\"day\\":\\"1\\",\\"dayPeriods\\":[{\\"start\\":0,\\"end\\":51644084}]},{\\"day\\":\\"1,2,5\\",\\"dayPeriods\\":[{\\"start\\":0,\\"end\\":42928908}]}]},\\"grayStatus\\":1,\\"grayConfig\\":{\\"grayRate\\":80,\\"graySubKey\\":\\"test\\",\\"grayTarget\\":\\"header\\"}}]"'."\n" + .'}'."\n" + ."\n\n" + ."\n\n" + ."\n" + .'Therefore, no UI terms were extracted from the document.'."\n" + ."\n\n" + ."\n\n" + .'UI term extraction requires documentation containing interface descriptions, operational steps, or screenshots.'."\n" + .'```'."\n" + ."\n" + .'### Whitelist'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| -------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Required | whitelistTest | The name of the whitelist rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| status | Integer | Required | 1 | The status of the protection rule. Use this parameter only when you create a protection rule. To modify the rule\'s status, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: Disabled.<br>\\- **1** (default): Enabled. |'."\n" + .'| conditions | Array | Required | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | A JSON string that contains an array of match conditions for the whitelist. You can specify up to five match conditions. For more information, see the description of `conditions` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n" + .'| tags | Array | Required | \\["waf", "regular"] | The protection modules to which the whitelist rule applies. Specify the values in the `["XX1", "XX2",...]` format. Valid values:<br>\\- **waf**: All modules<br>\\- **customrule_rule**: Specific custom rule<br>\\- **customrule**: custom rules<br>\\- **blacklist**: IP blacklist<br>\\- **blacklist_rule**: Specific IP blacklist rule<br>\\- **antiscan**: scan protection<br>\\- **regular**: basic protection rules<br>\\- **regular_rule**: Specific basic protection rule<br>\\- **regular_type**: Specific basic protection rule type<br>\\- **regular_field**: Specific basic protection field<br>\\- **major_protection**: Major event protection<br>\\- **cc**: CC protection<br>\\- **region_block**: region blocking<br>\\- **antibot_scene**: bot protection<br>\\- **antibot_scene_rule**: Specific bot protection rule ID<br>\\- **antibot_scene_label**: Specific bot protection rule type<br>\\- **dlp**: data loss prevention<br>\\- **tamperproof**: web tamper proofing<br>\\- **spike_throttle**: spike throttling protection |'."\n" + .'| regularRules | Array | Optional | \\[ "111111", "222222" ] | A list of basic protection rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `regular_rule`. |'."\n" + .'| regularTypes | Array | Optional | \\[ "xss", "css" ] | A list of basic protection rule types to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `regular_type`. Valid values:<br>\\- **sqli**: SQL injection<br>\\- **xss**: cross-site scripting<br>\\- **code_exec**: code execution<br>\\- **crlf**: CRLF<br>\\- **lfilei**: local file inclusion<br>\\- **rfilei**: remote file inclusion<br>\\- **webshell**: webshell<br>\\- **csrf**: CSRF<br>\\- **other**: Other |'."\n" + .'| regularFields | Array | Optional | \\[{"key":"URL"},{"key":"Header","subKey":"abc"}] | A JSON string that contains an array of fields to exclude from basic protection. You can specify up to five fields. For more information, see **regularFields Configuration**. Configure this parameter only when the `tags` parameter is set to `regular_field`. |'."\n" + .'| customRules | Array | Optional | \\[ "111111", "222222" ] | A list of custom rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `customrule_rule`. |'."\n" + .'| blacklistRules | Array | Optional | \\[ "111111", "222222" ] | A list of IP blacklist rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `blacklist_rule`. |'."\n" + .'| botRules | Array | Optional | \\[ "111111", "222222" ] | A list of bot protection rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `antibot_scene_rule`. |'."\n" + .'| botLables | Array | Optional | \\[ "abc", "cdcc" ] | A list of bot protection rule types to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `antibot_scene_label`. You can call the [DescribeBotRuleLabels](~~DescribeBotRuleLabels~~) operation to query the available rule types. |'."\n" + ."\n" + .'**Configuring `regularFields`**'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| --------- | ------ | -------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| key | String | required | URL | The field to ignore. Valid values:<br>\\- **URL-All**: all fields of the URI.<br>\\- **URL**: the entire URI.<br>\\- **URLPath**: the URI path.<br>\\- **Query-All**: all query arguments.<br>\\- **Query-Arg**: a specified query argument.<br>\\- **Cookie-All**: all cookies.<br>\\- **Cookie-Exact**: a specified cookie name.<br>\\- **Header-All**: all headers.<br>\\- **Header**: a specified header field.<br>\\- **Body-All**: all arguments in the request body. |'."\n" + .'| subKey | String | optional | abc | The specific field to ignore. Required if **key** is **URLPath**, **Query-Arg**, **Cookie-Exact**, or **Header**. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'### Custom response rule (**custom\\_response**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ------------ | ------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| responseType | String | Yes | response_block | The custom response type. Set this to `response_block` to block the request. |'."\n" + .'| status | Integer | Yes | 1 | The status of the defense rule. This parameter is used only when you create a defense rule. To modify the status of an existing rule, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: disabled.<br>\\- **1** (default): enabled. |'."\n" + .'| config | String | Yes | {"responseCode":400,"responseHeaders":[{"key":"custom","value":"123"},{"key":"aaa","value":"2223"}],"responseContent":"HelloWorld"} | The custom configuration, specified as a JSON string. For details, see **config parameter details**. |'."\n" + ."\n" + .'**Config**'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| --------------- | ------- | -------- | --------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| responseCode | Integer | required | 400 | The response code. |'."\n" + .'| responseHeaders | Array | optional | \\[{"key":"custom","value":"123"},{"key":"aaaa","value":"2223"}] | A list of custom response headers, formatted as a JSON string. The **key** is the header field, and the **value** is the header value. |'."\n" + .'| responseContent | String | required | helloworld | The content of the custom response. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 2841,'."\n" + .' "DefenseScene": "custom_response",'."\n" + .' "Rules":"[{\\"responseType\\":\\"response_block\\",\\"config\\":\\"{\\\\\\"templateName\\\\\\":\\\\\\"aaa\\\\\\",\\\\\\"responseCode\\\\\\":\\\\\\"400\\\\\\",\\\\\\"responseContent\\\\\\":\\\\\\"helloWorld\\\\\\",\\\\\\"responseHeaders\\\\\\":[{\\\\\\"key\\\\\\":\\\\\\"test1\\\\\\",\\\\\\"value\\\\\\":\\\\\\"abc\\\\\\"}]}\\",\\"status\\":1}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Region block rule (**region\\_block**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ---------------- | ------- | -------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n" + .'| cnRegionList | String | Optional | 610000,230000 | A comma-separated list of region codes for Chinese mainland regions. Specify ["**CN**"] to block all Chinese mainland regions (excluding Hong Kong, Macao, and Taiwan). For the definitions of the region codes, see **Description of region codes in the Chinese mainland**. |'."\n" + .'| abroadRegionList | String | Optional | KE,KG | A comma-separated list of country and region codes for regions outside the Chinese mainland. Call the [DescribeIpAbroadCountryInfos](~~2928841~~) operation to query the supported country and region codes. |'."\n" + .'| status | Integer | Required | 1 | Specifies the status of the protection rule. This parameter applies only when creating a protection rule. To modify the status of an existing protection rule, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: Disabled.<br>\\- **1** (default): Enabled. |'."\n" + .'| action | String | Required | block | Specifies the action to perform. Valid values:<br>\\- **block**: blocks matching requests.<br>\\- **monitor**: monitors matching requests; captcha: performs a CAPTCHA challenge on matching requests; captcha_strict: performs a strict CAPTCHA challenge on matching requests. |'."\n" + .'| actionExternal | JSON | Optional | {"responseRuleId":123444} | Specifies the extended configuration for the action. This parameter is available only with the custom response feature. When **action** is set to **block**, you can specify a custom block page. When **action** is set to **captcha** or **captcha_strict**, you can specify a custom CAPTCHA page. |'."\n" + ."\n" + .'**Chinese mainland region IDs**'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "110000": "Beijing",'."\n" + .' "120000": "Tianjin",'."\n" + .' "130000": "Hebei",'."\n" + .' "140000": "Shanxi",'."\n" + .' "150000": "Inner Mongolia",'."\n" + .' "210000": "Liaoning",'."\n" + .' "220000": "Jilin",'."\n" + .' "230000": "Heilongjiang",'."\n" + .' "310000": "Shanghai",'."\n" + .' "320000": "Jiangsu",'."\n" + .' "330000": "Zhejiang",'."\n" + .' "340000": "Anhui",'."\n" + .' "350000": "Fujian",'."\n" + .' "360000": "Jiangxi",'."\n" + .' "370000": "Shandong",'."\n" + .' "410000": "Henan",'."\n" + .' "420000": "Hubei",'."\n" + .' "430000": "Hunan",'."\n" + .' "440000": "Guangdong",'."\n" + .' "450000": "Guangxi",'."\n" + .' "460000": "Hainan",'."\n" + .' "500000": "Chongqing",'."\n" + .' "510000": "Sichuan",'."\n" + .' "520000": "Guizhou",'."\n" + .' "530000": "Yunnan",'."\n" + .' "540000": "Tibet",'."\n" + .' "610000": "Shaanxi",'."\n" + .' "620000": "Gansu",'."\n" + .' "630000": "Qinghai",'."\n" + .' "640000": "Ningxia",'."\n" + .' "650000": "Xinjiang",'."\n" + .' "MO_01": "Macao SAR, China",'."\n" + .' "HK_01": "Hong Kong SAR, China",'."\n" + .' "TW_01": "Taiwan, China",'."\n" + .' "CN": "Mainland China"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'##### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 2341,'."\n" + .' "DefenseScene": "region_block",'."\n" + .' "Rules": "[{\\"cnRegionList\\":\\"CN,HK_01,TW_01,MO_01\\",\\"abroadRegionList\\":\\"AU,NZ\\",\\"action\\":\\"block\\",\\"status\\":1}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Protection rules (**CC**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| --------- | ------- | -------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| mode | Integer | Yes | 0 | The CC protection mode. Valid values:<br>\\- **0** (default): normal protection.<br>\\- **1**: emergency protection. |'."\n" + .'| status | Integer | Yes | 1 | The protection rule status. Set this parameter only when you create a protection rule. To modify the protection rule status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: disabled.<br>\\- **1** (default): enabled. |'."\n" + .'| action | String | No | js | The protection rule action. Valid values:<br>\\- **js** (default): JS challenge.<br>\\- **monitor**: monitor. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 2241,'."\n" + .' "DefenseScene": "cc",'."\n" + .' "Rules":"[{\\"mode\\":0,\\"status\\":1,\\"action\\":\\"js\\"}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Website tamper-proofing rule (**tamperproof**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| --------- | ------- | -------- | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Yes | test | The name of the defense rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| url | String | Yes | /abc | The URL of the cached page. |'."\n" + .'| ua | String | No | app | The user-agent for accessing this path. |'."\n" + .'| protocol | String | Yes | https | The protocol of the cached page URL. Valid values: **http** and **https**. |'."\n" + .'| status | Integer | Yes | 1 | The status of the defense rule. This parameter is for rule creation only. To modify the status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: disabled.<br>\\- **1** (default): enabled. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 1241,'."\n" + .' "DefenseScene": "tamperproof",'."\n" + .' "Rules": "[{\\"name\\":\\"test1\\",\\"url\\":\\"www.test1.com\\",\\"ua\\":\\"firefox\\",\\"protocol\\":\\"https\\",\\"status\\":1}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### DLP rules'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ---------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n" + .'| name | String | Required | test | The name of the protection rule. It must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| conditions | Array | Required | \\[{"key":"HttpCode","opValue":"contain","values":"400,401,402,403,404,405,500,501,502,503,504,505"},{"key":"URL","opValue":"contain","values":"test"}] | The match conditions, specified as a JSON string. You can specify up to two match conditions, which are combined with a logical AND. For details, see **Detailed conditions configuration**. |'."\n" + .'| status | Integer | Required | 1 | The status of the protection rule. This parameter applies only when creating a protection rule. To modify the status of a protection rule, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: Disabled<br>\\- **1** (default): Enabled |'."\n" + .'| action | String | Required | block | The action to perform when a request matches the rule. Valid values:<br>\\- **block**: Blocks the request. This action is available only if the match conditions include a response code.<br>\\- **monitor**: Monitors the request.<br>\\- **filter**: Filters for sensitive information. This action is available only if a sensitive information match condition is configured. |'."\n" + ."\n" + .'**Condition parameters**'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| --------- | ------ | -------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| key | String | required | URL | The match field. Valid values: **URL**, **HttpCode**, and **SensitiveInfo**. |'."\n" + .'| opValue | String | required | contain | The logical operator. The value is always **contain**. |'."\n" + .'| values | String | required | abc | The content to match. Separate multiple values with a comma (,).<br>For **HttpCode**, the valid values are: **400**, **401**, **402**, **403**, **404**, **405** (for the **405–499** range), **500**, **501**, **502**, **503**, **504**, and **505** (for the **505–599** range).<br>For **SensitiveInfo**, the valid values are:<br>\\- **phone**: Phone number.<br>\\- **card**: Credit card.<br>\\- **id**: ID card.<br>\\- **word**: Default sensitive word. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'### Spike throttle (**spike\\_throttle**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example | Description |'."\n" + .'| ---------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Yes | iptest | The name of the rate limiting rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| status | Integer | Yes | 1 | The status of the defense rule. This parameter is for rule creation only. To modify the status of a defense rule, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: Disabled.<br>\\- **1** (default): Enabled. |'."\n" + .'| action | String | Yes | block | The rule action. Valid values:<br>\\- **block**: Blocks matching requests.<br>\\- **monitor**: Monitors matching requests. |'."\n" + .'| actionExternal | JSON | No | {"responseRuleId":123444} | The extended configuration for the rule action. This is used to specify a custom block page when **action** is set to **block**. |'."\n" + .'| conditions | Array | Yes | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | The match conditions for the ACL, specified as a JSON array. You can define up to five match conditions. For detailed configuration, see the `conditions` description in [Defense Rule Parameter Configuration](~~3026503~~). |'."\n" + .'| cnRegionList | String | No | 610000,230000 | The regions in the Chinese mainland to block. To block all regions in the Chinese mainland (excluding Hong Kong, Macao, and Taiwan), specify "**CN**". Separate multiple region codes with commas (,). For a list of region codes, see **Region Codes for the Chinese mainland**. |'."\n" + .'| abroadRegionList | String | No | KE,KG | The regions outside the Chinese mainland to block. Separate multiple region codes with commas (,). You can call the [DescribeIpAbroadCountryInfos](~~2928841~~) operation to query the supported countries and regions. |'."\n" + .'| type | String | Yes | qps | The rate limiting mode. Valid values:<br>\\- **qps**: Limits traffic based on queries per second (QPS).<br>\\- **ratio** (default): Limits traffic by percentage. |'."\n" + .'| threshold | Integer | Yes | 500 | The rate limiting threshold. Its meaning depends on the type parameter:<br>\\- If the type is **qps**: Specifies the QPS threshold. The valid range is 1 to 5,000,000. Requests exceeding this threshold are blocked.<br>\\- If the type is **ratio**: Specifies the percentage of requests to allow. The valid range is 1 to 99. For example, a value of 80 allows 80% of requests. |'."\n" + ."\n" + .'**Region IDs in Chinese mainland**'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "110000": "Beijing Municipality",'."\n" + .' "120000": "Tianjin Municipality",'."\n" + .' "130000": "Hebei Province",'."\n" + .' "140000": "Shanxi Province",'."\n" + .' "150000": "Inner Mongolia Autonomous Region",'."\n" + .' "210000": "Liaoning Province",'."\n" + .' "220000": "Jilin Province",'."\n" + .' "230000": "Heilongjiang Province",'."\n" + .' "310000": "Shanghai Municipality",'."\n" + .' "320000": "Jiangsu Province",'."\n" + .' "330000": "Zhejiang Province",'."\n" + .' "340000": "Anhui Province",'."\n" + .' "350000": "Fujian Province",'."\n" + .' "360000": "Jiangxi Province",'."\n" + .' "370000": "Shandong Province",'."\n" + .' "410000": "Henan Province",'."\n" + .' "420000": "Hubei Province",'."\n" + .' "430000": "Hunan Province",'."\n" + .' "440000": "Guangdong Province",'."\n" + .' "450000": "Guangxi Zhuang Autonomous Region",'."\n" + .' "460000": "Hainan Province",'."\n" + .' "500000": "Chongqing Municipality",'."\n" + .' "510000": "Sichuan Province",'."\n" + .' "520000": "Guizhou Province",'."\n" + .' "530000": "Yunnan Province",'."\n" + .' "540000": "Tibet Autonomous Region",'."\n" + .' "610000": "Shaanxi Province",'."\n" + .' "620000": "Gansu Province",'."\n" + .' "630000": "Qinghai Province",'."\n" + .' "640000": "Ningxia Hui Autonomous Region",'."\n" + .' "650000": "Xinjiang Uygur Autonomous Region",'."\n" + .' "MO_01": "Macao, China",'."\n" + .' "HK_01": "Hong Kong, China",'."\n" + .' "TW_01": "Taiwan, China",'."\n" + .' "CN": "Chinese mainland",'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'##### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_****",'."\n" + .' "TemplateId": 2341,'."\n" + .' "DefenseScene": "spike_throttle",'."\n" + .' "Rules":"[{\\"name\\":\\"test\\",\\"action\\":\\"monitor\\",\\"conditions\\":[{\\"key\\":\\"URL\\",\\"opValue\\":\\"contain-one\\",\\"values\\":\\"abctest,abctest2\\"}],\\"status\\":1,\\"type\\":\\"qps\\",\\"threshold\\":1000,\\"cnRegionList\\":\\"110000,140000\\",\\"abroadRegionList\\":\\"AD,AL\\"}]"}'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Bot management rules (**bot\\_manager**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| -------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Required | iptest | The name of the advanced custom BOT ACL rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| status | Integer | Required | 1 | The rule status. This parameter applies only when you create a rule. To modify the status of an existing rule, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:<br>\\- **0**: Disabled.<br>\\- **1** (default): Enabled. |'."\n" + .'| action | String | Required | block | The rule action. Valid values:<br>\\- **block**: Block.<br>\\- **monitor**: Monitor.<br>\\- **js**: JS challenge.<br>\\- **captcha**: CAPTCHA.<br>\\- **captcha_strict**: Strict CAPTCHA.<br>\\- **upstream_tag**: Upstream tagging.<br>**Note** Refer to the **WAF console** for the list of supported actions. |'."\n" + .'| actionExternal | JSON | Optional | {"responseRuleId":123444} or<br>{"upstreamHeader":{"header":"test","systemKey":["type","id"]}} | A JSON string that contains the extended configuration for the rule action. The JSON string contains the following fields:<br>\\- `upstreamHeader`: The configuration for upstream tagging. This field applies only when **action** is set to **upstream_tag**. For more information, see **Upstream Tagging upstreamHeader Configuration**.<br>\\- `responseRuleId`: The ID of the custom response rule.<br>If **action** is **block**, `responseRuleId` is the ID of a custom block page rule.<br>If **action** is **captcha** or **captcha_strict**, `responseRuleId` is the ID of a custom CAPTCHA page rule. |'."\n" + .'| conditions | Array | Required | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | The match conditions for the ACL rule, specified as a JSON array. You can specify up to 10 match conditions. For more information about the configuration, see the description of `conditions` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n" + .'| ccStatus | Integer | Required | 1 | Specifies whether the rate limit is enabled. Valid values:<br>\\- **0**: Disabled.<br>\\- **1**: Enabled. |'."\n" + .'| ratelimit | JSON | Optional | {"target":"remote_addr","interval":5,"threshold":2,"ttl":1800,"status":{"code":404,"count":2}} | A JSON string that contains the detailed configuration for the rate limit. This parameter applies only when `ccStatus` is set to **1**. For more information about the configuration, see the description of `ratelimit` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n" + .'| effect | String | Optional | rule | The scope of the rate limit. This parameter applies only when `ccStatus` is set to **1**. Valid values:<br>\\- **service**: The rate limit applies to the protected object.<br>\\- **rule**: The rate limit applies to a single rule. |'."\n" + .'| botBehavior | String | Optional | malicious | The rule category. Valid values:<br>\\- **suspicious** (default): Suspicious bot.<br>\\- **malicious**: Malicious bot. |'."\n" + .'| grayStatus | Integer | Optional | 1 | Specifies whether a canary release is enabled. Valid values:<br>\\- **0** (default): Disabled.<br>\\- **1**: Enabled. |'."\n" + .'| grayConfig | JSON | Optional | {"grayTarget":"header","grayRate":80,"graySubKey":"test"} | A JSON string that contains the configuration for the canary release. This parameter applies only when `grayStatus` is set to **1**. For more information about the configuration, see the description of `grayConfig` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n" + .'| timeConfig | JSON | Optional | {"timeScope":"period","timeZone":8,"timePeriods":[{"start":1758771729787,"end":1758816000000}]} | A JSON string that contains the schedule configuration for the rule. For more information about the configuration, see the description of `timeConfig` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n" + ."\n" + .'**Back-to-source tagging with `upstreamHeader`**'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ----------- | ------ | -------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| header | String | Yes | abc | The header name for back-to-origin tagging. |'."\n" + .'| systemKey | Array | Yes | \\["id","type"] | The system fields for back-to-origin tagging. The order of these fields determines the content of the header. Valid values:<br>\\- **id**: The rule ID.<br>\\- **type**: The rule type.<br>\\- **websdk.umid**: The UMID from the web client.<br>\\- **ssl_client_ja3_fingerprinting_md5**: The JA3 fingerprint.<br>\\- **ssl_client_ja4_fingerprinting_md5**: The JA4 fingerprint.<br>\\- **http2_client_fingerprint_md5**: The HTTP/2 fingerprint.<br>\\- **appsdk.eeid_umid**: The device UMID.<br>\\- **appsdk.eeid_running_frame_magisk**: Indicates whether the Magisk framework is used.<br>\\- **appsdk.eeid_running_frame_frida**: Indicates whether Frida injection is present.<br>\\- **appsdk.eeid_running_frame_fishhook**: Indicates whether FishHook injection is present.<br>\\- **appsdk.eeid_running_frame_edxposed**: Indicates whether the EdXposed framework is used.<br>\\- **appsdk.is_xposed**: Indicates whether the Xposed framework is used.<br>\\- **appsdk.eeid_running_frame_va**: Indicates whether the VirtualApp framework is used.<br>\\- **appsdk.eeid_running_frame_cydia**: Indicates whether Cydia is installed.<br>\\- **appsdk.eeid_is_batch**: Indicates whether the device is a device farm device.<br>\\- **appsdk.eeid_is_root**: Indicates whether the device is rooted.<br>\\- **appsdk.eeid_is_fake**: Indicates whether the device is a fake device.<br>\\- **appsdk.eeid_is_virtual**: Indicates whether app cloning or a virtual environment is used.<br>\\- **appsdk.pkguncrypted**: Indicates whether app decryption has occurred.<br>\\- **appsdk.eeid_is_hook**: Indicates whether hooking behavior is present.<br>\\- **appsdk.eeid_is_debugged**: Indicates whether the app is being debugged.<br>\\- **appsdk.eeid_is_simulator**: Indicates whether the device is an emulator.<br>\\- **appsdk.eeid_is_proxy**: Indicates whether a proxy is used.<br>\\- **appsdk.eeid_is_highrisk**: Indicates whether the device is high-risk.<br>\\- **appsdk.adbstate**: Indicates whether ADB is enabled.<br>\\- **appsdk.eeid_abnormal_time**: Indicates whether the device time is abnormal.<br>\\- **appsdk.eeid_short_uptime**: Indicates whether the device uptime is short.<br>\\- **appsdk.screenon**: Indicates whether the screen is on.<br>\\- **appsdk.collectend**: Indicates whether data collection has ended.<br>\\- **appsdk.pkgreleasemode**: Indicates whether the app is in debug mode.<br>\\- **appsdk.elapsedtime**: The elapsed time since boot.<br>\\- **appsdk.isfront**: Indicates whether the app is running in the foreground.<br>\\- **appsdk.passwordunlock**: Indicates whether the device is screen-locked.<br>\\- **appsdk.fingerprintauth**: Indicates whether fingerprint authentication is enabled.<br>\\- **appsdk.brand**: The device brand.<br>\\- **appsdk.model**: The device model.<br>\\- **appsdk.batterychange**: The change in battery level since the last collection.<br>\\- **appsdk.batterystatus**: The battery charging status.<br>\\- **appsdk.batterylevel**: The battery level.<br>\\- **appsdk.brightness**: The screen brightness.<br>\\- **appsdk.packagesign**: The package signature hash.<br>\\- **appsdk.screenres**: The screen resolution.<br>\\- **appsdk.packagename**: The application package name.<br>\\- **appsdk.platform**: The platform.<br>\\- **appsdk.hookframe**: The hooking framework.<br>-**appsdk.version**: The APPSDK version.<br>\\- **appsdk.appname**: The application name.<br>\\- **appsdk.appversion**: The application version.<br>\\- **appsdk.hardware**: The hardware name.<br>\\- **appsdk.timestamp**: The data collection timestamp.<br>\\- **appsdk.devicename**: The device name.<br>\\- **appsdk.product**: The product code name.<br>\\- **appsdk.eeid_running_frame_script**: Indicates whether automation accessibility tools are installed.<br>**Note**: The fields available for back-to-origin tagging depend on the specific bot feature. For a list of supported fields, see the bot custom rule settings in the WAF console. |'."\n" + .'| customValue | String | No | test | A custom string to include in the header. |'."\n" + ."\n" + .'## Resource-level rules (**resource**)'."\n" + ."\n" + .'When **DefenseType** is set to **resource**, the rule configuration is as follows.'."\n" + ."\n" + .'### Account extraction (**account\\_identifier**)'."\n" + ."\n" + .'Each protected object can have only one account extraction rule.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ------------------ | ----- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| accountIdentifiers | array | Yes | \\[ { "key": "Header","subKey": "header-test", "decodeType": "jwt", "position": "username", "priority": 1 }, { "key": "Post-Arg", "subKey": "body_test", "decodeType": "plain", "priority": 2 } ] | An array of JSON objects that specifies the account identifier configurations. You can provide up to 5 objects. For field descriptions, see the accountIdentifiers data structure. |'."\n" + ."\n" + .'**`accountIdentifiers` configuration**'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ---------- | ------- | -------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| key | String | Yes | Query-Arg | The location of the field to extract. Valid values: **Query-Arg**, **Cookie-Exact**, **Post-Arg**, and **Header**. |'."\n" + .'| subKey | String | Yes | query-test | The name of the field to extract from the source specified by the `key` parameter. |'."\n" + .'| decodeType | String | No | jwt | The authentication method. Valid values:<br>\\- **plain**: plaintext.<br>\\- **basic**: Basic authentication.<br>\\- **jwt**: JWT authentication. For JWT authentication, use the **position** parameter to specify the decoded account field. |'."\n" + .'| priority | Integer | Yes | 1 | The matching priority of the extraction policy. A traffic request can match at most one policy. Valid values are integers from 0 to 20, where a lower value indicates a higher priority. Priority values must be unique. |'."\n" + .'| position | String | No | account | The field in the decoded JWT payload that contains the account identifier. Required for JWT authentication. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "DefenseScene": "account_identifier",'."\n" + .' "Resource": "example.**.com-waf",'."\n" + .' "DefenseType": "resource",'."\n" + .' "InstanceId": "waf_cn****",'."\n" + .' "Rules": "[{\\"accountIdentifiers\\":[{\\"key\\":\\"Header\\",\\"subKey\\":\\"header-test\\",\\"decodeType\\":\\"jwt\\",\\"position\\":\\"username\\",\\"priority\\":1},{\\"key\\":\\"Post-Arg\\",\\"subKey\\":\\"body_test\\",\\"decodeType\\":\\"plain\\",\\"priority\\":2}]}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Custom response rules (**custom\\_response**)'."\n" + ."\n" + .'You can configure only one custom response rule per protected object. The priority for response pages is as follows: rule level > protected object level > default page.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ------------- | ---- | -------- | ------------- | ------------------------------------------------------------------------------------------------------------ |'."\n" + .'| blockRuleId | Long | Optional | 1123 | The rule ID for the custom block page that is returned when a protected object triggers a block. |'."\n" + .'| captchaRuleId | Long | Optional | 1123 | The rule ID for the custom slider page that is returned when a protected object triggers a slider challenge. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "DefenseScene": "custom_response",'."\n" + .' "Resource": "example.**.com-waf",'."\n" + .' "DefenseType": "resource",'."\n" + .' "InstanceId": "waf_cn****",'."\n" + .' "Rules": "[{\\"blockRuleId\\":900000,\\"captchaRuleId\\":900001}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Protected object decoding (**waf\\_codec**)'."\n" + ."\n" + .'You can configure only one decoding rule per protected object.'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| --------- | ----- | -------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| codecList | Array | Yes | \\["comment","space-zip","json","xml","form","multipart","graphql","js-unicode","url","hex","html","php","java","utf7","oct"] | Specifies the transformations to enable. Valid values:<br>\\- **url**: URL decoding (Always enabled).<br>\\- **js-unicode**: Unicode decoding (Always enabled).<br>\\- **oct**: OCT decoding (Always enabled).<br>\\- **hex**: hex decoding (Always enabled).<br>\\- **comment**: comment decoding (Always enabled).<br>\\- **space-zip**: space decoding (Always enabled).<br>\\- **multipart**: Multipart parsing.<br>\\- **json**: JSON parsing.<br>\\- **xml**: XML parsing.<br>\\- **php**: PHP deserialization.<br>\\- **html**: HTML entity decoding.<br>\\- **utf7**: UTF-7 decoding.<br>\\- **base64**: Base64 decoding.<br>\\- **form**: Form parsing.<br>\\- **gzip**: Gzip decompression.<br>\\- **java**: Java deserialization.<br>\\- **graphql**: GraphQL parsing. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "DefenseScene": "waf_codec",'."\n" + .' "Resource": "example.**.com-waf",'."\n" + .' "DefenseType": "resource",'."\n" + .' "InstanceId": "waf_cn****",'."\n" + .' "Rules": "[{\\"codecList\\":[\\"comment\\",\\"space-zip\\",\\"json\\",\\"xml\\",\\"form\\",\\"multipart\\",\\"graphql\\",\\"js-unicode\\",\\"url\\",\\"hex\\",\\"html\\",\\"php\\",\\"java\\",\\"utf7\\",\\"gzip\\",\\"oct\\",\\"base64\\"]}]"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'## Global dimension (**global**)'."\n" + ."\n" + .'When **DefenseType** is set to **global**, the rule configuration is as follows.'."\n" + ."\n" + .'### Custom regular expression rule (**regular\\_custom**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ----------- | ------ | -------- | ------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Required | ruleTest | The name of the custom regular expression rule. The name must be 1 to 255 characters in length and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| detectType | String | Required | sqli | The detection type. Valid values:<br>\\- **sqli**: SQL injection.<br>\\- **xss**: cross-site scripting.<br>\\- **cmdi**: OS command injection.<br>\\- **expression_injection**: expression injection (including EL, SpEL, and OGNL expressions).<br>\\- **java_deserialization**: Java deserialization.<br>\\- **dot_net_deserialization**: .NET deserialization.<br>\\- **php_deserialization**: PHP deserialization.<br>\\- **code_exec**: remote code execution (JNDI/XPATH).<br>\\- **ssrf**: server-side request forgery (SSRF).<br>\\- **path_traversal**: path traversal.<br>\\- **arbitrary_file_uploading**: arbitrary file upload.<br>\\- **webshell**: webshell.<br>\\- **rfilei**: remote file inclusion (RFI).<br>\\- **lfilei**: local file inclusion (LFI).<br>\\- **protocol_violation**: protocol violation.<br>\\- **scanner_behavior**: scanner behavior.<br>\\- **logic_flaw**: logic flaw.<br>\\- **arbitrary_file_reading**: arbitrary file read.<br>\\- **arbitrary_file_download**: arbitrary file download.<br>\\- **xxe**: XML external entity injection (XXE).<br>\\- **csrf**: cross-site request forgery (CSRF).<br>\\- **crlf**: CRLF injection.<br>\\- **other**: other. |'."\n" + .'| riskLevel | String | Required | strict | The risk level. Valid values:<br>\\- **super_strict**: super strict.<br>\\- **strict**: strict.<br>\\- **medium**: medium.<br>\\- **loose**: loose. |'."\n" + .'| description | String | Optional | Rule description. | The description of the rule. |'."\n" + .'| condition | Array | Required | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | The match conditions for the rule, specified as a JSON string. You can specify up to five match conditions. For details, see **condition details**. |'."\n" + ."\n" + .'**Condition configuration**'."\n" + ."\n" + .'| Parameter | Type | Required | Value | Description |'."\n" + .'| --------- | ------ | -------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| key | String | required | Query-Arg | The custom match field. Valid values: **File-Name**, **Url**, **Raw-Url**, **Request-Url**, **Http-Method**, **Directory**, **Query**, **Raw-Header**, **Body**, **Extension**, **Union-Args**, **All-Data**, **All-Keys**, **Multipart-Keys**, **Multipart-Values**, **Header-Keys**, **Header-Values**, **Post-Arg-Keys**, **Post-Arg-Values**, **Query-Arg-Keys**, **Query-Arg-Values**, **Cookie-Keys**, **Cookie-Values**, **Header**, **Query-Arg**, **Post-Arg**, and **Multipart**. |'."\n" + .'| subKey | String | optional | query-test | The sub-match field.><notice> A sub-match field is supported only when the match field is **Header**, **Query-Arg**, **Post-Arg**, or **Multipart**.></notice> |'."\n" + .'| opValue | String | required | contain | The logical operator. Valid values: **regex**, **prefix-match**, **suffix-match**, **eq**, and **contain**. |'."\n" + .'| values | String | required | abc | The content to match. Separate multiple values with a comma (,). |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "name": "ruleTest",'."\n" + .' "detectType": "sqli",'."\n" + .' "riskLevel": "strict",'."\n" + .' "condition": [{"key": "FileName","opValue": "eq","values": "test"}]'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Address book (**address\\_book**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ----------- | ------ | -------- | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Required | bookTest | The name of the address book. It must be 1 to 255 characters long and can contain letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| valueType | String | Required | IP | The type of the address book. Valid values:<br>\\- **IP**: The address book contains IP addresses. |'."\n" + .'| description | String | Optional | addressbookTest | The description of the address book. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "name": "bookTest",'."\n" + .' "valueType": "ip",'."\n" + .' "description": "addressbookTest"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Custom response (**custom\\_response**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ---------------- | ------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | Required | test | The name of the custom response rule. It must be 1–255 characters long and can contain letters, digits, Chinese characters, underscores (_), periods (.), and hyphens (-). |'."\n" + .'| action | String | Required | block | The protection rule action. Valid values:<br>\\- **block**: Blocks the request.<br>\\- **captcha**: Triggers a captcha challenge. |'."\n" + .'| responseCode | Integer | Optional | 400 | The response code to return.<br>\\- Required for a custom block page.<br>\\- Not supported for a custom captcha page, which returns a 200 response code. |'."\n" + .'| responseHeaders | Array | Optional | \\[{"key":"custom","value":"123"},{"key":"aaaa","value":"2223"}] | A list of custom response headers, specified as a JSON string. In each object, **key** is the header field and **value** is the header value. |'."\n" + .'| designType | String | Optional | custom | The response configuration type. This parameter is required only when **action** is set to **captcha**. Valid values:<br>\\- **custom**: A custom configuration.<br>\\- **preDefine**: A predefined configuration. |'."\n" + .'| responseContent | String | Optional | helloworld | The custom response content. This parameter is required for custom captcha or custom block pages. |'."\n" + .'| preDefineContent | Array | Optional | \\[{"language":"cn","title":"test","description":"desc","captchaColor":"#FFFF","showTraceId":false},{"language":"en","title":"titel","description":"desc","captchaColor":"#FFFF","showTraceId":false}] | The predefined configuration content. This parameter is required when **designType** is set to **preDefine**. For details, see the **Detailed predefined configuration** section. |'."\n" + ."\n" + .'**Predefined Configuration Details**'."\n" + ."\n" + .'| Parameter | Type | Required | Example value | Description |'."\n" + .'| ------------ | ------- | -------- | -------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| language | String | Yes | en | The language configuration. Valid values:<br>\\- **en**: English.<br>\\- **cn**: Chinese. |'."\n" + .'| icon | String | Yes | https://img.alicdn.com/imgextra/i1/O1CN01L12MaQ1ZwfYKk7Yrc_!!6000000003259-2-tps-900-594.png | The URL of a publicly accessible icon. |'."\n" + .'| title | String | Yes | test_title | The custom title for the slider page. |'."\n" + .'| description | String | Yes | For a better experience, slide to complete the verification before accessing the web page. | The custom description for the slider page. |'."\n" + .'| captchaColor | String | Yes | \\#ff6a00 | The color of the slider. |'."\n" + .'| showTraceId | boolean | Yes | true | Specifies whether to display the Trace ID on the slider page. Valid values:<br>\\- **true**: Displays the Trace ID.<br>\\- **false**: Hides the Trace ID. |'."\n" + ."\n" + .'#### Custom block page configuration'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "name": "test",'."\n" + .' "action": "block",'."\n" + .' "responseContent": "helloworld",'."\n" + .' "responseCode": 401,'."\n" + .' "responseHeaders": [{"key":"t1","value":"v1"}],'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'#### Predefined slider page configuration'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .'"name": "test",'."\n" + .'"designType": "preDefine",'."\n" + .'"action": "captcha",'."\n" + .'"responseHeaders": ['."\n" + .' {'."\n" + .' "key": "Content-Type",'."\n" + .' "value": "text/html"'."\n" + .' }'."\n" + .'],'."\n" + .'"preDefineContent": ['."\n" + .' {'."\n" + .' "language": "en",'."\n" + .' "icon": "https://img.alicdn.com/imgextra/i1/O1CN01L12MaQ1ZwfYKk7Yrc_!!6000000003259-2-tps-900-594.png",'."\n" + .' "title": "Access Verification",'."\n" + .' "description": "Slide to complete verification.",'."\n" + .' "captchaColor": "#ff6a00",'."\n" + .' "showTraceId": true'."\n" + .' }'."\n" + .']'."\n" + .'}'."\n" + .'```', + 'changeSet' => [ + ['createdAt' => '2024-09-02T09:44:33.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2023-05-17T07:33:46.000Z', 'description' => 'Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseRule'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'CreateDefenseTemplate' => [ + 'summary' => 'Creates a protection template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '212899', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - ], + 'abilityTreeCode' => '106370', + 'abilityTreeNodes' => ['FEATUREwaf1LM6V0', 'FEATUREwafI1HM4C', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwaf6XNOII', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafS64FX9', 'FEATUREwafOVI09M', 'FEATUREwafIFHX6M', 'FEATUREwafF105ZO', 'FEATUREwaf16U367', 'FEATUREwafQHH3HH', 'FEATUREwaf10VDFG', 'FEATUREwafRM5KJ7'], + 'autoTest' => true, ], 'parameters' => [ [ - 'name' => 'ResourceInstanceId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => '域名', - 'description' => 'The ID of the instance.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'lb-bp1*****jqnnqk5uj2p', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'TemplateName', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The name of the protection template. The name must be 1 to 255 characters in length and can contain letters, digits, underscores (\\_), periods (.), and hyphens (-).'."\n" + ."\n" + .'> Template names must be unique within the same protection scenario (**DefenseScene**).', 'type' => 'string', 'required' => true, 'example' => 'test221', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'TemplateType', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '1000', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The type of the protection template. Valid values:'."\n" + ."\n" + .'- **user\\_default**: a default template created by the user.'."\n" + ."\n" + .'- **user\\_custom**: a custom template created by the user.', 'type' => 'string', 'required' => true, 'example' => 'user_default', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'TemplateStatus', + 'in' => 'query', + 'schema' => ['description' => 'The status of the protection template. Valid values:'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'DefenseScene', + 'in' => 'query', + 'schema' => ['description' => 'The protection scenario. For more information, see the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'required' => true, 'example' => 'waf_group', 'title' => ''], + ], + [ + 'name' => 'TemplateOrigin', + 'in' => 'query', + 'schema' => ['description' => 'The origin of the protection template. The value must be **custom**, which indicates a user-defined template.', 'type' => 'string', 'required' => true, 'example' => 'custom', 'title' => ''], + ], + [ + 'name' => 'DefenseSubScene', 'in' => 'query', 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + 'description' => 'The sub-scenario of the protection template. Valid values:'."\n" ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", + .'- **bot\\_custom\\_acl**: a protection template for advanced custom rules for Bot management.', + 'enumValueTitles' => [], 'type' => 'string', 'required' => false, - 'example' => 'cn-hangzhou', + 'example' => 'bot_custom_acl', + 'title' => '', ], ], [ - 'name' => 'InstanceId', + 'name' => 'Description', + 'in' => 'query', + 'schema' => ['description' => 'The description of the protection template.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], + ], + [ + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'UnbindResources', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" + 'type' => 'array', + 'items' => ['description' => 'The protected object to unbind.', 'type' => 'string', 'required' => false, 'example' => 'abc', 'title' => ''], + 'maxItems' => 200, + 'description' => 'The protected objects to unbind from the default protection template. Specify the value in the \\[**"XX1","XX2",...**] format.'."\n" ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-*', + .'> This parameter takes effect only when you create a **default template** (**TemplateType** is set to **user\\_default**).', + 'required' => false, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'UnbindResourceGroups', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', + 'type' => 'array', + 'items' => ['description' => 'The protected object group to unbind.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''], + 'maxItems' => 200, + 'description' => 'The protected object groups to unbind from the default protection template. Specify the value in the \\[**"group1","group2",...**] format.'."\n" + ."\n" + .'> This parameter takes effect only when you create a **default template** (**TemplateType** is set to **user\\_default**).', 'required' => false, - 'example' => 'rg-acfm***q', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The data returned.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-***-6B19160D5EB0', - ], - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Certs' => [ - 'description' => 'The certificates.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Domain' => [ - 'description' => 'The domain name for which the certificate is issued.'."\n", - 'type' => 'string', - 'example' => 'waf.aliyundemo.com', - ], - 'CertName' => [ - 'description' => 'The name of the certificate.'."\n", - 'type' => 'string', - 'example' => 'demoCertName', - ], - 'CertIdentifier' => [ - 'description' => 'The globally unique ID of the certificate. The value is in the "Certificate ID-cn-hangzhou" format. For example, if the ID of the certificate is 123, the value of CertIdentifier is 123-cn-hangzhou.'."\n", - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'CommonName' => [ - 'description' => 'The common name.'."\n", - 'type' => 'string', - 'example' => '*.aliyundemo.com', - ], - 'IsChainCompleted' => [ - 'description' => 'Indicates whether the certificate chain is complete.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'AfterDate' => [ - 'description' => 'The time when the certificate expires.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1708415521211', - ], - 'BeforeDate' => [ - 'description' => 'The time when the certificate was issued.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1708415521211', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F48ABDF7-D777-5F26-892A-57349765D7A9', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '2212', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-***-6B19160D5EB0\\",\\n \\"TotalCount\\": 1,\\n \\"Certs\\": [\\n {\\n \\"Domain\\": \\"waf.aliyundemo.com\\",\\n \\"CertName\\": \\"waf-cert-name\\",\\n \\"CertIdentifier\\": \\"123-cn-hangzhou\\",\\n \\"CommonName\\": \\"www.aliyundemo.com\\",\\n \\"IsChainCompleted\\": true,\\n \\"AfterDate\\": 1708415521211,\\n \\"BeforeDate\\": 1708415521211\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeResourceInstanceCerts', - ], - 'CreateCloudResource' => [ - 'summary' => 'Adds a service to Web Application Firewall (WAF). This operation is supported for only the Elastic Compute Service (ECS) and Classic Load Balancer (CLB) services.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F48ABDF7-D777-5F26-892A-57349765D7A9\\",\\n \\"TemplateId\\": 2212\\n}","type":"json"}]', + 'title' => 'CreateDefenseTemplate', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseTemplate'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'CreateDomain' => [ + 'summary' => 'Adds a domain name to a WAF instance by using Website Config for protection.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -2614,170 +2575,144 @@ 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '226535', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - ], + 'abilityTreeCode' => '106298', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'Domain', + 'in' => 'query', + 'schema' => ['description' => 'The domain name to query.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ 'name' => 'Listen', 'in' => 'query', 'style' => 'json', 'schema' => [ - 'description' => 'The listener configurations.'."\n", + 'description' => 'The listening configuration.', 'type' => 'object', 'properties' => [ - 'TLSVersion' => [ - 'description' => 'The Transport Layer Security (TLS) version that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', + 'HttpsPorts' => [ + 'description' => 'The listening ports for HTTPS.', + 'type' => 'array', + 'items' => ['description' => 'The listening ports for HTTPS, in the format of [**port1,port2,......,portN**].', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '[443,8443]', 'title' => ''], 'required' => false, - 'example' => 'tlsv1', + 'title' => '', + 'example' => '', ], - 'EnableTLSv3' => [ - 'description' => 'Specifies whether to support TLS 1.3. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', + 'HttpPorts' => [ + 'description' => 'The listening ports for HTTP.', + 'type' => 'array', + 'items' => ['description' => 'The listening ports for HTTP, in the format of [**port1,port2,……**].', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '[80,81]', 'title' => ''], 'required' => false, - 'example' => 'true', + 'title' => '', + 'example' => '', ], - 'CipherSuite' => [ - 'description' => 'The type of the cipher suites that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" + 'Http2Enabled' => [ + 'description' => 'Specifies whether to enable HTTP/2. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" ."\n" - .'* **1**: all cipher suites.'."\n" - .'* **2**: strong cipher suites. This value is available only if you set **TLSVersion** to **tlsv1.2**.'."\n" - .'* **99**: custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int32', + .'- **true**: HTTP/2 is enabled.'."\n" + ."\n" + .'- **false** (default): HTTP/2 is not enabled.', + 'enumValueTitles' => [], + 'type' => 'boolean', 'required' => false, - 'example' => '1', + 'example' => 'true', + 'title' => '', ], + 'CertId' => ['description' => 'The ID of the certificate to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS.', 'type' => 'string', 'required' => false, 'example' => '123', 'title' => ''], + 'SM2Enabled' => ['description' => 'Specifies whether to enable the China Encryption (SM) certificate.', 'type' => 'boolean', 'default' => 'false', 'required' => false, 'example' => 'true', 'title' => ''], + 'SM2CertId' => ['description' => 'The ID of the China Encryption (SM) certificate to add. This parameter is used only when SM2Enabled is set to true.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''], + 'SM2AccessOnly' => ['description' => 'Specifies whether only China Encryption (SM) clients can access the domain name. This parameter is used only when SM2Enabled is set to true.'."\n" + ."\n" + .'- true: Only China Encryption (SM) clients can access the domain name.'."\n" + ."\n" + .'- false: Both China Encryption (SM) and non-China Encryption (SM) clients can access the domain name.', 'type' => 'boolean', 'default' => 'false', 'required' => false, 'example' => 'true', 'title' => ''], + 'TLSVersion' => ['description' => 'The TLS version to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + .'- **tlsv1**'."\n" + .'- **tlsv1.1**'."\n" + .'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Specifies whether to support TLS 1.3. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of cipher suite to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites. This value is available only when **TLSVersion** is set to **tlsv1.2**.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '2', 'title' => ''], 'CustomCiphers' => [ - 'description' => 'The custom cipher suites that you want to add. This parameter is available only if you set **CipherSuite** to **99**.'."\n", + 'description' => 'The custom cipher suites to add.', 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite that you want to add. This parameter is available only if you set **CipherSuite** to **99**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384', - ], + 'items' => ['description' => 'The custom cipher suites to add. This parameter is used only when **CipherSuite** is set to **99**.', 'type' => 'string', 'required' => false, 'example' => '["xxx","ffas"]', 'title' => ''], 'required' => false, + 'title' => '', + 'example' => '', ], - 'ResourceProduct' => [ - 'description' => 'The type of the cloud service that you want to add. Valid values:'."\n" - ."\n" - .'* **clb4**: Layer 4 CLB.'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **ecs**: ECS.'."\n" - .'* **nlb**: Network Load Balancer (NLB).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'clb4', - 'enum' => [ - 'ecs', - 'clb4', - 'clb7', - 'nlb', - ], - ], - 'ResourceInstanceId' => [ - 'description' => 'The instance ID of the cloud service.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'lb-bp1*****', - ], - 'Port' => [ - 'description' => 'The port of the cloud service.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '80', - ], - 'Protocol' => [ - 'description' => 'The protocol type. Valid values:'."\n" - ."\n" - .'* **http**'."\n" - .'* **https**'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'http', - 'enum' => [ - 'http', - 'https', - ], - ], - 'Certificates' => [ - 'description' => 'The certificates.'."\n", + 'FocusHttps' => ['description' => 'Specifies whether to enable forced HTTPS redirect. This parameter is used only when HttpsPorts is not empty (which indicates that the domain name uses HTTPS) and HttpPorts is empty (which indicates that the domain name does not use HTTP). Valid values:'."\n" + ."\n" + .'- **true**: Forced HTTPS redirect is enabled.'."\n" + ."\n" + .'- **false**: Forced HTTPS redirect is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n" + ."\n" + .'- **0** (default): The client traffic has not been forwarded by any Layer 7 proxy before reaching WAF.'."\n" + ."\n" + .'- **1**: WAF reads the first value in the X-Forwarded-For (XFF) header as the client IP address.'."\n" + ."\n" + .'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + 'XffHeaders' => [ + 'description' => 'The list of custom header fields used to obtain the client IP address.', 'type' => 'array', - 'items' => [ - 'description' => 'The certificate.'."\n", - 'type' => 'object', - 'properties' => [ - 'CertificateId' => [ - 'description' => 'The ID of the certificate that you want to add.'."\n" - ."\n" - .'> You can call the [DescribeCertificates](~~160783~~) operation to query the IDs of all SSL certificates that are associated with a domain name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '123-cn-hangzhou', - ], - 'AppliedType' => [ - 'description' => 'The type of the certificate. Valid values:'."\n" - ."\n" - .'* **default**: default certificate.'."\n" - .'* **extension**: additional certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'default', - ], - ], - 'required' => false, - ], - 'required' => false, - ], - 'Http2Enabled' => [ - 'description' => 'Specifies whether to enable HTTP/2. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" + 'items' => ['description' => 'The list of custom header fields used to obtain the client IP address, in the format of [**"header1","header2",……**].'."\n" ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', + .'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'string', 'required' => false, 'example' => '["Client-ip","cip"]', 'title' => ''], 'required' => false, - 'example' => 'true', - ], - 'ResourceRegionId' => [ - 'type' => 'string', + 'title' => '', + 'example' => '', ], + 'IPv6Enabled' => ['description' => 'Specifies whether to enable IPv6. Valid values:'."\n" + ."\n" + .'- **true**: IPv6 is enabled.'."\n" + ."\n" + .'- **false** (default): IPv6 is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'ProtectionResource' => ['description' => 'The type of protection resource to use. Valid values:'."\n" + ."\n" + .'- **share** (default): shared cluster.'."\n" + ."\n" + .'- **gslb**: shared cluster-based intelligent load balancing.', 'type' => 'string', 'required' => false, 'default' => 'share', 'example' => 'share', 'title' => ''], + 'ExclusiveIp' => ['description' => 'Specifies whether to enable an exclusive IP address. This parameter is used only when **IPv6Enabled** is set to **false** (which indicates that IPv6 is not enabled) and **ProtectionResource** is set to **share** (which indicates that a shared cluster is used). Valid values:'."\n" + ."\n" + .'- **true**: An exclusive IP address is enabled.'."\n" + ."\n" + .'- **false** (default): An exclusive IP address is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'HstsIncludeSubDomain' => ['title' => '', 'description' => 'Specifies whether HSTS includes subdomains. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Not enabled.', 'type' => 'boolean', 'required' => false, 'example' => ''], + 'HstsPreload' => ['title' => '', 'description' => 'Specifies whether to enable HSTS preloading. This feature is disabled by default. Valid values:'."\n" + .'- true: Enabled.'."\n" + .'- false: Disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false'], + 'HstsMaxAge' => ['title' => '', 'description' => 'The HSTS expiration time. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '365000', 'required' => false], ], 'required' => true, + 'title' => '', + 'example' => '', ], ], [ @@ -2785,239 +2720,315 @@ 'in' => 'query', 'style' => 'json', 'schema' => [ - 'description' => 'The forwarding configurations.'."\n", + 'description' => 'The forwarding configuration.', 'type' => 'object', 'properties' => [ + 'Backends' => [ + 'description' => 'The IP addresses or back-to-origin domain names of the origin server corresponding to the domain name.', + 'type' => 'array', + 'items' => ['description' => 'The IP addresses or back-to-origin domain names of the origin server corresponding to the domain name. You can set only one type: origin server IP addresses or back-to-origin domain names. When the back-to-origin address is a domain name, only IPv4 is supported. IPv6 is not supported.'."\n" + ."\n" + .'- To set origin server IP addresses, use the format [**"ip1","ip2",……**]. A maximum of 20 IP addresses are supported.'."\n" + ."\n" + .'- To set back-to-origin domain names, use the format [**"domain"**]. A maximum of 20 domain name addresses are supported.', 'type' => 'string', 'required' => false, 'example' => '['."\n" + .' "1.1.XX.XX",'."\n" + .' "2.2.XX.XX"'."\n" + .']', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'Loadbalance' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n" + ."\n" + .'- **iphash**: IP hash algorithm.'."\n" + ."\n" + .'- **roundRobin**: round-robin algorithm.'."\n" + ."\n" + .'- **leastTime**: Least Time algorithm. This value is available only when **ProtectionResource** is set to **gslb**, which indicates that the shared cluster-based intelligent load balancing is used.', 'type' => 'string', 'required' => true, 'default' => 'iphash', 'example' => 'roundRobin', 'title' => ''], + 'FocusHttpBackend' => ['description' => 'Specifies whether to enable forced HTTP back-to-origin. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: Forced HTTP back-to-origin is enabled.'."\n" + ."\n" + .'- **false**: Forced HTTP back-to-origin is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'SniEnabled' => ['description' => 'Specifies whether to enable back-to-origin SNI. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: Back-to-origin SNI is enabled.'."\n" + ."\n" + .'- **false** (default): Back-to-origin SNI is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'SniHost' => ['description' => 'The value of the custom SNI extension field. If this parameter is not set, the value of the **Host** field in the request header is used as the SNI extension field value by default.'."\n" + .'In most cases, you do not need to customize the SNI unless your service has special configuration requirements and you want WAF to use an SNI that is different from the actual request Host in back-to-origin requests (the custom SNI set here).'."\n" + ."\n" + .'> This parameter is required only when **SniEnabled** is set to **true**, which indicates that back-to-origin SNI is enabled.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], 'RequestHeaders' => [ - 'description' => 'The custom header fields. Specify the value in the \\[**{"k":"*key*","v":"*value*"}**] format. ***key*** specifies the key of a custom header field. ***value*** specifies the value of a custom header field.'."\n" + 'description' => 'The traffic mark field and value of the domain name, used to mark traffic processed by WAF.'."\n" ."\n" - .'> If a request contains a custom header field, WAF overwrites the original value of the field with the specified value.'."\n", + .'By specifying custom request header fields and corresponding values, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field values to the request header as traffic marks, which helps the backend service collect relevant information.', 'type' => 'array', 'items' => [ - 'description' => 'The custom header field. Specify the value in the \\[**{"k":"*key*","v":"*value*"}**] format. ***key*** specifies the key of a custom header field. ***value*** specifies the value of a custom header field.'."\n", + 'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**]. **_key_** indicates the specified custom request header field, and **_value_** indicates the value set for the field.', 'type' => 'object', 'properties' => [ - 'Key' => [ - 'description' => 'The key of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'key1', - ], - 'Value' => [ - 'description' => 'The value of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'value1', - ], + 'Key' => ['description' => 'The specified custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'aaa', 'title' => ''], + 'Value' => ['description' => 'The value set for the custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'bbb', 'title' => ''], ], 'required' => false, + 'title' => '', + 'example' => '', ], 'required' => false, 'maxItems' => 5, - ], - 'XffHeaderMode' => [ - 'description' => 'The method that is used to obtain the originating IP address of a client. Valid values:'."\n" + 'title' => '', + 'example' => '', + ], + 'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds.'."\n" + .'Valid values: 1 to 3600.'."\n" + .'Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '120', 'title' => ''], + 'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n" + .'Valid values: 1 to 3600.'."\n" + .'Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n" + .'Valid values: 1 to 3600.'."\n" + .'Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''], + 'CnameEnabled' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n" + ."\n" + .'- **true**: Public cloud disaster recovery is enabled.'."\n" + ."\n" + .'- **false** (default): Public cloud disaster recovery is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'RoutingRules' => ['description' => 'The hybrid cloud forwarding rules. The value is a string converted from a JSON array. Each element in the JSON array is a structure that contains the following fields:'."\n" + .'- **rs**: Array type | The list of back-to-origin IP addresses or back-to-origin CNAMEs.'."\n" + ."\n" + .'- **backupRs**: Array type | The list of backup back-to-origin IP addresses or back-to-origin CNAMEs. This field is required. Use [] to indicate that no backup is set.'."\n" + ."\n" + .'- **location**: String type | The name of the protection node.'."\n" + ."\n" + .'- **locationId**: Long type | The ID of the protection node.', 'type' => 'string', 'required' => false, 'example' => '['."\n" + .' {'."\n" + .' "rs":'."\n" + .' ['."\n" + .' "1.1.XX.XX"'."\n" + .' ],'."\n" + .' "backupRs":'."\n" + .' ['."\n" + .' "2.2.XX.XX"'."\n" + .' ],'."\n" + .' "locationId": 535,'."\n" + .' "location": "test1111"'."\n" + .' }'."\n" + .']', 'title' => ''], + 'Keepalive' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n" + ."\n" + .'- **true** (default): Persistent connections are enabled.'."\n" + ."\n" + .'- **false**: Persistent connections are not enabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], + 'Retry' => ['description' => 'Specifies whether to retry when WAF fails to forward requests to the origin server. Valid values:'."\n" + ."\n" + .'- **true** (default): Retry is enabled.'."\n" + ."\n" + .'- **false**: Retry is not enabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], + 'KeepaliveRequests' => ['description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000. Default value: 1000.'."\n" + ."\n" + .'> The number of persistent connections to reuse after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" + ."\n" + .'> The idle time after which a reused persistent connection is released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '15', 'required' => false, 'example' => '15', 'title' => ''], + 'XffProto' => ['description' => 'Specifies whether to use X-Forward-For-Proto to pass the protocol used by WAF. Valid values:'."\n" + ."\n" + .'- **true** (default): The protocol used by WAF is passed.'."\n" + ."\n" + .'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'false', 'title' => ''], + 'BackupBackends' => [ + 'description' => 'The backup origin server IP addresses or back-to-origin domain names corresponding to the domain name.', + 'type' => 'array', + 'items' => ['description' => 'The backup origin server IP addresses or back-to-origin domain names corresponding to the domain name. You can set only one type: origin server IP addresses or back-to-origin domain names. When the back-to-origin address is a domain name, only IPv4 is supported. IPv6 is not supported.'."\n" ."\n" - .'* **0**: No Layer 7 proxies are deployed in front of WAF.'."\n" - .'* **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the originating IP address of the client.'."\n" - .'* **2**: WAF reads the value of a custom header field as the originating IP address of the client.'."\n", - 'type' => 'integer', - 'format' => 'int32', + .'- To set origin server IP addresses, use the format [**"ip1","ip2",……**]. A maximum of 20 IP addresses are supported.'."\n" + ."\n" + .'- To set back-to-origin domain names, use the format [**"domain"**]. A maximum of 20 domain name addresses are supported.', 'type' => 'string', 'required' => false, 'example' => '['."\n" + .' "1.1.XX.XX",'."\n" + .' "2.2.XX.XX"'."\n" + .']', 'title' => ''], 'required' => false, - 'example' => '1', + 'title' => '', + 'example' => '', ], - 'XffHeaders' => [ - 'description' => 'The custom header fields that are used to obtain the originating IP address of a client. Specify the value in the **\\["header1","header2",...]** format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", + 'XClientIp' => ['description' => 'Specifies whether to allow WAF to overwrite X-Client-IP. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'XTrueIp' => ['description' => 'Specifies whether to allow WAF to overwrite X-True-IP. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'WebServerType' => ['description' => 'Specifies whether to allow WAF to overwrite Web-Server-Type. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'WLProxyClientIp' => ['description' => 'Specifies whether to allow WAF to overwrite WL-Proxy-Client-IP. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.'."\n" + .'> Only the Ultimate Edition supports this feature.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'required' => false], + 'Http2Origin' => ['title' => '', 'description' => 'Specifies whether to enable HTTP/2 back-to-origin. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 back-to-origin is enabled.'."\n" + ."\n" + .'- **false**: HTTP/2 back-to-origin is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true'], + 'Http2OriginMaxConcurrency' => ['title' => '', 'description' => 'The maximum number of concurrent connections for HTTP/2 back-to-origin. Valid values: 1 to 512. Default value: 128.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '512', 'minimum' => '1', 'example' => '128', 'required' => false], + 'BackendPorts' => [ + 'description' => 'The custom port configuration.', 'type' => 'array', 'items' => [ - 'description' => 'The custom header field that is used to obtain the originating IP address of a client. Specify the value in the **\\["header1","header2",...]** format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", - 'type' => 'string', + 'description' => 'The custom port configuration.', + 'type' => 'object', + 'properties' => [ + 'ListenPort' => ['description' => 'The listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''], + 'BackendPort' => ['description' => 'The back-to-origin port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''], + 'Protocol' => ['description' => 'The protocol of the listening port. Valid values:'."\n" + ."\n" + .'- **http**: The protocol of the listening port is HTTP.'."\n" + ."\n" + .'- **https**: The protocol of the listening port is HTTPS.', 'type' => 'string', 'required' => false, 'example' => 'http', 'title' => ''], + ], 'required' => false, - 'example' => 'header1', + 'title' => '', + 'example' => '', ], 'required' => false, + 'title' => '', + 'example' => '', ], - 'ReadTimeout' => [ - 'description' => 'The timeout period of read connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '1', - 'default' => '120', - ], - 'WriteTimeout' => [ - 'description' => 'The timeout period of write connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '1', - 'default' => '120', - ], - 'Keepalive' => [ - 'description' => 'Specifies whether to enable the persistent connection feature. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'KeepaliveRequests' => [ - 'description' => 'The number of reused persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter specifies the number of persistent connections that can be reused after you enable the persistent connection feature.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '1000', - 'minimum' => '60', - 'example' => '1000', - 'default' => '1000', - ], - 'KeepaliveTimeout' => [ - 'description' => 'The timeout period of idle persistent connections. Valid values: 10 to 3600. Default value: 3600. Unit: seconds.'."\n" - ."\n" - .'> This parameter specifies the period of time after which an idle persistent connection is closed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '10', - 'example' => '15', - 'default' => '3600', - ], - 'XffProto' => [ - 'description' => 'Specifies whether to use the X-Forward-For-Proto header field to pass the protocol used by WAF to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'MaxBodySize' => [ - 'title' => '最大请求体大小', - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '10', - 'minimum' => '2', - 'example' => '5', - ], + 'ProxyProtocol' => ['title' => '', 'description' => 'Specifies whether the client source IP preservation feature is enabled.'."\n" + .'- **true**: The client source IP preservation feature is enabled. After this feature is enabled, the backend service can view the originating IP address of the client.'."\n" + .'- **false**: The client source IP preservation feature is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false'], ], - 'required' => false, + 'required' => true, + 'title' => '', + 'example' => '', ], ], [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'title' => '', 'required' => true, 'example' => 'cn-hangzhou'], + ], + [ + 'name' => 'AccessType', + 'in' => 'query', + 'schema' => ['description' => 'The access type of the WAF instance. Valid values:'."\n" + ."\n" + .'- **share** (default): CNAME access.'."\n" + ."\n" + .'- **hybrid\\_cloud\\_cname**: hybrid cloud CNAME access.', 'type' => 'string', 'default' => 'share', 'required' => false, 'example' => 'share', 'title' => ''], + ], + [ 'name' => 'Tag', 'in' => 'query', 'style' => 'repeatList', 'schema' => [ - 'title' => '标签列表,最多包含20个子项', - 'description' => 'The tags. You can specify up to 20 tags.'."\n", + 'title' => '', + 'description' => 'The tag list, which contains a maximum of 20 items.', 'type' => 'array', 'items' => [ + 'description' => 'The tags of the resource. A maximum of 20 items are supported.', 'type' => 'object', 'properties' => [ - 'Key' => [ - 'title' => '标签键', - 'description' => 'The key of the tag.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'TagKey1', - ], - 'Value' => [ - 'title' => '标签值', - 'description' => 'The value of the tag.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'TagValue1', - ], + 'Key' => ['title' => '', 'description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'Tagkey1'], + 'Value' => ['title' => '', 'description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1'], ], 'required' => false, - 'description' => '', + 'title' => '', + 'example' => '', ], 'required' => false, 'maxItems' => 21, - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'OwnerUserId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud account to which the resource belongs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '123', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response returned after the domain name is added.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '66A98669-ER12-WE34-23PO-301469*****E', - ], - 'CloudResourceId' => [ - 'description' => 'The ID of the resource that is added to WAF. The ID is automatically generated.'."\n", - 'type' => 'string', - 'example' => 'lb-***', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'DomainInfo' => [ + 'description' => 'The information about the added domain name.', + 'type' => 'object', + 'properties' => [ + 'Cname' => ['description' => 'The CNAME assigned by WAF to the domain name.', 'type' => 'string', 'example' => 'xxxxxwww.****.com', 'title' => ''], + 'Domain' => ['description' => 'The added domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'DomainId' => ['description' => 'The domain name ID.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [ 400 => [ - [ - 'errorCode' => 'Waf.Pullin.CertNotExist', - 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.CertExpired', - 'errorMessage' => 'Certificate expired, certificate ID:%s .', - ], + ['errorCode' => 'Waf.Pullin.ResourceExsit', 'errorMessage' => 'Access resource already exists, resource:%s.', 'description' => 'Access resource already exists, existing resource:%s.'], + ['errorCode' => 'Waf.Pullin.BusinessViolation', 'errorMessage' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'description' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'], + ['errorCode' => 'Waf.Pullin.Http2OriginMustOnHttp2Enable', 'errorMessage' => 'When HTTP2 origin is enabled, HTTP2 listening must be enabled.', 'description' => 'When HTTP2 back-to-source is enabled, HTTP2 listening must be enabled.'], + ['errorCode' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', 'errorMessage' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', 'description' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.'], + ['errorCode' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', 'errorMessage' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', 'description' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.'], + ['errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'], + ['errorCode' => 'Waf.Pullin.InvalidMaxAgeWithPreload', 'errorMessage' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000.', 'description' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000'], + ['errorCode' => 'Waf.Pullin.InvalidIncludeSubDomainWithPreload', 'errorMessage' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'], + ['errorCode' => 'Waf.Pullin.InvalidCustomCiphers', 'errorMessage' => 'Invalid custom cipher suite.', 'description' => 'Invalid custom cipher suite.'], + ['errorCode' => 'Waf.Pullin.InvalidHttp2OriginWithProxyProtocol', 'errorMessage' => 'http2Origin and proxyProtocol cannot be opened at the same time.', 'description' => 'http2Origin and proxyProtocol cannot be opened at the same time.'], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"CloudResourceId\\": \\"lb-***\\"\\n}","type":"json"}]', - 'title' => 'CreateCloudResource', - ], - 'ModifyCloudResource' => [ - 'summary' => 'Modifies the configurations of a service that is added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'title' => 'Add a CNAME access resource', + 'changeSet' => [ + ['createdAt' => '2024-12-12T08:00:42.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2024-11-28T15:04:53.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-01-30T12:16:58.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-04-27T06:05:43.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-04-18T02:11:03.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-03-31T03:11:45.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2023-01-10T12:29:44.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-01-05T12:39:23.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2022-11-28T08:16:57.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2022-11-25T01:57:31.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDomain'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainInfo\\": {\\n \\"Cname\\": \\"xxxxxwww.****.com\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n}","type":"json"}]', + ], + 'CreateHybridCloudCluster' => [ + 'summary' => 'Creates a hybrid cloud Web Application Firewall (WAF) cluster.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -3025,1833 +3036,998 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '226537', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - ], + 'abilityTreeCode' => '124693', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ClusterName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The name of the hybrid cloud cluster.', 'type' => 'string', 'required' => true, 'example' => 'test', 'title' => ''], ], [ - 'name' => 'Listen', + 'name' => 'HttpPorts', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => 'The listener configurations.'."\n", - 'type' => 'object', - 'properties' => [ - 'TLSVersion' => [ - 'description' => 'The Transport Layer Security (TLS) version that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'tlsv1.2', - ], - 'EnableTLSv3' => [ - 'description' => 'Specifies whether to support TLS 1.3. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'CipherSuite' => [ - 'description' => 'The type of the cipher suites that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **1**: all cipher suites.'."\n" - .'* **2**: strong cipher suites. This value is available only if you set **TLSVersion** to **tlsv1.2**.'."\n" - .'* **99**: custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], - 'CustomCiphers' => [ - 'description' => 'The custom cipher suites that you want to add.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite that you want to add. This parameter is available only if you set **CipherSuite** to **99**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384', - ], - 'required' => false, - ], - 'ResourceProduct' => [ - 'description' => 'The type of the cloud service. Valid values:'."\n" - ."\n" - .'* **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **ecs**: Elastic Compute Service (ECS).'."\n" - .'* **nlb**: Network Load Balancer (NLB).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'clb7', - 'enum' => [ - 'ecs', - 'clb4', - 'clb7', - 'nlb', - ], - 'deprecated' => true, - ], - 'ResourceInstanceId' => [ - 'description' => 'The ID of the cloud service instance that is added to WAF.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'lb-***', - 'deprecated' => true, - ], - 'Port' => [ - 'description' => 'The port of the cloud service instance that is added to WAF.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '80', - 'deprecated' => true, - ], - 'Protocol' => [ - 'description' => 'The protocol type. Valid values:'."\n" - ."\n" - .'* **http**'."\n" - .'* **https**'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'http', - 'enum' => [ - 'http', - 'https', - ], - ], - 'Certificates' => [ - 'description' => 'The certificates.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The certificate.'."\n", - 'type' => 'object', - 'properties' => [ - 'CertificateId' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '123-cn-hangzhou', - ], - 'AppliedType' => [ - 'description' => 'The type of the certificate. Valid values:'."\n" - ."\n" - .'* **default**: default certificate.'."\n" - .'* **extension**: additional certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'default', - ], - ], - 'required' => false, - ], - 'required' => false, - ], - 'Http2Enabled' => [ - 'description' => 'Specifies whether to enable HTTP/2. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - ], - 'required' => true, - ], + 'schema' => ['description' => 'The listening ports for the HTTP protocol. Separate multiple ports with commas (,), such as **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '80,8080', 'title' => ''], ], [ - 'name' => 'Redirect', + 'name' => 'HttpsPorts', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => 'The forwarding configurations.'."\n", - 'type' => 'object', - 'properties' => [ - 'RequestHeaders' => [ - 'description' => 'The custom header fields, which are key-value pairs. The fields are used to mark requests that pass through WAF.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field. Specify the value in the \\[**{"k":"*key*","v":"*value*"}**] format. ***key*** specifies the key of a custom header field. ***value*** specifies the value of a custom header field.'."\n" - ."\n" - .'> If a request contains a custom header field, WAF overwrites the original value of the field with the specified value.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The key of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'key1', - ], - 'Value' => [ - 'description' => 'The value of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'value1', - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 5, - ], - 'XffHeaderMode' => [ - 'description' => 'The method that is used to obtain the originating IP address of a client. Valid values:'."\n" - ."\n" - .'* **0**: No Layer 7 proxies are deployed in front of WAF.'."\n" - .'* **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the originating IP address of the client.'."\n" - .'* **2**: WAF reads the value of a custom header field as the originating IP address of the client.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], - 'XffHeaders' => [ - 'description' => 'The custom header fields that are used to obtain the originating IP address of a client. Specify the value in the \\["header1","header2",...] format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field that is used to obtain the originating IP address of a client. Specify the value in the \\["header1","header2",...] format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'header1', - 'pattern' => '^[^\';<>=|\\(\\)]+$', - ], - 'required' => false, - ], - 'ReadTimeout' => [ - 'description' => 'The timeout period of read connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '1', - 'default' => '120', - ], - 'WriteTimeout' => [ - 'description' => 'The timeout period of write connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '1', - 'default' => '120', - ], - 'Keepalive' => [ - 'description' => 'Specifies whether to enable the persistent connection feature. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'KeepaliveRequests' => [ - 'description' => 'The number of reused persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter specifies the number of persistent connections that can be reused after you enable the persistent connection feature.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '1000', - 'minimum' => '60', - 'example' => '1000', - 'default' => '1000', - ], - 'KeepaliveTimeout' => [ - 'description' => 'The timeout period of idle persistent connections. Valid values: 10 to 3600. Default value: 3600. Unit: seconds.'."\n" - ."\n" - .'> This parameter specifies the period of time after which an idle persistent connection is closed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '10', - 'example' => '15', - 'default' => '3600', - ], - 'XffProto' => [ - 'description' => 'Specifies whether to use the X-Forward-For-Proto header field to pass the protocol used by WAF to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'MaxBodySize' => [ - 'title' => '最大请求大小', - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '10', - 'minimum' => '2', - 'example' => '5', - ], - ], - 'required' => false, - ], + 'schema' => ['description' => 'The listening ports for the HTTPS protocol. Separate multiple ports with commas (,), such as **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '443,8443', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'AccessMode', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The network access mode of the cluster. Valid values:'."\n" + ."\n" + .'- **internet**: access over the Internet.'."\n" + ."\n" + .'- **vpc**: access over an Express Connect circuit.', 'type' => 'string', 'required' => true, 'example' => 'internet', 'title' => ''], ], [ - 'name' => 'CloudResourceId', + 'name' => 'AccessRegion', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The region for Express Connect circuit access. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Hangzhou.'."\n" + ."\n" + .'- **cn-beijing**: Beijing.'."\n" + ."\n" + .'- **cn-shanghai**: Shanghai.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-***', - ], - 'CloudResource' => [ - 'description' => 'The ID of the resource that is added to WAF.'."\n", - 'type' => 'string', - 'example' => 'lb-xxx-80-clb7', - ], - ], - 'description' => '', - ], - ], - ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.CertExpired', - 'errorMessage' => 'Certificate expired, certificate ID:%s .', - ], - [ - 'errorCode' => 'Waf.Pullin.CertNotExist', - 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.OnlyBeOneDefaultCert', - 'errorMessage' => 'There can be only one default certificate.', - ], - [ - 'errorCode' => 'Waf.Control.CloudProductInfoNotMartch', - 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', - ], - [ - 'errorCode' => 'Waf.Control.CloudProductInfoEmpty', - 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', - ], - [ - 'errorCode' => 'Waf.Control.DefenseResourceEmpty', - 'errorMessage' => 'CloudResourceId parameter is illegal.', - ], - ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"CloudResource\\": \\"lb-xxx-80-clb7\\"\\n}","type":"json"}]', - 'title' => 'ModifyCloudResource', - ], - 'DeleteCloudResource' => [ - 'summary' => 'Removes a service from Web Application Firewall (WAF). This operation is supported for only the Elastic Compute Service (ECS) and Classic Load Balancer (CLB) services.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'LogFieldsNotReturned', + 'in' => 'query', + 'schema' => ['description' => '> This parameter is deprecated. It no longer returns meaningful data.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'deprecated', 'title' => ''], ], - ], - 'operationType' => 'write', - 'systemTags' => [ - 'operationType' => 'delete', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '226538', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', + [ + 'name' => 'ProtectionServerCount', + 'in' => 'query', + 'schema' => ['description' => 'The maximum number of protection nodes that can be added to the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], ], - ], - 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Remark', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', - ], + 'schema' => ['description' => 'The description of the hybrid cloud cluster.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ProxyType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The type of the hybrid cloud cluster. Valid values:'."\n" + ."\n" + .'- **cname**: reverse proxy cluster. Traffic is forwarded through CNAME resolution.'."\n" + ."\n" + .'- **service**: transparent proxy cluster. Traffic is forwarded at the service level.', 'type' => 'string', 'default' => 'cname', 'required' => false, 'example' => 'cname', 'title' => ''], ], [ - 'name' => 'ResourceProduct', + 'name' => 'RuleStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The cloud service. Valid values:'."\n" - ."\n" - .'* **clb4**: Layer 4 CLB.'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **ecs**: ECS.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'clb7', - 'deprecated' => true, - ], + 'schema' => ['description' => 'Indicates whether manual bypass is enabled for the cluster. Valid values:'."\n" + ."\n" + .'- **on**: Manual bypass is enabled.'."\n" + ."\n" + .'- **off**: Manual bypass is disabled.', 'type' => 'string', 'required' => false, 'example' => 'on', 'title' => ''], ], [ - 'name' => 'ResourceInstanceId', + 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the instance.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'lb-bp1*****jqnnqk5uj2p', - 'deprecated' => true, - ], + 'schema' => ['description' => 'The type of the bypass rule. Valid values:'."\n" + ."\n" + .'- **bypass**: skips WAF security checks and allows traffic to pass through directly.', 'type' => 'string', 'required' => false, 'example' => 'bypass', 'title' => ''], ], [ - 'name' => 'Port', + 'name' => 'RuleConfig', 'in' => 'query', - 'schema' => [ - 'description' => 'The port of the resource that is added to WAF.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '443', - 'deprecated' => true, - ], + 'schema' => ['description' => 'The configuration of the bypass rule, in JSON format. This includes settings such as circuit breaker thresholds, request body size limits, and timeout values.', 'type' => 'string', 'required' => false, 'example' => '{'."\n" + .' "enable": true,'."\n" + .' "param": {'."\n" + .' "breaker": {'."\n" + .' "duration": 1,'."\n" + .' "failed": 1,'."\n" + .' "recent_failed": 1'."\n" + .' },'."\n" + .' "disable_protect": false,'."\n" + .' "max_request_body_len": 1,'."\n" + .' "timeout": 1'."\n" + .' }'."\n" + .'}', 'title' => ''], ], [ - 'name' => 'CloudResourceId', + 'name' => 'ProxyStatus', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'Indicates whether the proxy gateway is enabled for the cluster. Valid values:'."\n" + ."\n" + .'- **on**: The proxy gateway is enabled.'."\n" + ."\n" + .'- **off**: The proxy gateway is disabled.', 'type' => 'string', 'default' => 'off', 'required' => false, 'example' => 'off', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-***', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''], + 'Data' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Control.DefenseResourceEmpty', - 'errorMessage' => 'CloudResourceId parameter is illegal.', - ], - [ - 'errorCode' => 'Waf.Control.CloudProductInfoEmpty', - 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', - ], - [ - 'errorCode' => 'Waf.Control.CloudProductInfoNotMartch', - 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', + 'staticInfo' => ['returnType' => 'synchronous'], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"Data\\": 1\\n}","type":"json"}]', + 'title' => 'CreateHybridCloudCluster', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateHybridCloudCluster', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\"\\n}","type":"json"}]', - 'title' => 'DeleteCloudResource', ], - 'DescribeCloudResourceAccessedPorts' => [ - 'summary' => 'Queries the ports of the cloud service that is added to Web Application Firewall (WAF). This operation is supported for only Elastic Compute Service (ECS) and Classic Load Balancer (CLB).', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'CreateHybridCloudClusterRule' => [ + 'summary' => 'Creates a Hybrid Cloud Web Application Firewall (WAF) cluster rule.', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '226564', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - ], + 'abilityTreeCode' => '137983', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - 'default' => '', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'ResourceInstanceId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'title' => '资源的实例ID', - 'description' => 'The instance ID of the resource.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'lb-bp1*****jqnnqk5uj2p', - ], + 'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n" + ."\n" + .'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about Hybrid Cloud WAF clusters.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '428', 'title' => ''], + ], + [ + 'name' => 'RuleType', + 'in' => 'query', + 'allowEmptyValue' => true, + 'schema' => ['description' => 'The type of the traffic redirection rule. Valid values:'."\n" + ."\n" + .'- **pullin**: traffic redirection', 'type' => 'string', 'required' => true, 'example' => 'pullin', 'title' => ''], + ], + [ + 'name' => 'RuleStatus', + 'in' => 'query', + 'schema' => ['description' => 'The status of the traffic redirection rule. Valid values:'."\n" + ."\n" + .'- **on**: enabled.'."\n" + ."\n" + .'- **off**: disabled.', 'type' => 'string', 'required' => true, 'example' => 'on', 'title' => ''], + ], + [ + 'name' => 'RuleConfig', + 'in' => 'query', + 'schema' => ['description' => 'The configuration of the traffic redirection rule, in JSON format.'."\n" + ."\n" + .'> The modes are mutually exclusive. You can select only one mode. If you change the mode, all traffic redirection rules in the previous mode are cleared.'."\n" + ."\n" + .'- **check\\_mode**: the traffic redirection mode. Valid values:'."\n" + ."\n" + .' - **all**: redirects all traffic.'."\n" + ."\n" + .' - **part**: redirects a specific portion of traffic.'."\n" + ."\n" + .'- **type**: the match type for the rule. Valid values:'."\n" + ."\n" + .' - **exact**: exact match.'."\n" + ."\n" + .' - **regex**: regular expression match.'."\n" + ."\n" + .'- **substance**: the match value of the rule.', 'type' => 'string', 'default' => '""', 'required' => false, 'example' => 'full volume drainage:{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}'."\n" + .'Specified partial drainage:{\\"check_mode\\": \\"part\\", \\"type\\": \\"exact\\", \\"substance\\": \\"12222\\"}', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzwwkpn****5i', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', - ], - 'Http' => [ - 'description' => 'The HTTP ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTP port.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '[80]', - ], - ], - 'Https' => [ - 'description' => 'The HTTPS ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTPS port.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '[443]', - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'title' => '', 'example' => '66A98669-CC6E-4F3E-*****-3014697B11AE'], + 'ClusterRuleResourceId' => ['description' => 'The ID of the cluster rule resource.', 'type' => 'string', 'example' => 'hdbc-clusterrule-*******m0w', 'title' => ''], ], - 'description' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Http\\": [\\n 0\\n ],\\n \\"Https\\": [\\n 0\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeCloudResourceAccessedPorts', - ], - 'DescribeCloudResourceAccessPortDetails' => [ - 'summary' => 'Queries the port details of a cloud service instance that is added to Web Application Firewall (WAF). This operation is supported only for Elastic Compute Service (ECS), Classic Load Balancer (CLB), and Network Load Balancer (NLB) instances.', - 'methods' => [ - 'post', - 'get', + 'title' => 'CreateHybridCloudClusterRule', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-*****-3014697B11AE\\",\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-*******m0w\\"\\n}","type":"json"}]', + ], + 'CreateHybridCloudGroup' => [ + 'summary' => 'Creates a node group in a Hybrid Cloud Web Application Firewall (WAF) cluster.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '226583', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - ], + 'abilityTreeCode' => '136094', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-n6w***x52m', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ - 'name' => 'ResourceInstanceId', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'title' => '资源的实例ID', - 'description' => 'The instance ID of the resource.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'lb-2zeugkfj81jvo****4tqm', - ], + 'schema' => ['description' => 'The name of the node group.', 'type' => 'string', 'required' => true, 'example' => 'test', 'title' => ''], ], [ - 'name' => 'Port', + 'name' => 'GroupType', 'in' => 'query', - 'schema' => [ - 'description' => 'The port of the cloud service that is added to WAF.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '443', - ], + 'schema' => ['description' => 'The type of the node group. Valid values:'."\n" + ."\n" + .'- **protect**: a protection node group that processes traffic filtering.'."\n" + ."\n" + .'- **control**: a control node group that manages cluster configurations.'."\n" + ."\n" + .'- **storage**: a storage node group that stores logs and data.'."\n" + ."\n" + .'- **controlStorage**: a node group that serves as both control and storage.', 'type' => 'string', 'required' => true, 'example' => 'protect', 'title' => ''], ], [ - 'name' => 'Protocol', + 'name' => 'LoadBalanceIp', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the protocol. Valid values:'."\n" - ."\n" - .'* **http**'."\n" - .'* **https**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'https', - 'enum' => [ - 'http', - 'https', - ], - ], + 'schema' => ['description' => 'The IP address of the load balancer that is associated with the node group.', 'type' => 'string', 'required' => true, 'example' => '3.3.3.3', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'Remark', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The remarks on the node group. You can use this parameter to add a brief description for the node group.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'LocationCode', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The location code of the region where the node group resides. The value is in the format of Carrier-Continent-City.', 'type' => 'string', 'required' => false, 'example' => '0-410-0', 'title' => ''], ], [ - 'name' => 'ResourceProduct', + 'name' => 'BackSourceMark', 'in' => 'query', - 'schema' => [ - 'description' => 'The cloud service. Valid values:'."\n" - ."\n" - .'* **clb4**: Layer 4 CLB.'."\n" - .'* **clb7**: Layer 7 CLB.'."\n" - .'* **ecs**: ECS.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'clb7', - ], + 'schema' => ['description' => 'The back-to-origin mark of the node group. The value is in the format of Carrier-Continent-City, which is used to identify the origin of back-to-origin requests.', 'type' => 'string', 'required' => false, 'example' => 'aliyun-asiapacific-beijing', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', - ], - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '10', - ], - 'AccessPortDetails' => [ - 'description' => 'The details of the ports of cloud services that are added to WAF.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The details of the port of the cloud service that is added to WAF.'."\n", - 'type' => 'object', - 'properties' => [ - 'Protocol' => [ - 'description' => 'The type of the protocol. Valid values:'."\n" - ."\n" - .'* **http**'."\n" - .'* **https**'."\n", - 'type' => 'string', - 'example' => 'https', - ], - 'Port' => [ - 'description' => 'The port of the cloud service that is added to WAF.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '443', - ], - 'Certificates' => [ - 'description' => 'The certificates that are associated with the ports of cloud services.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the certificate that is associated with the port of the cloud service.'."\n", - 'type' => 'object', - 'properties' => [ - 'CertificateName' => [ - 'description' => 'The name of the certificate.'."\n", - 'type' => 'string', - 'example' => 'cert-name1', - ], - 'CertificateId' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'AppliedType' => [ - 'description' => 'The type of the HTTPS certificate. Valid values:'."\n" - ."\n" - .'* **default**: default certificate.'."\n" - .'* **extension**: additional certificate.'."\n", - 'type' => 'string', - 'example' => 'default', - ], - ], - ], - ], - 'XffHeaderMode' => [ - 'description' => 'The method that WAF uses to obtain the originating IP address of a client. Valid values:'."\n" - ."\n" - .'* **0**: No Layer 7 proxies are deployed in front of WAF.'."\n" - .'* **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the originating IP address of the client.'."\n" - .'* **2**: WAF reads the value of a custom header field as the originating IP address of the client.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'XffHeaders' => [ - 'description' => 'The custom header field that is used to obtain the originating IP address of a client. Specify the value in the \\["header1","header2",...] format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field that is used to obtain the originating IP address of a client. Specify the value in the \\["header1","header2",...] format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", - 'type' => 'string', - 'example' => 'header1', - ], - ], - 'LogHeaders' => [ - 'description' => 'The custom header field that you want to use to label requests that are processed by WAF.'."\n" - ."\n" - .'> This parameter is returned only when the traffic marking feature is enabled for the domain name.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field that you want to use to label requests that are processed by WAF.'."\n" - ."\n" - .'> This parameter is returned only when the traffic marking feature is enabled for the domain name.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The key of the custom header field.'."\n", - 'type' => 'string', - 'example' => 'key1', - ], - 'Value' => [ - 'description' => 'The value of the custom header field.'."\n", - 'type' => 'string', - 'example' => 'value1', - ], - ], - ], - ], - 'Status' => [ - 'description' => 'The status of the domain name. Valid values:'."\n" - ."\n" - .'* **1**: indicates that the port is available.'."\n" - .'* **2**: indicates that the port is being created.'."\n" - .'* **3**: indicates that the port is being modified.'."\n" - .'* **4**: indicates that the port is being released.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'TLSVersion' => [ - 'description' => 'The version of the Transport Layer Security (TLS) protocol. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'example' => 'tlsv1', - ], - 'EnableTLSv3' => [ - 'description' => 'Indicates whether to support TLS 1.3. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CipherSuite' => [ - 'description' => 'The type of the cipher suites. Valid values:'."\n" - ."\n" - .'* **1**: all cipher suites.'."\n" - .'* **2**: strong cipher suites.'."\n" - .'* **99**: custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'CustomCiphers' => [ - 'description' => 'The custom cipher suites that you want to add. This parameter is available only if you set **CipherSuite** to **99**.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite.'."\n", - 'type' => 'string', - 'example' => 'ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384', - ], - ], - 'ReadTimeout' => [ - 'description' => 'The timeout period for read connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '5', - ], - 'WriteTimeout' => [ - 'description' => 'The timeout period for write connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Keepalive' => [ - 'description' => 'Indicates whether to enable the persistent connection feature. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false:**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'KeepaliveRequests' => [ - 'description' => 'The number of reused persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter specifies the number of requests that reuse persistent connections after you enable the persistent connection feature.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1000', - ], - 'KeepaliveTimeout' => [ - 'description' => 'The timeout period for idle persistent connections. Valid values: 10 to 3600. Default value: 15. Unit: seconds.'."\n" - ."\n" - .'> If no new requests are initiated over the idle persistent connection within the specified timeout period, the connection is closed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '10', - ], - 'Http2Enabled' => [ - 'description' => 'Indicates whether to enable HTTP/2. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'True', - ], - 'XffProto' => [ - 'description' => 'Indicates whether to use the X-Forward-For-Proto header to identify the protocol used by WAF to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'OwnerUserId' => [ - 'description' => 'The ID of the Alibaba Cloud account to which the resource belongs.'."\n", - 'type' => 'string', - 'example' => '123', - ], - 'SubStatus' => [ - 'type' => 'string', - ], - 'SubStatusDetails' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'CertName' => [ - 'type' => 'string', - ], - 'Domain' => [ - 'type' => 'string', - ], - 'CertId' => [ - 'type' => 'string', - ], - 'AppliedType' => [ - 'type' => 'string', - ], - 'ProductCertName' => [ - 'type' => 'string', - ], - 'ProductCertId' => [ - 'type' => 'string', - ], - 'CommonName' => [ - 'type' => 'string', - ], - 'ReasonCode' => [ - 'type' => 'string', - ], - 'ExpireTime' => [ - 'type' => 'integer', - 'format' => 'int64', - ], - ], - ], - ], - 'CloudResourceId' => [ - 'type' => 'string', - ], - 'MaxBodySize' => [ - 'title' => '最大请求体大小。取值范围:2~10,默认值:2,单位:G。', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '2', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '48F7C7BA-0932-50EA-89AD-5B0E1***274', 'title' => ''], + 'Data' => ['description' => 'The ID of the created node group.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Instance.ValidFaild', - 'errorMessage' => 'WAF instance check failed. Check whether the instance ID is correct.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudProductParamEmpty', - 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudResourceInvalid', - 'errorMessage' => 'CloudResourceId parameter is illegal.', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"48F7C7BA-0932-50EA-89AD-5B0E1***274\\",\\n \\"Data\\": 1\\n}","type":"json"}]', + 'title' => 'CreateHybridCloudGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateHybridCloudGroup'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateHybridCloudGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"TotalCount\\": 10,\\n \\"AccessPortDetails\\": [\\n {\\n \\"Protocol\\": \\"https\\",\\n \\"Port\\": 443,\\n \\"Certificates\\": [\\n {\\n \\"CertificateName\\": \\"cert-name1\\",\\n \\"CertificateId\\": \\"123-cn-hangzhou\\",\\n \\"AppliedType\\": \\"default\\"\\n }\\n ],\\n \\"XffHeaderMode\\": 0,\\n \\"XffHeaders\\": [\\n \\"header1\\"\\n ],\\n \\"LogHeaders\\": [\\n {\\n \\"Key\\": \\"key1\\",\\n \\"Value\\": \\"value1\\"\\n }\\n ],\\n \\"Status\\": 1,\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"EnableTLSv3\\": true,\\n \\"CipherSuite\\": 1,\\n \\"CustomCiphers\\": [\\n \\"ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384\\"\\n ],\\n \\"ReadTimeout\\": 5,\\n \\"WriteTimeout\\": 1,\\n \\"Keepalive\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 10,\\n \\"Http2Enabled\\": true,\\n \\"XffProto\\": true,\\n \\"OwnerUserId\\": \\"123\\",\\n \\"SubStatus\\": \\"InvalidCert\\",\\n \\"SubStatusDetails\\": [\\n {\\n \\"CertName\\": \\"test-name\\",\\n \\"Domain\\": \\"test.aliyun.com\\",\\n \\"CertId\\": \\"123-cn-hangzhou\\",\\n \\"AppliedType\\": \\"default\\",\\n \\"ProductCertName\\": \\"test-name\\",\\n \\"ProductCertId\\": \\"123\\",\\n \\"CommonName\\": \\"test.aliyun.com\\",\\n \\"ReasonCode\\": \\"CertNotExistInCertCenter\\",\\n \\"ExpireTime\\": 1746328456000\\n }\\n ],\\n \\"CloudResourceId\\": \\"i-bp1**************7ey-80-ecs\\",\\n \\"MaxBodySize\\": 2\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeCloudResourceAccessPortDetails', ], - 'ModifyCloudResourceCert' => [ - 'summary' => '修改云产品接入的证书', - 'path' => '', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'https', - ], + 'CreateLogDeliveryConfig' => [ + 'summary' => 'Creates a log delivery configuration for a Web Application Firewall (WAF) instance in a hybrid cloud.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'none', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafMF0FT6', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'ResourceProduct', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'clb4', - 'enum' => [ - 'ecs', - 'clb4', - 'nlb', - ], - 'deprecated' => true, - ], - ], - [ - 'name' => 'ResourceInstanceId', + 'name' => 'DeliveryName', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'lb-bp1*****jqnnqk5uj2p', - 'deprecated' => true, - ], + 'schema' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''], ], [ - 'name' => 'Port', + 'name' => 'DeliveryType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '65534', - 'minimum' => '1', - 'example' => '443', - 'deprecated' => true, - ], + 'schema' => ['description' => 'The type of the log delivery configuration. Valid values:'."\n" + ."\n" + .'- **syslog**: Delivers logs to a syslog service.'."\n" + ."\n" + .'- **kafka**: Delivers logs to a Kafka service.', 'type' => 'string', 'required' => true, 'example' => 'syslog', 'title' => ''], ], [ - 'name' => 'Certificates', + 'name' => 'DeliveryDetail', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'CertificateId' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '232***-cn-hangzhou', - ], - 'AppliedType' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'default', - 'enum' => [ - 'default', - 'extension', - ], - ], - ], - 'required' => true, - ], - 'required' => true, - 'maxItems' => 100, - ], + 'schema' => ['description' => 'The details of the log delivery configuration. The value is a JSON string that is generated from a series of parameters.'."\n" + ."\n" + .'> The parameters vary based on the value of **DeliveryType**. For more information, see **Parameters for log delivery configuration details**.', 'type' => 'string', 'required' => true, 'example' => '{'."\n" + .' "rfcVersion": "rfc3164",'."\n" + .' "protocol": "tcp",'."\n" + .' "servers": ['."\n" + .' {'."\n" + .' "address": "1.1.1.1",'."\n" + .' "port": 20'."\n" + .' }'."\n" + .' ]'."\n" + .'}', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'CloudResourceId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request', - 'type' => 'string', - 'example' => 'A47D2DC0-7151-51EF-BFB7-***', - ], + 'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.CertNotExist', - 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.OnlyBeOneDefaultCert', - 'errorMessage' => 'There can be only one default certificate.', - ], - [ - 'errorCode' => 'Waf.Pullin.MaxCertCountLimit', - 'errorMessage' => 'The number of selected certificate IDs exceeds the maximum number in the system.', - ], - [ - 'errorCode' => 'Waf.Pullin.CertExpired', - 'errorMessage' => 'Certificate expired, certificate ID:%s .', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudResourceInvalid', - 'errorMessage' => 'CloudResourceId parameter is illegal.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudProductParamEmpty', - 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudProductParamNotMatch', - 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DeliveryName\\": \\"test1\\",\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\"\\n}","type":"json"}]', + 'title' => 'CreateLogDeliveryConfig', + 'requestParamsDescription' => '## Log delivery configuration details'."\n" + ."\n" + .'### Deliver logs to a syslog service (**syslog**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ---------- | ------ | -------- | ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| servers | Array | Yes | \\[{"address":"11.11.XX.XX","port":8000}] | The remote address of the syslog service. If DeliveryType is set to **syslog**, you can specify only one address. The address includes the following parameters:<br>\\- **address**: The domain name or IP address of the server. IPv4 and IPv6 addresses are supported. This parameter is required.<br>\\- **port**: The server port. This parameter is required. |'."\n" + .'| rfcVersion | String | No | rfc3164 | The RFC version for syslog. Valid values:<br>\\- **rfc3164** (default): RFC 3164.<br>\\- **rfc5424**: RFC 5424. |'."\n" + .'| protocol | String | Yes | tcp | The protocol for syslog. Valid values:<br>\\- **tcp**: TCP.<br>\\- **udp**: UDP. |'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_cn-n*******",'."\n" + .' "DeliveryName": "test1",'."\n" + .' "DeliveryType": "syslog",'."\n" + .' "DeliveryDetail": "{\\"rfcVersion\\":\\"rfc3164\\",\\"protocol\\":\\"tcp\\",\\"servers\\":[{\\"address\\":\\"11.11.XX.XX\\",\\"port\\":8000}]}"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'### Deliver logs to a Kafka service (**kafka**)'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ---------------- | ------ | -------- | ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| servers | Array | Yes | \\[{"address":"a.com","port":8000}] | The remote address of the Kafka service. If DeliveryType is set to **kafka**, you can specify up to three addresses. Each address includes the following parameters:<br>\\- **address**: The domain name or IP address of the server. IPv4 and IPv6 addresses are supported. This parameter is required.<br>\\- **port**: The server port. This parameter is required. |'."\n" + .'| kafkaTopic | String | Yes | test | The topic ID or name for Kafka. |'."\n" + .'| protocol | String | Yes | PLAINTEXT | The security protocol for Kafka. Valid values:<br>\\- **PLAINTEXT** (default): PLAINTEXT.<br>\\- **SASL_PLAINTEXT**: SASL_PLAINTEXT.<br>\\- **SASL_SSL**: SASL_SSL. |'."\n" + .'| saslUserName | String | No | user123 | The username for SASL authentication of the Kafka service. This parameter is required if **protocol** is set to **SASL_PLAINTEXT** or **SASL_SSL**. |'."\n" + .'| saslPassword | String | No | user*** | The password for SASL authentication of the Kafka service. This parameter is required if **protocol** is set to **SASL_PLAINTEXT** or **SASL_SSL**. |'."\n" + .'| pemCert | String | No | Cert | The custom certificate for the Kafka service. The certificate must be in the PEM format. |'."\n" + .'| compressionCodec | String | No | none | The compression type for Kafka. Valid values:<br>\\- **none** (default): no compression.<br>\\- **gzip**: Gzip.<br>\\- **zstd**: Zstandard.<br>\\- **lz4**: LZ4.<br>\\- **snappy**: Snappy. |'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_v2_public_cn-n*********",'."\n" + .' "DeliveryName": "test2",'."\n" + .' "DeliveryType": "kafka",'."\n" + .' "DeliveryDetail": "{\\"kafkaTopic\\":\\"topictest1\\",\\"protocol\\":\\"SASL_PLAINTEXT\\",\\"servers\\":[{\\"address\\":\\"a.com\\",\\"port\\":1000},{\\"address\\":\\"ba.com\\",\\"port\\":1000},{\\"address\\":\\"c.com\\",\\"port\\":1000}],\\"saslUserName\\":\\"user123\\",\\"saslPassword\\":\\"user****\\"}"'."\n" + .'}'."\n" + .'```', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"A47D2DC0-7151-51EF-BFB7-***\\"\\n}","type":"json"}]', ], - 'DescribeCloudResourceList' => [ - 'summary' => '查询云产品接入资源列表', - 'path' => '', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'CreateMajorProtectionBlackIp' => [ + 'summary' => 'Creates an IP address blacklist for critical event protection.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', - 'deprecated' => false, + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '226583', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - ], + 'abilityTreeCode' => '124760', + 'abilityTreeNodes' => ['FEATUREwaf2KYU04'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-2r42s6y****', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'OwnerUserId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'title' => '资源归属用户 UID', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1111111111', - ], + 'schema' => ['description' => 'The ID of the protection template for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2221', 'title' => ''], ], [ - 'name' => 'ResourceInstanceId', - 'in' => 'query', - 'schema' => [ - 'title' => '资源的实例ID', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'i-8vbdlsd********81e22', - ], - ], - [ - 'name' => 'Port', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '80', - ], + 'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '232324', 'title' => ''], ], [ - 'name' => 'ResourceProduct', + 'name' => 'IpList', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'ecs', - ], + 'schema' => ['description' => 'The IP address blacklist to add. You can specify custom IP addresses or CIDR blocks. Both IPv4 and IPv6 addresses are supported. Separate multiple IP addresses with commas (,). For more information, see [Critical event protection](~~425591~~).', 'type' => 'string', 'required' => true, 'example' => '192.0.XX.XX,192.0.XX.XX/24', 'title' => ''], ], [ - 'name' => 'CloudResourceId', + 'name' => 'ExpiredTime', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'i-8vbdlsd********81e22-80-ecs', - ], + 'schema' => ['description' => 'The timestamp after which the IP address blacklist becomes invalid. Unit: seconds.'."\n" + ."\n" + .'> If you set this parameter to **0**, the IP address blacklist is permanently valid.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1716528465', 'title' => ''], ], [ - 'name' => 'NextToken', + 'name' => 'Description', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], + 'schema' => ['description' => 'The description of the IP address blacklist.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'Protection for major events'], ], [ - 'name' => 'MaxResults', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '100', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', - ], - 'NextToken' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '118', - ], - 'MaxResults' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '20', - ], - 'CloudResourceList' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Protocol' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'http', - ], - 'Port' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '80', - ], - 'ResourceRegionId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], - 'ResourceInstanceId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'i-8vbdlsd********81e22', - ], - 'ResourceProduct' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ecs', - ], - 'CloudResourceId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'i-8vbdlsd********81e22-80-ecs', - ], - 'ResourceManagerResourceGroupId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rg-aek2uo2****lbka', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D****', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Instance.ValidFaild', - 'errorMessage' => 'WAF instance check failed. Check whether the instance ID is correct.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudProductParamEmpty', - 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', - ], - [ - 'errorCode' => 'Waf.Pullin.CloudResourceInvalid', - 'errorMessage' => 'CloudResourceId parameter is illegal.', - ], + 'title' => 'CreateMajorProtectionBlackIp', + 'description' => 'This operation is available only on the China site (aliyun.com).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMajorProtectionBlackIp'], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"TotalCount\\": 118,\\n \\"MaxResults\\": 20,\\n \\"CloudResourceList\\": [\\n {\\n \\"Protocol\\": \\"http\\",\\n \\"Port\\": 80,\\n \\"ResourceRegionId\\": \\"cn-hangzhou\\",\\n \\"ResourceInstanceId\\": \\"i-8vbdlsd********81e22\\",\\n \\"ResourceProduct\\": \\"ecs\\",\\n \\"CloudResourceId\\": \\"i-8vbdlsd********81e22-80-ecs\\",\\n \\"ResourceManagerResourceGroupId\\": \\"rg-aek2uo2****lbka\\"\\n }\\n ]\\n}","type":"json"}]', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D****\\"\\n}","type":"json"}]', ], - 'ModifyCloudResourceDefaultCert' => [ - 'summary' => '修改云产品接入的默认证书', - 'path' => '', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'https', - ], + 'CreateMemberAccounts' => [ + 'summary' => 'Adds member accounts to use the multi-account management feature of Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafMF0FT6', - ], + 'abilityTreeCode' => '213361', + 'abilityTreeNodes' => ['FEATUREwaf4WHEC3'], ], 'parameters' => [ [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-kf74****', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'CloudResourceId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'lb-***-80-clb7', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to view your current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'CertId', + 'name' => 'SourceIp', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '123-cn-hangzhou', - ], + 'schema' => ['description' => 'The source IP address of the request. The system automatically obtains the value of this parameter.', 'type' => 'string', 'required' => false, 'example' => '1.1.X.X', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'MemberAccountIds', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => '', - 'type' => 'string', + 'description' => 'The Alibaba Cloud account IDs of the members that you want to add. You can add up to 10 members at the same time.', + 'type' => 'array', + 'items' => ['description' => 'The Alibaba Cloud account ID of the member.', 'type' => 'string', 'required' => false, 'example' => '139**********55', 'title' => ''], 'required' => true, - 'example' => 'cn-hangzhou', + 'maxItems' => 20, + 'minItems' => 1, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response', + 'description' => 'The response parameter.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-***', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\"\\n}","type":"json"}]', - ], - 'DeleteCloudResourceExtensionCert' => [ - 'summary' => '删除云产品接入的扩展证书', - 'path' => '', - 'methods' => [ - 'post', + 'title' => 'CreateMemberAccounts', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMemberAccounts'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateMemberAccounts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\"\\n}","type":"json"}]', + ], + 'CreatePocFunction' => [ + 'summary' => 'Starts a trial for a proof of concept (POC) feature.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', - 'deprecated' => false, + 'operationType' => 'readAndWrite', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafMF0FT6', - ], + 'abilityTreeCode' => '231682', + 'abilityTreeNodes' => ['FEATUREwafH82E50'], ], 'parameters' => [ [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepay_public_intl-sg-***', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'CloudResourceId', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'lb-bp*********k5uj2p-443-clb7', - ], + 'schema' => ['description' => 'The type of the POC feature trial. Valid values:'."\n" + ."\n" + .'- **apisec**: API security.'."\n" + ."\n" + .'- **botWeb**: bot management for websites.'."\n" + ."\n" + .'- **botApp**: bot management for applications.'."\n" + ."\n" + .'- **largeLanguageModel**: protection for AI-powered applications.', 'type' => 'string', 'required' => true, 'example' => 'botWeb', 'title' => ''], ], [ - 'name' => 'CertId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '123-cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request', - 'type' => 'string', - 'example' => '56B40D30-4960-4F19-B7D5-***', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => 'The response.', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'CreatePocFunction', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"56B40D30-4960-4F19-B7D5-***\\"\\n}","type":"json"}]', - ], - 'CreateCloudResourceExtensionCert' => [ - 'summary' => '添加云产品接入的扩展证书', - 'path' => '', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreatePocFunction', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + ], + 'CreatePostpaidInstance' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafMF0FT6', - ], + 'abilityTreeCode' => '166793', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-***', - ], - ], - [ - 'name' => 'CloudResourceId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'lb-bp*********k5uj2p-443-clb7', - ], - ], - [ - 'name' => 'CertId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '123-cn-hangzhou', - ], + 'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4gh****wela', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '73A4E786-8235-50C0-9631-87C8****4A36', 'title' => ''], + 'InstanceId' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'title' => '', 'example' => 'waf_v2_public_cn-x0r****gr1i'], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - ], - 'DescribeDomainUsedPorts' => [ - 'summary' => '查询域名已使用的端口', - 'methods' => [ - 'post', - 'get', + 'title' => 'CreatePostpaidInstance', + 'summary' => 'Creates a pay-as-you-go Web Application Firewall (WAF) 3.0 instance.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreatePostpaidInstance'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreatePostpaidInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"73A4E786-8235-50C0-9631-87C8****4A36\\",\\n \\"InstanceId\\": \\"waf_v2_public_cn-x0r****gr1i\\"\\n}","type":"json"}]', + ], + 'CreateSM2Cert' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '217316', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ + 'name' => 'CertName', + 'in' => 'query', + 'schema' => ['description' => 'The certificate name.', 'type' => 'string', 'required' => false, 'example' => 'test-sm2', 'title' => ''], + ], + [ + 'name' => 'EncryptCertificate', + 'in' => 'query', + 'schema' => ['description' => 'The content of the SM encryption certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'***'."\n" + .'-----END CERTIFICATE-----', 'title' => ''], + ], + [ + 'name' => 'EncryptPrivateKey', + 'in' => 'query', + 'schema' => ['description' => 'The private key content of the SM encryption certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN PRIVATE KEY-----'."\n" + .'***'."\n" + .'-----END PRIVATE KEY-----', 'title' => ''], + ], + [ + 'name' => 'SignCertificate', + 'in' => 'query', + 'schema' => ['description' => 'The signing certificate content of the SM certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN CERTIFICATE-----'."\n" + .'***'."\n" + .'-----END CERTIFICATE-----', 'title' => ''], + ], + [ + 'name' => 'SignPrivateKey', + 'in' => 'query', + 'schema' => ['description' => 'The private key content of the SM signing certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN PRIVATE KEY-----'."\n" + .'***'."\n" + .'-----END PRIVATE KEY-----', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -4859,37 +4035,44 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-*-A47C-*', - ], - 'UsedPorts' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '80', - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''], + 'CertIdentifier' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '***-cn-hangzhou', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-*-A47C-*\\",\\n \\"UsedPorts\\": [\\n 80\\n ]\\n}","type":"json"}]', - ], - 'CreateDomain' => [ - 'summary' => 'Adds a domain name to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'title' => 'Upload SM certificate for cNAME-based WAF access', + 'summary' => 'Uploads a China National Cryptographic Algorithm (SM) certificate for a domain that is added to WAF in CNAME mode.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T13:24:10.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateSM2Cert', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"CertIdentifier\\": \\"***-cn-hangzhou\\"\\n}","type":"json"}]', + ], + 'DeleteAddress' => [ + 'summary' => 'Deletes addresses from an address book.', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -4897,636 +4080,196 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106298', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '124760', + 'abilityTreeNodes' => ['FEATUREwaf4TDPM4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo36****0i', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the address book.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'AddressList', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The domain name that you want to add to WAF.'."\n", - 'type' => 'string', + 'description' => 'The list of addresses to delete.', + 'type' => 'array', + 'items' => ['description' => 'A single address. IP addresses and CIDR blocks are supported. Both IPv4 and IPv6 are supported.', 'type' => 'string', 'required' => false, 'example' => 'XX.XX.XX.XX/32', 'title' => ''], 'required' => true, - 'example' => 'www.aliyundoc.com', + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'Listen', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'style' => 'json', + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The listener configurations.'."\n", 'type' => 'object', 'properties' => [ - 'HttpsPorts' => [ - 'description' => 'The HTTPS listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTPS listener port. Specify the value in the \\[**port1,port2,...,portN**] format.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '[443,8443]', - ], - 'required' => false, - ], - 'HttpPorts' => [ - 'description' => 'The HTTP listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTP listener port. Specify the value in the \\[**port1,port2,...**] format.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '[80,81]', - ], - 'required' => false, - ], - 'Http2Enabled' => [ - 'description' => 'Specifies whether to enable HTTP/2. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'enumValueTitles' => [], - 'example' => 'true', - ], - 'CertId' => [ - 'description' => 'The ID of the certificate that you want to add. This parameter is available only if you specify **HttpsPorts**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '123', - ], - 'SM2Enabled' => [ - 'description' => 'Specifies whether to add an SM certificate.'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'false', - ], - 'SM2CertId' => [ - 'description' => 'The ID of the SM certificate that you want to add. This parameter is available only if you set SM2Enabled to true.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '123-cn-hangzhou', - ], - 'SM2AccessOnly' => [ - 'description' => 'Specifies whether to allow access only from SM certificate-based clients. This parameter is available only if you set SM2Enabled to true.'."\n" - ."\n" - .'* true'."\n" - .'* false'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'false', - ], - 'TLSVersion' => [ - 'description' => 'The Transport Layer Security (TLS) version that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'tlsv1', - ], - 'EnableTLSv3' => [ - 'description' => 'Specifies whether to support TLS 1.3. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'CipherSuite' => [ - 'description' => 'The type of the cipher suites that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **1**: all cipher suites.'."\n" - .'* **2**: strong cipher suites. This value is available only if you set **TLSVersion** to **tlsv1.2**.'."\n" - .'* **99**: custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '2', - ], - 'CustomCiphers' => [ - 'description' => 'The custom cipher suites that you want to add.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite that you want to add. This parameter is available only if you set **CipherSuite** to **99**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '["xxx","ffas"]', - ], - 'required' => false, - ], - 'FocusHttps' => [ - 'description' => 'Specifies whether to enable force redirect from HTTP to HTTPS for received requests. This parameter is available only if you specify HttpsPorts and leave HttpPorts empty. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'XffHeaderMode' => [ - 'description' => 'The method that is used to obtain the originating IP address of a client. Valid values:'."\n" - ."\n" - .'* **0** (default): Client traffic is not filtered by a Layer 7 proxy before the traffic reaches WAF.'."\n" - .'* **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the originating IP address of the client.'."\n" - .'* **2**: WAF reads the value of a custom header field as the originating IP address of the client.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], - 'XffHeaders' => [ - 'description' => 'The custom header fields that are used to obtain the originating IP address of a client.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field that is used to obtain the originating IP address of a client. Specify the value in the **\\["header1","header2",...]** format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '["Client-ip","cip"]', - ], - 'required' => false, - ], - 'IPv6Enabled' => [ - 'description' => 'Specifies whether to enable IPv6 protection. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'ProtectionResource' => [ - 'description' => 'The type of the protection resource. Valid values:'."\n" - ."\n" - .'* **share** (default): a shared cluster.'."\n" - .'* **gslb**: shared cluster-based intelligent load balancing.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'share', - 'default' => 'share', - ], - 'ExclusiveIp' => [ - 'description' => 'Specifies whether to enable the exclusive IP address feature. This parameter is available only if you set **IPv6Enabled** to **false** and **ProtectionResource** to **share**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C33EB3D5-AF96-43CA-9C7E-37A8****6A1E', 'title' => ''], ], - 'required' => true, + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Defense.Control.DefenseAddressOversize', 'errorMessage' => 'The number of addresses in the address book exceeds the limit.', 'description' => 'The number of addresses in the address book exceeds the limit.'], + ['errorCode' => 'Defense.Control.DefenseAddressInvalid', 'errorMessage' => 'The address in the address book is illegal.', 'description' => 'The address in the address book is illegal.'], + ['errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'errorMessage' => 'Address book operations are too frequent.', 'description' => 'Address book operations are too frequent. Please try again later.'], + ], + ], + 'title' => 'Delete addresses from an address book', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'Redirect', - 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => 'The forwarding configurations.'."\n", - 'type' => 'object', - 'properties' => [ - 'Backends' => [ - 'description' => 'The IP addresses or domain names of the origin server.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The IP address or domain name of the origin server. You cannot specify both IP addresses and domain names. If you specify domain names, the domain names can be resolved only to IPv4 addresses.'."\n" - ."\n" - .'* If you specify IP addresses, specify the value in the **\\["ip1","ip2",...]** format. You can enter up to 20 IP addresses.'."\n" - .'* If you specify domain names, specify the value in the **\\["domain"]** format. You can enter up to 20 domain names.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '['."\n" - .' "1.1.XX.XX",'."\n" - .' "2.2.XX.XX"'."\n" - .']', - ], - 'required' => false, - ], - 'Loadbalance' => [ - 'description' => 'The load balancing algorithm that you want to use to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **iphash**'."\n" - .'* **roundRobin**'."\n" - .'* **leastTime**: This value is available only if you set **ProtectionResource** to **gslb**.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'roundRobin', - 'default' => 'iphash', - ], - 'FocusHttpBackend' => [ - 'description' => 'Specifies whether to enable force redirect from HTTPS to HTTP for back-to-origin requests. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'SniEnabled' => [ - 'description' => 'Specifies whether to enable the Server Name Indication (SNI) feature for back-to-origin requests. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'SniHost' => [ - 'description' => 'The custom value of the SNI field. If you do not specify this parameter, the value of the **Host** header field is automatically used. In most cases, you do not need to specify a custom value for the SNI field. However, if you want WAF to use an SNI field whose value is different from the value of the Host header field in back-to-origin requests, you can specify a custom value for the SNI field.'."\n" - ."\n" - .'> This parameter is required only if you set **SniEnabled** to **true**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], - 'RequestHeaders' => [ - 'description' => 'The custom header fields, which are key-value pairs. The fields are used to mark requests that pass through WAF.'."\n" - ."\n" - .'When a request passes through WAF, WAF automatically adds the custom header fields to the request to mark the request. This way, the backend service can identify requests that are processed by WAF.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field. Specify the value in the \\[**{"k":"*key*","v":"*value*"}**] format. ***key*** specifies the key of a custom header field. ***value*** specifies the value of a custom header field.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The key of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'aaa', - ], - 'Value' => [ - 'description' => 'The value of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'bbb', - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 5, - ], - 'ConnectTimeout' => [ - 'description' => 'The timeout period of connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '120', - 'default' => '5', - ], - 'ReadTimeout' => [ - 'description' => 'The timeout period of read connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '200', - 'default' => '120', - ], - 'WriteTimeout' => [ - 'description' => 'The timeout period of write connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '200', - 'default' => '120', - ], - 'CnameEnabled' => [ - 'description' => 'Specifies whether to enable the public cloud disaster recovery feature. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'RoutingRules' => [ - 'description' => 'The forwarding rules for the hybrid cloud mode. The value is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields:'."\n" - ."\n" - .'* **rs**: the back-to-origin IP addresses or CNAMEs. Data type: array.'."\n" - .'* **location**: the name of the protection node. Data type: string.'."\n" - .'* **locationId**: the ID of the protection node. Data type: long.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '['."\n" - .' {'."\n" - .' "rs": ['."\n" - .' "1.1.XX.XX"'."\n" - .' ],'."\n" - .' "locationId": 535,'."\n" - .' "location": "test1111"'."\n" - .' }'."\n" - .']', - ], - 'Keepalive' => [ - 'description' => 'Specifies whether to enable the persistent connection feature. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'Retry' => [ - 'description' => 'Specifies whether WAF retries if WAF fails to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'KeepaliveRequests' => [ - 'description' => 'The number of reused persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter specifies the number of persistent connections that can be reused after you enable the persistent connection feature.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '1000', - 'minimum' => '60', - 'example' => '1000', - 'default' => '1000', - ], - 'KeepaliveTimeout' => [ - 'description' => 'The timeout period of idle persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" - ."\n" - .'> This parameter specifies the period of time after which an idle persistent connection is closed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '10', - 'example' => '15', - 'default' => '15', - ], - 'XffProto' => [ - 'description' => 'Specifies whether to use the X-Forward-For-Proto header field to pass the protocol used by WAF to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'BackupBackends' => [ - 'description' => 'The secondary IP addresses or domain names of the origin server.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The secondary IP address or domain name of the origin server. You cannot specify both IP addresses and domain names. If you specify domain names, the domain names can be resolved only to IPv4 addresses.'."\n" - ."\n" - .'* If you specify IP addresses, specify the value in the **\\["ip1","ip2",...]** format. You can enter up to 20 IP addresses.'."\n" - .'* If you specify domain names, specify the value in the **\\["domain"]** format. You can enter up to 20 domain names.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '['."\n" - .' "1.1.XX.XX",'."\n" - .' "2.2.XX.XX"'."\n" - .']', - ], - 'required' => false, - ], - 'XClientIp' => [ - 'type' => 'boolean', - ], - 'XTrueIp' => [ - 'type' => 'boolean', - ], - 'WebServerType' => [ - 'type' => 'boolean', - ], - 'WLProxyClientIp' => [ - 'type' => 'boolean', - ], - 'MaxBodySize' => [ - 'title' => '最大请求体大小。取值范围:2~10,默认值:2,单位:G。'."\n" - ."\n", - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '10', - 'minimum' => '2', - 'example' => '2', - ], - 'Http2Origin' => [ - 'title' => 'HTTP2回源', - 'type' => 'boolean', - ], - 'Http2OriginMaxConcurrency' => [ - 'title' => 'HTTP2回源并发连接数', - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '512', - 'minimum' => '1', - 'example' => '128', - ], - 'BackendPorts' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'ListenPort' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'BackendPort' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'Protocol' => [ - 'type' => 'string', - ], - ], - ], - ], + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteAddress', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], - 'required' => true, ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C33EB3D5-AF96-43CA-9C7E-37A8****6A1E\\"\\n}","type":"json"}]', + ], + 'DeleteApisecAbnormals' => [ + 'summary' => 'Deletes API security risks in batches.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'RegionId', + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '229948', + 'abilityTreeNodes' => ['FEATUREwafWE25G7'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - 'title' => '', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy*****', 'title' => ''], ], [ - 'name' => 'AccessType', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The mode in which you want to add the domain name to WAF. Valid values:'."\n" - ."\n" - .'* **share:** adds the domain name to WAF in CNAME record mode. This is the default value.'."\n" - .'* **hybrid_cloud_cname:** adds the domain name to WAF in hybrid cloud reverse proxy mode.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'share', - 'default' => 'share', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter is applicable only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ - 'name' => 'Tag', + 'name' => 'AbnormalIds', 'in' => 'query', 'style' => 'repeatList', 'schema' => [ - 'title' => '标签列表,最多包含20个子项', - 'description' => 'The tags. You can specify up to 20 tags.'."\n", + 'description' => 'The list of API security risk IDs.', 'type' => 'array', - 'items' => [ - 'description' => 'The tag. You can specify up to 20 tags.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'title' => '标签键', - 'description' => 'The key of the tag.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Tagkey1', - ], - 'Value' => [ - 'title' => '标签值', - 'description' => 'The value of the tag.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'TagValue1', - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 21, + 'items' => ['description' => 'The API security risk ID.', 'type' => 'string', 'required' => false, 'example' => '4d4b1a5fe2100b86f629e2db63*****', 'title' => ''], + 'required' => true, + 'maxItems' => 20, + 'minItems' => 1, + 'title' => '', + 'example' => '', ], ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D****', - ], - 'DomainInfo' => [ - 'description' => 'The information about the domain name that is added.'."\n", - 'type' => 'object', - 'properties' => [ - 'Cname' => [ - 'description' => 'The CNAME that is assigned by WAF to the domain name.'."\n", - 'type' => 'string', - 'example' => 'xxxxxwww.****.com', - ], - 'Domain' => [ - 'description' => 'The domain name that you added to WAF.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'DomainId' => [ - 'description' => 'The name of the protected object that is generated.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com-waf', - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.ResourceExsit', - 'errorMessage' => 'Access resource already exists, resource:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.BusinessViolation', - 'errorMessage' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', - ], - [ - 'errorCode' => 'Waf.Pullin.Http2OriginMustOnHttp2Enable', - 'errorMessage' => 'When HTTP2 origin is enabled, HTTP2 listening must be enabled.', - ], - [ - 'errorCode' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', - 'errorMessage' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', - ], - [ - 'errorCode' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', - 'errorMessage' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', - ], - [ - 'errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', - 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Batch delete API security risks', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecAbnormals'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteApisecAbnormals', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainInfo\\": {\\n \\"Cname\\": \\"xxxxxwww.****.com\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n}","type":"json"}]', - 'title' => 'CreateDomain', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', ], - 'ModifyDomain' => [ - 'summary' => 'Modifies the configurations of a domain name that is added to Web Application Firewall (WAF) in CNAME record mode.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DeleteApisecEvents' => [ + 'summary' => 'Deletes API security events in batches.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -5534,610 +4277,119 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '114036', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '230004', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['title' => '', 'description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-g4t*****'], ], [ - 'name' => 'Domain', + 'name' => 'EventIds', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The domain name whose access configurations you want to modify.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', + 'title' => '', + 'description' => 'The list of API security event IDs.', + 'type' => 'array', + 'items' => ['title' => '', 'description' => 'The API security event ID.', 'type' => 'string', 'example' => 'eb370fb29781f75c07cabd5b2*****', 'required' => false], + 'required' => true, + 'maxItems' => 20, + 'minItems' => 1, + 'example' => '', ], ], [ - 'name' => 'DomainId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['title' => '', 'description' => 'The hybrid cloud cluster ID.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'example' => '428', 'required' => false], ], [ - 'name' => 'Listen', + 'name' => 'RegionId', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => 'The listener configurations.'."\n", - 'type' => 'object', - 'properties' => [ - 'HttpsPorts' => [ - 'description' => 'The HTTPS listener ports. Specify the value in the \\[**port1,port2,...**] format.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTPS listener port.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '443', - ], - 'required' => false, - ], - 'HttpPorts' => [ - 'description' => 'The HTTP listener ports. Specify the value in the \\[**port1,port2,...**] format.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTP listener port.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '80', - ], - 'required' => false, - ], - 'Http2Enabled' => [ - 'description' => 'Specifies whether to enable HTTP/2. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'CertId' => [ - 'description' => 'The ID of the certificate that you want to add.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '123', - ], - 'SM2Enabled' => [ - 'description' => 'Specifies whether to add an SM certificate.'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'SM2CertId' => [ - 'description' => 'The ID of the SM certificate that you want to add. This parameter is available only if you set SM2Enabled to true.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '123-cn-hangzhou', - ], - 'SM2AccessOnly' => [ - 'description' => 'Specifies whether to allow access only from SM certificate-based clients. This parameter is available only if you set SM2Enabled to true.'."\n" - ."\n" - .'* true'."\n" - .'* false'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'TLSVersion' => [ - 'description' => 'The Transport Layer Security (TLS) version that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'tlsv1', - ], - 'EnableTLSv3' => [ - 'description' => 'Specifies whether to support TLS 1.3. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'CipherSuite' => [ - 'description' => 'The type of the cipher suites that you want to add. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **1**: all cipher suites.'."\n" - .'* **2**: strong cipher suites. This value is available only if you set **TLSVersion** to **tlsv1.2**.'."\n" - .'* **99**: custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '2', - ], - 'CustomCiphers' => [ - 'description' => 'The custom cipher suites that you want to add. This parameter is available only if you set **CipherSuite** to **99**.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite that you want to add.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '["xxx","ffas"]', - ], - 'required' => false, - ], - 'FocusHttps' => [ - 'description' => 'Specifies whether to enable force redirect from HTTP to HTTPS for received requests. This parameter is available only if you specify **HttpsPorts** and leave **HttpPorts** empty. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'XffHeaderMode' => [ - 'description' => 'The method that is used to obtain the originating IP address of a client. Valid values:'."\n" - ."\n" - .'* **0** (default): Client traffic is not filtered by a Layer 7 proxy before the traffic reaches WAF.'."\n" - .'* **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the originating IP address of the client.'."\n" - .'* **2**: WAF reads the value of a custom header field as the originating IP address of the client.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'enumValueTitles' => [], - 'example' => '2', - 'enum' => [ - '0', - '1', - '2', - ], - ], - 'XffHeaders' => [ - 'description' => 'The custom header fields that are used to obtain the originating IP address of a client. Specify the value in the **\\["header1","header2",...]** format.'."\n" - ."\n" - .'> This parameter is required only if you set **XffHeaderMode** to 2.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field that is used to obtain the originating IP address of a client.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Client-ip', - ], - 'required' => false, - ], - 'IPv6Enabled' => [ - 'description' => 'Specifies whether to enable IPv6 protection. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'ProtectionResource' => [ - 'description' => 'The type of the protection resource. Valid values:'."\n" - ."\n" - .'* **share** (default): a shared cluster.'."\n" - .'* **gslb**: shared cluster-based intelligent load balancing.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'share', - 'default' => 'share', - ], - 'ExclusiveIp' => [ - 'description' => 'Specifies whether to enable the exclusive IP address feature. This parameter is available only if you set **IPv6Enabled** to false and **ProtectionResource** to **share**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - ], - 'required' => true, - ], + 'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false], ], [ - 'name' => 'Redirect', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => 'The forwarding configurations.'."\n", - 'type' => 'object', - 'properties' => [ - 'Backends' => [ - 'description' => 'The IP addresses or domain names of the origin server. You cannot specify both IP addresses and domain names. If you specify domain names, the domain names can be resolved only to IPv4 addresses.'."\n" - ."\n" - .'* If you specify IP addresses, specify the value in the **\\["ip1","ip2",...]** format. You can enter up to 20 IP addresses.'."\n" - .'* If you specify domain names, specify the value in the **\\["domain"]** format. You can enter up to 20 domain names.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The IP address or domain name of the origin server.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1.1.XX.XX', - ], - 'required' => false, - ], - 'Loadbalance' => [ - 'description' => 'The load balancing algorithm that you want to use to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **iphash**'."\n" - .'* **roundRobin**'."\n" - .'* **leastTime**: This value is available only if you set **ProtectionResource** to **gslb**.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'iphash', - 'default' => 'iphash', - ], - 'FocusHttpBackend' => [ - 'description' => 'Specifies whether to enable force redirect from HTTPS to HTTP for back-to-origin requests. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'SniEnabled' => [ - 'description' => 'Specifies whether to enable the Server Name Indication (SNI) feature for back-to-origin requests. This parameter is available only if you specify **HttpsPorts**. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'SniHost' => [ - 'description' => 'The custom value of the SNI field. If you do not specify this parameter, the value of the **Host** header field is automatically used. In most cases, you do not need to specify a custom value for the SNI field. However, if you want WAF to use an SNI field whose value is different from the value of the Host header field in back-to-origin requests, you can specify a custom value for the SNI field.'."\n" - ."\n" - .'> This parameter is required only if you set **SniEnabled** to true.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], - 'RequestHeaders' => [ - 'description' => 'The custom header fields, which are key-value pairs. The fields are used to mark requests that pass through WAF.'."\n" - ."\n" - .'When a request passes through WAF, WAF automatically adds the custom header fields to the request to mark the request. This way, the backend service can identify requests that are processed by WAF.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field. Specify the value in the \\[**{"k":"*key*","v":"*value*"}**] format. ***key*** specifies the key of a custom header field. ***value*** specifies the value of a custom header field.'."\n" - ."\n" - .'> If a request contains a custom header field, WAF overwrites the original value of the field with the specified value.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The key of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'aaa', - ], - 'Value' => [ - 'description' => 'The value of the custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'bbb', - ], - ], - 'required' => false, - ], - 'required' => false, - ], - 'ConnectTimeout' => [ - 'description' => 'The timeout period of connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '120', - 'default' => '5', - ], - 'ReadTimeout' => [ - 'description' => 'The timeout period of read connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '200', - 'default' => '120', - ], - 'WriteTimeout' => [ - 'description' => 'The timeout period of write connections. Unit: seconds. Valid values: 1 to 3600.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '1', - 'example' => '200', - 'default' => '120', - ], - 'CnameEnabled' => [ - 'description' => 'Specifies whether to enable the public cloud disaster recovery feature. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false** (default)'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], - 'RoutingRules' => [ - 'description' => 'The forwarding rules for the hybrid cloud mode. The value is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields:'."\n" - ."\n" - .'* **rs**: the back-to-origin IP addresses or CNAMEs. Data type: array.'."\n" - .'* **location**: the name of the protection node. Data type: string.'."\n" - .'* **locationId**: the ID of the protection node. Data type: long.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '['."\n" - .' {'."\n" - .' "rs": ['."\n" - .' "1.1.XX.XX"'."\n" - .' ],'."\n" - .' "locationId": 535,'."\n" - .' "location": "test1111"'."\n" - .' }'."\n" - .']'."\n", - ], - 'Keepalive' => [ - 'description' => 'Specifies whether to enable the persistent connection feature. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'Retry' => [ - 'description' => 'Specifies whether WAF retries if WAF fails to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'KeepaliveRequests' => [ - 'description' => 'The number of reused persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter specifies the number of persistent connections that can be reused after you enable the persistent connection feature.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '1000', - 'minimum' => '60', - 'example' => '1000', - 'default' => '1000', - ], - 'KeepaliveTimeout' => [ - 'description' => 'The timeout period of idle persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" - ."\n" - .'> This parameter specifies the period of time after which an idle persistent connection is closed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '3600', - 'minimum' => '10', - 'example' => '15', - 'default' => '15', - ], - 'XffProto' => [ - 'description' => 'Specifies whether to use the X-Forward-For-Proto header field to pass the protocol used by WAF to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], - 'BackupBackends' => [ - 'description' => 'The secondary IP addresses or domain names of the origin server.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The secondary IP address or domain name of the origin server. You cannot specify both IP addresses and domain names. If you specify domain names, the domain names can be resolved only to IPv4 addresses.'."\n" - ."\n" - .'* If you specify IP addresses, specify the value in the **\\["ip1","ip2",...]** format. You can enter up to 20 IP addresses.'."\n" - .'* If you specify domain names, specify the value in the **\\["domain"]** format. You can enter up to 20 domain names.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '['."\n" - .' "1.1.XX.XX",'."\n" - .' "2.2.XX.XX"'."\n" - .']', - ], - 'required' => false, - ], - 'XClientIp' => [ - 'type' => 'boolean', - ], - 'XTrueIp' => [ - 'type' => 'boolean', - ], - 'WebServerType' => [ - 'type' => 'boolean', - ], - 'WLProxyClientIp' => [ - 'type' => 'boolean', - ], - 'MaxBodySize' => [ - 'title' => '最大请求体大小。取值范围:2~10,默认值:2,单位:G。', - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '10', - 'minimum' => '2', - 'example' => '2', - ], - 'Http2Origin' => [ - 'title' => 'HTTP2回源', - 'type' => 'boolean', - ], - 'Http2OriginMaxConcurrency' => [ - 'title' => 'HTTP2回源并发连接数', - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '512', - 'minimum' => '1', - 'example' => '128', - ], - 'BackendPorts' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'ListenPort' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'BackendPort' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'Protocol' => [ - 'type' => 'string', - ], - ], - ], - ], - ], - 'required' => true, - ], + 'schema' => ['title' => '', 'description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'EventScope', 'in' => 'query', 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" + 'title' => '', + 'description' => 'The dimension of the security event. Valid values:'."\n" ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'AccessType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The mode in which you want to add the domain name to WAF. Set the value to share.'."\n" + .'- **ip**: IP-dimension security events.'."\n" ."\n" - .'* **share:** adds the domain name to WAF in CNAME record mode. This is the default value.'."\n", + .'- **account**: account-dimension security events.', 'type' => 'string', + 'example' => 'ip', + 'default' => 'ip', + 'enum' => ['ip', 'account'], 'required' => false, - 'example' => 'share', - 'default' => 'share', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'DomainInfo' => [ - 'description' => 'The information about the domain name.'."\n", - 'type' => 'object', - 'properties' => [ - 'Cname' => [ - 'description' => 'The CNAME that is assigned by WAF to the domain name.'."\n", - 'type' => 'string', - 'example' => 'xxxxxcvdaf.****.com', - ], - 'Domain' => [ - 'description' => 'The domain name whose access configurations you modified.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'DomainId' => [ - 'description' => 'The ID of the domain name.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com-waf', - ], - ], - ], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.BusinessViolation', - 'errorMessage' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', - ], - [ - 'errorCode' => 'Waf.Control.DomainAndDomainIdBothEmpty', - 'errorMessage' => 'domain and domainId cannot be empty at the same time.', - ], - [ - 'errorCode' => 'Waf.Control.DomainAndDomainIdNotMatch', - 'errorMessage' => 'domain and domainId do not match.', - ], - [ - 'errorCode' => 'Waf.Control.DomainIdIsIllegal', - 'errorMessage' => 'The input parameter, the domainId is illegal.', - ], - [ - 'errorCode' => 'Waf.Pullin.BackupBackendConflict', - 'errorMessage' => 'The backup backend configuration conflicts.', - ], - [ - 'errorCode' => 'Waf.Pullin.BackendPortIncompatible', - 'errorMessage' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', - 'errorMessage' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', - ], - [ - 'errorCode' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', - 'errorMessage' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', - ], - [ - 'errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', - 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Batch delete API security events', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecEvents'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteApisecEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D****\\",\\n \\"DomainInfo\\": {\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n}","type":"json"}]', - 'title' => 'ModifyDomain', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', ], - 'DeleteDomain' => [ - 'summary' => 'Deletes a domain name that is added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DeleteCloudResource' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -6148,1129 +4400,483 @@ 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106552', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '226538', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to view the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name that you want to delete.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceProduct', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The type of the cloud service. Valid values:'."\n" + ."\n" + .'- **clb4**: Layer 4 CLB.'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **ecs**: ECS.'."\n" + ."\n" + .'- **nlb**: Network Load Balancer (NLB).', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'clb7', 'title' => ''], ], [ - 'name' => 'AccessType', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The mode in which the domain name is added to WAF. Valid values:'."\n" - ."\n" - .'* **share:** CNAME record mode. This is the default value.'."\n" - .'* **hybrid_cloud_cname:** hybrid cloud reverse proxy mode.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'share', - 'default' => 'share', - ], + 'schema' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-bp1*****jqnnqk5uj2p', 'title' => ''], ], [ - 'name' => 'DomainId', + 'name' => 'Port', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the domain name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com-waf', - ], + 'schema' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'example' => '443', 'title' => ''], + ], + [ + 'name' => 'CloudResourceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the protected resource. WAF automatically generates this ID when you add the cloud service to WAF.'."\n" + ."\n" + .'> Call [CreateCloudResource](~~2839876~~) to add a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-****py9kcm2n6nuesiu2a-80-clb4', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request. Alibaba Cloud generates a unique ID for each request. You can use this ID to troubleshoot issues.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [ 400 => [ - [ - 'errorCode' => 'Waf.Control.DomainAndDomainIdBothEmpty', - 'errorMessage' => 'domain and domainId cannot be empty at the same time.', - ], - [ - 'errorCode' => 'Waf.Control.DomainAndDomainIdNotMatch', - 'errorMessage' => 'domain and domainId do not match.', - ], - [ - 'errorCode' => 'Waf.Control.DomainIdIsIllegal', - 'errorMessage' => 'The input parameter, the domainId is illegal.', - ], - [ - 'errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', - 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', - ], + ['errorCode' => 'Waf.Control.DefenseResourceEmpty', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'], + ['errorCode' => 'Waf.Control.CloudProductInfoEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'."\n"], + ['errorCode' => 'Waf.Control.CloudProductInfoNotMartch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', - 'title' => 'DeleteDomain', - ], - 'DescribeDomains' => [ - 'summary' => 'Queries the domain names that are added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'title' => 'DeleteCloudResource', + 'summary' => 'Removes a cloud service from Web Application Firewall (WAF). This operation currently supports only Elastic Compute Service (ECS) and Classic Load Balancer (CLB).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteCloudResource'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteCloudResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\"\\n}","type":"json"}]', + ], + 'DeleteCloudResourceExtensionCert' => [ + 'summary' => 'Deletes an extension certificate for a cloud service connected in cloud native mode.', + 'path' => '', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '112189', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'], ], 'parameters' => [ [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number of the page to return. Default value: 1.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepay_public_intl-sg-***', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'CloudResourceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF when the resource is connected in cloud native mode.'."\n" + ."\n" + .'> You can call the [CreateCloudResource](~~2839876~~) operation to connect a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => true, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'CertId', 'in' => 'query', - 'schema' => [ - 'title' => '域名', - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Backend', + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'title' => '回源地址', - 'description' => 'An array of HTTPS listener ports.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1.1.XX.XX', + 'title' => '', + 'description' => 'Schema of Response', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => '56B40D30-4960-4F19-B7D5-***'], + ], + 'example' => '', ], ], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'Delete an extension certificate for a cloud service', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteCloudResourceExtensionCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"56B40D30-4960-4F19-B7D5-***\\"\\n}","type":"json"}]', + ], + 'DeleteDefenseResource' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'PageSize', + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'systemTags' => [ + 'operationType' => 'delete', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '106306', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '50', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-9lb*******', 'title' => ''], ], [ - 'name' => 'DomainId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['title' => '', 'description' => 'The name of the protected object.', 'type' => 'string', 'required' => true, 'example' => 'zhh*****.test.top-clb7'], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'Tag', + 'name' => 'RegionId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The tag of the resource. You can specify up to 20 tags.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The tag key.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'TagKey1', - ], - 'Value' => [ - 'description' => 'The tag value.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'TagValue1', - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 21, - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'ABF68BB3-2C48-5FA4-9750-D5FE55700E36', - ], - 'TotalCount' => [ - 'description' => 'The total number of returned entries.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '146', - ], - 'Domains' => [ - 'description' => 'The domain names that are added to WAF in CNAME record mode.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Domain' => [ - 'title' => '域名', - 'description' => 'The domain name that is added to WAF in CNAME record mode.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'Status' => [ - 'title' => '域名状态', - 'description' => 'The status of the domain name. Valid values:'."\n" - ."\n" - .'* **1:** The domain name is in a normal state.'."\n" - .'* **2:** The domain name is being created.'."\n" - .'* **3:** The domain name is being modified.'."\n" - .'* **4:** The domain name is being released.'."\n" - .'* **5:** WAF no longer forwards traffic that is sent to the domain name.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Cname' => [ - 'title' => 'CNAME', - 'description' => 'The CNAME assigned by WAF to the domain name.'."\n", - 'type' => 'string', - 'example' => 'xxxxxcvdaf.****.com', - ], - 'ListenPorts' => [ - 'description' => 'The configurations of the listeners.'."\n", - 'type' => 'object', - 'properties' => [ - 'Http' => [ - 'description' => 'The HTTP listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTP listener port.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '80', - ], - ], - 'Https' => [ - 'description' => 'The HTTPS listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTPS listener port.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '443', - ], - ], - ], - ], - 'Backeds' => [ - 'description' => 'The back-to-origin settings.'."\n", - 'type' => 'object', - 'properties' => [ - 'Http' => [ - 'description' => 'The HTTP addresses of the origin server.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Backend' => [ - 'description' => 'The HTTP address of the origin server.'."\n", - 'type' => 'string', - 'example' => '1.1.XX.XX', - ], - ], - ], - ], - 'Https' => [ - 'description' => 'The HTTPS addresses of the origin server.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Backend' => [ - 'description' => 'The HTTPS address of the origin server.'."\n", - 'type' => 'string', - 'example' => '1.1.XX.XX', - ], - ], - ], - ], - ], - ], - 'ResourceManagerResourceGroupId' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'example' => 'rg-acfmvtc5z52****', - ], - 'DomainId' => [ - 'type' => 'string', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '745F051D-95FD-57EC-9DC1-79BB4883C6A4', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', - 'errorMessage' => 'domain and domainId cannot be empty at the same time.', - ], - [ - 'errorCode' => 'Waf.Pullin.DomainAndDomainIdNotMatch', - 'errorMessage' => 'domain and domainId do not match.', - ], - [ - 'errorCode' => 'Waf.Pullin.DomainIdIsIllegal', - 'errorMessage' => 'The input parameter, the domainId is illegal.', + 'title' => 'Delete a protected object', + 'summary' => 'Deletes a protected object.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"ABF68BB3-2C48-5FA4-9750-D5FE55700E36\\",\\n \\"TotalCount\\": 146,\\n \\"Domains\\": [\\n {\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Status\\": 1,\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"ListenPorts\\": {\\n \\"Http\\": [\\n 80\\n ],\\n \\"Https\\": [\\n 443\\n ]\\n },\\n \\"Backeds\\": {\\n \\"Http\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ],\\n \\"Https\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ]\\n },\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmvtc5z52****\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDomains', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"745F051D-95FD-57EC-9DC1-79BB4883C6A4\\"\\n}","type":"json"}]', ], - 'DescribeDomainDetail' => [ - 'summary' => 'Queries the details of a domain name that is added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DeleteDefenseResourceGroup' => [ + 'summary' => 'Deletes a protected object group.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '113957', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '106355', + 'abilityTreeNodes' => ['FEATUREwafHQWDCC'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'DomainId', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The name of the protected object group that you want to delete.', 'type' => 'string', 'required' => true, 'example' => 'group221', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '域名', - 'description' => 'The domain name that you want to query.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'BAEF9CA9-66A0-533E-BD09-5D5D7AA8****', - ], - 'Domain' => [ - 'title' => '域名', - 'description' => 'The domain name.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'DomainId' => [ - 'title' => '域名ID', - 'type' => 'string', - ], - 'Status' => [ - 'title' => '状态', - 'description' => 'The status of the domain name. Valid values:'."\n" - ."\n" - .'* **1:** The domain name is in a normal state.'."\n" - .'* **2:** The domain name is being created.'."\n" - .'* **3:** The domain name is being modified.'."\n" - .'* **4:** The domain name is being released.'."\n" - .'* **5:** WAF no longer forwards traffic of the domain name.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Cname' => [ - 'description' => 'The CNAME that is assigned by WAF to the domain name.'."\n", - 'type' => 'string', - 'example' => 'xxxxxcvdaf.****.com', - ], - 'Listen' => [ - 'title' => '监听配置', - 'description' => 'The configurations of the listeners.'."\n", - 'type' => 'object', - 'properties' => [ - 'HttpPorts' => [ - 'title' => 'HTTP端口', - 'description' => 'An array of HTTP listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTP listener port.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '80', - ], - ], - 'HttpsPorts' => [ - 'title' => 'HTTPS端口', - 'description' => 'An array of HTTPS listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTPS listener port.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '443'."\n", - ], - ], - 'Http2Enabled' => [ - 'title' => '是否开启HTTP2', - 'description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n" - ."\n" - .'* **true:** HTTP/2 is enabled.'."\n" - .'* **false:** HTTP/2 is disabled.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CertId' => [ - 'title' => '', - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'format' => 'int64', - 'example' => '123', - ], - 'TLSVersion' => [ - 'title' => 'TLS版本', - 'description' => 'The version of the Transport Layer Security (TLS) protocol. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'example' => 'tlsv1.2', - ], - 'EnableTLSv3' => [ - 'title' => '是否支持TLS1.3', - 'description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" - ."\n" - .'* **true:** TLS 1.3 is supported.'."\n" - .'* **false:** TLS 1.3 is not supported.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CipherSuite' => [ - 'description' => 'The type of the cipher suites. Valid values:'."\n" - ."\n" - .'* **1:** all cipher suites.'."\n" - .'* **2:** strong cipher suites.'."\n" - .'* **99:** custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - ], - 'CustomCiphers' => [ - 'description' => 'An array of custom cipher suites.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite.'."\n", - 'type' => 'string', - 'example' => 'xxx', - ], - ], - 'FocusHttps' => [ - 'description' => 'Indicates whether HTTP to HTTPS redirection is enabled for the domain name. Valid values:'."\n" - ."\n" - .'* **true:** HTTP to HTTPS redirection is enabled.'."\n" - .'* **false:** HTTP to HTTPS redirection is disabled.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'SM2Enabled' => [ - 'description' => 'Indicates whether SM certificate-based verification is enabled. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'SM2CertId' => [ - 'description' => 'The ID of the SM certificate that is added. This parameter is returned only if the value of SM2Enabled is true.'."\n", - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'SM2AccessOnly' => [ - 'description' => 'Indicates whether only SM certificate-based clients can access the domain name. This parameter is returned only if the value of SM2Enabled is true. Valid values:'."\n" - ."\n" - .'* true'."\n" - .'* false'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'XffHeaderMode' => [ - 'description' => 'The method that WAF uses to obtain the actual IP address of a client. Valid values:'."\n" - ."\n" - .'* **0:** No Layer 7 proxies are deployed in front of WAF.'."\n" - .'* **1:** WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client.'."\n" - .'* **2:** WAF reads the value of a custom header field as the actual IP address of the client.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - ], - 'XffHeaders' => [ - 'description' => 'An array of custom header fields that are used to obtain the actual IP address of a client.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field that is used to obtain the actual IP address of a client.'."\n", - 'type' => 'string', - 'example' => 'Client-ip', - ], - ], - 'IPv6Enabled' => [ - 'title' => '是否开启IPv6', - 'description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n" - ."\n" - .'* **true:** IPv6 is enabled.'."\n" - .'* **false:** IPv6 is disabled.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'ProtectionResource' => [ - 'title' => '防护资源', - 'description' => 'The type of protection resource that is used. Valid values:'."\n" - ."\n" - .'* **share:** shared cluster.'."\n" - .'* **gslb:** shared cluster-based intelligent load balancing.'."\n", - 'type' => 'string', - 'example' => 'share', - ], - 'ExclusiveIp' => [ - 'title' => '是否开启独享IP', - 'description' => 'Indicates whether an exclusive IP address is enabled. Valid values:'."\n" - ."\n" - .'* **true:** An exclusive IP address is enabled for the domain name.'."\n" - .'* **false:** No exclusive IP addresses are enabled for the domain name.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - ], - ], - 'Redirect' => [ - 'title' => '转发配置', - 'description' => 'The configurations of the forwarding rule.'."\n", - 'type' => 'object', - 'properties' => [ - 'Backends' => [ - 'description' => 'An array of addresses of origin servers.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The IP addresses or domain names of origin servers.'."\n", - 'type' => 'object', - 'properties' => [ - 'Backend' => [ - 'description' => 'The IP address or domain name of the origin server.'."\n", - 'type' => 'string', - 'example' => '1.1.XX.XX', - ], - ], - ], - 'deprecated' => true, - ], - 'Loadbalance' => [ - 'title' => '负载均衡算法', - 'description' => 'The load balancing algorithm that is used when WAF forwards requests to the origin server. Valid values:'."\n" - ."\n" - .'* **ip_hash:** the IP hash algorithm.'."\n" - .'* **roundRobin:** the round-robin algorithm.'."\n" - .'* **leastTime:** the least response time algorithm.'."\n", - 'type' => 'string', - 'example' => 'iphash', - ], - 'FocusHttpBackend' => [ - 'description' => 'Indicates whether HTTPS to HTTP redirection is enabled for back-to-origin requests of the domain name. Valid values:'."\n" - ."\n" - .'* **true:** HTTPS to HTTP redirection for back-to-origin requests of the domain name is enabled.'."\n" - .'* **false:** HTTPS to HTTP redirection for back-to-origin requests of the domain name is disabled.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'SniEnabled' => [ - 'title' => 'SNI', - 'description' => 'Indicates whether origin Server Name Indication (SNI) is enabled. Valid values:'."\n" - ."\n" - .'* **true:** Origin SNI is enabled.'."\n" - .'* **false:** Origin SNI is disabled. This is the default value.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'SniHost' => [ - 'description' => 'The value of the custom SNI field.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'RequestHeaders' => [ - 'description' => 'An array of key-value pairs that are used to mark the requests that pass through the WAF instance.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The key-value pair that is used to mark the requests that pass through the WAF instance.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The custom header field.'."\n", - 'type' => 'string', - 'example' => 'aaa', - ], - 'Value' => [ - 'description' => 'The value of the custom header field.'."\n", - 'type' => 'string', - 'example' => 'bbb', - ], - ], - ], - ], - 'ConnectTimeout' => [ - 'description' => 'The timeout period of the connection. Unit: seconds. Valid values: 5 to 120.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '120', - ], - 'WriteTimeout' => [ - 'description' => 'The write timeout period. Unit: seconds. Valid values: 5 to 1800.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '200', - ], - 'ReadTimeout' => [ - 'description' => 'The read timeout period. Unit: seconds. Valid values: 5 to 1800.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '200', - ], - 'Keepalive' => [ - 'description' => 'Indicates whether the persistent connection feature is enabled. Valid values:'."\n" - ."\n" - .'* **true:** The persistent connection feature is enabled. This is the default value.'."\n" - .'* **false:** The persistent connection feature is disabled.'."\n", - 'type' => 'boolean', - 'example' => 'true', - 'default' => 'true', - ], - 'Retry' => [ - 'description' => 'Indicates whether WAF retries when requests fail to be forwarded to the origin server. Valid values:'."\n" - ."\n" - .'* **true:** WAF retries. This is the default value.'."\n" - .'* **false:** WAF does not retry.', - 'type' => 'boolean', - 'example' => 'true', - 'default' => 'true', - ], - 'KeepaliveRequests' => [ - 'description' => 'The number of reused persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter specifies the number of reused persistent connections when you enable the persistent connection feature.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1000', - 'default' => '100', - ], - 'KeepaliveTimeout' => [ - 'description' => 'The timeout period of persistent connections that are in the Idle state. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" - ."\n" - .'> This parameter specifies the period of time during which a reused persistent connection is allowed to remain in the Idle state before the persistent connection is released.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '15', - 'default' => '15', - ], - 'XffProto' => [ - 'description' => 'Indicates whether the X-Forward-For-Proto header is used to identify the protocol used by WAF to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **true** (default)'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'BackupBackends' => [ - 'description' => 'An array of HTTPS listener ports.', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Backend' => [ - 'description' => 'The back-to-origin IP address or domain name.', - 'type' => 'string', - 'example' => '['."\n" - .' "1.1.XX.XX",'."\n" - .' "2.2.XX.XX"'."\n" - .']'."\n", - ], - ], - ], - 'deprecated' => true, - ], - 'XClientIp' => [ - 'type' => 'boolean', - 'default' => 'false', - ], - 'XTrueIp' => [ - 'type' => 'boolean', - 'default' => 'false', - ], - 'WebServerType' => [ - 'type' => 'boolean', - 'default' => 'false', - ], - 'WLProxyClientIp' => [ - 'type' => 'boolean', - 'default' => 'false', - ], - 'MaxBodySize' => [ - 'title' => '最大请求体大小。取值范围:2~10,默认值:2,单位:G。', - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '10', - 'minimum' => '2', - 'example' => '2', - ], - 'Http2Origin' => [ - 'title' => 'HTTP2回源', - 'type' => 'boolean', - ], - 'Http2OriginMaxConcurrency' => [ - 'title' => 'HTTP2回源并发连接数', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '128', - ], - 'BackendList' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], - ], - 'BackUpBackendList' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], - ], - 'BackendPorts' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'ListenPort' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'BackendPort' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'Protocol' => [ - 'type' => 'string', - ], - ], - ], - ], - ], - ], - 'ResourceManagerResourceGroupId' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'example' => 'rg-acfm***q', - ], - 'CertDetail' => [ - 'description' => 'The details of the SSL certificate.'."\n", - 'type' => 'object', - 'properties' => [ - 'Name' => [ - 'description' => 'The name of the SSL certificate.'."\n", - 'type' => 'string', - 'example' => 'test-cert-name', - ], - 'Id' => [ - 'description' => 'The ID of the SSL certificate.'."\n", - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'StartTime' => [ - 'description' => 'The beginning of the validity period of the SSL certificate. The value is in the UNIX timestamp format. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1677772800000', - ], - 'EndTime' => [ - 'description' => 'The end of the validity period of the SSL certificate. The value is in the UNIX timestamp format. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1685590400000', - ], - 'CommonName' => [ - 'description' => 'The domain name of your website.'."\n", - 'type' => 'string', - 'example' => 'test.aliyundoc.com', - ], - 'Sans' => [ - 'description' => 'All domain names that are bound to the certificate.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'All domain names that are bound to the certificate.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - ], - ], - ], - 'SM2CertDetail' => [ - 'description' => 'The information about the SM certificate.'."\n", - 'type' => 'object', - 'properties' => [ - 'Name' => [ - 'description' => 'The name of the SSL certificate.'."\n", - 'type' => 'string', - 'example' => 'test-sm2-cert-name', - ], - 'Id' => [ - 'description' => 'The ID of the SSL certificate.'."\n", - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'StartTime' => [ - 'description' => 'The beginning of the validity period of the SSL certificate. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1657551525000', - ], - 'EndTime' => [ - 'description' => 'The end of the validity period of the SSL certificate. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665590400000', - ], - 'CommonName' => [ - 'description' => 'The domain name of your website.'."\n", - 'type' => 'string', - 'example' => 'test.aliyundoc.com'."\n", - ], - 'Sans' => [ - 'description' => 'All domain names that are bound to the certificate.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'All domain names that are bound to the certificate.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com'."\n", - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '25BE1169-9AE4-5D7D-8293-C33242ABB549', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', - 'errorMessage' => 'domain and domainId cannot be empty at the same time.', - ], - [ - 'errorCode' => 'Waf.Pullin.DomainAndDomainIdNotMatch', - 'errorMessage' => 'domain and domainId do not match.', - ], - [ - 'errorCode' => 'Waf.Pullin.DomainIdIsIllegal', - 'errorMessage' => 'The input parameter, the domainId is illegal.', + 'title' => 'DeleteDefenseResourceGroup', + 'changeSet' => [ + ['createdAt' => '2024-09-02T03:44:32.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseResourceGroup'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BAEF9CA9-66A0-533E-BD09-5D5D7AA8****\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\",\\n \\"Status\\": 1,\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"Listen\\": {\\n \\"HttpPorts\\": [\\n 80\\n ],\\n \\"HttpsPorts\\": [\\n 443\\n ],\\n \\"Http2Enabled\\": true,\\n \\"CertId\\": \\"123\\",\\n \\"TLSVersion\\": \\"tlsv1.2\\",\\n \\"EnableTLSv3\\": true,\\n \\"CipherSuite\\": 2,\\n \\"CustomCiphers\\": [\\n \\"xxx\\"\\n ],\\n \\"FocusHttps\\": true,\\n \\"SM2Enabled\\": true,\\n \\"SM2CertId\\": \\"123-cn-hangzhou\\",\\n \\"SM2AccessOnly\\": true,\\n \\"XffHeaderMode\\": 2,\\n \\"XffHeaders\\": [\\n \\"Client-ip\\"\\n ],\\n \\"IPv6Enabled\\": true,\\n \\"ProtectionResource\\": \\"share\\",\\n \\"ExclusiveIp\\": true,\\n \\"HstsIncludeSubDomain\\": true,\\n \\"HstsPreload\\": false,\\n \\"HstsMaxAge\\": 365000\\n },\\n \\"Redirect\\": {\\n \\"Backends\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ],\\n \\"Loadbalance\\": \\"iphash\\",\\n \\"FocusHttpBackend\\": true,\\n \\"SniEnabled\\": true,\\n \\"SniHost\\": \\"www.aliyundoc.com\\",\\n \\"RequestHeaders\\": [\\n {\\n \\"Key\\": \\"aaa\\",\\n \\"Value\\": \\"bbb\\"\\n }\\n ],\\n \\"ConnectTimeout\\": 120,\\n \\"WriteTimeout\\": 200,\\n \\"ReadTimeout\\": 200,\\n \\"Keepalive\\": true,\\n \\"Retry\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 15,\\n \\"XffProto\\": true,\\n \\"BackupBackends\\": [\\n {\\n \\"Backend\\": \\"[\\\\n \\\\\\"1.1.XX.XX\\\\\\",\\\\n \\\\\\"2.2.XX.XX\\\\\\"\\\\n]\\\\n\\"\\n }\\n ],\\n \\"XClientIp\\": true,\\n \\"XTrueIp\\": true,\\n \\"WebServerType\\": true,\\n \\"WLProxyClientIp\\": true,\\n \\"MaxBodySize\\": 2,\\n \\"Http2Origin\\": true,\\n \\"Http2OriginMaxConcurrency\\": 128,\\n \\"ProxyProtocol\\": false,\\n \\"BackendList\\": [\\n \\"1.1.XX.XX\\"\\n ],\\n \\"BackUpBackendList\\": [\\n \\"2.2.XX.XX\\"\\n ],\\n \\"BackendPorts\\": [\\n {\\n \\"ListenPort\\": 80,\\n \\"BackendPort\\": 80,\\n \\"Protocol\\": \\"http\\"\\n }\\n ]\\n },\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfm***q\\",\\n \\"CertDetail\\": {\\n \\"Name\\": \\"test-cert-name\\",\\n \\"Id\\": \\"123-cn-hangzhou\\",\\n \\"StartTime\\": 1677772800000,\\n \\"EndTime\\": 1685590400000,\\n \\"CommonName\\": \\"test.aliyundoc.com\\",\\n \\"Sans\\": [\\n \\"www.aliyundoc.com\\"\\n ]\\n },\\n \\"SM2CertDetail\\": {\\n \\"Name\\": \\"test-sm2-cert-name\\",\\n \\"Id\\": \\"123-cn-hangzhou\\",\\n \\"StartTime\\": 1657551525000,\\n \\"EndTime\\": 1665590400000,\\n \\"CommonName\\": \\"test.aliyundoc.com\\\\n\\",\\n \\"Sans\\": [\\n \\"www.aliyundoc.com\\\\n\\"\\n ]\\n }\\n}","type":"json"}]', - 'title' => 'DescribeDomainDetail', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"25BE1169-9AE4-5D7D-8293-C33242ABB549\\"\\n}","type":"json"}]', ], - 'DescribePunishedDomains' => [ - 'summary' => 'Queries a list of domain names that are added to Web Application Firewall (WAF) and penalized for failing to obtain an Internet Content Provider (ICP) filing.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DeleteDefenseRule' => [ + 'summary' => 'Deletes the specified protection rules.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124498', + 'abilityTreeCode' => '106469', 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', + 'FEATUREwaf1LM6V0', 'FEATUREwafOVI09M', 'FEATUREwafF105ZO', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwafIFHX6M', 'FEATUREwafI1HM4C', 'FEATUREwaf16U367', 'FEATUREwaf6XNOII', 'FEATUREwafS64FX9', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafRM5KJ7', 'FEATUREwaf4TDPM4', 'FEATUREwafOUMN3V', 'FEATUREwafVG3S9P', 'FEATUREwafIDKGGL', 'FEATUREwafWUANSU', 'FEATUREwafVZXFDE', + 'FEATUREwaf6KFDRU', ], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-uqm****qa07', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'Domains', + 'name' => 'TemplateId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The domain names that are added to WAF.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The domain name that is added to WAF.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demo.xxxaliyundoc.com', - ], - 'required' => false, - 'maxItems' => 100, - ], + 'schema' => ['description' => 'The ID of the protection rule template that you want to delete.'."\n" + ."\n" + .'> This parameter is required only when you set **DefenseType** to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '2221', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'RuleIds', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The IDs of the protection rules that you want to delete. Separate multiple IDs with commas (,).', 'type' => 'string', 'required' => true, 'example' => '2223455,23354,465565', 'title' => ''], ], [ - 'name' => 'PunishType', + 'name' => 'DefenseType', 'in' => 'query', 'schema' => [ - 'description' => 'The type of punishment. Valid values:'."\n" + 'description' => 'The type of the protection rule. Valid values:'."\n" ."\n" - .'* **beian** (default): the filing center.'."\n" - .'* **punishCenter**: the punishment center.'."\n", + .'- **template** (default): a protection rule template.'."\n" + ."\n" + .'- **resource**: a rule for a protected object.'."\n" + ."\n" + .'- **global**: a global rule.', 'type' => 'string', + 'default' => 'template', + 'enum' => ['template', 'global', 'resource'], 'required' => false, - 'example' => 'beian', - 'default' => 'beian', + 'example' => 'template', + 'title' => '', ], ], [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekz7nc****aata', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The protected object of the rule that you want to delete.'."\n" + ."\n" + .'> This parameter is required only when you set **DefenseType** to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'rencs***-waf', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'B1F4D802-55A1-5D53-A247-7E79****85E7', - ], - 'PunishedDomains' => [ - 'description' => 'The domain names that are penalized for failing to obtain an ICP filing.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The domain name that is penalized for failing to obtain an ICP filing.'."\n", - 'type' => 'string', - 'example' => 'demo.xxxaliyundoc.com'."\n", - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EC856FE-6D31-5861-8275-E5DEDB539089', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B1F4D802-55A1-5D53-A247-7E79****85E7\\",\\n \\"PunishedDomains\\": [\\n \\"demo.xxxaliyundoc.com\\\\n\\"\\n ]\\n}","type":"json"}]', - 'title' => 'DescribePunishedDomains', - ], - 'ModifyDomainPunishStatus' => [ - 'summary' => 'Re-adds a domain name that is penalized for failing to obtain an Internet Content Provider (ICP) filing to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Defense.Control.DefenseAddressBookInUse', 'errorMessage' => 'The address book is in use and cannot be deleted.', 'description' => 'The address book is in use and cannot be deleted. Rules for using this address book: %s.'], + ['errorCode' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'errorMessage' => 'The Extension rule is in use and cannot be deleted.', 'description' => 'Extension rule in use, association rule list:%s'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'DeleteDefenseRule', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseRule'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EC856FE-6D31-5861-8275-E5DEDB539089\\"\\n}","type":"json"}]', + ], + 'DeleteDefenseRuleBlockIp' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -7278,846 +4884,603 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124497', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], - 'autoTest' => true, + 'abilityTreeCode' => '203840', + 'abilityTreeNodes' => ['FEATUREwafAFURH8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-zxu****0g02', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-9lb37yxse05', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name that is penalized for failing to obtain an ICP filing.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'demo.xxxxaliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '4057', 'title' => ''], + ], + [ + 'name' => 'RuleId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the scan protection rule for which you want to unblock an IP address.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '36998', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '70E65A35-22B8-567C-B0A0-A2E9****20AE', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.DomainNotBeianOrInBlackList', - 'errorMessage' => 'The domain does not have an ICP filling or has been blacklisted.', + 'title' => 'DeleteDefenseRuleBlockIp', + 'summary' => 'Unblocks an IP address that is blocked by the scan protection module.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseRuleBlockIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"70E65A35-22B8-567C-B0A0-A2E9****20AE\\"\\n}","type":"json"}]', - 'title' => 'ModifyDomainPunishStatus', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\"\\n}","type":"json"}]', ], - 'DescribeCertDetail' => [ - 'summary' => 'Queries the details of a certificate, such as the certificate name, expiration time, issuance time, and associated domain name.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DeleteDefenseTemplate' => [ + 'summary' => 'Deletes a protection rule template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '167806', - 'abilityTreeNodes' => [ - 'FEATUREwafOV749M', - 'FEATUREwafCMMRA4', - 'FEATUREwafMF0FT6', - ], + 'abilityTreeCode' => '106372', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ - 'name' => 'RegionId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-uax****3k0e', - ], + 'schema' => ['description' => 'The ID of the protection template to be deleted.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '3155', 'title' => ''], ], [ - 'name' => 'CertIdentifier', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '123-cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '3C115DBE-8E53-5A12-9CAF-FD3F****CDF6', - ], - 'CertDetail' => [ - 'description' => 'The details of the certificate.'."\n", - 'type' => 'object', - 'properties' => [ - 'Domain' => [ - 'description' => 'The domain name that is associated with the certificate.'."\n", - 'type' => 'string', - 'example' => 'demo.xxxaliyun.com', - ], - 'CertName' => [ - 'description' => 'The name of the certificate.'."\n", - 'type' => 'string', - 'example' => 'testCertName', - ], - 'CertIdentifier' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'CommonName' => [ - 'description' => 'The primary domain name, which is a common name.'."\n", - 'type' => 'string', - 'example' => '*.xxxaliyun.com'."\n", - ], - 'AfterDate' => [ - 'description' => 'The time when the certificate expires. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1976256736582', - ], - 'BeforeDate' => [ - 'description' => 'The time when the certificate was issued. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1976256736582', - ], - 'Sans' => [ - 'description' => 'The other domain names that are associated with the certificate.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The domain name that is associated with the certificate.'."\n", - 'type' => 'string', - 'example' => 'demo.yyyaliyun.com', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'E2DE6F11-6FED-5909-95F2-2520B58C5BC7', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.InvalidCertIdentifier', - 'errorMessage' => 'Invalid certificate ID, certificate ID:%s.', + 'title' => 'DeleteDefenseTemplate', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseTemplate'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3C115DBE-8E53-5A12-9CAF-FD3F****CDF6\\",\\n \\"CertDetail\\": {\\n \\"Domain\\": \\"demo.xxxaliyun.com\\",\\n \\"CertName\\": \\"testCertName\\",\\n \\"CertIdentifier\\": \\"123-cn-hangzhou\\",\\n \\"CommonName\\": \\"*.xxxaliyun.com\\\\n\\",\\n \\"AfterDate\\": 1976256736582,\\n \\"BeforeDate\\": 1976256736582,\\n \\"Sans\\": [\\n \\"demo.yyyaliyun.com\\"\\n ]\\n }\\n}","type":"json"}]', - 'title' => 'DescribeCertDetail', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E2DE6F11-6FED-5909-95F2-2520B58C5BC7\\"\\n}","type":"json"}]', ], - 'DescribeCerts' => [ - 'summary' => 'Queries the certificates issued for your domain names that are added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DeleteDomain' => [ + 'summary' => 'Deletes a CNAME-connected domain name.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '106552', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ - 'name' => 'Domain', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => '域名', - 'description' => 'The domain name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'example.aliyun.com', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], - ], - [ - 'name' => 'PageSize', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Valid values: 1 to 100. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '1000', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The domain name that has been connected to WAF.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.', - 'type' => 'string', - 'required' => false, - 'example' => 'ap-southeast-1', - ], - ], - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-5yd****tb02', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Algorithm', + 'name' => 'AccessType', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the encryption algorithm. Valid values:'."\n" - ."\n" - .'* **NotSM2**: The encryption algorithm is not the SM2 algorithm. This is the default value.'."\n" - .'* **SM2**: The encryption algorithm is the SM2 algorithm.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'SM2', - ], + 'schema' => ['description' => 'The access type of the WAF instance. Valid values:'."\n" + ."\n" + .'- **share** (default): CNAME access.'."\n" + .'- **hybrid\\_cloud_cname**: hybrid cloud reverse proxy access.', 'type' => 'string', 'default' => 'share', 'required' => false, 'example' => 'share', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'DomainId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfmoiy****p2oq', - ], + 'schema' => ['description' => 'The domain name ID.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '19511B0D-5AE0-5600-BB8A-DC2C8345****', - ], - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '8', - ], - 'Certs' => [ - 'description' => 'The certificates.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the certificate.'."\n", - 'type' => 'object', - 'properties' => [ - 'Domain' => [ - 'description' => 'The domain that is supported by the certificate.'."\n", - 'type' => 'string', - 'example' => 'www.example.com '."\n", - ], - 'CertName' => [ - 'description' => 'The name of the certificate.'."\n", - 'type' => 'string', - 'example' => 'waf1234', - ], - 'CertIdentifier' => [ - 'description' => 'The globally unique ID of the certificate. The value follows a "\\<Certificate ID>-ap-southeast-1" format. For example, if the ID of the certificate is 123, the value of the CertIdentifier parameter is 123-ap-southeast-1.'."\n", - 'type' => 'string', - 'example' => '123-ap-southeast-1', - ], - 'CommonName' => [ - 'description' => 'The common name.'."\n", - 'type' => 'string', - 'example' => '*.example.com ', - ], - 'IsChainCompleted' => [ - 'description' => 'Indicates whether the certificate chain is complete. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'AfterDate' => [ - 'description' => 'The expiration time.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1976256736582', - ], - 'BeforeDate' => [ - 'description' => 'The effective time.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1976256836582', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"19511B0D-5AE0-5600-BB8A-DC2C8345****\\",\\n \\"TotalCount\\": 8,\\n \\"Certs\\": [\\n {\\n \\"Domain\\": \\"www.example.com\\\\t\\\\n\\",\\n \\"CertName\\": \\"waf1234\\",\\n \\"CertIdentifier\\": \\"12345-cn-hangzhou\\",\\n \\"CommonName\\": \\"*.example.com\\\\t\\",\\n \\"IsChainCompleted\\": true,\\n \\"AfterDate\\": 1976256736582,\\n \\"BeforeDate\\": 1976256836582\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeCerts', - ], - 'DescribeDomainDNSRecord' => [ - 'summary' => 'Checks whether the Domain Name System (DNS) settings of a domain name are properly configured.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Control.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'."\n"], + ['errorCode' => 'Waf.Control.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match'."\n"], + ['errorCode' => 'Waf.Control.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'], + ['errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Delete a cNAME-connected resource', + 'changeSet' => [ + ['createdAt' => '2022-11-25T01:57:31.000Z', 'description' => 'Request parameters changed'], ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDomain'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + ], + 'DeleteHybridCloudClusterRule' => [ + 'summary' => 'Deletes a hybrid cloud cluster rule from a Web Application Firewall (WAF) instance.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '179230', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '136069', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-nwy****is02', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ClusterRuleResourceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the cluster rule resource.', 'type' => 'string', 'required' => true, 'example' => 'hdbc-clusterrule-*******m0w', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name whose DNS settings you want to check.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'xxx.aliyundoc.com', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C****', - ], - 'DNSStatus' => [ - 'description' => 'The status of the DNS settings. Valid values:'."\n" - ."\n" - .'* **cnameMatched**: The DNS settings are properly configured.'."\n" - .'* **vipMatched**: An A record maps the domain name to the WAF virtual IP address (VIP).'."\n" - .'* **wafVip**: An A record maps the domain name to another WAF VIP.'."\n" - .'* **unRecord**: The domain name does not have a DNS record.'."\n" - .'* **unUsed**: The domain name is not pointed to WAF.'."\n" - .'* **checkTimeout**: The check times out.'."\n", - 'type' => 'string', - 'example' => 'cnameMatched', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4C****\\",\\n \\"DNSStatus\\": \\"cnameMatched\\"\\n}","type":"json"}]', - 'title' => 'DescribeDomainDNSRecord', - ], - 'DescribeWafSourceIpSegment' => [ - 'summary' => 'Queries the back-to-origin CIDR blocks of a Web Application Firewall (WAF) instance.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DeleteHybridCloudClusterRule', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + ], + 'DeleteHybridCloudGroup' => [ + 'summary' => 'Deletes a group.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '115641', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], - 'autoTest' => true, + 'abilityTreeCode' => '136069', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-*****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-*****tm005', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'GroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the node group.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '9087ADDC-9047-4D02-82A7-33021B58083C', - ], - 'WafSourceIp' => [ - 'description' => 'The back-to-origin CIDR blocks that are used by the protection cluster.'."\n", - 'type' => 'object', - 'properties' => [ - 'IPv6' => [ - 'description' => 'An array of back-to-origin IPv6 CIDR blocks.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The back-to-origin IPv6 CIDR block.'."\n", - 'type' => 'string', - 'example' => '2408:XXXX:3c:4800::/56', - ], - ], - 'IPv4' => [ - 'description' => 'An array of back-to-origin IPv4 CIDR blocks.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The back-to-origin IPv4 CIDR block.'."\n", - 'type' => 'string', - 'example' => '101.200.XX.XX/24', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-*****60D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9087ADDC-9047-4D02-82A7-33021B58083C\\",\\n \\"WafSourceIp\\": {\\n \\"IPv6\\": [\\n \\"2408:XXXX:3c:4800::/56\\"\\n ],\\n \\"IPv4\\": [\\n \\"101.200.XX.XX/24\\"\\n ]\\n }\\n}","type":"json"}]', - 'title' => 'DescribeWafSourceIpSegment', - ], - 'DescribeResourcePort' => [ - 'summary' => 'Queries the ports of a cloud service instance that are added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'title' => 'DeleteHybridCloudGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteHybridCloudGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*****60D5EB0\\"\\n}","type":"json"}]', + ], + 'DeleteLogDeliveryConfig' => [ + 'summary' => 'Deletes a log delivery configuration.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeCode' => '205953', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-n6w***x52m', 'title' => ''], ], [ - 'name' => 'ResourceInstanceId', + 'name' => 'DeliveryName', 'in' => 'query', - 'schema' => [ - 'title' => '资源的实例ID', - 'description' => 'The ID of the cloud service instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '8vb40vj87znu3ai7l5lv4-80****'."\n", - ], + 'schema' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', - ], - 'ResourcePorts' => [ - 'description' => 'An array of HTTP and HTTPS listener ports that are added to the WAF instance.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTP or HTTPS listener port.'."\n", - 'type' => 'string', - 'example' => '80', - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-*****', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"ResourcePorts\\": [\\n \\"80\\"\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeResourcePort', - ], - 'DescribeDDoSStatus' => [ - 'summary' => 'Checks whether DDoS attacks occur on specific domain names protected by a Web Application Firewall (WAF) instance.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DeleteLogDeliveryConfig', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*****\\"\\n}","type":"json"}]', + ], + 'DeleteMajorProtectionBlackIp' => [ + 'summary' => 'Deletes an IP address from the blacklist for critical event protection.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '194498', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '124769', + 'abilityTreeNodes' => ['FEATUREwaf2KYU04'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance that you want to query.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'example' => 'waf_v3prepaid_public_cn-***', - 'required' => true, - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], + ], + [ + 'name' => 'TemplateId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '5332', 'title' => ''], + ], + [ + 'name' => 'RuleId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20013135', 'title' => ''], + ], + [ + 'name' => 'IpList', + 'in' => 'query', + 'schema' => ['description' => 'The IP address blacklist to be deleted. Supports custom IP addresses or IP address segments in the blacklist, and supports both IPv4 and IPv6. Multiple IP addresses are separated by commas (,). For more information, see [Critical event protection](~~425591~~).', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '192.0.XX.XX,192.0.XX.XX/24'."\n"], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'example' => 'cn-hangzhou', - 'required' => false, - 'type' => 'string', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'example' => 'rg-acfm***q', - 'required' => false, - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The result of the request.', + 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'example' => 'D7861F61-5B61-46CE-A47C-***', - 'type' => 'string', - ], - 'DDoSStatus' => [ - 'description' => 'Indicates whether DDoS attacks occur on specific domain names.'."\n", - 'items' => [ - 'description' => '', - 'properties' => [ - 'Status' => [ - 'description' => 'Indicates whether DDoS attacks occur on specific domain names. Valid value:'."\n" - ."\n" - .'* **doing**: DDoS attacks occur on specific domain names.'."\n", - 'example' => 'doing', - 'type' => 'string', - ], - 'EventType' => [ - 'description' => 'The type of events that are triggered by DDoS attacks. Valid values:'."\n" - ."\n" - .'* defense: traffic scrubbing events.'."\n" - .'* blackhole: blackhole filtering events.'."\n", - 'example' => 'blackhole', - 'type' => 'string', - ], - ], - 'type' => 'object', - ], - 'type' => 'array', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''], ], - 'type' => 'object', - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"DDoSStatus\\": [\\n {\\n \\"Status\\": \\"doing\\",\\n \\"EventType\\": \\"blackhole\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDDoSStatus', - ], - 'CreateSM2Cert' => [ - 'summary' => 'Uploads a ShangMi (SM) certificate for a domain name that is added to Web Application Firewall (WAF) in CNAME record mode.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DeleteMajorProtectionBlackIp', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMajorProtectionBlackIp'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]', + ], + 'DeleteMemberAccount' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -8125,107 +5488,43 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '213363', + 'abilityTreeNodes' => ['FEATUREwaf4WHEC3'], ], 'parameters' => [ [ - 'name' => 'CertName', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the SM certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test-sm2', - ], - ], - [ - 'name' => 'EncryptCertificate', - 'in' => 'query', - 'schema' => [ - 'description' => 'The content of the SM certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '-----BEGIN CERTIFICATE-----'."\n" - .'***'."\n" - .'-----END CERTIFICATE-----', - ], - ], - [ - 'name' => 'EncryptPrivateKey', - 'in' => 'query', - 'schema' => [ - 'description' => 'The private key of the SM certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '-----BEGIN PRIVATE KEY-----'."\n" - .'***'."\n" - .'-----END PRIVATE KEY-----', - ], - ], - [ - 'name' => 'SignCertificate', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The content of the signing certificate for the SM certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '-----BEGIN CERTIFICATE-----'."\n" - .'***'."\n" - .'-----END CERTIFICATE-----', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'SignPrivateKey', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The private key of the signing certificate for the SM certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '-----BEGIN PRIVATE KEY-----'."\n" - .'***'."\n" - .'-----END PRIVATE KEY-----', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_esasdf3****', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'SourceIp', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The source IP address of the request. You do not need to specify this parameter. The system automatically obtains this value.', 'type' => 'string', 'required' => false, 'example' => '0.0.XX.XX', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'MemberAccountId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the member account that you want to delete from WAF.', 'type' => 'string', 'required' => true, 'example' => '131***********39', 'title' => ''], ], ], 'responses' => [ @@ -8233,139 +5532,218 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-***', - ], - 'CertIdentifier' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'example' => '***-cn-hangzhou', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5ABE714C-8890-5D7E-A08B-45CB650F5473', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"CertIdentifier\\": \\"***-cn-hangzhou\\"\\n}","type":"json"}]', - 'title' => 'CreateSM2Cert', - ], - 'DescribeCnameCount' => [ - 'summary' => 'Queries the total number of domain names that are added to Web Application Firewall (WAF) in CNAME record mode and hybrid cloud reverse proxy mode.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DeleteMemberAccount', + 'summary' => 'Deletes a Web Application Firewall (WAF) member account.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMemberAccount'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteMemberAccount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5ABE714C-8890-5D7E-A08B-45CB650F5473\\"\\n}","type":"json"}]', + ], + 'DescribeAbnormalCloudResources' => [ + 'summary' => 'Queries abnormal cloud resources added in cloud native mode.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'none', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeCode' => '265430', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '阿里云资源组ID。', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', - ], - 'CnameCount' => [ - 'description' => 'The information about the number of domain names that are added to WAF in CNAME record mode and hybrid cloud reverse proxy mode.'."\n", - 'type' => 'object', - 'properties' => [ - 'Total' => [ - 'description' => 'The total number of domain names that are added to WAF in CNAME record mode and hybrid cloud reverse proxy mode.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'HybridCloudCname' => [ - 'description' => 'The number of domain names that are added to WAF in hybrid cloud reverse proxy mode.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Cname' => [ - 'description' => 'The number of domain names that are added to WAF in CNAME record mode.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'title' => '', 'example' => '66A98669-CC6E-4F3E-80A6-***'], + 'AbnormalCloudResources' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'ResourceInstanceId' => ['description' => 'The ID of the instance that is added to WAF.', 'type' => 'string', 'example' => 'lb-***', 'title' => ''], + 'ResourceInstancePort' => ['description' => 'The port of the instance that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'ResourceInstanceName' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'example' => 'test-name', 'title' => ''], + 'ResourceProduct' => ['description' => 'The cloud service to which the resource belongs. By default, instances of Application Load Balancer (ALB), MSE, FC, and SAE are returned. Valid values:'."\n" + ."\n" + .'- **alb**: ALB.'."\n" + ."\n" + .'- **mse**: MSE.'."\n" + ."\n" + .'- **fc**: FC.'."\n" + ."\n" + .'- **sae**: SAE.'."\n" + ."\n" + .'- **ecs**: ECS.'."\n" + ."\n" + .'- **clb4**: Classic Load Balancer (CLB) that uses TCP.'."\n" + ."\n" + .'- **clb7**: CLB that uses HTTP or HTTPS.'."\n" + ."\n" + .'- **nlb**: Network Load Balancer (NLB).'."\n" + ."\n" + .'> Each cloud service is supported in different regions. If you specify this parameter, make sure that the specified cloud service is supported in the selected region. Otherwise, the request may fail.', 'type' => 'string', 'example' => 'clb7', 'title' => ''], + 'Reason' => ['description' => 'The cause of the exception. Valid values:'."\n" + ."\n" + .'- **InvalidCert**: The certificate is invalid.'."\n" + ."\n" + .'- **ClientCertOpend**: Mutual authentication is enabled.'."\n" + ."\n" + .'- **NetworkConfigLost**: A network error occurred.'."\n" + ."\n" + .'- **UserUploadCert**: A custom certificate is uploaded.'."\n" + ."\n" + .'- **CertNotExistInCertCenter**: The certificate ID does not exist in SSL Certificate Service.'."\n" + ."\n" + .'- **CertExpired**: The certificate has expired.'."\n" + ."\n" + .'- **EmptyCertCN**: The common name (CN) is empty.', 'type' => 'string', 'example' => 'CertExpired', 'title' => ''], + 'Details' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Code' => ['description' => 'The cause of the exception. Valid values:'."\n" + ."\n" + .'InvalidCert: The certificate is invalid.'."\n" + ."\n" + .'ClientCertOpend: Mutual authentication is enabled.'."\n" + ."\n" + .'NetworkConfigLost: A network error occurred.'."\n" + ."\n" + .'UserUploadCert: A custom certificate is uploaded.'."\n" + ."\n" + .'CertNotExistInCertCenter: The certificate ID does not exist in SSL Certificate Service.'."\n" + ."\n" + .'CertExpired: The certificate has expired.'."\n" + ."\n" + .'EmptyCertCN: The common name (CN) is empty.', 'type' => 'string', 'example' => 'CertExpired', 'title' => ''], + 'CertName' => ['description' => 'The name of the certificate in SSL Certificate Service.', 'type' => 'string', 'example' => 'test-name', 'title' => ''], + 'ProductCertId' => ['description' => 'The ID of the certificate that is configured in the cloud service console.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'ProductCertName' => ['description' => 'The name of the certificate that is configured in the cloud service console.', 'type' => 'string', 'example' => 'test-cert-name', 'title' => ''], + 'ProductDomainExtension' => ['description' => 'The additional domain name that is configured in the cloud service console.', 'type' => 'string', 'example' => 'www.test.com', 'title' => ''], + 'AppliedType' => ['description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n" + ."\n" + .'- **default**: default certificate.'."\n" + ."\n" + .'- **extension**: additional certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''], + 'CommonName' => ['description' => 'The common name (CN) of the certificate.', 'type' => 'string', 'example' => 'www.test.com'."\n", 'title' => ''], + 'ExpireTime' => ['description' => 'The time when the certificate expires. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1735009193', 'title' => ''], + ], + 'description' => 'The details of the exception.', + 'title' => '', + 'example' => '', + ], + 'description' => 'The details of the exception.', + 'title' => '', + 'example' => '', + ], + 'CloudResourceId' => ['description' => 'The ID of the cloud resource. This ID is automatically generated by WAF when the resource is added.', 'type' => 'string', 'example' => 'lb-***-80-clb7', 'title' => ''], ], + 'description' => 'A cloud resource that is in an abnormal state.', + 'title' => '', + 'example' => '', ], + 'description' => 'The abnormal cloud resources that are added in cloud native mode.', + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'description' => 'The response parameters.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"CnameCount\\": {\\n \\"Total\\": 1,\\n \\"HybridCloudCname\\": 1,\\n \\"Cname\\": 1\\n }\\n}","type":"json"}]', - 'title' => 'DescribeCnameCount', - ], - 'DescribeDefaultHttps' => [ - 'summary' => 'Queries the default SSL and Transport Layer Security (TLS) settings.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.ResourceNotExist', 'errorMessage' => 'The accessed resource already exists. Resource:%s.', 'description' => 'The accessed resource already exists. Resource:%s.'], + ['errorCode' => 'Waf.Pullin.AlreadyAccessed', 'errorMessage' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', 'description' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.'], + ], + ], + 'title' => 'DescribeAbnormalCloudResources', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAbnormalCloudResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-***\\",\\n \\"AbnormalCloudResources\\": [\\n {\\n \\"ResourceInstanceId\\": \\"lb-***\\",\\n \\"ResourceInstancePort\\": 80,\\n \\"ResourceInstanceName\\": \\"test-name\\",\\n \\"ResourceProduct\\": \\"clb7\\",\\n \\"Reason\\": \\"CertExpired\\",\\n \\"Details\\": [\\n {\\n \\"Code\\": \\"CertExpired\\",\\n \\"CertName\\": \\"test-name\\",\\n \\"ProductCertId\\": \\"123-cn-hangzhou\\",\\n \\"ProductCertName\\": \\"test-cert-name\\",\\n \\"ProductDomainExtension\\": \\"www.test.com\\",\\n \\"AppliedType\\": \\"default\\",\\n \\"CommonName\\": \\"www.test.com\\\\n\\",\\n \\"ExpireTime\\": 1735009193\\n }\\n ],\\n \\"CloudResourceId\\": \\"lb-***-80-clb7\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeAccountDelegatedStatus' => [ + 'summary' => 'Queries whether the current user is a delegated administrator of WAF in the multi-account management feature.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -8376,47 +5754,29 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '226995', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '213360', + 'abilityTreeNodes' => ['FEATUREwaf4WHEC3'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => '实例ID', - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp26f1****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -8424,424 +5784,269 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', - ], - 'DefaultHttps' => [ - 'description' => 'The default SSL and TLS settings.'."\n", - 'type' => 'object', - 'properties' => [ - 'CustomCiphers' => [ - 'description' => 'The custom cipher suite.'."\n", - 'type' => 'string', - 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', - ], - 'TLSVersion' => [ - 'description' => 'The version of the TLS protocol. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'example' => 'tlsv1', - ], - 'CertId' => [ - 'description' => 'The certificate ID.'."\n", - 'type' => 'string', - 'example' => '123-cn-hangzhou', - ], - 'CipherSuite' => [ - 'description' => 'The type of the cipher suites. Valid values:'."\n" - ."\n" - .'* **1**: all cipher suites.'."\n" - .'* **2**: strong cipher suites.'."\n" - .'* **99**: custom cipher suites.'."\n", - 'type' => 'string', - 'example' => '1', - ], - 'EnableTLSv3' => [ - 'description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - ], - ], + 'AccountId' => ['description' => 'The Alibaba Cloud account ID.', 'type' => 'string', 'example' => '10***********34', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8161375D-5958-5627-BFDE-DF1458A73E87', 'title' => ''], + 'DelegatedStatus' => ['description' => 'Indicates whether the user is a delegated administrator of WAF. Valid values:'."\n" + ."\n" + .'- **true**: The user is a delegated administrator of WAF.'."\n" + ."\n" + .'- **false**: The user is not a delegated administrator of WAF.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'AccountName' => ['description' => 'The Alibaba Cloud account name. This parameter is returned only when the account is a delegated administrator.', 'type' => 'string', 'example' => 'account_test', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"DefaultHttps\\": {\\n \\"CustomCiphers\\": \\"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384\\",\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"CertId\\": \\"123-cn-hangzhou\\",\\n \\"CipherSuite\\": \\"1\\",\\n \\"EnableTLSv3\\": true\\n }\\n}","type":"json"}]', - 'title' => 'DescribeDefaultHttps', - ], - 'ModifyDefaultHttps' => [ - 'summary' => 'Modifies the default Secure Sockets Layer (SSL) and Transport Layer Security (TLS) settings.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query whether a user is a WAF delegated administrator', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:27:28.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeAccountDelegatedStatus'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAccountDelegatedStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AccountId\\": \\"10***********34\\",\\n \\"RequestId\\": \\"8161375D-5958-5627-BFDE-DF1458A73E87\\",\\n \\"DelegatedStatus\\": true,\\n \\"AccountName\\": \\"account_test\\"\\n}","type":"json"}]', + ], + 'DescribeAddresses' => [ + 'summary' => 'Queries addresses in an address book by paging.', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '226996', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwaf4TDPM4'], ], 'parameters' => [ [ - 'name' => 'CertId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '123-cn-hangzhou', - ], - ], - [ - 'name' => 'TLSVersion', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The version of the TLS protocol. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'tlsv1', - 'enum' => [ - 'tlsv1', - 'tlsv1.1', - 'tlsv1.2', - 'tlsv1.3', - ], - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'CipherSuite', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the cipher suites. Valid values:'."\n" - ."\n" - .'* **1**: all cipher suites.'."\n" - .'* **2**: strong cipher suites.'."\n" - .'* **99**: custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - 'default' => '1', - 'enum' => [ - '1', - '2', - '99', - ], - ], + 'schema' => ['description' => 'The ID of the address book to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '12345678', 'title' => ''], ], [ - 'name' => 'CustomCiphers', + 'name' => 'AddressLike', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The custom cipher suites that you want to add. This parameter is available only if you set **CipherSuite** to **99**.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', - 'enum' => [ - 'ECDHE-ECDSA-AES128-GCM-SHA256', - 'ECDHE-ECDSA-AES256-GCM-SHA384', - 'ECDHE-ECDSA-AES128-SHA256', - 'ECDHE-ECDSA-AES256-SHA384', - 'ECDHE-RSA-AES128-GCM-SHA256', - 'ECDHE-RSA-AES256-GCM-SHA384', - 'ECDHE-RSA-AES128-SHA256', - 'ECDHE-RSA-AES256-SHA384', - 'AES128-GCM-SHA256', - 'AES256-GCM-SHA384', - 'AES128-SHA256', - 'AES256-SHA256', - 'ECDHE-ECDSA-AES128-SHA', - 'ECDHE-ECDSA-AES256-SHA', - 'ECDHE-RSA-AES128-SHA', - 'ECDHE-RSA-AES256-SHA', - 'AES128-SHA', - 'AES256-SHA', - 'DES-CBC3-SHA', - 'RSA+3DES', - '!aNULL', - '!eNULL', - '!LOW', - '!MD5', - '!EXP', - '!DSS', - '!PSK', - '!SRP', - '!kECDH', - '!CAMELLIA', - '!IDEA', - '!SEED', - ], - ], - 'required' => false, - 'maxItems' => 100, - ], + 'schema' => ['description' => 'The address to query. You can set this parameter to perform a fuzzy match on added addresses.', 'type' => 'string', 'required' => false, 'example' => '1.2.3.3', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', - ], + 'schema' => ['description' => 'The pagination token for the next page. Set this parameter to the value of **NextToken** returned in the previous API call. Leave this parameter empty for the first page.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], ], [ - 'name' => 'EnableTLSv3', + 'name' => 'MaxResults', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to support TLS 1.3. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], + 'schema' => ['description' => 'The number of entries per page for paging. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '阿里云资源组ID。', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4gh****wela', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '276D7566-31C9-4192-9DD1-***', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8D8EBFB7-E1EB-5236-952A-092EDC72***', 'title' => ''], + 'AddressList' => [ + 'description' => 'The list of addresses.', + 'type' => 'array', + 'items' => [ + 'description' => 'The address information.', + 'type' => 'object', + 'properties' => [ + 'Address' => ['description' => 'The address.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''], + 'RuleId' => ['description' => 'The address book ID.', 'type' => 'integer', 'format' => 'int64', 'example' => '12345678', 'title' => ''], + 'GmtModified' => ['description' => 'The most recent modification time of the address. The value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1760408233000', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], + 'NextToken' => ['description' => 'The pagination token for the next page. If a next page exists, this field contains a value.'."\n" + .'> If this parameter has a return value, a next page exists. You can pass the returned **NextToken** as a request parameter to retrieve the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], + 'MaxResults' => ['description' => 'The number of entries per page for paging. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.InvalidCertIdentifier', - 'errorMessage' => 'Invalid certificate ID, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.CertNotExist', - 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.CertEmptyCN', - 'errorMessage' => 'The common name of the certificate is empty, certificate ID:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.CertExpired', - 'errorMessage' => 'Certificate expired, certificate ID:%s .', - ], - [ - 'errorCode' => 'Waf.Pullin.InvalidTLS', - 'errorMessage' => 'invalid TLS,TLS:%s .', - ], - [ - 'errorCode' => 'Waf.Pullin.InvalidEnableTLSv3', - 'errorMessage' => 'invalid EnableTLSv3:%s .', - ], - [ - 'errorCode' => 'Waf.Pullin.InvalidCipherSuit', - 'errorMessage' => 'Invalid CipherSuit,CipherSuit:%s.', - ], - [ - 'errorCode' => 'Waf.Pullin.InvalidCustomCiphers', - 'errorMessage' => 'Invalid InvalidCustomCiphers, CustomCiphers:%s .', + 'title' => 'Query address book addresses by page', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAddresses', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"276D7566-31C9-4192-9DD1-***\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefaultHttps', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"8D8EBFB7-E1EB-5236-952A-092EDC72***\\",\\n \\"AddressList\\": [\\n {\\n \\"Address\\": \\"1.1.1.1\\",\\n \\"RuleId\\": 12345678,\\n \\"GmtModified\\": 1760408233000\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', ], - 'CreateCerts' => [ - 'summary' => 'Uploads a certificate that uses an internationally accepted algorithm for a domain name added to Web Application Firewall (WAF) in CNAME record mode.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeAlarmBanner' => [ + 'summary' => 'Queries the alert banner information of a Web Application Firewall (WAF) instance.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '167792', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'CertName', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'testrsa1', - ], - ], - [ - 'name' => 'CertContent', - 'in' => 'query', - 'schema' => [ - 'description' => 'The content of the certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '-----BEGIN CERTIFICATE----- 62EcYPWd2****s6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02S****gIEeg== -----END CERTIFICATE----- ', - ], - ], - [ - 'name' => 'CertKey', - 'in' => 'query', - 'schema' => [ - 'description' => 'The private key that corresponds to the certificate.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3U****RgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8****K5G04RtKadOw== -----END RSA PRIVATE KEY----- ', - ], - ], - [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-20p****nw01', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-kf74****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2zerdgm****', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '5BBA38B1-07AE-559F-8766-AB50****C300', - ], - 'CertIdentifier' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'example' => '123456-cn-hangzhou', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5555DC36-0CF2-5AA3-B1C7-D6BD8****', 'title' => ''], + 'BannerStatus' => [ + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'Indicates whether an alert is triggered. Valid values:'."\n" + ."\n" + .'- **true**: An alert is triggered. If **Type** is set to **sandbox**, the instance is in the sandbox.'."\n" + ."\n" + .'- **false**: No alert is triggered. If **Type** is set to **sandbox**, the instance is not in the sandbox.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'Type' => ['description' => 'The alert type. Valid value:'."\n" + ."\n" + .'- **sandbox**: a sandbox alert.', 'type' => 'string', 'example' => 'sandbox', 'title' => ''], + 'Cause' => ['description' => 'The cause of the alert. If **Type** is set to **sandbox**, valid values:'."\n" + ."\n" + .'- **fivefold**: The queries per second (QPS) of your service exceeds five times the upper limit of your plan.'."\n" + ."\n" + .'- **4count**: The QPS of your service has exceeded the upper limit of your plan for four or more days.'."\n" + ."\n" + .'- **exceed10w**: The peak QPS of your service exceeds 100,000.'."\n" + ."\n" + .'- **costProtection**: Billing protection is triggered.', 'type' => 'string', 'example' => '4count', 'title' => ''], + 'Count' => ['description' => 'The count associated with the alert at the time it was triggered.'."\n" + ."\n" + .'- If **Type** is set to **sandbox**, this parameter indicates the number of days that the QPS has exceeded the upper limit of your plan.', 'type' => 'integer', 'format' => 'int32', 'example' => '9008', 'title' => ''], + ], + 'description' => 'The status information of the alert banner.', + 'title' => '', + 'example' => '', ], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeAlarmBanner', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5BBA38B1-07AE-559F-8766-AB50****C300\\",\\n \\"CertIdentifier\\": \\"123456-cn-hangzhou\\"\\n}","type":"json"}]', - 'title' => 'CreateCerts', - ], - 'VerifyDomainOwner' => [ - 'summary' => 'Verifies the ownership of a domain name.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAlarmBanner', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5555DC36-0CF2-5AA3-B1C7-D6BD8****\\",\\n \\"BannerStatus\\": {\\n \\"Status\\": true,\\n \\"Type\\": \\"sandbox\\",\\n \\"Cause\\": \\"4count\\",\\n \\"Count\\": 9008\\n }\\n}","type":"json"}]', + ], + 'DescribeAlarmList' => [ + 'summary' => 'Queries a list of alerts.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -8849,127 +6054,113 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '178142', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-*****', - ], - ], - [ - 'name' => 'DomainName', - 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name of which you want to verify the ownership.'."\n" - ."\n" - .'You can specify this parameter to check whether a domain name is added to WAF. Fuzzy match is supported.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'example.com', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-pe33e****', 'title' => ''], ], [ - 'name' => 'VerifyType', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The verification method. Valid values:'."\n" - ."\n" - .'* **dnsCheck**: DNS verification'."\n" - .'* **fileCheck**: file verification'."\n", - 'type' => 'string', - 'required' => true, - 'enumValueTitles' => [ - 'fileCheck' => '', - 'dnsCheck' => '', - ], - 'example' => 'dnsCheck', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Protocol', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The protocol type that is used for file verification. Specify this parameter when you set VerifyType to fileCheck. Valid values:'."\n" - ."\n" - .'* **HTTP**'."\n" - .'* **HTTPS**'."\n", - 'type' => 'string', - 'required' => false, - 'enumValueTitles' => [ - 'HTTPS' => 'HTTPS', - 'HTTP' => 'HTTP', - ], - 'example' => 'HTTP', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2ipnu***', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', - ], - 'VerifyResult' => [ - 'description' => 'The verification result.'."\n", - 'type' => 'object', - 'properties' => [ - 'FailCode' => [ - 'description' => 'The reasons why the verification fails. Valid values:'."\n" - ."\n" - .'* DnsTxtVerifyFailed: The DNS TXT record and the domain name do not match.'."\n" - .'* DnsServerError: The DNS server is abnormal.'."\n" - .'* VerifyFileNotExist: The verification file does not exist.'."\n" - .'* VerifyDomainNotAccess: The access to the domain name failed.'."\n" - .'* FileContentVerifyFailed: The content of the verification file and the domain name do not match.'."\n", - 'type' => 'string', - 'example' => 'DnsTxtVerifyFailed', - ], - 'Result' => [ - 'description' => 'The verification result. Valid values:'."\n" + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8D8EBFB7-E1EB-5236-952A-092EDC72***', 'title' => ''], + 'Alarms' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The current status of the alert. Valid values:'."\n" + ."\n" + .'- **1**: The queries per second (QPS) limit is exceeded.'."\n" + ."\n" + .'- **2**: The WAF instance enters the sandbox.'."\n" + ."\n" + .'- **3**: The WAF instance is removed from the sandbox.'."\n" + ."\n" + .'- **4**: The QPS no longer exceeds the limit.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'Type' => ['description' => 'The type of the alert. Valid value:'."\n" ."\n" - .'* **true**: The verification succeeds.'."\n" - .'* **false**: The verification fails.'."\n", - 'type' => 'boolean', - 'example' => 'true', + .'- **qps**: a QPS alert.', 'type' => 'string', 'example' => 'qps', 'title' => ''], + 'MaxQps' => ['description' => 'The peak QPS during the alert period.', 'type' => 'integer', 'format' => 'int64', 'example' => '12000', 'title' => ''], + 'EndTime' => ['description' => 'The end time of the alert. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1605600798', 'title' => ''], + 'Cause' => ['description' => 'The cause of the alert. Valid values:'."\n" + ."\n" + .'- **fivefold**: The QPS exceeds the limit of the current WAF instance specifications.'."\n" + ."\n" + .'- **4count**: The actual QPS has cumulatively exceeded the limit of the current WAF instance specifications.'."\n" + ."\n" + .'- **exceed10w**: The peak QPS exceeds 100,000.'."\n" + ."\n" + .'- **costProtection**: Billing protection is triggered.', 'type' => 'string', 'example' => '4count', 'title' => ''], + 'StartTime' => ['description' => 'The start time of the alert. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1605600767', 'title' => ''], + 'Spec' => ['description' => 'The QPS limit of the current WAF instance specifications.', 'type' => 'integer', 'format' => 'int64', 'example' => '10000', 'title' => ''], ], + 'description' => 'The details of the alert.', + 'title' => '', + 'example' => '', ], + 'description' => 'The alerts.', + 'title' => '', + 'example' => '', ], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"VerifyResult\\": {\\n \\"FailCode\\": \\"DnsTxtVerifyFailed\\",\\n \\"Result\\": true\\n }\\n}","type":"json"}]', - 'title' => 'VerifyDomainOwner', - ], - 'DescribeVerifyContent' => [ - 'summary' => '查询归属校验内容', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeAlarmList', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAlarmList', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8D8EBFB7-E1EB-5236-952A-092EDC72***\\",\\n \\"Alarms\\": [\\n {\\n \\"Status\\": 1,\\n \\"Type\\": \\"qps\\",\\n \\"MaxQps\\": 12000,\\n \\"EndTime\\": 1605600798,\\n \\"Cause\\": \\"4count\\",\\n \\"StartTime\\": 1605600767,\\n \\"Spec\\": 10000\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApiExports' => [ + 'summary' => 'Queries the list of API security export tasks.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -8980,302 +6171,272 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '178150', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '156331', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ + 'name' => 'Lang', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The language type. Valid values:'."\n" + ."\n" + .'- **zh**: Chinese.'."\n" + .'- **en**: English.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'zh'], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'maximum' => '200', 'minimum' => '1', 'default' => '10', 'example' => '10', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-p****', 'title' => ''], ], [ - 'name' => 'DomainName', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'example.com', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'AccessOrigin', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'share', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'DnsContent' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RR' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'verification', - ], - 'Type' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'TXT', - ], - 'Value' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'verify_0a246ca99d504ba087472d***', - ], - ], - ], - 'FileContent' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'TopDomain' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'aliyundemo.com', - ], - 'VerifyPath' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'http://xxx.xxx.com//xxx.html', - ], - 'FileName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'xxx.html', - ], - 'Value' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'verify_0a246ca99d504ba08***', - ], - 'DownloadUrl' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'http://oss.xxx.com//xxx.html', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D9532525-E885-54E7-A178-D5554D563AFB', 'title' => ''], + 'ApiExports' => [ + 'description' => 'The list of export tasks.', + 'type' => 'array', + 'items' => [ + 'description' => 'The export task information.', + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The status of the export task. Valid values:'."\n" + ."\n" + .'- **expired**: The file has expired.'."\n" + ."\n" + .'- **exporting**: The export is in progress.'."\n" + ."\n" + .'- **completed**: The export is complete.', 'type' => 'string', 'example' => 'completed', 'title' => ''], + 'FileUrl' => ['description' => 'The download URL of the file.', 'type' => 'string', 'example' => 'https://waf-api-sec-cn.***.aliyuncs.com/file_1610954145***.csv', 'title' => ''], + 'Type' => ['description' => 'The type of the export task. Valid values:'."\n" + ."\n" + .'- **apisec_api**: API asset task.'."\n" + ."\n" + .'- **apisec_abnormal**: API risk task.'."\n" + ."\n" + .'- **apisec_event**: API security event task.', 'type' => 'string', 'example' => 'apisec_api', 'title' => ''], + 'Format' => ['description' => 'The format of the exported file.', 'type' => 'string', 'example' => 'CSV', 'title' => ''], + 'FileName' => ['description' => 'The file name.', 'type' => 'string', 'example' => 'file_16109541456445334c0f01d9a7444e0e908***.csv', 'title' => ''], + 'CreateTime' => ['description' => 'The time when the export task was created. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1725604852', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-***', - ], - 'VerifyResult' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], + 'Total' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '7', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DnsContent\\": {\\n \\"RR\\": \\"verification\\",\\n \\"Type\\": \\"TXT\\",\\n \\"Value\\": \\"verify_0a246ca99d504ba087472d***\\"\\n },\\n \\"FileContent\\": {\\n \\"TopDomain\\": \\"aliyundemo.com\\",\\n \\"VerifyPath\\": \\"http://xxx.xxx.com//xxx.html\\",\\n \\"FileName\\": \\"xxx.html\\",\\n \\"Value\\": \\"verify_0a246ca99d504ba08***\\",\\n \\"DownloadUrl\\": \\"http://oss.xxx.com//xxx.html\\"\\n },\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"VerifyResult\\": true\\n}","type":"json"}]', - ], - 'ModifyDomainCert' => [ - 'summary' => '修改域名的证书', - 'path' => '', - 'methods' => [ - 'post', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'https', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + 'title' => 'Query API security export tasks', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApiExports', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D9532525-E885-54E7-A178-D5554D563AFB\\",\\n \\"ApiExports\\": [\\n {\\n \\"Status\\": \\"completed\\",\\n \\"FileUrl\\": \\"https://waf-api-sec-cn.***.aliyuncs.com/file_1610954145***.csv\\",\\n \\"Type\\": \\"apisec_api\\",\\n \\"Format\\": \\"CSV\\",\\n \\"FileName\\": \\"file_16109541456445334c0f01d9a7444e0e908***.csv\\",\\n \\"CreateTime\\": 1725604852\\n }\\n ],\\n \\"Total\\": 7\\n}","type":"json"}]', + ], + 'DescribeApisecAbnormalDomainStatistic' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', - 'deprecated' => false, + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'none', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafD36LCH', - ], + 'abilityTreeCode' => '215781', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-ww**b06', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-45919n***', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.example.com', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter is applicable only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ - 'name' => 'CertId', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '123-cn-hangzhou', - ], + 'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC) in seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1682571600', 'title' => ''], ], [ - 'name' => 'TLSVersion', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'tlsv1', - 'enum' => [ - 'tlsv1', - 'tlsv1.1', - 'tlsv1.2', - 'tlsv1.3', - ], - ], + 'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC) in seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1687313820', 'title' => ''], ], [ - 'name' => 'CipherSuite', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1', - 'enum' => [ - '1', - '2', - '99', - ], - ], + 'schema' => ['description' => 'The page number when using paging. Sets the current page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'CustomCiphers', + 'name' => 'PageSize', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'ECDHE-ECDSA-AES256-SHA384', - 'enum' => [ - 'ECDHE-ECDSA-AES128-GCM-SHA256', - 'ECDHE-ECDSA-AES256-GCM-SHA384', - 'ECDHE-ECDSA-AES128-SHA256', - 'ECDHE-ECDSA-AES256-SHA384', - 'ECDHE-RSA-AES128-GCM-SHA256', - 'ECDHE-RSA-AES256-GCM-SHA384', - 'ECDHE-RSA-AES128-SHA256', - 'ECDHE-RSA-AES256-SHA384', - 'AES128-GCM-SHA256', - 'AES256-GCM-SHA384', - 'AES128-SHA256', - 'AES256-SHA256', - 'ECDHE-ECDSA-AES128-SHA', - 'ECDHE-ECDSA-AES256-SHA', - 'ECDHE-RSA-AES128-SHA', - 'ECDHE-RSA-AES256-SHA', - 'AES128-SHA', - 'AES256-SHA', - 'DES-CBC3-SHA', - ], - ], - 'required' => false, - 'maxItems' => 100, - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'EnableTLSv3', + 'name' => 'OrderWay', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'boolean', - 'required' => false, - 'example' => 'false', - ], + 'schema' => ['description' => 'The sort order of the list. Valid values:'."\n" + ."\n" + .'- **asc**: ascending order.'."\n" + ."\n" + .'- **desc**: descending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response', + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request', - 'type' => 'string', - 'example' => '03E3B4DD-2BE7-5D9D-80E8-***', + 'TotalCount' => ['description' => 'The total number of records returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014***B11AE'], + 'Data' => [ + 'description' => 'The data list.', + 'type' => 'array', + 'items' => [ + 'description' => 'The response data.', + 'type' => 'object', + 'properties' => [ + 'High' => ['description' => 'The number of high-risk vulnerabilities.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''], + 'ApiCount' => ['description' => 'The number of APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'Low' => ['description' => 'The number of low-risk vulnerabilities.', 'type' => 'integer', 'format' => 'int64', 'example' => '4', 'title' => ''], + 'Medium' => ['description' => 'The number of medium-risk vulnerabilities.', 'type' => 'integer', 'format' => 'int64', 'example' => '9', 'title' => ''], + 'Domain' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'ba.aliyun.com', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.MustListenHTTPS', - 'errorMessage' => 'The domain name must listen to the HTTPS protocol. Domain:%s.', - ], - ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"03E3B4DD-2BE7-5D9D-80E8-***\\"\\n}","type":"json"}]', - ], - 'DescribeHybridCloudResources' => [ - 'summary' => 'Queries the domain names that are added to a Web Application Firewall (WAF) instance in hybrid cloud mode.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query API security risk domain name statistics', + 'summary' => 'Queries statistics on API security risk domain names.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T12:56:47.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-29T00:40:40.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormalDomainStatistic'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecAbnormalDomainStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014***B11AE\\",\\n \\"Data\\": [\\n {\\n \\"High\\": 12,\\n \\"ApiCount\\": 10,\\n \\"Low\\": 4,\\n \\"Medium\\": 9,\\n \\"Domain\\": \\"ba.aliyun.com\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecAbnormals' => [ + 'summary' => 'Queries the list of API security risks.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -9286,469 +6447,270 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156993', - 'abilityTreeNodes' => [ - 'FEATUREwafSBJ1DO', - ], + 'abilityTreeCode' => '168999', + 'abilityTreeNodes' => ['FEATUREwafWE25G7'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-***********', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-z***9g301', 'title' => ''], ], [ - 'name' => 'Domain', + 'name' => 'ApiId', 'in' => 'query', - 'schema' => [ - 'title' => '域名', - 'description' => 'The domain name that you want to query.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the API associated with the risk.', 'type' => 'string', 'required' => false, 'example' => 'bd9efb8ad******d9ca6', 'title' => ''], ], [ - 'name' => 'Backend', + 'name' => 'ApiFormat', 'in' => 'query', - 'schema' => [ - 'title' => '回源地址', - 'description' => 'The back-to-origin IP address or domain name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1.1.XX.XX', - ], + 'schema' => ['description' => 'The API operation associated with the risk.', 'type' => 'string', 'required' => false, 'example' => '/api/users/login', 'title' => ''], + ], + [ + 'name' => 'MatchedHost', + 'in' => 'query', + 'schema' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'required' => false, 'example' => 'a.aliyun.com', 'title' => ''], + ], + [ + 'name' => 'StartTime', + 'in' => 'query', + 'schema' => ['description' => 'The start time of the query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'string', 'required' => false, 'example' => '1684252800', 'title' => ''], + ], + [ + 'name' => 'EndTime', + 'in' => 'query', + 'schema' => ['description' => 'The end time of the query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'string', 'required' => false, 'example' => '1684382100', 'title' => ''], + ], + [ + 'name' => 'OrderKey', + 'in' => 'query', + 'schema' => ['description' => 'The name of the field used for sorting. Valid values:'."\n" + .'- **discoverTime**: the time when the risk was first detected. This is the default value.'."\n" + .'- **abnormalLevel**: the risk level.'."\n" + .'- **latestDiscoverTime**: the time when the risk was most recently detected.', 'type' => 'string', 'required' => false, 'example' => 'firstTime', 'title' => ''], + ], + [ + 'name' => 'OrderWay', + 'in' => 'query', + 'schema' => ['description' => 'The sort order. Valid values:'."\n" + .'- **desc**: descending order. This is the default value.'."\n" + .'- **asc**: ascending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''], + ], + [ + 'name' => 'AbnormalLevel', + 'in' => 'query', + 'schema' => ['description' => 'The risk level. Valid values:'."\n" + .'- **high**: high risk.'."\n" + .'- **medium**: medium risk.'."\n" + .'- **low**: low risk.', 'type' => 'string', 'required' => false, 'example' => 'medium', 'title' => ''], + ], + [ + 'name' => 'AbnormalTag', + 'in' => 'query', + 'schema' => ['description' => 'The risk type.'."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported risk types.', 'type' => 'string', 'required' => false, 'example' => 'LackOfSpeedLimit', 'title' => ''], + ], + [ + 'name' => 'AbnormalId', + 'in' => 'query', + 'schema' => ['description' => 'The risk ID.', 'type' => 'string', 'required' => false, 'example' => '29c6401****99a2bad3943e26d8', 'title' => ''], + ], + [ + 'name' => 'UserStatus', + 'in' => 'query', + 'schema' => ['description' => 'The risk status. Valid values:'."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + .'- **confirmed**: confirmed.'."\n" + .'- **toBeFixed**: to be fixed.'."\n" + .'- **fixed**: fixed (manually verified).'."\n" + .'- **ignored**: ignored.'."\n" + .'- **toBeVerified**: to be verified by the system.'."\n" + .'- **notFixed**: not fixed after verification.'."\n" + .'- **systemFixed**: fixed (verified by the system).', 'type' => 'string', 'required' => false, 'example' => 'Confirmed', 'title' => ''], ], [ 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '2', 'title' => ''], ], [ 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '50', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '200', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'CnameEnabled', + 'name' => 'Origin', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether the public cloud disaster recovery feature is enabled for the domain name. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], + 'schema' => ['description' => 'The source of the risk type. Valid values:'."\n" + .'- **custom**: custom.'."\n" + .'- **default**: built-in.', 'type' => 'string', 'required' => false, 'example' => 'custom', 'title' => ''], + ], + [ + 'name' => 'ApiTag', + 'in' => 'query', + 'schema' => ['description' => 'The business purpose of the API.'."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'required' => false, 'example' => 'RegisterAPI', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '546', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfmvtc5z52****', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'Domains' => [ - 'description' => 'The domain names.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '5', 'title' => ''], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '9469646C-F2CC-5F0F-8401-C53***4F46'], + 'Data' => [ + 'description' => 'The list of risks.', 'type' => 'array', 'items' => [ - 'description' => 'The access configurations of the domain name.'."\n", + 'description' => 'The risk information.', 'type' => 'object', 'properties' => [ - 'Status' => [ - 'title' => '域名状态', - 'description' => 'The status of the domain name. Valid values:'."\n" - ."\n" - .'* **1:** The domain name is in a normal state.'."\n" - .'* **2:** The domain name is being created.'."\n" - .'* **3:** The domain name is being modified.'."\n" - .'* **4:** The domain name is being released.'."\n" - .'* **5:** WAF no longer forwards the traffic of the domain name.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'ResourceManagerResourceGroupId' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'example' => 'rg-acfmvtc5z52****', - ], - 'Uid' => [ - 'description' => 'The user ID.'."\n", - 'type' => 'string', - 'example' => '130715431409****', - ], - 'Listen' => [ - 'description' => 'The listeners.'."\n", - 'type' => 'object', - 'properties' => [ - 'HttpsPorts' => [ - 'description' => 'The HTTPS listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTPS listener port.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '443', - ], - ], - 'ProtectionResource' => [ - 'description' => 'The type of the protection resource. Valid values:'."\n" - ."\n" - .'* **share:** shared cluster.'."\n" - .'* **gslb:** shared cluster-based intelligent load balancing.'."\n", - 'type' => 'string', - 'example' => 'share', - ], - 'CustomCiphers' => [ - 'description' => 'The custom cipher suites.'."\n" - ."\n" - .'> This parameter is returned only if the value of **CipherSuite** is **99**.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom cipher suite.'."\n", - 'type' => 'string', - 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256', - ], - ], - 'TLSVersion' => [ - 'description' => 'The version of the Transport Layer Security (TLS) protocol. Valid values:'."\n" - ."\n" - .'* **tlsv1**'."\n" - .'* **tlsv1.1**'."\n" - .'* **tlsv1.2**'."\n", - 'type' => 'string', - 'example' => 'tlsv1.2', - ], - 'Http2Enabled' => [ - 'description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'false', - ], - 'CertId' => [ - 'description' => 'The ID of the certificate.'."\n", - 'type' => 'string', - 'example' => '72***76-cn-hangzhou', - ], - 'CipherSuite' => [ - 'description' => 'The types of cipher suites that are added. Valid values:'."\n" - ."\n" - .'* **1:** all cipher suites.'."\n" - .'* **2:** strong cipher suites.'."\n" - .'* **99:** custom cipher suites.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'EnableTLSv3' => [ - 'description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'IPv6Enabled' => [ - 'description' => 'Specifies whether to enable IPv6. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**', - 'type' => 'boolean', - 'example' => 'false', - ], - 'FocusHttps' => [ - 'description' => 'Indicates whether the HTTP to HTTPS redirection feature is enabled for the domain name. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'false', - ], - 'XffHeaders' => [ - 'description' => 'The custom header fields that are used to obtain the actual IP addresses of clients. The value is in the \\["header1","header2",...] format.'."\n" - ."\n" - .'> This parameter is returned only if the value of **XffHeaderMode** is 2.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field that is used to obtain the actual IP address of a client.'."\n", - 'type' => 'string', - 'example' => 'Client-ip', - ], - ], - 'XffHeaderMode' => [ - 'description' => 'The method that is used to obtain the actual IP address of a client. Valid values:'."\n" - ."\n" - .'* **0**: No Layer 7 proxies are deployed in front of WAF.'."\n" - .'* **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client.'."\n" - .'* **2**: WAF reads the value of a custom header field as the actual IP address of the client.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'ExclusiveIp' => [ - 'description' => 'Indicates whether exclusive IP addresses are supported. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'HttpPorts' => [ - 'description' => 'The HTTP listener ports.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The HTTP listener port.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '80', - ], - ], - ], - ], - 'Id' => [ - 'description' => 'The access ID.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'enumValueTitles' => [], - 'example' => '1', - ], - 'Redirect' => [ - 'description' => 'The configurations of the forwarding rule.'."\n", - 'type' => 'object', - 'properties' => [ - 'ConnectTimeout' => [ - 'description' => 'The timeout period for connections. Unit: seconds. Valid values: 5 to 120.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '120', - ], - 'Keepalive' => [ - 'description' => 'Indicates whether the persistent connection feature is enabled. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'SniEnabled' => [ - 'description' => 'Indicates whether the origin Server Name Indication (SNI) feature is enabled. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'CnameEnabled' => [ - 'description' => 'Indicates whether the public cloud disaster recovery feature is enabled. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'KeepaliveTimeout' => [ - 'description' => 'The timeout period for persistent connections that are in the Idle state. Unit: seconds. Valid values: 1 to 60. Default value: 15.'."\n" - ."\n" - .'> This parameter indicates the period of time during which a reused persistent connection can remain in the Idle state before the persistent connection is released.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '15', - ], - 'ReadTimeout' => [ - 'description' => 'The timeout period for read connections. Unit: seconds. Valid values: 5 to 1800.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '200', - ], - 'Backends' => [ - 'description' => 'The IP addresses or domain names of the origin server.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The IP address or domain name of the origin server.'."\n", - 'type' => 'string', - 'example' => '1.1.XX.XX', - ], - ], - 'SniHost' => [ - 'description' => 'The value of the custom SNI field. If the parameter is left empty, the value of the **Host** field in the request header is automatically used as the value of the SNI field.'."\n" - ."\n" - .'> This parameter is returned only if the value of **SniEnabled** is **true**.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'FocusHttpBackend' => [ - 'description' => 'Indicates whether the HTTPS to HTTP redirection feature is enabled for back-to-origin requests. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'WriteTimeout' => [ - 'description' => 'The timeout period for write connections. Unit: seconds. Valid values: 5 to 1800.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '200', - ], - 'RoutingRules' => [ - 'description' => 'The forwarding rules that are configured for the domain name. This parameter is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields:'."\n" - ."\n" - .'* **rs**: the back-to-origin IP addresses or CNAMEs. The value is of the ARRAY type.'."\n" - .'* **location**: the name of the protection node. The value is of the STRING type.'."\n" - .'* **locationId**: the ID of the protection node. The value is of the LONG type.'."\n", - 'type' => 'string', - 'example' => '['."\n" - .' {'."\n" - .' "rs": ['."\n" - .' "1.1.XX.XX"'."\n" - .' ],'."\n" - .' "locationId": 535,'."\n" - .' "location": "test1111"'."\n" - .' }'."\n" - .']', - ], - 'Retry' => [ - 'description' => 'Indicates whether WAF retries forwarding requests if requests fail to be forwarded to the origin server. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'RequestHeaders' => [ - 'description' => 'The key-value pair that is used to label requests that pass through WAF.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The key-value pair that is used to mark the requests that pass through the WAF instance.'."\n", - 'type' => 'object', - 'properties' => [ - 'Value' => [ - 'description' => 'The value of the custom header field.'."\n", - 'type' => 'string', - 'example' => 'bbb', - ], - 'Key' => [ - 'description' => 'The key of the custom header field.'."\n", - 'type' => 'string', - 'example' => 'aaa', - ], - ], - ], - ], - 'KeepaliveRequests' => [ - 'description' => 'The number of reused persistent connections. Valid values: 60 to 1000.'."\n" - ."\n" - .'> This parameter indicates the number of reused persistent connections after the persistent connection feature is enabled.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], - 'Loadbalance' => [ - 'description' => 'The load balancing algorithm that is used to forward requests to the origin server. Valid values:'."\n" - ."\n" - .'* **iphash**'."\n" - .'* **roundRobin**'."\n" - .'* **leastTime**'."\n", - 'type' => 'string', - 'example' => 'iphash', - ], - ], - ], - 'Domain' => [ - 'title' => '域名', - 'description' => 'The domain name.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'Cname' => [ - 'title' => 'CNAME', - 'description' => 'The CNAME assigned by WAF.'."\n" - ."\n" - .'> This parameter is returned only if the value of **CnameEnabled** is true.'."\n", - 'type' => 'string', - 'example' => '50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com', + 'AbnormalId' => ['description' => 'The risk ID.', 'type' => 'string', 'example' => '7c1431f27ae7e9c8cc64095***68e', 'title' => ''], + 'Origin' => ['description' => 'The source of the risk type. Valid values:'."\n" + .'- **custom**: custom.'."\n" + .'- **default**: built-in.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'LastestTime' => ['description' => 'The most recent access time of the API asset. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''], + 'FirstTime' => ['description' => 'The time when the API asset was first discovered. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1701138088', 'title' => ''], + 'AbnromalStatus' => ['description' => 'The risk status.', 'type' => 'string', 'example' => 'unresolved', 'title' => ''], + 'ApiFormat' => ['description' => 'The API operation associated with the risk.', 'type' => 'string', 'example' => '/api/login', 'title' => ''], + 'ApiTag' => ['description' => 'The business purpose of the API.'."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'title' => ''], + 'DiscoverTime' => ['description' => 'The time when the risk was first detected. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''], + 'UserStatus' => ['description' => 'The risk status. Valid values:'."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + .'- **confirmed**: confirmed.'."\n" + .'- **toBeFixed**: to be fixed.'."\n" + .'- **fixed**: fixed (manually verified).'."\n" + .'- **ignored**: ignored.'."\n" + .'- ** toBeVerified**: to be verified by the system.'."\n" + .'- ** notFixed**: not fixed after verification.'."\n" + .'- ** systemFixed**: fixed (verified by the system).', 'type' => 'string', 'example' => 'Confirmed', 'title' => ''], + 'IgnoreTime' => ['description' => 'The time when the user marked the risk as ignored. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''], + 'Follow' => ['description' => 'Indicates whether the risk is followed. Valid values:'."\n" + .'- **1**: followed.'."\n" + .'- **0**: not followed. This is the default value.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'MatchedHost' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com', 'title' => ''], + 'Note' => ['description' => 'The remarks.', 'type' => 'string', 'example' => 'Strict', 'title' => ''], + 'AbnormalEventNumber' => ['description' => 'The number of events associated with the risk.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], + 'AbnormalTag' => ['description' => 'The risk type.'."\n" + ."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported risk types.', 'type' => 'string', 'example' => 'LackOfSpeedLimit', 'title' => ''], + 'AbnormalInfo' => ['description' => 'The detailed risk information, which is a JSON string constructed from a series of parameters. The parameters include:'."\n" + .'- **rule**: the rule associated with the risk.'."\n" + .'- **data_type**: the sensitive data type.'."\n" + .'- **custom_rule_name**: the custom rule name.'."\n" + .'- **rule_name**: the built-in rule name.', 'type' => 'string', 'example' => '{'."\n" + .' "data_type": ["1005","1004"],'."\n" + .' "rule": {'."\n" + .' "parent": "RiskType_Permission",'."\n" + .' "code": "Risk_UnauthSensitive",'."\n" + .' "level": "high",'."\n" + .' "origin": "default",'."\n" + .' "name": "Risk_UnauthSensitive"'."\n" + .' }'."\n" + .'}', 'title' => ''], + 'ApiId' => ['description' => 'The ID of the API associated with the risk.', 'type' => 'string', 'example' => '09559c0d71ca2ffc996b81***836d8', 'title' => ''], + 'AbnormalLevel' => ['description' => 'The risk level. Valid values:'."\n" + .'- **high**: high risk.'."\n" + .'- **medium**: medium risk.'."\n" + .'- **low**: low risk.', 'type' => 'string', 'example' => 'high', 'title' => ''], + 'LatestDiscoverTime' => ['description' => 'The time when the risk was most recently detected. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''], + 'Examples' => [ + 'title' => '', + 'description' => 'The list of examples associated with the risk.', + 'type' => 'array', + 'items' => ['description' => 'The example information, which is a JSON string constructed from a series of parameters. The parameters include:'."\n" + .'- **param_num**: the number of API parameters.'."\n" + .'- **request_method**: the request method.'."\n" + .'- **protocol**: the request protocol.'."\n" + .'- **api_url**: the request URL.'."\n" + .'- **poc_payload**: the request payload.'."\n" + .'- **request**: the request example.'."\n" + .'- **response**: the response example.'."\n" + .'- **param**: the request parameters.', 'type' => 'string', 'example' => '{'."\n" + .' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n" + .' "protocol": "https",'."\n" + .' "api_url": "https://test.cn:443/index.php",'."\n" + .' "param": [],'."\n" + .' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n" + .' "request_method": "GET",'."\n" + .' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n" + .' "param_num": 0'."\n" + .'}', 'title' => ''], + 'deprecated' => true, + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], - ], - 'TotalCount' => [ - 'description' => 'The total number of entries that are returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '24', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '98D2AA9A-5959-5CCD-83E3-B6606232A2BE', + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Domains\\": [\\n {\\n \\"Status\\": 1,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmvtc5z52****\\",\\n \\"Uid\\": \\"130715431409****\\",\\n \\"Listen\\": {\\n \\"HttpsPorts\\": [\\n 443\\n ],\\n \\"ProtectionResource\\": \\"share\\",\\n \\"CustomCiphers\\": [\\n \\"ECDHE-ECDSA-AES128-GCM-SHA256\\"\\n ],\\n \\"TLSVersion\\": \\"tlsv1.2\\",\\n \\"Http2Enabled\\": false,\\n \\"CertId\\": \\"72***76-cn-hangzhou\\",\\n \\"CipherSuite\\": 1,\\n \\"EnableTLSv3\\": true,\\n \\"IPv6Enabled\\": false,\\n \\"FocusHttps\\": false,\\n \\"XffHeaders\\": [\\n \\"Client-ip\\"\\n ],\\n \\"XffHeaderMode\\": 0,\\n \\"ExclusiveIp\\": true,\\n \\"HttpPorts\\": [\\n 80\\n ]\\n },\\n \\"Id\\": 12345,\\n \\"Redirect\\": {\\n \\"ConnectTimeout\\": 120,\\n \\"Keepalive\\": true,\\n \\"SniEnabled\\": true,\\n \\"CnameEnabled\\": true,\\n \\"KeepaliveTimeout\\": 15,\\n \\"ReadTimeout\\": 200,\\n \\"Backends\\": [\\n \\"1.1.XX.XX\\"\\n ],\\n \\"SniHost\\": \\"www.aliyundoc.com\\",\\n \\"FocusHttpBackend\\": true,\\n \\"WriteTimeout\\": 200,\\n \\"RoutingRules\\": \\"[\\\\n {\\\\n \\\\\\"rs\\\\\\": [\\\\n \\\\\\"1.1.XX.XX\\\\\\"\\\\n ],\\\\n \\\\\\"locationId\\\\\\": 535,\\\\n \\\\\\"location\\\\\\": \\\\\\"test1111\\\\\\"\\\\n }\\\\n]\\",\\n \\"Retry\\": true,\\n \\"RequestHeaders\\": [\\n {\\n \\"Value\\": \\"bbb\\",\\n \\"Key\\": \\"aaa\\"\\n }\\n ],\\n \\"KeepaliveRequests\\": 1000,\\n \\"Loadbalance\\": \\"iphash\\"\\n },\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Cname\\": \\"50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com\\"\\n }\\n ],\\n \\"TotalCount\\": 24,\\n \\"RequestId\\": \\"98D2AA9A-5959-5CCD-83E3-B6606232A2BE\\"\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudResources', - ], - 'DescribeHybridCloudProtectableCount' => [ - 'summary' => 'Queries the number of protection nodes that can be added to a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query API security risks', + 'changeSet' => [ + ['createdAt' => '2025-01-16T13:23:42.000Z', 'description' => 'Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormals'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecAbnormals', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"9469646C-F2CC-5F0F-8401-C53***4F46\\",\\n \\"Data\\": [\\n {\\n \\"AbnormalId\\": \\"7c1431f27ae7e9c8cc64095***68e\\",\\n \\"Origin\\": \\"custom\\",\\n \\"LastestTime\\": 1684252800,\\n \\"FirstTime\\": 1701138088,\\n \\"AbnromalStatus\\": \\"unresolved\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"DiscoverTime\\": 1684252800,\\n \\"UserStatus\\": \\"Confirmed\\",\\n \\"IgnoreTime\\": 1684252800,\\n \\"Follow\\": 0,\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"Note\\": \\"Strict\\",\\n \\"AbnormalEventNumber\\": 2,\\n \\"AbnormalTag\\": \\"LackOfSpeedLimit\\",\\n \\"AbnormalInfo\\": \\"{\\\\n \\\\\\"data_type\\\\\\": [\\\\\\"1005\\\\\\",\\\\\\"1004\\\\\\"],\\\\n \\\\\\"rule\\\\\\": {\\\\n \\\\\\"parent\\\\\\": \\\\\\"RiskType_Permission\\\\\\",\\\\n \\\\\\"code\\\\\\": \\\\\\"Risk_UnauthSensitive\\\\\\",\\\\n \\\\\\"level\\\\\\": \\\\\\"high\\\\\\",\\\\n \\\\\\"origin\\\\\\": \\\\\\"default\\\\\\",\\\\n \\\\\\"name\\\\\\": \\\\\\"Risk_UnauthSensitive\\\\\\"\\\\n }\\\\n}\\",\\n \\"ApiId\\": \\"09559c0d71ca2ffc996b81***836d8\\",\\n \\"AbnormalLevel\\": \\"high\\",\\n \\"LatestDiscoverTime\\": 1684252800,\\n \\"Examples\\": [\\n \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecApiResources' => [ + 'summary' => 'Queries the list of API security assets.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -9759,1018 +6721,1110 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '168967', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-4xl3fdi4u01**fe23', - ], + 'schema' => ['title' => '', 'description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-u***gr20j'], ], [ - 'name' => 'RegionId', + 'name' => 'ApiId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'default' => 'cn-hangzhou', - ], + 'schema' => ['title' => '', 'description' => 'The ID of the API.', 'type' => 'string', 'example' => '867ade***24ee6e205b8da82b8f84', 'required' => false], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ApiFormat', 'in' => 'query', - 'schema' => [ - 'description' => '阿里云资源组ID。', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/auth/login', 'required' => false], ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => 'The response parameters.'."\n", - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '6087EA47-C10F-5A0A-A405-DB5B241**B1', - ], - 'ProtectableCount' => [ - 'description' => 'The number of protection nodes that can be added to the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - ], - ], + [ + 'name' => 'MatchedHost', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com', 'required' => false], ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6087EA47-C10F-5A0A-A405-DB5B241**B1\\",\\n \\"ProtectableCount\\": 1\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudProtectableCount', - ], - 'CreateDefenseResource' => [ - 'summary' => '创建防护对象', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'SensitiveType', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The type of sensitive data in the response.'."\n" + .'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'string', 'example' => '1004', 'required' => false], ], - ], - 'operationType' => 'write', - 'systemTags' => [ - 'operationType' => 'create', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '106302', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', + [ + 'name' => 'ApiStatus', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The status of the API. Valid values:'."\n" + .'- **NewbornInterface**: newly added.'."\n" + .'- **OfflineInterface**: inactive.'."\n" + .'- **normal**: normal.', 'type' => 'string', 'example' => 'OfflineInterface', 'required' => false], ], - ], - 'parameters' => [ [ - 'name' => 'Resource', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象名称', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'abctest.com', - ], + 'schema' => ['title' => '', 'description' => 'The start time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'string', 'example' => '1681833600', 'required' => false], ], [ - 'name' => 'Product', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'title' => '云产品名称。例如 alb,clb等', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'ecs', - ], + 'schema' => ['title' => '', 'description' => 'The end time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'string', 'example' => '1683388800', 'required' => false], ], [ - 'name' => 'ResourceGroup', + 'name' => 'OrderKey', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象加入防护组的名称,可选。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '', - ], + 'schema' => ['title' => '', 'description' => 'The name of the field used for sorting. Valid values:'."\n" + .'- **allCnt**: total access volume in the last 30 days.'."\n" + .'- **botCnt**: bot access volume in the last 30 days.'."\n" + .'- **crossBorderCnt**: cross-border access volume in the last 30 days.'."\n" + .'- **abnormalNum**: number of risks associated with the API.'."\n" + .'- **eventNum**: number of events associated with the API.'."\n" + .'- **farthestTs**: first discovery time.'."\n" + .'- **lastestTs**: most recent access time.', 'type' => 'string', 'example' => 'allCnt', 'required' => false], ], [ - 'name' => 'ResourceOrigin', + 'name' => 'OrderWay', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象来源, custom:来自用户自定义 access: 来自接入', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'custom', - 'default' => 'custom', - ], + 'schema' => ['title' => '', 'description' => 'The sort order. Valid values:'."\n" + .'- **desc**: descending order (default).'."\n" + .'- **asc**: ascending order.', 'type' => 'string', 'example' => 'desc', 'required' => false], ], [ - 'name' => 'Pattern', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象的防护形式', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'domain', - ], + 'schema' => ['title' => '', 'description' => 'The page number to return in a paging query. Default value: **1**, which indicates that the first page is returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'default' => '1', 'required' => false], ], [ - 'name' => 'Detail', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象的具体描述信息,Map中不同的键值对表示防护对象不同的属性', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '{\\"domain\\": \\"zhhclb4test096-05111.test.com\\"}', - ], + 'schema' => ['title' => '', 'description' => 'The number of entries to return on each page in a paging query. Default value: **10**, which indicates that each page contains 10 entries.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '200', 'minimum' => '1', 'example' => '10', 'default' => '10', 'required' => false], ], [ - 'name' => 'XffStatus', + 'name' => 'Follow', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象是否开启xff代理,默认为0 0=未开启 1=开启', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['title' => '', 'description' => 'Specifies whether the API is followed. Valid values:'."\n" + .'- **1**: followed.'."\n" + .'- **0**: not followed.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'required' => false], ], [ - 'name' => 'CustomHeaders', + 'name' => 'ApiType', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'title' => '自定义xff头用来去真实的客户端源IP,当xff=1且该字段为空时表示取xff头中第一个IP作为客户端源IP', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'x-forwarded-for', - ], - 'required' => false, - ], + 'schema' => ['title' => '', 'description' => 'The service object. Valid values:'."\n" + .'- **PublicAPI**: public service.'."\n" + .'- **ThirdpartAPI**: third-party collaboration.'."\n" + .'- **InternalAPI**: internal office.', 'type' => 'string', 'example' => 'innerAPI', 'required' => false], ], [ - 'name' => 'Description', + 'name' => 'ApiTag', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象1domain 描述信息。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'test', - ], + 'schema' => ['title' => '', 'description' => 'The business purpose of the API.'."\n" + ."\n" + .'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'required' => false], ], [ - 'name' => 'InstanceId', + 'name' => 'SensitiveLevel', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-4xl*******', - ], + 'schema' => ['title' => '', 'description' => 'The sensitivity level of the API. Valid values:'."\n" + .'- **L1**: high sensitivity.'."\n" + .'- **L2**: medium sensitivity.'."\n" + .'- **L3**: low sensitivity.'."\n" + .'- **N**: not sensitive.', 'type' => 'string', 'example' => 'L3', 'required' => false], ], [ - 'name' => 'OwnerUserId', + 'name' => 'ApiMethod', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '123221XXX', - ], + 'schema' => ['title' => '', 'description' => 'The request method of the API. Valid values:'."\n" + .'- **GET**: GET request.'."\n" + .'- **POST**: POST request.'."\n" + .'- **HEAD**: HEAD request.'."\n" + .'- **PUT**: PUT request.'."\n" + .'- **DELETE**: DELETE request.'."\n" + .'- **CONNECT**: CONNECT request.'."\n" + .'- **PATCH**: PATCH request.'."\n" + .'- **OPTIONS**: OPTIONS request.', 'type' => 'string', 'example' => 'POST', 'required' => false], ], [ - 'name' => 'Tag', + 'name' => 'ClusterId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'title' => '标签列表,最多包含20个子项', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'title' => '标签键', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'demoTagKey', - ], - 'Value' => [ - 'title' => '标签值', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'TagValue1', - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 21, - ], + 'schema' => ['title' => '', 'description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'example' => '740', 'required' => false], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'Note', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['title' => '', 'description' => 'The remarks.', 'type' => 'string', 'example' => 'loginApi', 'required' => false], + ], + [ + 'name' => 'RequestSensitiveType', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The type of sensitive information in the request.'."\n" + ."\n" + .'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive information types.', 'type' => 'string', 'example' => '1004,1005', 'required' => false], + ], + [ + 'name' => 'AuthFlag', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'Specifies whether the API has an authentication field. Valid values:'."\n" + .'- **0**: has authentication.'."\n" + .'- **1**: does not have authentication.', 'type' => 'string', 'example' => '0', 'required' => false], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'required' => false], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1738C613-D054-5191-888B-DC0CF4C3A4A0', - ], - 'Resource' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'cdX.XXX-call.cn-alb', + 'TotalCount' => ['title' => '', 'description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '5'], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B'], + 'Data' => [ + 'title' => '', + 'description' => 'The list of API assets.', + 'type' => 'array', + 'items' => [ + 'title' => '', + 'description' => 'The asset details.', + 'type' => 'object', + 'properties' => [ + 'EventNum' => ['title' => '', 'description' => 'The number of security events associated with the API.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'], + 'FarthestTs' => ['title' => '', 'description' => 'The time when the API asset was first discovered, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683388800'], + 'ApiSensitive' => ['title' => '', 'description' => 'The sensitive information involved in the API, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n" + .'- **request_sensitive_list**: the list of sensitive data types in the request.'."\n" + .'- **response_sensitive_list**: the list of sensitive data types in the response.'."\n" + .'- **sensitive_list**: the list of sensitive data types.'."\n" + .'- **sensitive_level**: the sensitivity level.', 'type' => 'string', 'example' => '{'."\n" + .' "sensitive_list": ["1003","1005"],'."\n" + .' "sensitive_level": "L2",'."\n" + .' "request_sensitive_list": ["1003"],'."\n" + .' "response_sensitive_list": ["1005"]'."\n" + .'}'], + 'ApiFormat' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/v1/etl/finddatabyvid'], + 'ApiTag' => ['title' => '', 'description' => 'The business purpose of the API.'."\n" + .'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported business purposes.', 'type' => 'string', 'example' => 'SendMail'], + 'CrossBorderCnt' => ['title' => '', 'description' => 'The cross-border access volume in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'], + 'AuthFlag' => ['title' => '', 'description' => 'Specifies whether the API has an authentication field. Valid values:'."\n" + .'- **0**: has authentication.'."\n" + .'- **1**: does not have authentication.', 'type' => 'string', 'example' => '1'], + 'AllCnt' => ['title' => '', 'description' => 'The total access volume in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683388800'], + 'ApiMethod' => ['title' => '', 'description' => 'The request method of the API. Valid values:'."\n" + .'- **GET**: GET request.'."\n" + .'- **POST**: POST request.'."\n" + .'- **HEAD**: HEAD request.'."\n" + .'- **PUT**: PUT request.'."\n" + .'- **DELETE**: DELETE request.'."\n" + .'- **CONNECT**: CONNECT request.'."\n" + .'- **PATCH**: PATCH request.'."\n" + .'- **OPTIONS**: OPTIONS request.', 'type' => 'string', 'example' => 'POST'], + 'LastestTs' => ['title' => '', 'description' => 'The most recent access time of the API asset, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683388800'], + 'ApiStatus' => ['title' => '', 'description' => 'The status of the API. Valid values:'."\n" + .'- **NewbornInterface**: newly added.'."\n" + .'- **OfflineInterface**: inactive.'."\n" + .'- **normal**: normal.', 'type' => 'string', 'example' => 'NewbornInterface'], + 'ApiSensitiveResponse' => ['title' => '', 'description' => 'The sensitive data in the API response.', 'type' => 'string', 'example' => '["1002","1005"]'], + 'BotCnt' => ['title' => '', 'description' => 'The bot access volume in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'], + 'Follow' => ['title' => '', 'description' => 'Specifies whether the API is followed. Valid values:'."\n" + .'- **1**: followed.'."\n" + .'- **0**: not followed.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'], + 'MatchedHost' => ['title' => '', 'description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com'], + 'ApiInfo' => ['title' => '', 'description' => 'The API information, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n" + .'- **param_num**: the number of API parameters.'."\n" + .'- **request_method**: the request method.'."\n" + .'- **protocol**: the request protocol.'."\n" + .'- **api_url**: the request URL.'."\n" + .'- **poc_payload**: the request.'."\n" + .'- **request**: the request sample.'."\n" + .'- **response**: the response sample.'."\n" + .'- **param**: the request parameters.'."\n" + .'> This field is returned only when the **ApiId** parameter is specified.', 'type' => 'string', 'example' => '{'."\n" + .' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n" + .' "protocol": "https",'."\n" + .' "api_url": "https://test.cn:443/index.php",'."\n" + .' "param": [],'."\n" + .' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n" + .' "request_method": "GET",'."\n" + .' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n" + .' "param_num": 0'."\n" + .'}'], + 'AbnormalNum' => ['title' => '', 'description' => 'The number of risks associated with the API.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'], + 'ApiType' => ['title' => '', 'description' => 'The service object. Valid values:'."\n" + .'- **PublicAPI**: public service.'."\n" + .'- **ThirdpartAPI**: third-party collaboration.'."\n" + .'- **InternalAPI**: internal office.', 'type' => 'string', 'example' => 'PublicAPI'], + 'Note' => ['title' => '', 'description' => 'The remarks.', 'type' => 'string', 'example' => 'loginApi'], + 'ApiId' => ['title' => '', 'description' => 'The ID of the API.', 'type' => 'string', 'example' => '197b52abcd81d6a8bd4***e477'], + 'Examples' => [ + 'title' => '', + 'description' => 'The list of API samples.', + 'type' => 'array', + 'items' => ['title' => '', 'description' => 'The sample information, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n" + .'- **param_num**: the number of API parameters.'."\n" + .'- **request_method**: the request method.'."\n" + .'- **protocol**: the request protocol.'."\n" + .'- **api_url**: the request URL.'."\n" + .'- **poc_payload**: the request.'."\n" + .'- **request**: the request sample.'."\n" + .'- **response**: the response sample.'."\n" + .'- **param**: the request parameters.'."\n" + ."\n" + .'> This field is returned only when the **ApiId** parameter is specified.', 'type' => 'string', 'example' => '{'."\n" + .' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n" + .' "protocol": "https",'."\n" + .' "api_url": "https://test.cn:443/index.php",'."\n" + .' "param": [],'."\n" + .' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n" + .' "request_method": "GET",'."\n" + .' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n" + .' "param_num": 0'."\n" + .'}'], + 'deprecated' => true, + 'example' => '', + ], + 'ApiSensitiveRequest' => ['title' => '', 'description' => 'The sensitive data in the API request.', 'type' => 'string', 'example' => '["1002","1005"]'], + 'Resources' => [ + 'title' => '', + 'description' => 'The list of protected objects corresponding to the asset.', + 'type' => 'array', + 'items' => ['title' => '', 'description' => 'The protected object corresponding to the asset.', 'type' => 'string', 'example' => '***.top-waf'], + 'example' => '', + ], + 'AccountEventNum' => ['title' => '', 'description' => 'The number of account security events associated with the asset.', 'type' => 'integer', 'format' => 'int64', 'example' => '1'], + ], + 'example' => '', + ], + 'example' => '', ], ], + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.ResourceExsit', - 'errorMessage' => 'Access resource already exists, resource:%s.', + 'staticInfo' => ['returnType' => 'synchronous'], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query API security assets', + 'changeSet' => [ + ['createdAt' => '2025-02-24T13:16:00.000Z', 'description' => 'Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecApiResources'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecApiResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1738C613-D054-5191-888B-DC0CF4C3A4A0\\",\\n \\"Resource\\": \\"cdX.XXX-call.cn-alb\\"\\n}","type":"json"}]', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"EventNum\\": 2,\\n \\"FarthestTs\\": 1683388800,\\n \\"ApiSensitive\\": \\"{\\\\n \\\\\\"sensitive_list\\\\\\": [\\\\\\"1003\\\\\\",\\\\\\"1005\\\\\\"],\\\\n \\\\\\"sensitive_level\\\\\\": \\\\\\"L2\\\\\\",\\\\n \\\\\\"request_sensitive_list\\\\\\": [\\\\\\"1003\\\\\\"],\\\\n \\\\\\"response_sensitive_list\\\\\\": [\\\\\\"1005\\\\\\"]\\\\n}\\",\\n \\"ApiFormat\\": \\"/v1/etl/finddatabyvid\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"CrossBorderCnt\\": 2,\\n \\"AuthFlag\\": \\"1\\",\\n \\"AllCnt\\": 1683388800,\\n \\"ApiMethod\\": \\"POST\\",\\n \\"LastestTs\\": 1683388800,\\n \\"ApiStatus\\": \\"NewbornInterface\\",\\n \\"ApiSensitiveResponse\\": \\"[\\\\\\"1002\\\\\\",\\\\\\"1005\\\\\\"]\\",\\n \\"BotCnt\\": 2,\\n \\"Follow\\": 1,\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"ApiInfo\\": \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\",\\n \\"AbnormalNum\\": 2,\\n \\"ApiType\\": \\"PublicAPI\\",\\n \\"Note\\": \\"loginApi\\",\\n \\"ApiId\\": \\"197b52abcd81d6a8bd4***e477\\",\\n \\"Examples\\": [\\n \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\"\\n ],\\n \\"ApiSensitiveRequest\\": \\"[\\\\\\"1002\\\\\\",\\\\\\"1005\\\\\\"]\\",\\n \\"Resources\\": [\\n \\"***.top-waf\\"\\n ],\\n \\"AccountEventNum\\": 1\\n }\\n ]\\n}","type":"json"}]', ], - 'DeleteDefenseResource' => [ - 'summary' => '删除单个防护对象', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeApisecAssetTrend' => [ + 'summary' => 'Queries the trend of API security API assets.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106306', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '215756', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-9lb*******', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-ww**b06', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象名称', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'zhh*****-2034.test.top-clb7', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter is available only in hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '590', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310000', 'title' => ''], + ], + [ + 'name' => 'EndTime', + 'in' => 'query', + 'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310000', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek**7uq', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '745F051D-95FD-57EC-9DC1-79BB4883C6A4', + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'], + 'Data' => [ + 'description' => 'The list of API asset information.', + 'type' => 'array', + 'items' => [ + 'description' => 'The API asset information.', + 'type' => 'object', + 'properties' => [ + 'AssetOffline' => ['description' => 'The number of inactive APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '20', 'title' => ''], + 'AssetCount' => ['description' => 'The total number of API assets.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''], + 'Timestamp' => ['description' => 'The time of the statistics. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683600042', 'title' => ''], + 'AssetActive' => ['description' => 'The number of active APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '60', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"745F051D-95FD-57EC-9DC1-79BB4883C6A4\\"\\n}","type":"json"}]', - ], - 'CreateDefenseResourceGroup' => [ - 'summary' => 'Creates a protected object group.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query API security API asset trends', + 'changeSet' => [ + ['createdAt' => '2024-11-12T12:56:41.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-29T00:40:39.000Z', 'description' => 'Request parameters changed'], ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAssetTrend'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecAssetTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Data\\": [\\n {\\n \\"AssetOffline\\": 20,\\n \\"AssetCount\\": 80,\\n \\"Timestamp\\": 1683600042,\\n \\"AssetActive\\": 60\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecEventDetail' => [ + 'summary' => 'Retrieves the details of an API security event.', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106349', - 'abilityTreeNodes' => [ - 'FEATUREwafHQWDCC', - ], + 'abilityTreeCode' => '255326', + 'abilityTreeNodes' => ['FEATUREwafDX9EQ6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm005', 'title' => ''], ], [ - 'name' => 'GroupName', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group that you want to create.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group221', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ - 'name' => 'AddList', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected objects that you want to add to the protected object group. You can add multiple protected objects to a protected object group at the same time. You can specify multiple protected objects. Separate them with commas (,).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com'."\n", - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], ], [ - 'name' => 'Description', + 'name' => 'EventId', 'in' => 'query', - 'schema' => [ - 'description' => 'The description of the protected object group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test_domain', - ], + 'schema' => ['description' => 'The ID of the API security event.', 'type' => 'string', 'required' => true, 'example' => '18ba94fea9***e66ba0557b7b91', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'EventScope', 'in' => 'query', 'schema' => [ - 'description' => 'The region of the WAF instance. Valid values:'."\n" + 'description' => 'The dimension of the security event. Valid values:'."\n" + ."\n" + .'- **ip** (default): IP security event.'."\n" ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", + .'- **account**: account security event.', 'type' => 'string', 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'example' => 'ip', + 'default' => 'ip', + 'enum' => ['ip', 'account'], + 'title' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'DetailType', 'in' => 'query', 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", + 'description' => 'The type of the detailed information about the security event. Valid values:'."\n" + ."\n" + .'- **event\\_info** (default): attack details.'."\n" + ."\n" + .'- **api\\_info**: API information.'."\n" + ."\n" + .'- **cnt\\_info**: attack trend.'."\n" + ."\n" + .'- **ip\\_info**: attacker IP information.'."\n" + ."\n" + .'- **sensitive\\_info**: information about access to sensitive data.'."\n" + ."\n" + .'- **request\\_data**: request information.'."\n" + ."\n" + .'- **response\\_data**: response information.', 'type' => 'string', 'required' => false, - 'example' => 'rg-acfm***q', + 'example' => 'event_info', + 'default' => 'event_info', + 'enum' => ['event_info', 'api_info', 'cnt_info', 'ip_info', 'sensitive_info', 'request_data', 'response_data'], + 'title' => '', ], ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n" + ."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about hybrid cloud WAF clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false], + ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '5D69B341-4F97-58E7-9E16-1B17FE7A9E98', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'EventId' => ['description' => 'The ID of the API security event.', 'type' => 'string', 'example' => '18ba94fea9***e66ba0557b7b91', 'title' => ''], + 'EventTag' => ['description' => 'The type of the security event.'."\n" + ."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.', 'type' => 'string', 'example' => 'ObtainSensitiveUnauthorized', 'title' => ''], + 'AttackerList' => [ + 'type' => 'array', + 'items' => ['description' => 'The attacker identifier.'."\n" + ."\n" + .'> If the EventScope parameter is set to **ip**, this parameter indicates the attacker IP address. If the **EventScope** parameter is set to **account**, this parameter indicates the attacker account.', 'type' => 'string', 'example' => '104.234.140.**', 'title' => ''], + 'title' => '', + 'description' => 'The list of attackers associated with the security event.', + 'example' => '', + ], + 'AttackCnt' => ['description' => 'The total number of attacks in the security event.', 'type' => 'string', 'example' => '345', 'title' => ''], + 'StartTs' => ['description' => 'The beginning of the time range during which the security event occurred. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'example' => '1683648000', 'title' => ''], + 'EndTs' => ['description' => 'The end of the time range during which the security event occurred. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'example' => '1683703260', 'title' => ''], + 'Origin' => ['description' => 'The source of the event type rule. Valid values:'."\n" + ."\n" + .'- **custom**: a user-defined rule.'."\n" + ."\n" + .'- **default**: a built-in rule.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'EventLevel' => ['description' => 'The severity level of the security event. Valid values:'."\n" + ."\n" + .'- **high**: high severity.'."\n" + ."\n" + .'- **medium**: medium severity.'."\n" + ."\n" + .'- **low**: low severity.', 'type' => 'string', 'example' => 'low', 'title' => ''], + 'UserStatus' => ['description' => 'The event status. Valid values:'."\n" + ."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + ."\n" + .'- **confirmed**: confirmed.'."\n" + ."\n" + .'- **actioned**: handled.'."\n" + ."\n" + .'- **ignored**: ignored.', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => ''], + 'Note' => ['description' => 'The remarks added to the security event.', 'type' => 'string', 'example' => 'already confirmed.', 'title' => ''], + 'EventScope' => ['description' => 'The dimension of the security event. Valid values:'."\n" + ."\n" + .'- **ip** (default): IP security event.'."\n" + ."\n" + .'- **account**: account security event.', 'type' => 'string', 'example' => 'ip', 'title' => ''], + 'DetailValue' => ['description' => 'The details of the security event.', 'type' => 'string', 'example' => '{\\"location\\":[\\"FR\\",\\"CN\\"],\\"location_type\\":\\"country\\"}', 'title' => ''], ], + 'description' => 'The response parameters.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5D69B341-4F97-58E7-9E16-1B17FE7A9E98\\"\\n}","type":"json"}]', - 'title' => 'CreateDefenseResourceGroup', - ], - 'ModifyDefenseResourceGroup' => [ - 'summary' => 'Modifies the configurations of a protected object group.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeApisecEventDetail', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecEventDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"EventId\\": \\"18ba94fea9***e66ba0557b7b91\\",\\n \\"EventTag\\": \\"ObtainSensitiveUnauthorized\\",\\n \\"AttackerList\\": [\\n \\"104.234.140.**\\"\\n ],\\n \\"AttackCnt\\": \\"345\\",\\n \\"StartTs\\": \\"1683648000\\",\\n \\"EndTs\\": \\"1683703260\\",\\n \\"Origin\\": \\"custom\\",\\n \\"EventLevel\\": \\"low\\",\\n \\"UserStatus\\": \\"toBeConfirmed\\",\\n \\"Note\\": \\"already confirmed.\\",\\n \\"EventScope\\": \\"ip\\",\\n \\"DetailValue\\": \\"{\\\\\\\\\\\\\\"location\\\\\\\\\\\\\\":[\\\\\\\\\\\\\\"FR\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"CN\\\\\\\\\\\\\\"],\\\\\\\\\\\\\\"location_type\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"country\\\\\\\\\\\\\\"}\\"\\n}","type":"json"}]', + ], + 'DescribeApisecEventDomainStatistic' => [ + 'summary' => 'Queries the domain name statistics of API security events.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106353', - 'abilityTreeNodes' => [ - 'FEATUREwafHQWDCC', - ], + 'abilityTreeCode' => '215784', + 'abilityTreeNodes' => ['FEATUREwafDX9EQ6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'GroupName', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group whose configurations you want to modify.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'test01', - ], + 'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n" + .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ - 'name' => 'AddList', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected objects that you want to add to the protected object group. Separate the protected objects with commas (,). If you leave this parameter empty, no protected objects are added to the protected object group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com', - ], + 'schema' => ['description' => 'The start time, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310', 'title' => ''], ], [ - 'name' => 'DeleteList', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected objects that you want to remove from the protected object group. Separate the protected objects with commas (,). If you leave this parameter empty, no protected objects are removed from the protected object group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test14.waf.com,test24.waf.com', - ], + 'schema' => ['description' => 'The end time, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1686895256', 'title' => ''], ], [ - 'name' => 'Description', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The description of the protected object group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test', - ], + 'schema' => ['description' => 'The page number of the page to return in a paged query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **5**, which indicates **5** entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'OrderWay', + 'in' => 'query', + 'schema' => ['description' => 'The sort order of the list. Valid values:'."\n" + ."\n" + .'- **asc**: ascending order.'."\n" + .'- **desc**: descending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmvyknl****fa', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The result of the request.'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '2CC1AFDE-BB31-5A2F-906E-92FCBDDE6B75', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-*******-80A6-3014697B11AE'], + 'Data' => [ + 'description' => 'The returned data.', + 'type' => 'array', + 'items' => [ + 'description' => 'The returned data.', + 'type' => 'object', + 'properties' => [ + 'High' => ['description' => 'The number of high-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'ApiCount' => ['description' => 'The number of APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'Low' => ['description' => 'The number of low-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], + 'Medium' => ['description' => 'The number of medium-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''], + 'Domain' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'a.aliyun.com', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2CC1AFDE-BB31-5A2F-906E-92FCBDDE6B75\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefenseResourceGroup', - ], - 'DeleteDefenseResourceGroup' => [ - 'summary' => 'Deletes a protected object group.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query API security event domain name statistics', + 'changeSet' => [ + ['createdAt' => '2024-11-12T12:56:41.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-29T00:40:40.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecEventDomainStatistic'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecEventDomainStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"66A98669-*******-80A6-3014697B11AE\\",\\n \\"Data\\": [\\n {\\n \\"High\\": 10,\\n \\"ApiCount\\": 10,\\n \\"Low\\": 2,\\n \\"Medium\\": 6,\\n \\"Domain\\": \\"a.aliyun.com\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecEvents' => [ + 'summary' => 'Queries a list of API security events.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106355', - 'abilityTreeNodes' => [ - 'FEATUREwafHQWDCC', - ], + 'abilityTreeCode' => '169015', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-5y***d31', 'title' => ''], ], [ - 'name' => 'GroupName', + 'name' => 'EventId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group that you want to delete.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group221', - ], + 'schema' => ['description' => 'The ID of the API security event.', 'type' => 'string', 'example' => '18ba94fea9***e66ba0557b7b91', 'title' => '', 'required' => false], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ApiFormat', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The path of the API that is associated with the security event.', 'type' => 'string', 'example' => '/apisec/v1/***.php', 'title' => '', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'MatchedHost', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The domain name or IP address that is protected by WAF.', 'type' => 'string', 'example' => 'a.***.com', 'title' => '', 'required' => false], ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => 'The result of the request.'."\n", - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '25BE1169-9AE4-5D7D-8293-C33242ABB549', - ], - ], - ], + [ + 'name' => 'EventTag', + 'in' => 'query', + 'schema' => ['description' => 'The event type.'."\n" + ."\n" + .'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.', 'type' => 'string', 'example' => 'ObtainSensitiveUnauthorized', 'title' => '', 'required' => false], ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"25BE1169-9AE4-5D7D-8293-C33242ABB549\\"\\n}","type":"json"}]', - 'title' => 'DeleteDefenseResourceGroup', - ], - 'DescribeDefenseResourceGroup' => [ - 'summary' => 'Queries the information about a protected object group.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'StartTs', + 'in' => 'query', + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683648000', 'title' => '', 'required' => false], ], - ], - 'operationType' => 'read', - 'systemTags' => [ - 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHQWDCC', + [ + 'name' => 'EndTs', + 'in' => 'query', + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683703260', 'title' => '', 'required' => false], ], - ], - 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'OrderKey', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The field that is used to sort the query results. Valid values:'."\n" + ."\n" + .'- **allCnt**: the number of attacks.'."\n" + ."\n" + .'- **startTs**: the start time of the event.'."\n" + ."\n" + .'- **endTs**: the end time of the event.', 'type' => 'string', 'example' => 'startTs', 'title' => '', 'required' => false], ], [ - 'name' => 'GroupName', + 'name' => 'OrderWay', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group whose information you want to query.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'group221', - ], + 'schema' => ['description' => 'The order in which the query results are sorted. Valid values:'."\n" + ."\n" + .'- **desc**: descending order. This is the default value.'."\n" + ."\n" + .'- **asc**: ascending order.', 'type' => 'string', 'example' => 'desc', 'title' => '', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The page number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'default' => '1', 'title' => '', 'required' => false], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '200', 'minimum' => '1', 'example' => '10', 'default' => '10', 'title' => '', 'required' => false], ], - ], - 'responses' => [ - 200 => [ - 'headers' => [], - 'schema' => [ - 'description' => 'The returned result.'."\n", - 'type' => 'object', - 'properties' => [ - 'Group' => [ - 'description' => 'The information about the protected object group.'."\n", - 'type' => 'object', - 'properties' => [ - 'GroupName' => [ - 'description' => 'The name of the protected object group.'."\n", - 'type' => 'string', - 'example' => 'group1', - ], - 'GmtCreate' => [ - 'description' => 'The time when the protected object group was created.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '23242312312', - ], - 'ResourceList' => [ - 'description' => 'The protected objects in the protected object group. The protected objects are separated with commas (,).'."\n", - 'type' => 'string', - 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com', - ], - 'Description' => [ - 'description' => 'The description of the protected object group.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'GmtModified' => [ - 'description' => 'The most recent time when the protected object group was modified.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '23242312312', - ], - ], - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'E67D21C6-5376-5F94-B745-70E08D03E3CB', - ], - ], - ], + [ + 'name' => 'ApiTag', + 'in' => 'query', + 'schema' => ['description' => 'The business purpose of the API.'."\n" + ."\n" + .'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'title' => '', 'required' => false], ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Group\\": {\\n \\"GroupName\\": \\"group1\\",\\n \\"GmtCreate\\": 23242312312,\\n \\"ResourceList\\": \\"test1.aliyundoc.com,test2.aliyundoc.com\\",\\n \\"Description\\": \\"test\\",\\n \\"GmtModified\\": 23242312312\\n },\\n \\"RequestId\\": \\"E67D21C6-5376-5F94-B745-70E08D03E3CB\\"\\n}","type":"json"}]', - 'title' => 'DescribeDefenseResourceGroup', - ], - 'DescribeDefenseResourceGroups' => [ - 'summary' => 'Performs a pagination query to retrieve the information about protected object groups.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'Origin', + 'in' => 'query', + 'schema' => ['description' => 'The source of the event type. Valid values:'."\n" + ."\n" + .'- **custom**: a user-defined event type.'."\n" + ."\n" + .'- **default**: a built-in event type.', 'type' => 'string', 'example' => 'default', 'title' => '', 'required' => false], ], - ], - 'operationType' => 'read', - 'systemTags' => [ - 'operationType' => 'list', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHQWDCC', + [ + 'name' => 'EventLevel', + 'in' => 'query', + 'schema' => ['description' => 'The severity level of the event. Valid values:'."\n" + ."\n" + .'- **high**: high severity.'."\n" + ."\n" + .'- **medium**: medium severity.'."\n" + ."\n" + .'- **low**: low severity.', 'type' => 'string', 'example' => 'low', 'title' => '', 'required' => false], ], - ], - 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'UserStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-wwo36****0i', - ], + 'schema' => ['description' => 'The handling status of the event. Valid values:'."\n" + ."\n" + .'- **toBeConfirmed**: pending confirmation.'."\n" + ."\n" + .'- **confirmed**: confirmed but not yet handled.'."\n" + ."\n" + .'- **actioned**: handled.'."\n" + ."\n" + .'- **ignored**: ignored.', 'type' => 'string', 'example' => 'ignored', 'title' => '', 'required' => false], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'AttackIp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfmxc7lf****eq', - ], + 'schema' => ['description' => 'The IP address of the attacker that you want to use to filter events.', 'type' => 'string', 'example' => '42.224.*.*', 'title' => '', 'required' => false], ], [ - 'name' => 'GroupNameLike', + 'name' => 'ApiId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group that you want to query. Fuzzy queries are supported.', - 'type' => 'string', - 'required' => false, - 'example' => 'demoGroupName', - ], + 'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'example' => '820b860***6205da93b935b28', 'title' => '', 'required' => false], ], [ - 'name' => 'PageNumber', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud WAF cluster.'."\n" + ."\n" + .'> This parameter is required only in hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the IDs of hybrid cloud WAF clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false], ], [ - 'name' => 'PageSize', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **20**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '20', - 'default' => '20', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ - 'name' => 'GroupNames', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The names of the protected object groups that you want to query. Separate multiple names with commas (,).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'groupName1,groupName2', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'EventScope', 'in' => 'query', 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + 'description' => 'The dimension by which security events are categorized. Valid values:'."\n" + ."\n" + .'- **ip**: IP security event. This is the default value.'."\n" ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", + .'- **account**: account security event.', 'type' => 'string', + 'example' => 'ip', + 'default' => 'ip', + 'enum' => ['ip', 'account'], + 'title' => '', 'required' => false, - 'example' => 'cn-hangzhou', ], ], + [ + 'name' => 'Account', + 'in' => 'query', + 'schema' => ['description' => 'The account that you want to use to filter events.', 'type' => 'string', 'example' => '1818743389962696', 'title' => '', 'required' => false], + ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'BFEC5C77-049B-5E88-A5B6-CB0C****B66E', - ], - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'Groups' => [ - 'description' => 'The list of protected object groups.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '12F4CC8F-7E9F-5E4D-BF7C-BD1EDDE0C282'], + 'Data' => [ + 'description' => 'The list of security events.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'The details of the security event.', 'type' => 'object', 'properties' => [ - 'Description' => [ - 'description' => 'The description of the protected object group.'."\n", - 'type' => 'string', - 'example' => 'This is test description', - ], - 'GmtCreate' => [ - 'description' => 'The time when the protected object group was created. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1624343180000', - ], - 'GmtModified' => [ - 'description' => 'The most recent time when the protected object group was modified. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1701656305000', - ], - 'GroupName' => [ - 'description' => 'The name of the protected object group.'."\n", - 'type' => 'string', - 'example' => 'apptest', + 'Origin' => ['description' => 'The source of the event type. Valid values:'."\n" + ."\n" + .'- **custom**: a user-defined event type.'."\n" + ."\n" + .'- **default**: a built-in event type.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'EventLevel' => ['description' => 'The severity level of the event. Valid values:'."\n" + ."\n" + .'- **high**: high severity.'."\n" + ."\n" + .'- **medium**: medium severity.'."\n" + ."\n" + .'- **low**: low severity.', 'type' => 'string', 'example' => 'medium', 'title' => ''], + 'StartTs' => ['description' => 'The start time of the event. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683648000', 'title' => ''], + 'EventInfo' => ['description' => 'The details of the security event. The value is a JSON string that contains the following fields:'."\n" + ."\n" + .'- **ip\\_info**: the information about the attacker IP address. For more information, see the **AttackIpInfo** response parameter.'."\n" + ."\n" + .'- **rule\\_id**: the ID of the rule that corresponds to the event.'."\n" + ."\n" + .'- **rule\\_tag**: the information about the rule that corresponds to the event.', 'type' => 'string', 'deprecated' => true, 'example' => '{'."\n" + .' "ip_info": ['."\n" + .' {'."\n" + .' "ip": "112.224.143.**",'."\n" + .' "country_id": "CN",'."\n" + .' "region_id": "-",'."\n" + .' "cnt": "4"'."\n" + .' }'."\n" + .' ],'."\n" + .' "rule_id": "837**",'."\n" + .' "rule_tag": "interface returns a large amount of sensitive information"'."\n" + .'}'."\n", 'title' => ''], + 'ApiFormat' => ['description' => 'The path of the API that is associated with the security event.', 'type' => 'string', 'example' => '/apisec/v1/register.php', 'title' => ''], + 'ApiTag' => ['description' => 'The business purpose of the API.'."\n" + ."\n" + .'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'title' => ''], + 'UserStatus' => ['description' => 'The handling status of the event. Valid values:'."\n" + ."\n" + .'- **toBeConfirmed**: pending confirmation.'."\n" + ."\n" + .'- **confirmed**: confirmed but not yet handled.'."\n" + ."\n" + .'- **actioned**: handled.'."\n" + ."\n" + .'- **ignored**: ignored.', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => ''], + 'Follow' => ['description' => 'Indicates whether the event is followed. Valid values:'."\n" + ."\n" + .'- **1**: The event is followed.'."\n" + ."\n" + .'- **0**: The event is not followed.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'RequestData' => ['description' => 'A sample of the API request data. The value is a JSON string.', 'type' => 'string', 'deprecated' => true, 'example' => '{}', 'title' => ''], + 'EventId' => ['description' => 'The ID of the security event.', 'type' => 'string', 'example' => 'c82cb276847e9c96f9597d9f4b0cdcff', 'title' => ''], + 'AttackIp' => ['description' => 'The IP address of the attacker. ><notice>This parameter is deprecated. Use the AttackIps parameter instead.></notice>', 'type' => 'string', 'deprecated' => true, 'example' => '104.234.140.**', 'title' => ''], + 'AttackIpInfo' => ['description' => 'The information about the attacker IP address. The value is a JSON string that contains the following fields:'."\n" + ."\n" + .'- **ip**: the IP address.'."\n" + ."\n" + .'- **country\\_id**: the country.'."\n" + ."\n" + .'- **region\\_id**: the region.'."\n" + ."\n" + .'- **cnt**: the number of attacks.', 'type' => 'string', 'deprecated' => true, 'example' => '['."\n" + .' {'."\n" + .' "ip": "72.*.*.119",'."\n" + .' "country_id": "US",'."\n" + .' "region_id": "",'."\n" + .' "cnt": "2100"'."\n" + .' }'."\n" + .']', 'title' => ''], + 'EndTs' => ['description' => 'The end time of the event. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683703260', 'title' => ''], + 'AttackCntInfo' => ['description' => 'The attack count over time. The value is a JSON string in which each key is a UNIX timestamp in seconds and each value is the number of attacks at that time.', 'type' => 'string', 'deprecated' => true, 'example' => '{'."\n" + .' "1717498320": 500,'."\n" + .' "1717498380": 529,'."\n" + .' "1717498440": 20'."\n" + .'}', 'title' => ''], + 'AllCnt' => ['description' => 'The total number of attacks in the security event.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RemoteRegion' => ['description' => 'The region where the attacker IP address is located.', 'type' => 'string', 'example' => '110000', 'title' => ''], + 'ResponseData' => ['description' => 'A sample of the API response data. The value is a JSON string.', 'type' => 'string', 'deprecated' => true, 'example' => '{}', 'title' => ''], + 'AttackClient' => ['description' => 'The type of client that initiated the attack, such as a browser or automation tool.', 'type' => 'string', 'example' => 'Chrome', 'title' => ''], + 'EventTag' => ['description' => 'The event type.'."\n" + ."\n" + .'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.', 'type' => 'string', 'example' => 'ObtainSensitiveUnauthorized', 'title' => ''], + 'MatchedHost' => ['description' => 'The domain name or IP address that is protected by WAF.', 'type' => 'string', 'example' => 'a.***.com', 'title' => ''], + 'Note' => ['description' => 'The remarks that are added to the security event.', 'type' => 'string', 'example' => 'Notify', 'title' => ''], + 'ApiId' => ['description' => 'The ID of the API that is associated with the security event.', 'type' => 'string', 'example' => '2ecc1cf67b91853bc55545052ccf06a8', 'title' => ''], + 'RemoteCountry' => ['description' => 'The country where the attacker IP address is located.', 'type' => 'string', 'example' => 'US', 'title' => ''], + 'AttackIps' => [ + 'description' => 'The list of attacker IP addresses.', + 'type' => 'array', + 'items' => ['description' => 'The IP address of the attacker.', 'type' => 'string', 'example' => '104.234.140.**'."\n", 'title' => ''], + 'title' => '', + 'example' => '', + 'deprecated' => true, ], - 'ResourceList' => [ - 'description' => 'The names of the protected objects that are added to the protected object group. Separate multiple protected objects with commas (,).'."\n", - 'type' => 'string', - 'example' => 'example02.aliyun-waf,example01.aliyun-waf', + 'AttackerList' => [ + 'type' => 'array', + 'items' => ['description' => 'The attacker that is associated with the security event.'."\n" + ."\n" + .'> If the value of EventScope is ip, this parameter indicates the attacker IP address. If the value of EventScope is account, this parameter indicates the attacker account.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''], + 'description' => 'The list of attackers that are associated with the security event.', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BFEC5C77-049B-5E88-A5B6-CB0C****B66E\\",\\n \\"TotalCount\\": 10,\\n \\"Groups\\": [\\n {\\n \\"Description\\": \\"This is test description\\",\\n \\"GmtCreate\\": 1624343180000,\\n \\"GmtModified\\": 1701656305000,\\n \\"GroupName\\": \\"apptest\\",\\n \\"ResourceList\\": \\"example02.aliyun-waf,example01.aliyun-waf\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDefenseResourceGroups', - ], - 'DescribeDefenseResourceGroupNames' => [ - 'summary' => 'Queries the names of protected object groups.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeApisecEvents', + 'changeSet' => [ + ['createdAt' => '2025-02-24T13:16:00.000Z', 'description' => 'Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 3,\\n \\"RequestId\\": \\"12F4CC8F-7E9F-5E4D-BF7C-BD1EDDE0C282\\",\\n \\"Data\\": [\\n {\\n \\"Origin\\": \\"custom\\",\\n \\"EventLevel\\": \\"medium\\",\\n \\"StartTs\\": 1683648000,\\n \\"EventInfo\\": \\"{\\\\n \\\\\\"ip_info\\\\\\": [\\\\n {\\\\n \\\\\\"ip\\\\\\": \\\\\\"112.224.143.**\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"CN\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"cnt\\\\\\": \\\\\\"4\\\\\\"\\\\n }\\\\n ],\\\\n \\\\\\"rule_id\\\\\\": \\\\\\"837**\\\\\\",\\\\n \\\\\\"rule_tag\\\\\\": \\\\\\"interface returns a large amount of sensitive information\\\\\\"\\\\n}\\\\n\\",\\n \\"ApiFormat\\": \\"/apisec/v1/register.php\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"UserStatus\\": \\"toBeConfirmed\\",\\n \\"Follow\\": 0,\\n \\"RequestData\\": \\"{}\\",\\n \\"EventId\\": \\"c82cb276847e9c96f9597d9f4b0cdcff\\",\\n \\"AttackIp\\": \\"104.234.140.**\\",\\n \\"AttackIpInfo\\": \\"[\\\\n {\\\\n \\\\\\"ip\\\\\\": \\\\\\"72.*.*.119\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"US\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"\\\\\\",\\\\n \\\\\\"cnt\\\\\\": \\\\\\"2100\\\\\\"\\\\n }\\\\n]\\",\\n \\"EndTs\\": 1683703260,\\n \\"AttackCntInfo\\": \\"{\\\\n \\\\\\"1717498320\\\\\\": 500,\\\\n \\\\\\"1717498380\\\\\\": 529,\\\\n \\\\\\"1717498440\\\\\\": 20\\\\n}\\",\\n \\"AllCnt\\": 10,\\n \\"RemoteRegion\\": \\"110000\\",\\n \\"ResponseData\\": \\"{}\\",\\n \\"AttackClient\\": \\"Chrome\\",\\n \\"EventTag\\": \\"ObtainSensitiveUnauthorized\\",\\n \\"MatchedHost\\": \\"a.***.com\\",\\n \\"Note\\": \\"Notify\\",\\n \\"ApiId\\": \\"2ecc1cf67b91853bc55545052ccf06a8\\",\\n \\"RemoteCountry\\": \\"US\\",\\n \\"AttackIps\\": [\\n \\"104.234.140.**\\\\n\\"\\n ],\\n \\"AttackerList\\": [\\n \\"1.1.1.1\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + ], + 'DescribeApisecExamples' => [ + 'summary' => 'Queries the API security examples that are detected by Web Application Firewall (WAF).', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -10781,127 +7835,255 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHQWDCC', - ], + 'abilityTreeCode' => '255326', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-lbj****cc03', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm005', 'title' => ''], ], [ - 'name' => 'GroupNameLike', + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], + ], + [ + 'name' => 'ApiId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'required' => true, 'example' => '867ade***24ee6e205b8da82b8f84', 'title' => ''], + ], + [ + 'name' => 'ExampleType', 'in' => 'query', 'schema' => [ - 'description' => 'The name of the protected object group. Fuzzy queries are supported.', + 'description' => 'The type of the example. Valid values:'."\n" + ."\n" + .'- **sensitive**: sensitive data.'."\n" + ."\n" + .'- **risk**: threat.', 'type' => 'string', 'required' => false, - 'enumValueTitles' => [], - 'example' => 'example-group', + 'example' => 'sensitive', + 'enum' => ['risk', 'sensitive'], + 'title' => '', ], ], [ - 'name' => 'PageNumber', + 'name' => 'RequestSensitiveTypeList', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', + 'type' => 'array', + 'items' => ['description' => 'The type of sensitive data in requests.', 'type' => 'string', 'example' => '1001', 'title' => '', 'required' => false], + 'maxItems' => 100, + 'title' => '', + 'description' => 'The list of sensitive data types in requests.', 'required' => false, - 'example' => '1', - 'default' => '1', + 'example' => '', ], ], [ - 'name' => 'PageSize', + 'name' => 'ResponseSensitiveTypeList', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The number of entries per page. Default value: **20**.'."\n", - 'type' => 'integer', - 'format' => 'int32', + 'type' => 'array', + 'items' => ['description' => 'The type of sensitive data in responses.', 'type' => 'string', 'example' => '1001', 'title' => '', 'required' => false], + 'maxItems' => 100, + 'title' => '', + 'description' => 'The list of sensitive data types in responses.', 'required' => false, - 'example' => '10', - 'default' => '20', + 'example' => '', ], ], [ - 'name' => 'RegionId', + 'name' => 'AbnormalTag', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The type of API security threat.', 'type' => 'string', 'example' => 'LackOfSpeedLimit', 'title' => '', 'required' => false], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzwwk****cv5i', - ], + 'schema' => ['description' => 'The token that is used to retrieve the next page of results.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => '', 'required' => false], + ], + [ + 'name' => 'MaxResults', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries to return on each page. Valid values: 1 to 5. Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '5', 'minimum' => '1', 'example' => '5', 'default' => '5', 'title' => '', 'required' => false], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n" + ."\n" + .'> This parameter is available only in hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about Hybrid Cloud WAF clusters.', 'type' => 'string', 'example' => '176', 'title' => '', 'required' => false], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '8', - ], - 'GroupNames' => [ - 'description' => 'The names of the protected object groups.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Examples' => [ 'type' => 'array', 'items' => [ - 'description' => 'The name of the protected object group.'."\n", - 'type' => 'string', - 'example' => 'example-group-name', + 'type' => 'object', + 'properties' => [ + 'Protocol' => ['description' => 'The protocol type of the API request. Valid values:'."\n" + ."\n" + .'- **http**: HTTP'."\n" + ."\n" + .'- **https**: HTTPS', 'type' => 'string', 'example' => 'http', 'title' => ''], + 'ApiUrl' => ['description' => 'The complete URL of the API request.', 'type' => 'string', 'example' => 'http://www.test.com/api/v1/hello.php?token=TkJGQw', 'title' => ''], + 'PocPayload' => ['description' => 'The proof-of-concept (PoC) request.', 'type' => 'string', 'example' => 'curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64)\' -H \'Host: www.test.com\' -H \'Accept-encoding: gzip, deflate\' -H \'Eagleeye-rpcid: 0.1\' \'http://www.test.com/api/v1/hello.php?token=TkJGQw\'', 'title' => ''], + 'RequestSensitiveData' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'SensitiveCode' => ['description' => 'The code that indicates the type of sensitive data in the request.', 'type' => 'string', 'example' => '1000', 'title' => ''], + 'SensitiveDataList' => [ + 'type' => 'array', + 'items' => ['description' => 'The sensitive data entry.', 'type' => 'string', 'example' => '90.88.49.19', 'title' => ''], + 'title' => '', + 'description' => 'The list of sensitive data.', + 'example' => '', + ], + ], + 'title' => '', + 'description' => 'The information about the sensitive data in the request.', + 'example' => '', + ], + 'title' => '', + 'description' => 'The list of sensitive data in the request.', + 'example' => '', + ], + 'ResponseSensitiveData' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'SensitiveCode' => ['description' => 'The code that indicates the type of sensitive data in the response.', 'type' => 'string', 'example' => '1000', 'title' => ''], + 'SensitiveDataList' => [ + 'type' => 'array', + 'items' => ['description' => 'The sensitive data entry.', 'type' => 'string', 'example' => '90.88.49.19', 'title' => ''], + 'title' => '', + 'description' => 'The list of sensitive data.', + 'example' => '', + ], + ], + 'title' => '', + 'description' => 'The information about the sensitive data in the response.', + 'example' => '', + ], + 'title' => '', + 'description' => 'The list of sensitive data in the response.', + 'example' => '', + ], + 'Request' => ['description' => 'The content of the sample request. This is a string converted from a JSON object that consists of a series of parameters. The JSON object contains the following fields:'."\n" + ."\n" + .'- **method**: the request method.'."\n" + ."\n" + .'- **host**: the requested domain name.'."\n" + ."\n" + .'- **header**: the request header.'."\n" + ."\n" + .'- **server\\_port**: the service port.'."\n" + ."\n" + .'- **body**: the request body.'."\n" + ."\n" + .'- **url**: the URI of the request.'."\n" + ."\n" + .'- **server\\_protocol**: the server-side protocol.'."\n" + ."\n" + .'> If the **body** content exceeds 16 KB, only a portion of the content is returned.', 'type' => 'string', 'example' => '{'."\n" + .' "method": "GET",'."\n" + .' "host": "www.test.com",'."\n" + .' "header": {'."\n" + .' "Accept": "*/*",'."\n" + .' "Connection": "keep-alive"'."\n" + .' },'."\n" + .' "server_port": "80",'."\n" + .' "body": "-",'."\n" + .' "url": "/api/v1/hello.php?token=TkJGQw",'."\n" + .' "server_protocol": "HTTP/1.1"'."\n" + .'}', 'title' => ''], + 'Response' => ['description' => 'The content of the sample response. This is a string converted from a JSON object that consists of a series of parameters. The JSON object contains the following fields:'."\n" + ."\n" + .'- **status**: the status code.'."\n" + ."\n" + .'- **header**: the response header.'."\n" + ."\n" + .'- **body**: the response body.'."\n" + ."\n" + .'> If the **body** content exceeds 16 KB, only a portion of the content is returned.', 'type' => 'string', 'example' => '{'."\n" + .' "header": {'."\n" + .' "Connection": "keep-alive",'."\n" + .' "Content-Encoding": "gzip",'."\n" + .' "Content-Type": "text/html; charset=UTF-8"'."\n" + .' },'."\n" + .' "body": "xxxx",'."\n" + .' "status": 200'."\n" + .'}', 'title' => ''], + ], + 'title' => '', + 'description' => 'The details of the API security example.', + 'example' => '', ], + 'title' => '', + 'description' => 'The list of API security examples.', + 'example' => '', ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '59DA4258-2F32-5095-B283-57AC****70B3', - ], + 'NextToken' => ['description' => 'The token that is used to retrieve the next page of results.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], + 'MaxResults' => ['description' => 'The number of entries returned on each page. Valid values: 1 to 5. Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'description' => 'The response parameters.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 8,\\n \\"GroupNames\\": [\\n \\"example-group-name\\"\\n ],\\n \\"RequestId\\": \\"59DA4258-2F32-5095-B283-57AC****70B3\\"\\n}","type":"json"}]', - 'title' => 'DescribeDefenseResourceGroupNames', - ], - 'DescribeDefenseResource' => [ - 'summary' => 'Queries the information about a protected object.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeApisecExamples', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecExamples', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Examples\\": [\\n {\\n \\"Protocol\\": \\"http\\",\\n \\"ApiUrl\\": \\"http://www.test.com/api/v1/hello.php?token=TkJGQw\\",\\n \\"PocPayload\\": \\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64)\' -H \'Host: www.test.com\' -H \'Accept-encoding: gzip, deflate\' -H \'Eagleeye-rpcid: 0.1\' \'http://www.test.com/api/v1/hello.php?token=TkJGQw\'\\",\\n \\"RequestSensitiveData\\": [\\n {\\n \\"SensitiveCode\\": \\"1000\\",\\n \\"SensitiveDataList\\": [\\n \\"90.88.49.19\\"\\n ]\\n }\\n ],\\n \\"ResponseSensitiveData\\": [\\n {\\n \\"SensitiveCode\\": \\"1000\\",\\n \\"SensitiveDataList\\": [\\n \\"90.88.49.19\\"\\n ]\\n }\\n ],\\n \\"Request\\": \\"{\\\\n \\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"host\\\\\\": \\\\\\"www.test.com\\\\\\",\\\\n \\\\\\"header\\\\\\": {\\\\n \\\\\\"Accept\\\\\\": \\\\\\"*/*\\\\\\",\\\\n \\\\\\"Connection\\\\\\": \\\\\\"keep-alive\\\\\\"\\\\n },\\\\n \\\\\\"server_port\\\\\\": \\\\\\"80\\\\\\",\\\\n \\\\\\"body\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"url\\\\\\": \\\\\\"/api/v1/hello.php?token=TkJGQw\\\\\\",\\\\n \\\\\\"server_protocol\\\\\\": \\\\\\"HTTP/1.1\\\\\\"\\\\n}\\",\\n \\"Response\\": \\"{\\\\n \\\\\\"header\\\\\\": {\\\\n \\\\\\"Connection\\\\\\": \\\\\\"keep-alive\\\\\\",\\\\n \\\\\\"Content-Encoding\\\\\\": \\\\\\"gzip\\\\\\",\\\\n \\\\\\"Content-Type\\\\\\": \\\\\\"text/html; charset=UTF-8\\\\\\"\\\\n },\\\\n \\\\\\"body\\\\\\": \\\\\\"xxxx\\\\\\",\\\\n \\\\\\"status\\\\\\": 200\\\\n}\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 5,\\n \\"TotalCount\\": 5\\n}","type":"json"}]', + ], + 'DescribeApisecLogDeliveries' => [ + 'summary' => 'Queries the configurations of API security log subscription.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -10912,224 +8094,111 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106335', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '224407', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-4xl****i60i', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a'."\n", 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'Resource', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象名称', - 'description' => 'The name of the protected object that you want to query. Only exact queries are supported.', - 'type' => 'string', - 'required' => true, - 'example' => 'example.aliyundoc.com-waf ', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: The Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '439AADF2-368C-5E98-B14E-3086****0573', - ], - 'Resource' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'object', - 'properties' => [ - 'GmtCreate' => [ - 'description' => 'The time when the protected object was created. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1607493144000', - ], - 'GmtModified' => [ - 'description' => 'The time when the protected object was modified. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1691720010000', - ], - 'Product' => [ - 'description' => 'The name of the cloud service.'."\n", - 'type' => 'string', - 'example' => 'alb', - ], - 'Resource' => [ - 'description' => 'The name of the protected object.'."\n", - 'type' => 'string', - 'example' => 'alb-rencs***'."\n", - ], - 'ResourceGroup' => [ - 'description' => 'The name of the protected object group to which the protected object belongs.'."\n", - 'type' => 'string', - 'example' => 'example_resource_group', - ], - 'Detail' => [ - 'description' => 'The details of the protected object. Different key-value pairs indicate different attributes of the protected object.'."\n", - 'type' => 'object', - 'example' => '{'."\n" - .'"product": "waf",'."\n" - .' "domain": "demo.aliyundoc****.com"'."\n" - .'}', - ], - 'Pattern' => [ - 'description' => 'The pattern used for the protected object.'."\n", - 'type' => 'string', - 'example' => 'domain', - ], - 'XffStatus' => [ - 'description' => 'Indicates whether a Layer 7 proxy is deployed in front of WAF, such as Anti-DDoS Proxy and Alibaba Cloud CDN. Valid values:'."\n" - ."\n" - .'* **0**: No Layer 7 proxy is deployed.'."\n" - .'* **1**: A Layer 7 proxy is deployed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'CustomHeaders' => [ - 'description' => 'The custom header fields.'."\n" + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''], + 'DeliveryConfigs' => [ + 'description' => 'The configurations of API security log subscription.', + 'type' => 'array', + 'items' => [ + 'description' => 'The configurations.', + 'type' => 'object', + 'properties' => [ + 'AssertKey' => ['description' => 'The type of the log subscription. Valid values:'."\n" ."\n" - .'> If the value of XffStatus is 1, the first IP address in the specified header field is used as the originating IP address of the client to prevent X-Forwarded-For (XFF) forgery. If you specify multiple header fields, WAF reads the values of the header fields in sequence until the originating IP address is obtained. If the originating IP address cannot be obtained, the first IP address in the XFF header field is used as the originating IP address of the client.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field.'."\n", - 'type' => 'string', - 'example' => 'x-forwarded-for', - ], - ], - 'ResourceOrigin' => [ - 'description' => 'The origin of the protected object. Valid values:'."\n" + .'- **risk**: risk information.'."\n" ."\n" - .'* **custom**'."\n" - .'* **access**'."\n", - 'type' => 'string', - 'example' => 'custom', - ], - 'Description' => [ - 'description' => 'The description of the protected object.'."\n", - 'type' => 'string', - 'example' => 'This is Description', - ], - 'ResourceManagerResourceGroupId' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'example' => 'rg-acfmoiy****p2oq', - ], - 'AcwCookieStatus' => [ - 'description' => 'The status of the tracking cookie.'."\n" - ."\n" - .'* **0**: disabled.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'AcwSecureStatus' => [ - 'description' => 'The status of the secure attribute of the tracking cookie.'."\n" - ."\n" - .'* **0**: disabled.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'AcwV3SecureStatus' => [ - 'description' => 'The status of the secure attribute of the slider CAPTCHA cookie.'."\n" - ."\n" - .'* **0**: disabled.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'OwnerUserId' => [ - 'description' => 'The user ID (UID) of the Alibaba Cloud account to which the protected object belongs.', - 'type' => 'string', - 'example' => '170457******9107', - ], - 'ResponseHeaders' => [ - 'description' => 'The response header.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The response header.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'Specifies the key for a custom response header.'."\n", - 'type' => 'string', - 'example' => 'Header-Key'."\n", - ], - 'Value' => [ - 'description' => 'Specifies the value for a custom response header.'."\n", - 'type' => 'string', - 'example' => 'Header-Value'."\n", - ], - ], - ], + .'- **event**: attack event information.'."\n" + ."\n" + .'- **asset**: asset information.', 'type' => 'string', 'example' => 'risk', 'title' => ''], + 'Status' => ['description' => 'The status of API security log subscription. Valid values:'."\n" + ."\n" + .'- **true**: enabled.'."\n" + ."\n" + .'- **false**: disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'LogStoreName' => ['description' => 'The name of the Logstore in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-logstore***'."\n", 'title' => ''], + 'ProjectName' => ['description' => 'The name of the project in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-project-14316572********', 'title' => ''], + 'LogRegionId' => ['description' => 'The ID of the region where logs are stored.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"439AADF2-368C-5E98-B14E-3086****0573\\",\\n \\"Resource\\": {\\n \\"GmtCreate\\": 1607493144000,\\n \\"GmtModified\\": 1691720010000,\\n \\"Product\\": \\"alb\\",\\n \\"Resource\\": \\"alb-rencs***\\\\n\\",\\n \\"ResourceGroup\\": \\"example_resource_group\\",\\n \\"Detail\\": {\\n \\"product\\": \\"waf\\",\\n \\"domain\\": \\"demo.aliyundoc****.com\\"\\n },\\n \\"Pattern\\": \\"domain\\",\\n \\"XffStatus\\": 0,\\n \\"CustomHeaders\\": [\\n \\"x-forwarded-for\\"\\n ],\\n \\"ResourceOrigin\\": \\"custom\\",\\n \\"Description\\": \\"This is Description\\",\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmoiy****p2oq\\",\\n \\"AcwCookieStatus\\": 0,\\n \\"AcwSecureStatus\\": 0,\\n \\"AcwV3SecureStatus\\": 0,\\n \\"OwnerUserId\\": \\"170457******9107\\",\\n \\"ResponseHeaders\\": [\\n {\\n \\"Key\\": \\"Header-Key\\\\n\\",\\n \\"Value\\": \\"Header-Value\\\\n\\"\\n }\\n ]\\n }\\n}","type":"json"}]', - 'title' => 'DescribeDefenseResource', - ], - 'DescribeDefenseResources' => [ - 'summary' => 'Queries protected objects by page.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeApisecLogDeliveries', + 'changeSet' => [ + ['createdAt' => '2024-11-12T11:54:56.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecLogDeliveries'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecLogDeliveries', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"DeliveryConfigs\\": [\\n {\\n \\"AssertKey\\": \\"risk\\",\\n \\"Status\\": true,\\n \\"LogStoreName\\": \\"apisec-logstore***\\\\n\\",\\n \\"ProjectName\\": \\"apisec-project-14316572********\\",\\n \\"LogRegionId\\": \\"cn-hangzhou\\"\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeApisecMatchedHosts' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -11137,311 +8206,129 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106336', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '168988', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-x0r37plpl0g', 'title' => ''], + ], + [ + 'name' => 'MatchedHost', + 'in' => 'query', + 'schema' => ['description' => 'The domain name or IP address.', 'type' => 'string', 'required' => false, 'example' => 'bc.aliyun.com', 'title' => ''], ], [ 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number of the paginated results Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates the first page.', 'type' => 'string', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of results per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '20', - ], + 'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'string', 'default' => '10', 'required' => false, 'example' => '8', 'title' => ''], ], [ - 'name' => 'Query', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => 'The query conditions. Specify the value of this parameter as a string in the JSON format.'."\n" - ."\n" - .'> The results vary based on the query condition. For more information, see the "**Query parameters**" section in this topic.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '{\\"product\\":\\"waf\\"}', - ], + 'schema' => ['description' => 'The detection type. Valid values:'."\n" + .'- **api**: the domain name list of API assets.'."\n" + .'- **abnormal**: the domain name list of risks.'."\n" + .'- **event**: the domain name list of security events.', 'type' => 'string', 'default' => 'api', 'required' => false, 'example' => 'event', 'title' => ''], ], [ - 'name' => 'Tag', + 'name' => 'ClusterId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The tag of the resource. You can specify up to 20 tags.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Value' => [ - 'description' => 'The tag value.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'TagValue1', - ], - 'Key' => [ - 'description' => 'The tag key.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Tagkey1', - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 21, - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '433', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: The Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekz5qqo7jthcsa', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries that are returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '73', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '618F2626-DB27-5187-8C6C-4E61A491DF29', - ], - 'Resources' => [ - 'description' => 'The protected objects.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'string', 'example' => '2', 'title' => ''], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '8D4CA088-F72B-5658-BD5B-ECE8B8F0C7BB'], + 'Data' => [ + 'description' => 'The list of domain names.', 'type' => 'array', 'items' => [ - 'description' => 'Details of the protected object.'."\n", + 'description' => 'The domain name information.', 'type' => 'object', 'properties' => [ - 'Pattern' => [ - 'description' => 'The protection pattern.'."\n", - 'type' => 'string', - 'example' => 'domain', - ], - 'Description' => [ - 'description' => 'The description of the protected object.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'XffStatus' => [ - 'description' => 'Indicates whether the X-Forwarded-For (XFF) header is used.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'GmtModified' => [ - 'description' => 'The most recent modification time of the protected object. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665633032000', - ], - 'Resource' => [ - 'description' => 'The name of the protected object.'."\n", - 'type' => 'string', - 'example' => 'alb-rencs***', - ], - 'AcwV3SecureStatus' => [ - 'description' => 'The status of the secure attribute of the slider CAPTCHA cookie.'."\n" - ."\n" - .'* **0**: disabled. This is the default value.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'Product' => [ - 'description' => 'The name of the cloud service.'."\n", - 'type' => 'string', - 'example' => 'alb', - ], - 'AcwCookieStatus' => [ - 'description' => 'The status of the tracking cookie.'."\n" - ."\n" - .'* **0**: disabled'."\n" - .'* **1**: enabled. This is the default value.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'AcwSecureStatus' => [ - 'description' => 'The status of the secure attribute of the tracking cookie.'."\n" - ."\n" - .'* **0**: disabled. This is the default value.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'ResourceManagerResourceGroupId' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'example' => 'rg-acfm***q', - ], - 'GmtCreate' => [ - 'description' => 'The creation time of the protected object. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1652149203187', - ], - 'OwnerUserId' => [ - 'description' => 'The Alibaba Cloud account to which the protected object belongs. You can specify this parameter to query protected objects that belong to a specific Alibaba Cloud account. Exact match is supported.', - 'type' => 'string', - 'example' => '135*********46', - ], - 'ResourceOrigin' => [ - 'description' => 'The origin of the protected object.'."\n", - 'type' => 'string', - 'example' => 'custom', - ], - 'ResourceGroup' => [ - 'description' => 'The name of the protected object group to which the protected object belongs.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'Detail' => [ - 'description' => 'The description of the protected object. Different key-value pairs in a map indicate different properties of the protected object.'."\n", - 'type' => 'object', - ], - 'CustomHeaders' => [ - 'description' => 'The custom header fields that are used to identify the originating IP addresses of clients. If the value of XffStatus is 1 and CustomHeaders is left empty, the first IP addresses in the XFF header fields are used as the originating IP addresses of clients.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the custom header.'."\n", - 'type' => 'string', - 'example' => 'afbfbajf', - ], - ], - 'ResponseHeaders' => [ - 'description' => 'The response header.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The response header.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'Specifies the key for a custom response header.'."\n", - 'type' => 'string', - 'example' => 'Header-Key', - ], - 'Value' => [ - 'description' => 'Specifies the value for a custom response header.'."\n", - 'type' => 'string', - 'example' => 'Header-Value', - ], - ], - ], - ], + 'MatchedHost' => ['description' => 'The domain name or IP address.', 'type' => 'string', 'example' => 'bc.aliyun.com', 'title' => ''], + 'Count' => ['description' => 'The number of queries.', 'type' => 'integer', 'format' => 'int64', 'example' => '31', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 73,\\n \\"RequestId\\": \\"618F2626-DB27-5187-8C6C-4E61A491****\\",\\n \\"Resources\\": [\\n {\\n \\"Pattern\\": \\"domain\\",\\n \\"Description\\": \\"test\\",\\n \\"XffStatus\\": 1,\\n \\"GmtModified\\": 1665633032000,\\n \\"Resource\\": \\"alb-rencs***\\",\\n \\"AcwV3SecureStatus\\": 0,\\n \\"Product\\": \\"alb\\",\\n \\"AcwCookieStatus\\": 1,\\n \\"AcwSecureStatus\\": 0,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfm***q\\",\\n \\"GmtCreate\\": 1652149203187,\\n \\"OwnerUserId\\": \\"135*********46\\",\\n \\"ResourceOrigin\\": \\"custom\\",\\n \\"ResourceGroup\\": \\"test\\",\\n \\"Detail\\": {\\n \\"domain\\": \\"eou.eleme.cn\\",\\n \\"uri\\": \\"/\\"\\n },\\n \\"CustomHeaders\\": [\\n \\"afbfbajf\\"\\n ],\\n \\"ResponseHeaders\\": [\\n {\\n \\"Key\\": \\"Header-Key\\",\\n \\"Value\\": \\"Header-Value\\"\\n }\\n ]\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDefenseResources', - 'requestParamsDescription' => '### Query'."\n" - ."\n" - .'##### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|product|String|No|waf|The type of the protected object that you want to query. Valid values:\\- **waf**: a protected object that is added by using the CNAME record or hybrid cloud mode.\\- **alb**: an Application Load Balancer (ALB) instance.\\- **clb**: a Classic Load Balancer (CLB) instance.\\- **ecs**: an Elastic Compute Service (ECS) instance.\\- **mse**: a Microservices Engine (MSE) instance.\\-**fc**: a custom domain name bound to a web application in Function Compute.|'."\n" - .'|resourceLike|String|No|example.aliyundoc.c|The name of the protected object that you want to query. Fuzzy match is supported.|'."\n" - .'|resource|String|No|example.aliyundoc.com-waf|The name of the protected object that you want to query. Exact match is supported.|'."\n" - .'|resourceIn|String|No|example1.aliyundoc.com,example2.aliyundoc.com|The protected objects that you want to query. You can specify this parameter to query multiple protected objects. Separate multiple protected objects with commas (,).|'."\n" - .'|instanceId|String|No|alb-nifa24\\*\\*\\*\\*|The instance ID of the protected object that you want to query. Exact match is supported.|'."\n" - .'|domain|String|No|example.aliyundoc.com|The domain name of the protected object that you want to query. Exact match is supported.|'."\n" - .'|resourceGroup|String|No|group1|The protected object group to which the protected object belongs.|'."\n" - .'|inGroup|Boolean|No|true|Specifies whether the protected object is added to a protected object group.|'."\n" - .'|ownerUserId|String|No|135\\*\\*\\*\\*\\*\\*\\*\\*23|The Alibaba Cloud account to which the protected object belongs. You can specify this parameter to query protected objects that belong to a specific Alibaba Cloud account. Exact match is supported.|'."\n" - .'|orderBy|String|No|resource|The method that you want to use to sort protected objects. Valid values:\\- **resource**: sorts protected objects by name.\\- **gmtModified**: sorts protected objects by modification time.|'."\n" - .'|desc|Boolean|No|true|Specifies whether to sort protected objects in ascending or descending order. Valid values:\\- **false**: sorts protected objects in ascending order.\\- **true**: sorts protected objects in descending order.|'."\n" - ."\n" - .'##### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "product ": "waf",'."\n" - .' "resource": "example.aliyundoc.com-waf",'."\n" - .' "domain": "example.aliyundoc.com",'."\n" - .' "resourceLike ": "example.aliyundoc.c",'."\n" - .' "InstaneId": "waf_cn****",'."\n" - .' "resourceIn": "example1.aliyundoc.com,example2.aliyundoc.com",'."\n" - .' "ownerUserId": "135**********41"'."\n" - .'}'."\n" - .'```', - ], - 'DescribeDefenseResourceNames' => [ - 'summary' => 'Performs a pagination query to retrieve the names of protected objects.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query the domain name list for API security detection', + 'summary' => 'Queries the list of domain names for API security detection.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecMatchedHosts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": \\"2\\",\\n \\"RequestId\\": \\"8D4CA088-F72B-5658-BD5B-ECE8B8F0C7BB\\",\\n \\"Data\\": [\\n {\\n \\"MatchedHost\\": \\"bc.aliyun.com\\",\\n \\"Count\\": 31\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecProtectionGroups' => [ + 'summary' => 'Retrieves a list of active API security protection object groups.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -11452,125 +8339,114 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '189024', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-9lb****5s03', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzd4c****pdwy', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'ResourceGroup', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object that you want to query.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'example.xxxxaliyundoc.com', - ], + 'schema' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'required' => false, 'example' => 'group1'."\n", 'title' => ''], ], [ 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **20**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '20', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '60', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ApisecStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The API security detection switch.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', - ], - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '75', - ], - 'Resources' => [ - 'description' => 'The names of the protected objects.'."\n", + 'TotalCount' => ['description' => 'The total number of protected object groups.', 'type' => 'integer', 'format' => 'int64', 'example' => '8', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + 'Data' => [ + 'description' => 'The list of protected object groups.', 'type' => 'array', 'items' => [ - 'description' => 'The name of the protected object.'."\n", - 'type' => 'string', - 'example' => 'example.aliyundoc.com-waf', + 'description' => 'The information about the protected object group.', + 'type' => 'object', + 'properties' => [ + 'ApisecStatus' => ['description' => 'The master switch for API security.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '1', 'title' => ''], + 'ReportStatus' => ['description' => 'The compliance check switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '0', 'title' => ''], + 'ResourceGroup' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'group1', 'title' => ''], + 'TraceStatus' => ['description' => 'The traceability audit switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '0', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"TotalCount\\": 75,\\n \\"Resources\\": [\\n \\"example.aliyundoc.com-waf\\"\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDefenseResourceNames', - ], - 'DescribeDefenseResourceOwnerUid' => [ - 'summary' => '查询防护对象和所属资源的关系', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeApisecProtectionGroups', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionGroups'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecProtectionGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 8,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Data\\": [\\n {\\n \\"ApisecStatus\\": 1,\\n \\"ReportStatus\\": 0,\\n \\"ResourceGroup\\": \\"group1\\",\\n \\"TraceStatus\\": 0\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeApisecProtectionResources' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -11581,305 +8457,340 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '213063', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '188983', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn********60f', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => false, 'example' => 'cwaf-***-waf', 'title' => ''], ], [ - 'name' => 'ResourceNames', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'a.com-waf,b.com-waf', - ], + 'schema' => ['description' => 'The page number to return when you perform a paged query. Default value: **1**, which indicates the first page. For more information about paging, see the API reference.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page when you perform a paged query. Default value: **10**, which indicates 10 entries per page. For more information about paging, see the API reference.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '100', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'ApisecStatus', + 'in' => 'query', + 'schema' => ['description' => 'The global switch for API security.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '7326952B-B83B-5B7C-84FA-77F3E17310A2', - ], - 'OwnerInfos' => [ - 'description' => '', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '5', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''], + 'Data' => [ + 'description' => 'The list of protected objects.', 'type' => 'array', 'items' => [ + 'description' => 'The information about the protected object.', 'type' => 'object', 'properties' => [ - 'ResourceName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'a.com-waf', - ], - 'OwnerUserId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '125************21', - ], + 'ApisecStatus' => ['description' => 'The global switch for API security.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '1', 'title' => ''], + 'Resource' => ['description' => 'The protected object.', 'type' => 'string', 'example' => 'cwaf-***-waf', 'title' => ''], + 'ReportStatus' => ['description' => 'The status of the compliance review switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '1', 'title' => ''], + 'TraceStatus' => ['description' => 'The status of the tracing audit switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7326952B-B83B-5B7C-84FA-77F3E17310A2\\",\\n \\"OwnerInfos\\": [\\n {\\n \\"ResourceName\\": \\"a.com-waf\\",\\n \\"OwnerUserId\\": \\"125************21\\"\\n }\\n ]\\n}","type":"json"}]', - ], - 'ModifyDefenseResourceXff' => [ - 'summary' => 'Modifies the cookie settings of a protected object and the method to identify the originating IP addresses of clients.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + 'title' => 'Query the list of API security protected objects', + 'summary' => 'Queries the list of protected objects for which API security protection is enabled.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionResources'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecProtectionResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"ApisecStatus\\": 1,\\n \\"Resource\\": \\"cwaf-***-waf\\",\\n \\"ReportStatus\\": 1,\\n \\"TraceStatus\\": 0\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecRules' => [ + 'summary' => 'Queries the rules of an API security policy.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '144829', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '167015', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ - 'name' => 'XffStatus', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether a Layer 7 proxy is deployed in front of WAF. Layer 7 proxies include Anti-DDoS Proxy and Alibaba Cloud CDN. Valid values:'."\n" - ."\n" - .'* **0**: No Layer 7 proxies are deployed. This is the default value.'."\n" - .'* **1**: A Layer 7 proxy is deployed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '0', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0x***', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-wwo3c****07', - ], + 'schema' => ['description' => 'The type of the rule. Valid values:'."\n" + ."\n" + .'- **risk**: threat detection'."\n" + ."\n" + .'- **event**: security event'."\n" + ."\n" + .'- **sensitive\\_word**: sensitive data'."\n" + ."\n" + .'- **auth\\_flag**: authentication credential'."\n" + ."\n" + .'- **api\\_tag**: business purpose'."\n" + ."\n" + .'- **desensitization**: data masking'."\n" + ."\n" + .'- **whitelist**: whitelist'."\n" + ."\n" + .'- **recognition**: API'."\n" + ."\n" + .'- **offline\\_api**: lifecycle management', 'type' => 'string', 'required' => true, 'example' => 'risk', 'title' => ''], ], [ - 'name' => 'CustomHeaders', + 'name' => 'Level', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The custom header fields.'."\n" - ."\n" - .'> The first IP address in the specified custom header field is used as the originating IP address of the client to prevent X-Forwarded-For forgery. If you specify multiple header fields, WAF reads the values of the header fields in sequence until the originating IP address is obtained. If the originating IP address cannot be obtained, the first IP address in the X-Forwarded-For header is used as the originating IP address of the client.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The custom header field.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'x-forwarded-for', - ], - 'required' => false, - 'maxItems' => 5, - ], + 'schema' => ['description' => 'The level of the rule.'."\n" + ."\n" + .'For threat detection (risk) and security events (event), valid values are:'."\n" + ."\n" + .'- **high**: important'."\n" + ."\n" + .'- **medium**: medium'."\n" + ."\n" + .'- **low**: low'."\n" + ."\n" + .'For sensitive data (sensitive\\_word), valid values are:'."\n" + ."\n" + .'- **S1**: S1'."\n" + ."\n" + .'- **S2**: S2'."\n" + ."\n" + .'- **S3**: S3'."\n" + ."\n" + .'- **S4**: S4', 'type' => 'string', 'required' => false, 'example' => 'high', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'Name', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'alb-4pxu81fgagx3****mz-alb', - ], + 'schema' => ['description' => 'The name of the rule.', 'type' => 'string', 'required' => false, 'example' => 'information leakage', 'title' => ''], ], [ - 'name' => 'AcwCookieStatus', + 'name' => 'Origin', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the tracking cookie.'."\n" - ."\n" - .'* **0**: disabled'."\n" - .'* **1**: enabled. This is the default value.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['description' => 'The source of the rule. Valid values:'."\n" + ."\n" + .'- **custom**: custom'."\n" + ."\n" + .'- **default**: built-in', 'type' => 'string', 'required' => false, 'example' => 'custom', 'title' => ''], ], [ - 'name' => 'AcwSecureStatus', + 'name' => 'Status', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the secure attribute of the tracking cookie.'."\n" - ."\n" - .'* **0**: disabled. This is the default value.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['description' => 'The enabling status of the rule. Valid values:'."\n" + ."\n" + .'- **1**: enabled'."\n" + ."\n" + .'- **0**: disabled', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'AcwV3SecureStatus', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the secure attribute of the slider CAPTCHA cookie.'."\n" - ."\n" - .'* **0**: disabled. This is the default value.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '0', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''], ], [ - 'name' => 'ResponseHeaders', + 'name' => 'RegionId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The response header.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The response header.'."\n", - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'Specifies the key for a custom response header.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Header-Key'."\n", - 'maxLength' => 50, - ], - 'Value' => [ - 'description' => 'Specifies the value for a custom response header.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Header-Value'."\n", - 'maxLength' => 50, - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 5, - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2kie2****wq', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'Lang', + 'in' => 'query', + 'schema' => ['description' => 'The language of the response. Valid values:'."\n" + ."\n" + .'- **zh** (default): Chinese'."\n" + ."\n" + .'- **en**: English', 'type' => 'string', 'default' => 'zh', 'required' => false, 'example' => 'zh', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '6C094583-9B3F-5BD8-8748-DC638E****BF', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''], + 'RequestId' => ['title' => '', 'description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0'], + 'Data' => [ + 'description' => 'The list of rules.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the rule.', + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The status of the rule. Valid values:'."\n" + ."\n" + .'- **1**: enabled'."\n" + ."\n" + .'- **0**: disabled', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Type' => ['description' => 'The type of the rule. Valid values:'."\n" + ."\n" + .'- **risk**: threat detection'."\n" + ."\n" + .'- **event**: security event'."\n" + ."\n" + .'- **sensitive\\_word**: sensitive data'."\n" + ."\n" + .'- **auth\\_flag**: authentication credential'."\n" + ."\n" + .'- **api\\_tag**: business purpose'."\n" + ."\n" + .'- **desensitization**: data masking'."\n" + ."\n" + .'- **whitelist**: whitelist'."\n" + ."\n" + .'- **recognition**: API.'."\n" + ."\n" + .'- **offline\\_api**: lifecycle management', 'type' => 'string', 'example' => 'risk', 'title' => ''], + 'UpdateTime' => ['description' => 'The time when the rule was updated. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1721095301', 'title' => ''], + 'Id' => ['description' => 'The ID of the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '34933', 'title' => ''], + 'Rule' => ['description' => 'The details of the rule. The value is a string that is converted from a JSON object.', 'type' => 'string', 'example' => '{'."\n" + .' "ext": "Date",'."\n" + .' "regex": "-",'."\n" + .' "code": "2009",'."\n" + .' "level": "S1",'."\n" + .' "origin": "default",'."\n" + .' "name": "2009"'."\n" + .'}'."\n", 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Pullin.AbnormalStatus', - 'errorMessage' => 'The status of the access resource is abnormal. Resource:%s.', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeApisecRules', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6C094583-9B3F-5BD8-8748-DC638E48****\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefenseResourceXff', - ], - 'DescribePauseProtectionStatus' => [ - 'summary' => 'Queries the protection status of Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 6,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"Status\\": 1,\\n \\"Type\\": \\"risk\\",\\n \\"UpdateTime\\": 1721095301,\\n \\"Id\\": 34933,\\n \\"Rule\\": \\"{\\\\n \\\\\\"ext\\\\\\": \\\\\\"Date\\\\\\",\\\\n \\\\\\"regex\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"code\\\\\\": \\\\\\"2009\\\\\\",\\\\n \\\\\\"level\\\\\\": \\\\\\"S1\\\\\\",\\\\n \\\\\\"origin\\\\\\": \\\\\\"default\\\\\\",\\\\n \\\\\\"name\\\\\\": \\\\\\"2009\\\\\\"\\\\n}\\\\n\\"\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeApisecSensitiveDomainStatistic' => [ + 'summary' => 'Queries statistics on data endpoints associated with API security sensitive data domains.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -11890,823 +8801,818 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '222987', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '215787', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-****-46CE-A47C-6B19****5EB0', - ], - 'PauseStatus' => [ - 'description' => 'Indicates whether WAF protection is paused.'."\n" - ."\n" - .'* **0**: indicates that WAF protection is not paused. This is the default value.'."\n" - .'* **1**: indicates that WAF protection is paused.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - ], - 'description' => '', - ], - ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-****-46CE-A47C-6B19****5EB0\\",\\n \\"PauseStatus\\": 0\\n}","type":"json"}]', - 'title' => 'DescribePauseProtectionStatus', - ], - 'DescribeDefenseGroupValidResources' => [ - 'summary' => '分页查询可以被防护组绑定的防护对象列表', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ - [ - 'AK' => [], + 'schema' => ['description' => 'The start time. This value is a UNIX timestamp (UTC) in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310', 'title' => ''], ], - ], - 'operationType' => 'read', - 'systemTags' => [ - 'operationType' => 'list', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHQWDCC', - ], - ], - 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-zxu****jc01', - ], + 'schema' => ['description' => 'The end time. This value is a UNIX timestamp (UTC) in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1686895256', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'example.aliyun-waf', - ], + 'schema' => ['description' => 'The page number of the page to return in a paged query. Default value: **1**, which indicates the first page. For more information about paging, see the paging parameters.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **5**, which indicates 5 entries per page. For more information about paging, see the paging parameters.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '20', - ], + 'schema' => ['description' => 'The type of sensitive data. Valid values:'."\n" + ."\n" + .'- request: request sensitive data.'."\n" + ."\n" + .'- response: response sensitive data.', 'type' => 'string', 'required' => false, 'example' => 'request', 'title' => ''], ], [ - 'name' => 'GroupName', + 'name' => 'OrderWay', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'group221', - ], + 'schema' => ['description' => 'The sort order of the list. Valid values:'."\n" + ."\n" + .'- asc: ascending order.'."\n" + ."\n" + .'- desc: descending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek2lrm****6pnq', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'A57BA089-3B28-5C82-8331-7B94****4978', - ], - 'Resources' => [ - 'description' => '', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '56B40D30-4960-4F19-B7D5-2B1F***6CB70'], + 'Data' => [ + 'description' => 'The returned data.', 'type' => 'array', 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'example.aliyun-waf'."\n", + 'description' => 'The returned data.', + 'type' => 'object', + 'properties' => [ + 'SensitiveLevel' => ['description' => 'The sensitivity level of the API. Valid values:'."\n" + .'- **S1**: low sensitivity.'."\n" + .'- **S2**: medium sensitivity.'."\n" + .'- **S3**: high sensitivity.', 'type' => 'string', 'example' => 'S3', 'title' => ''], + 'ApiCount' => ['description' => 'The number of involved APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'SensitiveCode' => ['description' => 'The code of the sensitive data type.'."\n" + .'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'string', 'example' => '10', 'title' => ''], + 'SensitiveName' => ['description' => 'The name of the sensitive data type.', 'type' => 'string', 'example' => '自定义敏感类型。', 'title' => ''], + 'DomainCount' => ['description' => 'The number of involved domain names.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 12,\\n \\"RequestId\\": \\"A57BA089-3B28-5C82-8331-7B94****4978\\",\\n \\"Resources\\": [\\n \\"example.aliyun-waf\\\\n\\"\\n ]\\n}","type":"json"}]', - ], - 'CreateDefenseTemplate' => [ - 'summary' => 'Creates a protection rule template.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query API security sensitive data domain name statistics', + 'changeSet' => [ + ['createdAt' => '2024-11-12T12:56:44.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-27T09:34:21.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '35', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSensitiveDomainStatistic'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSensitiveDomainStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 27,\\n \\"RequestId\\": \\"56B40D30-4960-4F19-B7D5-2B1F***6CB70\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveLevel\\": \\"S3\\",\\n \\"ApiCount\\": 10,\\n \\"SensitiveCode\\": \\"10\\",\\n \\"SensitiveName\\": \\"自定义敏感类型。\\",\\n \\"DomainCount\\": 10\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecSlsLogStores' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106370', - 'abilityTreeNodes' => [ - 'FEATUREwaf1LM6V0', - 'FEATUREwafI1HM4C', - 'FEATUREwafCU29M8', - 'FEATUREwafBWO4L0', - 'FEATUREwaf9JXZCD', - 'FEATUREwaf6XNOII', - 'FEATUREwafQ73SIK', - 'FEATUREwafAFURH8', - 'FEATUREwafS64FX9', - 'FEATUREwafOVI09M', - 'FEATUREwafIFHX6M', - 'FEATUREwafF105ZO', - 'FEATUREwaf16U367', - 'FEATUREwafQHH3HH', - 'FEATUREwaf10VDFG', - 'FEATUREwafRM5KJ7', - ], - 'autoTest' => true, + 'abilityTreeCode' => '224413', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'TemplateName', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protection rule template.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'test221', - ], - ], - [ - 'name' => 'TemplateType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the protection rule template. Valid values:'."\n" - ."\n" - .'* **user_default:** default template.'."\n" - .'* **user_custom:** custom template.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'user_default', - ], - ], - [ - 'name' => 'TemplateStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the protection rule template. Valid values:'."\n" - ."\n" - .'* **0:** disabled.'."\n" - .'* **1:** enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''], ], [ - 'name' => 'DefenseScene', + 'name' => 'LogRegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The scenario in which you want to use the protection rule template. For more information, see the description of the **DefenseScene** parameter in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_group', - ], + 'schema' => ['description' => 'The ID of the region where logs are stored.'."\n" + ."\n" + .'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'TemplateOrigin', + 'name' => 'ProjectName', 'in' => 'query', - 'schema' => [ - 'description' => 'The origin of the protection rule template that you want to create. Set the value to **custom**. The value specifies that the protection rule template is a custom template.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'custom', - ], - ], - [ - 'name' => 'Description', - 'in' => 'query', - 'schema' => [ - 'description' => 'The description of the protection rule template.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Test'."\n", - ], + 'schema' => ['description' => 'The name of the project in Simple Log Service.', 'type' => 'string', 'required' => true, 'example' => 'apisec-project-14316572********', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'UnbindResources', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], - 'maxItems' => 200, - ], - ], - [ - 'name' => 'UnbindResourceGroups', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], - 'maxItems' => 200, - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'F48ABDF7-D777-5F26-892A-57349765D7A9', - ], - 'TemplateId' => [ - 'description' => 'The ID of the protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2212', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'."\n", 'title' => ''], + 'LogStores' => [ + 'description' => 'The names of the Logstores in Simple Log Service.', + 'type' => 'array', + 'items' => ['description' => 'The name of the Logstore in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-logstore***', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F48ABDF7-D777-5F26-892A-57349765D7A9\\",\\n \\"TemplateId\\": 2212\\n}","type":"json"}]', - 'title' => 'CreateDefenseTemplate', - ], - 'ModifyDefenseTemplate' => [ - 'summary' => 'Modifies the configurations of a protection rule template.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeApisecSlsLogStores', + 'summary' => 'Queries the Logstores whose names start with apisec- in Simple Log Service.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T11:54:57.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsLogStores'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSlsLogStores', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\\\n\\",\\n \\"LogStores\\": [\\n \\"apisec-logstore***\\"\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + ], + 'DescribeApisecSlsProjects' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '112175', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], - 'autoTest' => true, + 'abilityTreeCode' => '224410', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'TemplateName', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protection rule template whose configurations you want to modify.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'test', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template whose configurations you want to modify.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '7392', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''], ], [ - 'name' => 'Description', + 'name' => 'LogRegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The description of the protection rule template whose configurations you want to modify.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test', - ], + 'schema' => ['description' => 'The ID of the region where logs are stored.'."\n" + ."\n" + .'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '1A68C85D-7467-5BB1-9A7E-2E8A5D96D88A', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + 'Projects' => [ + 'description' => 'The names of the projects in Simple Log Service.', + 'type' => 'array', + 'items' => ['description' => 'The name of the project in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-project-14316572********'."\n", 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1A68C85D-7467-5BB1-9A7E-2E8A5D96D88A\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefenseTemplate', - ], - 'ModifyDefenseTemplateStatus' => [ - 'summary' => 'Changes the status of a protection rule template.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeApisecSlsProjects', + 'summary' => 'Queries the projects whose names start with apisec- in Simple Log Service.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T11:54:56.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsProjects'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSlsProjects', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Projects\\": [\\n \\"apisec-project-14316572********\\\\n\\"\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + ], + 'DescribeApisecStatistics' => [ + 'summary' => 'Queries statistics for API security risks or security events.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106371', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], - 'autoTest' => true, + 'abilityTreeCode' => '169803', + 'abilityTreeNodes' => ['FEATUREwafWE25G7'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uax***b09', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template whose status you want to change.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '2249', - ], + 'schema' => ['description' => 'The type of detection statistics. Valid values:'."\n" + ."\n" + .'- **risk**: statistics on security risks.'."\n" + ."\n" + .'- **event**: statistics on attacks.', 'type' => 'string', 'example' => 'risk', 'default' => 'risk', 'title' => '', 'required' => false], ], [ - 'name' => 'TemplateStatus', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The new status of the protection rule template. Valid values:'."\n" - ."\n" - .'* **0:** disabled.'."\n" - .'* **1:** enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n" + ."\n" + .'> This parameter is available only in hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query Hybrid Cloud WAF clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aek2***uwbs5q', 'title' => '', 'required' => false], + ], + [ + 'name' => 'StartTime', + 'in' => 'query', + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1668496310', 'title' => '', 'required' => false], + ], + [ + 'name' => 'EndTime', + 'in' => 'query', + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1726113600', 'title' => '', 'required' => false], + ], + [ + 'name' => 'UserStatusList', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', + 'type' => 'array', + 'items' => ['description' => 'The status of the security risk or security event.'."\n" + ."\n" + .'> For the supported status values of risks and security events, see the **UserStatus** request parameter of [DescribeApisecAbnormals](~~2859134~~) and [DescribeApisecEvents](~~2858948~~).', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => '', 'required' => false], + 'description' => 'The list of statuses used to filter the detection statistics.', 'required' => false, - 'example' => 'rg-acfm***q', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '58007AE3-65D9-57BA-ABB4-1A544015FB50', + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '221F0F14-54C6-59A1-9967-72***81B61A'], + 'Data' => [ + 'description' => 'The statistical results of API security risks or events.', + 'type' => 'object', + 'properties' => [ + 'High' => ['description' => 'The number of high-risk items.', 'type' => 'integer', 'format' => 'int64', 'example' => '135', 'title' => ''], + 'ToBeFixed' => ['description' => 'The number of items to be fixed.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''], + 'Ignore' => ['description' => 'The number of ignored items.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''], + 'TodayTotal' => ['description' => 'The total number of new items detected today.', 'type' => 'string', 'example' => '3', 'title' => ''], + 'TodayMedium' => ['description' => 'The number of new medium-risk items detected today.', 'type' => 'string', 'example' => '0', 'title' => ''], + 'TodayHigh' => ['description' => 'The number of new high-risk items detected today.', 'type' => 'string', 'example' => '3', 'title' => ''], + 'Low' => ['description' => 'The number of low-risk items.', 'type' => 'integer', 'format' => 'int64', 'example' => '160', 'title' => ''], + 'Medium' => ['description' => 'The number of medium-risk items.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''], + 'Total' => ['description' => 'The total number of items.'."\n" + ."\n" + .'> This is the sum of the values of the **High**, **Medium**, and **Low** response parameters.', 'type' => 'integer', 'format' => 'int64', 'example' => '322', 'title' => ''], + 'TodayLow' => ['description' => 'The number of new low-risk items detected today.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'ToBeConfirmed' => ['description' => 'The number of items to be confirmed.', 'type' => 'integer', 'format' => 'int64', 'example' => '295', 'title' => ''], + 'Api' => ['description' => 'The number of APIs that are monitored by the API security module.', 'type' => 'integer', 'format' => 'int64', 'example' => '202', 'title' => ''], + 'Confirmed' => ['description' => 'The number of confirmed items.', 'type' => 'integer', 'format' => 'int64', 'example' => '11', 'title' => ''], + 'Domain' => ['description' => 'The number of domain names that are monitored by the API security module.', 'type' => 'integer', 'format' => 'int64', 'example' => '22', 'title' => ''], + 'Fixed' => ['description' => 'The number of items that are manually verified as fixed.', 'type' => 'integer', 'format' => 'int64', 'example' => '13', 'title' => ''], + 'Actioned' => ['description' => 'The number of handled items.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'ToBeVerified' => ['description' => 'The number of items to be verified by the system.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], + 'NotFixed' => ['description' => 'The number of items that are verified as not fixed.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'SystemFixed' => ['description' => 'The number of items that are verified as fixed by the system.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Account' => ['description' => 'The number of accounts associated with the monitored APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"58007AE3-65D9-57BA-ABB4-1A544015FB50\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefenseTemplateStatus', - ], - 'CopyDefenseTemplate' => [ - 'summary' => 'Creates a new protection template from the copy.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeApisecStatistics', + 'changeSet' => [ + ['createdAt' => '2025-02-24T13:16:00.000Z', 'description' => 'Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecStatistics', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"221F0F14-54C6-59A1-9967-72***81B61A\\",\\n \\"Data\\": {\\n \\"High\\": 135,\\n \\"ToBeFixed\\": 3,\\n \\"Ignore\\": 3,\\n \\"TodayTotal\\": \\"3\\",\\n \\"TodayMedium\\": \\"0\\",\\n \\"TodayHigh\\": \\"3\\",\\n \\"Low\\": 160,\\n \\"Medium\\": 27,\\n \\"Total\\": 322,\\n \\"TodayLow\\": 0,\\n \\"ToBeConfirmed\\": 295,\\n \\"Api\\": 202,\\n \\"Confirmed\\": 11,\\n \\"Domain\\": 22,\\n \\"Fixed\\": 13,\\n \\"Actioned\\": 1,\\n \\"ToBeVerified\\": 2,\\n \\"NotFixed\\": 0,\\n \\"SystemFixed\\": 1,\\n \\"Account\\": 1\\n }\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + ], + 'DescribeApisecSuggestions' => [ + 'summary' => 'Queries protection suggestions for API assets.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'readAndWrite', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', + 'abilityTreeCode' => '169804', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-lbj****x10g', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-pe336n43m04', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'ApiId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection template that you want to copy.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '12345', - ], + 'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'required' => true, 'example' => 'a60fd7e3021fe371c06dc1dcb883def0', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], - 'TemplateId' => [ - 'description' => 'The ID of the new protection template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12346', + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0'], + 'Data' => [ + 'description' => 'The list of protection suggestions.', + 'type' => 'array', + 'items' => [ + 'description' => 'The protection suggestion information.', + 'type' => 'object', + 'properties' => [ + 'SuggestRule' => ['description' => 'The content of the protection suggestion rule, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n" + .'- **event_tags**: the event type.'."\n" + .'- **black_iplist**: the IP blacklist.'."\n" + .'- **ip_baseline**: the IP list.'."\n" + .'- **freq_baseline**: the throttling frequency information.'."\n" + .'- **client_id_baseline**: the client information.'."\n" + .'- **country_baseline**: the country information.'."\n" + .'- **province_baseline**: the region information.'."\n" + .'- **sensitive_type**: the sensitive information type.', 'type' => 'string', 'example' => '{'."\n" + .' "rule": "ClientRule",'."\n" + .' "client_id_baseline": ["Edge"]'."\n" + .'}', 'title' => ''], + 'MatchedHost' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com', 'title' => ''], + 'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/apisec/v1/saveinfo', 'title' => ''], + 'SuggestType' => ['description' => 'The type of the protection suggestion. Valid values: '."\n" + .'- **BotRule**: bot rule.'."\n" + .'- **BlackIPRule**: IP blacklist rule.'."\n" + .'- **WhiteIPRule**: IP whitelist rule.'."\n" + .'- **RateLimitRule**: throttling rule.'."\n" + .'- **ClientRule**: client rule.'."\n" + .'- **GeoRule**: geo-blocking rule.'."\n" + .'- **SensitiveRule**: sensitive information rule.'."\n" + .'- **UnauthRule**: authentication rule.', 'type' => 'string', 'example' => 'WhiteIPRule', 'title' => ''], + 'SuggestId' => ['description' => 'The ID of the protection suggestion.', 'type' => 'string', 'example' => '15060a1f8fed40130b7c4a7bf8d8733b', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"TemplateId\\": 12346\\n}","type":"json"}]', - 'title' => 'CopyDefenseTemplate', - ], - 'DeleteDefenseTemplate' => [ - 'summary' => 'Deletes a protection rule template.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query protection suggestions for API assets', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSuggestions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SuggestRule\\": \\"{\\\\n \\\\\\"rule\\\\\\": \\\\\\"ClientRule\\\\\\",\\\\n \\\\\\"client_id_baseline\\\\\\": [\\\\\\"Edge\\\\\\"]\\\\n}\\",\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"ApiFormat\\": \\"/apisec/v1/saveinfo\\",\\n \\"SuggestType\\": \\"WhiteIPRule\\",\\n \\"SuggestId\\": \\"15060a1f8fed40130b7c4a7bf8d8733b\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeApisecUserOperations' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106372', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeCode' => '169805', + 'abilityTreeNodes' => ['FEATUREwafWE25G7'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo36ksck1e', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template that you want to delete.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '3155', - ], + 'schema' => ['description' => 'The type of the operation record. Valid values:'."\n" + ."\n" + .'- **abnormal**: threat detection.'."\n" + ."\n" + .'- **event**: security event.', 'type' => 'string', 'default' => 'abnormal', 'required' => false, 'example' => 'event', 'title' => ''], + ], + [ + 'name' => 'ObjectId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the threat detection or security event for which you want to query operation records.', 'type' => 'string', 'required' => true, 'example' => 'fe8723e92e2037245014ab62161bbec8', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n" + ."\n" + .'> This parameter is required only when WAF is deployed in hybrid cloud mode. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the IDs of Hybrid Cloud WAF clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2ax2y5****pi', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", + 'title' => '', + 'description' => 'The response body.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'E2DE6F11-6FED-5909-95F2-2520B58C5BC7', + 'RequestId' => ['title' => '', 'description' => 'The ID of the request.', 'type' => 'string', 'example' => 'C9825654-327B-5156-A570-847054B4CF10'], + 'Data' => [ + 'description' => 'The user operation records for API security.', + 'type' => 'array', + 'items' => [ + 'description' => 'The details of the operation record.', + 'type' => 'object', + 'properties' => [ + 'Type' => ['description' => 'The type of the operation record. Valid values:'."\n" + ."\n" + .'- **abnormal**: threat detection.'."\n" + ."\n" + .'- **event**: security event.', 'type' => 'string', 'example' => 'abnormal', 'title' => ''], + 'ToStatus' => ['description' => 'The status of the threat detection or security event after the operation was performed.'."\n" + ."\n" + .'Valid values for threat detection:'."\n" + ."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + ."\n" + .'- **confirmed**: confirmed.'."\n" + ."\n" + .'- **toBeFixed**: to be fixed.'."\n" + ."\n" + .'- **fixed**: fixed.'."\n" + ."\n" + .'- **ignored**: ignored.'."\n" + ."\n" + .'Valid values for a security event:'."\n" + ."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + ."\n" + .'- **confirmed**: confirmed.'."\n" + ."\n" + .'- **ignored**: ignored.', 'type' => 'string', 'example' => 'Confirmed', 'title' => ''], + 'ObjectId' => ['description' => 'The ID of the threat detection or security event associated with the operation record.', 'type' => 'string', 'example' => '24d997acc48a67a01e09b9c5ad861287', 'title' => ''], + 'FromStatus' => ['description' => 'The status of the threat detection or security event before the operation was performed.'."\n" + ."\n" + .'Valid values for threat detection:'."\n" + ."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + ."\n" + .'- **confirmed**: confirmed.'."\n" + ."\n" + .'- **toBeFixed**: to be fixed.'."\n" + ."\n" + .'- **fixed**: fixed.'."\n" + ."\n" + .'- **ignored**: ignored.'."\n" + ."\n" + .'Valid values for a security event:'."\n" + ."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + ."\n" + .'- **confirmed**: confirmed.'."\n" + ."\n" + .'- **ignored**: ignored.', 'type' => 'string', 'example' => 'ignored', 'title' => ''], + 'UserId' => ['description' => 'The ID of the user who performed the operation.', 'type' => 'string', 'example' => '1610954****', 'title' => ''], + 'Note' => ['description' => 'The remarks that the user added to the operation record.', 'type' => 'string', 'example' => 'Procesed', 'title' => ''], + 'Time' => ['description' => 'The time when the operation was performed. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1685072214', 'title' => ''], + 'OperationSource' => ['description' => 'The source of the operation. Valid values:'."\n" + ."\n" + .'- **system**: the operation was automatically performed by the system.'."\n" + ."\n" + .'- **custom**: the operation was manually performed by a user.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E2DE6F11-6FED-5909-95F2-2520B58C5BC7\\"\\n}","type":"json"}]', - 'title' => 'DeleteDefenseTemplate', - ], - 'DescribeDefenseTemplate' => [ - 'summary' => 'Queries a protection rule template.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeApisecUserOperations', + 'summary' => 'Queries user operation records for API security of Web Application Firewall (WAF).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecUserOperations'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecUserOperations', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C9825654-327B-5156-A570-847054B4CF10\\",\\n \\"Data\\": [\\n {\\n \\"Type\\": \\"abnormal\\",\\n \\"ToStatus\\": \\"Confirmed\\",\\n \\"ObjectId\\": \\"24d997acc48a67a01e09b9c5ad861287\\",\\n \\"FromStatus\\": \\"ignored\\",\\n \\"UserId\\": \\"1610954****\\",\\n \\"Note\\": \\"Procesed\\",\\n \\"Time\\": 1685072214,\\n \\"OperationSource\\": \\"custom\\"\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeBaseRuleChangeLog' => [ + 'summary' => 'Queries protection rule change logs on a paginated basis.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -12717,153 +9623,113 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106373', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeCode' => '226805', + 'abilityTreeNodes' => ['FEATUREwaf1LM6V0'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1333', - ], + 'schema' => ['description' => 'The page number. Pages start from page 1. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The region of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The number of entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'Lang', + 'in' => 'query', + 'schema' => ['description' => 'The language of the rule names in the response. Valid values:'."\n" + ."\n" + .'- **zh**: Chinese.'."\n" + ."\n" + .'- **en**: English.', 'type' => 'string', 'required' => false, 'example' => 'zh', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Template' => [ - 'description' => 'The information about the template.'."\n", - 'type' => 'object', - 'properties' => [ - 'Description' => [ - 'description' => 'The description of the protection rule template.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'TemplateOrigin' => [ - 'description' => 'The origin of the protection rule template. If the value of this parameter is custom, the protection rule template is created by the user.'."\n", - 'type' => 'string', - 'example' => 'custom', - ], - 'DefenseSubScene' => [ - 'description' => 'The sub-scenario in which the template is used. Valid values:'."\n" - ."\n" - .'* **web**: The template is a bot management template that is used for website protection.'."\n" - .'* **app**: The template is a bot management template that is used for app protection.'."\n" - .'* **basic**: The template is a bot management template that is used for basic protection.'."\n", - 'type' => 'string', - 'example' => 'app', - ], - 'DefenseScene' => [ - 'description' => 'The scenario in which the template is used. For more information, see the description of the **DefenseScene** parameter in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'example' => 'waf_group', - ], - 'GmtModified' => [ - 'description' => 'The most recent time when the protection rule template was modified.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665283642000', - ], - 'TemplateName' => [ - 'description' => 'The name of the protection rule template.'."\n", - 'type' => 'string', - 'example' => 'test0621', - ], - 'TemplateType' => [ - 'description' => 'The type of the protection rule template. Valid values:'."\n" + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6FBF08CB-8691-5B65-BBF8-***'."\n", 'title' => ''], + 'Rules' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'RuleId' => ['description' => 'The rule ID.', 'type' => 'integer', 'format' => 'int64', 'example' => '42755', 'title' => ''], + 'UpdateTime' => ['description' => 'The time when the rule was updated, in UNIX timestamp format. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665460629000', 'title' => ''], + 'RuleName' => ['description' => 'The rule name.', 'type' => 'string', 'example' => 'Header XSS Scanner Behavior', 'title' => ''], + 'Operation' => ['description' => 'The type of change. Valid values:'."\n" ."\n" - .'* **user_default:** default template.'."\n" - .'* **user_custom:** custom template.'."\n", - 'type' => 'string', - 'example' => 'user_default', - ], - 'TemplateId' => [ - 'description' => 'The ID of the protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10097', - ], - 'TemplateStatus' => [ - 'description' => 'The status of the protection rule template. Valid values:'."\n" - ."\n" - .'* **0:** disabled.'."\n" - .'* **1:** enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', + .'- **add**: The rule was added.'."\n" + ."\n" + .'- **modify**: The rule was modified.', 'type' => 'string', 'example' => 'add', 'title' => ''], + 'CveId' => ['description' => 'The CVE ID of the vulnerability associated with the system rule.', 'type' => 'string', 'example' => 'CVE-2021-34538', 'title' => ''], ], + 'description' => 'A rule change record.', + 'title' => '', + 'example' => '', ], + 'description' => 'The list of rule change records.', + 'title' => '', + 'example' => '', ], + 'TotalCount' => ['description' => 'The total number of rule change records.', 'type' => 'integer', 'format' => 'int64', 'example' => '63', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Template\\": {\\n \\"Description\\": \\"test\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"DefenseSubScene\\": \\"app\\",\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665283642000,\\n \\"TemplateName\\": \\"test0621\\",\\n \\"TemplateType\\": \\"user_default\\",\\n \\"TemplateId\\": 10097,\\n \\"TemplateStatus\\": 1\\n }\\n}","type":"json"}]', - 'title' => 'DescribeDefenseTemplate', - ], - 'DescribeDefenseTemplates' => [ - 'summary' => 'Performs a paging query to retrieve protection templates.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeBaseRuleChangeLog', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBaseRuleChangeLog', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6FBF08CB-8691-5B65-BBF8-***\\\\n\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 42755,\\n \\"UpdateTime\\": 1665460629000,\\n \\"RuleName\\": \\"Header XSS Scanner Behavior\\",\\n \\"Operation\\": \\"add\\",\\n \\"CveId\\": \\"CVE-2021-34538\\"\\n }\\n ],\\n \\"TotalCount\\": 63\\n}","type":"json"}]', + ], + 'DescribeBaseSystemRules' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -12871,185 +9737,165 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106374', - 'abilityTreeNodes' => [ - 'FEATUREwaf1LM6V0', - ], - 'autoTest' => true, + 'abilityTreeCode' => '245621', + 'abilityTreeNodes' => ['FEATUREwaf1LM6V0', 'FEATUREwafOVI09M', 'FEATUREwafF105ZO'], ], 'parameters' => [ [ - 'name' => 'TemplateIds', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The IDs of the protection templates that you want to query. Separate multiple template IDs with commas (,).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '189731,189539,189538,189531,189540,189542,189541', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'TemplateName', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protection template.', - 'type' => 'string', - 'required' => false, - 'example' => 'testTemplateName', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-pe33b****03', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Default value: 100.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '100', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '12345', - ], + 'schema' => ['description' => 'The ID of the system protection rule to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '113089', 'title' => ''], ], [ - 'name' => 'TemplateType', + 'name' => 'RuleStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the protection template. Valid values:'."\n" - ."\n" - .'* **user_default**: default template.'."\n" - .'* **user_custom**: custom template.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'user_default', - ], + 'schema' => ['description' => 'The status of the system protection rule. Valid values:'."\n" + ."\n" + .'- **1**: disabled.'."\n" + ."\n" + .'- **0**: enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'DefenseScene', + 'name' => 'RuleAction', 'in' => 'query', - 'schema' => [ - 'description' => 'The scenario in which the protection template is used.'."\n" - ."\n" - .'* **waf_group**: basic protection.'."\n" - .'* **antiscan**: scan protection.'."\n" - .'* **ip_blacklist**: IP address blacklist.'."\n" - .'* **custom_acl**: custom rule.'."\n" - .'* **whitelist**: whitelist.'."\n" - .'* **region_block**: region blacklist.'."\n" - .'* **custom_response**: custom response.'."\n" - .'* **cc**: HTTP flood protection.'."\n" - .'* **tamperproof**: website tamper-proofing.'."\n" - .'* **dlp**: data leakage prevention.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'region_block', - ], + 'schema' => ['description' => 'The action of the system protection rule. Valid values:'."\n" + ."\n" + .'- **block**: Block.'."\n" + ."\n" + .'- **monitor**: Monitor.', 'type' => 'string', 'required' => false, 'example' => 'block', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'Lang', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object or protected object group.'."\n" - ."\n" - .'> If you specify ResourceType, you must specify this parameter.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'xxxqiu.cc-ecs', - ], + 'schema' => ['description' => 'The language of the response. Valid values:'."\n" + ."\n" + .'- **zh** (default): Chinese.'."\n" + ."\n" + .'- **en**: English.', 'type' => 'string', 'required' => false, 'example' => 'zh', 'title' => ''], ], [ - 'name' => 'ResourceType', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the protected resource. Valid values:'."\n" - ."\n" - .'* **single**: protected object. This is the default value.'."\n" - .'* **group**: protected object group.'."\n" - ."\n" - .'> If you specify Resource, you must specify this parameter.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'single', - 'enum' => [ - 'single', - 'group', - 'asset', - ], - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'DefenseSubScene', + 'name' => 'DetectType', 'in' => 'query', - 'schema' => [ - 'description' => 'The sub-scenario in which the protection template is used. Valid values:'."\n" - ."\n" - .'* **web**: bot management for website protection.'."\n" - .'* **app**: bot management for app protection.'."\n" - .'* **basic**: bot management for basic protection.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'basic', - ], + 'schema' => ['description' => 'The type of attack that the system protection rule detects. Valid values:'."\n" + ."\n" + .'- **sqli**: SQL injection.'."\n" + ."\n" + .'- **xss**: cross-site scripting (XSS).'."\n" + ."\n" + .'- **cmdi**: OS command injection.'."\n" + ."\n" + .'- **expression\\_injection**: expression injection.'."\n" + ."\n" + .'- **java\\_deserialization**: Java deserialization.'."\n" + ."\n" + .'- **dot\\_net\\_deserialization**: .NET deserialization.'."\n" + ."\n" + .'- **php\\_deserialization**: PHP deserialization.'."\n" + ."\n" + .'- **code\\_exec**: code execution.'."\n" + ."\n" + .'- **ssrf**: server-side request forgery (SSRF).'."\n" + ."\n" + .'- **path\\_traversal**: path traversal.'."\n" + ."\n" + .'- **arbitrary\\_file\\_uploading**: arbitrary file upload.'."\n" + ."\n" + .'- **webshell**: webshell.'."\n" + ."\n" + .'- **rfilei**: remote file inclusion (RFI).'."\n" + ."\n" + .'- **lfilei**: local file inclusion (LFI).'."\n" + ."\n" + .'- **protocol\\_violation**: protocol violation.'."\n" + ."\n" + .'- **scanner\\_behavior**: scanner behavior.'."\n" + ."\n" + .'- **logic\\_flaw**: logic flaw.'."\n" + ."\n" + .'- **arbitrary\\_file\\_reading**: arbitrary file read.'."\n" + ."\n" + .'- **arbitrary\\_file\\_download**: arbitrary file download.'."\n" + ."\n" + .'- **xxe**: external entity injection.'."\n" + ."\n" + .'- **csrf**: cross-site request forgery (CSRF).'."\n" + ."\n" + .'- **crlf**: CRLF injection.'."\n" + ."\n" + .'- **other**: other.', 'type' => 'string', 'required' => false, 'example' => 'sqli', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'RiskLevel', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The risk level of the system protection rule. Valid values:'."\n" + ."\n" + .'- **super\\_strict**: Very Strict.'."\n" + ."\n" + .'- **strict**: Strict.'."\n" + ."\n" + .'- **medium**: Medium.'."\n" + ."\n" + .'- **loose**: Loose.', 'type' => 'string', 'required' => false, 'example' => 'loose', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'RuleName', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **20**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '20', - ], + 'schema' => ['description' => 'The name of the system protection rule.', 'type' => 'string', 'required' => false, 'example' => 'systemRuleTest', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the protection template.'."\n" + ."\n" + .'> - Specify this parameter to query the system protection rules in a specific WAF protection template.'."\n" + .'>'."\n" + .'> - If you leave this parameter empty, the default configurations of the system protection rules are queried.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '24354', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'RuleIds', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', + 'type' => 'array', + 'items' => ['type' => 'integer', 'format' => 'int64', 'description' => '', 'required' => false, 'example' => '113090', 'title' => ''], + 'description' => '', 'required' => false, - 'example' => 'rg-acfmvyknl****fa', + 'title' => '', + 'example' => '', ], ], ], @@ -13058,305 +9904,212 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '4F26D2F1-E288-5104-8518-05E240E3****', - ], - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '100', - ], - 'Templates' => [ - 'description' => 'The protection templates.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '80736FA5-FA87-55F6-AA69-C5477C6FE6D0', 'title' => ''], + 'Rules' => [ 'type' => 'array', 'items' => [ - 'description' => '', 'type' => 'object', 'properties' => [ - 'DefenseScene' => [ - 'description' => 'The scenario in which the protection template is used.'."\n" - ."\n" - .'* **waf_group**: basic protection.'."\n" - .'* **antiscan**: scan protection.'."\n" - .'* **ip_blacklist**: IP address blacklist.'."\n" - .'* **custom_acl**: custom rule.'."\n" - .'* **whitelist**: whitelist.'."\n" - .'* **region_block**: region blacklist.'."\n" - .'* **custom_response**: custom response.'."\n" - .'* **cc**: HTTP flood protection.'."\n" - .'* **tamperproof**: website tamper-proofing.'."\n" - .'* **dlp**: data leakage prevention.'."\n", - 'type' => 'string', - 'example' => 'whitelist', - ], - 'GmtModified' => [ - 'description' => 'The time when the protection template was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683776070000', - ], - 'TemplateId' => [ - 'description' => 'The ID of the protection template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12345', - ], - 'TemplateName' => [ - 'description' => 'The name of the protection template.'."\n", - 'type' => 'string', - 'example' => 'testTemplateName', - ], - 'TemplateOrigin' => [ - 'description' => 'The origin of the protection template. The value custom indicates that the protection template is a custom template created by the user.'."\n", - 'type' => 'string', - 'example' => 'custom', - ], - 'TemplateStatus' => [ - 'description' => 'The status of the protection template. Valid values:'."\n" - ."\n" - .'* **0**: disabled.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'TemplateType' => [ - 'description' => 'The type of the protection template. Valid values:'."\n" - ."\n" - .'* **user_default**: default template.'."\n" - .'* **user_custom**: custom template.'."\n", - 'type' => 'string', - 'example' => 'user_custom', - ], - 'DefenseSubScene' => [ - 'description' => 'The sub-scenario in which the protection template is used. Valid values:'."\n" - ."\n" - .'* **web**: bot management for website protection.'."\n" - .'* **app**: bot management for app protection.'."\n" - .'* **basic**: bot management for basic protection.'."\n", - 'type' => 'string', - 'example' => 'basic', - ], - 'Description' => [ - 'description' => 'The description of the protection template.'."\n", - 'type' => 'string', - 'example' => 'test', - ], + 'RuleId' => ['description' => 'The ID of the system protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '113089', 'title' => ''], + 'UpdateTime' => ['description' => 'The time when the system protection rule was last updated. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665460629000', 'title' => ''], + 'RuleName' => ['description' => 'The name of the system protection rule.', 'type' => 'string', 'example' => 'systemRuleTest', 'title' => ''], + 'RuleStatus' => ['description' => 'The status of the system protection rule. Valid values:'."\n" + ."\n" + .'- **1**: disabled.'."\n" + ."\n" + .'- **0**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'Description' => ['description' => 'The description of the system protection rule.', 'type' => 'string', 'example' => 'rule description', 'title' => ''], + 'RuleAction' => ['description' => 'The action of the system protection rule. Valid values:'."\n" + ."\n" + .'- **block**: Block.'."\n" + ."\n" + .'- **monitor**: Monitor.', 'type' => 'string', 'example' => 'block', 'title' => ''], + 'CveId' => ['description' => 'The CVE ID of the vulnerability that is associated with the system protection rule.', 'type' => 'string', 'example' => 'CVE-2021-34538', 'title' => ''], + 'RiskLevel' => ['description' => 'The risk level of the system protection rule. Valid values:'."\n" + ."\n" + .'- **super\\_strict**: Very Strict.'."\n" + ."\n" + .'- **strict**: Strict.'."\n" + ."\n" + .'- **medium**: Medium.'."\n" + ."\n" + .'- **loose**: Loose.', 'type' => 'string', 'example' => 'super_strict', 'title' => ''], + 'DetectType' => ['description' => 'The type of attack that the system protection rule detects. Valid values:'."\n" + ."\n" + .'- **sqli**: SQL injection.'."\n" + ."\n" + .'- **xss**: cross-site scripting (XSS).'."\n" + ."\n" + .'- **cmdi**: OS command injection.'."\n" + ."\n" + .'- **expression\\_injection**: expression injection.'."\n" + ."\n" + .'- **java\\_deserialization**: Java deserialization.'."\n" + ."\n" + .'- **dot\\_net\\_deserialization**: .NET deserialization.'."\n" + ."\n" + .'- **php\\_deserialization**: PHP deserialization.'."\n" + ."\n" + .'- **code\\_exec**: code execution.'."\n" + ."\n" + .'- **ssrf**: server-side request forgery (SSRF).'."\n" + ."\n" + .'- **path\\_traversal**: path traversal.'."\n" + ."\n" + .'- **arbitrary\\_file\\_uploading**: arbitrary file upload.'."\n" + ."\n" + .'- **webshell**: webshell.'."\n" + ."\n" + .'- **rfilei**: remote file inclusion (RFI).'."\n" + ."\n" + .'- **lfilei**: local file inclusion (LFI).'."\n" + ."\n" + .'- **protocol\\_violation**: protocol violation.'."\n" + ."\n" + .'- **scanner\\_behavior**: scanner behavior.'."\n" + ."\n" + .'- **logic\\_flaw**: logic flaw.'."\n" + ."\n" + .'- **arbitrary\\_file\\_reading**: arbitrary file read.'."\n" + ."\n" + .'- **arbitrary\\_file\\_download**: arbitrary file download.'."\n" + ."\n" + .'- **xxe**: external entity injection.'."\n" + ."\n" + .'- **csrf**: cross-site request forgery (CSRF).'."\n" + ."\n" + .'- **crlf**: CRLF injection.'."\n" + ."\n" + .'- **other**: other.', 'type' => 'string', 'example' => 'sqli', 'title' => ''], ], + 'description' => 'The system protection rule.', + 'title' => '', + 'example' => '', ], + 'description' => 'The list of system protection rules.', + 'title' => '', + 'example' => '', ], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], ], - 'description' => '', + 'description' => 'The response parameters.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4F26D2F1-E288-5104-8518-05E240E337A4\\",\\n \\"TotalCount\\": 100,\\n \\"Templates\\": [\\n {\\n \\"DefenseScene\\": \\"whitelist\\",\\n \\"GmtModified\\": 1683776070000,\\n \\"TemplateId\\": 56477,\\n \\"TemplateName\\": \\"template-blockarea1\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"TemplateStatus\\": 1,\\n \\"TemplateType\\": \\"user_custom\\",\\n \\"DefenseSubScene\\": \\"basic\\",\\n \\"Description\\": \\"示例防护模板。\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDefenseTemplates', - ], - 'ModifyTemplateResources' => [ - 'summary' => 'Associates or disassociates a protected object or protected object group with or from a protection rule template.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'DescribeBaseSystemRules', + 'summary' => 'Queries the system rules for Web Application Firewall (WAF) protection.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBaseSystemRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"80736FA5-FA87-55F6-AA69-C5477C6FE6D0\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 113089,\\n \\"UpdateTime\\": 1665460629000,\\n \\"RuleName\\": \\"systemRuleTest\\",\\n \\"RuleStatus\\": 1,\\n \\"Description\\": \\"rule description\\",\\n \\"RuleAction\\": \\"block\\",\\n \\"CveId\\": \\"CVE-2021-34538\\",\\n \\"RiskLevel\\": \\"super_strict\\",\\n \\"DetectType\\": \\"sqli\\"\\n }\\n ],\\n \\"TotalCount\\": 2\\n}","type":"json"}]', + ], + 'DescribeBotAppKey' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106377', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeNodes' => ['FEATUREwafVZXFDE'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '2291', - ], - ], - [ - 'name' => 'BindResources', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'description' => 'The protected objects that you want to associate with the template. Specify the value in the \\[**"XX1","XX2",...**] format.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The protected object that you want to associate with the template.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'abc', - ], - 'required' => false, - 'maxItems' => 200, - ], - ], - [ - 'name' => 'BindResourceGroups', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'description' => 'The protected object groups that you want to associate with the template. Specify the value in the \\[**"group1","group2",...**] format.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The protected object group that you want to associate with the template.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group1', - ], - 'required' => false, - 'maxItems' => 200, - ], - ], - [ - 'name' => 'UnbindResources', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'description' => 'The protected objects that you want to disassociate from the template. Specify the value in the \\[**"XX1","XX2",...**] format.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The protected object that you want to disassociate from the template.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'abc', - ], - 'required' => false, - 'maxItems' => 200, - ], - ], - [ - 'name' => 'UnbindResourceGroups', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'description' => 'The protected object groups that you want to disassociate from the template. Specify the value in the \\[**"group1","group2",...**] format.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The protected object group that you want to disassociate from the template.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group1', - ], - 'required' => false, - 'maxItems' => 200, - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5v23u******', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'KeyVersion', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The version of the AppKey. Set the value to 1.', 'type' => 'string', 'required' => false, 'example' => '1', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2uo27badl***', 'title' => ''], ], [ - 'name' => 'BindAssets', + 'name' => 'RegionId', 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'title' => '绑定的防护资产ID,使用["XX1","XX2",……]格式。', - 'type' => 'array', - 'items' => [ - 'title' => '绑定的资产ID。', - 'type' => 'string', - 'example' => '6a266967ebe50041*****0438af3f3519', - ], - 'maxItems' => 200, - ], - ], - [ - 'name' => 'UnbindAssets', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'title' => '解除绑定的防护资产ID,使用["XX1","XX2",……]格式。', - 'type' => 'array', - 'items' => [ - 'title' => '解除绑定的防护资产ID。', - 'type' => 'string', - 'example' => '6a26696*****4193670438af3f3519', - ], - 'maxItems' => 200, - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'CF708F2F-FFB0-54D4-B1E0-B84A7CEBFB60', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0C4ADFD4-5B7D-591D-A607-A45C*****', 'title' => ''], + 'AppKey' => ['description' => 'The AppKey for bot management.', 'type' => 'string', 'example' => 'N1Kiv3AGZm******', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"CF708F2F-FFB0-54D4-B1E0-B84A7CEB****\\"\\n}","type":"json"}]', - 'title' => 'ModifyTemplateResources', - ], - 'DescribeTemplateResources' => [ - 'summary' => 'Queries the resources that are associated to a protection rule template.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeBotAppKey', + 'summary' => 'Queries the AppKey for bot management.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBotAppKey', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0C4ADFD4-5B7D-591D-A607-A45C*****\\",\\n \\"AppKey\\": \\"N1Kiv3AGZm******\\"\\n}","type":"json"}]', + ], + 'DescribeBotRuleLabels' => [ + 'summary' => 'Queries the labels of bot management rules.', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -13367,172 +10120,137 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeCode' => '106302', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-53y4******', 'title' => ''], ], [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1020', - ], - ], - [ - 'name' => 'ResourceType', + 'name' => 'SubScene', 'in' => 'query', 'schema' => [ - 'description' => 'The type of the protected resource. Valid values:'."\n" + 'description' => 'The type of bot management scenario. Valid values:'."\n" ."\n" - .'* **single:** protected object.'."\n" - .'* **group:** protected object group.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'single', - 'enum' => [ - 'single', - 'group', - 'asset', - ], - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" + .'- **web**: web protection.'."\n" ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", + .'- **app**: app protection.', 'type' => 'string', 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'enum' => ['web', 'app'], + 'example' => 'app', + 'title' => '', ], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'NextToken', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'MaxResults', + 'name' => 'LabelType', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'maximum' => '500', - 'minimum' => '1', - 'default' => '500', - ], + 'schema' => ['description' => 'The type of bot rule label to query.', 'type' => 'string', 'required' => false, 'example' => 'human_machine_challenge', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The token to retrieve the next page of results. This parameter is returned if a next page exists.'."\n" + ."\n" + .'> If a value is returned for this parameter, it indicates that more results are available. Use the returned **NextToken** value in the next request to retrieve the next page of results. Repeat this process until no value is returned for this parameter. This indicates that all results have been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], ], [ - 'name' => 'AssetApi', + 'name' => 'MaxResults', 'in' => 'query', - 'schema' => [ - 'title' => '要模糊查询的防护资产API。', - 'type' => 'string', - 'example' => 'abc.com', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Valid values: 1 to 200. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '200', 'minimum' => '0', 'exclusiveMinimum' => true, 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'C7BC9373-3960-53B0-8968-2B13454AE18F', - ], - 'Resources' => [ - 'description' => 'An array of protected objects or protected object groups that are associated to the protection rule template.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + 'RuleLabels' => [ 'type' => 'array', 'items' => [ - 'description' => 'The name of the protected object or protected object group.'."\n", - 'type' => 'string', - 'example' => 'alb-wewbb23dfset***', + 'type' => 'object', + 'properties' => [ + 'LabelKey' => ['description' => 'The key of the bot management rule label.', 'type' => 'string', 'example' => 'malicious_crawler_python', 'title' => ''], + 'SubScene' => ['description' => 'The bot management scenarios to which the rule belongs. Multiple scenarios are separated by commas (,). Valid values:'."\n" + ."\n" + .'- **web**: web protection.'."\n" + ."\n" + .'- **app**: app protection.', 'type' => 'string', 'example' => 'Web,app', 'title' => ''], + 'BotBehavior' => ['description' => 'The bot behavior that corresponds to the rule label. Valid values:'."\n" + ."\n" + .'- **malicious**: malicious bot.'."\n" + ."\n" + .'- **suspicious**: suspected bot.'."\n" + ."\n" + .'- **normal**: normal bot.', 'type' => 'string', 'example' => 'malicious', 'title' => ''], + 'LabelType' => ['description' => 'The type of the bot rule label.', 'type' => 'string', 'example' => 'human_machine_challenge', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], + 'description' => 'The list of bot management rule labels.', + 'title' => '', + 'example' => '', ], - 'TotalCount' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'NextToken' => [ - 'type' => 'string', - ], - 'MaxResults' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'TemplateId' => [ - 'type' => 'integer', - 'format' => 'int64', - ], + 'NextToken' => ['description' => 'The token to retrieve the next page of results. This parameter is returned if a next page exists.'."\n" + ."\n" + .'> If a value is returned for this parameter, it indicates that more results are available. Use the returned **NextToken** value in the next request to retrieve the next page of results. Repeat this process until no value is returned for this parameter. This indicates that all results have been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], + 'MaxResults' => ['description' => 'The maximum number of entries returned per page. Valid values: 1 to 200. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '8', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Defense.Control.DefenseTemplateNotExist', - 'errorMessage' => 'The protection template does not exist.', + 'errorCodes' => [], + 'title' => 'DescribeBotRuleLabels', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBotRuleLabels', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C7BC9373-3960-53B0-8968-2B13454AE18F\\",\\n \\"Resources\\": [\\n \\"alb-wewbb23dfset***\\"\\n ],\\n \\"TotalCount\\": 25,\\n \\"NextToken\\": \\"AAAAABLQv******37sHZaHk4=\\",\\n \\"MaxResults\\": 20,\\n \\"TemplateId\\": 168465\\n}","type":"json"}]', - 'title' => 'DescribeTemplateResources', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"RuleLabels\\": [\\n {\\n \\"LabelKey\\": \\"malicious_crawler_python\\",\\n \\"SubScene\\": \\"Web,app\\",\\n \\"BotBehavior\\": \\"malicious\\",\\n \\"LabelType\\": \\"human_machine_challenge\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20,\\n \\"TotalCount\\": 8\\n}","type":"json"}]', ], - 'DescribeTemplateResourceCount' => [ - 'summary' => 'Queries the number of protected resources for which a protection template takes effect.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeCertDetail' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -13540,124 +10258,108 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '167806', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-lbj****gx08', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'TemplateIds', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The IDs of the protection templates that you want to query. Separate multiple template IDs with commas (,).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '12345,12346', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-uax****3k0e', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'CertIdentifier', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzwwkpn****5i', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'B8064433-9781-5E86-806E-C1DD****1D95', - ], - 'ResourceCount' => [ - 'description' => 'The number of protected objects or protected object groups for which the protection template takes effect.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'SingleCount' => [ - 'description' => 'The number of protected objects.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '30', - ], - 'GroupCount' => [ - 'description' => 'The number of protected object groups.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '30', - ], - 'TemplateId' => [ - 'description' => 'The ID of the protection template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12345', - ], - 'AssetCount' => [ - 'title' => '防护资产个数。', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '10', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '3C115DBE-8E53-5A12-9CAF-FD3F****CDF6', 'title' => ''], + 'CertDetail' => [ + 'description' => 'The SSL certificate details.', + 'type' => 'object', + 'properties' => [ + 'Domain' => ['description' => 'The domain name associated with the certificate.', 'type' => 'string', 'example' => 'demo.xxxaliyun.com', 'title' => ''], + 'CertName' => ['description' => 'The certificate name.', 'type' => 'string', 'example' => 'testCertName', 'title' => ''], + 'CertIdentifier' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'CommonName' => ['description' => 'The common name of the certificate.', 'type' => 'string', 'example' => '*.xxxaliyun.com'."\n", 'title' => ''], + 'AfterDate' => ['description' => 'The expiration date of the CA certificate. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256736582', 'title' => ''], + 'BeforeDate' => ['description' => 'The issuance time of the certificate. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256736582', 'title' => ''], + 'Sans' => [ + 'description' => 'The list of other domain names associated with the certificate.', + 'type' => 'array', + 'items' => ['description' => 'The other domain name associated with the certificate.', 'type' => 'string', 'example' => 'demo.yyyaliyun.com', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B8064433-9781-5E86-806E-C1DD****1D95\\",\\n \\"ResourceCount\\": [\\n {\\n \\"SingleCount\\": 30,\\n \\"GroupCount\\": 30,\\n \\"TemplateId\\": 12345,\\n \\"AssetCount\\": 10\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeTemplateResourceCount', - ], - 'DescribeDefenseTemplateValidResources' => [ - 'summary' => '分页查询可以被自定义模板绑定的防护对象列表', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.InvalidCertIdentifier', 'errorMessage' => 'Invalid certificate ID, certificate ID:%s.', 'description' => 'Invalid certificate ID, certificate ID:%s.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query certificate details', + 'summary' => 'Queries the details of a certificate, such as the certificate name, expiration time, issuance time, and associated domain name.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertDetail'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCertDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3C115DBE-8E53-5A12-9CAF-FD3F****CDF6\\",\\n \\"CertDetail\\": {\\n \\"Domain\\": \\"demo.xxxaliyun.com\\",\\n \\"CertName\\": \\"testCertName\\",\\n \\"CertIdentifier\\": \\"123-cn-hangzhou\\",\\n \\"CommonName\\": \\"*.xxxaliyun.com\\\\n\\",\\n \\"AfterDate\\": 1976256736582,\\n \\"BeforeDate\\": 1976256736582,\\n \\"Sans\\": [\\n \\"demo.yyyaliyun.com\\"\\n ]\\n }\\n}","type":"json"}]', + ], + 'DescribeCerts' => [ + 'summary' => 'Retrieves the list of certificates for a user.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -13665,100 +10367,56 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106347', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-27a3jyw0v04', - ], + 'schema' => ['description' => 'The domain name.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'example.aliyun.com'], ], [ - 'name' => 'DefenseScene', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'whitelist', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'mgw.realperson.antdigital.com', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **10**. Maximum value: 100.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '1000', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '2', - 'default' => '1', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '20', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5yd****tb02', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'Algorithm', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '21202', - ], + 'schema' => ['description' => 'The type of the encryption algorithm. Valid values:'."\n" + ."\n" + .'- **NotSM2 (default)**: Specifies a non-ShangMi (SM) cryptographic algorithm.'."\n" + ."\n" + .'- **SM2**: Specifies an SM cryptographic algorithm.', 'type' => 'string', 'required' => false, 'example' => 'SM2', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2thcppfv6ay', - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmoiy****p2oq', 'title' => ''], ], ], 'responses' => [ @@ -13766,42 +10424,68 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '34', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'C54DD36B-6380-57E5-89BA-2642757C4DB8', - ], - 'Resources' => [ - 'description' => '', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '19511B0D-5AE0-5600-BB8A-DC2C8345****', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '8', 'title' => ''], + 'Certs' => [ + 'description' => 'The list of certificates.', 'type' => 'array', 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'showerroom.taikooliqiantan.com-waf', + 'description' => 'Information about the certificate.', + 'type' => 'object', + 'properties' => [ + 'Domain' => ['description' => 'The domain name for which the certificate is issued.', 'type' => 'string', 'example' => 'www.example.com '."\n", 'title' => ''], + 'CertName' => ['description' => 'The name of the certificate.', 'type' => 'string', 'example' => 'waf1234', 'title' => ''], + 'CertIdentifier' => ['description' => 'The globally unique ID of the certificate. The value follows a "\\<Certificate ID>-cn-hangzhou" format. For example, if the ID of the certificate is 123, the value of CertIdentifier is 123-cn-hangzhou.', 'type' => 'string', 'example' => '12345-cn-hangzhou', 'title' => ''], + 'CommonName' => ['description' => 'The common name.', 'type' => 'string', 'example' => '*.example.com ', 'title' => ''], + 'IsChainCompleted' => ['description' => 'Indicates whether the certificate chain is complete. Valid values:'."\n" + ."\n" + .'- **true**: The certificate chain is complete.'."\n" + ."\n" + .'- **false**: The certificate chain is incomplete.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'AfterDate' => ['description' => 'The time when the certificate expires.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256736582', 'title' => ''], + 'BeforeDate' => ['description' => 'The time when the certificate takes effect.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256836582', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 34,\\n \\"RequestId\\": \\"C54DD36B-6380-57E5-89BA-2642757C4DB8\\",\\n \\"Resources\\": [\\n \\"showerroom.taikooliqiantan.com-waf\\"\\n ]\\n}","type":"json"}]', - ], - 'DescribeDefenseTemplateValidGroups' => [ - 'summary' => 'Queries the names of protected object groups for which a protection template can take effect.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeCerts', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCerts'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCerts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"19511B0D-5AE0-5600-BB8A-DC2C8345****\\",\\n \\"TotalCount\\": 8,\\n \\"Certs\\": [\\n {\\n \\"Domain\\": \\"www.example.com\\\\t\\\\n\\",\\n \\"CertName\\": \\"waf1234\\",\\n \\"CertIdentifier\\": \\"12345-cn-hangzhou\\",\\n \\"CommonName\\": \\"*.example.com\\\\t\\",\\n \\"IsChainCompleted\\": true,\\n \\"AfterDate\\": 1976256736582,\\n \\"BeforeDate\\": 1976256836582\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeChargeModule' => [ + 'summary' => 'Retrieves the billing module information of Web Application Firewall (WAF).', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -13809,159 +10493,325 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeCode' => '255326', + 'abilityTreeNodes' => ['FEATUREwafA15E7F'], + 'tenantRelevance' => 'publicInformation', ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-nwy****pf0e', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ - 'name' => 'GroupName', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group that you want to query.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group221', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], ], [ - 'name' => 'DefenseScene', + 'name' => 'PayType', 'in' => 'query', + 'schema' => ['description' => 'The billing method of the instance. Valid values:'."\n" + ."\n" + .'- **POSTPAY**: a pay-as-you-go WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'POSTPAY', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The scenario in which the protection template is used.'."\n" - ."\n" - .'* **waf_group**: basic protection.'."\n" - .'* **antiscan**: scan protection.'."\n" - .'* **ip_blacklist**: IP address blacklist.'."\n" - .'* **custom_acl**: custom rule.'."\n" - .'* **whitelist**: whitelist.'."\n" - .'* **region_block**: region blacklist.'."\n" - .'* **custom_response**: custom response.'."\n" - .'* **cc**: HTTP flood protection.'."\n" - .'* **tamperproof**: website tamper-proofing.'."\n" - .'* **dlp**: data leakage prevention.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'region_block', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'ChargeModules' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'ModuleCode' => ['description' => 'The code of the billing module. Valid values:'."\n" + ."\n" + .'- **domainCount**: the number of domain names added to WAF in CNAME record mode.'."\n" + ."\n" + .'- **qps**: the peak queries per second (QPS).'."\n" + ."\n" + .'- **request**: the basic traffic fee.'."\n" + ."\n" + .'- **ipBlacklistRuleCount**: the number of IP blacklist rules.'."\n" + ."\n" + .'- **customAclBaseRuleCount**: the number of basic rules in custom protection rules.'."\n" + ."\n" + .'- **customAclAdvanceRuleCount**: the number of advanced rules in custom protection rules.'."\n" + ."\n" + .'- **antiScanRuleCount**: the number of scan protection rules.'."\n" + ."\n" + .'- **customResponseRuleCount**: the number of custom response rules.'."\n" + ."\n" + .'- **ipv6**: IPv6 protection.'."\n" + ."\n" + .'- **gslb**: intelligent load balancing.'."\n" + ."\n" + .'- **exclusiveIpCount**: the number of exclusive IP addresses.'."\n" + ."\n" + .'- **ccRuleCount**: the number of HTTP flood protection rules.'."\n" + ."\n" + .'- **regionBlockRuleCount**: the number of rules in the region blacklist.'."\n" + ."\n" + .'- **tamperproofRuleCount**: the number of web tamper-proofing rules.'."\n" + ."\n" + .'- **dlpRuleCount**: the number of data leakage prevention rules.'."\n" + ."\n" + .'- **botTraffic**: the traffic fee for bot management.'."\n" + ."\n" + .'- **aiWhiteListTemplateCount**: the number of intelligent whitelist templates.'."\n" + ."\n" + .'- **apisecResourceCount**: the number of protected objects for which API security is enabled.'."\n" + ."\n" + .'- **apisecTraffic**: the traffic fee for API security.'."\n" + ."\n" + .'- **compliance**: the number of protocol compliance templates.'."\n" + ."\n" + .'- **riskTraffic**: the number of times that risk identification in bot management is matched.'."\n" + ."\n" + .'- **assetStatus**: asset center.'."\n" + ."\n" + .'- **nonPort**: custom ports protection.'."\n" + ."\n" + .'- **customAclCaptcha**: the number of times that sliders are used for custom protection rules.'."\n" + ."\n" + .'- **wafBaseTemplateCount**: the number of core web protection rules.'."\n" + ."\n" + .'- **instanceFee**: the WAF instance fee.'."\n" + ."\n" + .'- **spikeThrottleRuleCount**: the number of peak traffic throttling rules.'."\n" + ."\n" + .'- **botWebTemplateCount**: the number of web protection templates in bot management.'."\n" + ."\n" + .'- **botAppTemplateCount**: the number of app protection templates in bot management.'."\n" + ."\n" + .'- **customAclBotRuleCount**: the number of advanced custom rules in bot management.', 'type' => 'string', 'example' => 'domainCount', 'title' => ''], + 'PeriodType' => ['description' => 'The billing cycle of the billing module. Valid values:'."\n" + ."\n" + .'- **Hour**: hourly billing.', 'type' => 'string', 'title' => '', 'example' => 'Hour'], + 'UsageType' => ['description' => 'The usage type of the billing module. Valid values:'."\n" + ."\n" + .'- **template**: template.'."\n" + ."\n" + .'- **qps**: QPS.'."\n" + ."\n" + .'- **domain**: domain name.'."\n" + ."\n" + .'- **rule**: rule.'."\n" + ."\n" + .'- **ip**: IP address.'."\n" + ."\n" + .'- **resource**: protected object.'."\n" + ."\n" + .'- **request**: request.'."\n" + ."\n" + .'- **function**: feature enablement.'."\n" + ."\n" + .'- **time**: number of times.', 'type' => 'string', 'example' => 'domain', 'title' => ''], + 'UsageUnitFactor' => ['description' => 'The billing unit coefficient of the billing module.'."\n" + ."\n" + .'> The usage unit for the module is determined by multiplying the **UsageUnitFactor** by the **UsageType**.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '1'], + 'ChargeMode' => ['description' => 'The pricing model of the billing module. Valid values:'."\n" + ."\n" + .'- **NORMAL\\_PRICE**: tiered pricing.'."\n" + ."\n" + .'- **STEP\\_ACCUMULATION**: tiered pricing.', 'type' => 'string', 'example' => 'NORMAL_PRICE', 'title' => ''], + 'ChargeModeDetails' => [ + 'type' => 'array', + 'items' => ['description' => 'The detailed pricing information for the billing module. The information is a string converted from a JSON object.'."\n" + ."\n" + .'> If **ChargeMode** is set to **NORMAL\\_PRICE**, the JSON object contains only the number of CUs for the billing module.'."\n" + .'>'."\n" + .'> - When the **ChargeMode** pricing model is **STEP\\_ACCUMULATION**, the `range` field in the JSON represents the tiered pricing information.', 'type' => 'string', 'example' => '{'."\n" + .'"cu": 5.0,'."\n" + .'"range": {'."\n" + .'"type": "lcrc", '."\n" + .' "min": "2",'."\n" + .' "max": "10"'."\n" + .' }'."\n" + .'}', 'title' => ''], + 'title' => '', + 'description' => 'The detailed pricing information for the billing module.', + 'example' => '', + ], + ], + 'description' => 'The information about a billing module for WAF.', + 'title' => '', + 'example' => '', + ], + 'description' => 'A list of billing modules for WAF.', + 'title' => '', + 'example' => '', + ], + ], + 'description' => 'The result of the request.', + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'DescribeChargeModule', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeChargeModule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"ChargeModules\\": [\\n {\\n \\"ModuleCode\\": \\"domainCount\\",\\n \\"PeriodType\\": \\"Hour\\",\\n \\"UsageType\\": \\"domain\\",\\n \\"UsageUnitFactor\\": 1,\\n \\"ChargeMode\\": \\"NORMAL_PRICE\\",\\n \\"ChargeModeDetails\\": [\\n \\"{\\\\n\\\\\\"cu\\\\\\": 5.0,\\\\n\\\\\\"range\\\\\\": {\\\\n\\\\\\"type\\\\\\": \\\\\\"lcrc\\\\\\", \\\\n \\\\\\"min\\\\\\": \\\\\\"2\\\\\\",\\\\n \\\\\\"max\\\\\\": \\\\\\"10\\\\\\"\\\\n }\\\\n}\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeChargeResult' => [ + 'summary' => 'Queries the billing results for Web Application Firewall (WAF).', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], + 'security' => [ [ - 'name' => 'PageSize', + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '255326', + 'abilityTreeNodes' => ['FEATUREwafA15E7F'], + 'tenantRelevance' => 'publicInformation', + ], + 'parameters' => [ + [ + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **20**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ - 'name' => 'TemplateId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '12345', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'PayType', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The billing method of the WAF instance. Valid value:'."\n" + ."\n" + .'- **POSTPAY**: pay-as-you-go.', 'type' => 'string', 'required' => true, 'example' => 'POSTPAY', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ChargeCycle', 'in' => 'query', + 'schema' => ['description' => 'The billing cycle for the WAF instance. Valid values:'."\n" + ."\n" + .'- **Year**: yearly billing cycle.'."\n" + ."\n" + .'- **Month**: monthly billing cycle.'."\n" + ."\n" + .'- **Day**: daily billing cycle.', 'type' => 'string', 'example' => 'Day', 'default' => 'Day', 'title' => '', 'required' => false], + ], + [ + 'name' => 'ChargeModules', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2th****v6ay', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'ModuleCode' => ['description' => 'The ID of the billing module.', 'type' => 'string', 'example' => 'domainCount', 'title' => '', 'required' => false], + 'Usage' => ['description' => 'The usage amount of the billing module.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => '', 'required' => false], + ], + 'description' => 'A billing module to calculate.', + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => true, + 'title' => '', + 'description' => 'The billing modules to calculate.', + 'example' => '', ], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '27', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '6EA4B39A-9C0C-5E57-993E-30B6****3AD0', - ], - 'Groups' => [ - 'description' => 'The names of the protected object groups.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'TotalSeCu' => ['description' => 'The total number of calculated Security Capacity Units (SeCUs).', 'type' => 'number', 'format' => 'double', 'example' => '1080', 'title' => ''], + 'ModuleDetails' => [ 'type' => 'array', 'items' => [ - 'description' => 'The name of the protected object group.'."\n", - 'type' => 'string', - 'example' => 'group_example', + 'type' => 'object', + 'properties' => [ + 'ModuleCode' => ['description' => 'The ID of the billing module.', 'type' => 'string', 'example' => 'domainCount', 'title' => ''], + 'SeCu' => ['description' => 'The number of SeCUs for the billing module.', 'type' => 'number', 'format' => 'double', 'example' => '1080', 'title' => ''], + ], + 'title' => '', + 'description' => 'The calculation result for a billing module.', + 'example' => '', ], + 'title' => '', + 'description' => 'The billing calculation results for each module.', + 'example' => '', ], ], - 'description' => '', + 'description' => 'The response data.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 27,\\n \\"RequestId\\": \\"6EA4B39A-9C0C-5E57-993E-30B6****3AD0\\",\\n \\"Groups\\": [\\n \\"group_example\\"\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDefenseTemplateValidGroups', - ], - 'DescribeDefenseResourceTemplates' => [ - 'summary' => 'Queries the protection templates that are associated with a protected object or protected object group.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeChargeResult', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeChargeResult', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"TotalSeCu\\": 1080,\\n \\"ModuleDetails\\": [\\n {\\n \\"ModuleCode\\": \\"domainCount\\",\\n \\"SeCu\\": 1080\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeCloudResourceAccessPortDetails' => [ + 'summary' => 'Retrieves port details of cloud service instances onboarded to Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -13969,122 +10819,82 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106375', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '226583', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-9lb36****0e', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object or protected object group that you want to query.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'xxxxxhemicals.cn-waf', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'ResourceType', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the protected resource. Valid values:'."\n" - ."\n" - .'* **single**: protected object. This is the default value.'."\n" - .'* **group**: protected object group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'single', - 'enum' => [ - 'single', - 'group', - 'asset', - ], - ], + 'schema' => ['description' => 'The ID of the resource instance.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'lb-2zeugkfj81jvo****4tqm'], ], [ - 'name' => 'RuleType', + 'name' => 'Port', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the protection rule. Valid values:'."\n" - ."\n" - .'* **defense**: defense rule. This is the default value.'."\n" - .'* **whitelist**: whitelist rule.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'whitelist', - ], + 'schema' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => '443', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'Protocol', 'in' => 'query', 'schema' => [ - 'description' => 'The ID of the protection rule.'."\n", - 'type' => 'integer', - 'format' => 'int64', + 'description' => 'The protocol. Valid values:'."\n" + ."\n" + .'- **http**: HTTP.'."\n" + ."\n" + .'- **https**: HTTPS.', + 'type' => 'string', + 'enum' => ['http', 'https'], 'required' => false, - 'example' => '20111098', + 'example' => 'https', + 'title' => '', ], ], [ - 'name' => 'RuleName', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the rule.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demoRuleName', - ], + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'TemplateName', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protection rule template.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test221', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceProduct', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The type of the cloud service. Valid values:'."\n" + ."\n" + .'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **ecs**: Elastic Compute Service (ECS).'."\n" + ."\n" + .'- **nlb**: Network Load Balancer (NLB).', 'type' => 'string', 'required' => false, 'example' => 'clb7', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek2ax2y5****pi', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -14092,1341 +10902,846 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '2305CEB0-BA5A-5543-A1D3-3F1D0891****', - ], - 'Templates' => [ - 'description' => 'The protection templates.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => ''], + 'AccessPortDetails' => [ + 'description' => 'The details of the ports for the cloud service instance that is added to WAF.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'The details of the ports for the cloud service instance that is added to WAF.', 'type' => 'object', 'properties' => [ - 'Description' => [ - 'description' => 'The description of the protection template.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'TemplateOrigin' => [ - 'description' => 'The origin of the protection template. The value custom indicates that the template is a custom template created by the user.'."\n", - 'type' => 'string', - 'example' => 'custom', + 'Protocol' => ['description' => 'The protocol. Valid values:'."\n" + ."\n" + .'- **http**: HTTP.'."\n" + ."\n" + .'- **https**: HTTPS.', 'type' => 'string', 'example' => 'https', 'title' => ''], + 'Port' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''], + 'Certificates' => [ + 'description' => 'The list of certificates for the port of the cloud service instance.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the certificate for the port of the cloud service instance.', + 'type' => 'object', + 'properties' => [ + 'CertificateName' => ['description' => 'The name of the certificate.', 'type' => 'string', 'example' => 'cert-name1', 'title' => ''], + 'CertificateId' => ['description' => 'The ID of the added certificate.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'AppliedType' => ['description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n" + ."\n" + .'- **default**: the default certificate.'."\n" + ."\n" + .'- **extension**: the additional certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], - 'DefenseSubScene' => [ - 'description' => 'The sub-scenario in which the template is used. Valid values:'."\n" + 'XffHeaderMode' => ['description' => 'The mode that WAF uses to obtain the real IP address of a client. Valid values:'."\n" + ."\n" + .'- **0**: WAF is the first Layer 7 proxy before client traffic is forwarded to the origin server.'."\n" + ."\n" + .'- **1**: WAF reads the first IP address from the X-Forwarded-For (XFF) header as the client IP address.'."\n" + ."\n" + .'- **2**: WAF reads the value of a custom header as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'XffHeaders' => [ + 'description' => 'The custom header fields that are used to obtain the client IP address. The value is a string in the `["header1","header2",...]` format.'."\n" ."\n" - .'* **web**: bot management for website protection.'."\n" - .'* **app**: bot management for app protection.'."\n" - .'* **basic**: bot management for basic protection.'."\n", - 'type' => 'string', - 'example' => 'basic', - ], - 'DefenseScene' => [ - 'description' => 'The scenario in which the protection template is used.'."\n" + .'> This parameter is returned only when **XffHeaderMode** is set to 2.', + 'type' => 'array', + 'items' => ['description' => 'The custom header fields that are used to obtain the client IP address. The value is a string in the `["header1","header2",...]` format.'."\n" ."\n" - .'* **waf_group**: basic protection.'."\n" - .'* **antiscan**: scan protection.'."\n" - .'* **ip_blacklist**: IP address blacklist.'."\n" - .'* **custom_acl**: custom rule.'."\n" - .'* **whitelist**: whitelist.'."\n" - .'* **region_block**: region blacklist.'."\n" - .'* **custom_response**: custom response.'."\n" - .'* **cc**: HTTP flood protection.'."\n" - .'* **tamperproof**: website tamper-proofing.'."\n" - .'* **dlp**: data leakage prevention.'."\n", - 'type' => 'string', - 'example' => 'whitelist', - ], - 'GmtModified' => [ - 'description' => 'The time when the protection template was created. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1692930539000', - ], - 'TemplateName' => [ - 'description' => 'The name of the protection template.'."\n", - 'type' => 'string', - 'example' => 'TestTemplateName', + .'> This parameter is returned only when **XffHeaderMode** is set to 2.', 'type' => 'string', 'example' => 'header1', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'TemplateType' => [ - 'description' => 'The type of the protection template. Valid values:'."\n" + 'LogHeaders' => [ + 'description' => 'The key-value pair that is used to tag the traffic that is processed by WAF.'."\n" ."\n" - .'* **user_default**: default template.'."\n" - .'* **user_custom**: custom template.'."\n", - 'type' => 'string', - 'example' => 'user_custom', + .'> This parameter is returned only when the traffic tagging feature is enabled for the domain name.', + 'type' => 'array', + 'items' => [ + 'description' => 'The key-value pair that is used to tag the traffic that is processed by WAF.'."\n" + ."\n" + .'> This parameter is returned only when the traffic tagging feature is enabled for the domain name.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'example' => 'key1', 'title' => ''], + 'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'example' => 'value1', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], - 'TemplateId' => [ - 'description' => 'The ID of the protection template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12345', + 'Status' => ['description' => 'The status of the domain name. Valid values:'."\n" + ."\n" + .'- **1**: The port is in the Normal state.'."\n" + ."\n" + .'- **2**: The port is being created.'."\n" + ."\n" + .'- **3**: The port is being modified.'."\n" + ."\n" + .'- **4**: The port is being released.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'TLSVersion' => ['description' => 'The version of the Transport Layer Security (TLS) protocol. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of the cipher suite. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'CustomCiphers' => [ + 'description' => 'The custom cipher suites. This parameter is returned only when **CipherSuite** is set to **99**.', + 'type' => 'array', + 'items' => ['description' => 'The custom cipher suite.', 'type' => 'string', 'example' => 'ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'TemplateStatus' => [ - 'description' => 'The status of the protection template. Valid values:'."\n" - ."\n" - .'* **0**: disabled.'."\n" - .'* **1**: enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', + 'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds. Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds. Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'Keepalive' => ['description' => 'Indicates whether to enable persistent connections. Valid values:'."\n" + ."\n" + .'- **true**: Enables persistent connections. This is the default value.'."\n" + ."\n" + .'- **false**: Disables persistent connections.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'KeepaliveRequests' => ['description' => 'The number of requests that can be reused in a persistent connection. Valid values: 60 to 1000.'."\n" + ."\n" + .'> This parameter specifies the number of requests that can be reused after a persistent connection is established.', 'type' => 'integer', 'format' => 'int32', 'example' => '1000', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The timeout period for an idle persistent connection. Valid values: 10 to 3600. Default value: 15. Unit: seconds.'."\n" + ."\n" + .'> This parameter specifies the period of time after which an idle persistent connection is released.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => ''], + 'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 is enabled.'."\n" + ."\n" + .'- **false**: HTTP/2 is not enabled.', 'type' => 'boolean', 'example' => 'True', 'title' => ''], + 'XffProto' => ['description' => 'Indicates whether to use the X-Forwarded-For-Proto header to identify the protocol used by WAF. Valid values:'."\n" + ."\n" + .'- **true**: Identifies the protocol used by WAF. This is the default value.'."\n" + ."\n" + .'- **false**: Does not identify the protocol used by WAF.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'OwnerUserId' => ['description' => 'The ID of the Alibaba Cloud account to which the cloud service belongs.', 'type' => 'string', 'example' => '123', 'title' => ''], + 'SubStatus' => ['description' => 'The abnormal protection status. Valid values:'."\n" + ."\n" + .'- **InvalidCert**: The certificate is invalid.'."\n" + ."\n" + .'- **ClientCertOpend**: Mutual authentication is enabled.'."\n" + ."\n" + .'- **NetworkConfigLost**: The network configuration of the cloud service is abnormal.', 'type' => 'string', 'example' => 'InvalidCert', 'title' => ''], + 'SubStatusDetails' => [ + 'description' => 'The details of the abnormal protection status. This parameter is returned only when **SubStatus** is set to InvalidCert.', + 'type' => 'array', + 'items' => [ + 'description' => 'The details of the abnormal protection status. This parameter is returned only when **SubStatus** is set to InvalidCert.', + 'type' => 'object', + 'properties' => [ + 'CertName' => ['description' => 'The name of the certificate in Certificates Management Service.', 'type' => 'string', 'example' => 'test-name', 'title' => ''], + 'Domain' => ['description' => 'The domain name that is bound to the certificate.', 'type' => 'string', 'example' => 'test.aliyun.com', 'title' => ''], + 'CertId' => ['description' => 'The ID of the certificate in Certificates Management Service.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'AppliedType' => ['description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n" + ."\n" + .'- **default**: the default certificate.'."\n" + ."\n" + .'- **extension**: the additional certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''], + 'ProductCertName' => ['description' => 'The name of the certificate that is saved for the cloud service.', 'type' => 'string', 'example' => 'test-name', 'title' => ''], + 'ProductCertId' => ['description' => 'The ID of the certificate that is saved for the cloud service.', 'type' => 'string', 'example' => '123', 'title' => ''], + 'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'test.aliyun.com', 'title' => ''], + 'ReasonCode' => ['description' => 'The reason for the abnormal protection status. Valid values:'."\n" + ."\n" + .'- **UserUploadCert**: The certificate is manually uploaded.'."\n" + ."\n" + .'- **CertNotExistInCertCenter**: The certificate does not exist in Certificates Management Service.'."\n" + ."\n" + .'- **CertExpired**: The certificate has expired.'."\n" + ."\n" + .'- **EmptyCertCN**: The CN of the certificate is empty.', 'type' => 'string', 'example' => 'CertNotExistInCertCenter', 'title' => ''], + 'ExpireTime' => ['description' => 'The expiration time of the certificate. The value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1746328456000', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], + 'CloudResourceId' => ['description' => 'The ID of the resource that is added to WAF. The ID is automatically generated by WAF.', 'type' => 'string', 'example' => 'i-bp1**************7ey-80-ecs', 'title' => ''], + 'MaxBodySize' => ['description' => 'The maximum size of a request body. Valid values: 2 to 10. Default value: 2. Unit: GB.', 'type' => 'integer', 'format' => 'int32', 'example' => '2', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2305CEB0-BA5A-5543-A1D3-3F1D08911B1C\\",\\n \\"Templates\\": [\\n {\\n \\"Description\\": \\"示例防护模板\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"DefenseSubScene\\": \\"basic\\",\\n \\"DefenseScene\\": \\"whitelist\\",\\n \\"GmtModified\\": 1692930539000,\\n \\"TemplateName\\": \\"WAF扫描防护\\",\\n \\"TemplateType\\": \\"user_custom\\",\\n \\"TemplateId\\": 34328,\\n \\"TemplateStatus\\": 1\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDefenseResourceTemplates', - ], - 'CreateDefenseRule' => [ - 'summary' => 'Creates a protection rule.', - 'methods' => [ - 'post', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Instance.ValidFaild', 'errorMessage' => 'WAF instance check failed. Check whether the instance ID is correct.', 'description' => 'WAF instance check failed. Check whether the instance ID is correct.'], + ['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'], + ['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"TotalCount\\": 10,\\n \\"AccessPortDetails\\": [\\n {\\n \\"Protocol\\": \\"https\\",\\n \\"Port\\": 443,\\n \\"Certificates\\": [\\n {\\n \\"CertificateName\\": \\"cert-name1\\",\\n \\"CertificateId\\": \\"123-cn-hangzhou\\",\\n \\"AppliedType\\": \\"default\\"\\n }\\n ],\\n \\"XffHeaderMode\\": 0,\\n \\"XffHeaders\\": [\\n \\"header1\\"\\n ],\\n \\"LogHeaders\\": [\\n {\\n \\"Key\\": \\"key1\\",\\n \\"Value\\": \\"value1\\"\\n }\\n ],\\n \\"Status\\": 1,\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"EnableTLSv3\\": true,\\n \\"CipherSuite\\": 1,\\n \\"CustomCiphers\\": [\\n \\"ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384\\"\\n ],\\n \\"ReadTimeout\\": 5,\\n \\"WriteTimeout\\": 1,\\n \\"Keepalive\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 10,\\n \\"Http2Enabled\\": true,\\n \\"XffProto\\": true,\\n \\"OwnerUserId\\": \\"123\\",\\n \\"SubStatus\\": \\"InvalidCert\\",\\n \\"SubStatusDetails\\": [\\n {\\n \\"CertName\\": \\"test-name\\",\\n \\"Domain\\": \\"test.aliyun.com\\",\\n \\"CertId\\": \\"123-cn-hangzhou\\",\\n \\"AppliedType\\": \\"default\\",\\n \\"ProductCertName\\": \\"test-name\\",\\n \\"ProductCertId\\": \\"123\\",\\n \\"CommonName\\": \\"test.aliyun.com\\",\\n \\"ReasonCode\\": \\"CertNotExistInCertCenter\\",\\n \\"ExpireTime\\": 1746328456000\\n }\\n ],\\n \\"CloudResourceId\\": \\"i-bp1**************7ey-80-ecs\\",\\n \\"MaxBodySize\\": 2\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query the details of cloud service instance ports that are added to WAF', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '150', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResourceAccessPortDetails'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResourceAccessPortDetails', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + ], + 'DescribeCloudResourceAccessedPorts' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106379', - 'abilityTreeNodes' => [ - 'FEATUREwaf1LM6V0', - 'FEATUREwafI1HM4C', - 'FEATUREwafCU29M8', - 'FEATUREwafBWO4L0', - 'FEATUREwaf9JXZCD', - 'FEATUREwaf6XNOII', - 'FEATUREwafQ73SIK', - 'FEATUREwafAFURH8', - 'FEATUREwafS64FX9', - 'FEATUREwafOVI09M', - 'FEATUREwafIFHX6M', - 'FEATUREwafF105ZO', - ], + 'abilityTreeCode' => '226564', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-****', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the rule template for which you want to create a protection rule.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1122', - ], - ], - [ - 'name' => 'DefenseScene', - 'in' => 'query', - 'schema' => [ - 'description' => 'The module to which the protection rule that you want to create belongs.'."\n" - ."\n" - .'* **waf_group:** the basic protection rule module.'."\n" - .'* **antiscan:** the scan protection module.'."\n" - .'* **ip_blacklist:** the IP address blacklist module.'."\n" - .'* **custom_acl:** the custom rule module.'."\n" - .'* **whitelist:** the whitelist module.'."\n" - .'* **region_block:** the region blacklist module.'."\n" - .'* **custom_response:** the custom response module.'."\n" - .'* **cc:** the HTTP flood protection module.'."\n" - .'* **tamperproof:** the website tamper-proofing module.'."\n" - .'* **dlp:** the data leakage prevention module.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_group', - ], - ], - [ - 'name' => 'Rules', - 'in' => 'formData', - 'schema' => [ - 'description' => 'The configurations of the protection rule. The value is a JSON string that contains multiple parameters.'."\n" - ."\n" - .'> The parameters vary based on the **protection module**, which is specified by **DefenseScene**. For more information, see the "**Parameters of protection rules**" section in this topic.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'For more information, see the following section'."\n", - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'template', - 'enum' => [ - 'template', - 'global', - 'resource', - ], - ], + 'schema' => ['description' => 'The instance ID of the resource.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'lb-bp1*****jqnnqk5uj2p'], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwkpn****5i', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned data.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '26E46541-7AAB-5565-801D-F14DBDC5F186', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''], + 'Http' => [ + 'description' => 'The HTTP port.', + 'type' => 'array', + 'items' => ['description' => 'The HTTP port.', 'type' => 'integer', 'format' => 'int32', 'example' => '[80]', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'RuleIds' => [ - 'description' => 'The IDs of the protection rules. Multiple IDs are separated by commas (,).'."\n", - 'type' => 'string', - 'example' => '22215,23354,462165', + 'Https' => [ + 'description' => 'The HTTPS port.', + 'type' => 'array', + 'items' => ['description' => 'The HTTPS port.', 'type' => 'integer', 'format' => 'int32', 'example' => '[443]', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', - 'errorMessage' => 'The whitelist protection rule does not exist.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseWhitelistConfigInvalid', - 'errorMessage' => 'The whitelist rule is misconfigured.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseBookTypeInvalid', - 'errorMessage' => 'The address book type is illegal.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', - 'errorMessage' => 'Threat Intelligence Rule configuration error.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseIpCountOversize', - 'errorMessage' => 'The number of IPs exceeds the limit.', + 'title' => 'DescribeCloudResourceAccessedPorts', + 'summary' => 'Queries the ports of cloud services added to Web Application Firewall (WAF). This operation is supported only for Elastic Compute Service (ECS) and Classic Load Balancer (CLB).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResourceAccessedPorts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"RuleIds\\": \\"22215,23354,462165\\"\\n}","type":"json"}]', - 'title' => 'CreateDefenseRule', - 'requestParamsDescription' => '## Parameters of protection rules'."\n" - ."\n" - .'### Protection rules of the basic protection rule module (**waf\\_group**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|action|String|Yes|block|The action that you want WAF to perform on the matched requests. Valid values:\\- **block**: blocks requests that match the protection rule.\\- **monitor**: monitors requests that match the protection rule.|'."\n" - .'|policyId|Long|No|1012|The ID of the protection rule group. Default value: 1012, which specifies the medium rule group.|'."\n" - .'|protectionType|String|No|sema|The type of the protection rule. Valid values:\\- **regular** (default): regular expression-based protection rules.\\- **sema**: semantic-based protection rules.|'."\n" - .'|config|String|No|{"nonInjectionSql":1}|The custom configuration information. The value is a JSON string. For more information, see config description.|'."\n" - ."\n" - .'**config description**'."\n" - ."\n" - .'* If **protectionType** is set to **sema**, specify the following parameter.'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|nonInjectionSql|Integer|Yes|1|The status of non-injection attack detection. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "DefenseScene": "waf_group",'."\n" - .' "TemplateId": 322,'."\n" - .' "InstaneId": "waf_cn****",'."\n" - .' "Rules": "[{\\"status\\":1,\\"policyId\\":1012,\\"action\\":\\"block\\"},{\\"status\\":1,\\"action\\":\\"block\\",\\"protectionType\\":\\"sema\\",\\"config\\":\\"{\\\\\\"nonInjectionSql\\\\\\":1}\\"}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the scan protection module (**antiscan**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|protectionType|String|Yes|highfreq|The type of the protection rule. Valid values:\\- **highfreq**: high-frequency scan blocking.\\- **dirscan**: directory traversal blocking.\\- **scantools**: scanner blocking.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|action|String|Yes|block|The action that you want WAF to perform on the matched requests. Valid values:\\- **block**: blocks requests that match the protection rule.\\- **monitor**: monitors requests that match the protection rule.|'."\n" - .'|config|String|No|{"target":"remote\\_addr","interval":60,"ttl":180,"count":20}|The custom configuration information. The value is a JSON string. For more information, see **config description**.|'."\n" - ."\n" - .'**config description**'."\n" - ."\n" - .'* If **protectionType** is set to **highfreq**, specify the following parameters.'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|target|String|Yes|remote\\_addr|The type of the statistical object. Valid values:\\- **remote\\_addr** (default): IP addresses.\\- **cookie.acw\\_tc**: sessions.\\- **header**: custom headers. If you use custom headers, you must specify the headers in subkey.\\- **queryarg**: custom parameters. If you use custom parameters, you must specify the parameters in subkey.\\- **cookie**: custom cookies. If you use custom cookies, you must specify the cookies in subkey.|'."\n" - .'|subKey|String|No|abc|The characteristics of the statistical object. This parameter is required only if **target** is set to **cookie**, **header**, or **queryarg**.|'."\n" - .'|interval|Integer|No|60|The detection period. Unit: seconds. Default value: 60.Valid values: 5 to 1800.|'."\n" - .'|ttl|Integer|No|1800|The blocking period. Unit: seconds. Default value: 1800.Valid values: 60 to 86400.|'."\n" - .'|count|Integer|No|20|The maximum number of times that the protection rules of the basic protection rule module can be triggered. Default value: 20.Valid values: 3 to 50000.|'."\n" - .'|ruleIdCount|Integer|No|2|The maximum number of protection rules that can be triggered. Default value: 2.Valid values: 1 to 50.|'."\n" - ."\n" - .'* If **protectionType** is set to **dirscan**, specify the following parameters.'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|target|String|Yes|remote\\_addr|The type of the statistical object. Valid values:\\- **remote\\_addr** (default): IP addresses.\\- **cookie.acw\\_tc**: sessions.\\- **header**: custom headers.\\- **queryarg**: custom parameters.\\- **cookie**: custom cookies.|'."\n" - .'|subKey|String|No|1|The characteristics of the statistical object. This parameter is required only if target is set to **header, queryarg, or cookie**.|'."\n" - .'|interval|Integer|No|60|The detection period. Unit: seconds. Default value: 60.Valid values: 5 to 1800.|'."\n" - .'|ttl|Integer|No|1800|The blocking period. Unit: seconds. Default value: 1800.Valid values: 60 to 86400.|'."\n" - .'|count|Integer|No|20|The maximum number of times that the protection rules of the basic protection rule module can be triggered. Default value: 20.Valid values: 3 to 50000.|'."\n" - .'|weight|Float|No|2|The maximum proportion of 404 status codes allowed. Default value: 0.7.Valid values: 0.01 to 1.0. The value is accurate to two decimal places.|'."\n" - .'|uriNum|Integer|No|2|The maximum number of non-existent directories allowed. Default value: 50.Valid values: 2 to 50000.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 2222,'."\n" - .' "DefenseScene": "antiscan",'."\n" - .' "Rules": "[{\\"protectionType\\":\\"scantools\\",\\"action\\":\\"block\\",\\"status\\":1},{\\"protectionType\\":\\"dirscan\\",\\"status\\":1,\\"action\\":\\"block\\",\\"config\\":\\"{\\\\\\"target\\\\\\":\\\\\\"remote_addr\\\\\\",\\\\\\"interval\\\\\\":10,\\\\\\"ttl\\\\\\":1800,\\\\\\"weight\\\\\\":0.7,\\\\\\"uriNum\\\\\\":50,\\\\\\"count\\\\\\":50}\\"},{\\"protectionType\\":\\"highfreq\\",\\"status\\":1,\\"action\\":\\"block\\",\\"config\\":\\"{\\\\\\"target\\\\\\":\\\\\\"remote_addr\\\\\\",\\\\\\"interval\\\\\\":60,\\\\\\"ttl\\\\\\":1800,\\\\\\"count\\\\\\":20,\\\\\\"ruleIdCount\\\\\\":2}\\"}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the IP address blacklist module (**ip\\_blacklist**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|name|String|Yes|iptest|The name of the protection rule.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|action|String|Yes|block|The action that you want WAF to perform on the matched requests. Valid values:\\- **block**: blocks requests that match the protection rule.\\- **monitor**: monitors requests that match the protection rule.|'."\n" - .'|remoteAddr|Array|Yes|\\["1.1.XX.XX", "3.1.XX.XX/24"\\]|The IP addresses that you want to add to the blacklist. The value is in the \\["ip1","ip2",...\\] format.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 2222,'."\n" - .' "DefenseScene": "ip_blacklist",'."\n" - .' "Rules": "[{\\"name\\":\\"iptest1\\",\\"remoteAddr\\":[\\"1.1.1.2\\",\\"3.3.3.3/24\\"],\\"action\\":\\"monitor\\",\\"status\\":1},{\\"name\\":\\"iptest2\\",\\"remoteAddr\\":[\\"4.4.4.4\\",\\"5.5.5.5/32\\"],\\"action\\":\\"block\\",\\"status\\":1}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the custom rule module (**custom\\_acl**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|name|String|Yes|iptest|The name of the protection rule. You can specify a custom name.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|action|String|Yes|block|The action that you want WAF to perform on the matched requests. Valid values:\\- **block**: blocks requests that match the protection rule.\\- **monitor**: monitors requests that match the protection rule.\\- **js**: performs JavaScript verification on requests that match the protection rule.\\- **captcha**: performs slider CAPTCHA verification on requests that match the protection rule.\\- **captcha\\_strict**: performs strict CAPTCHA verification on requests that match the protection rule.**Note** For more information about the actions that are supported for the protection rules of the custom rule module, log on to the **WAF console**.|'."\n" - .'|conditions|Array|Yes|\\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}\\]|The traffic characteristics of the protection rule. The value is a JSON string. You can configure up to five conditions in a protection rule. For more information, see **conditions description**.|'."\n" - .'|ccStatus|Integer|Yes|1|Specifies whether to enable the rate limiting feature. Valid values:\\- **0**: no.\\- **1**: yes.|'."\n" - .'|ratelimit|JSON|No|{"target":"remote\\_addr","interval":5,"threshold":2,"ttl":1800,"status":{"code":404,"count":2}}|The configuration information of the rate limiting feature. The value is a JSON string. This parameter is required only if ccStatus is set to **1**. For more information, see **ratelimit description**.|'."\n" - .'|effect|String|No|rule|The effective scope of the rate limiting feature. This parameter is required only if ccStatus is set to **1**. Valid values:\\- **service**: The rate limiting feature takes effect for all protected objects.\\- **rule**: The rate limiting feature takes effect for the current protection rule.|'."\n" - ."\n" - .'**conditions description**'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|key|String|Yes|IP|The match field. Valid values: URL, URLPath, IP, Referer, User-Agent, Params, Cookie, Content-Type, Content-Length, X-Forwarded-For, Post-Body, Http-Method, and Header.|'."\n" - .'|subKey|String|No|abc|The child match field.**Note** Not every match field (**key**) of a protection rule contains a child match field (**subKey**). For more information about the child match fields that are supported by each match field, log on to the **WAF console**.|'."\n" - .'|opValue|String|Yes|contain|The logical operator. Valid values:\\- **not-contain**: does not contain.\\- **contain**: contains.\\- **none**: does not exist.\\- **ne**: not equal to.\\- **eq**: equal to.\\- **lt**: value less than.\\- **gt**: value greater than.\\- **len-lt**: length less than.\\- **len-eq**: length equal to.\\- **len-gt**: length greater than.\\-**not-match**: does not match.\\- **match-one**: equal to one of multiple values.\\- **all-not-match**: not equal to any value.\\- **all-not-contain**: does not contain any value.\\- **contain-one**: contains one of multiple values.\\-**not-regex**: does not match regular expressions.\\- **regex**: matches regular expressions.\\- **all-not-regex**: does not match any regular expression.\\- **regex-one**: matches one of multiple regular expressions.\\- **prefix-match**: matches by prefix.\\- **suffix-match**: matches by suffix.\\- **empty**: empty content.\\- **exists**: exists.\\- **inl**: exists in a list.**Note** When you create a protection rule, the valid values of **opValue** vary based on the value of **key**. For more information about the logical operators that are supported by each match field, log on to the **WAF console**.|'."\n" - .'|values|String|Yes|abc|The match content.**Note** The valid values of **opValue** and **values** in a match condition vary based on the value of **key**.|'."\n" - ."\n" - .'**ratelimit description**'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|target|String|Yes|remote\\_addr|The type of the statistical object. Valid values:\\- **remote\\_addr** (default): IP addresses.\\- **cookie.acw\\_tc**: sessions.\\- **header**: custom headers. If you use custom headers, you must specify the headers in subkey.\\- **queryarg**: custom parameters. If you use custom parameters, you must specify the parameters in subkey.\\- **cookie**: custom cookies. If you use custom cookies, you must specify the cookies in subkey.|'."\n" - .'|subKey|String|No|abc|The characteristics of the statistical object. This parameter is required only if **target** is set to **cookie**, **header**, or **queryarg**.|'."\n" - .'|interval|Integer|Yes|60|The statistical period. Unit: seconds. This parameter specifies the interval at which the number of requests is counted. If you specify this parameter, you must also specify **threshold**.Valid values: 5 to 1800.|'."\n" - .'|threshold|Integer|Yes|200|The maximum number of requests that can be sent from the statistical object within the statistical period.|'."\n" - .'|ttl|Integer|Yes|1800|The validity period of the protection action. Unit: seconds.Valid values: 60 to 86400.|'."\n" - .'|status|JSON|No|{"code":404,"count":200}|The frequency of an HTTP status code. The value is a JSON string that contains the following parameters:**code**: the HTTP status code. This parameter is required. Data type: integer.**count**: the maximum number of times that the HTTP status code can be returned. If the actual number is greater than the value, the protection rule is matched. This parameter is optional. Data type: integer. Valid values: 2 to 50000. You can specify count or ratio. You cannot specify the two parameters at the same time.**ratio**: the maximum percentage of times that the HTTP status code can be returned. If the actual percentage is greater than the value, the protection rule is matched. This parameter is optional. Data type: integer. Valid values: 1 to 100. You can specify count or ratio. You cannot specify the two parameters at the same time.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 6242,'."\n" - .' "DefenseScene": "custom_acl",'."\n" - .' "Rules":"[{\\"name\\":\\"acl_test\\",\\"action\\":\\"block\\",\\"conditions\\":[{\\"key\\":\\"URL\\",\\"opValue\\":\\"contain\\",\\"values\\":\\"abc\\"}],\\"ratelimit\\":{\\"target\\":\\"remote_addr\\",\\"interval\\":5,\\"threshold\\":2,\\"ttl\\":1800,\\"status\\":{\\"code\\":404,\\"count\\":2}},\\"ccStatus\\":1,\\"effect\\":\\"rule\\",\\"status\\":1,\\"origin\\":\\"custom\\"}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the whitelist module (**whitelist**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|name|String|Yes|whitelistTest|The name of the protection rule.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|conditions|Array|Yes|\\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}\\]|The traffic characteristics of the protection rule. The value is a JSON string. You can configure up to five conditions in a protection rule. For more information, see **conditions description**.|'."\n" - .'|tags|Array|Yes|\\["waf", "regular"\\]|The protection modules for which you want the protection rule to take effect. The value is in the \\["**XX1**", "**XX2**",...\\] format. Valid values:\\- **waf**: all modules.\\- **customrule**: the custom rule module.\\- **blacklist**: the IP address blacklist module.\\- **antiscan**: the scan protection module.\\- **regular**: the basic protection rule module.\\- **regular\\_rule**: the specific regular expression-based protection rules of the basic protection rule module.\\- **regular\\_type**: the specific types of regular expression-based protection rules of the basic protection rule module.\\- **major\\_protection**: the major event protection module.\\- **cc**: the HTTP flood protection module.\\- **region\\_block**: the region blacklist module.\\- **antibot\\_scene**: the bot management module.\\- **dlp**: the data leakage prevention module.\\- **tamperproof**: the website tamper-proofing module.|'."\n" - .'|regularRules|Array|No|\\[ "111111", "222222" \\]|The IDs of the regular expression-based protection rules that you want requests to bypass. The value is in the \\["**XX1**", "**XX2**",...\\] format. This parameter is required only if **tags** is set to **regular\\_rule**.|'."\n" - .'|regularTypes|Array|No|\\[ "xss", "css" \\]|The types of the regular expression-based protection rules that you want requests to bypass. The value is in the \\["**XX1**", "**XX2**",...\\] format. This parameter is required only if **tags** is set to **regular\\_type**. Valid values:\\- **sqli**: SQL injection.\\- **xss**: cross-site scripting (XSS) attack.\\- **code\\_exec**: code execution.\\- **crlf**: carriage return line feed (CRLF) injection.\\- **lfilei**: local file inclusion.\\- **rfilei**: remote file inclusion.\\- **webshell**: webshell.\\- **csrf**: cross-site request forgery (CSRF).\\- **other**: other.|'."\n" - ."\n" - .'**conditions description**'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|key|String|Yes|IP|The match field. Valid values: **URL**, **URLPath**, **IP**, **Referer**, **User-Agent**, **Params**, **Cookie**, **Content-Type**, **Content-Length**, **X-Forwarded-For**, **Post-Body**, **Http-Method**, and **Header**.|'."\n" - .'|subKey|String|No|abc|The child match field.**Note** Not every match field (**key**) of a protection rule contains a child match field (**subKey**). For more information about the child match fields that are supported by each match field, log on to the **WAF console**.|'."\n" - .'|opValue|String|Yes|contain|The logical operator. Valid values:\\- **not-contain**: does not contain.\\- **contain**: contains.\\- **none**: does not exist.\\- **ne**: not equal to.\\- **eq**: equal to.\\- **lt**: value less than.\\- **gt**: value greater than.\\- **len-lt**: length less than.\\- **len-eq**: length equal to.\\- **len-gt**: length greater than.\\-**not-match**: does not match.\\- **match-one**: equal to one of multiple values.\\- **all-not-match**: not equal to any value.\\- **all-not-contain**: does not contain any value.\\- **contain-one**: contains one of multiple values.\\-**not-regex**: does not match regular expressions.\\- **regex**: matches regular expressions.\\- **all-not-regex**: does not match any regular expression.\\- **regex-one**: matches one of multiple regular expressions.\\- **prefix-match**: matches by prefix.\\- **suffix-match**: matches by suffix.\\- **empty**: empty content.\\- **exists**: exists.\\- **inl**: exists in a list.**Note** When you create a protection rule, the valid values of **opValue** vary based on the value of **key**. For more information about the logical operators that are supported by each match field, log on to the **WAF console**.|'."\n" - .'|values|String|Yes|abc|The match content.**Note** The valid values of **opValue** and **values** in a match condition vary based on the value of **key**.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 9242,'."\n" - .' "DefenseScene": "whitelist",'."\n" - .' "Rules":"[{\\"name\\":\\"whitelistTest\\",\\"tags\\":[\\"regular_rule\\",\\"customrule\\"],\\"status\\":1,\\"origin\\":\\"custom\\",\\"conditions\\":[{\\"key\\":\\"URL\\",\\"opValue\\":\\"contain\\",\\"values\\":\\"/test\\"},{\\"key\\":\\"Header\\",\\"opValue\\":\\"eq\\",\\"values\\":\\"ffff\\",\\"subKey\\":\\"abc\\"}],\\"regularRules\\":[\\"123444\\",\\"444444\\"]}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the custom response module (**custom\\_response**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|responseType|String|Yes|response\\_block|The type of the custom response. Set the value to response\\_block.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|config|String|Yes|{"responseCode":400,"responseHeaders":\\[{"key":"custom","value":"123"},{"key":"aaa","value":"2223"}\\],"responseContent":"HelloWorld"}|The custom configuration information. The value is a JSON string. For more information, see **config description**.|'."\n" - ."\n" - .'**config description**'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|responseCode|Integer|Yes|400|The HTTP status code.|'."\n" - .'|responseHeaders|Array|No|\\[{"key":"custom","value":"123"},{"key":"aaaa","value":"2223"}\\]|The custom header fields in the response. The value is a JSON string. Each field is a **key**\\-**value** pair.|'."\n" - .'|responseContent|String|Yes|helloworld|The response body.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 2841,'."\n" - .' "DefenseScene": "custom_response",'."\n" - .' "Rules":"[{\\"responseType\\":\\"response_block\\",\\"config\\":\\"{\\\\\\"templateName\\\\\\":\\\\\\"aaa\\\\\\",\\\\\\"responseCode\\\\\\":\\\\\\"400\\\\\\",\\\\\\"responseContent\\\\\\":\\\\\\"helloWorld\\\\\\",\\\\\\"responseHeaders\\\\\\":[{\\\\\\"key\\\\\\":\\\\\\"test1\\\\\\",\\\\\\"value\\\\\\":\\\\\\"abc\\\\\\"}]}\\",\\"status\\":1}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the region blacklist module (**region\\_block**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|cnRegionList|String|No|610000,230000|The regions in China from which you want to block requests. If you set this parameter to **CN**, the requests that are sent from all IP addresses in the Chinese mainland are blocked. Separate multiple regions with commas (,). For more information about region codes, see **Codes of administrative regions in China**.|'."\n" - .'|abroadRegionList|String|No|KE,KG|The regions outside China from which you want to block requests. Separate multiple regions with commas (,). For more information about region codes, see **Codes of countries and regions outside China**.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|action|String|Yes|block|The action that you want WAF to perform on the matched requests. Valid values:\\- **block**: blocks requests that match the protection rule.\\- **monitor**: monitors requests that match the protection rule.|'."\n" - ."\n" - .'**Codes of administrative regions in China**'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "110000": "Beijing",'."\n" - .' "120000": "Tianjin",'."\n" - .' "130000": "Hebei",'."\n" - .' "140000": "Shanxi",'."\n" - .' "150000": "Nei Mongol",'."\n" - .' "210000": "Liaoning",'."\n" - .' "220000": "Jilin",'."\n" - .' "230000": "Heilongjiang",'."\n" - .' "310000": "Shanghai",'."\n" - .' "320000": "Jiangsu",'."\n" - .' "330000": "Zhejiang",'."\n" - .' "340000": "Anhui",'."\n" - .' "350000": "Fujian",'."\n" - .' "360000": "Jiangxi",'."\n" - .' "370000": "Shandong",'."\n" - .' "410000": "Henan",'."\n" - .' "420000": "Hubei",'."\n" - .' "430000": "Hunan",'."\n" - .' "440000": "Guangdong",'."\n" - .' "450000": "Guangxi",'."\n" - .' "460000": "Hainan",'."\n" - .' "500000": "Chongqing",'."\n" - .' "510000": "Sichuan",'."\n" - .' "520000": "Guizhou",'."\n" - .' "530000": "Yunnan",'."\n" - .' "540000": "Xizang",'."\n" - .' "610000": "Shaanxi",'."\n" - .' "620000": "Gansu",'."\n" - .' "630000": "Qinghai",'."\n" - .' "640000": "Ningxia",'."\n" - .' "650000": "Xinjiang",'."\n" - .' "MO_01": "Macao (China)",'."\n" - .' "HK_01": "Hong Kong (China)",'."\n" - .' "TW_01": "Taiwan (China)",'."\n" - .' "CN": "Chinese mainland",'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'**Codes of countries and regions outside China**'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "KE": "Kenya",'."\n" - .' "KG": "Kyrgyzstan",'."\n" - .' "KH": "Cambodia",'."\n" - .' "KI": "Kiribati",'."\n" - .' "KM": "Comoros",'."\n" - .' "KN": "Saint Kitts and Nevis",'."\n" - .' "KP": "Democratic People\'s Republic of Korea",'."\n" - .' "KR": "Republic of Korea",'."\n" - .' "KW": "Kuwait",'."\n" - .' "KY": "Cayman Islands",'."\n" - .' "KZ": "Kazakhstan",'."\n" - .' "LA": "Laos",'."\n" - .' "LB": "Lebanon",'."\n" - .' "LC": "Saint Lucia",'."\n" - .' "LI": "Liechtenstein",'."\n" - .' "LK": "Sri Lanka",'."\n" - .' "LR": "Liberia",'."\n" - .' "LS": "Lesotho",'."\n" - .' "LT": "Lithuania",'."\n" - .' "LU": "Luxembourg",'."\n" - .' "LV": "Latvia",'."\n" - .' "LY": "Libya",'."\n" - .' "MA": "Morocco",'."\n" - .' "MC": "Monaco",'."\n" - .' "MD": "Moldova",'."\n" - .' "ME": "Montenegro",'."\n" - .' "MF": "Saint Martin",'."\n" - .' "MG": "Madagascar",'."\n" - .' "MH": "Marshall Islands",'."\n" - .' "MK": "Macedonia",'."\n" - .' "ML": "Mali",'."\n" - .' "MM": "Myanmar",'."\n" - .' "MN": "Mongolia",'."\n" - .' "MP": "Northern Mariana Islands",'."\n" - .' "MQ": "Martinique",'."\n" - .' "MR": "Mauritania",'."\n" - .' "MS": "Montserrat",'."\n" - .' "MT": "Malta",'."\n" - .' "MU": "Mauritius",'."\n" - .' "MV": "Maldives",'."\n" - .' "MW": "Malawi",'."\n" - .' "MX": "Mexico",'."\n" - .' "MY": "Malaysia",'."\n" - .' "MZ": "Mozambique",'."\n" - .' "NA": "Namibia",'."\n" - .' "NC": "New Caledonia",'."\n" - .' "NE": "Niger",'."\n" - .' "NF": "Norfolk Island",'."\n" - .' "NG": "Nigeria",'."\n" - .' "NI": "Nicaragua",'."\n" - .' "NL": "Netherlands",'."\n" - .' "NO": "Norway",'."\n" - .' "NP": "Nepal",'."\n" - .' "NR": "Nauru",'."\n" - .' "NU": "Niue",'."\n" - .' "NZ": "New Zealand",'."\n" - .' "GA": "Gabon",'."\n" - .' "GB": "United Kingdom",'."\n" - .' "WS": "Samoa",'."\n" - .' "GD": "Grenada",'."\n" - .' "GE": "Georgia",'."\n" - .' "GF": "French Guiana",'."\n" - .' "GG": "Guernsey",'."\n" - .' "GH": "Ghana",'."\n" - .' "GI": "Gibraltar",'."\n" - .' "GL": "Greenland",'."\n" - .' "GM": "Gambia",'."\n" - .' "GN": "Guinea",'."\n" - .' "GP": "Guadeloupe",'."\n" - .' "GQ": "Equatorial Guinea",'."\n" - .' "GR": "Greece",'."\n" - .' "GT": "Guatemala",'."\n" - .' "GU": "Guam",'."\n" - .' "GW": "Guinea-Bissau",'."\n" - .' "GY": "Guyana",'."\n" - .' "HN": "Honduras",'."\n" - .' "HR": "Croatia",'."\n" - .' "HT": "Haiti",'."\n" - .' "YE": "Yemen",'."\n" - .' "HU": "Hungary",'."\n" - .' "YT": "Mayotte",'."\n" - .' "ID": "Indonesia",'."\n" - .' "IE": "Ireland",'."\n" - .' "IL": "Israel",'."\n" - .' "IM": "Isle of Man",'."\n" - .' "IN": "India",'."\n" - .' "IO": "British Indian Ocean Territory",'."\n" - .' "ZA": "South Africa",'."\n" - .' "IQ": "Iraq",'."\n" - .' "IR": "Iran",'."\n" - .' "IS": "Iceland",'."\n" - .' "IT": "Italy",'."\n" - .' "ZM": "Zambia",'."\n" - .' "JE": "Jersey",'."\n" - .' "ZW": "Zimbabwe",'."\n" - .' "JM": "Jamaica",'."\n" - .' "JO": "Jordan",'."\n" - .' "JP": "Japan",'."\n" - .' "SI": "Slovenia",'."\n" - .' "BY": "Belarus",'."\n" - .' "SK": "Slovakia",'."\n" - .' "BZ": "Belize",'."\n" - .' "SL": "Sierra Leone",'."\n" - .' "SM": "San Marino",'."\n" - .' "SN": "Senegal",'."\n" - .' "SO": "Somalia",'."\n" - .' "CA": "Canada",'."\n" - .' "SR": "Suriname",'."\n" - .' "SS": "South Sudan",'."\n" - .' "ST": "Sao Tome and Principe",'."\n" - .' "CD": "Democratic Republic of the Congo",'."\n" - .' "CF": "Central African Republic",'."\n" - .' "SV": "El Salvador",'."\n" - .' "CG": "Republic of the Congo",'."\n" - .' "CH": "Switzerland",'."\n" - .' "SX": "Sint Maarten",'."\n" - .' "SY": "Syrian Arab Republic",'."\n" - .' "CI": "Côte d\'Ivoire",'."\n" - .' "SZ": "Eswatini",'."\n" - .' "CK": "Cook Islands",'."\n" - .' "CL": "Chile",'."\n" - .' "CM": "Cameroon",'."\n" - .' "CN": "China",'."\n" - .' "CO": "Colombia",'."\n" - .' "TC": "Turks and Caicos Islands",'."\n" - .' "CR": "Costa Rica",'."\n" - .' "TD": "Chad",'."\n" - .' "CU": "Cuba",'."\n" - .' "CV": "Cabo Verde",'."\n" - .' "TG": "Togo",'."\n" - .' "CW": "Curacao",'."\n" - .' "TH": "Thailand",'."\n" - .' "CX": "Christmas Island",'."\n" - .' "TJ": "Tajikistan",'."\n" - .' "CY": "Cyprus",'."\n" - .' "CZ": "Czech Republic",'."\n" - .' "TK": "Tokelau",'."\n" - .' "TL": "Timor-Leste",'."\n" - .' "TM": "Turkmenistan",'."\n" - .' "TN": "Tunisia",'."\n" - .' "TO": "Tonga",'."\n" - .' "TR": "Türkiye",'."\n" - .' "TT": "Trinidad and Tobago",'."\n" - .' "DE": "Germany",'."\n" - .' "TV": "Tuvalu",'."\n" - .' "DJ": "Djibouti",'."\n" - .' "TZ": "Tanzania",'."\n" - .' "DK": "Denmark",'."\n" - .' "DM": "Dominica",'."\n" - .' "DO": "Dominican Republic",'."\n" - .' "UA": "Ukraine",'."\n" - .' "UG": "Uganda",'."\n" - .' "DZ": "Algeria",'."\n" - .' "UM": "United States Minor Outlying Islands",'."\n" - .' "US": "United States of America",'."\n" - .' "EC": "Ecuador",'."\n" - .' "EE": "Estonia",'."\n" - .' "EG": "Egypt",'."\n" - .' "UY": "Uruguay",'."\n" - .' "UZ": "Uzbekistan",'."\n" - .' "VA": "Vatican City",'."\n" - .' "VC": "Saint Vincent and the Grenadines",'."\n" - .' "ER": "Eritrea",'."\n" - .' "ES": "Spain",'."\n" - .' "VE": "Venezuela",'."\n" - .' "ET": "Ethiopia",'."\n" - .' "VG": "British Virgin Islands",'."\n" - .' "VI": "United States Virgin Islands",'."\n" - .' "VN": "Vietnam",'."\n" - .' "VU": "Vanuatu",'."\n" - .' "FI": "Finland",'."\n" - .' "FJ": "Fiji",'."\n" - .' "FK": "Falkland Islands",'."\n" - .' "FM": "Federated States of Micronesia",'."\n" - .' "FO": "Faroe Islands",'."\n" - .' "FR": "France",'."\n" - .' "WF": "Wallis and Futuna Islands",'."\n" - .' "OM": "Oman",'."\n" - .' "PA": "Panama",'."\n" - .' "PE": "Peru",'."\n" - .' "PF": "French Polynesia",'."\n" - .' "PG": "Papua New Guinea",'."\n" - .' "PH": "Philippines",'."\n" - .' "PK": "Pakistan",'."\n" - .' "PL": "Poland",'."\n" - .' "PM": "Saint Pierre and Miquelon",'."\n" - .' "PR": "Puerto Rico",'."\n" - .' "PS": "Palestine",'."\n" - .' "PT": "Portugal",'."\n" - .' "PW": "Palau",'."\n" - .' "PY": "Paraguay",'."\n" - .' "QA": "Qatar",'."\n" - .' "AD": "Andorra",'."\n" - .' "AE": "United Arab Emirates",'."\n" - .' "AF": "Afghanistan",'."\n" - .' "AG": "Antigua and Barbuda",'."\n" - .' "AI": "Anguilla",'."\n" - .' "AL": "Albania",'."\n" - .' "AM": "Armenia",'."\n" - .' "AO": "Angola",'."\n" - .' "AP": "Asia-Pacific",'."\n" - .' "AQ": "Antarctica",'."\n" - .' "AR": "Argentina",'."\n" - .' "AS": "American Samoa",'."\n" - .' "RE": "Reunion",'."\n" - .' "AT": "Austria",'."\n" - .' "AU": "Australia",'."\n" - .' "AW": "Aruba",'."\n" - .' "AX": "Aland Islands",'."\n" - .' "AZ": "Azerbaijan",'."\n" - .' "RO": "Romania",'."\n" - .' "BA": "Bosnia and Herzegovina",'."\n" - .' "BB": "Barbados",'."\n" - .' "RS": "Serbia",'."\n" - .' "BD": "Bangladesh",'."\n" - .' "BE": "Belgium",'."\n" - .' "RU": "Russia",'."\n" - .' "BF": "Burkina Faso",'."\n" - .' "RW": "Rwanda",'."\n" - .' "BG": "Bulgaria",'."\n" - .' "BH": "Bahrain",'."\n" - .' "BI": "Burundi",'."\n" - .' "BJ": "Benin",'."\n" - .' "BL": "Saint Barthelemy",'."\n" - .' "BM": "Bermuda",'."\n" - .' "BN": "Brunei",'."\n" - .' "BO": "Bolivia",'."\n" - .' "SA": "Saudi Arabia",'."\n" - .' "BQ": "Caribbean Netherlands",'."\n" - .' "SB": "Solomon Islands",'."\n" - .' "BR": "Brazil",'."\n" - .' "SC": "Seychelles",'."\n" - .' "SD": "Sudan",'."\n" - .' "BS": "Bahamas",'."\n" - .' "SE": "Sweden",'."\n" - .' "BT": "Bhutan",'."\n" - .' "SG": "Singapore",'."\n" - .' "BW": "Botswana"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'##### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 2341,'."\n" - .' "DefenseScene": "region_block",'."\n" - .' "Rules": "[{\\"cnRegionList\\":\\"CN,HK_01,TW_01,MO_01\\",\\"abroadRegionList\\":\\"AU,NZ\\",\\"action\\":\\"block\\",\\"status\\":1}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the HTTP flood protection module (**cc**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|mode|Integer|Yes|0|The HTTP flood protection mode. Valid values:\\- **0** (default): the protection mode.\\- **1**: the protection-emergency mode.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 2241,'."\n" - .' "DefenseScene": "cc",'."\n" - .' "Rules":"[{\\"mode\\":0,\\"status\\":1}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the website tamper-proofing module (**tamperproof**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|name|String|Yes|test|The name of the protection rule.|'."\n" - .'|url|String|Yes|/abc|The address of the cached page.|'."\n" - .'|ua|String|No|app|The User-Agent string that is allowed for access to the address.|'."\n" - .'|protocol|String|Yes|https|The protocol type of the cached page address. Valid values: **http** and **https**.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 1241,'."\n" - .' "DefenseScene": "tamperproof",'."\n" - .' "Rules": "[{\\"name\\":\\"test1\\",\\"url\\":\\"www.test1.com\\",\\"ua\\":\\"firefox\\",\\"protocol\\":\\"https\\",\\"status\\":1}]"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Protection rules of the data leakage prevention module (**dlp**)'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|name|String|Yes|test|The name of the protection rule.|'."\n" - .'|conditions|Array|Yes|\\[{"key":"HttpCode","opValue":"contain","values":"400,401,402,403,404,405,500,501,502,503,504,505"},{"key":"URL","opValue":"contain","values":"test"}\\]|The match conditions. The value is a JSON string. You can configure up to two match conditions. The match conditions are evaluated by using a logical AND. For more information, see **conditions description**.|'."\n" - .'|status|Integer|Yes|1|The status of the protection rule. When you create a protection rule, you can use this parameter. When you modify a protection rule by calling the [ModifyDefenseRuleStatus](~~ModifyDefenseRuleStatus~~) operation, you must use RuleStatus. Valid values:\\- **0**: disabled.\\- **1** (default): enabled.|'."\n" - .'|action|String|Yes|block|The action that you want WAF to perform on the matched requests. Valid values:\\- **block**: blocks requests that match the protection rule.\\- **monitor**: monitors requests that match the protection rule.\\- **filter**: filters sensitive information. You can specify this action only if you configure a condition to match sensitive information.|'."\n" - ."\n" - .'**conditions description**'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|key|String|Yes|URL|The match field. Valid values: **URL**, **HttpCode**, and **SensitiveInfo**.|'."\n" - .'|opValue|String|Yes|contain|The logical operator. Set the value to **contain**.|'."\n" - .'|values|String|Yes|abc|The match content. Separate multiple items with commas (,).If key is set to **HttpCode**, you can set this parameter to one of the following values: **400**, **401**, **402**, **403**, **404**, **405** (**405 - 499**), **500**, **501**, **502**, **503**, **504**, and **505** (**505 - 599**).If key is set to **SensitiveInfo**, you can set this parameter to one of the following values:\\- **phone**: mobile phone numbers.\\- **card**: credit card numbers.\\- **id**: ID card numbers.\\- **word**: default sensitive words.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_****",'."\n" - .' "TemplateId": 5241,'."\n" - .' "DefenseScene": "dlp",'."\n" - .' "Rules":"[{\\"name\\":\\"test\\",\\"action\\":\\"filter\\",\\"status\\":1,\\"conditions\\":[{\\"key\\":\\"SensitiveInfo\\",\\"opValue\\":\\"contain\\",\\"values\\":\\"id,card\\"},{\\"key\\":\\"URL\\",\\"opValue\\":\\"contain\\",\\"values\\":\\"/test.html\\"}]}]"'."\n" - .'}'."\n" - .'```', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Http\\": [\\n 0\\n ],\\n \\"Https\\": [\\n 0\\n ]\\n}","type":"json"}]', ], - 'ModifyDefenseRule' => [ - 'summary' => 'Modifies the configurations of a protection rule.', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeCloudResourceList' => [ + 'summary' => 'Queries the list of resources connected to WAF in cloud native mode.', + 'path' => '', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106380', - 'abilityTreeNodes' => [ - 'FEATUREwaf1LM6V0', - 'FEATUREwafOVI09M', - 'FEATUREwafF105ZO', - 'FEATUREwafCU29M8', - 'FEATUREwafBWO4L0', - 'FEATUREwaf9JXZCD', - 'FEATUREwafIFHX6M', - 'FEATUREwafI1HM4C', - 'FEATUREwaf16U367', - 'FEATUREwaf6XNOII', - 'FEATUREwafS64FX9', - 'FEATUREwafQ73SIK', - 'FEATUREwafAFURH8', - 'FEATUREwafRM5KJ7', - 'FEATUREwaf4TDPM4', - 'FEATUREwafOUMN3V', - 'FEATUREwafVG3S9P', - 'FEATUREwafIDKGGL', - 'FEATUREwafWUANSU', - 'FEATUREwafVZXFDE', - 'FEATUREwaf6KFDRU', - ], + 'abilityTreeCode' => '226583', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template to which the protection rule whose configurations you want to modify belongs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '5325', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'DefenseScene', + 'name' => 'OwnerUserId', 'in' => 'query', - 'schema' => [ - 'description' => 'The scenario in which you want to use the protection rule. For more information, see the description of the **DefenseScene** parameter in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'waf_group', - ], + 'schema' => ['title' => '', 'description' => 'The UID of the resource ownership user.', 'type' => 'string', 'required' => false, 'example' => '1111111111'], ], [ - 'name' => 'Rules', - 'in' => 'formData', - 'schema' => [ - 'description' => 'The details of the protection rule. Specify a string that contains multiple parameters in the JSON format. You must specify the ID and the new configurations of the protection rule.'."\n" - ."\n" - .'* **id:** The ID of the protection rule. Data type: long. You must specify this parameter.'."\n" - .'* The protection rule configurations: The role of this parameter is the same as that of the **Rules** parameter in the **CreateDefenseRule** topic. For more information, see the "**Protection rule parameters**" section in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '[{"id":2344,"policyId":1012,"action":"block"}] ', - ], + 'name' => 'ResourceInstanceId', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The instance ID of the resource.', 'type' => 'string', 'required' => false, 'example' => 'i-8vbdlsd********81e22'], ], [ - 'name' => 'DefenseType', + 'name' => 'Port', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'template', - 'enum' => [ - 'global', - 'resource', - 'template', - ], - ], + 'schema' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'string', 'required' => false, 'example' => '80', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceProduct', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The cloud service to which the resource belongs. Valid values:'."\n" + ."\n" + .'- **alb**: Application Load Balancer (ALB).'."\n" + ."\n" + .'- **mse**: Microservices Engine (MSE).'."\n" + ."\n" + .'- **fc**: Function Compute (FC).'."\n" + ."\n" + .'- **sae**: Serverless App Engine (SAE).'."\n" + ."\n" + .'- **ecs**: Elastic Compute Service (ECS).'."\n" + .'- **clb4**: Classic Load Balancer (CLB) (TCP).'."\n" + .'- **clb7**: Classic Load Balancer (CLB) (HTTP/HTTPS).'."\n" + .'- **apig**: API Gateway (APIG).'."\n" + .'- **nlb**: Network Load Balancer (NLB).'."\n" + .'- **ddos**: Anti-DDoS.'."\n" + ."\n" + .'> Different products are supported in different regions. If you specify a value for this parameter, make sure that the product is supported in the specified region. Otherwise, the query may fail.', 'type' => 'string', 'required' => false, 'example' => 'ecs', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'CloudResourceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF in cloud native mode.'."\n" + ."\n" + .'> You can call [CreateCloudResource](~~2839876~~) to connect a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'i-8vbdlsd********81e22-80-ecs', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The pagination token for the next page. If a value is returned for this parameter, the next page exists.'."\n" + .'> If this parameter has a return value, the next page exists. You can use the returned **NextToken** value as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], + ], + [ + 'name' => 'MaxResults', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page in a paged query. Valid values: 1 to 100. Default value: 10.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '100', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceDomain', + 'in' => 'query', + 'schema' => ['description' => 'The domain name connected to WAF.'."\n" + .'> This parameter is supported only when the cloud service type is ddos.', 'type' => 'string', 'required' => false, 'example' => 'www.c**sw.net', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '1EEA9C98-F166-54FE-ADE3-08D8****BDFA', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], + 'NextToken' => ['description' => 'The pagination token for the next page. If a value is returned for this parameter, the next page exists.'."\n" + .'> If this parameter has a return value, the next page exists. You can use the returned **NextToken** value as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '118', 'title' => ''], + 'MaxResults' => ['description' => 'The number of entries per page in a paged query.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], + 'CloudResourceList' => [ + 'description' => 'The list of resources connected to WAF in cloud native mode.', + 'type' => 'array', + 'items' => [ + 'description' => 'The resource connected to WAF in cloud native mode.', + 'type' => 'object', + 'properties' => [ + 'Protocol' => ['description' => 'The protocol type. Valid values:'."\n" + .'- **http**: HTTP.'."\n" + .'- **https**: HTTPS.', 'type' => 'string', 'example' => 'http', 'title' => ''], + 'Port' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'ResourceRegionId' => ['description' => 'The resource ownership region ID. For valid values, see the supplementary description of response parameters.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], + 'ResourceInstanceId' => ['description' => 'The instance ID of the resource connected to WAF.', 'type' => 'string', 'example' => 'i-8vbdlsd********81e22', 'title' => ''], + 'ResourceProduct' => ['description' => 'The cloud service to which the resource belongs. Valid values:'."\n" + ."\n" + .'- **alb**: Application Load Balancer (ALB).'."\n" + ."\n" + .'- **mse**: Microservices Engine (MSE).'."\n" + ."\n" + .'- **fc**: Function Compute (FC).'."\n" + ."\n" + .'- **sae**: Serverless App Engine (SAE).'."\n" + .'- **ecs**: Elastic Compute Service (ECS).'."\n" + .'- **clb4**: Classic Load Balancer (CLB) (TCP).'."\n" + .'- **clb7**: Classic Load Balancer (CLB) (HTTP/HTTPS).'."\n" + .'- **nlb**: Network Load Balancer (NLB).', 'type' => 'string', 'example' => 'ecs', 'title' => ''], + 'CloudResourceId' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF.', 'type' => 'string', 'example' => 'i-8vbdlsd********81e22-80-ecs', 'title' => ''], + 'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aek2uo2****lbka', 'title' => ''], + 'ResourceDomain' => ['description' => 'The domain name connected to WAF.', 'type' => 'string', 'example' => 'www.c**sw.net', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [ 400 => [ - [ - 'errorCode' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', - 'errorMessage' => 'The whitelist protection rule does not exist.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseWhitelistConfigInvalid', - 'errorMessage' => 'The whitelist rule is misconfigured.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseBookTypeInvalid', - 'errorMessage' => 'The address book type is illegal.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', - 'errorMessage' => 'Threat Intelligence Rule configuration error.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseIpCountOversize', - 'errorMessage' => 'The number of IPs exceeds the limit.', - ], - ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1EEA9C98-F166-54FE-ADE3-08D8****BDFA\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefenseRule', + ['errorCode' => 'Waf.Instance.ValidFaild', 'errorMessage' => 'WAF instance check failed. Check whether the instance ID is correct.', 'description' => 'WAF instance check failed. Check whether the instance ID is correct.'], + ['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'], + ['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'], + ], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'Query cloud native mode WAF configuration list', + 'requestParamsDescription' => '| Region ID | Region | Supported products |'."\n" + .'| ------------- | ------------- | ------------- |'."\n" + .'|cn-hangzhou| China (Hangzhou)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n" + .'|cn-shanghai| China (Shanghai)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n" + .'|cn-shenzhen| China (Shenzhen)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n" + .'|cn-beijing| China (Beijing)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n" + .'|cn-zhangjiakou| China (Zhangjiakou)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n" + .'|cn-chengdu| China (Chengdu)| ALB,ECS,CLB,NLB|'."\n" + .'|cn-qingdao| China (Qingdao)| ALB,ECS,CLB,NLB|'."\n" + .'|cn-guangzhou| China (Guangzhou)| ALB|'."\n" + .'|cn-wulanchabu| China (Ulanqab)| ALB|'."\n" + .'|cn-hongkong| Hong Kong (China)| ALB,MSE,ECS,CLB,NLB|'."\n" + .'|cn-fuzhou| China (Fuzhou - Local Region - Discontinuing)| ALB|'."\n" + .'|ap-southeast-6| Philippines (Manila)| ALB|'."\n" + .'|ap-southeast-5| Indonesia (Jakarta)| ALB,ECS,CLB,NLB|'."\n" + .'|ap-northeast-1| Japan (Tokyo)| ALB|'."\n" + .'|ap-southeast-3| Malaysia (Kuala Lumpur)| ALB,MSE,ECS,CLB,NLB|'."\n" + .'|ap-southeast-1| Singapore| ALB,MSE|'."\n" + .'|eu-central-1| Germany (Frankfurt)| ALB|'."\n" + .'|us-west-1| US (Silicon Valley)| ALB|'."\n" + .'|us-east-1| US (Virginia)| ALB|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResourceList', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + 'additionalActions' => [ + ['action' => 'yundun-waf:DescribeCloudResourceList', 'validationType' => 'conditional'], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"TotalCount\\": 118,\\n \\"MaxResults\\": 20,\\n \\"CloudResourceList\\": [\\n {\\n \\"Protocol\\": \\"http\\",\\n \\"Port\\": 80,\\n \\"ResourceRegionId\\": \\"cn-hangzhou\\",\\n \\"ResourceInstanceId\\": \\"i-8vbdlsd********81e22\\",\\n \\"ResourceProduct\\": \\"ecs\\",\\n \\"CloudResourceId\\": \\"i-8vbdlsd********81e22-80-ecs\\",\\n \\"ResourceManagerResourceGroupId\\": \\"rg-aek2uo2****lbka\\",\\n \\"ResourceDomain\\": \\"www.c**sw.net\\"\\n }\\n ]\\n}","type":"json"}]', ], - 'ModifyDefenseRuleStatus' => [ - 'summary' => 'Changes the status of a protection rule.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeCloudResources' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106381', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeCode' => '112176', + 'abilityTreeNodes' => ['FEATUREwafJ7PT1V', 'FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafM61JTL', 'FEATUREwafFJZ9SV', 'FEATUREwafL6Q7OZ'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => 'waf_v3prepaid_public_cn-lbj****cn0c', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template to which the protection rule whose status you want to change belongs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '7239', - ], + 'schema' => ['description' => 'The ID of the resource instance.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'alb-43glijk0fr****gths'], ], [ - 'name' => 'RuleId', + 'name' => 'ResourceName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule whose status you want to change.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '20002615', - ], + 'schema' => ['description' => 'The name of the resource instance.', 'type' => 'string', 'deprecated' => true, 'title' => '', 'required' => false, 'example' => 'alb-name'], ], [ - 'name' => 'RuleStatus', + 'name' => 'ResourceRegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The new status of the protection rule. Valid values:'."\n" - ."\n" - .'* **0:** disabled.'."\n" - .'* **1:** enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the region where the resource resides. For more information, see the "Regions and supported products" section in this topic.'."\n" + ."\n" + .'> Each cloud service supports different regions. If you specify the ResourceProduct parameter, make sure the region you specify for this parameter supports that service. Otherwise, the query may fail.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'cn-beijing'], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceProduct', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The cloud service to which the resource belongs. By default, instances of Application Load Balancer (ALB), Microservices Engine (MSE), Function Compute (FC), and Serverless App Engine (SAE) are returned. Valid values:'."\n" + ."\n" + .'- **alb**: ALB'."\n" + ."\n" + .'- **mse**: MSE'."\n" + ."\n" + .'- **fc**: FC'."\n" + ."\n" + .'- **sae**: SAE'."\n" + ."\n" + .'- **ecs**: Elastic Compute Service (ECS)'."\n" + ."\n" + .'- **clb4**: Classic Load Balancer (CLB) that uses TCP'."\n" + ."\n" + .'- **clb7**: CLB that uses HTTP or HTTPS'."\n" + ."\n" + .'- **nlb**: Network Load Balancer (NLB)'."\n" + ."\n" + .'> Each cloud service supports different regions. If you specify this parameter, make sure the region you specify for the ResourceRegionId parameter supports this service. Otherwise, the query may fail.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'alb'], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'template', - 'enum' => [ - 'template', - 'resource', - 'global', - ], - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '100', 'minimum' => '10', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'ResourceRouteName', + 'in' => 'query', + 'schema' => ['description' => 'The name of the route. This parameter is available when you query MSE resources.', 'type' => 'string', 'required' => false, 'example' => 'mse-default-traffic', 'title' => ''], + ], + [ + 'name' => 'ResourceDomain', + 'in' => 'query', + 'schema' => ['description' => 'The domain name of the resource. This parameter is available when you query FC or SAE resources.', 'type' => 'string', 'required' => false, 'example' => 'fc-domain-test', 'title' => ''], + ], + [ + 'name' => 'ResourceFunction', + 'in' => 'query', + 'schema' => ['description' => 'The name of the function. This parameter is available when you query FC resources.', 'type' => 'string', 'required' => false, 'example' => 'fc-test', 'title' => ''], + ], + [ + 'name' => 'OwnerUserId', + 'in' => 'query', + 'schema' => ['description' => 'The UID of the account to which the resource belongs.', 'type' => 'string', 'required' => false, 'example' => '11769793******', 'title' => ''], + ], + [ + 'name' => 'ResourceInstanceName', + 'in' => 'query', + 'schema' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'test-name', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4gh****wela', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", + 'description' => 'The response object.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'BB305BF3-3C71-57A9-9704-E22F567689B0', + 'TotalCount' => ['description' => 'The total number of cloud services found.', 'type' => 'integer', 'format' => 'int64', 'example' => '121', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C327F81A-CCE2-5B21-817C-F93E29C5****', 'title' => ''], + 'CloudResources' => [ + 'description' => 'A list of cloud services.', + 'type' => 'array', + 'items' => [ + 'description' => 'Details about the cloud service.', + 'type' => 'object', + 'properties' => [ + 'ResourceRouteName' => ['description' => 'The name of the route. This parameter is returned for MSE instances.', 'type' => 'string', 'example' => 'test-route-name', 'title' => ''], + 'ResourceRegionId' => ['title' => '', 'description' => 'The region where the resource resides.', 'type' => 'string', 'example' => 'cn-hangzhou'], + 'ResourceFunction' => ['description' => 'The name of the function. This parameter is returned for FC instances.', 'type' => 'string', 'example' => 'test-resource-function', 'title' => ''], + 'ResourceName' => ['description' => 'The name of the instance.', 'type' => 'string', 'deprecated' => true, 'title' => '', 'example' => 'test-resource-name'], + 'ResourceInstance' => ['description' => 'The ID of the resource instance.', 'type' => 'string', 'deprecated' => true, 'example' => 'alb-ffff****', 'title' => ''], + 'ResourceProduct' => ['description' => 'The cloud service to which the resource belongs. Valid values:'."\n" + ."\n" + .'- **alb**: ALB'."\n" + ."\n" + .'- **mse**: MSE'."\n" + ."\n" + .'- **fc**: FC'."\n" + ."\n" + .'- **sae**: SAE'."\n" + ."\n" + .'- **ecs**: ECS'."\n" + ."\n" + .'- **clb4**: CLB that uses TCP'."\n" + ."\n" + .'- **clb7**: CLB that uses HTTP or HTTPS'."\n" + ."\n" + .'- **nlb**: NLB', 'type' => 'string', 'example' => 'alb', 'title' => ''], + 'ResourceService' => ['description' => 'The name of the service. This parameter is returned for FC instances.', 'type' => 'string', 'example' => 'test-resource-service', 'title' => ''], + 'ResourceDomain' => ['description' => 'The domain name of the resource. This parameter is returned for FC or SAE instances.', 'type' => 'string', 'example' => 'test-resource-domain', 'title' => ''], + 'OwnerUserId' => ['description' => 'The UID of the account to which the resource belongs.', 'type' => 'string', 'example' => '11769793******', 'title' => ''], + 'HttpPortCount' => ['description' => 'The number of HTTP ports that are added to WAF.'."\n" + ."\n" + .'> This parameter is returned only for ECS and CLB instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'HttpsPortCount' => ['description' => 'The number of HTTPS ports that are added to WAF.'."\n" + ."\n" + .'> This parameter is returned only for ECS and CLB instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'ResourceInstanceIp' => ['description' => 'The IP address of the instance that is added to WAF.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''], + 'ResourceInstanceId' => ['description' => 'The ID of the instance that is added to WAF.', 'type' => 'string', 'example' => 'lb-uf60ub45fr9b***', 'title' => ''], + 'ResourceInstanceName' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'example' => 'test-name', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BB305BF3-3C71-57A9-9704-E22F567689B0\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefenseRuleStatus', - ], - 'DeleteDefenseRule' => [ - 'summary' => 'Deletes a protection rule.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'DescribeCloudResources', + 'summary' => 'Queries the list of cloud services added to Web Application Firewall (WAF).', + 'requestParamsDescription' => '| Region ID | Region name | Supported products |'."\n" + .'| -------------- | ---------------------------------------------------- | -------------------------- |'."\n" + .'| cn-hangzhou | China (Hangzhou) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n" + .'| cn-shanghai | China (Shanghai) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n" + .'| cn-shenzhen | China (Shenzhen) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n" + .'| cn-beijing | China (Beijing) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n" + .'| cn-zhangjiakou | China (Zhangjiakou) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n" + .'| cn-chengdu | China (Chengdu) | ALB,ECS,CLB,NLB |'."\n" + .'| cn-qingdao | China (Qingdao) | ALB,ECS,CLB,NLB |'."\n" + .'| cn-guangzhou | China (Guangzhou) | ALB |'."\n" + .'| cn-wulanchabu | China (Ulanqab) | ALB |'."\n" + .'| cn-hongkong | China (Hong Kong) | ALB,MSE,ECS,CLB,NLB |'."\n" + .'| cn-fuzhou | China (Fuzhou - local region - being decommissioned) | ALB |'."\n" + .'| ap-southeast-6 | Philippines (Manila) | ALB |'."\n" + .'| ap-southeast-5 | Indonesia (Jakarta) | ALB,ECS,CLB,NLB |'."\n" + .'| ap-northeast-1 | Japan (Tokyo) | ALB |'."\n" + .'| ap-southeast-3 | Malaysia (Kuala Lumpur) | ALB,MSE,ECS,CLB,NLB |'."\n" + .'| ap-southeast-1 | Singapore | ALB,MSE |'."\n" + .'| eu-central-1 | Germany (Frankfurt) | ALB |'."\n" + .'| us-west-1 | US (Silicon Valley) | ALB |'."\n" + .'| us-east-1 | US (Virginia) | ALB |', + 'changeSet' => [ + ['createdAt' => '2024-07-09T07:10:02.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResources'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 121,\\n \\"RequestId\\": \\"C327F81A-CCE2-5B21-817C-F93E29C5****\\",\\n \\"CloudResources\\": [\\n {\\n \\"ResourceRouteName\\": \\"test-route-name\\",\\n \\"ResourceRegionId\\": \\"cn-hangzhou\\",\\n \\"ResourceFunction\\": \\"test-resource-function\\",\\n \\"ResourceName\\": \\"test-resource-name\\",\\n \\"ResourceInstance\\": \\"alb-ffff****\\",\\n \\"ResourceProduct\\": \\"alb\\",\\n \\"ResourceService\\": \\"test-resource-service\\",\\n \\"ResourceDomain\\": \\"test-resource-domain\\",\\n \\"OwnerUserId\\": \\"11769793******\\",\\n \\"HttpPortCount\\": 1,\\n \\"HttpsPortCount\\": 1,\\n \\"ResourceInstanceIp\\": \\"1.1.1.1\\",\\n \\"ResourceInstanceId\\": \\"lb-uf60ub45fr9b***\\",\\n \\"ResourceInstanceName\\": \\"test-name\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeCnameCount' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106469', - 'abilityTreeNodes' => [ - 'FEATUREwaf1LM6V0', - 'FEATUREwafOVI09M', - 'FEATUREwafF105ZO', - 'FEATUREwafCU29M8', - 'FEATUREwafBWO4L0', - 'FEATUREwaf9JXZCD', - 'FEATUREwafIFHX6M', - 'FEATUREwafI1HM4C', - 'FEATUREwaf16U367', - 'FEATUREwaf6XNOII', - 'FEATUREwafS64FX9', - 'FEATUREwafQ73SIK', - 'FEATUREwafAFURH8', - 'FEATUREwafRM5KJ7', - 'FEATUREwaf4TDPM4', - 'FEATUREwafOUMN3V', - 'FEATUREwafVG3S9P', - 'FEATUREwafIDKGGL', - 'FEATUREwafWUANSU', - 'FEATUREwafVZXFDE', - 'FEATUREwaf6KFDRU', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template to which the protection rule that you want to delete belongs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '2221', - ], - ], - [ - 'name' => 'RuleIds', - 'in' => 'query', - 'schema' => [ - 'description' => 'The IDs of the protection rules that you want to delete. Separate the IDs with commas (,).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '2223455,23354,465565', - ], - ], - [ - 'name' => 'DefenseType', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'template', - 'enum' => [ - 'template', - 'global', - 'resource', - ], - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'Resource', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '2EC856FE-6D31-5861-8275-E5DEDB539089', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], + 'CnameCount' => [ + 'description' => 'The number of CNAME access entries.', + 'type' => 'object', + 'properties' => [ + 'Total' => ['description' => 'The total number of results returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'HybridCloudCname' => ['description' => 'The number of domain names added through hybrid cloud access.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Cname' => ['description' => 'The number of domain names added through public cloud CNAME access.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Defense.Control.DefenseAddressBookInUse', - 'errorMessage' => 'The address book is in use and cannot be deleted.', + 'title' => 'Query the total number of added domain names', + 'summary' => 'Queries the total number of domain names that are added to WAF, including domain names added through CNAME and hybrid cloud access.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T13:24:08.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-15T07:34:14.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCnameCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EC856FE-6D31-5861-8275-E5DEDB539089\\"\\n}","type":"json"}]', - 'title' => 'DeleteDefenseRule', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"CnameCount\\": {\\n \\"Total\\": 1,\\n \\"HybridCloudCname\\": 1,\\n \\"Cname\\": 1\\n }\\n}","type":"json"}]', ], - 'DescribeDefenseRules' => [ - 'summary' => 'Queries protection rules by page.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeCommonLogFields' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -15437,288 +11752,141 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106383', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeCode' => '111390', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'RuleType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of protection rule that you want to query. Valid values:'."\n" - ."\n" - .'* **whitelist:** whitelist rule.'."\n" - .'* **defense:** defense rule. This is the default value.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'whitelist', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-l*****', 'title' => ''], ], [ - 'name' => 'Query', + 'name' => 'IsRequired', 'in' => 'query', - 'schema' => [ - 'description' => 'The query conditions. Specify a string that contains multiple parameters in the JSON format.'."\n" - ."\n" - .'> The results vary based on the query conditions. For more information, see the "**Query parameters**" section in this topic.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '{\\\\"name\\\\":\\\\"IP address blocking\\_20220822\\_10\\\\",\\\\"scene\\\\":\\\\"custom_acl\\\\",\\\\"templateId\\\\":5327}'."\n", - ], + 'allowEmptyValue' => true, + 'schema' => ['description' => 'Specifies whether to query for required log fields.'."\n" + ."\n" + .'- **true**: Queries for required log fields.'."\n" + ."\n" + .'- **false**: Queries for non-required log fields.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'IsDefault', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'Specifies whether to query for default log fields.'."\n" + ."\n" + .'- **true**: Queries for default log fields.'."\n" + ."\n" + .'- **false**: Queries for non-default log fields.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'LogKeyList', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int32', + 'type' => 'array', + 'items' => ['description' => 'The log field to query.', 'type' => 'string', 'required' => false, 'example' => 'final_action', 'title' => ''], + 'description' => 'The list of log fields to query.', 'required' => false, - 'example' => '10', - 'default' => '20', - ], - ], - [ - 'name' => 'DefenseType', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'template', - 'enum' => [ - 'template', - 'resource', - 'global', - ], + 'title' => '', + 'example' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2sxgs*****', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of returned entries.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '80736FA5-FA87-55F6-AA69-C5477C6FE6D0', - ], - 'Rules' => [ - 'description' => 'The protection rules.'."\n", + 'TotalCount' => ['description' => 'The total number of log fields returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'AB0775EB-2594-598A-97E1-51B1*******', 'title' => ''], + 'LogFieldList' => [ 'type' => 'array', 'items' => [ - 'description' => 'The protection rule.'."\n", 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => 'The status of the protection rule. Valid values:'."\n" - ."\n" - .'* **0:** disabled.'."\n" - .'* **1:** enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'DefenseOrigin' => [ - 'description' => 'The origin of the protection rule. Valid values:'."\n" - ."\n" - .'* **custom:** The protection rule is created by the user.'."\n" - .'* **system:** The protection rule is automatically generated by the system.'."\n", - 'type' => 'string', - 'example' => 'custom', - ], - 'Config' => [ - 'description' => 'The details of the protection rule. The value is a string that contains multiple parameters in the JSON format. For more information, see the "**Rule parameters**" section in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'example' => '{\\"policyId\\":1012,\\"action\\":\\"block\\"}', - ], - 'RuleId' => [ - 'description' => 'The ID of the protection rule.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '42755', - ], - 'DefenseScene' => [ - 'description' => 'The protection module for which the protection rule is created. Valid values:'."\n" - ."\n" - .'* **waf_group**: the basic protection rule module.'."\n" - .'* **waf_base_compliance**: the protocol compliance feature of the basic protection rule module.'."\n" - .'* **waf_base_sema**: the semantic analysis feature of the basic protection rule module.'."\n" - .'* **cc**: the HTTP flood protection module.'."\n" - .'* **antiscan_dirscan**: the directory traversal blocking feature of the scan protection module.'."\n" - .'* **antiscan_highfreq**: the high-frequency scanning blocking feature of the scan protection module.'."\n" - .'* **antiscan_scantools**: the scanner blocking feature of the scan protection module.'."\n" - .'* **ip_blacklist**: the IP address blacklist module.'."\n" - .'* **custom_acl**: the custom rule module.'."\n" - .'* **region_block**: the region blacklist module.'."\n" - .'* **tamperproof**: the website tamper-proofing module.'."\n" - .'* **dlp**: the data leakage prevention module.'."\n" - .'* **custom_response_block**: the custom response module.'."\n", - 'type' => 'string', - 'example' => 'waf_group', - ], - 'GmtModified' => [ - 'description' => 'The most recent time when the protection rule was modified.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665460629000', - ], - 'RuleName' => [ - 'description' => 'The name of the protection rule.'."\n", - 'type' => 'string', - 'example' => 'rules_41', - ], - 'TemplateId' => [ - 'description' => 'The ID of the protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '5673', - ], - 'GmtCreate' => [ - 'type' => 'integer', - 'format' => 'int64', - 'deprecated' => false, - ], - 'Resource' => [ - 'type' => 'string', - ], - 'DefenseType' => [ - 'type' => 'string', - ], - 'Description' => [ - 'type' => 'string', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - 'example' => 'test', - ], - 'RuleType' => [ - 'type' => 'string', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - 'example' => 'test', - ], - 'ActionExternal' => [ - 'type' => 'string', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - 'example' => '{"empty":"test"}', - ], - 'DetailRuleIds' => [ - 'type' => 'string', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - 'example' => '123,456', - ], - 'ExternalInfo' => [ - 'type' => 'string', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - 'example' => 'empty', - ], + 'Status' => ['description' => 'The status of the log field. Valid values:'."\n" + ."\n" + .'- **0**: offline.'."\n" + ."\n" + .'- **1**: online or in use.'."\n" + ."\n" + .'- **2**: about to be unpublished.'."\n" + ."\n" + .'- **3**: about to be published.', 'type' => 'boolean', 'example' => '1', 'title' => ''], + 'IsDefault' => ['description' => 'Indicates whether the log field is a default field.'."\n" + ."\n" + .'- **true**: The log field is a default field.'."\n" + ."\n" + .'- **false**: The log field is not a default field.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'IsRequired' => ['description' => 'Indicates whether the log field is required.'."\n" + ."\n" + .'- **true**: The log field is required.'."\n" + ."\n" + .'- **false**: The log field is not required.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'LogKey' => ['description' => 'The name of the log field.'."\n" + ."\n" + .'> For more information about the log fields, see [**Log field descriptions**](https://help.aliyun.com/zh/waf/web-application-firewall-3-0/user-guide/fields-in-logs?spm=openapi-amp.newDocPublishment.0.0.ccef281fNAb0XR).', 'type' => 'string', 'example' => 'final_action', 'title' => ''], ], + 'description' => 'The information about a log field.', + 'title' => '', + 'example' => '', ], + 'description' => 'The list of log fields returned.', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 2,\\n \\"RequestId\\": \\"80736FA5-FA87-55F6-AA69-C5477C6FE6D0\\",\\n \\"Rules\\": [\\n {\\n \\"Status\\": 1,\\n \\"DefenseOrigin\\": \\"custom\\",\\n \\"Config\\": \\"{\\\\\\\\\\\\\\"policyId\\\\\\\\\\\\\\":1012,\\\\\\\\\\\\\\"action\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"block\\\\\\\\\\\\\\"}\\",\\n \\"RuleId\\": 42755,\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665460629000,\\n \\"RuleName\\": \\"rules_41\\",\\n \\"TemplateId\\": 5673,\\n \\"GmtCreate\\": 1665460629000,\\n \\"Resource\\": \\"rencs***-waf\\",\\n \\"DefenseType\\": \\"template\\",\\n \\"Description\\": \\"rule description\\",\\n \\"RuleType\\": \\"custom_cc\\",\\n \\"ActionExternal\\": \\"42755\\",\\n \\"DetailRuleIds\\": \\"42755\\",\\n \\"ExternalInfo\\": \\"{\\\\\\\\\\\\\\"DetectType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"sqli\\\\\\\\\\\\\\"}\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeDefenseRules', - 'requestParamsDescription' => '### Query'."\n" - ."\n" - .'#### Parameters'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|name|String|No|test|The name of the protection rule that you want to query. You can specify this parameter to query a protection rule by using exact match.|'."\n" - .'|nameId|String|No|test1|The ID or name of the protection rule that you want to query. You can specify this parameter to query a protection rule by using fuzzy match.|'."\n" - .'|nameLike|String|No|test.aliyundoc.c|The name of the protection rule that you want to query. You can specify this parameter to query a protection rule by using fuzzy match.|'."\n" - .'|scene|String|No|waf\\_group|The protection module whose protection rules you want to query. You can specify this parameter to query the protection rules of a specific protection module by using exact match. Valid values:\\- **waf\\_group**: the rules engine of the basic protection rule module.\\- **waf\\_base\\_compliance**: the protocol compliance feature of the basic protection rule module.\\- **waf\\_base\\_sema**: the semantic analysis feature of the basic protection rule module.\\- **cc**: the HTTP flood protection module.\\- **antiscan\\_dirscan**: the directory traversal blocking feature of the scan protection module.\\- **antiscan\\_highfreq**: the high-frequency scanning blocking feature of the scan protection module.\\- **antiscan\\_scantools**: the scanner blocking feature of the scan protection module.\\- **ip\\_blacklist**: the IP address blacklist module.\\- **custom\\_acl**: the custom rule module.\\- **region\\_block**: the region blacklist module.\\- **tamperproof**: the website tamper-proofing module.\\- **dlp**: the data leakage prevention module.\\- **custom\\_response\\_block**: the custom response module.|'."\n" - .'|ruleId|Long|No|33444|The ID of the protection rule that you want to query. You can specify this parameter to query a protection rule by using exact match.|'."\n" - .'|ruleIdIn|Array|No|\\[3334455643,345555\\]|The ID range of the protection rules that you want to query. You can specify this parameter to query multiple protection rules. Multiple protection rule IDs are separated by commas (,).|'."\n" - .'|templateId|Long|No|24354|The ID of the protection template. You can specify this parameter to query the protection rules of a specific protection template.|'."\n" - .'|orderBy|String|No|name|The method that you want to use to sort protection rules. Valid values:\\- **name**: sorts the protection rules by protection rule name.\\- **gmtModified**: sorts the protection rules by most recent modification time.\\- **id**: sorts the protection rules by protection rule ID.\\- **templateId**: sorts the protection rules by protection template ID.|'."\n" - .'|desc|Boolean|No|true|Specifies whether to sort protection rules in descending order. Valid values:\\- **false**: sorts the protection rules in ascending order.\\- **true**: sorts the protection rules in descending order.|'."\n" - ."\n" - .'#### Example'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "name": "test",'."\n" - .' "nameId ": "test1,'."\n" - .' "nameLike": "test.aliyundoc.c",'."\n" - .' "nameIn": "test.aliyundoc.c",'."\n" - .' "InstaneId": "test1.aliyundoc.com,test2.aliyundoc.com",'."\n" - .' "templateId": 24354'."\n" - .'}'."\n" - .'```', - ], - 'DescribeDefenseRule' => [ - 'summary' => 'Queries a protection rule.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeCommonLogFields', + 'summary' => 'Queries all log fields supported by Simple Log Service for Web Application Firewall (WAF).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCommonLogFields', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 6,\\n \\"RequestId\\": \\"AB0775EB-2594-598A-97E1-51B1*******\\",\\n \\"LogFieldList\\": [\\n {\\n \\"Status\\": true,\\n \\"IsDefault\\": true,\\n \\"IsRequired\\": true,\\n \\"LogKey\\": \\"final_action\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeCustomBaseRuleCompileResult' => [ + 'summary' => 'Describes the compilation result of a custom regular expression rule.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -15729,354 +11897,209 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106382', - 'abilityTreeNodes' => [ - 'FEATUREwaf9JXZCD', - ], - 'autoTest' => true, + 'abilityTreeCode' => '228452', + 'abilityTreeNodes' => ['FEATUREwaf1LM6V0'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule template to which the protection rule that you want to query belongs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '10318', - ], - ], - [ - 'name' => 'RuleId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule that you want to query.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '20026192', - ], - ], - [ - 'name' => 'DefenseType', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'template', - 'enum' => [ - 'global', - 'resource', - 'template', - ], - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The region of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Rule' => [ - 'description' => 'The configurations of the protection rule. The value is a JSON string that contains multiple parameters.'."\n", - 'type' => 'object', - 'properties' => [ - 'Status' => [ - 'description' => 'The status of the protection rule. Valid values:'."\n" - ."\n" - .'* **0:** disabled.'."\n" - .'* **1:** enabled.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'DefenseOrigin' => [ - 'description' => 'The origin of the protection rule. Valid values:'."\n" - ."\n" - .'* **custom:** The protection rule is created by the user.'."\n" - .'* **system:** The protection rule is automatically generated by the system.'."\n", - 'type' => 'string', - 'example' => 'custom', - ], - 'Config' => [ - 'description' => 'The details of the protection rule. The value is a JSON string that contains multiple parameters. For more information, see the "**Protection rule parameters**" section of the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'example' => '{\\"status\\":1,\\"policyId\\":1012,\\"action\\":\\"block\\"}', - ], - 'RuleId' => [ - 'description' => 'The ID of the protection rule.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2732975', - ], - 'DefenseScene' => [ - 'description' => 'The scenario in which the protection rule is used. For more information, see the description of **DefenseScene** in the [CreateDefenseRule](~~CreateDefenseRule~~) topic.'."\n", - 'type' => 'string', - 'example' => 'waf_group', - ], - 'GmtModified' => [ - 'description' => 'The most recent time when the protection rule was modified.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665196746000', - ], - 'RuleName' => [ - 'description' => 'The name of the protection rule.'."\n", - 'type' => 'string', - 'example' => 'test1', - ], - 'TemplateId' => [ - 'description' => 'The ID of the protection rule template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '9114', - ], - 'Resource' => [ - 'type' => 'string', - ], - 'DefenseType' => [ - 'type' => 'string', - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '58FDF266-3D56-5DE8-91E0-96A26BAB****', 'title' => ''], + 'Result' => ['description' => 'The compilation result. Valid values:'."\n" + ."\n" + .'- **success**: The rule is successfully compiled.'."\n" + ."\n" + .'- **compiling**: The rule is being compiled.'."\n" + ."\n" + .'- **failed**: The rule failed to be compiled.', 'type' => 'string', 'example' => 'success', 'title' => ''], ], + 'description' => 'The compilation result of the custom regular expression rule.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Rule\\": {\\n \\"Status\\": 1,\\n \\"DefenseOrigin\\": \\"custom\\",\\n \\"Config\\": \\"{\\\\\\\\\\\\\\"status\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"policyId\\\\\\\\\\\\\\":1012,\\\\\\\\\\\\\\"action\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"block\\\\\\\\\\\\\\"}\\",\\n \\"RuleId\\": 2732975,\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665196746000,\\n \\"RuleName\\": \\"test1\\",\\n \\"TemplateId\\": 9114,\\n \\"Resource\\": \\"rencs***-waf\\",\\n \\"DefenseType\\": \\"template\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeDefenseRule', - ], - 'ModifyDefenseRuleCache' => [ - 'summary' => 'Updates the cached page of a website that is protected based on a website tamper-proofing rule.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeCustomBaseRuleCompileResult', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCustomBaseRuleCompileResult', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"58FDF266-3D56-5DE8-91E0-96A26BAB****\\",\\n \\"Result\\": \\"success\\"\\n}","type":"json"}]', + ], + 'DescribeDDoSStatus' => [ + 'summary' => 'Queries whether the current WAF instance is under a DDoS attack.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '137716', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeCode' => '194498', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-zvp****xm2r', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection template.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '12345', - ], - ], - [ - 'name' => 'RuleId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protection rule.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '12345678', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'A0F2B994-8645-5270-A05D-9DAD8C****B6', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''], + 'DDoSStatus' => [ + 'description' => 'The current DDoS status.', + 'type' => 'array', + 'items' => [ + 'description' => 'The current DDoS status.', + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The DDoS status. Valid values:'."\n" + .'- **doing**: under DDoS attack.', 'type' => 'string', 'example' => 'doing', 'title' => ''], + 'EventType' => ['description' => 'The event type. Valid values:'."\n" + .'- defense: DDoS scrubbing events.'."\n" + .'- blackhole: DDoS blackhole filtering events.', 'type' => 'string', 'example' => 'blackhole', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"A0F2B994-8645-5270-A05D-9DAD8C35****\\"\\n}","type":"json"}]', - 'title' => 'ModifyDefenseRuleCache', - ], - 'DeleteDefenseRuleBlockIp' => [ - 'summary' => '更新防护规则封禁Ip', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query current DDoS attack status', + 'changeSet' => [ + ['createdAt' => '2024-08-15T06:51:16.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDDoSStatus'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDDoSStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"DDoSStatus\\": [\\n {\\n \\"Status\\": \\"doing\\",\\n \\"EventType\\": \\"blackhole\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefaultHttps' => [ + 'summary' => 'Queries the default SSL/TLS settings.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '203840', - 'abilityTreeNodes' => [ - 'FEATUREwafAFURH8', - ], + 'abilityTreeCode' => '226995', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-9lb37yxse05', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '4057', - ], - ], - [ - 'name' => 'RuleId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '36998', - ], + 'schema' => ['title' => '', 'description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****'], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -16084,26 +12107,68 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], + 'DefaultHttps' => [ + 'description' => 'The default SSL/TLS settings.', + 'type' => 'object', + 'properties' => [ + 'CustomCiphers' => ['description' => 'The custom cipher suites.', 'type' => 'string', 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', 'title' => ''], + 'TLSVersion' => ['description' => 'The TLS version. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1', 'title' => ''], + 'CertId' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of the cipher suite. Valid values:'."\n" + ."\n" + .'- **1**: All cipher suites are added.'."\n" + ."\n" + .'- **2**: Strong cipher suites are added.'."\n" + ."\n" + .'- **99**: Custom cipher suites are added.', 'type' => 'string', 'example' => '1', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\"\\n}","type":"json"}]', - ], - 'DescribeRelatedDefenseRules' => [ - 'summary' => '分页查询关联规则', - 'methods' => [ - 'get', - 'post', + 'title' => 'Query default SSL/TLS settings', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefaultHttps', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"DefaultHttps\\": {\\n \\"CustomCiphers\\": \\"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384\\",\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"CertId\\": \\"123-cn-hangzhou\\",\\n \\"CipherSuite\\": \\"1\\",\\n \\"EnableTLSv3\\": true\\n }\\n}","type":"json"}]', + ], + 'DescribeDefenseGroupValidResources' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -16114,103 +12179,51 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwaf4TDPM4', - ], + 'abilityTreeNodes' => ['FEATUREwafHQWDCC'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zxu****jc01', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '12345678', - ], + 'schema' => ['description' => 'The name of the protected object that you want to use as a filter for the query results.', 'type' => 'string', 'required' => false, 'example' => 'example.aliyun-waf', 'title' => ''], ], [ - 'name' => 'DefenseType', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'global', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'NextToken', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'caeba0bbb2be03f84eb48b699f0*****', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'MaxResults', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '100', - 'minimum' => '1', - 'example' => '20', - 'default' => '20', - ], + 'schema' => ['description' => 'The name of the defense group to query.'."\n" + ."\n" + .'> Leave this parameter empty to query for protected objects that can be associated with a new defense group.', 'type' => 'string', 'required' => false, 'example' => 'group221', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'DefenseScene', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'enumValueTitles' => [ - 'address_book' => 'address_book', - ], - 'example' => 'address_book', - 'enum' => [ - 'custom_response', - 'address_book', - ], - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2lrm****6pnq', 'title' => ''], ], ], 'responses' => [ @@ -16219,300 +12232,209 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', - ], - 'Rules' => [ - 'description' => '', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'A57BA089-3B28-5C82-8331-7B94****4978', 'title' => ''], + 'Resources' => [ 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RuleId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2456789', - ], - 'TemplateId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '81501', - ], - 'DefenseScene' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'custom_acl', - ], - 'DefenseType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'template', - ], - 'RuleName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ruleTest', - ], - ], - ], - ], - 'NextToken' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], - 'MaxResults' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '20', + 'items' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'example.aliyun-waf'."\n", 'title' => ''], + 'description' => 'The names of the protected objects.', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 2456789,\\n \\"TemplateId\\": 81501,\\n \\"DefenseScene\\": \\"custom_acl\\",\\n \\"DefenseType\\": \\"template\\",\\n \\"RuleName\\": \\"ruleTest\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', - ], - 'DescribeIpAbroadCountryInfos' => [ - 'summary' => '获取支持的海外IP区域封禁支持的国际及地域。', - 'path' => '/', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeDefenseGroupValidResources', + 'summary' => 'Queries a paginated list of protected objects that can be associated with a defense group.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseGroupValidResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 12,\\n \\"RequestId\\": \\"A57BA089-3B28-5C82-8331-7B94****4978\\",\\n \\"Resources\\": [\\n \\"example.aliyun-waf\\\\n\\"\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefenseResource' => [ + 'summary' => 'Query a single protected object.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'read', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafBWO4L0', - ], + 'abilityTreeCode' => '106335', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => '参数说明的原文未提供'."\n", - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xl*******005', - ], - ], - [ - 'name' => 'Country', - 'in' => 'query', - 'schema' => [ - 'title' => '出境国家。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'US', - ], - ], - [ - 'name' => 'AbroadRegion', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'US-CA', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) API operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => false, 'example' => 'waf_v3prepaid_public_cn-4xl****i60i', 'title' => ''], ], [ - 'name' => 'NextToken', - 'in' => 'query', - 'schema' => [ - 'title' => '下一个查询开始Token', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'caeba0bbb2be03f84eb48b699f0*****', - ], - ], - [ - 'name' => 'MaxResults', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '分页查询时每页行数。最大值为100。默认值:当不设置值或设置的值小于10时,默认值为10。当设置的值大于100时,默认值为100。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '500', - 'minimum' => '1', - 'example' => '20', - 'default' => '20', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'Language', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'title' => '请求使用的语言。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'en', - 'default' => 'en', - ], + 'schema' => ['title' => '', 'description' => 'The name of the protected object to query. You can set this parameter to precisely query a protected object that has been added to WAF.', 'type' => 'string', 'required' => true, 'example' => 'example.aliyundoc.com-waf '], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzwwk****cv5i', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'description' => '查询成功', 'schema' => [ - 'title' => '响应体结构'."\n", - 'description' => '', + 'description' => 'The response structure.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => '请求ID'."\n", - 'description' => '', - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', - ], - 'TotalCount' => [ - 'title' => '返回结果的总数。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '2', - ], - 'AbroadInfos' => [ - 'title' => '海外国家信息列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Country' => [ - 'title' => '国家ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'US', - ], - 'CountryName' => [ - 'title' => '国家名。', - 'description' => '', - 'type' => 'string', - 'example' => '美国', - ], - 'Regions' => [ - 'title' => '二级区域信息列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '二级区域信息。', - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'AbroadRegionId' => [ - 'title' => '二级区域ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'US-CA', - ], - 'AbroadRegionName' => [ - 'title' => '二级区域名称。', - 'description' => '', - 'type' => 'string', - 'example' => '加利福尼亚州', - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '439AADF2-368C-5E98-B14E-3086****0573', 'title' => ''], + 'Resource' => [ + 'description' => 'The information about the protected object.', + 'type' => 'object', + 'properties' => [ + 'GmtCreate' => ['description' => 'The time when the protected object was created. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1607493144000', 'title' => ''], + 'GmtModified' => ['description' => 'The time when the protected object was modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1691720010000', 'title' => ''], + 'Product' => ['description' => 'The name of the cloud service.', 'type' => 'string', 'example' => 'alb', 'title' => ''], + 'Resource' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'alb-rencs***'."\n", 'title' => ''], + 'ResourceGroup' => ['description' => 'The name of the protected object group to which the protected object is added.', 'type' => 'string', 'example' => 'example_resource_group', 'title' => ''], + 'Detail' => ['description' => 'The detailed description of the protected object. Different key-value pairs in the Map represent different attributes of the protected object.', 'type' => 'object', 'example' => '{'."\n" + .'"product": "waf",'."\n" + .' "domain": "demo.aliyundoc****.com"'."\n" + .'}', 'title' => ''], + 'Pattern' => ['description' => 'The protection form of the protected object.', 'type' => 'string', 'example' => 'domain', 'title' => ''], + 'XffStatus' => ['description' => 'Indicates whether a Layer 7 proxy (Anti-DDoS/CDN, etc.) is deployed in front of WAF. Valid values:'."\n" + ."\n" + .'- **0**: not enabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'CustomHeaders' => [ + 'description' => 'The list of specified header fields.'."\n" + .'> When XffStatus is set to 1, the first IP address in the specified header field is used as the client source IP address to prevent XFF forgery. If multiple header fields are specified, they are tried in order to obtain the source IP address. If the source IP address cannot be obtained from the first header field, the second header field is tried, and so on. If the source IP address cannot be obtained from any of the specified header fields, the first IP address in X-Forwarded-For is used. When XffStatus is set to 1, it indicates that the source IP address is obtained from the first header field.', + 'type' => 'array', + 'items' => ['description' => 'The specified header field.', 'type' => 'string', 'example' => 'x-forwarded-for', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'ResourceOrigin' => ['description' => 'The origin of the protected object. Valid values:'."\n" + ."\n" + .'- **custom**: the protected object created from Access Management.'."\n" + ."\n" + .'- **access**: the protected object created by the user.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'Description' => ['description' => 'The description.', 'type' => 'string', 'example' => 'This is Description', 'title' => ''], + 'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfmoiy****p2oq', 'title' => ''], + 'AcwCookieStatus' => ['description' => 'The status of the tracking cookie. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'AcwSecureStatus' => ['description' => 'The status of the secure attribute of the tracking cookie. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'AcwV3SecureStatus' => ['description' => 'The status of the secure attribute of the slider cookie. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'OwnerUserId' => ['description' => 'The UID of the owner of the protected object.', 'type' => 'string', 'example' => '170457******9107', 'title' => ''], + 'ResponseHeaders' => [ + 'description' => 'The response header parameters.', + 'type' => 'array', + 'items' => [ + 'description' => 'The response header parameter.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The key of the specified custom response header.', 'type' => 'string', 'example' => 'Header-Key'."\n", 'title' => ''], + 'Value' => ['description' => 'The value of the specified custom response header.', 'type' => 'string', 'example' => 'Header-Value'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], - 'Continent' => [ - 'title' => '国家所属大区。', - 'description' => '', - 'type' => 'string', - 'example' => '北美洲', - ], + 'title' => '', + 'example' => '', ], + 'InstanceId' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'example' => 'waf_v2_public_cn-wwo****', 'title' => ''], + 'ResourceStatus' => ['description' => 'The status of the protected object. Valid values:'."\n" + ."\n" + .'- **initializing**: default protection is being initialized.'."\n" + ."\n" + .'- **active**: running normally.'."\n" + ."\n" + .'- **init_failed**: default protection initialization failed.', 'type' => 'string', 'example' => 'active', 'title' => ''], ], - ], - 'NextToken' => [ - 'title' => '下一个查询开始Token', - 'description' => '', - 'type' => 'string', - 'example' => 'caeba0bbb2be03f84eb48b699f0*****', - ], - 'MaxResults' => [ - 'title' => '分页查询时每页行数。最大值为100。默认值:当不设置值或设置的值小于10时,默认值为10。当设置的值大于100时,默认值为100。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '20', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'Query a single protected object', + 'changeSet' => [ + ['createdAt' => '2025-02-24T08:09:13.000Z', 'description' => 'Response parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"TotalCount\\": 2,\\n \\"AbroadInfos\\": [\\n {\\n \\"Country\\": \\"US\\",\\n \\"CountryName\\": \\"United States\\",\\n \\"Regions\\": [\\n {\\n \\"AbroadRegionId\\": \\"US-CA\\",\\n \\"AbroadRegionName\\": \\"California\\"\\n }\\n ],\\n \\"Continent\\": \\"North America\\"\\n }\\n ],\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', - ], - 'DescribeRuleGroups' => [ - 'summary' => 'Queries regular expression rule groups by page.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResource'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"439AADF2-368C-5E98-B14E-3086****0573\\",\\n \\"Resource\\": {\\n \\"GmtCreate\\": 1607493144000,\\n \\"GmtModified\\": 1691720010000,\\n \\"Product\\": \\"alb\\",\\n \\"Resource\\": \\"alb-rencs***\\\\n\\",\\n \\"ResourceGroup\\": \\"example_resource_group\\",\\n \\"Detail\\": {\\n \\"product\\": \\"waf\\",\\n \\"domain\\": \\"demo.aliyundoc****.com\\"\\n },\\n \\"Pattern\\": \\"domain\\",\\n \\"XffStatus\\": 0,\\n \\"CustomHeaders\\": [\\n \\"x-forwarded-for\\"\\n ],\\n \\"ResourceOrigin\\": \\"custom\\",\\n \\"Description\\": \\"This is Description\\",\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmoiy****p2oq\\",\\n \\"AcwCookieStatus\\": 0,\\n \\"AcwSecureStatus\\": 0,\\n \\"AcwV3SecureStatus\\": 0,\\n \\"OwnerUserId\\": \\"170457******9107\\",\\n \\"ResponseHeaders\\": [\\n {\\n \\"Key\\": \\"Header-Key\\\\n\\",\\n \\"Value\\": \\"Header-Value\\\\n\\"\\n }\\n ],\\n \\"InstanceId\\": \\"waf_v2_public_cn-wwo****\\",\\n \\"ResourceStatus\\": \\"active\\"\\n }\\n}","type":"json"}]', + ], + 'DescribeDefenseResourceGroup' => [ + 'summary' => 'Retrieves the details of a protected object group.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -16523,304 +12445,198 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwaf10VDFG', - ], + 'abilityTreeNodes' => ['FEATUREwafHQWDCC'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'SearchType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the query condition. Valid values:'."\n" - ."\n" - .'* **id:** queries regular expression rule groups by ID.'."\n" - .'* **name:** queries regular expression rule groups by name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'name', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'SearchValue', - 'in' => 'query', - 'schema' => [ - 'description' => 'The query condition.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test', - ], - ], - [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of the page to return. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], - ], - [ - 'name' => 'PageSize', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries to return on each page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '20', - ], + 'schema' => ['description' => 'The name of the protected object group that you want to query.', 'type' => 'string', 'required' => true, 'example' => 'group221', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. The following fields are configured:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries that are returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '24', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '02E9A4B8-90FB-5F41-A049-C82277EB82FB', - ], - 'RuleGroups' => [ - 'description' => 'An array of regular expression rule groups.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The regular expression rule group.'."\n", - 'type' => 'object', - 'properties' => [ - 'RuleGroupId' => [ - 'description' => 'The ID of the regular expression rule group.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '115361', - ], - 'RuleTotalCount' => [ - 'description' => 'The number of built-in rules in the rule group.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '4444', - ], - 'RuleGroupName' => [ - 'description' => 'The name of the rule group.'."\n", - 'type' => 'string', - 'example' => 'ssssss', - ], - 'IsSubscribe' => [ - 'description' => 'Indicates whether the automatic update feature is enabled for the rule group.'."\n" - ."\n" - .'* 1: The automatic update feature is enabled for the rule group.'."\n" - .'* 2: The automatic update feature is disabled for the rule group.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'GmtModified' => [ - 'description' => 'The most recent time when the rule group was modified.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1664336364000', - ], - 'ParentRuleGroupId' => [ - 'description' => 'The ID of the rule group.'."\n" - ."\n" - .'* 0: The rule group is created from scratch.'."\n" - .'* 1011: The rule group is a strict rule group.'."\n" - .'* 1012: The rule group is a medium rule group.'."\n" - .'* 1013: The rue group is a loose rule group.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1012', - ], - ], + 'Group' => [ + 'description' => 'The information about the protected object group.', + 'type' => 'object', + 'properties' => [ + 'GroupName' => ['description' => 'The name of the protected object group that you want to query.', 'type' => 'string', 'example' => 'group1', 'title' => ''], + 'GmtCreate' => ['description' => 'The timestamp when the protected object group was created.', 'type' => 'integer', 'format' => 'int64', 'example' => '23242312312', 'title' => ''], + 'ResourceList' => ['description' => 'All the protected objects that are added to the protected object group. Separate the protected objects with commas (,).', 'type' => 'string', 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com', 'title' => ''], + 'Description' => ['description' => 'The description of the protected object group.', 'type' => 'string', 'example' => 'test', 'title' => ''], + 'GmtModified' => ['description' => 'The timestamp when the protected object group was modified.', 'type' => 'integer', 'format' => 'int64', 'example' => '23242312312', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'E67D21C6-5376-5F94-B745-70E08D03E3CB', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 24,\\n \\"RequestId\\": \\"02E9A4B8-90FB-5F41-A049-C82277EB82FB\\",\\n \\"RuleGroups\\": [\\n {\\n \\"RuleGroupId\\": 115361,\\n \\"RuleTotalCount\\": 4444,\\n \\"RuleGroupName\\": \\"ssssss\\",\\n \\"IsSubscribe\\": 1,\\n \\"GmtModified\\": 1664336364000,\\n \\"ParentRuleGroupId\\": 1012\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeRuleGroups', - ], - 'ModifyDefenseSceneConfig' => [ - 'summary' => '修改用户防护场景的配置', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeDefenseResourceGroup', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroup'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Group\\": {\\n \\"GroupName\\": \\"group1\\",\\n \\"GmtCreate\\": 23242312312,\\n \\"ResourceList\\": \\"test1.aliyundoc.com,test2.aliyundoc.com\\",\\n \\"Description\\": \\"test\\",\\n \\"GmtModified\\": 23242312312\\n },\\n \\"RequestId\\": \\"E67D21C6-5376-5F94-B745-70E08D03E3CB\\"\\n}","type":"json"}]', + ], + 'DescribeDefenseResourceGroupNames' => [ + 'summary' => 'Queries the names of protected object groups.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '255326', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeNodes' => ['FEATUREwafHQWDCC'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例的ID。'."\n" - ."\n" - .'> 您可以调用[DescribeInstance](~~433756~~)查询当前WAF实例的ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-lbj****cc03', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'GroupNameLike', 'in' => 'query', 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', + 'description' => 'The name of the protected object group that you want to query. Fuzzy query is supported.', + 'enumValueTitles' => [], 'type' => 'string', 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'example' => 'example-group', + 'title' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The page number of the paginated results. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'DefenseScene', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'title' => '待修改防护配置的防护场景。取值:'."\n" - ."\n" - .'- **apisec**:表示API安全。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'apisec', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **20**, which indicates 20 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'ConfigKey', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => '待修改配置项的配置名称。'."\n" - .'当防护场景 **DefenseScene** 为 **apisec** 时,取值:'."\n" - .'- **autoEnableStatus**:表示新增防护资源是否自动开启API安全核心检测。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'autoEnableStatus', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ConfigValue', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '待修改配置项的取值。'."\n" - .'当配置项 **ConfigKey** 为 **autoEnableStatus** 时,取值为"true"、"false"。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'true', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwk****cv5i', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => '', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => '本次请求的ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '8', 'title' => ''], + 'GroupNames' => [ + 'description' => 'The names of the protected object groups.', + 'type' => 'array', + 'items' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'example-group-name', 'title' => ''], + 'title' => '', + 'example' => '', ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '59DA4258-2F32-5095-B283-57AC****70B3', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', - ], - 'DescribeDefenseSceneConfig' => [ - 'summary' => '查询用户防护场景的配置', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeDefenseResourceGroupNames', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroupNames'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceGroupNames', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 8,\\n \\"GroupNames\\": [\\n \\"example-group-name\\"\\n ],\\n \\"RequestId\\": \\"59DA4258-2F32-5095-B283-57AC****70B3\\"\\n}","type":"json"}]', + ], + 'DescribeDefenseResourceGroups' => [ + 'summary' => 'Retrieves information about protected object groups using pagination.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -16828,112 +12644,114 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '255326', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeNodes' => ['FEATUREwafHQWDCC'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例ID。'."\n" - ."\n" - .'> 您可以通过调用[DescribeInstance](~~433756~~)接口查看当前WAF实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqtm005', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo36****0i', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmxc7lf****eq', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'GroupNameLike', 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The name of the protected object group that you want to query. Fuzzy query is supported.', 'type' => 'string', 'required' => false, 'example' => 'demoGroupName', 'title' => ''], ], [ - 'name' => 'DefenseScene', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'title' => '待查询防护配置的防护场景。更多信息,请参见[ModifyDefenseRule](~~ModifyDefenseRule~~)的 ** DefenseScene** 参数。'."\n" - ."\n", - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'apisec', - ], + 'schema' => ['description' => 'The page number. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'ConfigKey', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'title' => '待查询配置项的配置名称。更多信息,请参见[ModifyDefenseRule](~~ModifyDefenseRule~~)的 ** ConfigName** 参数。'."\n", - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'autoEnableStatus', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **20**, which indicates 20 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''], + ], + [ + 'name' => 'GroupNames', + 'in' => 'query', + 'schema' => ['description' => 'The names of the protected object groups that you want to query. Separate multiple names with commas (,).', 'type' => 'string', 'required' => false, 'example' => 'groupName1,groupName2', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => '', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => '本次请求的ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'ConfigValue' => [ - 'title' => '查询配置项对应的取值。更多信息,请参见[ModifyDefenseRule](~~ModifyDefenseRule~~)的 ** ConfigValue** 参数。'."\n", - 'description' => '', - 'type' => 'string', - 'example' => 'true', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BFEC5C77-049B-5E88-A5B6-CB0C****B66E', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'Groups' => [ + 'description' => 'The list of protected object groups.', + 'type' => 'array', + 'items' => [ + 'description' => 'The protected object group.', + 'type' => 'object', + 'properties' => [ + 'Description' => ['description' => 'The description of the protected object group.', 'type' => 'string', 'example' => 'This is test description', 'title' => ''], + 'GmtCreate' => ['description' => 'The time when the protected object group was created. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1624343180000', 'title' => ''], + 'GmtModified' => ['description' => 'The most recent time when the protected object group was modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1701656305000', 'title' => ''], + 'GroupName' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'apptest', 'title' => ''], + 'ResourceList' => ['description' => 'The names of the protected objects that are added to the protected object group. Separate multiple protected objects with commas (,).', 'type' => 'string', 'example' => 'example02.aliyun-waf,example01.aliyun-waf', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"ConfigValue\\": \\"true\\"\\n}","type":"json"}]', - ], - 'DescribeDefenseRuleStatistics' => [ - 'summary' => '查询防护规则的统计信息', - 'methods' => [ - 'get', - 'post', + 'title' => 'DescribeDefenseResourceGroups', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroups'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BFEC5C77-049B-5E88-A5B6-CB0C****B66E\\",\\n \\"TotalCount\\": 10,\\n \\"Groups\\": [\\n {\\n \\"Description\\": \\"This is test description\\",\\n \\"GmtCreate\\": 1624343180000,\\n \\"GmtModified\\": 1701656305000,\\n \\"GroupName\\": \\"apptest\\",\\n \\"ResourceList\\": \\"example02.aliyun-waf,example01.aliyun-waf\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefenseResourceNames' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -16941,156 +12759,138 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '248038', - 'abilityTreeNodes' => [ - 'FEATUREwafVZXFDE', - 'FEATUREwafCU29M8', - 'FEATUREwafWUANSU', - ], + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-9lb****5s03', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzd4c****pdwy', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '239136', - ], + 'schema' => ['description' => 'The name of the protected object that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'example.xxxxaliyundoc.com', 'title' => ''], ], [ - 'name' => 'PrimaryKey', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'enumValueTitles' => [ - 'riskLevel' => '', - 'detectType' => '', - 'action' => '', - 'scene' => '', - 'status' => '', - ], - 'example' => 'scene', - 'enum' => [ - 'action', - 'scene', - 'status', - 'type', - 'riskLevel', - 'detectType', - ], - ], + 'schema' => ['description' => 'The page number of the paginated results. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'SecondaryKey', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'enumValueTitles' => [ - 'riskLevel' => '', - 'detectType' => '', - 'action' => '', - 'type' => '', - 'scene' => '', - 'status' => '', - ], - 'example' => 'action', - 'enum' => [ - 'action', - 'scene', - 'status', - 'riskLevel', - 'detectType', - ], - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **20**, which indicates 20 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'ThirdKey', + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'enumValueTitles' => [ - 'riskLevel' => '', - 'detectType' => '', - 'action' => '', - 'scene' => '', - 'status' => '', - ], - 'example' => 'status', - 'enum' => [ - 'action', - 'scene', - 'status', - 'riskLevel', - 'detectType', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '75', 'title' => ''], + 'Resources' => [ + 'description' => 'The names of the protected objects.', + 'type' => 'array', + 'items' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'example.aliyundoc.com-waf', 'title' => ''], + 'title' => '', + 'example' => '', + ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'DescribeDefenseResourceNames', + 'summary' => 'Performs a pagination query to retrieve the names of protected objects.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceNames'], + ], + ], + 'ramActions' => [ [ - 'name' => 'FourthKey', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'enumValueTitles' => [ - 'riskLevel' => '', - 'detectType' => '', - 'action' => '', - 'scene' => '', - 'status' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceNames', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], ], - 'example' => 'riskLevel', - 'enum' => [ - 'action', - 'scene', - 'status', - 'riskLevel', - 'detectType', + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"TotalCount\\": 75,\\n \\"Resources\\": [\\n \\"example.aliyundoc.com-waf\\"\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefenseResourceOwnerUid' => [ + 'summary' => 'Queries the asset owner account of protected objects in multi-account management scenarios.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '213063', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn********60f', 'title' => ''], + ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'ResourceNames', + 'in' => 'query', + 'schema' => ['description' => 'The protected objects to query. Separate multiple protected objects with commas (,). You can query a maximum of 100 protected objects at a time.', 'type' => 'string', 'required' => true, 'example' => 'a.com-waf,b.com-waf', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside tthe Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -17098,62 +12898,56 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'StatisticsInfos' => [ - 'description' => '', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7326952B-B83B-5B7C-84FA-77F3E17310A2', 'title' => ''], + 'OwnerInfos' => [ + 'description' => 'The owner account information of the protected objects.', 'type' => 'array', 'items' => [ - 'description' => '', 'type' => 'object', 'properties' => [ - 'PrimaryValue' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'sytem', - ], - 'SecondaryValue' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'block', - ], - 'ThirdValue' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1', - ], - 'FourthValue' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'action', - ], - 'Count' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '27', - ], + 'ResourceName' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'a.com-waf', 'title' => ''], + 'OwnerUserId' => ['description' => 'The owner account ID of the protected object.', 'type' => 'string', 'example' => '125************21', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"StatisticsInfos\\": [\\n {\\n \\"PrimaryValue\\": \\"sytem\\",\\n \\"SecondaryValue\\": \\"block\\",\\n \\"ThirdValue\\": \\"1\\",\\n \\"FourthValue\\": \\"action\\",\\n \\"Count\\": 27\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeBaseSystemRules' => [ - 'summary' => '查询基础防护系统规则集', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeDefenseResourceOwnerUid', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceOwnerUid', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7326952B-B83B-5B7C-84FA-77F3E17310A2\\",\\n \\"OwnerInfos\\": [\\n {\\n \\"ResourceName\\": \\"a.com-waf\\",\\n \\"OwnerUserId\\": \\"125************21\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefenseResourceTemplates' => [ + 'summary' => 'Queries the protection templates associated with a protected object or protected object group.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -17161,330 +12955,161 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '245621', - 'abilityTreeNodes' => [ - 'FEATUREwaf1LM6V0', - 'FEATUREwafOVI09M', - 'FEATUREwafF105ZO', - ], + 'abilityTreeCode' => '106375', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-9lb36****0e', 'title' => ''], ], [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], - ], - [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '100', - 'default' => '20', - ], - ], - [ - 'name' => 'RuleId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '113089', - ], - ], - [ - 'name' => 'RuleStatus', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], - ], - [ - 'name' => 'RuleAction', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'block', - ], + 'schema' => ['description' => 'The name of the protected object or protected object group, or the ID of the protected asset to query.', 'type' => 'string', 'required' => true, 'example' => 'mitsuichemicals.cn-waf', 'title' => ''], ], [ - 'name' => 'Lang', + 'name' => 'ResourceType', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The type of protected resource. Valid values:'."\n" + ."\n" + .'- **single** (default): A protected object.'."\n" + ."\n" + .'- **group**: A protected object group.'."\n" + ."\n" + .'- **asset**: A protected asset.', 'type' => 'string', 'required' => false, - 'example' => 'zh', + 'enum' => ['single', 'group', 'asset'], + 'example' => 'single', + 'title' => '', ], ], [ - 'name' => 'RegionId', + 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The type of protection rule. Valid values:'."\n" + ."\n" + .'- **defense** (default): A protection rule.'."\n" + ."\n" + .'- **whitelist**: A whitelist rule.', 'type' => 'string', 'required' => false, 'example' => 'whitelist', 'title' => ''], ], [ - 'name' => 'DetectType', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'sqli', - ], + 'schema' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '20111098', 'title' => ''], ], [ - 'name' => 'RiskLevel', + 'name' => 'RuleName', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'loose', - ], + 'schema' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'required' => false, 'example' => 'demoRuleName', 'title' => ''], ], [ - 'name' => 'RuleName', + 'name' => 'TemplateName', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'systemRuleTest', - ], + 'schema' => ['description' => 'The name of the protection template to query.', 'type' => 'string', 'required' => false, 'example' => 'test221', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '24354', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2ax2y5****pi', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => '', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '80736FA5-FA87-55F6-AA69-C5477C6FE6D0', - ], - 'Rules' => [ - 'description' => '', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2305CEB0-BA5A-5543-A1D3-3F1D08911B1C', 'title' => ''], + 'Templates' => [ + 'description' => 'The protection templates.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'The protection template.', 'type' => 'object', 'properties' => [ - 'RuleId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '113089', - ], - 'UpdateTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665460629000', - ], - 'RuleName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'systemRuleTest', - ], - 'RuleStatus' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Description' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rule description', - ], - 'RuleAction' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'block', - ], - 'CveId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'CVE-2021-34538', - ], - 'RiskLevel' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'super_strict', - ], - 'DetectType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'sqli', - ], + 'Description' => ['description' => 'The description of the template.', 'type' => 'string', 'example' => 'testTemplate', 'title' => ''], + 'TemplateOrigin' => ['description' => 'The origin of the protection template. The value custom indicates a user-created template.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'DefenseSubScene' => ['description' => 'The sub-scenario of the template. Valid values:'."\n" + ."\n" + .'- **web**: The bot management template for web protection.'."\n" + ."\n" + .'- **app**: The bot management template for app protection.'."\n" + ."\n" + .'- **basic**: The basic bot management template.', 'type' => 'string', 'example' => 'basic', 'title' => ''], + 'DefenseScene' => ['description' => 'The protection scenario. For more information, see the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'example' => 'whitelist', 'title' => ''], + 'GmtModified' => ['description' => 'The time when the protection template was created, in UNIX timestamp format. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1692930539000', 'title' => ''], + 'TemplateName' => ['description' => 'The name of the protection template.', 'type' => 'string', 'example' => 'antiscanTemplate', 'title' => ''], + 'TemplateType' => ['description' => 'The type of the template. Valid values:'."\n" + ."\n" + .'- **user\\_default**: The default template for the user.'."\n" + ."\n" + .'- **user\\_custom**: A custom template created by the user.', 'type' => 'string', 'example' => 'user_custom', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '34328', 'title' => ''], + 'TemplateStatus' => ['description' => 'The status of the protection template. Valid values:'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], ], + 'title' => '', + 'example' => '', ], - ], - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"80736FA5-FA87-55F6-AA69-C5477C6FE6D0\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 113089,\\n \\"UpdateTime\\": 1665460629000,\\n \\"RuleName\\": \\"systemRuleTest\\",\\n \\"RuleStatus\\": 1,\\n \\"Description\\": \\"rule description\\",\\n \\"RuleAction\\": \\"block\\",\\n \\"CveId\\": \\"CVE-2021-34538\\",\\n \\"RiskLevel\\": \\"super_strict\\",\\n \\"DetectType\\": \\"sqli\\"\\n }\\n ],\\n \\"TotalCount\\": 2\\n}","type":"json"}]', - ], - 'DescribeCustomBaseRuleCompileResult' => [ - 'summary' => '查询自定义正则规则编译结果', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ - [ - 'AK' => [], - ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2305CEB0-BA5A-5543-A1D3-3F1D08911B1C\\",\\n \\"Templates\\": [\\n {\\n \\"Description\\": \\"testTemplate\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"DefenseSubScene\\": \\"basic\\",\\n \\"DefenseScene\\": \\"whitelist\\",\\n \\"GmtModified\\": 1692930539000,\\n \\"TemplateName\\": \\"antiscanTemplate\\",\\n \\"TemplateType\\": \\"user_custom\\",\\n \\"TemplateId\\": 34328,\\n \\"TemplateStatus\\": 1\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'DescribeDefenseResourceTemplates', + 'changeSet' => [ + ['createdAt' => '2024-12-30T06:37:21.000Z', 'description' => 'Request parameters changed'], ], - 'operationType' => 'read', - 'systemTags' => [ - 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '228452', - 'abilityTreeNodes' => [ - 'FEATUREwaf1LM6V0', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceTemplates'], ], ], - 'parameters' => [ - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], + 'ramActions' => [ [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], - ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '58FDF266-3D56-5DE8-91E0-96A26BAB****', - ], - 'Result' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'success', - ], + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceTemplates', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"58FDF266-3D56-5DE8-91E0-96A26BAB****\\",\\n \\"Result\\": \\"success\\"\\n}","type":"json"}]', ], - 'DescribeBotRuleLabels' => [ - 'summary' => '分页获取Bot管理规则标签信息', - 'methods' => [ - 'get', - 'post', - ], - 'schemes' => [ - 'https', - ], + 'DescribeDefenseResources' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -17495,166 +13120,221 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106302', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '106336', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-53y4******', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => false, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'SubScene', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'app', - 'enum' => [ - 'web', - 'app', - ], - ], + 'schema' => ['description' => 'The page number to return when paging is used. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The number of entries per page when paging is used. Default value: **10**, which indicates that 10 entries are returned on each page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'Query', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The query conditions. The value is a JSON string.'."\n" + ."\n" + .'> The query results vary based on the query conditions. For more information, see **Query parameter description**.', 'type' => 'string', 'required' => false, 'example' => '{\\"product\\":\\"waf\\"}', 'title' => ''], ], [ - 'name' => 'LabelType', + 'name' => 'Tag', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => '', - 'type' => 'string', + 'description' => 'The list of resource tags. A maximum of 20 tags can be specified.', + 'type' => 'array', + 'items' => [ + 'description' => 'The resource tag, which consists of a tag key and a tag value.', + 'type' => 'object', + 'properties' => [ + 'Value' => ['description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1', 'title' => ''], + 'Key' => ['description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'Tagkey1', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], 'required' => false, - 'example' => 'human_machine_challenge', + 'maxItems' => 21, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'NextToken', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'MaxResults', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '200', - 'minimum' => '0', - 'exclusiveMinimum' => true, - 'example' => '20', - 'default' => '20', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response struct.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], - 'RuleLabels' => [ - 'description' => '', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '73', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '618F2626-DB27-5187-8C6C-4E61A491****', 'title' => ''], + 'Resources' => [ + 'description' => 'The list of protected objects.', 'type' => 'array', 'items' => [ + 'description' => 'The protected object information.', 'type' => 'object', 'properties' => [ - 'LabelKey' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'malicious_crawler_python', - ], - 'SubScene' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'Web,app', - ], - 'BotBehavior' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'malicious', + 'Pattern' => ['description' => 'The protection mode of the protected object.', 'type' => 'string', 'example' => 'domain', 'title' => ''], + 'Description' => ['description' => 'The description.', 'type' => 'string', 'example' => 'test', 'title' => ''], + 'XffStatus' => ['description' => 'Indicates whether XFF proxy is enabled for the protected object.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'GmtModified' => ['description' => 'The time when the protected object was last modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665633032000', 'title' => ''], + 'Resource' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'alb-rencs***', 'title' => ''], + 'AcwV3SecureStatus' => ['description' => 'The status of the secure attribute for the slider cookie.'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'Product' => ['description' => 'The name of the cloud service.', 'type' => 'string', 'example' => 'alb', 'title' => ''], + 'AcwCookieStatus' => ['description' => 'The status of the tracking cookie.'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'AcwSecureStatus' => ['description' => 'The status of the secure attribute for the tracking cookie.'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => ''], + 'GmtCreate' => ['description' => 'The time when the protected object was created. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652149203187', 'title' => ''], + 'OwnerUserId' => ['description' => 'The Alibaba Cloud account to which the protected object asset belongs in a multi-account management feature scenario.', 'type' => 'string', 'example' => '135*********46', 'title' => ''], + 'ResourceOrigin' => ['description' => 'The origin of the protected object.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'ResourceGroup' => ['description' => 'The name of the protection group to which the protected object is added.', 'type' => 'string', 'example' => 'test', 'title' => ''], + 'Detail' => ['description' => 'The detailed description of the protected object. Different key-value pairs in the map represent different attributes of the protected object.', 'type' => 'object', 'example' => '{"domain":"eou.eleme.cn","uri":"/"}', 'title' => ''], + 'CustomHeaders' => [ + 'description' => 'The custom XFF headers used to obtain the originating IP address of the client. If XFF is set to 1 and this field is empty, the first IP address in the XFF header is used as the originating IP address of the client.', + 'type' => 'array', + 'items' => ['description' => 'The custom header field information.', 'type' => 'string', 'example' => 'afbfbajf', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'LabelType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'human_machine_challenge', + 'ResponseHeaders' => [ + 'description' => 'The response header parameters.', + 'type' => 'array', + 'items' => [ + 'description' => 'The response header parameters.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The key of the custom response header.', 'type' => 'string', 'example' => 'Header-Key', 'title' => ''], + 'Value' => ['description' => 'The value of the custom response header.', 'type' => 'string', 'example' => 'Header-Value', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], + 'InstanceId' => ['description' => 'The instance ID of the WAF instance.', 'type' => 'string', 'example' => 'waf_v2_public_cn-k*****', 'title' => ''], + 'ResourceStatus' => ['description' => 'The status of the protected object. Valid values:'."\n" + ."\n" + .'- **initializing**: Default protection is being initialized.'."\n" + ."\n" + .'- **active**: Running normally.'."\n" + ."\n" + .'- **init_failed**: Default protection initialization failed.', 'type' => 'string', 'example' => 'active', 'title' => ''], ], + 'title' => '', + 'example' => '', ], - ], - 'NextToken' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], - 'MaxResults' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '20', - ], - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '8', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"RuleLabels\\": [\\n {\\n \\"LabelKey\\": \\"malicious_crawler_python\\",\\n \\"SubScene\\": \\"Web,app\\",\\n \\"BotBehavior\\": \\"malicious\\",\\n \\"LabelType\\": \\"human_machine_challenge\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20,\\n \\"TotalCount\\": 8\\n}","type":"json"}]', - ], - 'DescribeBotAppKey' => [ - 'summary' => '分页查询防护模板', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query protected objects by paging', + 'summary' => 'Queries protected objects by paging.', + 'requestParamsDescription' => '### Query parameter description'."\n" + .'##### Parameter description'."\n" + ."\n" + .'|Name|Type|Required|Example|Description|'."\n" + .'| ----------| ------------| ------------ | ---------- | -----------|'."\n" + .'|product | String|No|waf|The asset type. Valid values:<br> - **waf**: connected to WAF through CNAME or other methods.<br> - **alb**: connected through Application Load Balancer (ALB).<br> - **clb**: connected through Classic Load Balancer (CLB).<br> - **ecs**: connected through ECS.<br> - **mse**: connected through Microservices Engine (MSE).<br> - **fc**: connected through Function Compute (FC).|'."\n" + .'|resourceLike | String|No|example.aliyundoc.c|The name of the protected object. You can set this parameter to perform a fuzzy query on protected objects that are connected to WAF.'."\n" + .'|resource|String|No|example.aliyundoc.com-waf|The name of the protected object. You can set this parameter to perform an exact query on protected objects that are connected to WAF.'."\n" + .'|resourceIn|String|No|example1.aliyundoc.com,example2.aliyundoc.com|The names of multiple protected objects. You can set this parameter to query multiple protected objects that are connected to WAF. Separate multiple protected objects with commas (,).'."\n" + .'|instanceId|String|No|alb-nifa24****|The instance ID of the protected object. You can set this parameter to perform an exact query on the instance ID of a protected object that is connected to WAF.'."\n" + .'|domain|String|No|example.aliyundoc.com|The domain name of the protected object. You can set this parameter to perform an exact query on the domain name of a protected object that is connected to WAF.'."\n" + .'|resourceGroup|String|No|group1|The protection group to query.'."\n" + .'|inGroup|Boolean|No|true|Specifies whether the protected object has been added to the protection group.'."\n" + .'|ownerUserId|String|No|135********23|The ID of the Alibaba Cloud account to which the protected object belongs. You can set this parameter to perform an exact query on WAF protected objects that belong to a specific account in a multi-account scenario.'."\n" + .'|orderBy|String|No|resource|The sorting method for protected objects. Valid values:<br> - **resource**: sorted by protected object name.<br> - **gmtModified**: sorted by modification time.'."\n" + .'|desc|Boolean|No|true|The sorting order. Valid values:<br> - **false**: ascending order.<br> - **true**: descending order.'."\n" + ."\n" + .'##### Example'."\n" + .'``` json'."\n" + .'{'."\n" + .' "product ": "waf",'."\n" + .' "resource": "example.aliyundoc.com-waf",'."\n" + .' "domain": "example.aliyundoc.com",'."\n" + .' "resourceLike ": "example.aliyundoc.c",'."\n" + .' "InstaneId": "waf_cn****",'."\n" + .' "resourceIn": "example1.aliyundoc.com,example2.aliyundoc.com",'."\n" + .' "ownerUserId": "135**********41"'."\n" + .'}'."\n" + .'```.', + 'changeSet' => [ + ['createdAt' => '2025-02-24T08:09:13.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2024-09-02T03:44:32.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-03-21T12:30:17.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2023-08-24T09:07:44.000Z', 'description' => 'Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResources'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 73,\\n \\"RequestId\\": \\"618F2626-DB27-5187-8C6C-4E61A491****\\",\\n \\"Resources\\": [\\n {\\n \\"Pattern\\": \\"domain\\",\\n \\"Description\\": \\"test\\",\\n \\"XffStatus\\": 1,\\n \\"GmtModified\\": 1665633032000,\\n \\"Resource\\": \\"alb-rencs***\\",\\n \\"AcwV3SecureStatus\\": 0,\\n \\"Product\\": \\"alb\\",\\n \\"AcwCookieStatus\\": 1,\\n \\"AcwSecureStatus\\": 0,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfm***q\\",\\n \\"GmtCreate\\": 1652149203187,\\n \\"OwnerUserId\\": \\"135*********46\\",\\n \\"ResourceOrigin\\": \\"custom\\",\\n \\"ResourceGroup\\": \\"test\\",\\n \\"Detail\\": {\\n \\"domain\\": \\"eou.eleme.cn\\",\\n \\"uri\\": \\"/\\"\\n },\\n \\"CustomHeaders\\": [\\n \\"afbfbajf\\"\\n ],\\n \\"ResponseHeaders\\": [\\n {\\n \\"Key\\": \\"Header-Key\\",\\n \\"Value\\": \\"Header-Value\\"\\n }\\n ],\\n \\"InstanceId\\": \\"waf_v2_public_cn-k*****\\",\\n \\"ResourceStatus\\": \\"active\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefenseRule' => [ + 'summary' => 'Retrieves the details of a specified protection rule.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -17665,580 +13345,875 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVZXFDE', - ], + 'abilityTreeCode' => '106382', + 'abilityTreeNodes' => ['FEATUREwaf9JXZCD'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-5v23u******', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'KeyVersion', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the protection rule template.'."\n" + ."\n" + .'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '10318', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RuleId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20026192', 'title' => ''], + ], + [ + 'name' => 'DefenseType', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **template** (default): a protection rule template.'."\n" + ."\n" + .'- **resource**: a rule for a protected object.'."\n" + ."\n" + .'- **global**: a global rule.', + 'enumValueTitles' => ['template' => 'template', 'resource' => 'resource'], 'type' => 'string', + 'default' => 'template', + 'enum' => ['global', 'resource', 'template'], 'required' => false, - 'example' => 'rg-aek2uo27badl***', + 'example' => 'template', + 'title' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The protected object to which the protection rule applies.'."\n" + ."\n" + .'> This parameter is required only when **DefenseType** is set to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'rencs***-waf', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '0C4ADFD4-5B7D-591D-A607-A45C*****', - ], - 'AppKey' => [ - 'description' => 'AppKey。', - 'type' => 'string', - 'example' => 'N1Kiv3AGZm******', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Rule' => [ + 'description' => 'The details of the protection rule.', + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The status of the protection rule. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'DefenseOrigin' => ['description' => 'The origin of the protection rule. This parameter indicates whether the rule was created by the user or by the system. Valid values:'."\n" + ."\n" + .'- **custom**: a custom rule.'."\n" + ."\n" + .'- **system**: a system-generated rule.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'Config' => ['description' => 'The configuration of the protection rule, returned as a JSON string. For more information, see the **Protection rule parameters** section in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'example' => '{\\"status\\":1,\\"policyId\\":1012,\\"action\\":\\"block\\"}', 'title' => ''], + 'RuleId' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '2732975', 'title' => ''], + 'DefenseScene' => ['description' => 'The scenario to which the protection rule applies.'."\n" + ."\n" + .'If the **DefenseType** parameter is set to **template**, the valid values are:'."\n" + ."\n" + .'- **waf\\_group**: basic protection with regular expression rules.'."\n" + ."\n" + .'- **waf\\_base**: web core protection.'."\n" + ."\n" + .'- **waf\\_base\\_compliance**: basic protection with protocol compliance rules.'."\n" + ."\n" + .'- **waf\\_base\\_sema**: basic protection with semantic analysis rules.'."\n" + ."\n" + .'- **cc**: HTTP flood protection.'."\n" + ."\n" + .'- **antiscan\\_dirscan**: directory traversal blocking in scan protection.'."\n" + ."\n" + .'- **antiscan\\_highfreq**: high-frequency scan blocking in scan protection.'."\n" + ."\n" + .'- **antiscan\\_scantools**: scanning tool blocking in scan protection.'."\n" + ."\n" + .'- **ip\\_blacklist**: an IP address blacklist.'."\n" + ."\n" + .'- **custom\\_acl**: a custom rule.'."\n" + ."\n" + .'- **region\\_block**: a location blacklist.'."\n" + ."\n" + .'- **tamperproof**: webpage tamper protection.'."\n" + ."\n" + .'- **dlp**: data leakage prevention.'."\n" + ."\n" + .'- **custom\\_response\\_block**: a custom response.'."\n" + ."\n" + .'- **spike\\_throttle**: peak traffic throttling.'."\n" + ."\n" + .'If the **DefenseType** parameter is set to **resource**, the valid values are:'."\n" + ."\n" + .'- **account\\_identifier**: account identification.'."\n" + ."\n" + .'- **custom\\_response**: a custom response.'."\n" + ."\n" + .'- **waf\\_codec**: data decoding settings.'."\n" + ."\n" + .'If the **DefenseType** parameter is set to **global**, the valid values are:'."\n" + ."\n" + .'- **regular\\_custom**: a custom regular expression.'."\n" + ."\n" + .'- **address\\_book**: an IP address book.'."\n" + ."\n" + .'- **custom\\_response**: a custom response.', 'type' => 'string', 'example' => 'waf_group', 'title' => ''], + 'GmtModified' => ['description' => 'The time when the protection rule was modified. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665196746000', 'title' => ''], + 'RuleName' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'example' => 'test1', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection rule template.'."\n" + ."\n" + .'> This parameter is returned only if the **DefenseType** parameter is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'example' => '9114', 'title' => ''], + 'Resource' => ['description' => 'The protected object to which the protection rule applies.'."\n" + ."\n" + .'> This parameter is returned only if the **DefenseType** parameter is set to **resource**.', 'type' => 'string', 'example' => 'rencs***-waf', 'title' => ''], + 'DefenseType' => ['description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **template** (default): a protection rule template.'."\n" + ."\n" + .'- **resource**: a rule for a protected object.'."\n" + ."\n" + .'- **global**: a global rule.', 'type' => 'string', 'example' => 'template', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0C4ADFD4-5B7D-591D-A607-A45C*****\\",\\n \\"AppKey\\": \\"N1Kiv3AGZm******\\"\\n}","type":"json"}]', - ], - 'CreateMajorProtectionBlackIp' => [ - 'summary' => 'Creates an IP address blacklist for major event protection.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Rule\\": {\\n \\"Status\\": 1,\\n \\"DefenseOrigin\\": \\"custom\\",\\n \\"Config\\": \\"{\\\\\\\\\\\\\\"status\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"policyId\\\\\\\\\\\\\\":1012,\\\\\\\\\\\\\\"action\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"block\\\\\\\\\\\\\\"}\\",\\n \\"RuleId\\": 2732975,\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665196746000,\\n \\"RuleName\\": \\"test1\\",\\n \\"TemplateId\\": 9114,\\n \\"Resource\\": \\"rencs***-waf\\",\\n \\"DefenseType\\": \\"template\\"\\n }\\n}","type":"json"}]', + 'title' => 'DescribeDefenseRule', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRule'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeDefenseRuleStatistics' => [ + 'summary' => 'Queries statistics of rules under a specified WAF protection module.', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124760', - 'abilityTreeNodes' => [ - 'FEATUREwaf2KYU04', - ], + 'abilityTreeCode' => '248038', + 'abilityTreeNodes' => ['FEATUREwafVZXFDE', 'FEATUREwafCU29M8', 'FEATUREwafWUANSU'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-2r42s6y****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule template for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '2221', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'default' => 'cn-hangzhou', 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '232324', - ], + 'schema' => ['description' => 'The ID of the protection template to query.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '239136', 'title' => ''], ], [ - 'name' => 'IpList', + 'name' => 'PrimaryKey', 'in' => 'query', 'schema' => [ - 'description' => 'The IP addresses that you want to add to the IP address blacklist. CIDR blocks and IP addresses are supported. IPv4 and IPv6 addresses are supported. Separate the CIDR blocks or IP addresses with commas (,). For more information, see [Protection for major events](~~425591~~).'."\n", + 'description' => 'The primary query condition.', + 'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'], 'type' => 'string', 'required' => true, - 'example' => '192.0.XX.XX,192.0.XX.XX/24', + 'enum' => ['action', 'scene', 'status', 'type', 'riskLevel', 'detectType'], + 'example' => 'scene', + 'title' => '', ], ], [ - 'name' => 'ExpiredTime', + 'name' => 'SecondaryKey', 'in' => 'query', 'schema' => [ - 'description' => 'The timestamp after which the IP address blacklist becomes invalid. Unit: seconds.'."\n" - ."\n" - .'> If you set the parameter to **0**, the IP address blacklist is always valid.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1716528465', + 'description' => 'The secondary query condition. The value cannot be the same as the primary query condition.', + 'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'type' => 'Rule type.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'], + 'type' => 'string', + 'enum' => ['action', 'scene', 'status', 'riskLevel', 'detectType'], + 'required' => false, + 'example' => 'action', + 'title' => '', ], ], [ - 'name' => 'Description', + 'name' => 'ThirdKey', 'in' => 'query', 'schema' => [ - 'title' => '防护对象1domain 描述信息。', - 'description' => 'The description of the IP address blacklist.'."\n", + 'description' => 'The tertiary query condition. The value cannot be the same as the primary or secondary query condition.', + 'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'], 'type' => 'string', + 'enum' => ['action', 'scene', 'status', 'riskLevel', 'detectType'], 'required' => false, - 'example' => 'Protection for major events', + 'example' => 'status', + 'title' => '', ], ], [ - 'name' => 'RegionId', + 'name' => 'FourthKey', 'in' => 'query', 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", + 'description' => 'The quaternary query condition. The value cannot be the same as the primary, secondary, or tertiary query condition.', + 'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'], 'type' => 'string', + 'enum' => ['action', 'scene', 'status', 'riskLevel', 'detectType'], 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'example' => 'riskLevel', + 'title' => '', ], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D****', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'StatisticsInfos' => [ + 'description' => 'The statistics results.', + 'type' => 'array', + 'items' => [ + 'description' => 'The statistics results.', + 'type' => 'object', + 'properties' => [ + 'PrimaryValue' => ['description' => 'The value corresponding to the primary query condition.', 'type' => 'string', 'example' => 'sytem', 'title' => ''], + 'SecondaryValue' => ['description' => 'The value corresponding to the secondary query condition.', 'type' => 'string', 'example' => 'block', 'title' => ''], + 'ThirdValue' => ['description' => 'The value corresponding to the tertiary query condition.', 'type' => 'string', 'example' => '1', 'title' => ''], + 'FourthValue' => ['description' => 'The value corresponding to the quaternary query condition.', 'type' => 'string', 'example' => 'action', 'title' => ''], + 'Count' => ['description' => 'The number of rules that meet all the query conditions.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"type":"json","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D****\\"\\n}","errorExample":""},{"type":"xml","example":"<CreateMajorProtectionBlackIpResponse>\\n <RequestId>D7861F61-5B61-46CE-A47C-6B19160D5EB0</RequestId>\\n</CreateMajorProtectionBlackIpResponse>","errorExample":""}]', - 'title' => 'CreateMajorProtectionBlackIp', - 'description' => 'This operation is available only on the China site (aliyun.com).'."\n", - ], - 'ModifyMajorProtectionBlackIp' => [ - 'summary' => 'Modifies an IP address blacklist for major event protection.', - 'methods' => [ - 'post', - 'get', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query protection rule statistics', + 'requestParamsDescription' => '## Query condition details'."\n" + .'The protection scenarios (scene) supported by this query API are new bot management (**bot_manager**) and new web core protection (**waf_base**).'."\n" + .'### New bot management (**bot_manager**)'."\n" + .'The parameters supported for statistics at each query condition level are as follows.'."\n" + .'#### Parameter description'."\n" + .'|Name|Type|Description|'."\n" + .'| ------------ | ---------- | -----------|'."\n" + .'|scene|String|Counts rules by protection scenario.|'."\n" + .'|status|Integer|Counts rules by rule status.|'."\n" + .'|action|String|Counts rules by rule action.|'."\n" + ."\n" + .'### New web core protection (**waf_base**)'."\n" + .'The parameters supported for statistics at each query condition level are as follows.'."\n" + .'#### Parameter description'."\n" + .'|Name|Type|Description|'."\n" + .'| ------------ | ---------- | -----------|'."\n" + .'|type|String|Counts rules by rule type.|'."\n" + .'|detectType|String|Counts rules by detection type.|'."\n" + .'|riskLevel|String|Counts rules by risk level.|'."\n" + .'|status|Integer|Counts rules by rule status.|'."\n" + .'|action|String|Counts rules by rule action.|'."\n" + ."\n" + .'> '."\n" + .'>type can only be used as the primary query condition parameter. It counts the number of system protection rules (system) and custom regex rules (custom) separately.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseRuleStatistics', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"StatisticsInfos\\": [\\n {\\n \\"PrimaryValue\\": \\"sytem\\",\\n \\"SecondaryValue\\": \\"block\\",\\n \\"ThirdValue\\": \\"1\\",\\n \\"FourthValue\\": \\"action\\",\\n \\"Count\\": 27\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefenseRules' => [ + 'summary' => 'Queries a paginated list of protection rules.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124761', - 'abilityTreeNodes' => [ - 'FEATUREwaf2KYU04', - ], + 'abilityTreeCode' => '106383', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule template for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '5132', - ], + 'schema' => ['description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **whitelist**: a whitelist rule'."\n" + ."\n" + .'- **defense** (default): a protection rule'."\n" + ."\n" + .'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'string', 'required' => false, 'example' => 'whitelist', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'Query', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '20012033', - ], + 'schema' => ['description' => 'The query conditions. Specify this parameter as a JSON string.'."\n" + ."\n" + .'> The query results for protection rules vary based on the query conditions. For more information, see **Query parameter details**.', 'type' => 'string', 'required' => false, 'example' => '{\\"name\\":\\"IPblock_20220822_10\\",\\"scene\\":\\"custom_acl\\",\\"templateId\\":5327}', 'title' => ''], ], [ - 'name' => 'IpList', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象来源, custom:来自用户自定义 access: 来自接入', - 'description' => 'The IP addresses that you want to add to the IP address blacklist. You can specify multiple CIDR blocks or IP addresses. IPv4 and IPv6 addresses are supported. Separate the CIDR blocks or IP addresses with commas (,). For more information, see [Protection for major events](~~425591~~).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '12.XX.XX.2,3.XX.XX.3/24', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], ], [ - 'name' => 'ExpiredTime', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The time after which the IP address blacklist becomes invalid. Unit: seconds.'."\n" - ."\n" - .'> If you set this parameter to **0**, the blacklist is permanently valid.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1662603328', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'Description', + 'name' => 'DefenseType', 'in' => 'query', 'schema' => [ - 'title' => '防护对象1domain 描述信息。', - 'description' => 'The description of the IP address blacklist.'."\n", + 'description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **template** (default): template protection rules.'."\n" + ."\n" + .'- **resource**: rules for protected objects.'."\n" + ."\n" + .'- **global**: global rules.', + 'enumValueTitles' => ['template' => 'template', 'resource' => 'resource', 'global' => 'global'], 'type' => 'string', + 'default' => 'template', + 'enum' => ['template', 'resource', 'global'], 'required' => false, - 'example' => 'test', + 'example' => 'template', + 'title' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The result of the request.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', + 'TotalCount' => ['description' => 'The total number of returned entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '80736FA5-FA87-55F6-AA69-C5477C6FE6D0', 'title' => ''], + 'Rules' => [ + 'description' => 'The list of protection rules.', + 'type' => 'array', + 'items' => [ + 'description' => 'The protection rule.', + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The status of the protection rule. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'DefenseOrigin' => ['description' => 'The source of the protection rule. Valid values:'."\n" + ."\n" + .'- **custom**: The rule is created by the user.'."\n" + ."\n" + .'- **system**: The rule is automatically generated by the system.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'Config' => ['description' => 'The details of the protection rule. The value is a JSON string. For more information, see the **description of the Rule parameter** in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'example' => '{\\"policyId\\":1012,\\"action\\":\\"block\\"}', 'title' => ''], + 'RuleId' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '42755', 'title' => ''], + 'DefenseScene' => ['description' => 'The protection scenario.'."\n" + ."\n" + .'If the **DefenseType** request parameter is set to **template**, the valid values are:'."\n" + ."\n" + .'- **waf\\_group**: regular expression rules for basic protection.'."\n" + ."\n" + .'- **waf\\_base**: rules for the new web core protection feature.'."\n" + ."\n" + .'- **waf\\_base\\_compliance**: protocol compliance rules for basic protection.'."\n" + ."\n" + .'- **waf\\_base\\_sema**: semantic rules for basic protection.'."\n" + ."\n" + .'- **cc**: HTTP flood protection.'."\n" + ."\n" + .'- **antiscan\\_dirscan**: directory traversal blocking for scan protection.'."\n" + ."\n" + .'- **antiscan\\_highfreq**: high-frequency scan blocking for scan protection.'."\n" + ."\n" + .'- **antiscan\\_scantools**: scanner blocking for scan protection.'."\n" + ."\n" + .'- **ip\\_blacklist**: IP address blacklist.'."\n" + ."\n" + .'- **custom\\_acl**: custom rules.'."\n" + ."\n" + .'- **region\\_block**: Geo-blocking.'."\n" + ."\n" + .'- **tamperproof**: webpage tamper protection.'."\n" + ."\n" + .'- **dlp**: data leakage prevention.'."\n" + ."\n" + .'- **custom\\_response\\_block**: custom response.'."\n" + ."\n" + .'- **spike\\_throttle**: peak traffic throttling.'."\n" + ."\n" + .'If the **DefenseType** request parameter is set to **resource**, the valid values are:'."\n" + ."\n" + .'- **account\\_identifier**: account fetch.'."\n" + ."\n" + .'- **custom\\_response**: new custom response.'."\n" + ."\n" + .'- **waf\\_codec**: decoding.'."\n" + ."\n" + .'If the **DefenseType** request parameter is set to **global**, the valid values are:'."\n" + ."\n" + .'- **regular\\_custom**: custom regular expression.'."\n" + ."\n" + .'- **address\\_book**: address book.'."\n" + ."\n" + .'- **custom\\_response**: new custom response.', 'type' => 'string', 'example' => 'waf_group', 'title' => ''], + 'GmtModified' => ['description' => 'The time when the protection rule was last modified. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665460629000', 'title' => ''], + 'RuleName' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'example' => 'rules_41', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '5673', 'title' => ''], + 'GmtCreate' => ['description' => 'The time when the protection rule was created. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'deprecated' => false, 'example' => '1665460629000', 'title' => ''], + 'Resource' => ['description' => 'The protected object to which the rule is applied.'."\n" + ."\n" + .'> This parameter is returned only when the **DefenseType** request parameter is set to **resource**.', 'type' => 'string', 'example' => 'rencs***-waf', 'title' => ''], + 'DefenseType' => ['description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **template** (default): template protection rules.'."\n" + ."\n" + .'- **resource**: rules for protected objects.'."\n" + ."\n" + .'- **global**: global rules.', 'type' => 'string', 'example' => 'template', 'title' => ''], + 'Description' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => 'rule description', 'title' => ''], + 'RuleType' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => 'custom_cc', 'title' => ''], + 'ActionExternal' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => '42755', 'title' => ''], + 'DetailRuleIds' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => '42755', 'title' => ''], + 'ExternalInfo' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => '{\\"DetectType\\":\\"sqli\\"}', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]', - 'title' => 'ModifyMajorProtectionBlackIp', - ], - 'DeleteMajorProtectionBlackIp' => [ - 'summary' => 'Deletes an IP address blacklist for major event protection.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 2,\\n \\"RequestId\\": \\"80736FA5-FA87-55F6-AA69-C5477C6FE6D0\\",\\n \\"Rules\\": [\\n {\\n \\"Status\\": 1,\\n \\"DefenseOrigin\\": \\"custom\\",\\n \\"Config\\": \\"{\\\\\\\\\\\\\\"policyId\\\\\\\\\\\\\\":1012,\\\\\\\\\\\\\\"action\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"block\\\\\\\\\\\\\\"}\\",\\n \\"RuleId\\": 42755,\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665460629000,\\n \\"RuleName\\": \\"rules_41\\",\\n \\"TemplateId\\": 5673,\\n \\"GmtCreate\\": 1665460629000,\\n \\"Resource\\": \\"rencs***-waf\\",\\n \\"DefenseType\\": \\"template\\",\\n \\"Description\\": \\"rule description\\",\\n \\"RuleType\\": \\"custom_cc\\",\\n \\"ActionExternal\\": \\"42755\\",\\n \\"DetailRuleIds\\": \\"42755\\",\\n \\"ExternalInfo\\": \\"{\\\\\\\\\\\\\\"DetectType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"sqli\\\\\\\\\\\\\\"}\\"\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'DescribeDefenseRules', + 'requestParamsDescription' => '# Query parameter details'."\n" + ."\n" + .'## Template protection rules (**template**)'."\n" + ."\n" + .'If you set **DefenseType** to **template**, the following parameters are available.'."\n" + ."\n" + .'#### Parameter descriptions'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ---------- | ------- | -------- | -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| name | String | No | test | The name of the protection rule to query. You can set this parameter to perform a term query for a protection rule. |'."\n" + .'| nameId | String | No | test1 | The ID or name of the protection rule to query. You can set this parameter to perform a fuzzy query for a protection rule. |'."\n" + .'| nameLike | String | No | test.aliyundoc.c | The name of the protection rule to query. You can set this parameter to perform a fuzzy query for a protection rule. |'."\n" + .'| scene | String | No | waf_group | The protection scenario that you want to query. You can set this parameter to perform a term query for the protection rules in a specific scenario. Valid values:<br>\\- **waf_group**: regular expression rules for basic protection.<br>\\- **waf_base**: rules for the new web core protection feature.<br>\\- **waf_base_compliance**: protocol compliance rules for basic protection.<br>\\- **waf_base_sema**: semantic rules for basic protection.<br>\\- **cc**: HTTP flood protection.<br>\\- **antiscan_dirscan**: directory traversal blocking for scan protection.<br>\\- **antiscan_highfreq**: high-frequency scan blocking for scan protection.<br>\\- **antiscan_scantools**: scanner blocking for scan protection.<br>\\- **ip_blacklist**: IP address blacklist.<br>\\- **custom_acl**: custom rules.<br>\\- **region_block**: Geo-blocking.<br>\\- **tamperproof**: webpage tamper protection.<br>\\- **dlp**: data leakage prevention.<br>\\- **custom_response_block**: custom response. |'."\n" + .'| ruleId | Long | No | 33444 | The ID of the protection rule to query. You can set this parameter to perform a term query for a protection rule. |'."\n" + .'| ruleIdIn | Array | No | \\[3334455643,345555] | The range of protection rule IDs to query. You can set this parameter to query multiple protection rules. Separate multiple rule IDs with commas (,). |'."\n" + .'| templateId | Long | No | 24354 | The ID of the protection template to query. You can set this parameter to query the protection rules in a protection template. |'."\n" + .'| orderBy | String | No | name | The sorting method for protection rules. Valid values:<br>\\- **name**: sorts the rules by name.<br>\\- **gmtModified**: sorts the rules by modification time.<br>\\- **id**: sorts the rules by ID.<br>\\- **templateId**: sorts the rules by template ID. |'."\n" + .'| desc | Boolean | No | true | The sorting order. Valid values:<br>\\- **false**: ascending order.<br>\\- **true**: descending order. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "name": "test",'."\n" + .' "nameId ": "test1,'."\n" + .' "nameLike": "test.aliyundoc.c",'."\n" + .' "nameIn": "test.aliyundoc.c",'."\n" + .' "InstaneId": "test1.aliyundoc.com,test2.aliyundoc.com",'."\n" + .' "templateId": 24354'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'## Rules for protected objects (**resource**)'."\n" + ."\n" + .'If you set **DefenseType** to **resource**, the following parameters are available.'."\n" + ."\n" + .'#### Parameter descriptions'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| -------- | ------ | -------- | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| resource | String | No | sec****-waf | The protected object to which the rule is applied. |'."\n" + .'| scene | String | No | waf_group | The protection scenario that you want to query. You can set this parameter to perform a term query for the protection rules in a specific scenario. Valid values:<br>\\- **account_identifier**: account fetch rules.<br>\\- **custom_response**: new custom response. |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "resource": "sec****-waf",'."\n" + .' "scene ": "account_identifier"'."\n" + .'}'."\n" + .'```'."\n" + ."\n" + .'## Global rules (**global**)'."\n" + ."\n" + .'If you set **DefenseType** to **global**, the following parameters are available.'."\n" + ."\n" + .'#### Parameter descriptions'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ---------- | ------ | -------- | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| scene | String | No | regular_custom | The protection scenario that you want to query. You can set this parameter to perform a term query for the protection rules in a specific scenario. Valid values:<br>\\- **regular_custom**: custom regular expression rules.<br>\\- **custom_response**: new custom response. |'."\n" + .'| detectType | String | No | sqli | The detection module to query. Valid values:<br>\\- sqli: SQL injection.<br>\\- xss: cross-site scripting (XSS).<br>\\- cmdi: OS command injection.<br>\\- expression_injection: expression injection.<br>\\- java_deserialization: Java deserialization.<br>\\- dot_net_deserialization: .NET deserialization.<br>\\- php_deserialization: PHP deserialization.<br>\\- code_exec: code execution.<br>\\- ssrf: server-side request forgery (SSRF).<br>\\- path_traversal: path traversal.<br>\\- arbitrary_file_uploading: arbitrary file upload.<br>\\- webshell: webshell.<br>\\- rfilei: remote file inclusion (RFI).<br>\\- lfilei: local file inclusion (LFI).<br>\\- protocol_violation: protocol violation.<br>\\- scanner_behavior: scanner behavior.<br>\\- logic_flaw: business logic bug.<br>\\- arbitrary_file_reading: arbitrary file read.<br>\\- arbitrary_file_download: arbitrary file download.<br>\\- xxe: external entity injection.<br>\\- csrf: cross-site request forgery.<br>\\- crlf: CRLF.<br>\\- other: other. ><notice>This parameter is supported only when scene is set to **regular_custom**.></notice> |'."\n" + .'| riskLevel | String | No | strict | The threat level to query. Valid values:<br>\\- **super_strict**: Super Strict.<br>\\- **strict**: Strict.<br>\\- **medium**: Medium.<br>\\- **loose**: Loose.><notice> This parameter is supported only when scene is set to **regular_custom**.></notice> |'."\n" + .'| templateId | Long | No | 24354 | The ID of the protection template to query. You can set this parameter to query the protection rules in a protection template.><notice> This parameter is supported only when scene is set to **regular_custom**.></notice> |'."\n" + ."\n" + .'#### Example'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "detectType": "sqli",'."\n" + .' "riskLevel ": "strict",'."\n" + .' "templateId": 24354'."\n" + .'}'."\n" + .'```', + 'changeSet' => [ + ['createdAt' => '2025-03-27T04:34:29.000Z', 'description' => 'Response parameters changed, Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRules'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeDefenseSceneConfig' => [ + 'summary' => 'Queries the protection configurations for a specific defense scenario.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124769', - 'abilityTreeNodes' => [ - 'FEATUREwaf2KYU04', - ], + 'abilityTreeCode' => '255326', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'TemplateId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule template for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '5332', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm005', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '20013135', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ - 'name' => 'IpList', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '防护对象来源, custom:来自用户自定义 access: 来自接入', - 'description' => 'The IP address blacklist for major event protection that you want to delete. You can specify multiple CIDR blocks or IP addresses. IPv4 and IPv6 addresses are supported. Separate the CIDR blocks or IP addresses with commas (,). For more information, see [Protection for major events](~~425591~~).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '192.0.XX.XX,192.0.XX.XX/24'."\n", - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'DefenseScene', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The defense scenario whose configuration you want to query. For more information, see the **DefenseScene** parameter in [ModifyDefenseSceneConfig](~~2968435~~).', 'type' => 'string', 'required' => true, 'example' => 'apisec', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ConfigKey', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The name of the configuration item that you want to query. For more information, see the **ConfigKey** parameter in [ModifyDefenseSceneConfig](~~2968435~~).', 'type' => 'string', 'required' => true, 'example' => 'autoEnableStatus', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'ConfigValue' => ['description' => 'The value of the configuration item. For more information, see the **ConfigValue** parameter in [ModifyDefenseSceneConfig](~~2968435~~).', 'type' => 'string', 'example' => 'true', 'title' => ''], ], + 'description' => 'The returned data.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]', - 'title' => 'DeleteMajorProtectionBlackIp', - ], - 'ClearMajorProtectionBlackIp' => [ - 'summary' => 'Clears an IP address blacklist for major event protection.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeDefenseSceneConfig', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseSceneConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"ConfigValue\\": \\"true\\"\\n}","type":"json"}]', + ], + 'DescribeDefenseTemplate' => [ + 'summary' => 'Retrieves the details of a specific protection template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124771', - 'abilityTreeNodes' => [ - 'FEATUREwaf2KYU04', - ], + 'abilityTreeCode' => '106373', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule template for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '5132', - ], - ], - [ - 'name' => 'RuleId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '20012033', - ], + 'schema' => ['description' => 'The ID of the protection template that you want to query.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1333', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", + 'description' => 'The data returned.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Template' => [ + 'description' => 'The details of the protection template.', + 'type' => 'object', + 'properties' => [ + 'Description' => ['description' => 'The description of the protection template.', 'type' => 'string', 'example' => 'test', 'title' => ''], + 'TemplateOrigin' => ['description' => 'The origin of the protection template. A value of **custom** indicates that the template is user-defined.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'DefenseSubScene' => ['description' => 'The sub-scenario of the protection template. Valid values:'."\n" + ."\n" + .'- **web**: the bot management template for website protection.'."\n" + ."\n" + .'- **app**: the bot management template for app protection.'."\n" + ."\n" + .'- **basic**: the basic bot management template.'."\n" + ."\n" + .'- **bot\\_custom\\_acl**: the bot management template for custom protection rules.', 'type' => 'string', 'example' => 'app', 'title' => ''], + 'DefenseScene' => ['description' => 'The scenario in which the protection template is used. For more information, see the description of the **DefenseScene** parameter in the [CreateDefenseRule](~~CreateDefenseRule~~) operation.', 'type' => 'string', 'example' => 'waf_group', 'title' => ''], + 'GmtModified' => ['description' => 'The most recent time the protection template was modified. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665283642000', 'title' => ''], + 'TemplateName' => ['description' => 'The name of the protection template.', 'type' => 'string', 'example' => 'test0621', 'title' => ''], + 'TemplateType' => ['description' => 'The type of the protection template. Valid values:'."\n" + ."\n" + .'- **user\\_default**: the default template.'."\n" + ."\n" + .'- **user\\_custom**: a custom template.', 'type' => 'string', 'example' => 'user_default', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '10097', 'title' => ''], + 'TemplateStatus' => ['description' => 'The status of the protection template. Valid values:'."\n" + ."\n" + .'- **0**: disabled.'."\n" + ."\n" + .'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]', - 'title' => 'ClearMajorProtectionBlackIp', - ], - 'DescribeMajorProtectionBlackIps' => [ - 'summary' => 'Queries IP addresses in an IP address blacklist for major event protection by page.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Template\\": {\\n \\"Description\\": \\"test\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"DefenseSubScene\\": \\"app\\",\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665283642000,\\n \\"TemplateName\\": \\"test0621\\",\\n \\"TemplateType\\": \\"user_default\\",\\n \\"TemplateId\\": 10097,\\n \\"TemplateStatus\\": 1\\n }\\n}","type":"json"}]', + 'title' => 'DescribeDefenseTemplate', + 'changeSet' => [ + ['createdAt' => '2023-07-26T09:08:01.000Z', 'description' => 'Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplate'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + ], + 'DescribeDefenseTemplateValidGroups' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -18246,307 +14221,220 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwaf2KYU04', - ], + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy****pf0e', 'title' => ''], ], [ - 'name' => 'TemplateId', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the rule template for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '5673', - ], + 'schema' => ['description' => 'The name of the protected object group. Use this parameter to filter results by group name.', 'type' => 'string', 'required' => false, 'example' => 'group221', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'DefenseScene', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the IP address blacklist rule for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '20013199', - ], + 'schema' => ['description' => 'The protection scenario. For more information, see the valid values for the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~) when **DefenseType** is set to **template**.', 'type' => 'string', 'required' => true, 'example' => 'region_block', 'title' => ''], ], [ - 'name' => 'IpLike', - 'in' => 'query', - 'schema' => [ - 'description' => 'The IP address that you want to query. You can specify this parameter to query an IP address in the IP address blacklist for major event protection by using fuzzy matching.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '192.0.XX.XX', - ], - ], - [ - 'name' => 'OrderBy', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The method that you want to use to sort the IP addresses **in descending order**. Valid values:'."\n" - ."\n" - .'* **gmtModified:** sorts the IP addresses by most recent modification time.'."\n" - .'* **ip:** sorts the IP addresses by IP address.'."\n" - .'* **templateId:** sorts the IP addresses by template ID.'."\n" - .'* **id:** sorts the IP addresses by primary key.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'gmtModified', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of the page to return. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries to return on each page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '20', - ], + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '12345', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2th****v6ay', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of IP addresses in the blacklist.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '63', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '41631674-EEB0-5B02-BEB4-40A758E9B841', - ], - 'IpList' => [ - 'description' => 'An array of IP addresses in the IP address blacklist.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6EA4B39A-9C0C-5E57-993E-30B6****3AD0', 'title' => ''], + 'Groups' => [ + 'description' => 'A list of protected object group names.', 'type' => 'array', - 'items' => [ - 'description' => 'The information about the IP address in the IP address blacklist.'."\n", - 'type' => 'object', - 'properties' => [ - 'Description' => [ - 'description' => 'The description of the IP address in the blacklist.'."\n", - 'type' => 'string', - 'example' => 'test0003asdffas', - ], - 'Ip' => [ - 'description' => 'The IP address in the IP address blacklist.'."\n", - 'type' => 'string', - 'example' => '192.0.XX.XX', - ], - 'RuleId' => [ - 'description' => 'The ID of the IP address blacklist rule for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '8508970', - ], - 'ExpiredTime' => [ - 'description' => 'The time after which the IP address blacklist becomes invalid. Unit: seconds.'."\n" - ."\n" - .'> If the value of this parameter is **0**, the blacklist is permanently valid.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1662603328', - ], - 'GmtModified' => [ - 'description' => 'The most recent time when the IP address blacklist was modified.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665456202000', - ], - 'TemplateId' => [ - 'description' => 'The ID of the rule template for major event protection.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '9684', - ], - ], - ], + 'items' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'group_example', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 63,\\n \\"RequestId\\": \\"41631674-EEB0-5B02-BEB4-40A758E9B841\\",\\n \\"IpList\\": [\\n {\\n \\"Description\\": \\"test0003asdffas\\",\\n \\"Ip\\": \\"192.0.XX.XX\\",\\n \\"RuleId\\": 8508970,\\n \\"ExpiredTime\\": 1662603328,\\n \\"GmtModified\\": 1665456202000,\\n \\"TemplateId\\": 9684\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeMajorProtectionBlackIps', - ], - 'AddAddress' => [ - 'summary' => '地址簿添加地址', - 'methods' => [ - 'post', + 'title' => 'DescribeDefenseTemplateValidGroups', + 'summary' => 'Queries the names of protected object groups that can be associated with a specific protection template.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplateValidGroups'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplateValidGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 27,\\n \\"RequestId\\": \\"6EA4B39A-9C0C-5E57-993E-30B6****3AD0\\",\\n \\"Groups\\": [\\n \\"group_example\\"\\n ]\\n}","type":"json"}]', + ], + 'DescribeDefenseTemplateValidResources' => [ + 'summary' => 'Queries a paginated list of protected objects that are valid for a specified protection template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124760', - 'abilityTreeNodes' => [ - 'FEATUREwaf4TDPM4', - ], + 'abilityTreeCode' => '106347', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-27a3jyw0v04', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'DefenseScene', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '12345678', - ], + 'schema' => ['description' => 'The protection scenario of the protection template. For more information, see the valid values for the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~) when **DefenseType** is set to **template**.', 'type' => 'string', 'required' => true, 'example' => 'whitelist', 'title' => ''], ], [ - 'name' => 'AddressList', + 'name' => 'Resource', 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'XX.XX.XX.XX', - ], - 'required' => true, - ], + 'schema' => ['description' => 'The name of the protected object that you want to query. You can specify this parameter to filter the results.', 'type' => 'string', 'required' => false, 'example' => 'mgw.realperson.antdigital.com', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '2', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'TemplateId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the protection template.'."\n" + ."\n" + .'> If you do not specify this parameter, the protected objects that can be associated with a new protection template for the specified protection scenario (**DefenseScene**) are returned.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '21202', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2thcppfv6ay', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', + 'TotalCount' => ['description' => 'The total number of protected objects that match the query criteria.', 'type' => 'integer', 'format' => 'int64', 'example' => '34', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C54DD36B-6380-57E5-89BA-2642757C4DB8', 'title' => ''], + 'Resources' => [ + 'type' => 'array', + 'items' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'showerroom.taikooliqiantan.com-waf', 'title' => ''], + 'description' => 'The names of the protected objects that are valid for the protection template.', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Defense.Control.DefenseAddressInvalid', - 'errorMessage' => 'The address in the address book is illegal.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseAddressOversize', - 'errorMessage' => 'The number of addresses in the address book exceeds the limit.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', - 'errorMessage' => 'Address book operations are too frequent.', + 'title' => 'DescribeDefenseTemplateValidResources', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplateValidResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\"\\n}","type":"json"}]', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 34,\\n \\"RequestId\\": \\"C54DD36B-6380-57E5-89BA-2642757C4DB8\\",\\n \\"Resources\\": [\\n \\"showerroom.taikooliqiantan.com-waf\\"\\n ]\\n}","type":"json"}]', ], - 'DescribeAddresses' => [ - 'summary' => '分页查询地址簿IP', - 'methods' => [ - 'get', - 'post', - ], - 'schemes' => [ - 'https', - ], + 'DescribeDefenseTemplates' => [ + 'summary' => 'Retrieves a paginated list of protection templates.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -18557,598 +14445,1041 @@ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwaf4TDPM4', - ], + 'abilityTreeCode' => '106374', + 'abilityTreeNodes' => ['FEATUREwaf1LM6V0'], + 'autoTest' => true, ], 'parameters' => [ [ + 'name' => 'TemplateIds', + 'in' => 'query', + 'schema' => ['description' => 'The IDs of the protection templates that you want to query. You can specify this parameter to query the protected objects for which multiple protection templates take effect. Separate multiple template IDs with commas (,).', 'type' => 'string', 'required' => false, 'example' => '189731,189539,189538,189531,189540,189542,189541', 'title' => ''], + ], + [ + 'name' => 'TemplateName', + 'in' => 'query', + 'schema' => ['description' => 'The name of the protection template to query.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-pe33b****03', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '12345678', - ], + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '39395', 'title' => ''], ], [ - 'name' => 'AddressLike', + 'name' => 'TemplateType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1.2.3.3', - ], + 'schema' => ['description' => 'The type of the protection template that you want to create. Valid values:'."\n" + ."\n" + .'- **user\\_default**: default protection template.'."\n" + ."\n" + .'- **user\\_custom**: custom protection template.', 'type' => 'string', 'required' => false, 'example' => 'user_default', 'title' => ''], ], [ - 'name' => 'NextToken', + 'name' => 'DefenseScene', + 'in' => 'query', + 'schema' => ['description' => 'The protection scenario. For more information, see the description of the **DefenseScene** parameter in the [CreateDefenseRule](~~461421~~) topic.', 'type' => 'string', 'required' => false, 'example' => 'region_block', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The name of the protected object or protected object group, or the ID of the protected asset.'."\n" + ."\n" + .'> You must specify the Resource and ResourceType parameters to filter query results.', 'type' => 'string', 'required' => false, 'example' => 'ruiqiu.cc-ecs', 'title' => ''], + ], + [ + 'name' => 'ResourceType', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The type of the protected resource. Valid values:'."\n" + ."\n" + .'- **single** (default): a protected object.'."\n" + ."\n" + .'- **group**: a protected object group.'."\n" + ."\n" + .'- **asset**: a protected asset.'."\n" + ."\n" + .'> You must specify the Resource and ResourceType parameters to filter query results.', 'type' => 'string', + 'enum' => ['single', 'group', 'asset'], 'required' => false, - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', + 'example' => 'single', + 'title' => '', ], ], [ - 'name' => 'MaxResults', + 'name' => 'DefenseSubScene', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '20', - 'default' => '20', - ], + 'schema' => ['description' => 'The sub-scenario of the protection template. Valid values:'."\n" + ."\n" + .'- **web**: the web protection template for bot management.'."\n" + ."\n" + .'- **app**: the app protection template for bot management.'."\n" + ."\n" + .'- **basic**: the basic protection template for bot management.'."\n" + ."\n" + .'- **bot\\_custom\\_acl**: the advanced custom protection rule template for bot management.', 'type' => 'string', 'required' => false, 'example' => 'basic', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm4gh****wela', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmvyknl****fa', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '8D8EBFB7-E1EB-5236-952A-092EDC72***', - ], - 'AddressList' => [ - 'description' => '', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '4F26D2F1-E288-5104-8518-05E240E337A4', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of protection templates returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''], + 'Templates' => [ + 'description' => 'An array of protection templates.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'A protection template.', 'type' => 'object', 'properties' => [ - 'Address' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1.1.1.1', - ], - 'RuleId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12345678', - ], - 'GmtModified' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1760408233000', - ], + 'DefenseScene' => ['description' => 'The protection scenario. Valid values:'."\n" + ."\n" + .'- **waf\\_group**: Basic Protection.'."\n" + ."\n" + .'- **antiscan**: Scan Protection.'."\n" + ."\n" + .'- **ip\\_blacklist**: IP Blocklist.'."\n" + ."\n" + .'- **custom\\_acl**: Custom Rule.'."\n" + ."\n" + .'- **whitelist**: Allowlist.'."\n" + ."\n" + .'- **region\\_block**: Geographic Blocking.'."\n" + ."\n" + .'- **custom\\_response**: Custom Response.'."\n" + ."\n" + .'- **cc**: HTTP Flood Protection.'."\n" + ."\n" + .'- **tamperproof**: Webpage Tamper Protection.'."\n" + ."\n" + .'- **dlp**: Data Loss Prevention.'."\n" + ."\n" + .'- **bot\\_manager**: Bot Management.', 'type' => 'string', 'example' => 'whitelist', 'title' => ''], + 'GmtModified' => ['description' => 'The last modification time of the protection template. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683776070000', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '56477', 'title' => ''], + 'TemplateName' => ['description' => 'The name of the protection template.', 'type' => 'string', 'example' => 'template-blockarea1', 'title' => ''], + 'TemplateOrigin' => ['description' => 'The origin of the protection template to be created. The value is custom, which indicates a user-defined template.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + 'TemplateStatus' => ['description' => 'The status of the protection template. Valid values:'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'TemplateType' => ['description' => 'The type of the protection template. Valid values:'."\n" + ."\n" + .'- **user\\_default**: The user\'s default protection template.'."\n" + ."\n" + .'- **user\\_custom**: A custom protection template defined by the user.', 'type' => 'string', 'example' => 'user_custom', 'title' => ''], + 'DefenseSubScene' => ['description' => 'The sub-scenario for the Bot Management template. This parameter is returned only when `DefenseScene` is set to `bot_manager`. Valid values:'."\n" + ."\n" + .'- **web**: web protection'."\n" + ."\n" + .'- **app**: app protection'."\n" + ."\n" + .'- **basic**: basic protection'."\n" + ."\n" + .'- **bot\\_custom\\_acl**: The protection template for advanced Custom Rules in Bot Management.', 'type' => 'string', 'example' => 'basic', 'title' => ''], + 'Description' => ['description' => 'The description of the template.', 'type' => 'string', 'example' => 'testTemplate', 'title' => ''], ], + 'title' => '', + 'example' => '', ], - ], - 'NextToken' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], - 'MaxResults' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '20', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"8D8EBFB7-E1EB-5236-952A-092EDC72***\\",\\n \\"AddressList\\": [\\n {\\n \\"Address\\": \\"1.1.1.1\\",\\n \\"RuleId\\": 12345678,\\n \\"GmtModified\\": 1760408233000\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', - ], - 'DeleteAddress' => [ - 'summary' => '地址簿添加地址', - 'methods' => [ - 'post', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4F26D2F1-E288-5104-8518-05E240E337A4\\",\\n \\"TotalCount\\": 100,\\n \\"Templates\\": [\\n {\\n \\"DefenseScene\\": \\"whitelist\\",\\n \\"GmtModified\\": 1683776070000,\\n \\"TemplateId\\": 56477,\\n \\"TemplateName\\": \\"template-blockarea1\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"TemplateStatus\\": 1,\\n \\"TemplateType\\": \\"user_custom\\",\\n \\"DefenseSubScene\\": \\"basic\\",\\n \\"Description\\": \\"testTemplate\\"\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'DescribeDefenseTemplates', + 'changeSet' => [ + ['createdAt' => '2025-01-03T06:43:17.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-12-30T06:37:21.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplates'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplates', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeDomainDNSRecord' => [ + 'summary' => 'Queries whether the DNS settings of a domain name are correct.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124760', - 'abilityTreeNodes' => [ - 'FEATUREwaf4TDPM4', - ], + 'abilityTreeCode' => '179230', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-wwo36****0i', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy****is02', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '12345678', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'AddressList', + 'name' => 'Domain', 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'XX.XX.XX.XX/32', - ], - 'required' => true, - ], + 'schema' => ['description' => 'The domain name to query.', 'type' => 'string', 'required' => true, 'example' => 'xxx.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'C33EB3D5-AF96-43CA-9C7E-37A8****6A1E', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C****', 'title' => ''], + 'DNSStatus' => ['description' => 'The DNS status. Valid values:'."\n" + ."\n" + .'- **cnameMatched**: Normal.'."\n" + ."\n" + .'- **vipMatched**: A record.'."\n" + ."\n" + .'- **wafVip**: The VIP of another WAF is used.'."\n" + ."\n" + .'- **unRecord**: No DNS resolution is configured.'."\n" + ."\n" + .'- **unUsed**: Traffic does not pass through WAF.'."\n" + ."\n" + .'- **checkTimeout**: The detection timed out.', 'type' => 'string', 'example' => 'cnameMatched', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Defense.Control.DefenseAddressOversize', - 'errorMessage' => 'The number of addresses in the address book exceeds the limit.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseAddressInvalid', - 'errorMessage' => 'The address in the address book is illegal.', - ], - [ - 'errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', - 'errorMessage' => 'Address book operations are too frequent.', + 'title' => 'Query CNAME DNS resolution status', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDNSRecord'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainDNSRecord', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C33EB3D5-AF96-43CA-9C7E-37A8****6A1E\\"\\n}","type":"json"}]', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4C****\\",\\n \\"DNSStatus\\": \\"cnameMatched\\"\\n}","type":"json"}]', ], - 'ClearAddress' => [ - 'summary' => '地址簿清空所有地址', - 'methods' => [ - 'post', - ], - 'schemes' => [ - 'https', - ], + 'DescribeDomainDetail' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124760', - 'abilityTreeNodes' => [ - 'FEATUREwaf4TDPM4', - ], + 'abilityTreeCode' => '113957', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7mz****hw0u', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'RuleId', + 'name' => 'DomainId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '12345678', - ], + 'schema' => ['description' => 'The domain name ID.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['title' => '', 'description' => 'The domain name to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com'], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ + 'description' => 'The CNAME details.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '276D7566-31C9-4192-9DD1-51B10D*****', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BAEF9CA9-66A0-533E-BD09-5D5D7AA8****', 'title' => ''], + 'Domain' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com'], + 'DomainId' => ['title' => '', 'description' => 'The domain name ID.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf'], + 'Status' => ['title' => '', 'description' => 'The status of the domain name. Valid values:'."\n" + ."\n" + .'- **1**: The domain name is in a normal state.'."\n" + ."\n" + .'- **2**: The domain name is being created.'."\n" + ."\n" + .'- **3**: The domain name is being modified.'."\n" + ."\n" + .'- **4**: The domain name is being released.'."\n" + ."\n" + .'- **5**: The domain name has stopped forwarding traffic.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'], + 'Cname' => ['description' => 'The CNAME assigned by WAF to the domain name.', 'type' => 'string', 'example' => 'xxxxxcvdaf.****.com', 'title' => ''], + 'Listen' => [ + 'title' => '', + 'description' => 'The listener configuration.', + 'type' => 'object', + 'properties' => [ + 'HttpPorts' => [ + 'title' => '', + 'description' => 'The listening ports for the HTTP protocol.', + 'type' => 'array', + 'items' => ['description' => 'The listening ports for the HTTP protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''], + 'example' => '', + ], + 'HttpsPorts' => [ + 'title' => '', + 'description' => 'The listening ports for the HTTPS protocol.', + 'type' => 'array', + 'items' => ['description' => 'The listening ports for the HTTPS protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '443'."\n", 'title' => ''], + 'example' => '', + ], + 'Http2Enabled' => ['title' => '', 'description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 is enabled.'."\n" + ."\n" + .'- **false**: HTTP/2 is not enabled.', 'type' => 'boolean', 'example' => 'true'], + 'CertId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '123', 'title' => ''], + 'TLSVersion' => ['title' => '', 'description' => 'The TLS version. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1.2'], + 'EnableTLSv3' => ['title' => '', 'description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true'], + 'CipherSuite' => ['description' => 'The type of the cipher suite. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites are added.'."\n" + ."\n" + .'- **2**: strong cipher suites are added.'."\n" + ."\n" + .'- **99**: custom cipher suites are added.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], + 'CustomCiphers' => [ + 'description' => 'The custom cipher suites.', + 'type' => 'array', + 'items' => ['description' => 'The custom cipher suites.', 'type' => 'string', 'example' => 'xxx', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'FocusHttps' => ['description' => 'Indicates whether HTTPS forced redirect is enabled. Valid values:'."\n" + ."\n" + .'- **true**: HTTPS forced redirect is enabled.'."\n" + ."\n" + .'- **false**: HTTPS forced redirect is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'SM2Enabled' => ['description' => 'Indicates whether the China Encryption Standard (SM) certificate is enabled. Valid values:'."\n" + ."\n" + .'- **true**: The SM certificate is enabled.'."\n" + ."\n" + .'- **false**: The SM certificate is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'SM2CertId' => ['description' => 'The ID of the SM certificate to add. This parameter is used only when SM2Enable is set to true.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'SM2AccessOnly' => ['description' => 'Indicates whether only SM-compliant clients can access the domain name. This parameter is used only when SM2Enable is set to true.'."\n" + ."\n" + .'- true: Only SM-compliant clients can access the domain name.'."\n" + ."\n" + .'- false: Both SM-compliant and non-SM-compliant clients can access the domain name.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n" + ."\n" + .'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n" + ."\n" + .'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n" + ."\n" + .'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''], + 'XffHeaders' => [ + 'description' => 'The list of custom header fields used to obtain the client IP address.', + 'type' => 'array', + 'items' => ['description' => 'The list of custom header fields used to obtain the client IP address.', 'type' => 'string', 'example' => 'Client-ip', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'IPv6Enabled' => ['title' => '', 'description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: IPv6 is enabled.'."\n" + ."\n" + .'- **false**: IPv6 is not enabled.', 'type' => 'boolean', 'example' => 'true'], + 'ProtectionResource' => ['title' => '', 'description' => 'The type of protection resource to use. Valid values:'."\n" + ."\n" + .'- **share**: shared cluster.'."\n" + ."\n" + .'- **gslb**: shared cluster with intelligent load balancing.', 'type' => 'string', 'example' => 'share'], + 'ExclusiveIp' => ['title' => '', 'description' => 'Indicates whether an exclusive IP address is enabled. Valid values:'."\n" + ."\n" + .'- **true**: An exclusive IP address is enabled.'."\n" + ."\n" + .'- **false**: An exclusive IP address is not enabled.', 'type' => 'boolean', 'example' => 'true'], + 'HstsIncludeSubDomain' => ['description' => 'Indicates whether HSTS includes subdomains. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Not enabled.', 'type' => 'boolean', 'title' => '', 'example' => ''], + 'HstsPreload' => ['description' => 'Indicates whether HSTS preloading is enabled. This feature is disabled by default. Valid values:'."\n" + .'- true: Enabled.'."\n" + .'- false: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'HstsMaxAge' => ['description' => 'The HSTS expiration time. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '365000', 'title' => ''], + ], + 'example' => '', + ], + 'Redirect' => [ + 'title' => '', + 'description' => 'The forwarding configuration.', + 'type' => 'object', + 'properties' => [ + 'Backends' => [ + 'description' => 'The back-to-origin addresses of the domain name.'."\n" + ."\n" + .'> This parameter will be deprecated. Use **BackendList** instead.', + 'type' => 'array', + 'items' => [ + 'description' => 'The IP address or domain name of the origin server.', + 'type' => 'object', + 'properties' => [ + 'Backend' => ['description' => 'The IP address or domain name of the origin server for the domain name.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'deprecated' => true, + 'title' => '', + 'example' => '', + ], + 'Loadbalance' => ['title' => '', 'description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n" + ."\n" + .'- **iphash**: IP hash algorithm.'."\n" + ."\n" + .'- **roundRobin**: round-robin algorithm.'."\n" + ."\n" + .'- **leastTime**: least-time back-to-origin algorithm.', 'type' => 'string', 'example' => 'iphash'], + 'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Forced HTTP back-to-origin is enabled.'."\n" + ."\n" + .'- **false**: Forced HTTP back-to-origin is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'SniEnabled' => ['title' => '', 'description' => 'Indicates whether back-to-origin SNI is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Back-to-origin SNI is enabled.'."\n" + ."\n" + .'- **false** (default): Back-to-origin SNI is not enabled.', 'type' => 'boolean', 'example' => 'true'], + 'SniHost' => ['description' => 'The value of the custom SNI extension field.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'RequestHeaders' => [ + 'description' => 'The traffic tag fields and values of the domain name, which are used to mark traffic processed by WAF.', + 'type' => 'array', + 'items' => [ + 'description' => 'The traffic tag fields and values of the domain name, which are used to mark traffic processed by WAF.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'example' => 'aaa', 'title' => ''], + 'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'example' => 'bbb', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + 'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds.'."\n" + .'Valid values: 5 to 120.', 'type' => 'integer', 'format' => 'int32', 'example' => '120', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n" + .'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int32', 'example' => '200', 'title' => ''], + 'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n" + .'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int32', 'example' => '200', 'title' => ''], + 'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n" + ."\n" + .'- **true** (default): Persistent connections are enabled.'."\n" + ."\n" + .'- **false**: Persistent connections are not enabled.', 'type' => 'boolean', 'default' => 'true', 'example' => 'true', 'title' => ''], + 'Retry' => ['description' => 'Indicates whether WAF retries when back-to-origin fails. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF retries.'."\n" + ."\n" + .'- **false**: WAF does not retry.', 'type' => 'boolean', 'default' => 'true', 'example' => 'true', 'title' => ''], + 'KeepaliveRequests' => ['description' => 'The number of requests that can reuse a persistent connection. Valid values: 60 to 1000.'."\n" + ."\n" + .'> After persistent connections are enabled, this parameter specifies how many persistent connections can be reused.', 'type' => 'integer', 'format' => 'int32', 'default' => '100', 'example' => '1000', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" + ."\n" + .'> Specifies how long an idle persistent connection can remain open before it is released.', 'type' => 'integer', 'format' => 'int32', 'default' => '15', 'example' => '15', 'title' => ''], + 'XffProto' => ['description' => 'Indicates whether the X-Forward-For-Proto header is used to pass the protocol used by WAF. Valid values:'."\n" + ."\n" + .'- **true** (default): The protocol used by WAF is passed.'."\n" + ."\n" + .'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'BackupBackends' => [ + 'description' => 'The secondary back-to-origin addresses of the domain name.'."\n" + ."\n" + .'> This parameter will be deprecated. Use **BackUpBackendList** instead.', + 'type' => 'array', + 'items' => [ + 'description' => 'The IP address or domain name of the origin server.', + 'type' => 'object', + 'properties' => [ + 'Backend' => ['description' => 'The IP address or domain name of the secondary origin server for the domain name.', 'type' => 'string', 'example' => '['."\n" + .' "1.1.XX.XX",'."\n" + .' "2.2.XX.XX"'."\n" + .']'."\n", 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'deprecated' => true, + 'title' => '', + 'example' => '', + ], + 'XClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-Client-IP header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''], + 'XTrueIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-True-IP header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''], + 'WebServerType' => ['description' => 'Indicates whether WAF is allowed to overwrite the Web-Server-Type header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''], + 'WLProxyClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the WL-Proxy-Client-IP header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''], + 'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.'."\n" + .'> Only Ultimate Edition supports this feature.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2'], + 'Http2Origin' => ['title' => '', 'description' => 'The HTTP/2 back-to-origin setting.', 'type' => 'boolean', 'example' => 'true'], + 'Http2OriginMaxConcurrency' => ['title' => '', 'description' => 'The maximum number of concurrent connections for HTTP/2 back-to-origin.', 'type' => 'integer', 'format' => 'int32', 'example' => '128'], + 'ProxyProtocol' => ['description' => 'Indicates whether the client source IP preservation feature is enabled.'."\n" + .'- **true**: The client source IP preservation feature is enabled. After this feature is enabled, the backend service can view the originating IP address of the client.'."\n" + .'- **false**: The client source IP preservation feature is not enabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'BackendList' => [ + 'description' => 'The list of origin server IP addresses or back-to-origin domain names for the domain name.', + 'type' => 'array', + 'items' => ['description' => 'The IP address or domain name of the origin server for the domain name.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'BackUpBackendList' => [ + 'description' => 'The list of secondary origin server IP addresses or back-to-origin domain names for the domain name.', + 'type' => 'array', + 'items' => ['description' => 'The IP address or domain name of the secondary origin server for the domain name.', 'type' => 'string', 'example' => '2.2.XX.XX', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'BackendPorts' => [ + 'description' => 'The custom port configuration. By default, this is the same as the listening port.', + 'type' => 'array', + 'items' => [ + 'description' => 'The custom port configuration. By default, this is the same as the listening port.', + 'type' => 'object', + 'properties' => [ + 'ListenPort' => ['description' => 'The listening port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'BackendPort' => ['description' => 'The back-to-origin port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'Protocol' => ['description' => 'The protocol type of the listening port. Valid values:'."\n" + .'- **http**: HTTP protocol.'."\n" + .'- **https**: HTTPS protocol.', 'type' => 'string', 'example' => 'http', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'example' => '', + ], + 'ResourceManagerResourceGroupId' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => ''], + 'CertDetail' => [ + 'description' => 'The SSL certificate details.', + 'type' => 'object', + 'properties' => [ + 'Name' => ['description' => 'The certificate name.', 'type' => 'string', 'example' => 'test-cert-name', 'title' => ''], + 'Id' => ['description' => 'The SSL certificate ID.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'StartTime' => ['description' => 'The effective period of the certificate. The value is in the format of a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1677772800000', 'title' => ''], + 'EndTime' => ['description' => 'The time when the certificate expires. The value is a UNIX timestamp in UTC. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1685590400000', 'title' => ''], + 'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'test.aliyundoc.com', 'title' => ''], + 'Sans' => [ + 'description' => 'All domain names bound to the certificate.', + 'type' => 'array', + 'items' => ['description' => 'All domain names bound to the certificate.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'SM2CertDetail' => [ + 'description' => 'The SM certificate information.', + 'type' => 'object', + 'properties' => [ + 'Name' => ['description' => 'The certificate name.', 'type' => 'string', 'example' => 'test-sm2-cert-name', 'title' => ''], + 'Id' => ['description' => 'The SSL certificate ID.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'StartTime' => ['description' => 'The effective period of the certificate. The value is in the format of a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1657551525000', 'title' => ''], + 'EndTime' => ['description' => 'The time when the certificate expires. The value is a UNIX timestamp in UTC. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665590400000', 'title' => ''], + 'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'test.aliyundoc.com'."\n", 'title' => ''], + 'Sans' => [ + 'description' => 'All domain names bound to the certificate.', + 'type' => 'array', + 'items' => ['description' => 'All domain names bound to the certificate.', 'type' => 'string', 'example' => 'www.aliyundoc.com'."\n", 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [ 400 => [ - [ - 'errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', - 'errorMessage' => 'Address book operations are too frequent.', - ], + ['errorCode' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'], + ['errorCode' => 'Waf.Pullin.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match.'], + ['errorCode' => 'Waf.Pullin.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"276D7566-31C9-4192-9DD1-51B10D*****\\"\\n}","type":"json"}]', - ], - 'DeleteApisecAbnormals' => [ - 'summary' => 'Deletes multiple risks detected by the API security module at a time.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query CNAME access details', + 'summary' => 'Queries the Website Config details.', + 'changeSet' => [ + ['createdAt' => '2024-11-28T15:04:53.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2024-06-06T09:49:31.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2024-01-30T12:16:58.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2023-04-27T06:05:43.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2023-04-18T11:16:21.000Z', 'description' => 'Response parameters changed, Response parameters changed'], + ['createdAt' => '2022-11-28T08:16:57.000Z', 'description' => 'Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDetail'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainDetail', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}-waf'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BAEF9CA9-66A0-533E-BD09-5D5D7AA8****\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\",\\n \\"Status\\": 1,\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"Listen\\": {\\n \\"HttpPorts\\": [\\n 80\\n ],\\n \\"HttpsPorts\\": [\\n 443\\n ],\\n \\"Http2Enabled\\": true,\\n \\"CertId\\": \\"123\\",\\n \\"TLSVersion\\": \\"tlsv1.2\\",\\n \\"EnableTLSv3\\": true,\\n \\"CipherSuite\\": 2,\\n \\"CustomCiphers\\": [\\n \\"xxx\\"\\n ],\\n \\"FocusHttps\\": true,\\n \\"SM2Enabled\\": true,\\n \\"SM2CertId\\": \\"123-cn-hangzhou\\",\\n \\"SM2AccessOnly\\": true,\\n \\"XffHeaderMode\\": 2,\\n \\"XffHeaders\\": [\\n \\"Client-ip\\"\\n ],\\n \\"IPv6Enabled\\": true,\\n \\"ProtectionResource\\": \\"share\\",\\n \\"ExclusiveIp\\": true,\\n \\"HstsIncludeSubDomain\\": false,\\n \\"HstsPreload\\": false,\\n \\"HstsMaxAge\\": 365000\\n },\\n \\"Redirect\\": {\\n \\"Backends\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ],\\n \\"Loadbalance\\": \\"iphash\\",\\n \\"FocusHttpBackend\\": true,\\n \\"SniEnabled\\": true,\\n \\"SniHost\\": \\"www.aliyundoc.com\\",\\n \\"RequestHeaders\\": [\\n {\\n \\"Key\\": \\"aaa\\",\\n \\"Value\\": \\"bbb\\"\\n }\\n ],\\n \\"ConnectTimeout\\": 120,\\n \\"WriteTimeout\\": 200,\\n \\"ReadTimeout\\": 200,\\n \\"Keepalive\\": true,\\n \\"Retry\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 15,\\n \\"XffProto\\": true,\\n \\"BackupBackends\\": [\\n {\\n \\"Backend\\": \\"[\\\\n \\\\\\"1.1.XX.XX\\\\\\",\\\\n \\\\\\"2.2.XX.XX\\\\\\"\\\\n]\\\\n\\"\\n }\\n ],\\n \\"XClientIp\\": true,\\n \\"XTrueIp\\": true,\\n \\"WebServerType\\": true,\\n \\"WLProxyClientIp\\": true,\\n \\"MaxBodySize\\": 2,\\n \\"Http2Origin\\": true,\\n \\"Http2OriginMaxConcurrency\\": 128,\\n \\"ProxyProtocol\\": false,\\n \\"BackendList\\": [\\n \\"1.1.XX.XX\\"\\n ],\\n \\"BackUpBackendList\\": [\\n \\"2.2.XX.XX\\"\\n ],\\n \\"BackendPorts\\": [\\n {\\n \\"ListenPort\\": 80,\\n \\"BackendPort\\": 80,\\n \\"Protocol\\": \\"http\\"\\n }\\n ]\\n },\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfm***q\\",\\n \\"CertDetail\\": {\\n \\"Name\\": \\"test-cert-name\\",\\n \\"Id\\": \\"123-cn-hangzhou\\",\\n \\"StartTime\\": 1677772800000,\\n \\"EndTime\\": 1685590400000,\\n \\"CommonName\\": \\"test.aliyundoc.com\\",\\n \\"Sans\\": [\\n \\"www.aliyundoc.com\\"\\n ]\\n },\\n \\"SM2CertDetail\\": {\\n \\"Name\\": \\"test-sm2-cert-name\\",\\n \\"Id\\": \\"123-cn-hangzhou\\",\\n \\"StartTime\\": 1657551525000,\\n \\"EndTime\\": 1665590400000,\\n \\"CommonName\\": \\"test.aliyundoc.com\\\\n\\",\\n \\"Sans\\": [\\n \\"www.aliyundoc.com\\\\n\\"\\n ]\\n }\\n}","type":"json"}]', + ], + 'DescribeDomainUsedPorts' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '229948', - 'abilityTreeNodes' => [ - 'FEATUREwafWE25G7', - ], + 'abilityTreeCode' => '217316', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-nwy*****', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], - ], - [ - 'name' => 'AbnormalIds', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The risk IDs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The risk ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '4d4b1a5fe2100b86f629e2db63*****', - ], - 'required' => true, - 'maxItems' => 20, - 'minItems' => 1, - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '阿里云资源组ID。', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-*-A47C-*', 'title' => ''], + 'UsedPorts' => [ + 'description' => 'The list of used ports.', + 'type' => 'array', + 'items' => ['description' => 'The used port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - 'title' => 'DeleteApisecAbnormals', - ], - 'ModifyApisecAbnormals' => [ - 'summary' => 'Modifies the status of multiple risks detected by the API security module at a time.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query all ports used by user domain names', + 'summary' => 'Queries all ports used by domain names of the current user. Only domain names with CNAME access and hybrid cloud CNAME domain names with public network disaster recovery enabled are included.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainUsedPorts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-*-A47C-*\\",\\n \\"UsedPorts\\": [\\n 80\\n ]\\n}","type":"json"}]', + ], + 'DescribeDomains' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '229991', - 'abilityTreeNodes' => [ - 'FEATUREwafWE25G7', - ], + 'abilityTreeCode' => '112189', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to view the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'AbnormalIds', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The risk IDs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The risk ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'a50b820efee0989df3b54b2089*****', - ], - 'required' => true, - 'maxItems' => 20, - 'minItems' => 1, - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'UserStatus', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The risk status. Valid values:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **toBeFixed**'."\n" - .'* **fixed**'."\n" - .'* **ignored**'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'fixed', - ], + 'schema' => ['description' => 'The domain name added to WAF.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'www.aliyundoc.com'], ], [ - 'name' => 'Note', + 'name' => 'Backend', 'in' => 'query', - 'schema' => [ - 'description' => 'The description.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'already fixed.', - ], + 'schema' => ['description' => 'The IP address of the origin server or the back-to-origin domain name. You can specify only one of these options.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => '1.1.XX.XX'], ], [ - 'name' => 'ClusterId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - ."\n" - .'> This parameter is available only in hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud clusters.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The page number. Default value: 1.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page. Default value: 10.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'DomainId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'Tag', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', + 'description' => 'The tags of the resource. A maximum of 20 tags are supported.', + 'type' => 'array', + 'items' => [ + 'description' => 'The tags of the resource.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'TagKey1', 'title' => ''], + 'Value' => ['description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], 'required' => false, - 'example' => 'rg-acfm***q', + 'maxItems' => 21, + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The list of added domain names.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'ABF68BB3-2C48-5FA4-9750-D5FE55700E36', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of domain name configurations returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '146', 'title' => ''], + 'Domains' => [ + 'description' => 'The list of domain names.', + 'type' => 'array', + 'items' => [ + 'description' => 'The CNAME connection details.', + 'type' => 'object', + 'properties' => [ + 'Domain' => ['description' => 'The domain name that is added to WAF.', 'type' => 'string', 'title' => '', 'example' => 'www.aliyundoc.com'], + 'Status' => ['description' => 'The status of the domain name. Valid values:'."\n" + ."\n" + .'- **1**: The domain name is in a normal state.'."\n" + ."\n" + .'- **2**: The domain name is being created.'."\n" + ."\n" + .'- **3**: The domain name is being modified.'."\n" + ."\n" + .'- **4**: The domain name is being released.'."\n" + ."\n" + .'- **5**: Forwarding is disabled for the domain name.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '1'], + 'Cname' => ['title' => '', 'description' => 'The canonical name (CNAME) that is assigned to the domain name by WAF.', 'type' => 'string', 'example' => 'xxxxxcvdaf.****.com'], + 'ListenPorts' => [ + 'description' => 'The listener configuration.', + 'type' => 'object', + 'properties' => [ + 'Http' => [ + 'description' => 'The list of listening ports for the HTTP protocol.', + 'type' => 'array', + 'items' => ['description' => 'The listening port for the HTTP protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'Https' => [ + 'description' => 'The list of listening ports for the HTTPS protocol.', + 'type' => 'array', + 'items' => ['description' => 'The listening port for the HTTPS protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '443', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'Backeds' => [ + 'description' => 'The back-to-origin configuration.', + 'type' => 'object', + 'properties' => [ + 'Http' => [ + 'description' => 'The list of origin addresses for the HTTP protocol.', + 'type' => 'array', + 'items' => [ + 'description' => 'The origin address for the HTTP protocol.', + 'type' => 'object', + 'properties' => [ + 'Backend' => ['description' => 'The origin address for the HTTP protocol.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + 'Https' => [ + 'description' => 'The list of origin addresses for the HTTPS protocol.', + 'type' => 'array', + 'items' => [ + 'description' => 'The origin address for the HTTPS protocol.', + 'type' => 'object', + 'properties' => [ + 'Backend' => ['description' => 'The origin address for the HTTPS protocol.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfmvtc5z52****', 'title' => ''], + 'DomainId' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'], + ['errorCode' => 'Waf.Pullin.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match.'], + ['errorCode' => 'Waf.Pullin.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\"\\n}","type":"json"}]', - 'title' => 'ModifyApisecAbnormals', - ], - 'DescribeApisecAssetTrend' => [ - 'summary' => 'Queries the asset trends in the API security module.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeDomains', + 'summary' => 'Queries the domain names that are added to Web Application Firewall (WAF).', + 'changeSet' => [ + ['createdAt' => '2023-04-18T02:11:02.000Z', 'description' => 'Request parameters changed, Response parameters changed, Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomains'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomains', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + 'additionalActions' => [ + ['action' => 'yundun-waf:DescribeDomains', 'validationType' => 'conditional'], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"ABF68BB3-2C48-5FA4-9750-D5FE55700E36\\",\\n \\"TotalCount\\": 146,\\n \\"Domains\\": [\\n {\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Status\\": 1,\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"ListenPorts\\": {\\n \\"Http\\": [\\n 80\\n ],\\n \\"Https\\": [\\n 443\\n ]\\n },\\n \\"Backeds\\": {\\n \\"Http\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ],\\n \\"Https\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ]\\n },\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmvtc5z52****\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeElasticBills' => [ + 'summary' => 'Queries the daily bills for WAF pay-as-you-go instances for the last 7 days.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -19159,152 +15490,102 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '215756', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '114251', + 'abilityTreeNodes' => ['FEATUREwafW12QEG'], + 'autoTest' => true, ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-ww**b06', - ], - ], - [ - 'name' => 'ClusterId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '590', - ], + 'schema' => ['description' => 'The page number. Pages start from page 1. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Specify a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1668496310', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Specify a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1683183599', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek**7uq', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request.', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], - 'Data' => [ - 'description' => 'The data returned.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6FBF08CB-8691-5B65-BBF8-***', 'title' => ''], + 'Bills' => [ + 'description' => 'The bills for the pay-as-you-go WAF instance.', 'type' => 'array', 'items' => [ - 'description' => 'The data returned.'."\n", + 'description' => 'A bill for the pay-as-you-go WAF instance.', 'type' => 'object', 'properties' => [ - 'AssetOffline' => [ - 'description' => 'The number of deactivated assets.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'AssetCount' => [ - 'description' => 'The total number of assets.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '80', - ], - 'Timestamp' => [ - 'description' => 'The time for statistics. Specify a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683600042', - ], - 'AssetActive' => [ - 'description' => 'The number of active assets.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '60', - ], - ], + 'EndTime' => ['description' => 'The end time of the billing period. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1717084800000', 'title' => ''], + 'StartTime' => ['description' => 'The start time of the billing period. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665484616000', 'title' => ''], + 'TrafficCu' => ['description' => 'The number of security capacity units (SCUs) consumed by traffic processing.', 'type' => 'number', 'format' => 'double', 'example' => '20', 'title' => ''], + 'FunctionCu' => ['description' => 'The number of SCUs consumed by WAF features.', 'type' => 'number', 'format' => 'double', 'example' => '30', 'title' => ''], + 'Cu' => ['description' => 'The total number of SCUs.', 'type' => 'number', 'format' => 'double', 'example' => '50', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'DescribeElasticBills', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeElasticBills', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Data\\": [\\n {\\n \\"AssetOffline\\": 20,\\n \\"AssetCount\\": 80,\\n \\"Timestamp\\": 1683600042,\\n \\"AssetActive\\": 60\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecAssetTrend', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"6FBF08CB-8691-5B65-BBF8-***\\",\\n \\"Bills\\": [\\n {\\n \\"EndTime\\": 1717084800000,\\n \\"StartTime\\": 1665484616000,\\n \\"TrafficCu\\": 20,\\n \\"FunctionCu\\": 30,\\n \\"Cu\\": 50\\n }\\n ]\\n}","type":"json"}]', ], - 'DescribeApisecAbnormalDomainStatistic' => [ - 'summary' => 'Queries the statistics on domain names on which risks are detected by the API security module.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeFlowChart' => [ + 'summary' => 'Queries the traffic statistics.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -19315,204 +15596,132 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '215781', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-45919n***', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], - ], - [ - 'name' => 'StartTime', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Specify a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1682571600', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Specify a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1687313820', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'Interval', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'minimum' => '1', - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The time interval. Unit: seconds. The value must be a multiple of 60.', 'type' => 'string', 'required' => true, 'example' => '300', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **5**.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '50', - 'minimum' => '1', - 'example' => '5', - 'default' => '5', - ], + 'schema' => ['description' => 'The protected object to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'OrderWay', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The sorting order. Valid values:'."\n" - ."\n" - .'- **asc**: ascending order.'."\n" - .'- **desc**: descending order.', - 'type' => 'string', - 'required' => false, - 'example' => 'desc', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request.', - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014***B11AE', - ], - 'Data' => [ - 'description' => 'The response parameters.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BFA71416-670E-585D-AAE6-E7BBEE248FAB', 'title' => ''], + 'FlowChart' => [ + 'description' => 'The traffic statistics.', 'type' => 'array', 'items' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The traffic statistics for a specific time interval.', 'type' => 'object', 'properties' => [ - 'High' => [ - 'description' => 'The number of high-level risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12', - ], - 'ApiCount' => [ - 'description' => 'The number of APIs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'Low' => [ - 'description' => 'The number of low-level risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '4', - ], - 'Medium' => [ - 'description' => 'The number of medium-level risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '9', - ], - 'Domain' => [ - 'description' => 'The domain name.'."\n", - 'type' => 'string', - 'example' => 'ba.aliyun.com', - ], - ], + 'MaxPv' => ['description' => 'The peak number of requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '2932', 'title' => ''], + 'AntibotBlockSum' => ['description' => 'The number of requests that are blocked by bot management rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'CcCustomReportsSum' => ['description' => 'The number of requests that are monitored by custom HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'RatelimitBlockSum' => ['description' => 'The number of requests that are blocked by peak traffic throttling rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'BlacklistBlockSum' => ['description' => 'The number of requests that are blocked by the IP address blacklist.', 'type' => 'string', 'example' => '0', 'title' => ''], + 'CcSystemBlocksSum' => ['description' => 'The number of requests that are blocked by system HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'BlacklistReportsSum' => ['description' => 'The number of requests that are monitored by the IP address blacklist.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'Index' => ['description' => 'The time sequence number, sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RobotCount' => ['description' => 'The total number of requests from bots.', 'type' => 'integer', 'format' => 'int64', 'example' => '1110', 'title' => ''], + 'Count' => ['description' => 'The total number of requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '2932', 'title' => ''], + 'RegionBlockReportsSum' => ['description' => 'The number of requests that are monitored by Location Blacklist rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'AntiScanBlockSum' => ['description' => 'The number of requests that are blocked by scan protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'CcSystemReportsSum' => ['description' => 'The number of requests that are monitored by system HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'AntibotReportSum' => ['description' => 'The number of requests that are monitored by bot management rules.', 'type' => 'string', 'example' => '0', 'title' => ''], + 'InBytes' => ['description' => 'The total volume of inbound traffic. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '121645464', 'title' => ''], + 'WafBlockSum' => ['description' => 'The number of requests that are blocked by basic protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'CcCustomBlockSum' => ['description' => 'The number of requests that are blocked by custom HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'AntiscanReportsSum' => ['description' => 'The number of requests that are monitored by scan protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'AclCustomBlockSum' => ['description' => 'The number of requests that are blocked by custom access control list (ACL) rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'RatelimitReportSum' => ['description' => 'The number of requests that are monitored by peak traffic throttling rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'WafReportSum' => ['description' => 'The number of requests that are monitored by basic protection rules.', 'type' => 'string', 'example' => '0', 'title' => ''], + 'AclCustomReportsSum' => ['description' => 'The number of requests that are monitored by custom ACL rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'OutBytes' => ['description' => 'The total volume of outbound traffic. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '1200540464', 'title' => ''], + 'RegionBlockBlocksSum' => ['description' => 'The number of requests that are blocked by Location Blacklist rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeFlowChart', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:23:05.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-07-27T11:05:47.000Z', 'description' => 'Response parameters changed, Response parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014***B11AE\\",\\n \\"Data\\": [\\n {\\n \\"High\\": 12,\\n \\"ApiCount\\": 10,\\n \\"Low\\": 4,\\n \\"Medium\\": 9,\\n \\"Domain\\": \\"ba.aliyun.com\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecAbnormalDomainStatistic', - ], - 'DescribeApisecEventDomainStatistic' => [ - 'summary' => 'Queries the statistics on domain names on which security events are detected by the API security module.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowChart'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFlowChart', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BFA71416-670E-585D-AAE6-E7BBEE248FAB\\",\\n \\"FlowChart\\": [\\n {\\n \\"MaxPv\\": 2932,\\n \\"AntibotBlockSum\\": 0,\\n \\"CcCustomReportsSum\\": 0,\\n \\"RatelimitBlockSum\\": 0,\\n \\"BlacklistBlockSum\\": \\"0\\",\\n \\"CcSystemBlocksSum\\": 0,\\n \\"BlacklistReportsSum\\": 0,\\n \\"Index\\": 10,\\n \\"RobotCount\\": 1110,\\n \\"Count\\": 2932,\\n \\"RegionBlockReportsSum\\": 0,\\n \\"AntiScanBlockSum\\": 0,\\n \\"CcSystemReportsSum\\": 0,\\n \\"AntibotReportSum\\": \\"0\\",\\n \\"InBytes\\": 121645464,\\n \\"WafBlockSum\\": 0,\\n \\"CcCustomBlockSum\\": 0,\\n \\"AntiscanReportsSum\\": 0,\\n \\"AclCustomBlockSum\\": 0,\\n \\"RatelimitReportSum\\": 0,\\n \\"WafReportSum\\": \\"0\\",\\n \\"AclCustomReportsSum\\": 0,\\n \\"OutBytes\\": 1200540464,\\n \\"RegionBlockBlocksSum\\": 0\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeFlowTopResource' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -19523,204 +15732,101 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '215784', - 'abilityTreeNodes' => [ - 'FEATUREwafDX9EQ6', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], - ], - [ - 'name' => 'StartTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Specify a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1668496310', - ], - ], - [ - 'name' => 'EndTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Specify a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1686895256', - ], - ], - [ - 'name' => 'PageNumber', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'minimum' => '1', - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **5**.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '50', - 'minimum' => '1', - 'example' => '5', - 'default' => '5', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''], ], [ - 'name' => 'OrderWay', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The sorting order. Valid values:'."\n" - ."\n" - .'- **asc**: ascending order.'."\n" - .'- **desc**: descending order.', - 'type' => 'string', - 'required' => false, - 'example' => 'desc', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfmvyknl****fa', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'Id of the request.', - 'type' => 'string', - 'example' => '66A98669-*******-80A6-3014697B11AE', - ], - 'Data' => [ - 'description' => 'The response parameters.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '8F0E0B9A-B518-5C6D-BEFC-A373DDE4F652', 'title' => ''], + 'RuleHitsTopResource' => [ + 'description' => 'The top 10 protected objects that received the most requests.', 'type' => 'array', 'items' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The statistics about requests to the protected object.', 'type' => 'object', 'properties' => [ - 'High' => [ - 'description' => 'The number of high-risk security events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'ApiCount' => [ - 'description' => 'The number of APIs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'Low' => [ - 'description' => 'The number of low-risk security events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - ], - 'Medium' => [ - 'description' => 'The number of medium-risk security events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '6', - ], - 'Domain' => [ - 'description' => 'The domain name.'."\n", - 'type' => 'string', - 'example' => 'a.aliyun.com', - ], + 'Resource' => ['description' => 'The protected object.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'Count' => ['description' => 'The total number of requests for the protected object during the specified time period.', 'type' => 'integer', 'format' => 'int64', 'example' => '181174784', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeFlowTopResource', + 'summary' => 'Queries the top 10 protected objects by request count.', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:23:04.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"66A98669-*******-80A6-3014697B11AE\\",\\n \\"Data\\": [\\n {\\n \\"High\\": 10,\\n \\"ApiCount\\": 10,\\n \\"Low\\": 2,\\n \\"Medium\\": 6,\\n \\"Domain\\": \\"a.aliyun.com\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecEventDomainStatistic', - ], - 'DescribeApisecSensitiveDomainStatistic' => [ - 'summary' => 'Queries the statistics on domain names on which sensitive data is detected by the API security module.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopResource'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFlowTopResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8F0E0B9A-B518-5C6D-BEFC-A373DDE4F652\\",\\n \\"RuleHitsTopResource\\": [\\n {\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 181174784\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeFlowTopUrl' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -19731,804 +15837,481 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '215787', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], - ], - [ - 'name' => 'StartTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Specify a UNIX timestamp in UTC. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1668496310', - ], - ], - [ - 'name' => 'EndTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Specify a UNIX timestamp in UTC. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1686895256', - ], - ], - [ - 'name' => 'PageNumber', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'minimum' => '1', - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **5**.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '50', - 'minimum' => '1', - 'example' => '5', - 'default' => '5', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''], ], [ - 'name' => 'Type', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The sensitive data type. Valid values:'."\n" - ."\n" - .'- **request**: sensitive data in requests.'."\n" - .'- **response**: sensitive data in responses.', - 'type' => 'string', - 'required' => false, - 'example' => 'request', - ], + 'schema' => ['description' => 'The protected object, such as a domain name or IP address added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'OrderWay', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The sorting order. Valid values:'."\n" - ."\n" - .'- **asc**: ascending order.'."\n" - .'- **desc**: descending order.', - 'type' => 'string', - 'required' => false, - 'example' => 'desc', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '27', - ], - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.', - 'type' => 'string', - 'example' => '56B40D30-4960-4F19-B7D5-2B1F***6CB70', - ], - 'Data' => [ - 'description' => 'The response parameters.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '520D4E4C-B8EC-5602-ACB6-4D378ACBA28D', 'title' => ''], + 'RuleHitsTopUrl' => [ + 'description' => 'The top 10 URLs that are most frequently accessed.', 'type' => 'array', 'items' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The statistics of requests for a URL.', 'type' => 'object', 'properties' => [ - 'SensitiveLevel' => [ - 'description' => 'The sensitivity level of the sensitive data.Valid values:'."\n" - ."\n" - .'* **S1**: low sensitivity.'."\n" - .'* **S2**: moderate sensitivity.'."\n" - .'* **S3**: high sensitivity.', - 'type' => 'string', - 'example' => 'L3', - ], - 'ApiCount' => [ - 'description' => 'The number of APIs that are involved.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'SensitiveCode' => [ - 'description' => 'The code of the sensitive data.'."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.', - 'type' => 'string', - 'example' => '10', - ], - 'SensitiveName' => [ - 'description' => 'The name of the sensitive data.'."\n", - 'type' => 'string', - 'example' => '1002', - ], - 'DomainCount' => [ - 'description' => 'The number of sites that are involved.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], + 'Count' => ['description' => 'The total number of requests for the URL.', 'type' => 'integer', 'format' => 'int64', 'example' => '181174784', 'title' => ''], + 'Url' => ['description' => 'The requested URL.', 'type' => 'string', 'example' => 'www.aliyundoc.com/path1', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeFlowTopUrl', + 'summary' => 'Queries the top 10 most requested URLs.', + 'changeSet' => [ + ['createdAt' => '2024-08-27T06:51:23.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 27,\\n \\"RequestId\\": \\"56B40D30-4960-4F19-B7D5-2B1F***6CB70\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveLevel\\": \\"S3\\",\\n \\"ApiCount\\": 10,\\n \\"SensitiveCode\\": \\"10\\",\\n \\"SensitiveName\\": \\"自定义敏感类型。\\",\\n \\"DomainCount\\": 10\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecSensitiveDomainStatistic', - ], - 'ModifyApisecEvents' => [ - 'summary' => 'Modifies the status of multiple security events detected by the API security module at a time.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopUrl'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFlowTopUrl', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"520D4E4C-B8EC-5602-ACB6-4D378ACBA28D\\",\\n \\"RuleHitsTopUrl\\": [\\n {\\n \\"Count\\": 181174784,\\n \\"Url\\": \\"www.aliyundoc.com/path1\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeFreeUserAssetCount' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '230005', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '156224', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_***', - 'title' => 'WAF实例的ID。'."\n" - ."\n" - .'> 您可以调用[DescribeInstance](~~433756~~)获取当前WAF实例的ID。', - ], - ], - [ - 'name' => 'EventIds', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The IDs of the security events.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The ID of the security event.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '7298c9f5b137c83****', - 'title' => 'API安全事件id列表。', - ], - 'required' => true, - 'maxItems' => 20, - 'minItems' => 1, - 'title' => 'API安全事件id列表。', - ], - ], - [ - 'name' => 'UserStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the event. Valid values:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **ignored**'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'confirmed', - 'title' => '事件状态。取值:'."\n" - ."\n" - .'- **toBeConfirmed**:表示待确认。'."\n" - .'- **confirmed**:表示已确认。'."\n" - .'- **actioned**:表示已处置。'."\n" - .'- **ignored**:表示忽略。', - ], - ], - [ - 'name' => 'Note', - 'in' => 'query', - 'schema' => [ - 'description' => 'The description.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'already confirmed.', - 'title' => '备注。', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-cs0*****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '阿里云资源组ID。', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - 'title' => '阿里云资源组ID。', - ], - ], - [ - 'name' => 'EventScope', - 'in' => 'query', - 'schema' => [ - 'title' => ' 安全事件的维度。取值:'."\n" - .'- **ip**(默认):表示IP安全事件。'."\n" - .'- **account**:表示账号安全事件。', - 'type' => 'string', - 'example' => 'ip', - 'default' => 'ip', - 'enum' => [ - 'ip', - 'account', - ], - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-****-6B19160D5EB0', - 'title' => '请求ID。', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '30488BF0-FD58-52DD-B396-D014549F43A3', 'title' => ''], + 'Asset' => [ + 'description' => 'The statistics information about assets detected by the basic API security feature.', + 'type' => 'object', + 'properties' => [ + 'AssetCount' => ['description' => 'The total number of API assets.', 'type' => 'integer', 'format' => 'int64', 'example' => '15', 'title' => ''], + 'AssetActive' => ['description' => 'The number of active APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '34', 'title' => ''], + 'AssetOffline' => ['description' => 'The number of inactive APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '13', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeFreeUserAssetCount', + 'summary' => 'Queries statistics information about assets detected by the basic API security feature.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-****-6B19160D5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyApisecEvents', - ], - 'DeleteApisecEvents' => [ - 'summary' => 'Deletes multiple security events detected by the API security module at a time.', - 'methods' => [ - 'post', - 'get', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserAssetCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"30488BF0-FD58-52DD-B396-D014549F43A3\\",\\n \\"Asset\\": {\\n \\"AssetCount\\": 15,\\n \\"AssetActive\\": 34,\\n \\"AssetOffline\\": 13\\n }\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeFreeUserEventCount' => [ + 'summary' => 'Queries the security event statistics of API security basic detection.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '230004', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '156223', + 'abilityTreeNodes' => ['FEATUREwafDX9EQ6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-g4t*****', - 'title' => 'WAF实例的ID。'."\n" - .'> 您可以调用[DescribeInstance](~~433756~~),查看当前WAF实例的ID。', - ], - ], - [ - 'name' => 'EventIds', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The IDs of the security events.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The ID of the security event.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'eb370fb29781f75c07cabd5b2*****', - 'title' => 'API安全事件id列表。', - ], - 'required' => true, - 'maxItems' => 20, - 'minItems' => 1, - 'title' => 'API安全事件id列表。', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepay_public_intl-sg-vf***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '阿里云资源组ID。', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - 'title' => '阿里云资源组ID。', - ], - ], - [ - 'name' => 'EventScope', - 'in' => 'query', - 'schema' => [ - 'title' => '安全事件维度。取值:'."\n" - ."\n" - .'- **ip**:表示IP维度安全事件。'."\n" - ."\n" - .'- **account**:表示账号维度安全事件。', - 'type' => 'string', - 'example' => 'ip', - 'default' => 'ip', - 'enum' => [ - 'ip', - 'account', - ], - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - 'title' => '请求ID。', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0D9FB3BC-0DE9-58A8-9663-ACE56F24F405', 'title' => ''], + 'Event' => [ + 'description' => 'The security event information of basic detection.', + 'type' => 'object', + 'properties' => [ + 'EventTotal' => ['description' => 'The total number of API security events.', 'type' => 'integer', 'format' => 'int64', 'example' => '16', 'title' => ''], + 'EventLow' => ['description' => 'The number of low-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''], + 'EventHigh' => ['description' => 'The number of high-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'EventMedium' => ['description' => 'The number of medium-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - 'title' => 'DeleteApisecEvents', - ], - 'ModifyApisecLogDeliveryStatus' => [ - 'summary' => 'Modifies the status of API security log subscription.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query security event statistics of API security basic detection', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserEventCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0D9FB3BC-0DE9-58A8-9663-ACE56F24F405\\",\\n \\"Event\\": {\\n \\"EventTotal\\": 16,\\n \\"EventLow\\": 12,\\n \\"EventHigh\\": 1,\\n \\"EventMedium\\": 3\\n }\\n}","type":"json"}]', + ], + 'DescribeFreeUserEventTypes' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '225244', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '188825', + 'abilityTreeNodes' => ['FEATUREwafDX9EQ6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3_public_cn-uqm2z****0a', - ], - ], - [ - 'name' => 'AssertKey', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the log subscription. Valid values:'."\n" - ."\n" - .'* **risk**: risk information.'."\n" - .'* **event**: attack event information.'."\n" - .'* **asset**: asset information.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'risk', - ], - ], - [ - 'name' => 'Status', - 'in' => 'query', - 'schema' => [ - 'description' => 'The status of API security log subscription. Valid values:'."\n" - ."\n" - .'* **true**: enabled.'."\n" - .'* **false**: disabled.'."\n", - 'type' => 'boolean', - 'required' => true, - 'example' => 'true', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-bl0****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'B9D6AD11-DD3D-5A27-B1D9-8A37F7777196', 'title' => ''], + 'Data' => [ + 'description' => 'The list of security event types detected by the basic detection feature.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the security event type detected by the basic detection feature.', + 'type' => 'object', + 'properties' => [ + 'EventNum' => ['description' => 'The number of security events.', 'type' => 'string', 'example' => '4', 'title' => ''], + 'EventType' => ['description' => 'The security event type.', 'type' => 'string', 'example' => 'SMSInterfaceAbuse', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeFreeUserEventTypes', + 'summary' => 'Queries the types of security events for basic API security detection.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","type":"json"}]', - 'title' => 'ModifyApisecLogDeliveryStatus', - ], - 'CreateApiExport' => [ - 'summary' => 'Creates a data export task in the API security module.', - 'methods' => [ - 'get', - 'post', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserEventTypes', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B9D6AD11-DD3D-5A27-B1D9-8A37F7777196\\",\\n \\"Data\\": [\\n {\\n \\"EventNum\\": \\"4\\",\\n \\"EventType\\": \\"SMSInterfaceAbuse\\"\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeFreeUserEvents' => [ + 'summary' => 'Queries the list of security events detected by API security basic detection.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156330', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '156225', + 'abilityTreeNodes' => ['FEATUREwafDX9EQ6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zxu3***', - ], - ], - [ - 'name' => 'Region', - 'in' => 'query', - 'schema' => [ - 'description' => 'Language type. Valid values:'."\n" - .'- **cn**: Chinese.'."\n" - .'- **en**: English.', - 'type' => 'string', - 'required' => false, - 'example' => 'cn', - 'default' => 'cn', - ], - ], - [ - 'name' => 'ZoneId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the time zone.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Asia/Shanghai', - ], - ], - [ - 'name' => 'Type', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the data export task. Valid values:'."\n" - ."\n" - .'* **apisec_api**: API tasks'."\n" - .'* **apisec_abnormal**: API risk tasks'."\n" - .'* **apisec_event**: API security event tasks'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'apisec_api', - 'default' => 'apisec_api', - ], - ], - [ - 'name' => 'Param', - 'in' => 'query', - 'schema' => [ - 'description' => 'The extended parameters of the data export task. The parameter value is in the JSON format. The following keys are supported:'."\n" - ."\n" - .'* **instanceId**: the instance ID'."\n" - .'* **clusterId**: the ID of the hybrid cloud cluster'."\n" - .'* **orderKey**: the name of the field used to sort exported data'."\n" - .'* **orderWay**: the sorting method of the exported data'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '{'."\n" - .' "orderWay": "asc",'."\n" - .' "orderKey": "endTs",'."\n" - .' "instanceId": "waf_v3prepaid_public_cn-****"'."\n" - .'}', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '993', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-27a3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '62382992-F9AA-52B2-9147-66B3B9E51D74', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8A2DF88D-90C2-56E9-B8D5-36BB9646791C', 'title' => ''], + 'Event' => [ + 'description' => 'The list of security events detected by basic detection.', + 'type' => 'array', + 'items' => [ + 'description' => 'The security event information detected by basic detection.', + 'type' => 'object', + 'properties' => [ + 'EventTag' => ['description' => 'The event type.'."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to obtain the supported event types.', 'type' => 'string', 'example' => 'Event_DataTraverse', 'title' => ''], + 'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/login', 'title' => ''], + 'Domain' => ['description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'www.***.cn', 'title' => ''], + 'AttackIP' => ['description' => 'The attack IP address.', 'type' => 'string', 'example' => '104.234.140.**', 'title' => ''], + 'AttackTime' => ['description' => 'The attack time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683703260', 'title' => ''], + 'EventLevel' => ['description' => 'The event level. Valid values:'."\n" + .'- **high**: high risk.'."\n" + .'- **medium**: medium risk.'."\n" + .'- **low**: low risk.', 'type' => 'string', 'example' => 'high', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"62382992-F9AA-52B2-9147-66B3B9E51D74\\"\\n}","type":"json"}]', - 'title' => 'CreateApiExport', - ], - 'DescribeApiExports' => [ - 'summary' => 'Queries the list of data export tasks in the API security module.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query API security basic detection events', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8A2DF88D-90C2-56E9-B8D5-36BB9646791C\\",\\n \\"Event\\": [\\n {\\n \\"EventTag\\": \\"Event_DataTraverse\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"Domain\\": \\"www.***.cn\\",\\n \\"AttackIP\\": \\"104.234.140.**\\",\\n \\"AttackTime\\": 1683703260,\\n \\"EventLevel\\": \\"high\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeHybridCloudBasicMonitor' => [ + 'summary' => 'Queries the system status of a node in a hybrid cloud cluster.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -20539,626 +16322,388 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156331', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ - 'name' => 'Lang', - 'in' => 'query', - 'schema' => [ - 'description' => 'Language type. Valid values:'."\n" - ."\n" - .'- **cn**: Chinese.'."\n" - .'- **en**: English.', - 'type' => 'string', - 'required' => false, - 'example' => 'zh', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - ], - [ - 'name' => 'PageNumber', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz****hw0u', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'Mid', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries to return on each page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '200', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - ], - ], - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-p****', - ], + 'schema' => ['description' => 'The node ID.', 'type' => 'string', 'required' => true, 'example' => 'f451e90fcb068905ab379468****db42', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the Web Application Firewall (WAF) instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.', - 'type' => 'string', - 'example' => 'D9532525-E885-54E7-A178-D5554D563AFB', - ], - 'ApiExports' => [ - 'description' => 'The returned data export tasks.', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0B8AF42B-16A9-5762-AEF3-D148****FE5D', 'title' => ''], + 'BasicMonitors' => [ + 'description' => 'The list of basic monitoring metrics.', 'type' => 'array', 'items' => [ - 'description' => 'The returned data export task.', + 'description' => 'The basic monitoring metric.', 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => 'The status of the data export task. Valid values:'."\n" - ."\n" - .'* **expired**: The file is expired.'."\n" - ."\n" - .'* **exporting**: Data is being exported.'."\n" - ."\n" - .'* **completed**: Data is exported.', - 'type' => 'string', - 'example' => 'completed', - ], - 'FileUrl' => [ - 'description' => 'The download URL of the exported file.', - 'type' => 'string', - 'example' => 'https://waf-api-sec-cn.***.aliyuncs.com/file_1610954145***.csv', - ], - 'Type' => [ - 'description' => 'The type of the data export task. Valid values:'."\n" - ."\n" - .'* **apisec_api**: API tasks'."\n" - ."\n" - .'* **apisec_abnormal**: API risk tasks'."\n" - ."\n" - .'* **apisec_event**: API security event tasks', - 'type' => 'string', - 'example' => 'apisec_api', - ], - 'Format' => [ - 'description' => 'The format of the exported file.', - 'type' => 'string', - 'example' => 'CSV', - ], - 'FileName' => [ - 'description' => 'The name of the file.', - 'type' => 'string', - 'example' => 'file_16109541456445334c0f01d9a7444e0e908***.csv', - ], - 'CreateTime' => [ - 'description' => 'The time when the data export task was created. The value is a UNIX timestamp displayed in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1725604852', - ], + 'MonitorName' => ['description' => 'The metric. Valid values:'."\n" + ."\n" + .'- **basic\\_monitor\\_cpu\\_usage**: CPU.'."\n" + ."\n" + .'- **basic\\_monitor\\_memory\\_usage**: memory.'."\n" + ."\n" + .'- **basic\\_monitor\\_disk\\_usage**: disk.', 'type' => 'string', 'example' => 'basic_monitor_cpu_usage', 'title' => ''], + 'UseRatio' => ['description' => 'The usage percentage.', 'type' => 'integer', 'format' => 'int64', 'example' => '5.905694', 'title' => ''], + 'Levle' => ['description' => 'The status. Valid values:'."\n" + ."\n" + .'- **normal**: Normal.'."\n" + ."\n" + .'- \\*\\*\\*\\*: Abnormal.', 'type' => 'string', 'example' => 'normal', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], - 'Total' => [ - 'description' => 'The status of the data export task. Valid values:'."\n" - ."\n" - .'* **expired**: The file is expired.'."\n" - .'* **exporting**: Data is being exported.'."\n" - .'* **completed**: Data is exported.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '7', - ], + 'TotalCount' => ['description' => '> This parameter is deprecated. No meaningful data is returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '3', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D9532525-E885-54E7-A178-D5554D563AFB\\",\\n \\"ApiExports\\": [\\n {\\n \\"Status\\": \\"completed\\",\\n \\"FileUrl\\": \\"https://waf-api-sec-cn.***.aliyuncs.com/file_1610954145***.csv\\",\\n \\"Type\\": \\"apisec_api\\",\\n \\"Format\\": \\"CSV\\",\\n \\"FileName\\": \\"file_16109541456445334c0f01d9a7444e0e908***.csv\\",\\n \\"CreateTime\\": 1725604852\\n }\\n ],\\n \\"Total\\": 7\\n}","type":"json"}]', - 'title' => 'DescribeApiExports', - ], - 'DescribeApisecAbnormals' => [ - 'summary' => 'Queries the list of API security risks.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0B8AF42B-16A9-5762-AEF3-D148****FE5D\\",\\n \\"BasicMonitors\\": [\\n {\\n \\"MonitorName\\": \\"basic_monitor_cpu_usage\\",\\n \\"UseRatio\\": 5.905694,\\n \\"Levle\\": \\"normal\\"\\n }\\n ],\\n \\"TotalCount\\": 3\\n}","type":"json"}]', + 'title' => 'DescribeHybridCloudBasicMonitor', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudBasicMonitor', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeHybridCloudClusterRule' => [ + 'methods' => ['get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'read', + 'deprecated' => false, 'systemTags' => [ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '168999', - 'abilityTreeNodes' => [ - 'FEATUREwafWE25G7', - ], + 'abilityTreeNodes' => ['FEATUREwafSBJ1DO'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-z***9g301', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-uqm33n***02', 'title' => ''], ], [ - 'name' => 'ApiId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the risk-related API.', - 'type' => 'string', - 'required' => false, - 'example' => 'bd9efb8ad******d9ca6', - ], + 'schema' => ['description' => '\\[Deprecated] The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'ApiFormat', + 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'description' => 'The risk-related API.', - 'type' => 'string', - 'required' => false, - 'example' => '/api/users/login', - ], + 'schema' => ['description' => '\\[Deprecated] The type of the rule. Valid value:'."\n" + ."\n" + .'- **pullin**: Traffic routing.', 'type' => 'string', 'required' => false, 'example' => 'pullin', 'title' => ''], ], [ - 'name' => 'MatchedHost', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name or IP address of the API.', - 'type' => 'string', - 'required' => false, - 'example' => 'a.aliyun.com', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.', - 'type' => 'string', - 'required' => false, - 'example' => '1684252800', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'EndTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.', - 'type' => 'string', - 'required' => false, - 'example' => '1684382100', - ], - ], - [ - 'name' => 'OrderKey', + 'name' => 'ClusterRuleResourceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the sorting field. Valid values:'."\n" - ."\n" - .'* **discoverTime** (default): indicates the time when a risk was first detected.'."\n" - .'* **abnormalLevel**: indicates the level of a risk.'."\n" - .'* **latestDiscoverTime**: indicates the time when a risk was last detected.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'allCnt', - ], + 'schema' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'required' => false, 'example' => 'hdbc-clusterrule-*******m0w', 'title' => ''], ], - [ - 'name' => 'OrderWay', - 'in' => 'query', + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The sorting method. Valid values:'."\n" - ."\n" - .'* **desc (default)**: in descending order'."\n" - .'* **asc**: in ascending order', - 'type' => 'string', - 'required' => false, - 'example' => 'desc', + 'title' => '', + 'description' => 'The returned result.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '1F29A6D2-9EB6-526D-A997-36888**99CB'], + 'ClusterRule' => [ + 'description' => 'The information about the rule.', + 'type' => 'object', + 'properties' => [ + 'RuleType' => ['description' => 'The type of the rule.'."\n" + ."\n" + .'- pullin: The traffic routing rule.', 'type' => 'string', 'example' => 'pullin', 'title' => ''], + 'RuleConfig' => ['description' => 'The configuration of the traffic routing rule.'."\n" + ."\n" + .'- **check\\_mode**: Defines the traffic scope for the routing rule. Valid values:'."\n" + ."\n" + .' - **all**: Routes all traffic.'."\n" + ."\n" + .' - **part**: Routes a portion of the traffic.'."\n" + ."\n" + .'- **type**: The rule\'s match type. Valid values:'."\n" + ."\n" + .' - **exact**: Exact match.'."\n" + ."\n" + .' - **regex**: Regular expression match.'."\n" + ."\n" + .'- **substance**: The value of the rule.', 'type' => 'string', 'example' => '{\\"check_mode\\":\\"all\\",\\"exclude\\":{\\"exact\\":[],\\"regex\\":[]}}', 'title' => ''], + 'RuleStatus' => ['description' => 'The status of the rule. Valid values:'."\n" + ."\n" + .'- **on**: Enabled.'."\n" + ."\n" + .'- **off**: Disabled.', 'type' => 'string', 'example' => 'on', 'title' => ''], + 'ClusterRuleResourceId' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'example' => 'hdbc-clusterrule-2m*****m0w', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + ], + 'example' => '', ], ], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'DescribeHybridCloudClusterRule', + 'summary' => 'Retrieves a hybrid cloud cluster rule.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'AbnormalLevel', - 'in' => 'query', - 'schema' => [ - 'description' => 'The level of the risk. Valid values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**', - 'type' => 'string', - 'required' => false, - 'example' => 'medium', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1F29A6D2-9EB6-526D-A997-36888**99CB\\",\\n \\"ClusterRule\\": {\\n \\"RuleType\\": \\"pullin\\",\\n \\"RuleConfig\\": \\"{\\\\\\\\\\\\\\"check_mode\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"all\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"exclude\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\"exact\\\\\\\\\\\\\\":[],\\\\\\\\\\\\\\"regex\\\\\\\\\\\\\\":[]}}\\",\\n \\"RuleStatus\\": \\"on\\",\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-2m*****m0w\\"\\n }\\n}","type":"json"}]', + ], + 'DescribeHybridCloudClusterRules' => [ + 'summary' => 'Cluster rules', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], + 'security' => [ [ - 'name' => 'AbnormalTag', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the risk.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of risks.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'LackOfSpeedLimit', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], + ], + 'parameters' => [ [ - 'name' => 'AbnormalId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the risk.', - 'type' => 'string', - 'required' => false, - 'example' => '29c6401****99a2bad3943e26d8', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-****', 'title' => ''], ], [ - 'name' => 'UserStatus', + 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the risk. Valid values:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **toBeFixed**'."\n" - .'* **fixed**'."\n" - .'* **ignored**', - 'type' => 'string', - 'required' => false, - 'example' => 'Confirmed', - ], + 'allowEmptyValue' => true, + 'schema' => ['description' => 'The type of the rule. Valid value:'."\n" + ."\n" + .'- **pullin**: traffic redirection', 'type' => 'string', 'required' => true, 'example' => 'pullin', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '2', - 'default' => '1', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter is available only for hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about hybrid cloud clusters.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '428', 'title' => ''], ], [ 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '200', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => '', 'required' => false], ], [ - 'name' => 'Origin', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The source of the risk type. Valid values:'."\n" - ."\n" - .'* **custom**'."\n" - .'* **default**', - 'type' => 'string', - 'required' => false, - 'example' => 'custom', - ], + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => '', 'required' => false], ], [ - 'name' => 'ApiTag', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The business purpose of the API.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the business purposes of APIs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'RegisterAPI', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ - 'name' => 'ClusterId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - ."\n" - .'> This parameter is available only in hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud clusters.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '546', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'RuleContent', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-qingdao', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The prefix of the rule value to match.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => '1.1.1.1'], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RuleMatchType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The matching logic. Valid values:'."\n" + ."\n" + .'- exact: exact match'."\n" + ."\n" + .'- regex: regular expression match', 'type' => 'string', 'required' => false, 'example' => 'exact', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", + 'description' => 'The response data.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '35', - ], - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.', - 'type' => 'string', - 'example' => '9469646C-F2CC-5F0F-8401-C53***4F46', - ], + 'TotalCount' => ['description' => 'The total number of cloud native mode entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], 'Data' => [ - 'description' => 'The risks.'."\n", + 'title' => '', + 'description' => 'The response data.', 'type' => 'array', 'items' => [ - 'description' => 'The risk.'."\n", + 'title' => '', + 'description' => 'The compliance detection result.', 'type' => 'object', 'properties' => [ - 'AbnormalId' => [ - 'description' => 'The ID of the risk.'."\n", - 'type' => 'string', - 'example' => '7c1431f27ae7e9c8cc64095***68e', - ], - 'Origin' => [ - 'description' => 'The source of the risk type. Valid values:'."\n" - ."\n" - .'* **custom**'."\n" - .'* **default**', - 'type' => 'string', - 'example' => 'custom', - ], - 'LastestTime' => [ - 'description' => 'The time at which the API was last accessed. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1684252800', - ], - 'FirstTime' => [ - 'description' => 'The time at which the API was first detected. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1701138088', - ], - 'AbnromalStatus' => [ - 'description' => 'The status of the risk.', - 'type' => 'string', - 'example' => 'unresolved', - ], - 'ApiFormat' => [ - 'description' => 'The risk-related API.', - 'type' => 'string', - 'example' => '/api/login', - ], - 'ApiTag' => [ - 'description' => 'The business purpose of the API.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the business purposes of APIs.'."\n", - 'type' => 'string', - 'example' => 'SendMail', - ], - 'DiscoverTime' => [ - 'description' => 'The time at which the risk was first detected. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1684252800', - ], - 'UserStatus' => [ - 'description' => 'The status of the risk. Valid values:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **toBeFixed**'."\n" - .'* **fixed**'."\n" - .'* **ignored**', - 'type' => 'string', - 'example' => 'Confirmed', - ], - 'IgnoreTime' => [ - 'description' => 'The time at which the risk was marked as ignored. The value is a UNIX timestamp displayed in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1684252800', - ], - 'Follow' => [ - 'description' => 'Indicates whether the API is followed. Valid values:'."\n" - ."\n" - .'* **1**: yes'."\n" - .'* **0**(default): no', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'MatchedHost' => [ - 'description' => 'The domain name or IP address of the API.', - 'type' => 'string', - 'example' => 'a.aliyun.com', - ], - 'Note' => [ - 'description' => 'The remarks.', - 'type' => 'string', - 'example' => 'Business side notified', - ], - 'AbnormalEventNumber' => [ - 'description' => 'The number of risk-related security events.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - ], - 'AbnormalTag' => [ - 'description' => 'The type of the risk.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of risks.'."\n", - 'type' => 'string', - 'example' => 'LackOfSpeedLimit', - ], - 'AbnormalInfo' => [ - 'description' => 'The details of the risk. The value is a string that consists of multiple parameters in the JSON format. Valid values:'."\n" - ."\n" - .'* **rule**: risk-related rule'."\n" - .'* **data_type**: sensitive data type'."\n" - .'* **custom_rule_name**: custom rule name'."\n" - .'* **rule_name**: built-in rule name', - 'type' => 'string', - 'example' => '{ "data_type": ["1005","1004"], "rule": { "parent": "RiskType_Permission", "code": "Risk_UnauthSensitive", "level": "high", "origin": "default", "name": "Risk_UnauthSensitive" } }', - ], - 'ApiId' => [ - 'description' => 'The ID of the risk-related API.', - 'type' => 'string', - 'example' => '09559c0d71ca2ffc996b81***836d8', - ], - 'AbnormalLevel' => [ - 'description' => 'The level of the risk. Valid values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**', - 'type' => 'string', - 'example' => 'high', - ], - 'LatestDiscoverTime' => [ - 'description' => 'The time at which the risk was last detected. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1684252800', - ], - 'Examples' => [ - 'description' => 'The risk-related samples.', - 'type' => 'array', - 'items' => [ - 'description' => 'The risk-related sample. The value is a string that consists of multiple parameters in the JSON format. Valid values:'."\n" - ."\n" - .'* **param_num**: number of API parameters'."\n" - .'* **request_method**: request method'."\n" - .'* **protocol**: request protocol'."\n" - .'* **api_url**: request URL'."\n" - .'* **poc_payload**: request'."\n" - .'* **request**: sample request'."\n" - .'* **response**: sample response'."\n" - .'* **param**: the request parameters', - 'type' => 'string', - 'example' => '{ "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"}, "protocol": "https", "api_url": "https://test.cn:443/index.php", "param": [], "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 }, "request_method": "GET", "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'", "param_num": 0 }', - ], - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], + 'ClusterId' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'example' => '1099', 'title' => ''], + 'ClusterRuleResourceId' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'example' => 'hdbc-clusterrule-*****khzre0ym0w', 'title' => ''], + 'RuleConfig' => ['description' => 'The configuration of the traffic redirection rule:'."\n" + ."\n" + .'- **check\\_mode**'."\n" + ."\n" + .' : the mode. Valid values:'."\n" + ."\n" + .' - **all**: redirects all traffic.'."\n" + ."\n" + .' - **part**: redirects a portion of traffic.'."\n" + ."\n" + .'- **type**'."\n" + ."\n" + .' : the match type of the rule. Valid values:'."\n" + ."\n" + .' - **exact**: exact match.'."\n" + ."\n" + .' - **regex**: regular expression match.'."\n" + ."\n" + .'- **substance**: the value of the rule.', 'type' => 'string', 'example' => '{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}', 'title' => ''], + 'RuleType' => ['description' => 'The type of the rule. Valid value:'."\n" + ."\n" + .'- **pullin**: traffic redirection', 'type' => 'string', 'example' => 'pullin', 'title' => ''], + 'Status' => ['description' => 'The status of the rule. Valid values:'."\n" + ."\n" + .'- **1**: enabled.'."\n" + ."\n" + .'- **0**: disabled.', 'type' => 'string', 'example' => '1', 'title' => ''], + 'Version' => ['description' => 'The version number.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], ], + 'example' => '', ], + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'DescribeHybridCloudClusterRules', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"9469646C-F2CC-5F0F-8401-C53***4F46\\",\\n \\"Data\\": [\\n {\\n \\"AbnormalId\\": \\"7c1431f27ae7e9c8cc64095***68e\\",\\n \\"Origin\\": \\"custom\\",\\n \\"LastestTime\\": 1684252800,\\n \\"FirstTime\\": 1701138088,\\n \\"AbnromalStatus\\": \\"unresolved\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"DiscoverTime\\": 1684252800,\\n \\"UserStatus\\": \\"Confirmed\\",\\n \\"IgnoreTime\\": 1684252800,\\n \\"Follow\\": 0,\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"Note\\": \\"已通知业务\\",\\n \\"AbnormalEventNumber\\": 2,\\n \\"AbnormalTag\\": \\"LackOfSpeedLimit\\",\\n \\"AbnormalInfo\\": \\"{\\\\n \\\\\\"data_type\\\\\\": [\\\\\\"1005\\\\\\",\\\\\\"1004\\\\\\"],\\\\n \\\\\\"rule\\\\\\": {\\\\n \\\\\\"parent\\\\\\": \\\\\\"RiskType_Permission\\\\\\",\\\\n \\\\\\"code\\\\\\": \\\\\\"Risk_UnauthSensitive\\\\\\",\\\\n \\\\\\"level\\\\\\": \\\\\\"high\\\\\\",\\\\n \\\\\\"origin\\\\\\": \\\\\\"default\\\\\\",\\\\n \\\\\\"name\\\\\\": \\\\\\"Risk_UnauthSensitive\\\\\\"\\\\n }\\\\n}\\",\\n \\"ApiId\\": \\"09559c0d71ca2ffc996b81***836d8\\",\\n \\"AbnormalLevel\\": \\"high\\",\\n \\"LatestDiscoverTime\\": 1684252800,\\n \\"Examples\\": [\\n \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecAbnormals', - ], - 'DescribeApisecApiResources' => [ - 'summary' => 'Queries API assets in the API security module.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusterRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"ClusterId\\": 1099,\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-*****khzre0ym0w\\",\\n \\"RuleConfig\\": \\"{\\\\\\\\\\\\\\"check_mode\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"all\\\\\\\\\\\\\\", \\\\\\\\\\\\\\"type\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"exact\\\\\\\\\\\\\\", \\\\\\\\\\\\\\"substance\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"122\\\\\\\\\\\\\\"}\\",\\n \\"RuleType\\": \\"pullin\\",\\n \\"Status\\": \\"1\\",\\n \\"Version\\": 1\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeHybridCloudClusterServers' => [ + 'summary' => 'Queries the servers in a hybrid cloud Web Application Firewall (WAF) cluster.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -21169,697 +16714,488 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '168967', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-u***gr20j', - 'title' => 'WAF实例的ID。'."\n" - ."\n" - .'> 您可以调用[DescribeInstance](~~433756~~)获取当前WAF实例的ID。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-******nd07', 'title' => ''], ], [ - 'name' => 'ApiId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the API.', - 'type' => 'string', - 'required' => false, - 'example' => '867ade***24ee6e205b8da82b8f84', - 'title' => 'API的ID。', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ - 'name' => 'ApiFormat', + 'name' => 'Ip', 'in' => 'query', - 'schema' => [ - 'description' => 'The API.', - 'type' => 'string', - 'required' => false, - 'example' => '/auth/login', - 'title' => 'API接口。', - ], + 'allowEmptyValue' => true, + 'schema' => ['description' => 'The IP address of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => '1.X.X.1', 'title' => ''], ], [ - 'name' => 'MatchedHost', + 'name' => 'HostName', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name or IP address of the API.', - 'type' => 'string', - 'required' => false, - 'example' => 'a.aliyun.com', - 'title' => 'API接口所属的域名或IP。', - ], + 'schema' => ['description' => 'The hostname of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'online-***wwq', 'title' => ''], ], [ - 'name' => 'SensitiveType', + 'name' => 'GroupType', 'in' => 'query', - 'schema' => [ - 'description' => 'The sensitive data type in the response.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1004', - 'title' => '响应敏感数据类型。'."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的敏感数据类型。', - ], + 'schema' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n" + ."\n" + .'- **protect**: protection.'."\n" + ."\n" + .'- **control**: control.'."\n" + ."\n" + .'- **storage**: storage.'."\n" + ."\n" + .'- **controlStorage**: control and storage.', 'type' => 'string', 'required' => false, 'example' => 'protect', 'title' => ''], ], [ - 'name' => 'ApiStatus', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => 'The API status. Valid values:'."\n" - ."\n" - .'* **NewbornInterface**: The API is newly added.'."\n" - .'* **OfflineInterface**: The API is inactive.'."\n" - .'* **normal**: The API is normal.', - 'type' => 'string', - 'required' => false, - 'example' => 'OfflineInterface', - 'title' => 'API的状态。取值:'."\n" - .'- **NewbornInterface**:表示新增。'."\n" - .'- **OfflineInterface**:表示失活。'."\n" - .'- **normal**:表示正常。', - ], + 'schema' => ['description' => 'The name of the node group.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'string', - 'required' => false, - 'example' => '1681833600', - 'title' => '查询的开始时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'string', - 'required' => false, - 'example' => '1683388800', - 'title' => '查询的结束时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'OrderKey', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the sorting field. Valid values:'."\n" - ."\n" - .'* **allCnt**: the total number of calls to the API in the previous 30 days'."\n" - .'* **botCnt**: the number of bot-initiated requests in the previous 30 days'."\n" - .'* **crossBorderCnt**: the number of cross-border requests in the previous 30 days'."\n" - .'* **abnormalNum**: the number of API-related risks'."\n" - .'* **eventNum**: the number of API-related security events'."\n" - .'* **farthestTs**: the time when the API was first detected'."\n" - .'* **lastestTs**: the time of the most recent access to the API', - 'type' => 'string', - 'required' => false, - 'example' => 'allCnt', - 'title' => '排序字段的名称。取值:'."\n" - .'- **allCnt**:表示近30天总访问量。'."\n" - .'- **botCnt**:表示近30天机器访问量。'."\n" - .'- **crossBorderCnt**:表示近30天跨境访问量。'."\n" - .'- **abnormalNum**:表示API关联风险数量。'."\n" - .'- **eventNum**:表示API关联事件数量。'."\n" - .'- **farthestTs**:表示首次发现时间。'."\n" - .'- **lastestTs**:表示最近访问时间。', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'OrderWay', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The sorting method. Valid values:'."\n" - ."\n" - .'* **desc** (default): descending order'."\n" - .'* **asc**: ascending order', - 'type' => 'string', - 'required' => false, - 'example' => 'desc', - 'title' => '排序的方式。取值:'."\n" - .'- **desc**:表示降序(默认)。'."\n" - .'- **asc**:表示升序。', + 'type' => 'object', + 'properties' => [ + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '3', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C3B0FDD2-11CE-59A5-BEB5-*****1A969', 'title' => ''], + 'ClusterServers' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'GroupName' => ['description' => 'The name of the node group.', 'type' => 'string', 'example' => '测试组。', 'title' => ''], + 'Operator' => ['description' => 'The cloud service provider where the server resides.', 'type' => 'string', 'example' => 'aliyun。', 'title' => ''], + 'Status' => ['description' => 'The health status of the server in the hybrid cloud cluster.', 'type' => 'string', 'example' => 'ok', 'title' => ''], + 'RegionCodeValue' => ['description' => 'The numeric code of the region where the server resides.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'RegionCode' => ['description' => 'The region identifier of the server, such as `beijing`.', 'type' => 'string', 'example' => 'beijing', 'title' => ''], + 'Memory' => ['description' => 'The memory size of the server. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '33547386880', 'title' => ''], + 'Ip' => ['description' => 'The IP address of the server.', 'type' => 'string', 'example' => '1.*.*1。', 'title' => ''], + 'Cpu' => ['description' => 'The number of CPU cores of the server.', 'type' => 'integer', 'format' => 'int32', 'example' => '4', 'title' => ''], + 'Mid' => ['description' => 'The machine ID (MID) of the server.', 'type' => 'string', 'example' => '28ab688cd403563e8e173*****79600', 'title' => ''], + 'ContinentsValue' => ['description' => 'The continent code of the protection cluster.'."\n" + ."\n" + .'> For a list of valid codes, see the supplementary description of response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '410', 'title' => ''], + 'Mac' => ['description' => 'The MAC address of the server.', 'type' => 'string', 'example' => '**:**:00:02:eb:c7', 'title' => ''], + 'GroupId' => ['description' => 'The ID of the node group.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'JobStatus' => ['description' => 'The running status of the server.', 'type' => 'string', 'example' => 'running', 'title' => ''], + 'GroupType' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n" + ."\n" + .'- **protect**: protection.'."\n" + ."\n" + .'- **control**: control.'."\n" + ."\n" + .'- **storage**: storage.'."\n" + ."\n" + .'- **controlStorage**: control and storage.', 'type' => 'string', 'example' => 'protect', 'title' => ''], + 'CustomName' => ['description' => 'The custom name of the server.', 'type' => 'string', 'example' => '测试组', 'title' => ''], + 'UpdateTimestamp' => ['description' => 'The time when the server was last updated. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1711953897000', 'title' => ''], + 'Continents' => ['description' => 'The continent identifier of the server, such as `asiapacific`.', 'type' => 'string', 'example' => 'asiapacific', 'title' => ''], + 'CreateTimestamp' => ['description' => 'The time when the server was created. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665987186000', 'title' => ''], + 'HostName' => ['description' => 'The hostname of the server.', 'type' => 'string', 'example' => 'qsh5-sec-waf-*****-6', 'title' => ''], + 'OperatorValue' => ['description' => 'The carrier code of the server.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'description' => 'The servers in the hybrid cloud cluster.', + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'DescribeHybridCloudClusterServers', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - 'title' => '分页查询时,返回第几页数据。默认值为**1**,表示返回第1页数据。', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusterServers', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 3,\\n \\"RequestId\\": \\"C3B0FDD2-11CE-59A5-BEB5-*****1A969\\",\\n \\"ClusterServers\\": [\\n {\\n \\"GroupName\\": \\"测试组。\\",\\n \\"Operator\\": \\"aliyun。\\",\\n \\"Status\\": \\"ok\\",\\n \\"RegionCodeValue\\": 0,\\n \\"RegionCode\\": \\"beijing\\",\\n \\"Memory\\": 33547386880,\\n \\"Ip\\": \\"1.*.*1。\\",\\n \\"Cpu\\": 4,\\n \\"Mid\\": \\"28ab688cd403563e8e173*****79600\\",\\n \\"ContinentsValue\\": 410,\\n \\"Mac\\": \\"**:**:00:02:eb:c7\\",\\n \\"GroupId\\": 1,\\n \\"JobStatus\\": \\"running\\",\\n \\"GroupType\\": \\"protect\\",\\n \\"CustomName\\": \\"测试组\\",\\n \\"UpdateTimestamp\\": 1711953897000,\\n \\"Continents\\": \\"asiapacific\\",\\n \\"CreateTimestamp\\": 1665987186000,\\n \\"HostName\\": \\"qsh5-sec-waf-*****-6\\",\\n \\"OperatorValue\\": 0\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeHybridCloudClusters' => [ + 'summary' => 'Queries a list of hybrid cloud clusters.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '200', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - 'title' => '分页查询时,每页包含多少条结果。默认值为**10**,表示每页包含10条结果。', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '227268', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], + ], + 'parameters' => [ [ - 'name' => 'Follow', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to follow the API. Valid values:'."\n" - ."\n" - .'* **1**: follows the API.'."\n" - .'* **0**: does not follow the API.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '0', - 'title' => '是否关注。取值:'."\n" - .'- **1**:表示关注。'."\n" - .'- **0**:表示未关注。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstanceInfo](~~140857~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm35****02', 'title' => ''], ], [ - 'name' => 'ApiType', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The service object. Valid values:'."\n" - ."\n" - .'* **PublicAPI**: public services'."\n" - .'* **ThirdpartAPI**: cooperation with third-party partners'."\n" - .'* **InternalAPI**: internal office', - 'type' => 'string', - 'required' => false, - 'example' => 'innerAPI', - 'title' => '服务对象。取值:'."\n" - .'- **PublicAPI**:表示公共服务。'."\n" - .'- **ThirdpartAPI**:表示三方合作。'."\n" - .'- **InternalAPI**:表示内部办公。', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ApiTag', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The business purpose of the API.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the business purposes of APIs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'SendMail', - 'title' => 'API业务用途。'."\n" - ."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的业务用途。', + 'description' => 'The response.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''], + 'ClusterInfos' => [ + 'description' => 'The list of clusters.', + 'type' => 'array', + 'items' => [ + 'description' => 'The cluster information.', + 'type' => 'object', + 'properties' => [ + 'HttpsPorts' => ['description' => 'The ports that use the HTTPS protocol. The value is a string. If multiple ports are returned, they are separated by commas in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '443,8443', 'title' => ''], + 'ProtectionServerCount' => ['description' => 'The number of protection nodes that you can add to the cluster.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'ProxyStatus' => ['description' => 'The status of the proxy. Valid values:'."\n" + ."\n" + .'- **on**: enabled'."\n" + ."\n" + .'- **off**: disabled', 'type' => 'string', 'example' => 'off', 'title' => ''], + 'RuleType' => ['description' => 'The type of the rule. Valid values:'."\n" + ."\n" + .'- **bypass**: WAF does not perform security checks and allows traffic to pass through.', 'type' => 'string', 'example' => 'bypass', 'title' => ''], + 'AccessRegion' => ['description' => 'The region where the leased line is connected. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Hangzhou'."\n" + ."\n" + .'- **cn-beijing**: Beijing'."\n" + ."\n" + .'- **cn-shanghai**: Shanghai', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], + 'Remark' => ['description' => 'The remarks.', 'type' => 'string', 'example' => 'test', 'title' => ''], + 'ClusterResourceId' => ['description' => 'The resource ID of the hybrid cloud cluster.', 'type' => 'string', 'example' => 'hdbc-cluster-t1****a', 'title' => ''], + 'ClusterName' => ['description' => 'The name of the cluster.', 'type' => 'string', 'example' => 'testcluster', 'title' => ''], + 'RuleStatus' => ['description' => 'The status of the manual bypass setting. Valid values:'."\n" + ."\n" + .'- **on**: enabled.'."\n" + ."\n" + .'- **off**: disabled.', 'type' => 'string', 'example' => 'off', 'title' => ''], + 'Id' => ['description' => 'The cluster ID.', 'type' => 'integer', 'format' => 'int64', 'example' => '524**8', 'title' => ''], + 'AccessMode' => ['description' => 'The network access mode. Valid values:'."\n" + ."\n" + .'- **internet**: Internet access.'."\n" + ."\n" + .'- **vpc**: leased line-based private network access.', 'type' => 'string', 'example' => 'internet', 'title' => ''], + 'ProxyType' => ['description' => 'The type of the cluster. Valid values:'."\n" + ."\n" + .'- **cname**: reverse proxy cluster'."\n" + ."\n" + .'- **service**: service cluster', 'type' => 'string', 'example' => 'cname', 'title' => ''], + 'RuleConfig' => ['description' => 'The rule configuration.', 'type' => 'string', 'example' => '{"enable":true,"param":{"breaker":{"duration":1,"failed":1,"recent_failed":1},"disable_protect":false,"max_request_body_len":1,"timeout":1}}', 'title' => ''], + 'HttpPorts' => ['description' => 'The ports that use the HTTP protocol. The value is a string. If multiple ports are returned, they are separated by commas in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '80,8080', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', ], ], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"ClusterInfos\\": [\\n {\\n \\"HttpsPorts\\": \\"443,8443\\",\\n \\"ProtectionServerCount\\": 1,\\n \\"ProxyStatus\\": \\"off\\",\\n \\"RuleType\\": \\"bypass\\",\\n \\"AccessRegion\\": \\"cn-hangzhou\\",\\n \\"Remark\\": \\"test\\",\\n \\"ClusterResourceId\\": \\"hdbc-cluster-t1****a\\",\\n \\"ClusterName\\": \\"testcluster\\",\\n \\"RuleStatus\\": \\"off\\",\\n \\"Id\\": 0,\\n \\"AccessMode\\": \\"internet\\",\\n \\"ProxyType\\": \\"cname\\",\\n \\"RuleConfig\\": \\"{\\\\\\"enable\\\\\\":true,\\\\\\"param\\\\\\":{\\\\\\"breaker\\\\\\":{\\\\\\"duration\\\\\\":1,\\\\\\"failed\\\\\\":1,\\\\\\"recent_failed\\\\\\":1},\\\\\\"disable_protect\\\\\\":false,\\\\\\"max_request_body_len\\\\\\":1,\\\\\\"timeout\\\\\\":1}}\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'DescribeHybridCloudClusters', + 'changeSet' => [ + ['createdAt' => '2024-08-29T01:19:23.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'SensitiveLevel', - 'in' => 'query', - 'schema' => [ - 'description' => 'The sensitivity level of the API. Valid values:'."\n" - ."\n" - .'* **L1**: high sensitivity'."\n" - .'* **L2**: moderate sensitivity'."\n" - .'* **L3**: low sensitivity'."\n" - .'* **N**: non-sensitivity', - 'type' => 'string', - 'required' => false, - 'example' => 'L3', - 'title' => '接口敏感等级。取值:'."\n" - .'- **L1**:表示高敏感。'."\n" - .'- **L2**:表示中敏感。'."\n" - .'- **L3**:表示低敏感。'."\n" - .'- **N**:表示非敏感。', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusters', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + ], + 'DescribeHybridCloudGroups' => [ + 'summary' => 'Queries the Hybrid Cloud WAF node groups that are added to Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'ApiMethod', + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '136062', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The request method of the API. Valid values:'."\n" - ."\n" - .'* **GET**'."\n" - .'* **POST**'."\n" - .'* **HEAD**'."\n" - .'* **PUT**'."\n" - .'* **DELETE**'."\n" - .'* **CONNECT**'."\n" - .'* **PATCH**'."\n" - .'* **OPTIONS**', - 'type' => 'string', - 'required' => false, - 'example' => 'POST', - 'title' => 'API的请求方法。取值:'."\n" - .'- **GET**:表示GET请求。'."\n" - .'- **POST**:表示POST请求。'."\n" - .'- **HEAD**:表示HEAD请求。'."\n" - .'- **PUT**:表示PUT请求。'."\n" - .'- **DELETE**:表示DELETE请求。'."\n" - .'- **CONNECT**:表示CONNECT请求。'."\n" - .'- **PATCH**:表示PATCH请求。'."\n" - .'- **OPTIONS**:表示OPTIONS请求。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-********w0b', 'title' => ''], ], [ 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - ."\n" - .'> This parameter is available only in hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud clusters.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '740', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '428', 'title' => ''], ], [ - 'name' => 'Note', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => 'The remarks.', - 'type' => 'string', - 'required' => false, - 'example' => 'API for logon', - 'title' => '备注信息。', - ], + 'schema' => ['description' => 'The name of the hybrid cloud node group that you want to query.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => 'groupName1', 'title' => ''], ], [ - 'name' => 'RequestSensitiveType', + 'name' => 'GroupType', 'in' => 'query', - 'schema' => [ - 'description' => 'The sensitive data type in the request.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1004,1005', - 'title' => '请求敏感信息类型。'."\n" - ."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的敏感信息类型。', - ], + 'schema' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n" + ."\n" + .'- **protect**: protection node group.'."\n" + ."\n" + .'- **control**: control node group.'."\n" + ."\n" + .'- **storage**: storage node group.'."\n" + ."\n" + .'- **controlStorage**: control and storage node group.', 'type' => 'string', 'required' => false, 'example' => 'protect', 'title' => ''], ], [ - 'name' => 'AuthFlag', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether authentication is required. Valid values:'."\n" - ."\n" - .'* **0**: Authentication is required.'."\n" - .'* **1**: Authentication is not required.', - 'type' => 'string', - 'required' => false, - 'example' => '0', - 'title' => '是否有鉴权字段。取值:'."\n" - .'- **0**:表示有权限。'."\n" - .'- **1**:表示无权限。', - ], + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'ClusterProxyType', + 'in' => 'query', + 'schema' => ['description' => 'The proxy type of the hybrid cloud cluster. Valid values:'."\n" + ."\n" + .'- **service**: SDK-based integration.'."\n" + ."\n" + .'- **cname**: CNAME-based reverse proxy.', 'type' => 'string', 'required' => false, 'example' => 'cname', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Value:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - 'title' => '阿里云资源组ID。', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '5', - 'title' => '返回结果的总数。', - ], - 'RequestId' => [ - 'title' => '请求ID。', - 'description' => 'The request ID.', - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', - ], - 'Data' => [ - 'description' => 'The API assets.'."\n", + 'TotalCount' => ['description' => 'The total number of hybrid cloud node groups returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '146', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '045660E7-C4C6-5CD7-8182-7B337D95ADF4', 'title' => ''], + 'Groups' => [ + 'description' => 'The list of hybrid cloud node groups.', 'type' => 'array', 'items' => [ - 'description' => 'The asset details.'."\n", + 'description' => 'The details of a hybrid cloud node group.', 'type' => 'object', 'properties' => [ - 'EventNum' => [ - 'description' => 'The number of API-related security events.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - 'title' => 'API关联的安全事件数量。', - ], - 'FarthestTs' => [ - 'description' => 'The time when the API asset was first detected. This value is a UNIX timestamp in UTC. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683388800', - 'title' => 'API资产首次发现时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], - 'ApiSensitive' => [ - 'description' => 'The API-related sensitive information. The value of this parameter is a JSON string that contains multiple parameters. The value includes the following parameters:'."\n" - ."\n" - .'* **request_sensitive_list**: the sensitive data type in the request'."\n" - .'* **response_sensitive_list**: the sensitive data type in the response'."\n" - .'* **sensitive_list**: sensitive data types'."\n" - .'* **sensitive_level**: sensitivity level', - 'type' => 'string', - 'example' => '{'."\n" - .' "sensitive_list": ["1003","1005"],'."\n" - .' "sensitive_level": "L2",'."\n" - .' "request_sensitive_list": ["1003"],'."\n" - .' "response_sensitive_list": ["1005"]'."\n" - .'}', - 'title' => 'API涉及的敏感信息,以一系列参数构造的JSON格式转化成字符串。包括:'."\n" - .'- **request_sensitive_list**:表示请求敏感数据类型列表。'."\n" - .'- **response_sensitive_list**:表示响应敏感数据类型列表。'."\n" - .'- **sensitive_list**:表示敏感数据类型列表。'."\n" - .'- **sensitive_level**:表示敏感等级。', - ], - 'ApiFormat' => [ - 'description' => 'The API.', - 'type' => 'string', - 'example' => '/v1/etl/finddatabyvid', - 'title' => 'API接口。', - ], - 'ApiTag' => [ - 'description' => 'The business purpose of the API.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the business purposes of APIs.'."\n", - 'type' => 'string', - 'example' => 'SendMail', - 'title' => 'API业务用途。'."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的业务用途。', - ], - 'CrossBorderCnt' => [ - 'description' => 'The number of the cross-border requests in the previous 30 days.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - 'title' => '近30天跨境访问量。', - ], - 'AuthFlag' => [ - 'description' => 'Indicates whether authentication is required. Valid values:'."\n" - ."\n" - .'* **0**: Authentication is required.'."\n" - .'* **1**: Authentication is not required.', - 'type' => 'string', - 'example' => '1', - 'title' => '当前API是否有鉴权字段。取值:'."\n" - ."\n" - .'- **0**:有权限'."\n" - .'- **1**:无权限', - ], - 'AllCnt' => [ - 'description' => 'The total number of calls to this API in the previous 30 days.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '近30天总访问量。', - ], - 'ApiMethod' => [ - 'description' => 'The request method of the API. Valid values:'."\n" - ."\n" - .'* **GET**'."\n" - .'* **POST**'."\n" - .'* **HEAD**'."\n" - .'* **PUT**'."\n" - .'* **DELETE**'."\n" - .'* **CONNECT**'."\n" - .'* **PATCH**'."\n" - .'* **OPTIONS**', - 'type' => 'string', - 'example' => 'POST', - 'title' => 'API的请求方法。取值:'."\n" - .'- **GET**:表示GET请求。'."\n" - .'- **POST**:表示POST请求。'."\n" - .'- **HEAD**:表示HEAD请求。'."\n" - .'- **PUT**:表示PUT请求。'."\n" - .'- **DELETE**:表示DELETE请求。'."\n" - .'- **CONNECT**:表示CONNECT请求。'."\n" - .'- **PATCH**:表示PATCH请求。'."\n" - .'- **OPTIONS**:表示OPTIONS请求。', - ], - 'LastestTs' => [ - 'description' => 'The time at which the API was last accessed. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683388800', - 'title' => 'API资产最近最近访问时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], - 'ApiStatus' => [ - 'description' => 'The API status. Valid values:'."\n" - ."\n" - .'* **NewbornInterface**: The API is newly added.'."\n" - .'* **OfflineInterface**: The API is inactive.'."\n" - .'* **normal**: The API is normal.', - 'type' => 'string', - 'example' => 'NewbornInterface', - 'title' => 'API的状态。取值:'."\n" - .'- **NewbornInterface**:表示新增。'."\n" - .'- **OfflineInterface**:表示失活。'."\n" - .'- **normal**:表示正常。', - ], - 'ApiSensitiveResponse' => [ - 'description' => 'The sensitive data type in the response.', - 'type' => 'string', - 'example' => '["1002","1005"]', - 'title' => 'API响应敏感数据。', - ], - 'BotCnt' => [ - 'description' => 'The number of bot-initiated requests in the previous 30 days.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - 'title' => '近30天机器访问量。', - ], - 'Follow' => [ - 'description' => 'Specifies whether to follow the API. Valid values:'."\n" - ."\n" - .'* **1**: follows the API.'."\n" - .'* **0**: does not follow the API.', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - 'title' => '是否关注。取值:'."\n" - .'- **1**:表示关注。'."\n" - .'- **0**:表示未关注。', - ], - 'MatchedHost' => [ - 'description' => 'The domain name or IP address of the API.', - 'type' => 'string', - 'example' => 'a.aliyun.com', - 'title' => 'API接口所属的域名或IP。', - ], - 'ApiInfo' => [ - 'description' => 'The API-related information. The value of this parameter is a JSON string that contains multiple parameters. The value includes the following parameters:'."\n" - ."\n" - .'* **param_num**: the number of API parameters'."\n" - .'* **request_method**: the request method'."\n" - .'* **protocol**: the request protocol'."\n" - .'* **api_url**: the request URL'."\n" - .'* **poc_payload**: the request'."\n" - .'* **request**: the sample request'."\n" - .'* **response**: the sample response'."\n" - .'* **param**: the request parameters', - 'type' => 'string', - 'example' => '{'."\n" - .' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n" - .' "protocol": "https",'."\n" - .' "api_url": "https://test.cn:443/index.php",'."\n" - .' "param": [],'."\n" - .' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n" - .' "request_method": "GET",'."\n" - .' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n" - .' "param_num": 0'."\n" - .'}', - 'title' => 'API相关信息,以一系列参数构造的JSON格式转化成字符串。包括:'."\n" - .'- **param_num**:表示API参数数量。'."\n" - .'- **request_method**:表示请求方式。'."\n" - .'- **protocol**:表示请求协议。'."\n" - .'- **api_url**:表示请求URL。'."\n" - .'- **poc_payload**:表示请求。'."\n" - .'- **request**:表示请求样例。'."\n" - .'- **response**:表示响应样例。'."\n" - .'- **param**:表示请求参数。', - ], - 'AbnormalNum' => [ - 'description' => 'The number of API-related risks.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - 'title' => 'API关联的风险数量。', - ], - 'ApiType' => [ - 'description' => 'The service object. Valid values:'."\n" - ."\n" - .'* **PublicAPI**: public services'."\n" - .'* **ThirdpartAPI**: cooperation with third-party partners'."\n" - .'* **InternalAPI**: internal office', - 'type' => 'string', - 'example' => 'PublicAPI', - 'title' => '服务对象。取值:'."\n" - .'- **PublicAPI**:表示公共服务。'."\n" - .'- **ThirdpartAPI**:表示三方合作。'."\n" - .'- **InternalAPI**:表示内部办公。', - ], - 'Note' => [ - 'description' => 'The remarks.', - 'type' => 'string', - 'example' => 'Password changed'."\n", - 'title' => '备注信息。', - ], - 'ApiId' => [ - 'description' => 'The ID of the API.', - 'type' => 'string', - 'example' => '867ade***24ee6e205b8da82b8f84'."\n", - 'title' => 'API的ID。', - ], - 'Examples' => [ - 'description' => 'The sample APIs.', - 'type' => 'array', - 'items' => [ - 'description' => 'The sample information. The value of this parameter is a JSON string that contains multiple parameters. The value includes the following parameters:'."\n" - ."\n" - .'* **param_num**: the number of API parameters'."\n" - .'* **request_method**: the request method'."\n" - .'* **protocol**: the request protocol'."\n" - .'* **api_url**: the request URL'."\n" - .'* **poc_payload**: the request'."\n" - .'* **request**: the sample request'."\n" - .'* **response**: the sample response'."\n" - .'* **param**: the request parameters', - 'type' => 'string', - 'example' => '{'."\n" - .' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n" - .' "protocol": "https",'."\n" - .' "api_url": "https://test.cn:443/index.php",'."\n" - .' "param": [],'."\n" - .' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n" - .' "request_method": "GET",'."\n" - .' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n" - .' "param_num": 0'."\n" - .'}', - 'title' => '样例信息,以一系列参数构造的JSON格式转化成字符串。包括:'."\n" - .'- **param_num**:表示API参数数量。'."\n" - .'- **request_method**:表示请求方式。'."\n" - .'- **protocol**:表示请求协议。'."\n" - .'- **api_url**:表示请求URL。'."\n" - .'- **poc_payload**:表示请求。'."\n" - .'- **request**:表示请求样例。'."\n" - .'- **response**:表示响应样例。'."\n" - .'- **param**:表示请求参数。'."\n" - ."\n" - .'> 只有指定入参 **ApiId** 才会有该返回值。', - ], - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'ApiSensitiveRequest' => [ - 'description' => 'The sensitive data type in the request.', - 'type' => 'string', - 'example' => '["1002","1005"]', - 'title' => 'API请求敏感数据。', - ], - 'Resources' => [ - 'description' => 'The list of protection objects corresponding to this asset.', - 'type' => 'array', - 'items' => [ - 'description' => 'Protection objects corresponding to this asset.', - 'type' => 'string', - 'example' => '***.com-waf', - 'title' => '资产对应的防护对象。', - ], - 'title' => '资产对应的防护对象。', - ], - 'AccountEventNum' => [ - 'title' => '资产关联的账号安全事件数量。', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], + 'GroupName' => ['description' => 'The name of the hybrid cloud node group.', 'type' => 'string', 'example' => 'StorageGroup', 'title' => ''], + 'RegionCodeValue' => ['description' => 'The city code of the protection cluster.'."\n" + ."\n" + .'> For a list of valid codes, see Additional information about response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'LoadBalanceIp' => ['description' => 'The IP address of the load balancer that is associated with the hybrid cloud node group.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''], + 'BackSourceMark' => ['description' => 'The back-to-origin mark of the protection cluster. The value is in the **{CarrierTag}-{ContinentTag}-{CityTag}-{Identifier}** format. The identifier is optional.'."\n" + ."\n" + .'> For a list of valid values, see Additional information about response parameters.', 'type' => 'string', 'example' => 'aliyun-asiapacific-beijing-56477821', 'title' => ''], + 'GroupType' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n" + ."\n" + .'- **protect**: protection node group.'."\n" + ."\n" + .'- **control**: control node group.'."\n" + ."\n" + .'- **storage**: storage node group.'."\n" + ."\n" + .'- **controlStorage**: control and storage node group.', 'type' => 'string', 'example' => 'protect', 'title' => ''], + 'LocationId' => ['description' => 'The ID of the protection node.', 'type' => 'integer', 'format' => 'int64', 'example' => '1312', 'title' => ''], + 'Ports' => ['description' => 'The ports that are used by the hybrid cloud cluster. Multiple ports are separated by commas (,).', 'type' => 'string', 'example' => '80,9200,20018', 'title' => ''], + 'ContinentsValue' => ['description' => 'The continent code of the protection cluster.'."\n" + ."\n" + .'> For a list of valid codes, see Additional information about response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '410', 'title' => ''], + 'GroupId' => ['description' => 'The ID of the hybrid cloud node group.', 'type' => 'integer', 'format' => 'int32', 'example' => '123', 'title' => ''], + 'Remark' => ['description' => 'The description of the hybrid cloud node group.', 'type' => 'string', 'example' => 'test', 'title' => ''], + 'OperatorValue' => ['description' => 'The carrier code of the protection cluster.'."\n" + ."\n" + .'> For a list of valid codes, see Additional information about response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], ], - 'title' => '资产详情。', + 'title' => '', + 'example' => '', ], - 'title' => 'API资产列表。', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 146,\\n \\"RequestId\\": \\"045660E7-C4C6-5CD7-8182-7B337D95ADF4\\",\\n \\"Groups\\": [\\n {\\n \\"GroupName\\": \\"StorageGroup\\",\\n \\"RegionCodeValue\\": 0,\\n \\"LoadBalanceIp\\": \\"1.1.XX.XX\\",\\n \\"BackSourceMark\\": \\"aliyun-asiapacific-beijing-56477821\\",\\n \\"GroupType\\": \\"protect\\",\\n \\"LocationId\\": 1312,\\n \\"Ports\\": \\"80,9200,20018\\",\\n \\"ContinentsValue\\": 410,\\n \\"GroupId\\": 123,\\n \\"Remark\\": \\"test\\",\\n \\"OperatorValue\\": 0\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'DescribeHybridCloudGroups', + 'responseParamsDescription' => '### Carrier codes for protection clusters'."\n" + ."\n" + .'| Carrier Code | Carrier Tag | Carrier Description |'."\n" + .'| ------------ | ----------- | ------------------- |'."\n" + .'| 0 | aliyun | Alibaba Cloud |'."\n" + .'| 3 | tencent | Tencent |'."\n" + .'| 100 | google | Google |'."\n" + .'| 200 | IDC | IDC |'."\n" + ."\n" + .'### Continent codes for protection clusters'."\n" + ."\n" + .'| Continent Code | Continent Tag | Continent Description |'."\n" + .'| -------------- | ------------- | --------------------- |'."\n" + .'| 410 | asiapacific | Asia Pacific |'."\n" + .'| 411 | euro | Europe |'."\n" + ."\n" + .'### City codes for protection clusters'."\n" + ."\n" + .'| Continent Code | City Code | City Tag | City Description |'."\n" + .'| -------------- | --------- | -------------- | ------------------- |'."\n" + .'| 411 | 0 | frankfurt | Frankfurt |'."\n" + .'| 411 | 1 | siliconvallery | Silicon Valley |'."\n" + .'| 411 | 2 | Virginia | Virginia |'."\n" + .'| 410 | 0 | beijing | Beijing |'."\n" + .'| 410 | 1 | shanghai | Shanghai |'."\n" + .'| 410 | 2 | hongkong | Hong Kong (China) |'."\n" + .'| 410 | 3 | Jakarta | Indonesia (Jakarta) |'."\n" + .'| 410 | 4 | hangzhou | Hangzhou |'."\n" + .'| 410 | 5 | zhangjiakou | Zhangjiakou |'."\n" + .'| 410 | 6 | shenzhen | Shenzhen |'."\n" + .'| 410 | 7 | singapore | Singapore |'."\n" + .'| 410 | 8 | Tokyo | Tokyo |'."\n" + .'| 410 | 9 | changsha | Changsha |'."\n" + .'| 410 | 10 | public_cloud | Public cloud |'."\n" + .'| 410 | 11 | nanjing | Nanjing |', + 'changeSet' => [ + ['createdAt' => '2024-08-29T01:19:23.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-10-18T12:20:39.000Z', 'description' => 'Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudGroups'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"EventNum\\": 2,\\n \\"FarthestTs\\": 1683388800,\\n \\"ApiSensitive\\": \\"{\\\\n \\\\\\"sensitive_list\\\\\\": [\\\\\\"1003\\\\\\",\\\\\\"1005\\\\\\"],\\\\n \\\\\\"sensitive_level\\\\\\": \\\\\\"L2\\\\\\",\\\\n \\\\\\"request_sensitive_list\\\\\\": [\\\\\\"1003\\\\\\"],\\\\n \\\\\\"response_sensitive_list\\\\\\": [\\\\\\"1005\\\\\\"]\\\\n}\\",\\n \\"ApiFormat\\": \\"/v1/etl/finddatabyvid\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"CrossBorderCnt\\": 2,\\n \\"AuthFlag\\": \\"1\\",\\n \\"AllCnt\\": 1683388800,\\n \\"ApiMethod\\": \\"POST\\",\\n \\"LastestTs\\": 1683388800,\\n \\"ApiStatus\\": \\"NewbornInterface\\",\\n \\"ApiSensitiveResponse\\": \\"[\\\\\\"1002\\\\\\",\\\\\\"1005\\\\\\"]\\",\\n \\"BotCnt\\": 2,\\n \\"Follow\\": 1,\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"ApiInfo\\": \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\",\\n \\"AbnormalNum\\": 2,\\n \\"ApiType\\": \\"PublicAPI\\",\\n \\"Note\\": \\"密码已修改\\",\\n \\"ApiId\\": \\"197b52abcd81d6a8bd4***e477\\",\\n \\"Examples\\": [\\n \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\"\\n ],\\n \\"ApiSensitiveRequest\\": \\"[\\\\\\"1002\\\\\\",\\\\\\"1005\\\\\\"]\\",\\n \\"Resources\\": [\\n \\"***.top-waf\\"\\n ],\\n \\"AccountEventNum\\": 1\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecApiResources', ], - 'ModifyApisecStatus' => [ - 'summary' => 'Changes the status of the API security module for protected objects or protected object groups.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeHybridCloudProcessMonitor' => [ + 'summary' => 'Queries the status of applications on nodes in a hybrid cloud Web Application Firewall (WAF) cluster.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -21867,387 +17203,506 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '189028', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], - ], - [ - 'name' => 'Resources', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'alb-wewbb23dfset***', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz****hw0u', 'title' => ''], ], [ - 'name' => 'ApisecStatus', + 'name' => 'Mid', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the API security module. Valid values:'."\n" - ."\n" - .'* **1**: enabled'."\n" - .'* **0**: disabled'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], - ], - [ - 'name' => 'ResourceGroups', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group to which the protected object belongs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster node.', 'type' => 'string', 'required' => true, 'example' => '2fdb63fea03b173bc9e65c24****d7d5', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'DBF79169-B6A0-5C8E-86B2-CFE3****496E', 'title' => ''], + 'ProcessMonitors' => [ + 'description' => 'The list of application statuses.', + 'type' => 'array', + 'items' => [ + 'description' => 'The application status.', + 'type' => 'object', + 'properties' => [ + 'ProcessName' => ['description' => 'The name of the application running on the cluster node. Valid values:'."\n" + ."\n" + .'- **tianqingproxy**: the central management service'."\n" + ."\n" + .'- **redis**: the storage service'."\n" + ."\n" + .'- **scc**: the traffic metering service'."\n" + ."\n" + .'- **keeper**: the threat intelligence service'."\n" + ."\n" + .'- **node\\_exporter**: the application log upload service'."\n" + ."\n" + .'- **xagent**: the traffic detection service'."\n" + ."\n" + .'- **noproxy**: the traffic forwarding service'."\n" + ."\n" + .'- **xloge**: the attack log upload service'."\n" + ."\n" + .'- **ilogtail**: the log collection service'."\n" + ."\n" + .'- **xlogd**: the log analysis service', 'type' => 'string', 'example' => 'keeper', 'title' => ''], + 'ProcessStatus' => ['description' => 'The running status of the application. Valid values:'."\n" + ."\n" + .'- **0**: abnormal.'."\n" + ."\n" + .'- **1**: normal.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Levle' => ['description' => 'The severity level of the application status. Valid values:'."\n" + ."\n" + .'- **normal**: normal.'."\n" + ."\n" + .'- **critical**: abnormal.', 'type' => 'string', 'example' => 'normal', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], + 'TotalCount' => ['description' => '> This parameter is deprecated and no longer returns a valid value.', 'type' => 'integer', 'format' => 'int32', 'example' => '3', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyApisecStatus', - ], - 'ModifyApisecModuleStatus' => [ - 'summary' => 'Changes the status of features in the API security module for protected objects or protected object groups.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"DBF79169-B6A0-5C8E-86B2-CFE3****496E\\",\\n \\"ProcessMonitors\\": [\\n {\\n \\"ProcessName\\": \\"keeper\\",\\n \\"ProcessStatus\\": 1,\\n \\"Levle\\": \\"normal\\"\\n }\\n ],\\n \\"TotalCount\\": 3\\n}","type":"json"}]', + 'title' => 'DescribeHybridCloudProcessMonitor', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudProcessMonitor', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeHybridCloudProtectableCount' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '189643', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqtm**', - ], - ], - [ - 'name' => 'Resources', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cwaf-***-waf', - ], - ], - [ - 'name' => 'ReportStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the compliance check feature. Valid values:'."\n" - ."\n" - .'* **1**: enabled'."\n" - .'* **0**: disabled'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - ], - ], - [ - 'name' => 'TraceStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the tracing and auditing feature. Valid values:'."\n" - ."\n" - .'* **1**: enabled'."\n" - .'* **0**: disabled'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], - ], - [ - 'name' => 'ResourceGroups', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group to which the protected object belongs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group1', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-4xl3fdi4u01**fe23', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6087EA47-C10F-5A0A-A405-DB5B241**B1', 'title' => ''], + 'ProtectableCount' => ['description' => 'The number of protectable nodes that can be added to the cluster.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyApisecModuleStatus', - ], - 'ModifyApisecApiResource' => [ - 'summary' => 'Modifies the annotations of APIs in the API security module.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeHybridCloudProtectableCount', + 'summary' => 'Queries the count of protectable nodes that can be added to a hybrid cloud cluster.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudProtectableCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6087EA47-C10F-5A0A-A405-DB5B241**B1\\",\\n \\"ProtectableCount\\": 1\\n}","type":"json"}]', + ], + 'DescribeHybridCloudResourceDetail' => [ + 'summary' => 'Queries the details of a hybrid cloud domain name.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '168714', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'Follow', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to follow the API. Valid values:'."\n" - ."\n" - .'* **1**: yes'."\n" - .'* **0** (default): no'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '0', - 'default' => '0', - ], + 'schema' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'required' => true, 'example' => 'www.*****.com'], ], [ - 'name' => 'Note', + 'name' => 'Backend', 'in' => 'query', - 'schema' => [ - 'description' => 'The remarks.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'know', - ], + 'schema' => ['title' => '', 'description' => 'The back-to-origin address.', 'type' => 'string', 'required' => false, 'example' => '1.1.XX.XX'], ], [ - 'name' => 'ApiId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the API.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'c68995b89069595c5c0399676f3ca64f', - ], + 'schema' => ['description' => 'The page number. Default value: 1.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The number of entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'CnameEnabled', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n" + ."\n" + .'- **true**: Public cloud disaster recovery is enabled.'."\n" + ."\n" + .'- **false**: Public cloud disaster recovery is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''], + 'Domain' => [ + 'description' => 'The domain name information.', + 'type' => 'object', + 'properties' => [ + 'Status' => ['title' => '', 'description' => 'The resource status.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'], + 'ResourceManagerResourceGroupId' => ['description' => 'The resource group ID.', 'type' => 'string', 'example' => 'rg-***aby', 'title' => ''], + 'Uid' => ['description' => 'The user ID.', 'type' => 'string', 'example' => '1046011128270720', 'title' => ''], + 'Listen' => [ + 'description' => 'The listening information.', + 'type' => 'object', + 'properties' => [ + 'HttpsPorts' => [ + 'description' => 'The ports for the HTTPS protocol.', + 'type' => 'array', + 'items' => ['description' => 'The ports for the HTTPS protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '443,8443,7443,6443', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'ProtectionResource' => ['description' => 'The type of protection resource to use. Valid values:'."\n" + ."\n" + .'- **share**: shared cluster.'."\n" + ."\n" + .'- **gslb**: shared cluster with intelligent load balancing.', 'type' => 'string', 'example' => 'share', 'title' => ''], + 'CustomCiphers' => [ + 'description' => 'The custom cipher suites.', + 'type' => 'array', + 'items' => ['description' => 'The custom cipher suites.', 'type' => 'string', 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'TLSVersion' => ['description' => 'The TLS version. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1', 'title' => ''], + 'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 is enabled.'."\n" + ."\n" + .'- **false**: HTTP/2 is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'CertId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '19312542-cn-hangzhou', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of cipher suite. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'IPv6Enabled' => ['description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: IPv6 is enabled.'."\n" + ."\n" + .'- **false**: IPv6 is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'FocusHttps' => ['description' => 'Indicates whether HTTPS forced redirect is enabled. Valid values:'."\n" + ."\n" + .'- **true**: HTTPS forced redirect is enabled.'."\n" + ."\n" + .'- **false**: HTTPS forced redirect is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'XffHeaders' => [ + 'description' => 'The custom header fields used to obtain the client IP address, in the format of [**"header1","header2",……**].'."\n" + ."\n" + .'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify in the request header as the client IP address.', + 'type' => 'array', + 'items' => ['description' => 'The custom header fields used to obtain the client IP address, in the format of **["header1","header2",……]**.'."\n" + ."\n" + .'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify in the request header as the client IP address.', 'type' => 'string', 'example' => '["test"]', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the actual client IP address. Valid values:'."\n" + ."\n" + .'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n" + ."\n" + .'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n" + ."\n" + .'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'ExclusiveIp' => ['description' => 'Indicates whether an exclusive IP address is supported. Valid values:'."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'HttpPorts' => [ + 'description' => 'The list of available ports for the HTTP protocol. The value is a string. When multiple ports are available, they are returned in the format of **port1,port2,port3**.', + 'type' => 'array', + 'items' => ['description' => 'The list of available ports for the HTTP protocol. The value is a string. When multiple ports are available, they are returned in the format of **port1,port2,port3**.', 'type' => 'integer', 'format' => 'int64', 'example' => '80,8080,9080,9081,9082,8182', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'Id' => ['description' => 'id', 'type' => 'integer', 'format' => 'int64', 'example' => '31323', 'title' => ''], + 'Redirect' => [ + 'description' => 'The rules for returning response header values.', + 'type' => 'object', + 'properties' => [ + 'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n" + ."\n" + .'- **true** (default): Persistent connections are enabled.'."\n" + ."\n" + .'- **false**: Persistent connections are disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'SniEnabled' => ['description' => 'Indicates whether back-to-origin Server Name Indication (SNI) is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Back-to-origin SNI is enabled.'."\n" + ."\n" + .'- **false**: Back-to-origin SNI is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'CnameEnabled' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n" + ."\n" + .'- **true**: Public cloud disaster recovery is enabled.'."\n" + ."\n" + .'- **false**: Public cloud disaster recovery is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout period of persistent connections.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'ReadTimeout' => ['description' => 'The read timeout period of the request.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Backends' => [ + 'description' => 'The IP address of the origin server or the domain name used for back-to-origin.', + 'type' => 'array', + 'items' => ['description' => 'The IP address of the origin server or the domain name used for back-to-origin.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'SniHost' => ['description' => 'The custom value of the SNI extension field. If the value is empty, the SNI value is not customized, and the value of the **Host** field in the request header is used as the value of the SNI extension field by default.'."\n" + ."\n" + .'> This parameter is returned only when **SniStatus** is set to **1**, which indicates that back-to-origin SNI is enabled.', 'type' => 'string', 'example' => 'eew111', 'title' => ''], + 'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Forced HTTP back-to-origin is enabled.'."\n" + ."\n" + .'- **false**: Forced HTTP back-to-origin is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'RoutingRules' => ['description' => 'The hybrid cloud forwarding rules, expressed as a string converted from a JSON array. Each element in the JSON array is a structure that contains the following field:'."\n" + .'- **rs**: Array type.', 'type' => 'string', 'example' => '[{\\"backupRs\\":[],\\"location\\":\\"v3-test\\",\\"locationId\\":1148,\\"rs\\":[\\"39.98.217.197\\",\\"2.2.2.2\\"]}]', 'title' => ''], + 'Retry' => ['description' => 'Indicates whether WAF retries when back-to-origin fails. Valid values:'."\n" + ."\n" + .'- **true**: WAF retries.'."\n" + ."\n" + .'- **false**: WAF does not retry.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'RequestHeaders' => [ + 'description' => 'The HTTP request headers.', + 'type' => 'array', + 'items' => [ + 'description' => 'The specified custom request header field.', + 'type' => 'object', + 'properties' => [ + 'Value' => ['description' => 'The value.', 'type' => 'string', 'example' => '9506360478730', 'title' => ''], + 'Key' => ['description' => 'The key of the tag.', 'type' => 'string', 'example' => 'L2x1ZmZ5L2NvcmUvYXBwcy9tLnl1bmR1bi53YWYuMS9wbHVnaW5z', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + 'KeepaliveRequests' => ['description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000.'."\n" + ."\n" + .'> This specifies how many persistent connections are reused after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''], + 'Loadbalance' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n" + ."\n" + .'- **iphash**: IP hash algorithm.'."\n" + ."\n" + .'- **roundRobin**: round-robin algorithm.'."\n" + ."\n" + .'- **leastTime**: least-time back-to-origin algorithm.', 'type' => 'string', 'example' => 'iphash', 'title' => ''], + 'ProxyProtocol' => ['description' => 'Indicates whether the client source IP preservation feature is enabled.'."\n" + ."\n" + .'- true: The client source IP preservation feature is enabled. After this feature is enabled, the backend service can view the originating IP address of the client.'."\n" + .'- false: The client source IP preservation feature is disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'BackendPorts' => [ + 'description' => 'The custom port configuration. By default, this is the same as the listening port.', + 'type' => 'array', + 'items' => [ + 'description' => 'The custom port configuration. By default, this is the same as the listening port.', + 'type' => 'object', + 'properties' => [ + 'ListenPort' => ['description' => 'The listening port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'BackendPort' => ['description' => 'The back-to-origin port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'Protocol' => ['description' => 'The protocol type of the listening port. Valid values:'."\n" + ."\n" + .'- http: HTTP protocol.'."\n" + .'- https: HTTPS protocol.', 'type' => 'string', 'example' => 'http', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'Domain' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'example' => 'www.*****.com'], + 'Cname' => ['title' => '', 'description' => 'CNAME', 'type' => 'string', 'example' => 'kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com'], + ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'Query hybrid cloud domain name details', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudResourceDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyApisecApiResource', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"Domain\\": {\\n \\"Status\\": 1,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-***aby\\",\\n \\"Uid\\": \\"1046011128270720\\",\\n \\"Listen\\": {\\n \\"HttpsPorts\\": [\\n 0\\n ],\\n \\"ProtectionResource\\": \\"share\\",\\n \\"CustomCiphers\\": [\\n \\"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384\\"\\n ],\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"Http2Enabled\\": true,\\n \\"CertId\\": \\"19312542-cn-hangzhou\\",\\n \\"CipherSuite\\": 0,\\n \\"EnableTLSv3\\": true,\\n \\"IPv6Enabled\\": true,\\n \\"FocusHttps\\": true,\\n \\"XffHeaders\\": [\\n \\"[\\\\\\"test\\\\\\"]\\"\\n ],\\n \\"XffHeaderMode\\": 1,\\n \\"ExclusiveIp\\": true,\\n \\"HttpPorts\\": [\\n 0\\n ]\\n },\\n \\"Id\\": 31323,\\n \\"Redirect\\": {\\n \\"ConnectTimeout\\": 1,\\n \\"Keepalive\\": true,\\n \\"SniEnabled\\": true,\\n \\"CnameEnabled\\": true,\\n \\"KeepaliveTimeout\\": 1,\\n \\"ReadTimeout\\": 1,\\n \\"Backends\\": [\\n \\"1.1.1.1\\"\\n ],\\n \\"SniHost\\": \\"eew111\\",\\n \\"FocusHttpBackend\\": true,\\n \\"WriteTimeout\\": 1,\\n \\"RoutingRules\\": \\"[{\\\\\\\\\\\\\\"backupRs\\\\\\\\\\\\\\":[],\\\\\\\\\\\\\\"location\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"v3-test\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"locationId\\\\\\\\\\\\\\":1148,\\\\\\\\\\\\\\"rs\\\\\\\\\\\\\\":[\\\\\\\\\\\\\\"39.98.217.197\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"2.2.2.2\\\\\\\\\\\\\\"]}]\\",\\n \\"Retry\\": true,\\n \\"RequestHeaders\\": [\\n {\\n \\"Value\\": \\"9506360478730\\",\\n \\"Key\\": \\"L2x1ZmZ5L2NvcmUvYXBwcy9tLnl1bmR1bi53YWYuMS9wbHVnaW5z\\"\\n }\\n ],\\n \\"KeepaliveRequests\\": 1000,\\n \\"Loadbalance\\": \\"iphash\\",\\n \\"ProxyProtocol\\": false,\\n \\"BackendPorts\\": [\\n {\\n \\"ListenPort\\": 80,\\n \\"BackendPort\\": 80,\\n \\"Protocol\\": \\"http\\"\\n }\\n ]\\n },\\n \\"Domain\\": \\"www.*****.com\\",\\n \\"Cname\\": \\"kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com\\"\\n }\\n}","type":"json"}]', ], - 'DescribeUserEventType' => [ - 'summary' => 'Queries the types and statistics of security events in the API security module.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeHybridCloudResources' => [ + 'summary' => 'Queries the list of hybrid cloud domain names.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -22258,377 +17713,457 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156221', - 'abilityTreeNodes' => [ - 'FEATUREwafDX9EQ6', - ], + 'abilityTreeCode' => '156993', + 'abilityTreeNodes' => ['FEATUREwafSBJ1DO'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-5y***h0t', - 'title' => 'WAF实例的ID。'."\n" - ."\n" - .'> 您可以调用[DescribeInstance](~~433756~~)查询当前WAF实例的ID。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***********', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '976', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'schema' => ['title' => '', 'description' => 'The domain name to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com'], ], [ - 'name' => 'StartTime', + 'name' => 'Backend', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1723435200', - 'title' => '查询的开始时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['title' => '', 'description' => 'The IP address or domain name of the origin server that corresponds to the domain name.', 'type' => 'string', 'required' => false, 'example' => '1.1.XX.XX'], ], [ - 'name' => 'EndTime', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1726113600', - 'title' => '查询的结束时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['description' => 'The page number to return when paging is used. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The number of entries per page when paging is used. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'CnameEnabled', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek***ktt3y', - 'title' => '阿里云资源组ID。', - ], + 'schema' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], ], [ - 'name' => 'UserStatusList', + 'name' => 'RegionId', 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'title' => '事件状态列表。', - 'type' => 'array', - 'items' => [ - 'title' => '事件状态。取值:'."\n" - ."\n" - .'- **toBeConfirmed**:表示待确认。'."\n" - .'- **confirmed**:表示已确认。'."\n" - .'- **actioned**:表示已处置。'."\n" - .'- **ignored**:表示忽略。', - 'type' => 'string', - 'example' => 'toBeConfirmed', - ], - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'EventScope', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => ' 安全事件的维度。取值:'."\n" - .'- **ip**(默认):表示IP安全事件。'."\n" - .'- **account**:表示账号安全事件。', - 'type' => 'string', - 'example' => 'ip', - 'default' => 'ip', - 'enum' => [ - 'ip', - 'account', - ], - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmvtc5z52****', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.', - 'type' => 'string', - 'example' => '177BA739-6512-5470-98C6-E***0BAA3D', - 'title' => '请求ID。', - ], - 'Event' => [ - 'description' => 'The types and statistics of security events.', + 'Domains' => [ + 'description' => 'The list of domain names returned.', 'type' => 'array', 'items' => [ - 'description' => 'The type and statistics of the security event.'."\n", + 'description' => 'The Website Config details.', 'type' => 'object', 'properties' => [ - 'EventCount' => [ - 'description' => 'The number of events.'."\n", + 'Status' => ['title' => '', 'description' => 'The status of the domain name. Valid values:'."\n" + ."\n" + .'- **1**: normal.'."\n" + ."\n" + .'- **2**: being created.'."\n" + ."\n" + .'- **3**: being modified.'."\n" + ."\n" + .'- **4**: being released.'."\n" + ."\n" + .'- **5**: forwarding stopped.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'], + 'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfmvtc5z52****', 'title' => ''], + 'Uid' => ['description' => 'The user ID.', 'type' => 'string', 'example' => '130715431409****', 'title' => ''], + 'Listen' => [ + 'description' => 'The listening configuration.', + 'type' => 'object', + 'properties' => [ + 'HttpsPorts' => [ + 'description' => 'The list of HTTPS ports.', + 'type' => 'array', + 'items' => ['description' => 'The HTTPS port.', 'type' => 'integer', 'format' => 'int64', 'example' => '443', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'ProtectionResource' => ['description' => 'The type of protection resource to use. Valid values:'."\n" + ."\n" + .'- **share**: shared cluster.'."\n" + ."\n" + .'- **gslb**: intelligent load balancing of the shared cluster.', 'type' => 'string', 'example' => 'share', 'title' => ''], + 'CustomCiphers' => [ + 'description' => 'The specific custom cipher suites to add.'."\n" + ."\n" + .'> This parameter is returned only when **CipherSuite** is set to **99**.', + 'type' => 'array', + 'items' => ['description' => 'The custom cipher suite.', 'type' => 'string', 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'TLSVersion' => ['description' => 'The TLS version. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1.2', 'title' => ''], + 'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'CertId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '72***76-cn-hangzhou', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of cipher suite. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'IPv6Enabled' => ['description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'FocusHttps' => ['description' => 'Indicates whether HTTPS forced redirect is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'XffHeaders' => [ + 'description' => 'The list of custom header fields used to obtain the client IP address, in the format of **["header1","header2",...]**.'."\n" + ."\n" + .'> This parameter is returned only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify in the request header as the client IP address.', + 'type' => 'array', + 'items' => ['description' => 'The custom header field used to obtain the client IP address.', 'type' => 'string', 'example' => 'Client-ip', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n" + ."\n" + .'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n" + ."\n" + .'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n" + ."\n" + .'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'ExclusiveIp' => ['description' => 'Indicates whether an exclusive IP address is supported. Valid values:'."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'HttpPorts' => [ + 'description' => 'The list of HTTP listening ports.', + 'type' => 'array', + 'items' => ['description' => 'The HTTP listening port.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'Id' => [ + 'description' => 'The access ID.', + 'enumValueTitles' => [], 'type' => 'integer', 'format' => 'int64', - 'example' => '0', - 'title' => '事件数量。', - ], - 'EventType' => [ - 'description' => 'The type of the security event.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of security events.', - 'type' => 'string', - 'example' => 'Event_AbnormalFrequency', - 'title' => '事件类型。'."\n" - ."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的事件类型。', - ], - 'EventParentType' => [ - 'description' => 'The parent type of the security event.'."\n", - 'type' => 'string', - 'example' => 'EventType_Account', - 'title' => '事件父类型。', + 'example' => '12345', + 'title' => '', ], - 'EventCode' => [ - 'description' => 'The code of the security event.'."\n", - 'type' => 'string', - 'example' => 'Event_LoginCollision', - 'title' => '事件编码。', + 'Redirect' => [ + 'description' => 'The forwarding configuration.', + 'type' => 'object', + 'properties' => [ + 'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds.'."\n" + .'Valid values: 5 to 120.', 'type' => 'integer', 'format' => 'int64', 'example' => '120', 'title' => ''], + 'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'SniEnabled' => ['description' => 'Indicates whether back-to-origin Server Name Indication (SNI) is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'CnameEnabled' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n" + ."\n" + .'> Specifies how long an idle reused persistent connection is kept before it is released.', 'type' => 'integer', 'format' => 'int64', 'example' => '15', 'title' => ''], + 'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n" + .'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int64', 'example' => '200', 'title' => ''], + 'Backends' => [ + 'description' => 'The IP address or domain name of the origin server that corresponds to the domain name.', + 'type' => 'array', + 'items' => ['description' => 'The IP address or domain name of the origin server that corresponds to the domain name.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'SniHost' => ['description' => 'The custom value of the SNI extension field. An empty value indicates that no custom SNI value is set. By default, the value of the **Host** field in the request header is used as the value of the SNI extension field.'."\n" + ."\n" + .'> This parameter is returned only when **SniEnabled** is set to **true**, which indicates that back-to-origin SNI is enabled.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n" + .'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int64', 'example' => '200', 'title' => ''], + 'RoutingRules' => ['description' => 'The hybrid cloud forwarding rules, represented as a string converted from a JSON array. Each element in the JSON array is a struct that contains the following fields:'."\n" + .'- **rs**: Array type. The list of back-to-origin IP addresses or back-to-origin CNAMEs.'."\n" + ."\n" + .'- **location**: String type. The name of the protection node.'."\n" + ."\n" + .'- **locationId**: Long type. The ID of the protection node.', 'type' => 'string', 'example' => '['."\n" + .' {'."\n" + .' "rs": ['."\n" + .' "1.1.XX.XX"'."\n" + .' ],'."\n" + .' "locationId": 535,'."\n" + .' "location": "test1111"'."\n" + .' }'."\n" + .']', 'title' => ''], + 'Retry' => ['description' => 'Indicates whether WAF retries when back-to-origin fails. Valid values:'."\n" + ."\n" + .'- **true**: Retries.'."\n" + ."\n" + .'- **false**: Does not retry.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'RequestHeaders' => [ + 'description' => 'The traffic tag fields and values of the domain name, used to tag traffic processed by WAF.', + 'type' => 'array', + 'items' => [ + 'description' => 'The traffic tag fields and values of the domain name, used to tag traffic processed by WAF.', + 'type' => 'object', + 'properties' => [ + 'Value' => ['description' => 'The value of the specified custom request header field.', 'type' => 'string', 'example' => 'bbb', 'title' => ''], + 'Key' => ['description' => 'The specified custom request header field.', 'type' => 'string', 'example' => 'aaa', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + 'KeepaliveRequests' => ['description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000.'."\n" + ."\n" + .'> The number of persistent connections to reuse after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''], + 'Loadbalance' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n" + ."\n" + .'- **iphash**: IP Hash algorithm.'."\n" + ."\n" + .'- **roundRobin**: round-robin algorithm.'."\n" + ."\n" + .'- **leastTime**: Least Time algorithm.', 'type' => 'string', 'example' => 'iphash', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'Domain' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com'], + 'Cname' => ['title' => '', 'description' => 'The CNAME assigned by WAF to the domain name.'."\n" + .'> This parameter is returned only when **CnameEnabled** is set to true, which indicates that public cloud disaster recovery is enabled.', 'type' => 'string', 'example' => '50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com'], ], - 'title' => '事件类型和统计信息。', + 'title' => '', + 'example' => '', ], - 'title' => '安全事件类型和统计列表。', + 'title' => '', + 'example' => '', ], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '24', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '98D2AA9A-5959-5CCD-83E3-B6606232A2BE', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'Query hybrid cloud CNAME access list', + 'changeSet' => [ + ['createdAt' => '2024-08-29T01:19:23.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-02-22T02:47:25.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2024-02-20T09:22:57.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2023-10-19T12:17:11.000Z', 'description' => 'Response parameters changed, Response parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"177BA739-6512-5470-98C6-E***0BAA3D\\",\\n \\"Event\\": [\\n {\\n \\"EventCount\\": 0,\\n \\"EventType\\": \\"Event_LoginCollision\\",\\n \\"EventParentType\\": \\"EventType_Account\\",\\n \\"EventCode\\": \\"Event_LoginCollision\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeUserEventType', - ], - 'DescribeUserEventTrend' => [ - 'summary' => 'Queries the trends of attacks detected by the API security module.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudResources'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Domains\\": [\\n {\\n \\"Status\\": 1,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmvtc5z52****\\",\\n \\"Uid\\": \\"130715431409****\\",\\n \\"Listen\\": {\\n \\"HttpsPorts\\": [\\n 443\\n ],\\n \\"ProtectionResource\\": \\"share\\",\\n \\"CustomCiphers\\": [\\n \\"ECDHE-ECDSA-AES128-GCM-SHA256\\"\\n ],\\n \\"TLSVersion\\": \\"tlsv1.2\\",\\n \\"Http2Enabled\\": false,\\n \\"CertId\\": \\"72***76-cn-hangzhou\\",\\n \\"CipherSuite\\": 1,\\n \\"EnableTLSv3\\": true,\\n \\"IPv6Enabled\\": false,\\n \\"FocusHttps\\": false,\\n \\"XffHeaders\\": [\\n \\"Client-ip\\"\\n ],\\n \\"XffHeaderMode\\": 0,\\n \\"ExclusiveIp\\": true,\\n \\"HttpPorts\\": [\\n 80\\n ]\\n },\\n \\"Id\\": 12345,\\n \\"Redirect\\": {\\n \\"ConnectTimeout\\": 120,\\n \\"Keepalive\\": true,\\n \\"SniEnabled\\": true,\\n \\"CnameEnabled\\": true,\\n \\"KeepaliveTimeout\\": 15,\\n \\"ReadTimeout\\": 200,\\n \\"Backends\\": [\\n \\"1.1.XX.XX\\"\\n ],\\n \\"SniHost\\": \\"www.aliyundoc.com\\",\\n \\"FocusHttpBackend\\": true,\\n \\"WriteTimeout\\": 200,\\n \\"RoutingRules\\": \\"[\\\\n {\\\\n \\\\\\"rs\\\\\\": [\\\\n \\\\\\"1.1.XX.XX\\\\\\"\\\\n ],\\\\n \\\\\\"locationId\\\\\\": 535,\\\\n \\\\\\"location\\\\\\": \\\\\\"test1111\\\\\\"\\\\n }\\\\n]\\",\\n \\"Retry\\": true,\\n \\"RequestHeaders\\": [\\n {\\n \\"Value\\": \\"bbb\\",\\n \\"Key\\": \\"aaa\\"\\n }\\n ],\\n \\"KeepaliveRequests\\": 1000,\\n \\"Loadbalance\\": \\"iphash\\"\\n },\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Cname\\": \\"50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com\\"\\n }\\n ],\\n \\"TotalCount\\": 24,\\n \\"RequestId\\": \\"98D2AA9A-5959-5CCD-83E3-B6606232A2BE\\"\\n}","type":"json"}]', + ], + 'DescribeHybridCloudSdkServers' => [ + 'summary' => 'Queries the hybrid cloud SDK servers that are managed by a Web Application Firewall (WAF) instance.', + 'methods' => ['get', 'post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'read', + 'deprecated' => false, 'systemTags' => [ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '155226', - 'abilityTreeNodes' => [ - 'FEATUREwafDX9EQ6', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7mz2797x***', - 'title' => 'WAF实例ID。'."\n" - ."\n" - .'> 您可以通过调用[DescribeInstance](~~433756~~)接口查看当前WAF实例ID。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-i7m2***0b', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'Ip', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'allowEmptyValue' => true, + 'schema' => ['description' => 'The IP address of the hybrid cloud SDK server that you want to query.', 'type' => 'string', 'required' => false, 'example' => '1.*.*1。', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'HostName', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The hostname of the hybrid cloud SDK server that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'online-***wwq', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ClusterName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzwwk****cv5i', - 'title' => '阿里云资源组ID。', - ], + 'schema' => ['description' => 'The name of the hybrid cloud cluster that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'testcluster', 'title' => ''], ], [ - 'name' => 'EventScope', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'title' => ' 安全事件的维度。取值:'."\n" - .'- **ip**(默认):表示IP安全事件。'."\n" - .'- **account**:表示账号安全事件。', - 'type' => 'string', - 'example' => 'ip', - 'default' => 'ip', - 'enum' => [ - 'ip', - 'account', - ], - ], + 'schema' => ['description' => 'The number of entries per page. Default value: 10.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number. Default value: 1.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'F51E6DD6-B2D2-57C9-90F1-FAFD0A19DE00', - 'title' => '请求ID。', - ], - 'Trend' => [ - 'description' => 'The trends of attacks.'."\n", + 'TotalCount' => ['description' => 'The total number of hybrid cloud SDK servers returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''], + 'SdkServers' => [ + 'description' => 'The information about the hybrid cloud SDK servers.', 'type' => 'array', 'items' => [ - 'description' => 'The attack details.'."\n", 'type' => 'object', 'properties' => [ - 'EventHigh' => [ - 'description' => 'The number of high-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '9', - 'title' => '高危事件数。', - ], - 'EventLow' => [ - 'description' => 'The number of low-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '23', - 'title' => '低危事件数。', - ], - 'EventMedium' => [ - 'description' => 'The number of medium-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '17', - 'title' => '中危事件数。', - ], - 'Timestamp' => [ - 'description' => 'The time at which the API was called. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1723435200', - 'title' => '统计的时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], - 'TimeStamp' => [ - 'description' => 'The time at which the API was called. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - .'><notice>The parameter has been deprecated, it is recommended to use the Timestamp parameter.></notice>', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1723435200', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], + 'Status' => ['description' => 'The status of the hybrid cloud SDK server.', 'type' => 'string', 'example' => '1', 'title' => ''], + 'PullinStatus' => ['description' => 'Indicates whether traffic redirection is enabled. Valid values:'."\n" + ."\n" + .'- **on**: Traffic redirection is enabled.'."\n" + ."\n" + .'- **off**: Traffic redirection is disabled.', 'type' => 'string', 'example' => 'on', 'title' => ''], + 'ResourceId' => ['description' => 'The ID of the resource.', 'type' => 'string', 'example' => 'test-antifaud-2.jqt.wafqax.top-waf', 'title' => ''], + 'Ip' => ['description' => 'The IP address of the hybrid cloud SDK server.', 'type' => 'string', 'example' => '127.0.0.1', 'title' => ''], + 'CreateTime' => ['description' => 'The time when the hybrid cloud SDK server was created. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1621428205000', 'title' => ''], + 'UpdateTime' => ['description' => 'The time when the hybrid cloud SDK server was last updated. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1719489906000', 'title' => ''], + 'ClusterName' => ['description' => 'The name of the hybrid cloud cluster to which the SDK server belongs.', 'type' => 'string', 'example' => 'testcluster', 'title' => ''], + 'Mid' => ['description' => 'The ID of the SDK server.', 'type' => 'string', 'example' => 'b11327c21790846374051d5d**83c', 'title' => ''], + 'ProtectionGroupAddress' => ['description' => 'The address of the protection group associated with the SDK server.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''], + 'HostName' => ['description' => 'The hostname of the hybrid cloud SDK server.', 'type' => 'string', 'example' => 'qsh5-sec-8-fedd**005', 'title' => ''], ], - 'title' => '攻击详情。', + 'description' => '', + 'title' => '', + 'example' => '', ], - 'title' => '攻击走势列表。', + 'title' => '', + 'example' => '', ], + 'RequestId' => ['title' => '', 'description' => 'The ID of the request.', 'type' => 'string', 'example' => '3600F008-2E76-5D0B-BC76-EFBD****6D'], ], + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F51E6DD6-B2D2-57C9-90F1-FAFD0A19DE00\\",\\n \\"Trend\\": [\\n {\\n \\"EventHigh\\": 9,\\n \\"EventLow\\": 23,\\n \\"EventMedium\\": 17,\\n \\"Timestamp\\": 1723435200,\\n \\"TimeStamp\\": 1723435200\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeUserEventTrend', - ], - 'DescribeUserAsset' => [ - 'summary' => 'Queries the user asset statistics in the API security module.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"SdkServers\\": [\\n {\\n \\"Status\\": \\"1\\",\\n \\"PullinStatus\\": \\"on\\",\\n \\"ResourceId\\": \\"test-antifaud-2.jqt.wafqax.top-waf\\",\\n \\"Ip\\": \\"127.0.0.1\\",\\n \\"CreateTime\\": 1621428205000,\\n \\"UpdateTime\\": 1719489906000,\\n \\"ClusterName\\": \\"testcluster\\",\\n \\"Mid\\": \\"b11327c21790846374051d5d**83c\\",\\n \\"ProtectionGroupAddress\\": \\"1.1.1.1\\",\\n \\"HostName\\": \\"qsh5-sec-8-fedd**005\\"\\n }\\n ],\\n \\"RequestId\\": \\"3600F008-2E76-5D0B-BC76-EFBD****6D\\"\\n}","type":"json"}]', + 'title' => 'DescribeHybridCloudSdkServers', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudSdkServers', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeHybridCloudServerRegions' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -22639,146 +18174,112 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '155224', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-uax37ijm***', - ], - ], - [ - 'name' => 'DataType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the statistics. Valid values:'."\n" - ."\n" - .'* **asset_num**: total number of APIs'."\n" - .'* **asset_active**: number of active APIs'."\n" - .'* **asset_newborn**: number of new APIs'."\n" - .'* **asset_offline**: number of deactivated APIs'."\n" - .'* **asset_bot**: number of APIs that are called by bots'."\n" - .'* **asset_cross_border**: number of APIs that are called for cross-border data transfer'."\n" - .'* **sensitive_api**: number of response-sensitive APIs'."\n" - .'* **sensitive_domain**: number of response-sensitive domain names'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'asset_num', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5yd****7009', 'title' => ''], ], [ - 'name' => 'Days', + 'name' => 'RegionCode', 'in' => 'query', - 'schema' => [ - 'description' => 'The time at which the API was called. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - .'><notice>The parameter has been deprecated.></notice>', - 'type' => 'string', - 'required' => false, - 'example' => '1723435200', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], + 'schema' => ['description' => 'The region code. Use this parameter to filter results by a specific continent or area.><notice>This parameter is required when `RegionType` is set to `region`. Set the value to the code of the continent that you want to query.></notice>', 'type' => 'string', 'required' => false, 'example' => '410', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'RegionType', 'in' => 'query', 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', + 'description' => 'The type of the region. Valid values:'."\n" + ."\n" + .'- **operator**: queries carriers.'."\n" + ."\n" + .'- **continents**: queries continents.'."\n" + ."\n" + .'- **region**: queries cities.', 'type' => 'string', - 'required' => false, - 'example' => '428', + 'required' => true, + 'enum' => ['operator', 'continents', 'region'], + 'example' => 'region', + 'title' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', - ], - 'Assets' => [ - 'description' => 'The API statistics.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '0FBBDE11-C35F-531B-96BA-64CA****C875', 'title' => ''], + 'Regions' => [ + 'description' => 'The regions.', 'type' => 'array', 'items' => [ - 'description' => 'The API statistics.'."\n", + 'description' => 'The information about the region.', 'type' => 'object', 'properties' => [ - 'AssetNum' => [ - 'description' => 'The number of APIs returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '134', - ], - 'TimeStamp' => [ - 'description' => 'The time at which the API was called. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1723435200', - ], + 'Code' => ['description' => 'The code of the region.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'Name' => ['description' => 'The name of the region.', 'type' => 'string', 'example' => 'aliyun', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeHybridCloudServerRegions', + 'summary' => 'Queries hybrid cloud server regions, including carriers, continents, and cities.', + 'changeSet' => [ + ['createdAt' => '2024-08-29T01:28:34.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Assets\\": [\\n {\\n \\"AssetNum\\": 134,\\n \\"TimeStamp\\": 1723435200\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeUserAsset', - ], - 'DescribeUserApiRequest' => [ - 'summary' => 'Queries the traffic statistics of an API.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudServerRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0FBBDE11-C35F-531B-96BA-64CA****C875\\",\\n \\"Regions\\": [\\n {\\n \\"Code\\": 1,\\n \\"Name\\": \\"aliyun\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeHybridCloudSupportRegions' => [ + 'summary' => 'Queries the regions that are supported for hybrid cloud access in Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -22789,183 +18290,96 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '155227', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-zxu38***', - ], - ], - [ - 'name' => 'Domain', - 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name or IP address of the API.'."\n" - .'><notice>This parameter is deprecated, please use ApiId to query.></notice>', - 'type' => 'string', - 'required' => false, - 'example' => 'c.***.com', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - ], - [ - 'name' => 'ApiFormat', - 'in' => 'query', - 'schema' => [ - 'description' => 'The API.'."\n" - .'><notice>This parameter is deprecated, please use ApiId to query.></notice>', - 'type' => 'string', - 'required' => false, - 'example' => '/api/v1/know', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - ], - [ - 'name' => 'Type', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the statistics. Valid values:'."\n" - ."\n" - .'* **api_ip**: total traffic'."\n" - .'* **api_cross_border_ip**: cross-border traffic'."\n" - .'* **api_bot_ip**: bot traffic'."\n" - .'* **remote_region**: geographical location'."\n" - .'* **client_id**: client type'."\n" - .'* **http_referer**: Referer'."\n" - .'* **api_cnt**: total number of calls'."\n" - .'* **bot_cnt**: number of bot calls'."\n" - .'* **cross_border_cnt**: number of cross-border requests'."\n" - .'* **api_freq**: call frequency'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'api_ip', - 'default' => 'api_ip', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], - ], - [ - 'name' => 'ApiId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the API.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '3799f0695c0d687f3295d132fe49bc14', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-uqm3e3s6x03', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D13E4540-4432-5AD7-B216-6369512514F4', - ], - 'Requests' => [ - 'description' => 'The statistics.'."\n", + 'SupportRegions' => [ 'type' => 'array', - 'items' => [ - 'description' => 'The statistics.'."\n", - 'type' => 'object', - 'properties' => [ - 'Value' => [ - 'description' => 'The type of the statistics. Valid values:'."\n" - ."\n" - .'* **client_list**: client'."\n" - .'* **ip**: IP address'."\n" - .'* **region_id** region'."\n" - .'* **country_id**: country'."\n", - 'type' => 'string', - 'example' => '{'."\n" - .' "client_list": ['."\n" - .' "Unknown"'."\n" - .' ],'."\n" - .' "ip": "47.92.113.***",'."\n" - .' "region_id": "110000",'."\n" - .' "country_id": "CN"'."\n" - .'}', - ], - 'Count' => [ - 'description' => 'The number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '76', - ], - ], - ], + 'items' => ['description' => 'The region ID. Valid values:'."\n" + ."\n" + .'- **cn-chengdu**: China (Chengdu).'."\n" + ."\n" + .'- **cn-beijing**: China (Beijing).'."\n" + ."\n" + .'- **cn-zhangjiakou**: China (Zhangjiakou).'."\n" + ."\n" + .'- **cn-hangzhou**: China (Hangzhou).'."\n" + ."\n" + .'- **cn-shanghai**: China (Shanghai).'."\n" + ."\n" + .'- **cn-shenzhen**: China (Shenzhen).'."\n" + ."\n" + .'- **cn-qingdao**: China (Qingdao).'."\n" + ."\n" + .'- **cn-hongkong**: China (Hong Kong).'."\n" + ."\n" + .'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" + ."\n" + .'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'example' => '[\'cn-hangzhou\', \'cn-shanghai\', \'cn-beijing\']', 'title' => ''], + 'description' => 'The list of regions that are supported for hybrid cloud access.', + 'title' => '', + 'example' => '', ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '256959D5-3B45-54CD-A66D-F75F11E8E754', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeHybridCloudSupportRegions', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D13E4540-4432-5AD7-B216-6369512514F4\\",\\n \\"Requests\\": [\\n {\\n \\"Value\\": \\"{\\\\n \\\\\\"client_list\\\\\\": [\\\\n \\\\\\"Unknown\\\\\\"\\\\n ],\\\\n \\\\\\"ip\\\\\\": \\\\\\"47.92.113.***\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"110000\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"CN\\\\\\"\\\\n}\\",\\n \\"Count\\": 76\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeUserApiRequest', - ], - 'DescribeUserAbnormalType' => [ - 'summary' => 'Queries the types and statistics of risks in the API security module.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudSupportRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SupportRegions\\": [\\n \\"[\'cn-hangzhou\', \'cn-shanghai\', \'cn-beijing\']\\"\\n ],\\n \\"RequestId\\": \\"256959D5-3B45-54CD-A66D-F75F11E8E754\\"\\n}","type":"json"}]', + ], + 'DescribeHybridCloudUnassignedMachines' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -22976,158 +18390,120 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156222', - 'abilityTreeNodes' => [ - 'FEATUREwafWE25G7', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-g4***201', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5yd****7009', 'title' => ''], ], [ 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '993', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '123', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'Ip', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1723435200', - ], + 'schema' => ['description' => 'The IP address of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => '1.X.X.1', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'HostName', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1726113600', - ], + 'schema' => ['description' => 'The hostname of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'online-xagent1', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-ac***lani', - ], + 'schema' => ['description' => 'The page number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'UserStatusList', + 'name' => 'RegionId', 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'type' => 'array', - 'items' => [ - 'type' => 'string', - ], - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '3E1CB966-1407-5988-9432-7***D784', - ], - 'Abnormal' => [ - 'description' => 'The types and statistics of risks.'."\n", + 'TotalCount' => ['description' => 'The total number of unassigned servers returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '28', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '3EBCFCE9-4A3C-5E01-915D-691B****510A', 'title' => ''], + 'UnassignedMachines' => [ + 'description' => 'The unassigned servers in the hybrid cloud cluster.', 'type' => 'array', 'items' => [ - 'description' => 'The type and statistics of the risk.'."\n", + 'description' => 'The details of the unassigned server.', 'type' => 'object', 'properties' => [ - 'AbnormalCode' => [ - 'description' => 'The code of the risk.'."\n", - 'type' => 'string', - 'example' => 'Risk_InternalWeakPasswd', - ], - 'AbnormalParentType' => [ - 'description' => 'The parent type of the risk.'."\n", - 'type' => 'string', - 'example' => 'RiskType_Account', - ], - 'AbnormalType' => [ - 'description' => 'The type of the risk.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of risks.', - 'type' => 'string', - 'example' => 'LackOfSpeedLimit', - ], - 'AbnormalCount' => [ - 'description' => 'The number of risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - ], + 'CustomName' => ['description' => 'The custom name of the server.', 'type' => 'string', 'example' => 'exampleName', 'title' => ''], + 'Memory' => ['description' => 'The memory size of the server. Unit: KB.', 'type' => 'integer', 'format' => 'int64', 'example' => '31580872', 'title' => ''], + 'Ip' => ['description' => 'The IP address of the server.', 'type' => 'string', 'example' => '1.X.X.1'."\n", 'title' => ''], + 'Cpu' => ['description' => 'The number of CPU cores of the server.', 'type' => 'integer', 'format' => 'int64', 'example' => '16', 'title' => ''], + 'Mid' => ['description' => 'The ID of the server.', 'type' => 'string', 'example' => '78db009ab6cf055a9085f9f4****ae3a', 'title' => ''], + 'HostName' => ['description' => 'The hostname of the server.', 'type' => 'string', 'example' => 'online-xagent1'."\n", 'title' => ''], + 'Mac' => ['description' => 'The MAC address of the server.', 'type' => 'string', 'example' => '00163e2686ac', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeHybridCloudUnassignedMachines', + 'summary' => 'Queries the list of unassigned servers in a hybrid cloud cluster.', + 'changeSet' => [ + ['createdAt' => '2024-08-29T01:28:35.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3E1CB966-1407-5988-9432-7***D784\\",\\n \\"Abnormal\\": [\\n {\\n \\"AbnormalCode\\": \\"Risk_InternalWeakPasswd\\",\\n \\"AbnormalParentType\\": \\"RiskType_Account\\",\\n \\"AbnormalType\\": \\"Risk_InternalWeakPasswd\\",\\n \\"AbnormalCount\\": 10\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeUserAbnormalType', - ], - 'DescribeUserAbnormalTrend' => [ - 'summary' => 'Queries the trends of API security risks.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudUnassignedMachines', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 28,\\n \\"RequestId\\": \\"3EBCFCE9-4A3C-5E01-915D-691B****510A\\",\\n \\"UnassignedMachines\\": [\\n {\\n \\"CustomName\\": \\"exampleName\\",\\n \\"Memory\\": 31580872,\\n \\"Ip\\": \\"1.X.X.1\\\\n\\",\\n \\"Cpu\\": 16,\\n \\"Mid\\": \\"78db009ab6cf055a9085f9f4****ae3a\\",\\n \\"HostName\\": \\"online-xagent1\\\\n\\",\\n \\"Mac\\": \\"00163e2686ac\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeHybridCloudUnsupportPorts' => [ + 'summary' => 'Queries the list of unsupported ports for a hybrid cloud.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -23135,139 +18511,75 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '155225', - 'abilityTreeNodes' => [ - 'FEATUREwafWE25G7', - ], + 'abilityTreeCode' => '178409', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-uqm342yj***', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstanceInfo](~~140857~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Trend' => [ - 'description' => 'The trends of risks.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The trend details.'."\n", - 'type' => 'object', - 'properties' => [ - 'AbnormalHigh' => [ - 'description' => 'The number of high risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12', - ], - 'AbnormalLow' => [ - 'description' => 'The number of low risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '23', - ], - 'AbnormalMedium' => [ - 'description' => 'The number of medium risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '14', - ], - 'Timestamp' => [ - 'description' => 'The time at which the API was called. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1722268800', - ], - 'TimeStamp' => [ - 'description' => 'The time at which the API was called. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'><notice>The parameter has been deprecated, it is recommended to use the Timestamp parameter.></notice>', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1722268800', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - ], - ], - ], + 'HttpsPorts' => ['description' => 'The list of ports for the HTTPS protocol. The value is a string. Multiple ports are returned in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '443,8443,8021,3443,2443,9011', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'C2E97B3F-1623-4CDF-A7E2-FD9D****027A', 'title' => ''], + 'HttpPorts' => ['description' => 'The list of ports for the HTTP protocol. The value is a string. Multiple ports are returned in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '80,8080', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Trend\\": [\\n {\\n \\"AbnormalHigh\\": 12,\\n \\"AbnormalLow\\": 23,\\n \\"AbnormalMedium\\": 14,\\n \\"Timestamp\\": 1722268800,\\n \\"TimeStamp\\": 1722268800\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeUserAbnormalTrend', - ], - 'DescribeSensitiveStatistic' => [ - 'summary' => 'Queries the sensitive data statistics of the tracing and auditing feature.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeHybridCloudUnsupportPorts', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudUnsupportPorts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"HttpsPorts\\": \\"443,8443,8021,3443,2443,9011\\",\\n \\"RequestId\\": \\"C2E97B3F-1623-4CDF-A7E2-FD9D****027A\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n}","type":"json"}]', + ], + 'DescribeHybridCloudUser' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -23278,453 +18590,476 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '188100', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbq****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***********', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1672502400', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1725966000', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], - [ - 'name' => 'StatisticType', - 'in' => 'query', + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The type of the statistics. Valid values:'."\n" - ."\n" - .'* **ip**: IP address'."\n" - .'* **host**: domain name'."\n" - .'* **sensitive_code**: sensitive data type'."\n" - .'* **api**: sensitive data-related API'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ip', - 'default' => 'ip', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9178CB86-285F-5679-A30A-3B3F007E4206', 'title' => ''], + 'UserInfo' => [ + 'description' => 'The information about the available HTTP and HTTPS port ranges for hybrid cloud access.', + 'type' => 'object', + 'properties' => [ + 'HttpsPorts' => ['description' => 'The available HTTPS ports. The value is a string. If multiple ports are returned, they are separated by commas (,). Example: **port1,port2,port3**.', 'type' => 'string', 'example' => '8443,443', 'title' => ''], + 'HttpPorts' => ['description' => 'The available HTTP ports. The value is a string. If multiple ports are returned, they are separated by commas (,). Example: **port1,port2,port3**.', 'type' => 'string', 'example' => '80,8080', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], - [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + ], + 'title' => 'DescribeHybridCloudUser', + 'summary' => 'Queries the available HTTP and HTTPS port ranges for hybrid cloud access.', + 'changeSet' => [ + ['createdAt' => '2024-08-29T01:19:24.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudUser'], ], + ], + 'ramActions' => [ [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '20', - 'minimum' => '1', - 'example' => '10', - 'default' => '5', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudUser', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9178CB86-285F-5679-A30A-3B3F007E4206\\",\\n \\"UserInfo\\": {\\n \\"HttpsPorts\\": \\"8443,443\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n }\\n}","type":"json"}]', + ], + 'DescribeInstance' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '107334', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], + 'autoTest' => true, + ], + 'parameters' => [ [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Data' => [ - 'description' => 'The statistics of the sensitive data.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The statistics of the sensitive data.'."\n", - 'type' => 'object', - 'properties' => [ - 'SensitiveCode' => [ - 'description' => 'The type of the sensitive data.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of sensitive data.', - 'type' => 'string', - 'example' => '1003', - ], - 'MatchedHost' => [ - 'description' => 'The domain name.'."\n", - 'type' => 'string', - 'example' => 'a.****.com', - ], - 'ApiFormat' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'example' => '/api/login', - ], - 'Count' => [ - 'description' => 'The number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '169', - ], - 'ClientIP' => [ - 'description' => 'The IP address.'."\n", - 'type' => 'string', - 'example' => '10.50.11.**', - ], - ], + 'Status' => ['description' => 'The current status of the instance. Valid values:'."\n" + ."\n" + .'- **1**: Normal.'."\n" + ."\n" + .'- **2**: The instance has expired.'."\n" + ."\n" + .'- **3**: The instance is released.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'Details' => [ + 'title' => '', + 'description' => 'The details of the instance.', + 'type' => 'object', + 'properties' => [ + 'DefenseObjectInGroupMaxCount' => ['description' => 'The maximum number of protected objects that can be included in a protection group.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'Tamperproof' => ['description' => 'Indicates whether webpage tamper protection is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'BotApp' => ['description' => 'Indicates whether scenario-specific bot protection for apps is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'string', 'example' => 'true', 'title' => ''], + 'IpBlacklistRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single blacklist template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'WhitelistRuleCondition' => ['description' => 'The match field for the whitelist rule. For more information, see the description of the **conditions** parameter for **whitelist** rules in CreateDefenseRule.', 'type' => 'string', 'title' => '', 'example' => 'URL'], + 'CustomRuleCondition' => ['description' => 'The match condition for the custom rule. For more information, see the description of the **conditions** parameter for **custom\\_acl** rules in CreateDefenseRule.', 'type' => 'string', 'title' => '', 'example' => 'URL'], + 'CustomResponse' => ['description' => 'Indicates whether custom responses are supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'HttpPorts' => ['description' => 'The available HTTP ports. For more information, see [Port numbers supported by WAF]().', 'type' => 'string', 'title' => '', 'example' => '80'], + 'Gslb' => ['title' => '', 'description' => 'Indicates whether Global Server Load Balancing (GSLB) is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true'], + 'Ipv6' => ['title' => '', 'description' => 'Indicates whether IPv6 is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true'], + 'Bot' => ['description' => 'Indicates whether bot management is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'CustomRule' => ['description' => 'Indicates whether custom rules are supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'IpBlacklist' => ['description' => 'Indicates whether the IP address blacklist is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'CnameResourceMaxCount' => ['description' => 'The maximum number of CNAMEs that can be added.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1000'], + 'BackendMaxCount' => ['description' => 'The maximum number of back-to-origin IP addresses that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'ExclusiveIp' => ['description' => 'Indicates whether exclusive IP addresses are supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'CustomResponseRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single custom response template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'IpBlacklistIpInRuleMaxCount' => ['description' => 'The maximum number of IP addresses that can be added to a blacklist rule.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '200'], + 'AclRuleMaxIpCount' => ['description' => 'The maximum number of IP addresses that can be added to the match content. For more information about match content, see [Match conditions](~~374354~~).', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''], + 'BotTemplateMaxCount' => ['description' => 'The maximum number of bot management protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''], + 'DefenseGroupMaxCount' => ['description' => 'The maximum number of protection groups that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'VastIpBlacklistInFileMaxCount' => ['description' => 'The maximum number of IP addresses that can be imported to the IP address blacklist in a single batch.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '2,000'], + 'AntiScanTemplateMaxCount' => ['description' => 'The maximum number of scan protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'WhitelistLogical' => ['description' => 'The logical operator for the whitelist rule. For more information, see the description of the **conditions** parameter for **whitelist** rules in CreateDefenseRule.', 'type' => 'string', 'title' => '', 'example' => 'contain'], + 'CustomRuleTemplateMaxCount' => ['description' => 'The maximum number of custom rule templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'TamperproofTemplateMaxCount' => ['description' => 'The maximum number of webpage tamper protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''], + 'IpBlacklistTemplateMaxCount' => ['description' => 'The maximum number of blacklist templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'HttpsPorts' => ['description' => 'The available HTTPS ports. For more information, see [Port numbers supported by WAF]().', 'type' => 'string', 'title' => '', 'example' => '443'], + 'DlpTemplateMaxCount' => ['description' => 'The maximum number of data leak prevention templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''], + 'CustomRuleRatelimitor' => ['description' => 'The rate limiting object for the custom rule.', 'type' => 'string', 'title' => '', 'example' => 'header'], + 'DefenseObjectMaxCount' => ['description' => 'The maximum number of protected objects that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20,000'], + 'Dlp' => ['description' => 'Indicates whether data leak prevention is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'DefenseObjectInTemplateMaxCount' => ['description' => 'The maximum number of protected objects that can be associated with a template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'CustomRuleAction' => ['description' => 'The action string for the custom rule.', 'type' => 'string', 'title' => '', 'example' => 'block'], + 'TamperproofRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single webpage tamper protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''], + 'DlpRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single data leak prevention template.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''], + 'WhitelistTemplateMaxCount' => ['description' => 'The maximum number of whitelist templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'MajorProtection' => ['description' => 'Indicates whether critical event protection is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'BaseWafGroupRuleTemplateMaxCount' => ['description' => 'The maximum number of basic protection rule templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'BotWeb' => ['description' => 'Indicates whether scenario-specific bot protection for websites is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'string', 'example' => 'true', 'title' => ''], + 'CustomRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single custom rule template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'VastIpBlacklistInOperationMaxCount' => ['description' => 'The maximum number of IP addresses that can be added to the IP address blacklist from the console in a single operation.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '500'], + 'WhitelistRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single whitelist template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'AntiScan' => ['description' => 'Indicates whether scan protection is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'CustomResponseTemplateMaxCount' => ['description' => 'The maximum number of custom response templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'BaseWafGroupRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single basic protection rule template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'], + 'MajorProtectionTemplateMaxCount' => ['description' => 'The maximum number of critical event protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'], + 'BaseWafGroup' => ['description' => 'Indicates whether basic protection rules are supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'Whitelist' => ['description' => 'Indicates whether the IP address whitelist is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'LogService' => ['description' => 'Indicates whether Simple Log Service is supported. Valid values:'."\n" + ."\n" + .'- **true**: Supported.'."\n" + ."\n" + .'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'], + 'VastIpBlacklistMaxCount' => ['description' => 'The maximum number of IP addresses that can be added to the IP address blacklist for a single user.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '50,000'], + 'FreeQps' => ['description' => 'The free queries per second (QPS) of the subscription instance. For more information, see [WAF 3.0 subscription plans](~~441231~~).'."\n" + ."\n" + .'> This parameter has no meaning for pay-as-you-go instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '1000', 'title' => ''], + 'ExtendQps' => ['description' => 'The extra QPS of the subscription instance. For more information, see [WAF 3.0 subscription plans](~~441231~~).'."\n" + ."\n" + .'> This parameter has no meaning for pay-as-you-go instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '10000', 'title' => ''], + 'ElasticQps' => ['description' => 'The pay-as-you-go QPS of the subscription instance. For more information, see [WAF 3.0 subscription plans](~~441231~~).'."\n" + ."\n" + .'> This parameter has no meaning for pay-as-you-go instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '2000', 'title' => ''], + 'QpsBillingCap' => ['description' => 'The traffic billing protection threshold for the pay-as-you-go instance. For more information, see [Traffic billing protection](~~2249021~~) for pay-as-you-go instances.'."\n" + ."\n" + .'> This parameter has no meaning for subscription instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '2000', 'title' => ''], ], + 'example' => '', ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''], + 'EndTime' => ['description' => 'The expiration time of the instance. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '4809859200000', 'title' => ''], + 'InstanceId' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'title' => '', 'example' => 'waf-cn-xxx'], + 'InDebt' => ['description' => 'Indicates whether the instance has an overdue payment:'."\n" + ."\n" + .'- **0**: No.'."\n" + ."\n" + .'- **1**: Yes.', 'type' => 'string', 'example' => '1', 'title' => ''], + 'StartTime' => ['description' => 'The time when the instance was purchased. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1668496310000', 'title' => ''], + 'RegionId' => ['title' => '', 'description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou'], + 'PayType' => ['description' => 'The billing method of the instance. Valid values:'."\n" + ."\n" + .'- **POSTPAY**: The instance is a pay-as-you-go instance.'."\n" + ."\n" + .'- **PREPAY**: The instance is a subscription instance.', 'type' => 'string', 'example' => 'POSTPAY', 'title' => ''], + 'Edition' => ['description' => 'The edition of the WAF instance.', 'type' => 'string', 'title' => '', 'example' => 'default_version'], + 'ProcessStatus' => ['description' => 'The processing status of the instance. Valid values:'."\n" + ."\n" + .'- **commodity\\_converting**: The instance is being upgraded or downgraded.'."\n" + ."\n" + .'- **commodity\\_convert\\_check\\_failed**: The check for the instance upgrade or downgrade fails.'."\n" + ."\n" + .'- **commodity\\_convert\\_process\\_failed**: The instance upgrade or downgrade fails.'."\n" + ."\n" + .'- **order\\_create\\_failed**: The order fails to be created.'."\n" + ."\n" + .'- **order\\_pending\\_payment**: The order is pending payment.', 'type' => 'string', 'example' => 'order_pending_payment', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeInstance', + 'summary' => 'Retrieves the details of the Web Application Firewall (WAF) instance in your Alibaba Cloud account.', + 'changeSet' => [ + ['createdAt' => '2022-11-02T05:56:16.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2022-07-04T11:03:08.000Z', 'description' => 'Response parameters changed'], + ['createdAt' => '2021-12-27T11:36:11.000Z', 'description' => 'OpenAPI offline'], + ['createdAt' => '2021-12-27T11:36:11.000Z', 'description' => 'Response parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveCode\\": \\"1003\\",\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"Count\\": 169,\\n \\"ClientIP\\": \\"10.50.11.**\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveStatistic', - ], - 'DescribeSensitiveRequests' => [ - 'summary' => 'Queries the tracing results of sensitive data.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeInstance'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": 1,\\n \\"Details\\": {\\n \\"DefenseObjectInGroupMaxCount\\": 100,\\n \\"Tamperproof\\": true,\\n \\"BotApp\\": \\"true\\",\\n \\"IpBlacklistRuleInTemplateMaxCount\\": 100,\\n \\"WhitelistRuleCondition\\": \\"URL\\",\\n \\"CustomRuleCondition\\": \\"URL\\",\\n \\"CustomResponse\\": true,\\n \\"HttpPorts\\": \\"80\\",\\n \\"Gslb\\": true,\\n \\"Ipv6\\": true,\\n \\"Bot\\": true,\\n \\"CustomRule\\": true,\\n \\"IpBlacklist\\": true,\\n \\"CnameResourceMaxCount\\": 1000,\\n \\"BackendMaxCount\\": 20,\\n \\"ExclusiveIp\\": true,\\n \\"CustomResponseRuleInTemplateMaxCount\\": 100,\\n \\"IpBlacklistIpInRuleMaxCount\\": 200,\\n \\"AclRuleMaxIpCount\\": 100,\\n \\"BotTemplateMaxCount\\": 50,\\n \\"DefenseGroupMaxCount\\": 100,\\n \\"VastIpBlacklistInFileMaxCount\\": 0,\\n \\"AntiScanTemplateMaxCount\\": 20,\\n \\"WhitelistLogical\\": \\"contain\\",\\n \\"CustomRuleTemplateMaxCount\\": 20,\\n \\"TamperproofTemplateMaxCount\\": 50,\\n \\"IpBlacklistTemplateMaxCount\\": 20,\\n \\"HttpsPorts\\": \\"443\\",\\n \\"DlpTemplateMaxCount\\": 50,\\n \\"CustomRuleRatelimitor\\": \\"header\\",\\n \\"DefenseObjectMaxCount\\": 0,\\n \\"Dlp\\": true,\\n \\"DefenseObjectInTemplateMaxCount\\": 100,\\n \\"CustomRuleAction\\": \\"block\\",\\n \\"TamperproofRuleInTemplateMaxCount\\": 50,\\n \\"DlpRuleInTemplateMaxCount\\": 50,\\n \\"WhitelistTemplateMaxCount\\": 20,\\n \\"MajorProtection\\": true,\\n \\"BaseWafGroupRuleTemplateMaxCount\\": 20,\\n \\"BotWeb\\": \\"true\\",\\n \\"CustomRuleInTemplateMaxCount\\": 100,\\n \\"VastIpBlacklistInOperationMaxCount\\": 500,\\n \\"WhitelistRuleInTemplateMaxCount\\": 100,\\n \\"AntiScan\\": true,\\n \\"CustomResponseTemplateMaxCount\\": 20,\\n \\"BaseWafGroupRuleInTemplateMaxCount\\": 100,\\n \\"MajorProtectionTemplateMaxCount\\": 20,\\n \\"BaseWafGroup\\": true,\\n \\"Whitelist\\": true,\\n \\"LogService\\": true,\\n \\"VastIpBlacklistMaxCount\\": 0,\\n \\"FreeQps\\": 1000,\\n \\"ExtendQps\\": 10000,\\n \\"ElasticQps\\": 2000,\\n \\"QpsBillingCap\\": 2000\\n },\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"EndTime\\": 4809859200000,\\n \\"InstanceId\\": \\"waf-cn-xxx\\",\\n \\"InDebt\\": \\"1\\",\\n \\"StartTime\\": 1668496310000,\\n \\"RegionId\\": \\"cn-hangzhou\\",\\n \\"PayType\\": \\"POSTPAY\\",\\n \\"Edition\\": \\"default_version\\",\\n \\"ProcessStatus\\": \\"order_pending_payment\\"\\n}","type":"json"}]', + ], + 'DescribeIpAbroadCountryInfos' => [ + 'summary' => 'Retrieves supported countries and regions outside China for IP-based region blacklist.', + 'path' => '/', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'read', + 'deprecated' => false, 'systemTags' => [ 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '187966', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeNodes' => ['FEATUREwafBWO4L0'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-0xldbqt****', - ], - ], - [ - 'name' => 'SensitiveCode', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the sensitive data.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of sensitive data.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1001', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xl*******005', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'Country', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1723392000', - ], + 'schema' => ['description' => 'The country outside China to query. Supports fuzzy query by country ID or country name in Chinese or English.', 'type' => 'string', 'example' => 'US', 'title' => '', 'required' => false], ], [ - 'name' => 'EndTime', + 'name' => 'AbroadRegion', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1725966000', - ], + 'schema' => ['description' => 'The region outside China to query. Supports fuzzy query by region ID or region name in Chinese or English.', 'type' => 'string', 'required' => false, 'example' => 'US-CA', 'title' => ''], ], [ - 'name' => 'SensitiveData', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'The sensitive data.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'card', - ], + 'schema' => ['description' => 'The token for the next page. Set this parameter to the value of the **NextToken** parameter returned from the previous API call. You do not need to specify this parameter for the first page query.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****', 'title' => '', 'required' => false], ], [ - 'name' => 'PageNumber', + 'name' => 'MaxResults', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The number of entries per page in a paged query. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '500', 'minimum' => '1', 'example' => '20', 'default' => '20', 'title' => '', 'required' => false], ], [ - 'name' => 'PageSize', + 'name' => 'Language', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: 10.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '25', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '269', - ], + 'schema' => ['description' => 'The language used for country and region names in the response. Valid values:'."\n" + ."\n" + .'- **en** (**default**): English.'."\n" + ."\n" + .'- **cn**: Simplified Chinese.', 'type' => 'string', 'example' => 'en', 'default' => 'en', 'title' => '', 'required' => false], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzwwkpn****5i', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aekzwwk****cv5i', 'title' => '', 'required' => false], ], ], 'responses' => [ 200 => [ + 'description' => '查询成功', 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', - ], - 'Data' => [ - 'description' => 'The tracing results of the data.'."\n", + 'RequestId' => ['description' => 'The request ID', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '2', 'title' => ''], + 'AbroadInfos' => [ 'type' => 'array', 'items' => [ - 'description' => 'The tracing details.'."\n", 'type' => 'object', 'properties' => [ - 'EventCount' => [ - 'description' => 'The number of events in the previous 30 days.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '679', - ], - 'MatchedHost' => [ - 'description' => 'The domain name of the API.'."\n", - 'type' => 'string', - 'example' => 'a.****.com', - ], - 'ApiFormat' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'example' => '/api/users/login', - ], - 'DetectionResult' => [ - 'description' => 'The evaluation result. Valid values:'."\n" - ."\n" - .'* **leak**: Data leaks may occur.'."\n" - .'* **none**: No data leak can occur.'."\n", - 'type' => 'string', - 'example' => 'leak', - ], - 'ClientIP' => [ - 'description' => 'The IP address.'."\n", - 'type' => 'string', - 'example' => '103.118.55.**', - ], - 'ApiId' => [ - 'description' => 'The ID of the API.'."\n", - 'type' => 'string', - 'example' => '09559c0d71ca2ffc996b81***836d8', - ], - 'SensitiveList' => [ - 'description' => 'The sensitive data.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The sensitive data.'."\n", - 'type' => 'string', - 'example' => 'card', - ], - ], - 'InfoCount' => [ - 'description' => 'The statistics of the sensitive data.'."\n", + 'Country' => ['description' => 'The ID of the country.', 'type' => 'string', 'example' => 'US', 'title' => ''], + 'CountryName' => ['description' => 'The name of the country.', 'type' => 'string', 'example' => 'United States', 'title' => ''], + 'Regions' => [ 'type' => 'array', 'items' => [ - 'description' => 'The statistics of the sensitive data.'."\n", 'type' => 'object', 'properties' => [ - 'Count' => [ - 'description' => 'The number of sensitive data entries.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '23', - ], - 'Code' => [ - 'description' => 'The type of the sensitive data.'."\n", - 'type' => 'string', - 'example' => '1001', - ], + 'AbroadRegionId' => ['description' => 'The ID of the region.', 'type' => 'string', 'example' => 'US-CA', 'title' => ''], + 'AbroadRegionName' => ['description' => 'The name of the region.', 'type' => 'string', 'example' => 'California', 'title' => ''], ], + 'description' => 'The region information outside China.', + 'title' => '', + 'example' => '', ], + 'description' => 'The list of region information outside China.', + 'title' => '', + 'example' => '', ], - 'AbnormalCount' => [ - 'description' => 'The number of risks in the previous 30 days.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '23', - ], + 'Continent' => ['description' => 'The continent to which the country belongs.', 'type' => 'string', 'example' => 'North America', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], + 'description' => 'The list of country information outside China.', + 'title' => '', + 'example' => '', ], + 'NextToken' => ['description' => 'The token for the next page.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****', 'title' => ''], + 'MaxResults' => ['description' => 'The number of entries per page in a paged query. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], ], + 'description' => 'Response body structure', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"Data\\": [\\n {\\n \\"EventCount\\": 679,\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/users/login\\",\\n \\"DetectionResult\\": \\"leak\\",\\n \\"ClientIP\\": \\"103.118.55.**\\",\\n \\"ApiId\\": \\"09559c0d71ca2ffc996b81***836d8\\",\\n \\"SensitiveList\\": [\\n \\"card\\"\\n ],\\n \\"InfoCount\\": [\\n {\\n \\"Count\\": 23,\\n \\"Code\\": \\"1001\\"\\n }\\n ],\\n \\"AbnormalCount\\": 23\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveRequests', - ], - 'DescribeSensitiveRequestLog' => [ - 'summary' => 'Queries the access logs of sensitive data.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'DescribeIpAbroadCountryInfos', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeIpAbroadCountryInfos', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"TotalCount\\": 2,\\n \\"AbroadInfos\\": [\\n {\\n \\"Country\\": \\"US\\",\\n \\"CountryName\\": \\"United States\\",\\n \\"Regions\\": [\\n {\\n \\"AbroadRegionId\\": \\"US-CA\\",\\n \\"AbroadRegionName\\": \\"California\\"\\n }\\n ],\\n \\"Continent\\": \\"North America\\"\\n }\\n ],\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', + ], + 'DescribeLogDeliveryConfig' => [ + 'summary' => 'Queries a single log delivery configuration for a hybrid cloud.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -23735,311 +19070,236 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '188086', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - 'title' => 'WAF实例ID。'."\n" - ."\n" - .'> 您可以通过调用[DescribeInstance](~~433756~~)接口查看当前WAF实例ID。', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-*****', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'DeliveryName', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1723392000', - 'title' => '查询的开始时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1726057800', - 'title' => '查询的结束时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'MatchedHost', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name of the API.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'a.***.com', - 'title' => 'API接口所属的域名。', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], - [ - 'name' => 'ApiFormat', - 'in' => 'query', + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '/api/users/login'."\n", - 'title' => 'API接口。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-******', 'title' => ''], + 'DeliveryConfig' => [ + 'description' => 'The log delivery configuration.', + 'type' => 'object', + 'properties' => [ + 'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''], + 'DeliveryType' => ['description' => 'The type of the log delivery configuration. Valid values:'."\n" + ."\n" + .'- **syslog**: The logs are delivered to a syslog service.'."\n" + ."\n" + .'- **kafka**: The logs are delivered to a Kafka service.', 'type' => 'string', 'example' => 'syslog', 'title' => ''], + 'DeliveryDetail' => ['description' => 'The details of the log delivery configuration, in JSON format.'."\n" + ."\n" + .'> This parameter is the same as the **DeliveryDetail** parameter of the **CreateLogDeliveryConfig** operation. For more information, see [CreateLogDeliveryConfig](~~CreateLogDeliveryConfig~~).', 'type' => 'string', 'example' => '{'."\n" + .' "rfcVersion": "rfc3164",'."\n" + .' "protocol": "tcp",'."\n" + .' "servers": ['."\n" + .' {'."\n" + .' "address": "1.1.1.1",'."\n" + .' "port": 20'."\n" + .' }'."\n" + .' ]'."\n" + .'}', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-******\\",\\n \\"DeliveryConfig\\": {\\n \\"DeliveryName\\": \\"test1\\",\\n \\"DeliveryType\\": \\"syslog\\",\\n \\"DeliveryDetail\\": \\"{\\\\n \\\\\\"rfcVersion\\\\\\": \\\\\\"rfc3164\\\\\\",\\\\n \\\\\\"protocol\\\\\\": \\\\\\"tcp\\\\\\",\\\\n \\\\\\"servers\\\\\\": [\\\\n {\\\\n \\\\\\"address\\\\\\": \\\\\\"1.1.1.1\\\\\\",\\\\n \\\\\\"port\\\\\\": 20\\\\n }\\\\n ]\\\\n}\\"\\n }\\n}","type":"json"}]', + 'title' => 'DescribeLogDeliveryConfig', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'ClientIP', - 'in' => 'query', - 'schema' => [ - 'description' => 'The IP address.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '103.118.55.**', - 'title' => 'IP地址。', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + ], + 'DescribeLogDeliveryConfigs' => [ + 'summary' => 'Queries all log delivery configurations of a Web Application Firewall (WAF) instance for hybrid cloud.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'SensitiveCode', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the sensitive data.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of sensitive data.', - 'type' => 'string', - 'required' => false, - 'example' => '1000,1001', - 'title' => '敏感数据类型。'."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持敏感数据类型。', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], + ], + 'parameters' => [ [ - 'name' => 'SensitiveData', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The response sensitive data.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'user', - 'title' => '响应敏感数据。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'DeliveryNameLike', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - 'title' => '分页查询时,返回第几页数据。默认值为**1**,表示返回第1页数据。', - ], + 'schema' => ['description' => 'The name of the log delivery configuration that you want to query. Fuzzy match is supported.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'DeliveryType', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '10', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - 'title' => '分页查询时,每页包含多少条结果。默认值为**10**,表示每页包含10条结果。', - ], + 'schema' => ['description' => 'The type of the log delivery configuration that you want to query. Valid values:'."\n" + ."\n" + .'- **syslog**: Log delivery to a syslog server.'."\n" + ."\n" + .'- **kafka**: Log delivery to a Kafka cluster.', 'type' => 'string', 'required' => false, 'example' => 'kafka', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '433', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - 'title' => '阿里云资源组ID。', - ], + 'schema' => ['description' => 'The pagination token that is used in the next request to retrieve a new page of results. Set this parameter to the value of **NextToken** returned in the previous call. You do not need to specify this parameter for the first request.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAINZ+8pH1oQnusEu1tGAc8is', 'title' => ''], ], [ - 'name' => 'Account', + 'name' => 'MaxResults', 'in' => 'query', - 'schema' => [ - 'title' => '账号信息。', - 'type' => 'string', - 'example' => 'admin', - ], + 'schema' => ['description' => 'The maximum number of entries per page. Valid values: 1 to 50. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '7', - 'title' => '返回结果的总数。', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', - 'title' => '请求ID。', - ], - 'Data' => [ - 'description' => 'The access logs.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''], + 'DeliveryConfigs' => [ + 'description' => 'The log delivery configurations.', 'type' => 'array', 'items' => [ - 'description' => 'The access log.'."\n", + 'description' => 'The details of a log delivery configuration.', 'type' => 'object', 'properties' => [ - 'MatchedHost' => [ - 'description' => 'The domain name of the API.'."\n", - 'type' => 'string', - 'example' => 'a.****.com', - 'title' => 'API接口所属的域名。', - ], - 'ApiFormat' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'example' => '/api/users/login', - 'title' => 'API接口。', - ], - 'TraceId' => [ - 'description' => 'The trace ID.'."\n", - 'type' => 'string', - 'example' => '0a3d455b17027784870843933dce3d', - 'title' => '日志ID。', - ], - 'RequestTime' => [ - 'description' => 'The time when the request was initiated. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1723392000', - 'title' => '请求时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], - 'Count' => [ - 'description' => 'The number of sensitive data records involved in cross-border data transfer.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12', - 'title' => '出站敏感数据条数。', - ], - 'ClientIP' => [ - 'description' => 'The IP address.'."\n", - 'type' => 'string', - 'example' => '103.118.55.**', - 'title' => 'IP地址。', - ], - 'ApiId' => [ - 'description' => 'The ID of the API.'."\n", - 'type' => 'string', - 'example' => '197b52abcd81d6a8bd4***e477', - 'title' => 'API的ID。', - ], - 'SensitiveList' => [ - 'description' => 'The details of sensitive data. The value is a string that consists of a JSON struct. The JSON struct contains key-value pairs. In a key-value pair, a key indicates the identifier of a sensitive data type, including built-in and custom types, and a value indicates specific sensitive data.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.'."\n", - 'type' => 'string', - 'example' => '{'."\n" - .' "1000":[ '."\n" - .' "90.88.49.19",'."\n" - .' "90.88.49.19"'."\n" - .' ],'."\n" - .' "835436":[ '."\n" - .' "www.abc.com"'."\n" - .' ]'."\n" - .'}', - 'title' => '敏感数据信息。以一系列参数构造的 JSON 格式转化成字符串。其中 JSON 的 Key为敏感信息类型标识(包括内置和自定义两种类型),Value为敏感信息数据列表。'."\n" - ."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的敏感信息类型。', - ], - 'RemoteCountryId' => [ - 'description' => 'IP region, formatted as a region code.', - 'type' => 'string', - 'example' => 'CN', - 'title' => 'IP所属区域,格式为地域标识代码。', - ], - 'Account' => [ - 'title' => '请求的账号。', - 'type' => 'string', - 'example' => 'admin', - ], + 'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''], + 'DeliveryDetail' => ['description' => 'The details of the log delivery configuration, returned as a JSON string.'."\n" + ."\n" + .'> The structure of this parameter is the same as the **DeliveryDetail** request parameter of the [CreateLogDeliveryConfig](~~CreateLogDeliveryConfig~~) operation.', 'type' => 'string', 'example' => '{'."\n" + .' "rfcVersion": "rfc3164",'."\n" + .' "protocol": "tcp",'."\n" + .' "servers": ['."\n" + .' {'."\n" + .' "address": "1.1.1.1",'."\n" + .' "port": 20'."\n" + .' }'."\n" + .' ]'."\n" + .'}', 'title' => ''], + 'DeliveryType' => ['description' => 'The type of the log delivery configuration. Valid values:'."\n" + ."\n" + .'- **syslog**: Log delivery to a syslog server.'."\n" + ."\n" + .'- **kafka**: Log delivery to a Kafka cluster.', 'type' => 'string', 'example' => 'syslog', 'title' => ''], ], - 'title' => '访问日志信息。', + 'title' => '', + 'example' => '', ], - 'title' => '访问日志列表。', + 'title' => '', + 'example' => '', ], + 'NextToken' => ['description' => 'The pagination token that is used in the next request to retrieve a new page of results.'."\n" + ."\n" + .'> If this parameter is not empty, more results are available. Use the value of **NextToken** in the next request to retrieve the next page of results. If the value is empty, all results have been returned.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], + 'MaxResults' => ['description' => 'The maximum number of entries returned per page.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of log delivery configurations returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 7,\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"Data\\": [\\n {\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/users/login\\",\\n \\"TraceId\\": \\"0a3d455b17027784870843933dce3d\\",\\n \\"RequestTime\\": 1723392000,\\n \\"Count\\": 12,\\n \\"ClientIP\\": \\"103.118.55.**\\",\\n \\"ApiId\\": \\"197b52abcd81d6a8bd4***e477\\",\\n \\"SensitiveList\\": \\"{\\\\n \\\\\\"1000\\\\\\":[ \\\\n \\\\\\"90.88.49.19\\\\\\",\\\\n \\\\\\"90.88.49.19\\\\\\"\\\\n ],\\\\n \\\\\\"835436\\\\\\":[ \\\\n \\\\\\"www.abc.com\\\\\\"\\\\n ]\\\\n}\\",\\n \\"RemoteCountryId\\": \\"CN\\",\\n \\"Account\\": \\"admin\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveRequestLog', - ], - 'DescribeSensitiveOutboundTrend' => [ - 'summary' => 'Queries the trends of cross-border data transfer of personal information.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"DeliveryConfigs\\": [\\n {\\n \\"DeliveryName\\": \\"test1\\",\\n \\"DeliveryDetail\\": \\"{\\\\n \\\\\\"rfcVersion\\\\\\": \\\\\\"rfc3164\\\\\\",\\\\n \\\\\\"protocol\\\\\\": \\\\\\"tcp\\\\\\",\\\\n \\\\\\"servers\\\\\\": [\\\\n {\\\\n \\\\\\"address\\\\\\": \\\\\\"1.1.1.1\\\\\\",\\\\n \\\\\\"port\\\\\\": 20\\\\n }\\\\n ]\\\\n}\\",\\n \\"DeliveryType\\": \\"syslog\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20,\\n \\"TotalCount\\": 5\\n}","type":"json"}]', + 'title' => 'DescribeLogDeliveryConfigs', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeLogDeliveryConfigs', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeMajorProtectionBlackIps' => [ + 'summary' => 'Queries the IP address blacklist for critical event protection in a paginated format.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -24050,446 +19310,480 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '187670', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeNodes' => ['FEATUREwaf2KYU04'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1672502400', - ], + 'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '5673', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1725966000'."\n", - ], + 'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '20013199', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'IpLike', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'format' => 'int64', - 'required' => false, - 'example' => '433', - ], + 'schema' => ['description' => 'The IP address to query. You can set this parameter to perform a fuzzy query on the added IP address blacklist.', 'type' => 'string', 'required' => false, 'example' => '192.0.XX.XX', 'title' => ''], + ], + [ + 'name' => 'OrderBy', + 'in' => 'query', + 'schema' => ['description' => 'The property by which to sort the results in **descending order**. Valid values:'."\n" + ."\n" + .'- **gmtModified**: sorts by modification time.'."\n" + ."\n" + .'- **ip**: sorts by IP address.'."\n" + ."\n" + .'- **templateId**: sorts by template ID.'."\n" + ."\n" + .'- **id**: sorts by primary key.', 'type' => 'string', 'required' => false, 'example' => 'gmtModified', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '7', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', - ], - 'Data' => [ - 'description' => 'The information records involved in cross-border data transfer.'."\n", + 'TotalCount' => ['description' => 'The total number of IP addresses in the blacklist.', 'type' => 'integer', 'format' => 'int64', 'example' => '63', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '41631674-EEB0-5B02-BEB4-40A758E9B841', 'title' => ''], + 'IpList' => [ + 'description' => 'The list of IP addresses in the blacklist.', 'type' => 'array', 'items' => [ - 'description' => 'The information record involved in cross-border data transfer.'."\n", + 'description' => 'The list of IP addresses in the blacklist.', 'type' => 'object', 'properties' => [ - 'SensitiveOutboundCount' => [ - 'description' => 'The total number of sensitive information records involved in cross-border data transfer.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '378', - ], - 'Timestamp' => [ - 'description' => 'The time of cross-border data transfer. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1672502400', - ], - 'InfoCount' => [ - 'description' => 'The total number of personal information records.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '672', - ], - 'InfoOutboundCount' => [ - 'description' => 'The total number of personal information records involved in cross-border data transfer.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '541', - ], + 'Description' => ['description' => 'The description of the template.', 'type' => 'string', 'example' => 'test0003asdffas', 'title' => ''], + 'Ip' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '192.0.XX.XX', 'title' => ''], + 'RuleId' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'example' => '8508970', 'title' => ''], + 'ExpiredTime' => ['description' => 'The timestamp after which the IP address blacklist becomes invalid. Unit: seconds.'."\n" + ."\n" + .'> If the value is **0**, the IP address blacklist is permanently valid.', 'type' => 'integer', 'format' => 'int64', 'example' => '1662603328', 'title' => ''], + 'GmtModified' => ['description' => 'The time when the IP address in the blacklist was modified.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665456202000', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '9684', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 7,\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 378,\\n \\"Timestamp\\": 1672502400,\\n \\"InfoCount\\": 672,\\n \\"InfoOutboundCount\\": 541\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveOutboundTrend', - ], - 'DescribeSensitiveOutboundStatistic' => [ - 'summary' => 'Queries the data types of personal information involved in cross-border data transfer.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeMajorProtectionBlackIps', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMajorProtectionBlackIps'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeMajorProtectionBlackIps', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 63,\\n \\"RequestId\\": \\"41631674-EEB0-5B02-BEB4-40A758E9B841\\",\\n \\"IpList\\": [\\n {\\n \\"Description\\": \\"test0003asdffas\\",\\n \\"Ip\\": \\"192.0.XX.XX\\",\\n \\"RuleId\\": 8508970,\\n \\"ExpiredTime\\": 1662603328,\\n \\"GmtModified\\": 1665456202000,\\n \\"TemplateId\\": 9684\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeMemberAccounts' => [ + 'summary' => 'Retrieves all member accounts managed by the WAF multi-account management feature.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '187677', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeCode' => '213364', + 'abilityTreeNodes' => ['FEATUREwaf4WHEC3'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1672502400', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1725966000', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'SensitiveType', + 'name' => 'SourceIp', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the information. Valid values:'."\n" - ."\n" - .'* **info** (default): full personal information'."\n" - .'* **sensitive**: sensitive personal information'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'info', - ], + 'schema' => ['description' => 'The source IP address. You do not need to specify this parameter. It is automatically obtained by the system.', 'type' => 'string', 'required' => false, 'example' => '0.0.XX.XX', 'title' => ''], ], [ - 'name' => 'SensitiveLevel', + 'name' => 'AccountStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The sensitivity level. Valid values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'high', - ], + 'schema' => ['description' => 'The status of the member accounts that you want to query. Valid values:'."\n" + ."\n" + .'- **enabled**: The member account is being managed.'."\n" + ."\n" + .'- **disabled**: The member account is not being managed.'."\n" + ."\n" + .'- **disabling**: The member account is being removed from management.', 'type' => 'string', 'required' => false, 'example' => 'enabled', 'title' => ''], ], - [ - 'name' => 'SensitiveCode', - 'in' => 'query', + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The type of the sensitive data. Separate multiple types with commas (,).'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of sensitive data. Only built-in types of sensitive data are supported for this operation.', - 'type' => 'string', - 'required' => false, - 'example' => '1000,1001', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '50C4A80D-D46C-57E0-9A7D-03C078474852', 'title' => ''], + 'AccountInfos' => [ + 'description' => 'The information about the member accounts.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'AccountId' => ['description' => 'The ID of the member account.', 'type' => 'string', 'example' => '169************21', 'title' => ''], + 'AccountName' => ['description' => 'The name of the member account.', 'type' => 'string', 'example' => 'ipflgmqqnbjg', 'title' => ''], + 'AccountStatus' => ['description' => 'The status of the member account. Valid values:'."\n" + ."\n" + .'- **enabled**: The member account is being managed.'."\n" + ."\n" + .'- **disabled**: The member account is not being managed.'."\n" + ."\n" + .'- **disabling**: The member account is being removed from management.', 'type' => 'string', 'example' => 'enabled', 'title' => ''], + 'Description' => ['description' => 'The description of the member account.', 'type' => 'string', 'example' => 'test', 'title' => ''], + 'GmtCreate' => ['description' => 'The time when the member account was added. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683367751000', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], - [ - 'name' => 'DetectionResult', - 'in' => 'query', - 'schema' => [ - 'description' => 'The evaluation result. Valid values:'."\n" - ."\n" - .'* **report**: Risks exist in cross-border data transfer.'."\n" - .'* **none**: No risks exist in cross-border data transfer.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'report', - ], + ], + 'title' => 'DescribeMemberAccounts', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMemberAccounts'], ], + ], + 'ramActions' => [ [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeMemberAccounts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"50C4A80D-D46C-57E0-9A7D-03C078474852\\",\\n \\"AccountInfos\\": [\\n {\\n \\"AccountId\\": \\"169************21\\",\\n \\"AccountName\\": \\"ipflgmqqnbjg\\",\\n \\"AccountStatus\\": \\"enabled\\",\\n \\"Description\\": \\"test\\",\\n \\"GmtCreate\\": 1683367751000\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeNetworkFlowTimeSeriesMetric' => [ + 'summary' => 'Queries the time series statistics of all traffic, including malicious requests and normal service requests.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], + 'security' => [ [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '25', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '258611', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], + 'autoTest' => true, + ], + 'parameters' => [ [ - 'name' => 'OrderKey', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the sorting field. Valid values:'."\n" - ."\n" - .'* **total_count** (default): total number of data entries'."\n" - .'* **outbound_count**: total number of data entries that are transferred across borders'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'total_count', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'OrderWay', + 'name' => 'Filter', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'description' => 'The sorting method. Valid values:'."\n" - ."\n" - .'* **desc** (default): in descending order'."\n" - .'* **asc**: in ascending order'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'desc', + 'description' => 'The filter conditions for the query. Multiple filter conditions have a logical AND relationship.', + 'type' => 'object', + 'properties' => [ + 'DateRange' => [ + 'description' => 'The time range to query.', + 'type' => 'object', + 'properties' => [ + 'StartDate' => ['description' => 'The start of the time range to query, in UNIX timestamp format. Unit: seconds. The query time range cannot exceed the last 30 days.'."\n" + ."\n" + .'> ## The start time must be within the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000', 'title' => ''], + 'EndDate' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600', 'title' => ''], + ], + 'required' => true, + 'title' => '', + 'example' => '', + ], + 'Conditions' => [ + 'description' => 'A list of filter conditions. Each item describes a filter condition.', + 'type' => 'array', + 'items' => [ + 'description' => 'The configuration of a single filter condition. A filter condition consists of a **field name**, an **operator**, and a **filter value**. For more information about the supported field names and operators, see **Additional information about request parameters**.', + 'type' => 'object', + 'properties' => [ + 'Key' => [ + 'description' => 'The field to use for filtering. This parameter supports the following fields:'."\n" + ."\n" + .'- matched\\_host: The protected object.'."\n" + ."\n" + .'- cluster: The protection cluster.', + 'enumValueTitles' => [], + 'type' => 'string', + 'required' => false, + 'example' => 'matched_host'."\n", + 'title' => '', + ], + 'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''], + 'Values' => ['description' => 'The filter value.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + ], + 'required' => true, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ClusterId', + 'name' => 'Metric', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The metric to query. Different metrics return different data. Valid values:'."\n" + ."\n" + .'- qps: The number of requests that WAF processes per second. This is a peak value. WAF calculates a queries per second (QPS) value every 10 seconds and uses the peak value within the specified time granularity as the QPS.'."\n" + ."\n" + .'- total\\_requests: The total number of requests that WAF processes.'."\n" + ."\n" + .'- top5\\_status: The top five response codes that WAF returns to the client and the corresponding time series statistics.'."\n" + ."\n" + .'- top5\\_upstream\\_status: The top five response codes that the origin server returns to the client and the corresponding time series statistics.', 'type' => 'string', 'required' => true, 'example' => 'total_requests', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The returned data. For a sample format, see the **Examples** section.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '5', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', - ], - 'Data' => [ - 'description' => 'The data types of personal information involved in cross-border data transfer.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4*****', 'title' => ''], + 'NetworkFlowTimeSeries' => [ + 'description' => 'The time series data. Multiple data series can be returned.', 'type' => 'array', 'items' => [ - 'description' => 'The data type of personal information involved in cross-border data transfer.'."\n", + 'description' => 'A single time series. The time series data consists of two arrays: Timestamps and Values. The Timestamps array contains a sequence of timestamps at fixed intervals. The Values array contains the statistical count for each interval. The two arrays have the same number of data points, and the data points correspond to each other.', 'type' => 'object', 'properties' => [ - 'SensitiveLevel' => [ - 'description' => 'The sensitivity level. Valid values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**'."\n", - 'type' => 'string', - 'example' => 'high', - ], - 'SensitiveCode' => [ - 'description' => 'The type of the sensitive data.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of sensitive data.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1001', - ], - 'OutboundCount' => [ - 'description' => 'The number of data entries that are transferred across borders.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '300', - ], - 'DetectionResult' => [ - 'description' => 'The evaluation result. Valid values:'."\n" - ."\n" - .'* **report**: Risks exist in cross-border data transfer.'."\n" - .'* **none**: No risks exist in cross-border data transfer.'."\n", - 'type' => 'string', - 'example' => 'report', + 'Metric' => ['description' => 'The metric name. This value is the same as the Metric request parameter.', 'type' => 'string', 'example' => 'total_requests', 'title' => ''], + 'Timestamps' => [ + 'description' => 'The timestamps. Each value represents the start of a time interval.', + 'type' => 'array', + 'items' => ['description' => 'The start time of each data point. This value is a UNIX timestamp string.', 'type' => 'string', 'example' => '[]', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'SensitiveType' => [ - 'description' => 'The type of the information. Valid values:'."\n" - ."\n" - .'* **info**: full personal information'."\n" - .'* **sensitive**: sensitive personal information'."\n", - 'type' => 'string', - 'example' => 'info', + 'Values' => [ + 'description' => 'The metric values. Each value represents the count within the corresponding time interval.', + 'type' => 'array', + 'items' => ['description' => 'The statistical count for the current time range.', 'type' => 'integer', 'format' => 'int64', 'example' => '[]', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'InfoCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '546', + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + 'TimeSeriesMetaData' => [ + 'description' => 'The metadata of the returned data.', + 'type' => 'object', + 'properties' => [ + 'DateRange' => [ + 'description' => 'The time range that was queried.', + 'type' => 'object', + 'properties' => [ + 'StartDate' => ['description' => 'The start of the time range that was queried. This value is a UNIX timestamp. Unit: seconds. This value is the same as the StartDate request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000', 'title' => ''], + 'EndDate' => ['description' => 'The end of the time range that was queried. This value is a UNIX timestamp. Unit: seconds. This value is the same as the EndDate request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'AggregateInterval' => ['description' => 'The time granularity of each data point in the returned time series. For example, "15m" indicates that each data point represents statistics for a 15-minute interval. For more information about the time granularity, see the **Time granularity of data points** section.', 'type' => 'string', 'example' => '1m', 'title' => ''], + 'Units' => ['description' => 'The unit of the returned data. Default value: requests.', 'type' => 'string', 'example' => 'requests', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'], + ['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveLevel\\": \\"high\\",\\n \\"SensitiveCode\\": 1001,\\n \\"OutboundCount\\": 300,\\n \\"DetectionResult\\": \\"report\\",\\n \\"SensitiveType\\": \\"info\\",\\n \\"InfoCount\\": 546\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveOutboundStatistic', - ], - 'DescribeSensitiveOutboundDistribution' => [ - 'summary' => 'Queries the traffic distribution of personal information records involved in cross-border data transfer.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4*****\\",\\n \\"NetworkFlowTimeSeries\\": [\\n {\\n \\"Metric\\": \\"total_requests\\",\\n \\"Timestamps\\": [\\n \\"[]\\"\\n ],\\n \\"Values\\": [\\n 0\\n ]\\n }\\n ],\\n \\"TimeSeriesMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"AggregateInterval\\": \\"1m\\",\\n \\"Units\\": \\"requests\\"\\n }\\n}","type":"json"}]', + 'title' => 'DescribeNetworkFlowTimeSeriesMetric', + 'requestParamsDescription' => '**Operator descriptions**'."\n" + ."\n" + .'| Operator | Meaning | Description |'."\n" + .'| ------------- | ------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| all-not-match | Not equal to any of the values | The field value is not equal to any value in the collection. For example, to filter requests where real_client_ip is not equal to any value in the collection:<br>`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n" + .'| eq | Equal to | The field value is equal to a string. For example, to filter statistics for requests where the URL is equal to "/testcase":<br>`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n" + .'| match-one | Equal to one of the values | The field value is equal to any value in the collection. For example, to filter requests where real_client_ip is equal to any value in the collection:<br>`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n" + .'| ne | Not equal to | The field value is not equal to a string. For example, to filter statistics for requests where the URL is not equal to "/testcase":<br>`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n" + ."\n" + .'**Supported keys for filter conditions**'."\n" + ."\n" + .'| Field name | Description | Supported operators |'."\n" + .'| ------------ | ----------------------- | -------------------------------------- |'."\n" + .'| cluster | The protection cluster. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| matched_host | The protected object. | ne, eq,<br>match-one,<br>all-not-match |', + 'responseParamsDescription' => '**Time granularity of data points**'."\n" + ."\n" + .'The time granularity of the returned data varies based on the specified time range.'."\n" + ."\n" + .'- If the time range is less than 3 hours, the time granularity is 1m (1 minute).'."\n" + ."\n" + .'- If the time range is 3 hours or more and less than 6 hours, the time granularity is 5m (5 minutes).'."\n" + ."\n" + .'- If the time range is 6 hours or more and less than 24 hours, the time granularity is 15m (15 minutes).'."\n" + ."\n" + .'- If the time range is 24 hours or more and less than 7 days, the time granularity is 1h (1 hour).'."\n" + ."\n" + .'- If the time range is 7 days or more and less than 30 days, the time granularity is 1d (1 day).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeNetworkFlowTimeSeriesMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeNetworkFlowTopNMetric' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -24500,146 +19794,205 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '187676', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeCode' => '258808', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****'."\n", 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'Filter', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1672502400', + 'description' => 'The filter conditions for the query. If you specify multiple filter conditions, all conditions must be met (logical AND).', + 'type' => 'object', + 'properties' => [ + 'DateRange' => [ + 'description' => 'The time range to query.', + 'type' => 'object', + 'properties' => [ + 'StartDate' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds. The time range cannot exceed the last 30 days.'."\n" + ."\n" + .'> The start time must be later than 30 days before the current time.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''], + ], + 'required' => true, + 'title' => '', + 'example' => '', + ], + 'Conditions' => [ + 'description' => 'The list of filter conditions.', + 'type' => 'array', + 'items' => [ + 'description' => 'A single filter condition. A filter condition consists of a field name (Key), an operator (OpValue), and a filter value (Values). For more information about supported field names and operators, see the **Additional information about request parameters** section.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The field name to use for filtering. Valid values:'."\n" + ."\n" + .'- matched\\_host'."\n" + ."\n" + .'- cluster', 'type' => 'string', 'required' => false, 'example' => 'matched_host'."\n", 'title' => ''], + 'OpValue' => ['description' => 'The operator that is used for the filter condition. For more information about supported operators, see the **Additional information about request parameters** section.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''], + 'Values' => ['description' => 'The value to use for the filter condition. The value format depends on the Key and OpValue that you specify.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top'."\n", 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + ], + 'required' => true, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'EndTime', + 'name' => 'Limit', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1725966000', - ], + 'schema' => ['description' => 'The maximum number of entries to return. Results are sorted in descending order. Maximum value: 10.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '10', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'Metric', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'format' => 'int64', - 'required' => false, - 'example' => '443', - ], + 'schema' => ['description' => 'The metric by which to query and rank data. Valid values:'."\n" + ."\n" + .'- real\\_client\\_ip: Returns the top N source IP addresses of requests that are sent to WAF. The data is aggregated by source IP address and sorted in descending order.'."\n" + ."\n" + .'- http\\_user\\_agent: Returns the top N user agents of requests that are sent to WAF. The data is aggregated by user agent and sorted in descending order.'."\n" + ."\n" + .'- request\\_path: Returns the top N request URLs. The data is aggregated by URL and sorted in descending order.'."\n" + ."\n" + .'- matched\\_host\\_by\\_total\\_requests: Returns the top N protected objects by total number of requests received.'."\n" + ."\n" + .'- matched\\_host\\_by\\_qps: Returns the top N protected objects by queries per second (QPS).'."\n" + ."\n" + .'- matched\\_host\\_by\\_status: Returns the top N protected objects based on a specific WAF-returned HTTP status code. The data is aggregated by protected object and sorted in descending order. If you set Metric to this value, you must specify the status field in the Conditions parameter of Filter. The format is as follows:<br> {"Key":"status","OpValue":"eq","Values":"200"}<br>'."\n" + ."\n" + .'- matched\\_host\\_by\\_upstream\\_status: Returns the top N protected objects based on a specific origin server-returned HTTP status code. The data is aggregated by protected object and sorted in descending order. If you set Metric to this value, you must specify the upstream\\_status field in the Conditions parameter of Filter. The format is as follows:<br> {"Key":"upstream\\_status","OpValue":"eq","Values":"200"}<br>', 'type' => 'string', 'required' => true, 'example' => 'matched_host_by_upstream_status', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response body. For more information about the format, see the **Examples** section.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Data' => [ - 'description' => 'The traffic distribution of personal information records involved in cross-border data transfer.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-******4C7726', 'title' => ''], + 'NetworkFlowTopNValues' => [ + 'description' => 'An array of the top N statistics.', 'type' => 'array', 'items' => [ - 'description' => 'The traffic details of the personal information record involved in cross-border data transfer.'."\n", + 'description' => 'A single entry in the top N ranking results.', 'type' => 'object', 'properties' => [ - 'SensitiveOutboundCount' => [ - 'description' => 'The number of sensitive information records involved in cross-border data transfer.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '144', - ], - 'Country' => [ - 'description' => 'The country to which the data is transferred.'."\n", - 'type' => 'string', - 'example' => 'US', - ], - 'InfoOutboundCount' => [ - 'description' => 'The number of personal information records involved in cross-border data transfer.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '213', + 'Name' => ['description' => 'The dimension value that corresponds to the specified Metric request parameter. For example, if the Metric is set to real\\_client\\_ip, this parameter indicates the source IP address.', 'type' => 'string', 'example' => '127.0.0.1', 'title' => ''], + 'Attribute' => ['description' => 'The additional attribute associated with the entry. For example, when the Metric is set to real\\_client\\_ip, this parameter indicates the country or region to which the IP address belongs.', 'type' => 'string', 'example' => ' CN', 'title' => ''], + 'Value' => ['description' => 'The total number of requests or the QPS value, depending on the specified Metric. This value is used for top N ranking.', 'type' => 'integer', 'format' => 'int64', 'example' => '1123', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + 'TopNMetaData' => [ + 'description' => 'The metadata of the returned data.', + 'type' => 'object', + 'properties' => [ + 'DateRange' => [ + 'description' => 'The time range used for the query.', + 'type' => 'object', + 'properties' => [ + 'StartDate' => ['description' => 'The beginning of the time range. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end of the time range. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'Units' => ['description' => 'The unit of the returned statistical data.', 'type' => 'string', 'example' => 'requests'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'], + ['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 144,\\n \\"Country\\": \\"US\\",\\n \\"InfoOutboundCount\\": 213\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveOutboundDistribution', - ], - 'DescribeSensitiveDetectionResult' => [ - 'summary' => 'Queries the compliance check results of API security.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'DescribeNetworkFlowTopNMetric', + 'summary' => 'Queries the top N statistics for all traffic that passes through Web Application Firewall (WAF), including malicious and normal service requests. The results are aggregated by different dimensions and sorted in descending order.', + 'requestParamsDescription' => '**Description of operators**'."\n" + ."\n" + .'| Operator | Meaning | Description |'."\n" + .'| ------------- | -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| all-not-match | Does not equal any of the values | The field value is not equal to any of the specified values. For example, to exclude requests from specific source IP addresses:<br>`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` |'."\n" + .'| eq | Equals | The field value equals the specified string. For example, to query statistics for requests with the URL path "/testcase":<br>`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n" + .'| match-one | Equals one of the values | The field value equals one of the specified values. For example, to query statistics for requests from specific source IP addresses:<br>`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` |'."\n" + .'| ne | Does not equal | The field value does not equal the specified string. For example, to exclude requests with the URL path "/testcase":<br>`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n" + ."\n" + .'**Supported keys for filter conditions**'."\n" + ."\n" + .'| Field name | Field description | Supported operators |'."\n" + .'| ------------ | ----------------------- | -------------------------------------- |'."\n" + .'| cluster | The protection cluster. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| matched_host | The protected object. | ne, eq,<br>match-one,<br>all-not-match |', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeNetworkFlowTopNMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-******4C7726\\",\\n \\"NetworkFlowTopNValues\\": [\\n {\\n \\"Name\\": \\"127.0.0.1\\",\\n \\"Attribute\\": \\" CN\\",\\n \\"Value\\": 1123\\n }\\n ],\\n \\"TopNMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]', + ], + 'DescribePauseProtectionStatus' => [ + 'summary' => 'Queries the protection pause status of a Web Application Firewall (WAF) instance.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -24650,191 +20003,80 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '187711', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeCode' => '222987', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp26f1****', - ], - ], - [ - 'name' => 'StartTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1672502400', - ], - ], - [ - 'name' => 'EndTime', - 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1725966000', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'format' => 'int64', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Data' => [ - 'description' => 'The compliance check results.'."\n", - 'type' => 'object', - 'properties' => [ - 'Result' => [ - 'description' => 'The compliance checks.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the compliance checks.'."\n", - 'type' => 'object', - 'properties' => [ - 'Max' => [ - 'description' => 'The maximum values in the statistics of sensitive data types.'."\n", - 'type' => 'object', - 'properties' => [ - 'SensitiveCode' => [ - 'description' => 'The most frequent sensitive data type.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1003', - ], - 'OutboundCount' => [ - 'description' => 'The number of sensitive personal information records that are of the most frequent sensitive data type and are involved in cross-border data transfer.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '54', - ], - 'InfoCount' => [ - 'description' => 'The number of sensitive personal information records that are of the most frequent sensitive data type.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '187', - ], - ], - ], - 'DetectionResult' => [ - 'description' => 'The compliance check results. Valid values:'."\n" - ."\n" - .'* **report**: Risks exist in cross-border data transfer.'."\n" - .'* **none**: No risks exist in cross-border data transfer.'."\n", - 'type' => 'string', - 'example' => 'report', - ], - 'List' => [ - 'description' => 'The sensitive information check results by sensitive data type.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The sensitive information check results of a sensitive data type.'."\n", - 'type' => 'object', - 'properties' => [ - 'SensitiveCode' => [ - 'description' => 'The sensitive data type.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1002', - ], - 'OutboundCount' => [ - 'description' => 'The number of sensitive personal information records that are involved in cross-border data transfer.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '6', - ], - 'InfoCount' => [ - 'description' => 'The number of personal information records.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '11', - ], - ], - ], - ], - ], - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-****-46CE-A47C-6B19****5EB0', 'title' => ''], + 'PauseStatus' => ['description' => 'Indicates whether WAF protection is paused for the instance. Valid values:'."\n" + ."\n" + .'- **0** (default): Protection is not paused.'."\n" + ."\n" + .'- **1**: Protection is paused.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribePauseProtectionStatus', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:27:28.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": {\\n \\"Result\\": [\\n {\\n \\"Max\\": {\\n \\"SensitiveCode\\": 1003,\\n \\"OutboundCount\\": 54,\\n \\"InfoCount\\": 187\\n },\\n \\"DetectionResult\\": \\"report\\",\\n \\"List\\": [\\n {\\n \\"SensitiveCode\\": 1002,\\n \\"OutboundCount\\": 6,\\n \\"InfoCount\\": 11\\n }\\n ]\\n }\\n ]\\n }\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveDetectionResult', - ], - 'DescribeSensitiveApiStatistic' => [ - 'summary' => 'Queries the personal information-related APIs and domain names.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePauseProtectionStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePauseProtectionStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-****-46CE-A47C-6B19****5EB0\\",\\n \\"PauseStatus\\": 0\\n}","type":"json"}]', + ], + 'DescribePeakTrend' => [ + 'summary' => 'Queries the trend of queries per second (QPS).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -24845,237 +20087,114 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '187678', - 'abilityTreeNodes' => [ - 'FEATUREwaf8XGRZR', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], - ], - [ - 'name' => 'MatchedHost', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name or IP address of the API.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'a.***.com', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1672502400', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'Interval', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n" - ."\n" - .'> You can query only data of the previous month, previous 3 months, previous 6 months, previous 12 months, and data generated since January 1 of last year for compliance check. You must specify a valid time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1725966000', - ], + 'schema' => ['description' => 'The time interval. Unit: seconds. The value must be an integer multiple of 60.', 'type' => 'string', 'required' => true, 'example' => '300', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The protected object for which you want to query the QPS trend, such as a domain name.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '10', - 'maximum' => '25', - 'minimum' => '1', - 'default' => '10', - ], - ], - [ - 'name' => 'ClusterId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'format' => 'int64', - 'required' => false, - 'example' => '269', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'Type', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'matchedHost', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Data' => [ - 'description' => 'The statistics.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', 'title' => ''], + 'FlowChart' => [ + 'description' => 'The QPS statistics of WAF.', 'type' => 'array', 'items' => [ - 'description' => 'The statistics.'."\n", + 'description' => 'The QPS statistics of WAF.', 'type' => 'object', 'properties' => [ - 'SensitiveOutboundCount' => [ - 'description' => 'The number of sensitive personal information records involved in cross-border data transfer by domain name.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '127', - ], - 'MatchedHost' => [ - 'description' => 'The domain name or IP address.'."\n", - 'type' => 'string', - 'example' => 'www.***.top', - ], - 'List' => [ - 'description' => 'The domain name-related APIs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The domain name-related API.'."\n", - 'type' => 'object', - 'properties' => [ - 'SensitiveCode' => [ - 'description' => 'The types of sensitive data.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The type of the sensitive data.'."\n", - 'type' => 'string', - 'example' => '1003', - ], - ], - 'ApiFormat' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'example' => '/api/login', - ], - 'SensitiveCount' => [ - 'description' => 'The number of sensitive personal information records involved in cross-border data transfer by API.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '55', - ], - 'ApiId' => [ - 'description' => 'The ID of the API.'."\n", - 'type' => 'string', - 'example' => 'd288137009c119a873d4c395****', - ], - 'InfoCount' => [ - 'description' => 'The number of personal information records involved in cross-border data transfer by API.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '78', - ], - ], - ], - ], - 'InfoOutboundCount' => [ - 'description' => 'The number of personal information records involved in cross-border data transfer by domain name.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '213', - ], - ], + 'AntiScanSum' => ['description' => 'The number of requests protected by the scan protection module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'AclSum' => ['description' => 'The number of requests protected by the ACL module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'WafSum' => ['description' => 'The number of requests protected by the web attack protection module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'CcSum' => ['description' => 'The number of requests protected by the CC protection module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'Index' => ['description' => 'The ordinal number for the time point, sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'Count' => ['description' => 'The total number of requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '2622', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\",\\n \\"FlowChart\\": [\\n {\\n \\"AntiScanSum\\": 0,\\n \\"AclSum\\": 0,\\n \\"WafSum\\": 0,\\n \\"CcSum\\": 0,\\n \\"Index\\": 10,\\n \\"Count\\": 2622\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'DescribePeakTrend', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:23:05.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 127,\\n \\"MatchedHost\\": \\"www.***.top\\",\\n \\"List\\": [\\n {\\n \\"SensitiveCode\\": [\\n \\"1003\\"\\n ],\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"SensitiveCount\\": 55,\\n \\"ApiId\\": \\"d288137009c119a873d4c395****\\",\\n \\"InfoCount\\": 78\\n }\\n ],\\n \\"InfoOutboundCount\\": 213\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeSensitiveApiStatistic', - ], - 'DescribeFreeUserEvents' => [ - 'summary' => 'Queries the list of security events on which basic detection is performed in the API security module.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePeakTrend'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePeakTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribePocFunctions' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -25086,124 +20205,96 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156225', - 'abilityTreeNodes' => [ - 'FEATUREwafDX9EQ6', - ], + 'abilityTreeCode' => '231693', + 'abilityTreeNodes' => ['FEATUREwafH82E50'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-27a3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****'."\n", 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '8A2DF88D-90C2-56E9-B8D5-36BB9646791C', - ], - 'Event' => [ - 'description' => 'The security events on which basic detection is performed.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '1557B42F-B889-460A-B17F-1DE5C5AD7FF2', 'title' => ''], + 'Functions' => [ 'type' => 'array', 'items' => [ - 'description' => 'The security event on which basic detection is performed.'."\n", 'type' => 'object', 'properties' => [ - 'EventTag' => [ - 'description' => 'The type of the security event.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported types of security events.', - 'type' => 'string', - 'example' => 'Event_DataTraverse', - ], - 'ApiFormat' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'example' => '/api/login', - ], - 'Domain' => [ - 'description' => 'The domain name of the API.'."\n", - 'type' => 'string', - 'example' => 'www.***.cn', - ], - 'AttackIP' => [ - 'description' => 'The attacker IP address.'."\n", - 'type' => 'string', - 'example' => '104.234.140.**', - ], - 'AttackTime' => [ - 'description' => 'The time at which the attack was launched. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683703260', - ], - 'EventLevel' => [ - 'description' => 'The severity level of the security event. Valid values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**'."\n", - 'type' => 'string', - 'example' => 'high', - ], + 'Type' => ['description' => 'The type of the POC feature trial. Valid values:'."\n" + ."\n" + .'- **apisec**: API security.'."\n" + ."\n" + .'- **botWeb**: bot management for websites.'."\n" + ."\n" + .'- **botApp**: bot management for apps.'."\n" + ."\n" + .'- **largeLanguageModel**: AI-powered application protection.', 'type' => 'string', 'example' => 'botWeb', 'title' => ''], + 'ExpireTime' => ['description' => 'The expiration time of the POC feature trial. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1760581677000', 'title' => ''], ], + 'description' => 'The details of the POC feature.', + 'title' => '', + 'example' => '', ], + 'description' => 'A list of the POC feature details.', + 'title' => '', + 'example' => '', ], ], + 'description' => 'The response parameters.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8A2DF88D-90C2-56E9-B8D5-36BB9646791C\\",\\n \\"Event\\": [\\n {\\n \\"EventTag\\": \\"Event_DataTraverse\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"Domain\\": \\"www.***.cn\\",\\n \\"AttackIP\\": \\"104.234.140.**\\",\\n \\"AttackTime\\": 1683703260,\\n \\"EventLevel\\": \\"high\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeFreeUserEvents', - ], - 'DescribeFreeUserEventTypes' => [ - 'summary' => 'Queries the types of security events on which basic detection is performed in the API security module.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribePocFunctions', + 'summary' => 'Retrieves the enabled proof of concept (POC) feature trials.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePocFunctions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1557B42F-B889-460A-B17F-1DE5C5AD7FF2\\",\\n \\"Functions\\": [\\n {\\n \\"Type\\": \\"botWeb\\",\\n \\"ExpireTime\\": 1760581677000\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribePostpayBills' => [ + 'summary' => 'Queries the list of pay-as-you-go bills.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -25211,100 +20302,182 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '188825', - 'abilityTreeNodes' => [ - 'FEATUREwafDX9EQ6', - ], + 'abilityTreeCode' => '114236', + 'abilityTreeNodes' => ['FEATUREwafW12QEG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-bl0****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], + ], + [ + 'name' => 'StartTime', + 'in' => 'query', + 'schema' => ['description' => 'The start time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1779120000', 'title' => ''], + ], + [ + 'name' => 'EndTime', + 'in' => 'query', + 'schema' => ['description' => 'The end time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1779195599', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'MaxResults', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page for a paged query.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '24', 'title' => ''], + ], + [ + 'name' => 'NextToken', + 'in' => 'query', + 'schema' => ['description' => 'The pagination token for the next page. If a next page exists, this field has a return value.'."\n" + ."\n" + .'> If this parameter has a return value, a next page exists. You can use the returned **NextToken** as a request parameter to obtain the data on the next page. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n", 'title' => ''], + ], + [ + 'name' => 'PeriodType', + 'in' => 'query', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", + 'title' => '', + 'description' => 'The epoch type for billing information. Valid values:'."\n" + ."\n" + .'- **hour**: Billing information is calculated on an hourly basis.', 'type' => 'string', + 'default' => 'Hour', + 'enum' => ['hour'], 'required' => false, - 'example' => 'rg-acfm***q', + 'example' => 'hour', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The bill query result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'B9D6AD11-DD3D-5A27-B1D9-8A37F7777196', - ], - 'Data' => [ - 'description' => 'The types of security events on which basic detection is performed.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0FBBDE11-C35F-531B-96BA-64CA****C875', 'title' => ''], + 'BillDetail' => [ + 'description' => 'The list of bill details.', 'type' => 'array', 'items' => [ - 'description' => 'The type of the security event on which basic detection is performed.'."\n", + 'description' => 'The bill details.', 'type' => 'object', 'properties' => [ - 'EventNum' => [ - 'description' => 'The number of security events.'."\n", - 'type' => 'string', - 'example' => '4', - ], - 'EventType' => [ - 'description' => 'The type of the security event.'."\n", - 'type' => 'string', - 'example' => 'SMSInterfaceAbuse', - ], - ], + 'Cu' => ['description' => 'The total number of SeCUs.', 'type' => 'string', 'example' => '51', 'title' => ''], + 'EndTime' => ['description' => 'The end time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1779123599', 'title' => ''], + 'StartTime' => ['description' => 'The start time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1779120000', 'title' => ''], + 'FunctionCu' => ['description' => 'The number of feature SeCUs.', 'type' => 'string', 'example' => '30', 'title' => ''], + 'TrafficCu' => ['description' => 'The number of SeCUs generated by traffic processing.', 'type' => 'string', 'example' => '21', 'title' => ''], + 'ChargeData' => ['description' => 'The bill usage details. The value is a string converted from a JSON object constructed by a series of parameters. For more information, see **Supplementary description of response parameters**.', 'type' => 'string', 'example' => '{\\"aiWhiteListTemplateCount\\":4,\\"apisecResourceCount\\":2,\\"botAppTemplateCount\\":1,\\"botWebTemplateCount\\":4,\\"ccRuleCount\\":1,\\"customAclAdvanceRuleCount\\":4,\\"customResponseRuleCount\\":5,\\"dlpRuleCount\\":1,\\"gslb\\":1,\\"instanceFee\\":1,\\"ipv6\\":1,\\"nonPort\\":1,\\"qps\\":0,\\"regionBlockRuleCount\\":1,\\"threatIntelligenceTemplateCount\\":1,\\"wafBaseTemplateCount\\":4}', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], + 'MaxResults' => ['description' => 'The number of entries per page for a paged query.', 'type' => 'integer', 'format' => 'int32', 'example' => '24', 'title' => ''], + 'NextToken' => ['description' => 'The pagination token for the next page. If a next page exists, this field has a return value.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B9D6AD11-DD3D-5A27-B1D9-8A37F7777196\\",\\n \\"Data\\": [\\n {\\n \\"EventNum\\": \\"4\\",\\n \\"EventType\\": \\"SMSInterfaceAbuse\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeFreeUserEventTypes', + 'title' => 'Query pay-as-you-go bills', + 'responseParamsDescription' => '#### **Bill usage detail parameter description**'."\n" + ."\n" + .'**Feature usage - access-related**'."\n" + .'|Parameter|Type|Description|'."\n" + .'| ----------| ------------| -----------|'."\n" + .'|domainCount |Integer |The number of CNAME-based domain names. |'."\n" + .'|exclusiveIpCount |Integer |The number of exclusive IP addresses. |'."\n" + .'|ipv6 |Integer |IPv6. |'."\n" + .'|gslb |Integer |Intelligent load balancing. |'."\n" + .'|nonPort |Integer |Non-standard ports.|'."\n" + ."\n\n" + .'**Feature usage - protection-related**'."\n" + .'|Parameter|Type|Description|'."\n" + .'| ----------| ------------| -----------|'."\n" + .'| ipBlacklistRuleCount | Integer | The number of IP address blacklist rules. |'."\n" + .'| customAclBaseRuleCount | Integer | The number of custom rules - basic rules. |'."\n" + .'| customAclAdvanceRuleCount | Integer | The number of custom rules - advanced rules. |'."\n" + .'| antiScanRuleCount | Integer | The number of scan protection rules. |'."\n" + .'| customResponseRuleCount | Integer | The number of custom response rules. |'."\n" + .'| ccRuleCount | Integer | The number of HTTP flood protection rules. |'."\n" + .'| regionBlockRuleCount | Integer | The number of geo-blocking rules. |'."\n" + .'| tamperproofRuleCount | Integer | The number of web page anti-tampering rules. |'."\n" + .'| dlpRuleCount | Integer | The number of information leak prevention rules. |'."\n" + .'| botTemplateCount | Integer | The number of legacy bot templates. |'."\n" + .'| botWebTemplateCount | Integer | The number of new bot - web protection templates. |'."\n" + .'| botAppTemplateCount | Integer | The number of new bot - app protection templates. |'."\n" + .'| customAclBotRuleCount | Integer | The number of new bot advanced custom rules. |'."\n" + .'| aiWhiteListTemplateCount | Integer | The number of intelligent whitelist templates. |'."\n" + .'| apisecResourceCount | Integer | The number of protected objects with API security enabled. |'."\n" + .'| assetStatus | Integer | Asset center. |'."\n" + .'| wafBaseTemplateCount | Integer | The number of web core protection templates. |'."\n" + .'| spikeThrottleRuleCount | Integer | The number of spike throttling templates. |'."\n" + .'| threatIntelligenceTemplateCount | Integer | The number of threat intelligence templates. |'."\n" + .'| aiAssetCount | Integer | The number of AI assets. |'."\n" + ."\n" + .'**Feature usage - instance-related**'."\n" + .'|Parameter|Type|Description|'."\n" + .'| ----------| ------------| -----------|'."\n" + .'|instanceFee |Integer |The instance fee. |'."\n" + ."\n\n" + .'**Traffic processing usage - instance-related**'."\n" + .'|Parameter|Type|Description|'."\n" + .'| ----------| ------------| -----------|'."\n" + .'| qps | Long | The peak QPS. |'."\n" + .'| request | Long | The basic traffic. |'."\n" + .'| apisecTraffic | Long | The API security traffic. |'."\n" + .'| riskTraffic | Long | The number of risk identification requests. |'."\n" + .'| customAclCaptcha | Long | The custom rule slider verification. |'."\n" + .'| botTraffic | Long | The bot protection traffic. |', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePostpayBills', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0FBBDE11-C35F-531B-96BA-64CA****C875\\",\\n \\"BillDetail\\": [\\n {\\n \\"Cu\\": \\"51\\",\\n \\"EndTime\\": 1779123599,\\n \\"StartTime\\": 1779120000,\\n \\"FunctionCu\\": \\"30\\",\\n \\"TrafficCu\\": \\"21\\",\\n \\"ChargeData\\": \\"{\\\\\\\\\\\\\\"aiWhiteListTemplateCount\\\\\\\\\\\\\\":4,\\\\\\\\\\\\\\"apisecResourceCount\\\\\\\\\\\\\\":2,\\\\\\\\\\\\\\"botAppTemplateCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"botWebTemplateCount\\\\\\\\\\\\\\":4,\\\\\\\\\\\\\\"ccRuleCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"customAclAdvanceRuleCount\\\\\\\\\\\\\\":4,\\\\\\\\\\\\\\"customResponseRuleCount\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\"dlpRuleCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"gslb\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"instanceFee\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"ipv6\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"nonPort\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"qps\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\"regionBlockRuleCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"threatIntelligenceTemplateCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"wafBaseTemplateCount\\\\\\\\\\\\\\":4}\\"\\n }\\n ],\\n \\"MaxResults\\": 24,\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\\\n\\"\\n}","type":"json"}]', ], - 'DescribeFreeUserEventCount' => [ - 'summary' => 'Queries the statistics of security events that are detected by using the basic detection feature of the API security module.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribePrepayDailyBills' => [ + 'summary' => 'Queries the burstable pay-as-you-go billing details of a subscription WAF instance, such as burstable QPS.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -25315,107 +20488,127 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156223', - 'abilityTreeNodes' => [ - 'FEATUREwafDX9EQ6', - ], + 'abilityTreeCode' => '152241', + 'abilityTreeNodes' => ['FEATUREwafH82E50'], + 'autoTest' => true, ], 'parameters' => [ [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepay_public_intl-sg-vf***', - ], + 'schema' => ['description' => 'The WAF instance ID.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '0D9FB3BC-0DE9-58A8-9663-ACE56F24F405', - ], - 'Event' => [ - 'description' => 'The information about the security events that are detected by using the basic detection feature.'."\n", - 'type' => 'object', - 'properties' => [ - 'EventTotal' => [ - 'description' => 'The total number of security events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '16', - ], - 'EventLow' => [ - 'description' => 'The number of low-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12', - ], - 'EventHigh' => [ - 'description' => 'The number of high-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'EventMedium' => [ - 'description' => 'The number of medium-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '3', - ], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'EC10C9EA-A367-52D5-***-***', 'title' => ''], + 'Bills' => [ + 'description' => 'The list of WAF burstable billing records.', + 'type' => 'array', + 'items' => [ + 'description' => 'The WAF burstable billing record.', + 'type' => 'object', + 'properties' => [ + 'Type' => [ + 'description' => 'The burstable billing type.', + 'type' => 'array', + 'items' => ['description' => 'The burstable billing type. Valid values:'."\n" + .'- **base**: basic traffic.'."\n" + .'- **bot**: Bot Management.'."\n" + .'- **apisec**: API Security.', 'type' => 'string', 'example' => 'base', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'ExceedStatus' => ['description' => 'The overuse status of the current period. Valid values:'."\n" + .'- **0**: Normal.'."\n" + .'- **1**: overused.'."\n" + .'- **2**: sandboxed.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''], + 'RiskControl' => ['description' => 'Indicates whether risk identification is enabled. Valid values:'."\n" + .'- **true**: Risk identification is enabled.'."\n" + .'- **false**: Risk identification is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'MaxQps' => ['description' => 'The maximum QPS during the current period.', 'type' => 'integer', 'format' => 'int64', 'example' => '600', 'title' => ''], + 'EndTime' => ['description' => 'The end time of the billing record. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1687591200', 'title' => ''], + 'Price' => ['description' => 'The unit price for burstable billing. Unit: CNY for the China site and USD for the international site.', 'type' => 'number', 'format' => 'float', 'example' => '0.25', 'title' => ''], + 'Qps' => ['description' => 'The QPS extension specification of the WAF instance.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'QpsVersion' => ['description' => 'The QPS specification included in the WAF instance edition.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'Total' => ['description' => 'The total QPS that is billed.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'StartTime' => ['description' => 'The start time of the billing record. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1687822980', 'title' => ''], + 'RiskTraffic' => ['description' => 'The number of times risk identification is used.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''], + 'ElasticQpsSetValue' => ['description' => 'The burstable QPS specification of the WAF instance.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''], + 'ExtensionPlugin' => ['description' => 'Indicates whether the extension plug-in is enabled. Valid values:'."\n" + .'- **true**: The extension plug-in is enabled.'."\n" + .'- **false**: The extension plug-in is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'ExtensionPluginRequest' => ['description' => 'The number of requests processed by the plug-in.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0D9FB3BC-0DE9-58A8-9663-ACE56F24F405\\",\\n \\"Event\\": {\\n \\"EventTotal\\": 16,\\n \\"EventLow\\": 12,\\n \\"EventHigh\\": 1,\\n \\"EventMedium\\": 3\\n }\\n}","type":"json"}]', - 'title' => 'DescribeFreeUserEventCount', - ], - 'DescribeFreeUserAssetCount' => [ - 'summary' => 'Queries the asset statistics provided by basic detection in the API security module.', - 'methods' => [ - 'post', - 'get', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"EC10C9EA-A367-52D5-***-***\\",\\n \\"Bills\\": [\\n {\\n \\"Type\\": [\\n \\"base\\"\\n ],\\n \\"ExceedStatus\\": 0,\\n \\"RiskControl\\": true,\\n \\"MaxQps\\": 600,\\n \\"EndTime\\": 1687591200,\\n \\"Price\\": 0.25,\\n \\"Qps\\": 10,\\n \\"QpsVersion\\": 10,\\n \\"Total\\": 0,\\n \\"StartTime\\": 1687822980,\\n \\"RiskTraffic\\": 100,\\n \\"ElasticQpsSetValue\\": 100,\\n \\"ExtensionPlugin\\": true,\\n \\"ExtensionPluginRequest\\": 100\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query burstable billing details of a subscription WAF instance', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePrepayDailyBills', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeProductInstances' => [ + 'summary' => 'Queries the list of synchronized cloud service assets.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -25426,306 +20619,307 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '156224', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '144614', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-cs0*****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zxu****9d02', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['title' => '', 'description' => 'The instance ID of the cloud service.', 'type' => 'string', 'required' => false, 'example' => 'lb-2zeugkfj81jvo****4tqm'], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ResourceName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['title' => '', 'description' => 'The instance name of the cloud service.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'exampleResourceName'], ], - ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => 'The response parameters.'."\n", - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '30488BF0-FD58-52DD-B396-D014549F43A3', - ], - 'Asset' => [ - 'description' => 'The asset statistics provided by basic detection.'."\n", - 'type' => 'object', - 'properties' => [ - 'AssetCount' => [ - 'description' => 'The total number of APIs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '15', - ], - 'AssetActive' => [ - 'description' => 'The number of active APIs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '34', - ], - 'AssetOffline' => [ - 'description' => 'The number of deactivated APIs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '13', - ], - ], - ], - ], - ], + [ + 'name' => 'ResourceRegionId', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The region ID of the cloud service. Valid values:'."\n" + .'- **cn-chengdu**: China Southwest 1 (Chengdu).'."\n" + ."\n" + .'- **cn-beijing**: China North 2 (Beijing).'."\n" + ."\n" + .'- **cn-zhangjiakou**: China North 3 (Zhangjiakou).'."\n" + ."\n" + .'- **cn-hangzhou**: China East 1 (Hangzhou).'."\n" + ."\n" + .'- **cn-shanghai**: China East 2 (Shanghai).'."\n" + ."\n" + .'- **cn-shenzhen**: China South 1 (Shenzhen).'."\n" + ."\n" + .'- **cn-qingdao**: China North 1 (Qingdao).'."\n" + ."\n" + .'- **cn-hongkong**: Hong Kong (China).'."\n" + ."\n" + .'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" + ."\n" + .'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou'], ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"30488BF0-FD58-52DD-B396-D014549F43A3\\",\\n \\"Asset\\": {\\n \\"AssetCount\\": 15,\\n \\"AssetActive\\": 34,\\n \\"AssetOffline\\": 13\\n }\\n}","type":"json"}]', - 'title' => 'DescribeFreeUserAssetCount', - ], - 'DescribeApisecUserOperations' => [ - 'summary' => 'Queries user operation records in the API security module.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ [ - 'AK' => [], + 'name' => 'ResourceProduct', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The type of the cloud service. Valid values:'."\n" + ."\n" + .'- **clb4**: Layer 4 CLB.'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **ecs**: ECS.'."\n" + .'- **nlb**: NLB.'."\n" + .'- **ddos**: Anti-DDoS.', 'type' => 'string', 'required' => false, 'example' => 'clb7'], ], - ], - 'operationType' => 'read', - 'systemTags' => [ - 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '169805', - 'abilityTreeNodes' => [ - 'FEATUREwafWE25G7', + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], - ], - 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-wwo36ksck1e', - ], + 'schema' => ['description' => 'The number of entries per page when using paging. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '100', 'minimum' => '10', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'Type', + 'name' => 'ResourceIp', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the operation record. Valid values:'."\n" - ."\n" - .'* **abnormal**: risk detection'."\n" - .'* **event**: security event'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'event', - 'default' => 'abnormal', - ], + 'schema' => ['description' => 'The public IP address of the cloud service.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => '1.X.X.1', 'title' => ''], ], [ - 'name' => 'ObjectId', + 'name' => 'OwnerUserId', 'in' => 'query', - 'schema' => [ - 'description' => 'The object ID of the operation record.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'fe8723e92e2037245014ab62161bbec8', - ], + 'schema' => ['description' => 'The UID of the resource ownership user.', 'type' => 'string', 'required' => false, 'example' => '1704********9107', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'ResourceInstanceIp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The IP address of the instance that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => '1.X.X.1', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceInstanceName', + 'in' => 'query', + 'schema' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'demoInstanceName', 'title' => ''], + ], + [ + 'name' => 'ResourceInstanceAccessStatus', 'in' => 'query', 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + 'description' => 'The WAF protection status. Valid values:'."\n" ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", + .'- **all**: All protected.'."\n" + .'- **any**: Protected.'."\n" + .'- **part**: Partially protected.'."\n" + ."\n" + .'- **non**: Not protected.', 'type' => 'string', + 'enum' => ['all', 'part', 'non', 'any'], 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'example' => 'all', + 'title' => '', ], ], [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek2ax2y5****pi', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekz6ql****5uzi', 'title' => ''], + ], + [ + 'name' => 'ResourceDomain', + 'in' => 'query', + 'schema' => ['description' => 'The domain name that is added to WAF.'."\n" + .'> This parameter is supported only when the cloud service type is ddos.', 'type' => 'string', 'required' => false, 'example' => 'www.c**sw.net', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'C9825654-327B-5156-A570-847054B4CF10', - ], - 'Data' => [ - 'description' => 'The operation records.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'FDCBAE1E-2B3F-5C13-AD20-844B9473****', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''], + 'ProductInstances' => [ + 'description' => 'The list of cloud service information.', 'type' => 'array', 'items' => [ - 'description' => 'The operation record.'."\n", + 'description' => 'The cloud service information.', 'type' => 'object', 'properties' => [ - 'Type' => [ - 'description' => 'The type of the operation record. Valid values:'."\n" - ."\n" - .'* **abnormal**: risk detection'."\n" - .'* **event**: security event'."\n", - 'type' => 'string', - 'example' => 'abnormal', - ], - 'ToStatus' => [ - 'description' => 'The state after the operation.'."\n" - ."\n" - .'Valid values of the risk state:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **toBeFixed**'."\n" - .'* **fixed**'."\n" - .'* **ignored**'."\n" - ."\n" - .'Valid values of the event state:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **ignored**'."\n", - 'type' => 'string', - 'example' => 'Confirmed', - ], - 'ObjectId' => [ - 'description' => 'The object ID of the operation record.'."\n", - 'type' => 'string', - 'example' => '24d997acc48a67a01e09b9c5ad861287', - ], - 'FromStatus' => [ - 'description' => 'The state before the operation.'."\n" - ."\n" - .'Valid values of the risk state:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **toBeFixed**'."\n" - .'* **fixed**'."\n" - .'* **ignored**'."\n" - ."\n" - .'Valid values of the event state:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **ignored**'."\n", - 'type' => 'string', - 'example' => 'ignored', - ], - 'UserId' => [ - 'description' => 'The user ID.'."\n", - 'type' => 'string', - 'example' => '1610954****', - ], - 'Note' => [ - 'description' => 'The remarks.'."\n", - 'type' => 'string', - 'example' => 'Handled', + 'ResourceInstanceId' => ['title' => '', 'description' => 'The instance ID of the cloud service.', 'type' => 'string', 'example' => 'i-2ze1tm4pvghp****cluv'], + 'ResourceName' => ['title' => '', 'description' => 'The instance name of the cloud service.', 'type' => 'string', 'deprecated' => true, 'example' => 'ecs-test'], + 'ResourceRegionId' => ['title' => '', 'description' => 'The region ID of the cloud service. Valid values:'."\n" + .'- **cn-chengdu**: China Southwest 1 (Chengdu).'."\n" + ."\n" + .'- **cn-beijing**: China North 2 (Beijing).'."\n" + ."\n" + .'- **cn-zhangjiakou**: China North 3 (Zhangjiakou).'."\n" + ."\n" + .'- **cn-hangzhou**: China East 1 (Hangzhou).'."\n" + ."\n" + .'- **cn-shanghai**: China East 2 (Shanghai).'."\n" + ."\n" + .'- **cn-shenzhen**: China South 1 (Shenzhen).'."\n" + ."\n" + .'- **cn-qingdao**: China North 1 (Qingdao).'."\n" + ."\n" + .'- **cn-hongkong**: Hong Kong (China).'."\n" + ."\n" + .'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" + ."\n" + .'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'example' => 'cn-beijing'], + 'ResourceProduct' => ['description' => 'The type of the cloud service. Valid values:'."\n" + ."\n" + .'- **clb4**: Layer 4 CLB.'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **ecs**: ECS.'."\n" + .'- **nlb**: NLB.', 'type' => 'string', 'example' => 'clb4', 'title' => ''], + 'ResourcePorts' => [ + 'description' => 'The list of port information.', + 'type' => 'array', + 'items' => [ + 'description' => 'The port information.', + 'type' => 'object', + 'properties' => [ + 'Port' => ['description' => 'The port.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''], + 'Protocol' => ['description' => 'The network protocol type. Valid values:'."\n" + .'- **http**: HTTP.'."\n" + .'- **https**: HTTPS.', 'type' => 'string', 'example' => 'https', 'title' => ''], + 'Certificates' => [ + 'description' => 'The list of certificate information.', + 'type' => 'array', + 'items' => [ + 'description' => 'The certificate information.', + 'type' => 'object', + 'properties' => [ + 'CertificateName' => ['description' => 'The SSL certificate name.', 'type' => 'string', 'example' => 'demoCertName', 'title' => ''], + 'CertificateId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '1234567', 'title' => ''], + 'Domain' => ['description' => 'The domain name bound to the certificate.', 'type' => 'string', 'example' => 'www.test.com', 'title' => ''], + 'AppliedType' => ['description' => 'The certificate type for the HTTPS protocol. Valid values:'."\n" + ."\n" + .'- **default**: Default certificate.'."\n" + ."\n" + .'- **extension**: Extension certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], - 'Time' => [ - 'description' => 'The time at which the operation was performed. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1685072214', + 'ResourceIp' => ['description' => 'The public IP address of the cloud service.', 'type' => 'string', 'deprecated' => true, 'example' => '1.X.X.1', 'title' => ''], + 'OwnerUserId' => ['description' => 'The UID of the resource ownership user.', 'type' => 'string', 'example' => '1704********9107', 'title' => ''], + 'ResourceInstanceIp' => ['description' => 'The IP address of the cloud service instance.', 'type' => 'string', 'example' => '1.X.X.1', 'title' => ''], + 'ResourceInstanceName' => ['description' => 'The instance name of the cloud service.', 'type' => 'string', 'example' => 'demoInstanceName', 'title' => ''], + 'AccessPorts' => [ + 'description' => 'The list of ports that are added to WAF.', + 'type' => 'array', + 'items' => ['description' => 'The port that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'OperationSource' => [ - 'type' => 'string', + 'ResourceInstanceAccessStatus' => ['description' => 'The WAF protection status. Valid values:'."\n" + ."\n" + .'- **all**: All protected.'."\n" + .'- **any**: Protected.'."\n" + .'- **part**: Partially protected.'."\n" + ."\n" + .'- **non**: Not protected.', 'type' => 'string', 'example' => 'all', 'title' => ''], + 'AccessPortAndProtocols' => [ + 'description' => 'The port and protocol information of the cloud service that is added to WAF.', + 'type' => 'array', + 'items' => [ + 'description' => 'The port and protocol information of the cloud service that is added to WAF.', + 'type' => 'object', + 'properties' => [ + 'Port' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''], + 'Protocol' => ['description' => 'The protocol type. Valid values:'."\n" + .'- **http**: HTTP.'."\n" + .'- **https**: HTTPS.', 'type' => 'string', 'example' => 'http', 'title' => ''], + 'CertificateIds' => [ + 'description' => 'The list of certificate IDs.', + 'type' => 'array', + 'items' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '5379758', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], + 'AccessInstanceId' => ['description' => 'The instance ID of the instance that is added to WAF.', 'type' => 'string', 'example' => 'i-2ze1tm4pvghp****cluv'."\n", 'title' => ''], + 'ResourceInstanceEdition' => ['description' => 'The edition of the cloud service instance.', 'type' => 'string', 'example' => 'ecs.e-c1m1.large', 'title' => ''], + 'ResourceDomain' => ['description' => 'The domain name that is added to WAF.', 'type' => 'string', 'example' => 'www.c**sw.net', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"FDCBAE1E-2B3F-5C13-AD20-844B9473****\\",\\n \\"TotalCount\\": 100,\\n \\"ProductInstances\\": [\\n {\\n \\"ResourceInstanceId\\": \\"i-2ze1tm4pvghp****cluv\\",\\n \\"ResourceName\\": \\"ecs-test\\",\\n \\"ResourceRegionId\\": \\"cn-beijing\\",\\n \\"ResourceProduct\\": \\"clb4\\",\\n \\"ResourcePorts\\": [\\n {\\n \\"Port\\": 443,\\n \\"Protocol\\": \\"https\\",\\n \\"Certificates\\": [\\n {\\n \\"CertificateName\\": \\"demoCertName\\",\\n \\"CertificateId\\": \\"1234567\\",\\n \\"Domain\\": \\"www.test.com\\",\\n \\"AppliedType\\": \\"default\\"\\n }\\n ]\\n }\\n ],\\n \\"ResourceIp\\": \\"1.X.X.1\\",\\n \\"OwnerUserId\\": \\"1704********9107\\",\\n \\"ResourceInstanceIp\\": \\"1.X.X.1\\",\\n \\"ResourceInstanceName\\": \\"demoInstanceName\\",\\n \\"AccessPorts\\": [\\n 80\\n ],\\n \\"ResourceInstanceAccessStatus\\": \\"all\\",\\n \\"AccessPortAndProtocols\\": [\\n {\\n \\"Port\\": 443,\\n \\"Protocol\\": \\"http\\",\\n \\"CertificateIds\\": [\\n \\"5379758\\"\\n ]\\n }\\n ],\\n \\"AccessInstanceId\\": \\"i-2ze1tm4pvghp****cluv\\\\n\\",\\n \\"ResourceInstanceEdition\\": \\"ecs.e-c1m1.large\\",\\n \\"ResourceDomain\\": \\"www.c**sw.net\\"\\n }\\n ]\\n}","type":"json"}]', + 'title' => 'Query synchronized cloud service assets', + 'changeSet' => [ + ['createdAt' => '2024-07-09T07:10:02.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2024-04-02T13:43:56.000Z', 'description' => 'Request parameters changed'], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C9825654-327B-5156-A570-847054B4CF10\\",\\n \\"Data\\": [\\n {\\n \\"Type\\": \\"abnormal\\",\\n \\"ToStatus\\": \\"Confirmed\\",\\n \\"ObjectId\\": \\"24d997acc48a67a01e09b9c5ad861287\\",\\n \\"FromStatus\\": \\"ignored\\",\\n \\"UserId\\": \\"1610954****\\",\\n \\"Note\\": \\"Procesed\\",\\n \\"Time\\": 1685072214,\\n \\"OperationSource\\": \\"custom\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecUserOperations', - ], - 'DescribeApisecSuggestions' => [ - 'summary' => 'Queries the protection suggestions for APIs.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProductInstances'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProductInstances', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribePunishedDomains' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -25736,163 +20930,106 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '169804', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '124498', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-pe336n43m04', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-uqm****qa07', 'title' => ''], ], [ - 'name' => 'ApiId', + 'name' => 'Domains', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The ID of the API.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'a60fd7e3021fe371c06dc1dcb883def0', + 'description' => 'The list of domain names added to WAF.', + 'type' => 'array', + 'items' => ['description' => 'A domain name added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxaliyundoc.com', 'title' => ''], + 'required' => false, + 'maxItems' => 100, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ClusterId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'PunishType', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The penalty type. Valid values:'."\n" + ."\n" + .'- **beian** (default): ICP filing center.'."\n" + ."\n" + .'- **punishCenter**: penalty center.', 'type' => 'string', 'default' => 'beian', 'required' => false, 'example' => 'beian', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekz7nc****aata', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Data' => [ - 'description' => 'The protection suggestions.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'B1F4D802-55A1-5D53-A247-7E79****85E7', 'title' => ''], + 'PunishedDomains' => [ + 'description' => 'The list of domain names penalized for not having an ICP filing.', 'type' => 'array', - 'items' => [ - 'description' => 'The protection suggestion.'."\n", - 'type' => 'object', - 'properties' => [ - 'SuggestRule' => [ - 'description' => 'The rule content of the protection suggestion. The value is a string that consists of multiple parameters in the JSON format. Valid values:'."\n" - ."\n" - .'* **event_tags**: event type'."\n" - .'* **black_iplist**: IP address blacklist'."\n" - .'* **ip_baseline**: IP address'."\n" - .'* **freq_baseline**: throttling frequency'."\n" - .'* **client_id_baseline**: client information'."\n" - .'* **country_baseline**: country information'."\n" - .'* **province_baseline**: province information'."\n" - .'* **sensitive_type**: sensitive information'."\n", - 'type' => 'string', - 'example' => '{'."\n" - .' "rule": "ClientRule",'."\n" - .' "client_id_baseline": ["Edge"]'."\n" - .'}', - ], - 'MatchedHost' => [ - 'description' => 'The domain name or IP address of the API.'."\n", - 'type' => 'string', - 'example' => 'a.aliyun.com', - ], - 'ApiFormat' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'example' => '/apisec/v1/saveinfo', - ], - 'SuggestType' => [ - 'description' => 'The rule type of the protection suggestion. Valid values:'."\n" - ."\n" - .'* **BotRule**: bot management rules'."\n" - .'* **BlackIPRule**: IP address blacklist rules'."\n" - .'* **WhiteIPRule**: IP address whitelist rules'."\n" - .'* **RateLimitRule**: throttling rules'."\n" - .'* **ClientRule**: client rules'."\n" - .'* **GeoRule**: region-related rules'."\n" - .'* **SensitiveRule**: sensitive information rules'."\n" - .'* **UnauthRule**: authentication rules'."\n", - 'type' => 'string', - 'example' => 'WhiteIPRule', - ], - 'SuggestId' => [ - 'description' => 'The rule ID of the protection suggestion.'."\n", - 'type' => 'string', - 'example' => '15060a1f8fed40130b7c4a7bf8d8733b', - ], - ], - ], + 'items' => ['description' => 'A domain name penalized for not having an ICP filing.', 'type' => 'string', 'example' => 'demo.xxxaliyundoc.com'."\n", 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribePunishedDomains', + 'summary' => 'Queries penalties for domain names added to Web Application Firewall (WAF) without an Internet Content Provider (ICP) filing.', + 'changeSet' => [ + ['createdAt' => '2025-01-15T12:33:17.000Z', 'description' => 'Request parameters changed, Response parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SuggestRule\\": \\"{\\\\n \\\\\\"rule\\\\\\": \\\\\\"ClientRule\\\\\\",\\\\n \\\\\\"client_id_baseline\\\\\\": [\\\\\\"Edge\\\\\\"]\\\\n}\\",\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"ApiFormat\\": \\"/apisec/v1/saveinfo\\",\\n \\"SuggestType\\": \\"WhiteIPRule\\",\\n \\"SuggestId\\": \\"15060a1f8fed40130b7c4a7bf8d8733b\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecSuggestions', - ], - 'DescribeApisecStatistics' => [ - 'summary' => 'Queries the statistics of API security-related risks and events.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePunishedDomains'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePunishedDomains', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B1F4D802-55A1-5D53-A247-7E79****85E7\\",\\n \\"PunishedDomains\\": [\\n \\"demo.xxxaliyundoc.com\\\\n\\"\\n ]\\n}","type":"json"}]', + ], + 'DescribeRelatedDefenseRules' => [ + 'summary' => 'Queries associated protection rules by using paging.', + 'methods' => ['get', 'post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -25900,303 +21037,141 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '169803', - 'abilityTreeNodes' => [ - 'FEATUREwafWE25G7', - ], + 'abilityTreeNodes' => ['FEATUREwaf4TDPM4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-uax***b09', - 'title' => 'WAF实例的ID。'."\n" - ."\n" - .'> 您可以调用[DescribeInstance](~~433756~~)查询当前WAF实例的ID。', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''], ], [ - 'name' => 'Type', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the statistics. Valid values:'."\n" - ."\n" - .'* **risk**: risk-related statistics.'."\n" - .'* **event**: event-related statistics.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'asset_num', - 'default' => 'risk', - 'title' => '检测统计类型。取值:'."\n" - .'- **risk**:表示风险影响统计。'."\n" - .'- **event**:表示ip事件攻击影响统计。'."\n" - .'- **accountEvent**:表示账号事件攻击影响统计。', - ], + 'schema' => ['description' => 'The ID of the rule to query.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'DefenseType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - ."\n" - .'> This parameter is available only in hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud clusters.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '428', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'schema' => ['description' => 'The type of the protection rule. Only the following value is supported:'."\n" + .'- **global**: a global-level rule.', 'type' => 'string', 'required' => true, 'example' => 'global', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The pagination token (**Token**) for the next page. If a next page exists, this field has a return value.'."\n" + ."\n" + .'> If this parameter has a return value, a next page exists. Use the returned **NextToken** as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'MaxResults', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek2***uwbs5q', - 'title' => '阿里云资源组ID。', - ], + 'schema' => ['description' => 'The number of entries per page when using paging. Valid values: 1 to 100. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '100', 'minimum' => '1', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => '购买时间。格式为Unix时间戳(UTC时间),单位为毫秒。', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1668496310000', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '实例到期时间。', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '4809859200000', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'UserStatusList', + 'name' => 'DefenseScene', 'in' => 'query', - 'style' => 'flat', 'schema' => [ - 'title' => '事件状态列表。', - 'type' => 'array', - 'items' => [ - 'title' => '事件状态。取值:'."\n" - ."\n" - .'- **toBeConfirmed**:表示待确认。'."\n" - .'- **confirmed**:表示已确认。'."\n" - .'- **actioned**:表示已处置。'."\n" - .'- **ignored**:表示忽略。', - 'type' => 'string', - 'example' => 'toBeConfirmed', - ], + 'description' => 'The WAF protection scenario. Only the following value is supported:'."\n" + ."\n" + .'- **address_book**: address book.', + 'enumValueTitles' => ['address_book' => 'address_book'], + 'type' => 'string', + 'required' => true, + 'enum' => ['custom_response', 'address_book', 'extension_plugin'], + 'example' => 'address_book', + 'title' => '', ], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'title' => '', - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => '请求ID。', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '221F0F14-54C6-59A1-9967-72***81B61A', - ], - 'Data' => [ - 'description' => 'The returned results.'."\n", - 'type' => 'object', - 'properties' => [ - 'High' => [ - 'description' => 'The number of high-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '高危数量。', - ], - 'ToBeFixed' => [ - 'description' => 'The number of risks to be fixed.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '待修复数量。', - ], - 'Ignore' => [ - 'description' => 'The number of ignored risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - 'title' => '已忽略数量。', - ], - 'TodayTotal' => [ - 'description' => 'The total number of new events today.'."\n", - 'type' => 'string', - 'example' => '30', - 'title' => '今日新增总数量', - ], - 'TodayMedium' => [ - 'description' => 'The number of new moderate-risk events today.'."\n", - 'type' => 'string', - 'example' => '10', - 'title' => '今日新增中危数量。', - ], - 'TodayHigh' => [ - 'description' => 'The number of new high-risk events today.'."\n", - 'type' => 'string', - 'example' => '10', - 'title' => '今日新增高危数量。', - ], - 'Low' => [ - 'description' => 'The number of low-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '低危数量。', - ], - 'Medium' => [ - 'description' => 'The number of moderate-risk events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '中危数量。', - ], - 'Total' => [ - 'description' => 'The total number of events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '30', - 'title' => '总数。', - ], - 'TodayLow' => [ - 'description' => 'The number of new low-risk events today.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '今日新增低危数量。', - ], - 'ToBeConfirmed' => [ - 'description' => 'The number of events to be confirmed.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '待确认数量。', - ], - 'Api' => [ - 'description' => 'The number of APIs.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '/api/v1/login', - 'title' => 'API数量。', - ], - 'Confirmed' => [ - 'description' => 'The number of confirmed events.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '已确认数量。', - ], - 'Domain' => [ - 'description' => 'The number of domain names.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => 'a.aliyun.com', - 'title' => '域名数量。', - ], - 'Fixed' => [ - 'description' => 'The number of fixed risks.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - 'title' => '已修复(人工验证)数量。', - ], - 'Actioned' => [ - 'description' => 'The number of handled events.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - 'title' => '已处置数量。', - ], - 'ToBeVerified' => [ - 'title' => '待系统验证的数量。', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2', - ], - 'NotFixed' => [ - 'title' => '验证未修复的数量。', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'SystemFixed' => [ - 'title' => '已修复(系统验证)数量。', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Account' => [ - 'title' => '账号数量。', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], + 'Rules' => [ + 'description' => 'The list of associated rules.', + 'type' => 'array', + 'items' => [ + 'description' => 'The information about the associated rule.', + 'type' => 'object', + 'properties' => [ + 'RuleId' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '2456789', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection rule template.', 'type' => 'integer', 'format' => 'int64', 'example' => '81501', 'title' => ''], + 'DefenseScene' => ['description' => 'The protection scenario of the protection rule. For more information, see the **DefenseScene** parameter in [DescribeDefenseRules](~~461426~~).', 'type' => 'string', 'example' => 'custom_acl', 'title' => ''], + 'DefenseType' => ['description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **template** (default): a template-based protection rule.'."\n" + ."\n" + .'- **resource**: a protection object-level rule.'."\n" + ."\n" + .'- **global**: a global-level rule.', 'type' => 'string', 'example' => 'template', 'title' => ''], + 'RuleName' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'example' => 'ruleTest', 'title' => ''], ], + 'title' => '', + 'example' => '', ], - 'title' => '统计结果。', + 'title' => '', + 'example' => '', ], + 'NextToken' => ['description' => 'The pagination token (**Token**) for the next page. If a next page exists, this field has a return value.'."\n" + ."\n" + .'> If this parameter has a return value, a next page exists. Use the returned **NextToken** as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''], + 'MaxResults' => ['description' => 'The number of entries per page when using paging. Valid values: 1 to 100. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"221F0F14-54C6-59A1-9967-72***81B61A\\",\\n \\"Data\\": {\\n \\"High\\": 135,\\n \\"ToBeFixed\\": 3,\\n \\"Ignore\\": 3,\\n \\"TodayTotal\\": \\"3\\",\\n \\"TodayMedium\\": \\"0\\",\\n \\"TodayHigh\\": \\"3\\",\\n \\"Low\\": 160,\\n \\"Medium\\": 27,\\n \\"Total\\": 322,\\n \\"TodayLow\\": 0,\\n \\"ToBeConfirmed\\": 295,\\n \\"Api\\": 202,\\n \\"Confirmed\\": 11,\\n \\"Domain\\": 22,\\n \\"Fixed\\": 13,\\n \\"Actioned\\": 1,\\n \\"ToBeVerified\\": 2,\\n \\"NotFixed\\": 0,\\n \\"SystemFixed\\": 1,\\n \\"Account\\": 1\\n }\\n}","type":"json"}]', - 'title' => 'DescribeApisecStatistics', - ], - 'DescribeApisecRules' => [ - 'summary' => 'Queries the policies configured in the API security module.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query associated protection rules by page', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRelatedDefenseRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 2456789,\\n \\"TemplateId\\": 81501,\\n \\"DefenseScene\\": \\"custom_acl\\",\\n \\"DefenseType\\": \\"template\\",\\n \\"RuleName\\": \\"ruleTest\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]', + ], + 'DescribeResourceInstanceCerts' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -26207,262 +21182,216 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '167015', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '212899', + 'abilityTreeNodes' => ['FEATUREwafOV749M'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0x***', - ], + 'schema' => ['description' => 'The ID of the cloud resource.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'lb-bp1*****jqnnqk5uj2p'], ], [ - 'name' => 'Type', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the policy. Valid values:'."\n" - ."\n" - .'* **risk**: risk detection'."\n" - .'* **event**: security event'."\n" - .'* **sensitive_word**: sensitive data'."\n" - .'* **auth_flag**: authentication credential'."\n" - .'* **api_tag**: business purpose'."\n" - .'* **desensitization**: masking'."\n" - .'* **whitelist**: whitelist'."\n" - .'* **recognition**: API recognition'."\n" - .'* **offline_api**: lifecycle management'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'risk', - ], + 'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'Level', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The level of the policy.'."\n" - ."\n" - .'If Type is set to risk or event, you can set this parameter to one of the following values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**'."\n" - ."\n" - .'If Type is set to sensitive_word, you can set this parameter to one of the following values:'."\n" - ."\n" - .'* **S1**'."\n" - .'* **S2**'."\n" - .'* **S3**'."\n" - .'* **S4**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'high', - ], + 'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '1000', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'Name', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the policy.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Information Leak', - ], + 'schema' => ['description' => 'The region of the Web Application Firewall (WAF) instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Origin', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The source of the policy. Valid values:'."\n" - ."\n" - .'* **custom**'."\n" - .'* **default**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'custom', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-*', 'title' => ''], ], [ - 'name' => 'Status', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The status of the policy. Valid values:'."\n" - ."\n" - .'* **1**: enabled'."\n" - .'* **0**: disabled'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-***-6B19160D5EB0', 'title' => ''], + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'Certs' => [ + 'description' => 'The details of the certificates.', + 'type' => 'array', + 'items' => [ + 'description' => 'The details of the certificates.', + 'type' => 'object', + 'properties' => [ + 'Domain' => ['description' => 'The domain name associated with the certificate.', 'type' => 'string', 'example' => 'waf.aliyundemo.com', 'title' => ''], + 'CertName' => ['description' => 'The name of the certificate.', 'type' => 'string', 'example' => 'waf-cert-name', 'title' => ''], + 'CertIdentifier' => ['description' => 'The global ID of the certificate. The ID is generated by appending -cn-hangzhou to the certificate ID. For example, if the certificate ID is 123, the value of CertIdentifier is 123-cn-hangzhou.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''], + 'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'www.aliyundemo.com', 'title' => ''], + 'IsChainCompleted' => ['description' => 'Indicates whether the certificate chain is complete.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'AfterDate' => ['description' => 'The time when the certificate expires. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1708415521211', 'title' => ''], + 'BeforeDate' => ['description' => 'The time when the certificate was issued. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1708415521211', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'DescribeResourceInstanceCerts', + 'summary' => 'Queries the certificates of a cloud product instance. This operation is available only in multi-account scenarios and returns the certificates of both the delegated administrator and the member that owns the instance. For example, if user A is a delegated administrator with cert1 and the instance lb-xx-1 belongs to member B who has cert2, a query for the instance lb-xx-1 returns both cert1 and cert2.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceInstanceCerts'], + ], + ], + 'ramActions' => [ [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceInstanceCerts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-***-6B19160D5EB0\\",\\n \\"TotalCount\\": 1,\\n \\"Certs\\": [\\n {\\n \\"Domain\\": \\"waf.aliyundemo.com\\",\\n \\"CertName\\": \\"waf-cert-name\\",\\n \\"CertIdentifier\\": \\"123-cn-hangzhou\\",\\n \\"CommonName\\": \\"www.aliyundemo.com\\",\\n \\"IsChainCompleted\\": true,\\n \\"AfterDate\\": 1708415521211,\\n \\"BeforeDate\\": 1708415521211\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeResourceLogDeliveryStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['https'], + 'security' => [ [ - 'name' => 'PageSize', + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '235288', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-g6z3z*****', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'Resources', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The protected objects that you want to query. Separate multiple protected objects with commas (,).', 'type' => 'string', 'required' => true, 'example' => 'alb-wewbb23dfsetetcic1242-0****,test.waf.com-waf', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'Lang', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'zh', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '6', - ], - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Data' => [ - 'description' => 'The policies.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + 'LogConfigs' => [ 'type' => 'array', 'items' => [ - 'description' => 'The policy.'."\n", 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => 'The status of the policy. Valid values:'."\n" - ."\n" - .'* **1**: enabled'."\n" - .'* **0**: disabled'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Type' => [ - 'description' => 'The type of the policy. Valid values:'."\n" - ."\n" - .'* **risk**: risk detection'."\n" - .'* **event**: security event'."\n" - .'* **sensitive_word**: sensitive data'."\n" - .'* **auth_flag**: authentication credential'."\n" - .'* **api_tag**: business purpose'."\n" - .'* **desensitization**: data masking'."\n" - .'* **whitelist**: whitelist'."\n" - .'* **recognition**: API recognition'."\n" - .'* **offline_api**: lifecycle management'."\n", - 'type' => 'string', - 'example' => 'risk', - ], - 'UpdateTime' => [ - 'description' => 'The time when the policy was updated. The value is a UNIX timestamp displayed in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1721095301', - ], - 'Id' => [ - 'description' => 'The ID of the policy.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '34933', - ], - 'Rule' => [ - 'description' => 'The details of the policy. The value is a string that consists of multiple parameters in the JSON format.'."\n", - 'type' => 'string', - 'example' => '{'."\n" - .' "ext": "Date",'."\n" - .' "regex": "-",'."\n" - .' "code": "2009",'."\n" - .' "level": "S1",'."\n" - .' "origin": "default",'."\n" - .' "name": "2009"'."\n" - .'}', - ], + 'Resource' => ['description' => 'The name of the protected object, such as a domain name or Application Load Balancer (ALB) instance.', 'type' => 'string', 'example' => 'test.waf.com-waf', 'title' => ''], + 'Status' => ['description' => 'Indicates whether log delivery is enabled for the protected object. Valid values:'."\n" + ."\n" + .'- **true**: Log delivery is enabled.'."\n" + ."\n" + .'- **false**: Log delivery is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'export-kafka', 'title' => ''], + 'DeliveryType' => ['description' => 'The type of log delivery for the protected object. Valid values:'."\n" + ."\n" + .'- **syslog**: Logs are delivered to a syslog service.'."\n" + ."\n" + .'- **kafka**: Logs are delivered to a Kafka service.', 'type' => 'string', 'example' => 'kafka', 'title' => ''], ], + 'description' => 'The log delivery configuration for the protected object.', + 'title' => '', + 'example' => '', ], + 'description' => 'A list of log delivery configurations for the protected objects.', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'DescribeResourceLogDeliveryStatus', + 'summary' => 'Queries the log delivery status for protected objects.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceLogDeliveryStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 6,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"Status\\": 1,\\n \\"Type\\": \\"risk\\",\\n \\"UpdateTime\\": 1721095301,\\n \\"Id\\": 34933,\\n \\"Rule\\": \\"{\\\\n \\\\\\"ext\\\\\\": \\\\\\"Date\\\\\\",\\\\n \\\\\\"regex\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"code\\\\\\": \\\\\\"2009\\\\\\",\\\\n \\\\\\"level\\\\\\": \\\\\\"S1\\\\\\",\\\\n \\\\\\"origin\\\\\\": \\\\\\"default\\\\\\",\\\\n \\\\\\"name\\\\\\": \\\\\\"2009\\\\\\"\\\\n}\\\\n\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecRules', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"LogConfigs\\": [\\n {\\n \\"Resource\\": \\"test.waf.com-waf\\",\\n \\"Status\\": true,\\n \\"DeliveryName\\": \\"export-kafka\\",\\n \\"DeliveryType\\": \\"kafka\\"\\n }\\n ]\\n}","type":"json"}]', ], - 'DescribeApisecProtectionResources' => [ - 'summary' => 'Queries the list of protected objects to which API security policies are applied.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'DescribeResourceLogFieldConfig' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -26470,173 +21399,224 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '188983', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '235277', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zpr3*******', 'title' => ''], + ], + [ + 'name' => 'DeliveryType', + 'in' => 'query', + 'schema' => ['description' => 'The log delivery type. Valid values:'."\n" + ."\n" + .'- **sls**: Simple Log Service.'."\n" + ."\n" + .'- **kafka**: Kafka.'."\n" + ."\n" + .'- **syslog**: Syslog.', 'type' => 'string', 'required' => true, 'example' => 'sls', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'Resource', 'in' => 'query', + 'schema' => ['description' => 'The protected object whose log field configuration you want to query.', 'type' => 'string', 'required' => true, 'example' => 'test.waf.com-waf', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The name of the protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cwaf-***-waf', + 'type' => 'object', + 'properties' => [ + 'AddList' => ['description' => 'The extra log fields that are configured in addition to the default log fields. The fields are specified as a string of comma-separated values.', 'type' => 'string', 'example' => 'acl_test,acl_action,acl_rule_id,waf_test,acl_rule_type', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7B53B47C-D368-5344-BB5E-79******', 'title' => ''], + 'LogDeliveryStrategy' => ['description' => 'The log delivery policies. Multiple policies are supported. The value is a string that is converted from a JSON array of parameters.'."\n" + ."\n" + .'> For more information about the parameters, see the description of the **LogDeliveryStrategy** parameter in [ModifyResourceLogFieldConfig](~~ModifyResourceLogFieldConfig~~).', 'type' => 'string', 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', 'title' => ''], + 'ExtendConfig' => ['description' => 'The extended configuration for log delivery. The value is a string that is converted from a JSON object of parameters.'."\n" + ."\n" + .'> For more information about the parameters, see the description of the **ExtendConfig** parameter in [ModifyResourceLogFieldConfig](~~ModifyResourceLogFieldConfig~~).', 'type' => 'string', 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}', 'title' => ''], + 'DelList' => ['description' => 'The log fields that are removed from the default log fields. The fields are specified as a string of comma-separated values.', 'type' => 'string', 'example' => 'waf_rule_id,waf_rule_type', 'title' => ''], + 'FieldList' => ['description' => 'The list of delivered log fields. The fields are specified as a string of comma-separated values.', 'type' => 'string', 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids', 'title' => ''], + 'DeliveryType' => ['description' => 'The log delivery type. Valid values:'."\n" + ."\n" + .'- **sls**: Simple Log Service.'."\n" + ."\n" + .'- **kafka**: Kafka.'."\n" + ."\n" + .'- **syslog**: Syslog.', 'type' => 'string', 'example' => 'sls', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'DescribeResourceLogFieldConfig', + 'summary' => 'Queries the log field configuration for a protected object.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AddList\\": \\"acl_test,acl_action,acl_rule_id,waf_test,acl_rule_type\\",\\n \\"RequestId\\": \\"7B53B47C-D368-5344-BB5E-79******\\",\\n \\"LogDeliveryStrategy\\": \\"[{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"blockLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"normalRequestLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"checkLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100}]\\",\\n \\"ExtendConfig\\": \\"{\\\\\\\\\\\\\\"request_header\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"Ali-Cdn-Real-Ip\\\\\\\\\\\\\\"}\\",\\n \\"DelList\\": \\"waf_rule_id,waf_rule_type\\",\\n \\"FieldList\\": \\"account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids\\",\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]', + ], + 'DescribeResourceLogStatus' => [ + 'summary' => 'Queries the log collection status of protected objects in a Web Application Firewall (WAF) instance.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'PageSize', + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '111392', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], + 'autoTest' => true, + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '10', - 'maximum' => '100', - 'minimum' => '1', - 'default' => '10', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11zcl****', 'title' => ''], ], [ - 'name' => 'ApisecStatus', + 'name' => 'Resources', 'in' => 'query', - 'schema' => [ - 'description' => 'The switch of the API security module.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'allowEmptyValue' => true, + 'schema' => ['description' => 'The protected objects whose log collection status you want to query. Separate multiple protected objects with commas (,).', 'type' => 'string', 'required' => true, 'example' => 'alb-wewbb23dfsetetcic1242-0****,alb-wewbb23dfsetetcic1242-1****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '5', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', - ], - 'Data' => [ - 'description' => 'The protected objects.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '0DABF8AB-2321-5F8D-A8D7-922D757FBFFE', 'title' => ''], + 'Result' => [ + 'description' => 'The log status information of protected objects.', 'type' => 'array', 'items' => [ - 'description' => 'The protected object.'."\n", + 'description' => 'The log status information of the protected object.', 'type' => 'object', 'properties' => [ - 'ApisecStatus' => [ - 'description' => 'The switch of the API security module.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - 'default' => '0', - ], - 'Resource' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'example' => 'cwaf-***-waf', - ], - 'ReportStatus' => [ - 'description' => 'The switch of the compliance check feature.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - 'default' => '0', - ], - 'TraceStatus' => [ - 'description' => 'The switch of the tracing and auditing feature.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - 'default' => '0', + 'Status' => ['description' => 'Indicates whether log collection is enabled for the protected object. Valid values:'."\n" + ."\n" + .'- **true**: Log collection is enabled.'."\n" + ."\n" + .'- **false**: Log collection is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'Resource' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'alb-wewbb23dfsetetcic****', 'title' => ''], + 'TraceStatus' => ['type' => 'boolean', 'description' => '', 'title' => '', 'example' => ''], + 'TraceConfig' => [ + 'type' => 'object', + 'properties' => [ + 'Workspace' => ['type' => 'string', 'description' => '', 'title' => '', 'example' => ''], + 'RatePerMille' => ['type' => 'integer', 'format' => 'int32', 'description' => '', 'title' => '', 'example' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"ApisecStatus\\": 1,\\n \\"Resource\\": \\"cwaf-***-waf\\",\\n \\"ReportStatus\\": 1,\\n \\"TraceStatus\\": 0\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecProtectionResources', - ], - 'DescribeApisecProtectionGroups' => [ - 'summary' => 'Queries the list of protected object groups to which API security policies are applied.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeResourceLogStatus', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceLogStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0DABF8AB-2321-5F8D-A8D7-922D757FBFFE\\",\\n \\"Result\\": [\\n {\\n \\"Status\\": true,\\n \\"Resource\\": \\"alb-wewbb23dfsetetcic****\\",\\n \\"TraceStatus\\": false,\\n \\"TraceConfig\\": {\\n \\"Workspace\\": \\"\\",\\n \\"RatePerMille\\": 0\\n }\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeResourcePort' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -26644,169 +21624,88 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '189024', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], - ], - [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ResourceGroup', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the protected object group to which the protected object belongs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'group1'."\n", - ], - ], - [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'minimum' => '1', - 'example' => '1', - 'default' => '1', - ], - ], - [ - 'name' => 'PageSize', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '60', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '8vb40vj87znu3ai7l5lv4-80****'."\n"], ], [ - 'name' => 'ApisecStatus', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The switch of the API security module.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The region ID of WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The query results.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of protected object groups.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '8', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], - 'Data' => [ - 'description' => 'The protected object groups.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''], + 'ResourcePorts' => [ + 'description' => 'All HTTP and HTTPS listener ports that are added to WAF.', 'type' => 'array', - 'items' => [ - 'description' => 'The protected object group.'."\n", - 'type' => 'object', - 'properties' => [ - 'ApisecStatus' => [ - 'description' => 'The switch of the API security module.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - 'default' => '0', - ], - 'ReportStatus' => [ - 'description' => 'The switch of the compliance check feature.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - 'default' => '0', - ], - 'ResourceGroup' => [ - 'description' => 'The name of the protected object group.'."\n", - 'type' => 'string', - 'example' => 'group1', - ], - 'TraceStatus' => [ - 'description' => 'The switch of the tracing and auditing feature.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - 'default' => '0', - ], - ], - ], + 'items' => ['description' => 'The HTTP and HTTPS listener ports.', 'type' => 'string', 'example' => '80', 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 8,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Data\\": [\\n {\\n \\"ApisecStatus\\": 1,\\n \\"ReportStatus\\": 0,\\n \\"ResourceGroup\\": \\"group1\\",\\n \\"TraceStatus\\": 0\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecProtectionGroups', - ], - 'DescribeApisecMatchedHosts' => [ - 'summary' => 'Queries the list of domain names detected in the API security module.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeResourcePort', + 'summary' => 'Queries the ports of a cloud service instance that are added to Web Application Firewall (WAF).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourcePort'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourcePort', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"ResourcePorts\\": [\\n \\"80\\"\\n ]\\n}","type":"json"}]', + ], + 'DescribeResourceRegionId' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -26814,173 +21713,225 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '168988', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '112185', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-x0r37plpl0g', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'MatchedHost', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name or IP address.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'bc.aliyun.com', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2lrm****6pnq', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1', - 'default' => '1', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F5905D3F-F674-5177-9E48-466DD3B8****', 'title' => ''], + 'ResourceRegionIds' => [ + 'description' => 'The region IDs of cloud service resources that can be added to WAF by using the SDK.', + 'type' => 'array', + 'items' => ['description' => 'The ID of the region where the cloud service resource resides.'."\n" + ."\n" + .'<props="intl">'."\n" + ."\n" + .'For more information, see [Regions and zones](https://www.alibabacloud.com/help/zh/egs/regions-and-zones?spm=a3c0i.23458820.2359477120.9.6f4f6e9b9NShFZ).'."\n" + ."\n" + .'</props>', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'DescribeResourceRegionId', + 'summary' => 'Queries the region IDs of cloud service resources that can be added to Web Application Firewall (WAF) by using the SDK.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceRegionId'], + ], + ], + 'ramActions' => [ [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '8', - 'default' => '10', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceRegionId', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F5905D3F-F674-5177-9E48-466DD3B8****\\",\\n \\"ResourceRegionIds\\": [\\n \\"cn-hangzhou\\"\\n ]\\n}","type":"json"}]', + ], + 'DescribeResourceSupportRegions' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'Type', + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '144618', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The detection type. Valid values:'."\n" - ."\n" - .'* **api**: API-related domain names'."\n" - .'* **abnormal**: risk-related domain names'."\n" - .'* **event**: security event-related domain names'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'event', - 'default' => 'api', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'ResourceProduct', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - .'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', - 'type' => 'string', - 'required' => false, - 'example' => '433', - ], + 'schema' => ['description' => 'The cloud product to which the resource belongs. By default, instances of ALB, MSE, FC, and SAE products are returned. Valid values:'."\n" + ."\n" + .'- **alb**: ALB.'."\n" + ."\n" + .'- **mse**: MSE.'."\n" + ."\n" + .'- **fc**: FC.'."\n" + ."\n" + .'- **sae**: SAE.'."\n" + ."\n" + .'- **ecs**: ECS.'."\n" + .'- **clb4**: CLB (TCP).'."\n" + .'- **clb7**: CLB (HTTP/HTTPS).'."\n" + .'- **apig**: APIG.'."\n" + .'- **nlb**: NLB.'."\n" + ."\n" + .'> Each product supports different regions. If you specify a product filter, refer to the regions supported by the product. Otherwise, the filtering may fail.', 'type' => 'string', 'required' => false, 'example' => 'clb7', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekz5qqo7jthcsa', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzpks****kdjq', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", + 'description' => 'The query result.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'string', - 'example' => '2', - ], - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '8D4CA088-F72B-5658-BD5B-ECE8B8F0C7BB', - ], - 'Data' => [ - 'description' => 'The domain names.'."\n", + 'SupportRegions' => [ + 'description' => 'The list of region IDs supported by WAF in transparent proxy mode.', 'type' => 'array', - 'items' => [ - 'description' => 'The domain name.'."\n", - 'type' => 'object', - 'properties' => [ - 'MatchedHost' => [ - 'description' => 'The domain name or IP address.'."\n", - 'type' => 'string', - 'example' => 'bc.aliyun.com', - ], - 'Count' => [ - 'description' => 'The number of APIs related to the domain name.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '31', - ], - ], - ], + 'items' => ['description' => 'The region ID. Valid values:'."\n" + .'- **cn-chengdu**: China (Chengdu).'."\n" + ."\n" + .'- **cn-beijing**: China (Beijing).'."\n" + ."\n" + .'- **cn-zhangjiakou**: China (Zhangjiakou).'."\n" + ."\n" + .'- **cn-hangzhou**: China (Hangzhou).'."\n" + ."\n" + .'- **cn-shanghai**: China (Shanghai).'."\n" + ."\n" + .'- **cn-shenzhen**: China (Shenzhen).'."\n" + ."\n" + .'- **cn-qingdao**: China (Qingdao).'."\n" + ."\n" + .'- **cn-hongkong**: Hong Kong (China).'."\n" + ."\n" + .'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" + ."\n" + .'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], + 'title' => '', + 'example' => '', ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '58FDF266-3D56-5DE8-91E0-96A26BAB****', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], 'eventInfo' => [ 'enable' => false, 'eventNames' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": \\"2\\",\\n \\"RequestId\\": \\"8D4CA088-F72B-5658-BD5B-ECE8B8F0C7BB\\",\\n \\"Data\\": [\\n {\\n \\"MatchedHost\\": \\"bc.aliyun.com\\",\\n \\"Count\\": 31\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecMatchedHosts', - ], - 'DescribeApisecEvents' => [ - 'summary' => 'Queries API security events.', - 'methods' => [ - 'post', - 'get', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query supported regions for cloud native mode', + 'summary' => 'Queries the list of supported regions for cloud native mode, mainly for CLB and ECS products.', + 'changeSet' => [ + ['createdAt' => '2024-11-06T13:26:13.000Z', 'description' => 'Request parameters changed, Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceSupportRegions'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceSupportRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SupportRegions\\": [\\n \\"cn-hangzhou\\"\\n ],\\n \\"RequestId\\": \\"58FDF266-3D56-5DE8-91E0-96A26BAB****\\"\\n}","type":"json"}]', + ], + 'DescribeResponseCodeTrendGraph' => [ + 'summary' => 'Queries the trends of abnormal response codes, such as 5XX, 405, 499, 302, and 444, returned by WAF to clients and by origin servers to WAF.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -26991,582 +21942,329 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '169015', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '106569', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-5y***d31', - 'title' => 'WAF实例的ID。'."\n" - ."\n" - .'> 您可以调用[DescribeInstance](~~433756~~)获取当前WAF实例的ID。', - ], + 'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'EventId', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the API security event.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '18ba94fea9***e66ba0557b7b91', - 'title' => 'API安全事件ID。', - ], + 'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], ], [ - 'name' => 'ApiFormat', + 'name' => 'Interval', 'in' => 'query', - 'schema' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '/apisec/v1/register.php', - 'title' => 'API接口。', - ], + 'schema' => ['description' => 'The time interval. Unit: seconds. The value must be an integer multiple of 60.', 'type' => 'string', 'required' => true, 'example' => '300', 'title' => ''], ], [ - 'name' => 'MatchedHost', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => 'The domain name or IP address of the API.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'a.aliyun.com', - 'title' => 'API接口所属的域名或IP。', - ], + 'schema' => ['description' => 'The type of response codes. Valid values:'."\n" + .'- **waf**: response codes returned by WAF to clients.'."\n" + .'- **upstream**: response codes returned by origin servers to WAF.', 'type' => 'string', 'required' => true, 'example' => 'waf', 'title' => ''], ], [ - 'name' => 'EventTag', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the event.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ObtainSensitiveUnauthorized', - 'title' => '事件类型。'."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的事件类型。', - ], + 'schema' => ['description' => 'The protected object to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'StartTs', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1683648000', - 'title' => '查询的开始时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'EndTs', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1683703260', - 'title' => '查询的结束时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'OrderKey', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the sorting field. Valid values:'."\n" - ."\n" - .'* **allCnt**: the number of attacks'."\n" - .'* **startTs**: the start time of the event'."\n" - .'* **endTs**: the end time of the event'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'startTs', - 'title' => '排序字段的名称。取值:'."\n" - .'- **allCnt**:表示攻击次数。'."\n" - .'- **startTs**:表示事件开始时间。'."\n" - .'- **endTs**:表示事件结束时间。', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], - [ - 'name' => 'OrderWay', - 'in' => 'query', + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The sorting method. Valid values:'."\n" - ."\n" - .'* **desc** (default): descending order'."\n" - .'* **asc**: ascending order'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'desc', - 'title' => '排序的方式。取值:'."\n" - .'- **desc**:表示降序(默认)。'."\n" - .'- **asc**:表示升序。', + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7D46493E-84DD-58CE-80A7-8643F2B09ECC', 'title' => ''], + 'ResponseCodes' => [ + 'description' => 'The response code statistics information.', + 'type' => 'array', + 'items' => [ + 'description' => 'The response code statistics information.', + 'type' => 'object', + 'properties' => [ + '5xxPv' => ['description' => 'The count of 5xx response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '2932', 'title' => ''], + 'Index' => ['description' => 'The time sequence number, sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + '405Pv' => ['description' => 'The count of 405 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '121645464', 'title' => ''], + '499Pv' => ['description' => 'The count of 499 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + '302Pv' => ['description' => 'The count of 302 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + '444Pv' => ['description' => 'The count of 444 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'View response code trends', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:23:05.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-04-16T02:37:41.000Z', 'description' => 'Response parameters changed, Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResponseCodeTrendGraph'], + ], + ], + 'ramActions' => [ [ - 'name' => 'PageNumber', - 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - 'title' => '分页查询时,返回第几页数据。默认值为**1**,表示返回第1页数据。', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResponseCodeTrendGraph', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7D46493E-84DD-58CE-80A7-8643F2B09ECC\\",\\n \\"ResponseCodes\\": [\\n {\\n \\"5xxPv\\": 2932,\\n \\"Index\\": 10,\\n \\"405Pv\\": 121645464,\\n \\"499Pv\\": 0,\\n \\"302Pv\\": 0,\\n \\"444Pv\\": 0\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeRoleAuthStatus' => [ + 'summary' => 'Queries the authorization status of the service-linked role for Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '200', - 'minimum' => '1', - 'example' => '10', - 'default' => '10', - 'title' => '页面显示最大记录数量。', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], + ], + 'parameters' => [ [ - 'name' => 'ApiTag', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The business purpose of the API.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the business purposes of APIs.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'SendMail', - 'title' => 'API业务用途。'."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的业务用途。', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Origin', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzhalsanv***', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The source of the event type. Valid values:'."\n" - ."\n" - .'* **custom**'."\n" - .'* **default**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'default', - 'title' => '事件类型的来源。取值:'."\n" - .'- **custom**:表示自定义。'."\n" - .'- **default**:表示内置。', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '79ECBB08-079C-57C5-A676-***', 'title' => ''], + 'AuthStatus' => ['description' => 'Indicates whether the service-linked role for WAF is authorized.'."\n" + ."\n" + .'- **true**: The service-linked role is authorized.'."\n" + ."\n" + .'- **false**: The service-linked role is not authorized.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'DescribeRoleAuthStatus', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'EventLevel', - 'in' => 'query', - 'schema' => [ - 'description' => 'The severity level of the event. Valid values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'low', - 'title' => '事件等级。取值:'."\n" - .'- **high**:表示高危。'."\n" - .'- **medium**:表示中危。'."\n" - .'- **low**:表示低危。', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRoleAuthStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"79ECBB08-079C-57C5-A676-***\\",\\n \\"AuthStatus\\": true\\n}","type":"json"}]', + ], + 'DescribeRuleGroups' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'UserStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'The event status. Valid values:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **ignored**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Ignore', - 'title' => '事件状态。取值:'."\n" - ."\n" - .'- **toBeConfirmed**:表示待确认。'."\n" - .'- **confirmed**:表示已确认。'."\n" - .'- **actioned**:表示已处置。'."\n" - .'- **ignored**:表示忽略。', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], + ], + 'parameters' => [ [ - 'name' => 'AttackIp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The Attack source IP.', - 'type' => 'string', - 'required' => false, - 'example' => '42.224.*.*', - 'title' => '攻击IP。', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ApiId', + 'name' => 'SearchType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the event-related API.', - 'type' => 'string', - 'required' => false, - 'example' => '820b860***6205da93b935b28', - 'title' => 'API的ID。', - ], + 'schema' => ['description' => 'The query type. Valid values:'."\n" + ."\n" + .'- **id**: Queries by rule group ID.'."\n" + ."\n" + .'- **name**: Queries by rule group name. Both Chinese and English names are supported.', 'type' => 'string', 'required' => false, 'example' => 'name', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'SearchValue', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n" - ."\n" - .'> This parameter is available only in hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud clusters.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '428', - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - ], + 'schema' => ['description' => 'The content to query.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Value:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - ], + 'schema' => ['description' => 'The page number of the results to return. The default value is **1**, which returns the first page of results.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - 'title' => '阿里云资源组ID。', - ], + 'schema' => ['description' => 'The number of entries to return on each page. The default value is **10**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''], ], [ - 'name' => 'EventScope', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => ' 安全事件的维度。取值:'."\n" - .'- **ip**(默认):表示IP安全事件。'."\n" - .'- **account**:表示账号安全事件。', - 'type' => 'string', - 'example' => 'ip', - 'default' => 'ip', - 'enum' => [ - 'ip', - 'account', - ], - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Account', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '账号信息。', - 'type' => 'string', - 'example' => '1818743389962696', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'title' => '请求结果。', - 'description' => 'The response parameters.'."\n", + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '3', - 'title' => '返回结果的总数。', - ], - 'RequestId' => [ - 'title' => '请求ID。', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '12F4CC8F-7E9F-5E4D-BF7C-BD1EDDE0C282', - ], - 'Data' => [ - 'description' => 'The security events.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '24', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '02E9A4B8-90FB-5F41-A049-C82277EB82FB', 'title' => ''], + 'RuleGroups' => [ + 'description' => 'The list of regular expression rule groups.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the security event.'."\n", + 'description' => 'The list of regular expression rule groups.', 'type' => 'object', 'properties' => [ - 'Origin' => [ - 'description' => 'The source of the event type. Valid values:'."\n" - ."\n" - .'* **custom**'."\n" - .'* **default**'."\n", - 'type' => 'string', - 'example' => 'custom', - 'title' => '事件类型的来源。取值:'."\n" - .'- **custom**:表示自定义。'."\n" - .'- **default**:表示内置。', - ], - 'EventLevel' => [ - 'description' => 'The severity level of the event. Valid values:'."\n" - ."\n" - .'* **high**'."\n" - .'* **medium**'."\n" - .'* **low**'."\n", - 'type' => 'string', - 'example' => 'medium', - 'title' => '事件等级。取值:'."\n" - .'- **high**:表示高危。'."\n" - .'- **medium**:表示中危。'."\n" - .'- **low**:表示低危。', - ], - 'StartTs' => [ - 'description' => 'The beginning of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683648000', - 'title' => '查询的开始时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], - 'EventInfo' => [ - 'description' => 'The details of the event. The value of this parameter is a JSON string that contains multiple parameters. The value includes the following parameters:'."\n" - ."\n" - .'* **ip_info**: the information about the attack source IP address. This parameter corresponds to the **AttackIpInfo** response parameter.'."\n" - .'* **rule_id**: the ID of the rule corresponding to the event.'."\n" - .'* **rule_tag**: the information about the rule corresponding to the event.'."\n", - 'type' => 'string', - 'example' => '{}', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'ApiFormat' => [ - 'description' => 'The API.'."\n", - 'type' => 'string', - 'example' => '/apisec/v1/register.php', - 'title' => 'API接口。', - ], - 'ApiTag' => [ - 'description' => 'The business purpose of the API.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the business purposes of APIs.'."\n", - 'type' => 'string', - 'example' => 'SendMail', - 'title' => 'API业务用途。'."\n" - ."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的业务用途。', - ], - 'UserStatus' => [ - 'description' => 'The event status. Valid values:'."\n" - ."\n" - .'* **toBeConfirmed**'."\n" - .'* **confirmed**'."\n" - .'* **ignored**'."\n", - 'type' => 'string', - 'example' => 'Ignore', - 'title' => '事件状态。取值:'."\n" - ."\n" - .'- **toBeConfirmed**:表示待确认。'."\n" - .'- **confirmed**:表示已确认。'."\n" - .'- **actioned**:表示已处置。'."\n" - .'- **ignored**:表示忽略。', - ], - 'Follow' => [ - 'description' => 'Indicates whether the API is followed. Valid values:'."\n" - ."\n" - .'* **1**: The API is followed.'."\n" - .'* **0**: The API is not followed.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - 'title' => '是否关注。取值:'."\n" - .'- **1**:表示关注。'."\n" - .'- **0**:表示未关注。', - ], - 'RequestData' => [ - 'description' => 'The sample API request. The value of this parameter is a JSON string that contains multiple parameters.'."\n", - 'type' => 'string', - 'example' => '{}', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'EventId' => [ - 'description' => 'The ID of the event.'."\n", - 'type' => 'string', - 'example' => 'c82cb276847e9c96f9597d9f4b0cdcff', - 'title' => '事件ID。', - ], - 'AttackIp' => [ - 'description' => 'The source IP address of the attack.'."\n", - 'type' => 'string', - 'example' => '104.234.140.33', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'AttackIpInfo' => [ - 'description' => 'The information about the attack source IP address. The value of this parameter is a JSON string that contains multiple parameters. The value includes the following parameters:'."\n" - ."\n" - .'* **ip**: the IP address'."\n" - .'* **country_id**: the country ID'."\n" - .'* **region_id**: the region ID'."\n" - .'* **cnt**: the number of attacks'."\n", - 'type' => 'string', - 'example' => '[{\\"ip\\":\\"72.*.*.119\\",\\"country_id\\":\\"US\\",\\"region_id\\":\\"\\",\\"cnt\\":\\"2100\\"}]', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'EndTs' => [ - 'description' => 'The end of the time range to query. This value is a UNIX timestamp in UTC. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683703260', - 'title' => '查询的结束时间,格式为Unix时间戳(UTC时间),单位为秒。', - ], - 'AttackCntInfo' => [ - 'description' => 'The information about the number of attacks. The value of this parameter is a JSON string that contains multiple parameters. Key indicates the timestamp in seconds, and Value indicates the number of attacks.'."\n", - 'type' => 'string', - 'example' => '{\\"1717498320\\":500,\\"1717498380\\":529,\\"1717498440\\":20,\\"1717498260\\":518,\\"1717498200\\":481,\\"1717498140\\":52}', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'AllCnt' => [ - 'description' => 'The number of attacks.'."\n" - .'><notice>The parameter has been deprecated, please use the Attackips parameter.></notice>', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - 'title' => '攻击次数。', - ], - 'RemoteRegion' => [ - 'description' => 'The region to which the attack source IP address belongs.'."\n", - 'type' => 'string', - 'example' => '110000', - 'title' => '攻击IP所属地区。', - ], - 'ResponseData' => [ - 'description' => 'The sample API response. The value of this parameter is a JSON string that contains multiple parameters.'."\n", - 'type' => 'string', - 'example' => '{}', - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'AttackClient' => [ - 'description' => 'The client that is attacked.'."\n", - 'type' => 'string', - 'example' => 'Chrome', - 'title' => '攻击客户端。', - ], - 'EventTag' => [ - 'description' => 'The type of the event.'."\n" - ."\n" - .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.'."\n", - 'type' => 'string', - 'example' => 'ObtainSensitiveUnauthorized', - 'title' => '事件类型。'."\n" - ."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的事件类型。', - ], - 'MatchedHost' => [ - 'description' => 'The domain name or IP address of the API.'."\n", - 'type' => 'string', - 'example' => 'a.aliyun.com', - 'title' => 'API接口所属的域名或IP。', - ], - 'Note' => [ - 'description' => 'The remarks.'."\n", - 'type' => 'string', - 'example' => 'Notified', - 'title' => '备注信息。', - ], - 'ApiId' => [ - 'description' => 'The ID of the API that is associated with the security event.'."\n", - 'type' => 'string', - 'example' => '2ecc1cf67b91853bc55545052ccf06a8', - 'title' => '安全事件关联API的ID。', - ], - 'RemoteCountry' => [ - 'description' => 'The country to which the attack source IP address belongs.'."\n", - 'type' => 'string', - 'example' => 'US', - 'title' => '攻击IP所属国家。', - ], - 'AttackIps' => [ - 'description' => 'The source IP addresses of the attacks.', - 'type' => 'array', - 'items' => [ - 'description' => 'The source IP address of the attack.', - 'type' => 'string', - 'example' => '104.234.140.33'."\n", - 'title' => '攻击IP。', - ], - 'title' => '废弃字段,无实际含义。', - 'deprecated' => true, - ], - 'AttackerList' => [ - 'title' => '事件对应的攻击者列表。', - 'type' => 'array', - 'items' => [ - 'title' => '事件对应的攻击者。'."\n" - .'>当安全事件的维度 EventScope 取值为 ip 时,为攻击者IP,取值为 account 时,为攻击者账号。', - 'type' => 'string', - 'example' => '1.1.1.1', - ], - ], + 'RuleGroupId' => ['description' => 'The ID of the rule group.', 'type' => 'integer', 'format' => 'int64', 'example' => '115361', 'title' => ''], + 'RuleTotalCount' => ['description' => 'The number of built-in rules.', 'type' => 'integer', 'format' => 'int32', 'example' => '4444', 'title' => ''], + 'RuleGroupName' => ['description' => 'The name of the rule group.', 'type' => 'string', 'example' => 'ssssss', 'title' => ''], + 'IsSubscribe' => ['description' => 'The automatic update status of the rule group.'."\n" + ."\n" + .'- 1: Automatic updates are enabled.'."\n" + ."\n" + .'- 2: Automatic updates are disabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''], + 'GmtModified' => ['description' => 'The time when the rule group was last updated.', 'type' => 'integer', 'format' => 'int64', 'example' => '1664336364000', 'title' => ''], + 'ParentRuleGroupId' => ['description' => 'The ID of the rule group that the current rule group inherits.'."\n" + ."\n" + .'- 0: The rule group is created from scratch and does not inherit from another rule group.'."\n" + ."\n" + .'- 1011: The Strict rule group.'."\n" + ."\n" + .'- 1012: The Medium rule group.'."\n" + ."\n" + .'- 1013: The Loose rule group.', 'type' => 'integer', 'format' => 'int64', 'example' => '1012', 'title' => ''], ], - 'title' => '安全事件信息。', + 'title' => '', + 'example' => '', ], - 'title' => '安全事件信息。', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 3,\\n \\"RequestId\\": \\"12F4CC8F-7E9F-5E4D-BF7C-BD1EDDE0C282\\",\\n \\"Data\\": [\\n {\\n \\"Origin\\": \\"custom\\",\\n \\"EventLevel\\": \\"medium\\",\\n \\"StartTs\\": 1683648000,\\n \\"EventInfo\\": \\"{\\\\n \\\\\\"ip_info\\\\\\": [\\\\n {\\\\n \\\\\\"ip\\\\\\": \\\\\\"112.224.143.**\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"CN\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"cnt\\\\\\": \\\\\\"4\\\\\\"\\\\n }\\\\n ],\\\\n \\\\\\"rule_id\\\\\\": \\\\\\"837**\\\\\\",\\\\n \\\\\\"rule_tag\\\\\\": \\\\\\"interface returns a large amount of sensitive information\\\\\\"\\\\n}\\\\n\\",\\n \\"ApiFormat\\": \\"/apisec/v1/register.php\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"UserStatus\\": \\"toBeConfirmed\\",\\n \\"Follow\\": 0,\\n \\"RequestData\\": \\"{}\\",\\n \\"EventId\\": \\"c82cb276847e9c96f9597d9f4b0cdcff\\",\\n \\"AttackIp\\": \\"104.234.140.**\\",\\n \\"AttackIpInfo\\": \\"[\\\\n {\\\\n \\\\\\"ip\\\\\\": \\\\\\"72.*.*.119\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"US\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"\\\\\\",\\\\n \\\\\\"cnt\\\\\\": \\\\\\"2100\\\\\\"\\\\n }\\\\n]\\",\\n \\"EndTs\\": 1683703260,\\n \\"AttackCntInfo\\": \\"{\\\\n \\\\\\"1717498320\\\\\\": 500,\\\\n \\\\\\"1717498380\\\\\\": 529,\\\\n \\\\\\"1717498440\\\\\\": 20\\\\n}\\",\\n \\"AllCnt\\": 10,\\n \\"RemoteRegion\\": \\"110000\\",\\n \\"ResponseData\\": \\"{}\\",\\n \\"AttackClient\\": \\"Chrome\\",\\n \\"EventTag\\": \\"ObtainSensitiveUnauthorized\\",\\n \\"MatchedHost\\": \\"a.***.com\\",\\n \\"Note\\": \\"Notify\\",\\n \\"ApiId\\": \\"2ecc1cf67b91853bc55545052ccf06a8\\",\\n \\"RemoteCountry\\": \\"US\\",\\n \\"AttackIps\\": [\\n \\"104.234.140.**\\\\n\\"\\n ],\\n \\"AttackerList\\": [\\n \\"1.1.1.1\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecEvents', - ], - 'DescribeApisecEventDetail' => [ - 'summary' => '查询安全事件详情', - 'methods' => [ - 'get', - 'post', + 'title' => 'DescribeRuleGroups', + 'summary' => 'Queries a paginated list of regular expression rule groups.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleGroups'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 24,\\n \\"RequestId\\": \\"02E9A4B8-90FB-5F41-A049-C82277EB82FB\\",\\n \\"RuleGroups\\": [\\n {\\n \\"RuleGroupId\\": 115361,\\n \\"RuleTotalCount\\": 4444,\\n \\"RuleGroupName\\": \\"ssssss\\",\\n \\"IsSubscribe\\": 1,\\n \\"GmtModified\\": 1664336364000,\\n \\"ParentRuleGroupId\\": 1012\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeRuleHitsTopClientIp' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -27577,242 +22275,121 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '255326', - 'abilityTreeNodes' => [ - 'FEATUREwafDX9EQ6', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例ID。'."\n" - ."\n" - .'> 您可以通过调用[DescribeInstance](~~433756~~)接口查看当前WAF实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqtm005', - ], + 'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp. Unit: seconds. If you do not set this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'EventId', + 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'title' => 'API 安全事件 ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '18ba94fea9***e66ba0557b7b91', - ], + 'schema' => ['description' => 'The type of rule that the protected object hits. If you do not set this parameter, data for all rule types is returned.'."\n" + ."\n" + .'- **blacklist**: The IP address blacklist is hit.'."\n" + ."\n" + .'- **custom**: A custom rule is hit.'."\n" + ."\n" + .'- **antiscan**: A scan protection rule is hit.'."\n" + ."\n" + .'- **cc\\_system**: An HTTP flood protection rule is hit.'."\n" + ."\n" + .'- **region\\_block**: The Location Blacklist is hit.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''], ], [ - 'name' => 'EventScope', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => '安全事件的维度。取值:'."\n" - .'- **ip**(默认):表示IP安全事件。'."\n" - ."\n" - .'- **account**:表示账号安全事件。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'ip', - 'default' => 'ip', - 'enum' => [ - 'ip', - 'account', - ], - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'DetailType', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => '安全事件的详细信息类型,取值:'."\n" - .'- **event_info**(默认):表示攻击说明信息。'."\n" - .'- **api_info**:表示攻击API信息。'."\n" - .'- **cnt_info**:表示攻击走势信息。'."\n" - .'- **ip_info**:表示攻击IP信息。'."\n" - .'- **sensitive_info**:表示访问敏感数据信息。'."\n" - .'- **request_data**:表示请求信息。'."\n" - .'- **response_data**:表示响应信息。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'event_info', - 'default' => 'event_info', - 'enum' => [ - 'event_info', - 'api_info', - 'cnt_info', - 'ip_info', - 'sensitive_info', - 'request_data', - 'response_data', - ], - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => '本次请求的ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'EventId' => [ - 'title' => 'API安全事件ID。', - 'description' => '', - 'type' => 'string', - 'example' => '18ba94fea9***e66ba0557b7b91', - ], - 'EventTag' => [ - 'title' => '事件类型。'."\n" - .'> 您可以调用[DescribeApisecRules](~~2859155~~)获取支持的事件类型。', - 'description' => '', - 'type' => 'string', - 'example' => 'ObtainSensitiveUnauthorized', - ], - 'AttackerList' => [ - 'title' => '攻击者列表。', - 'description' => '', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9F0F9AD6-62E2-50BB-A3E5-30FFB9410262', 'title' => ''], + 'RuleHitsTopClientIp' => [ + 'description' => 'The top 10 source IP addresses that initiated the most attacks.', 'type' => 'array', 'items' => [ - 'title' => '攻击者信息。'."\n" - .'> 当安全事件的维度 **EventScope** 取值为 **ip** 时,为攻击者IP,取值为 **account** 时,为攻击者账号。', - 'description' => '', - 'type' => 'string', - 'example' => '104.234.140.**', + 'description' => 'The attack details for a source IP address.', + 'type' => 'object', + 'properties' => [ + 'Count' => ['description' => 'The number of attack requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '531', 'title' => ''], + 'ClientIp' => ['description' => 'The IP address of the client.', 'type' => 'string', 'example' => '3.3.XX.XX', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], - ], - 'AttackCnt' => [ - 'title' => '攻击次数。', - 'description' => '', - 'type' => 'string', - 'example' => '345', - ], - 'StartTs' => [ - 'title' => '查询的开始时间,格式为Unix时间戳(UTC时间),单位为秒。', - 'description' => '', - 'type' => 'string', - 'example' => '1683648000', - ], - 'EndTs' => [ - 'title' => '查询的结束时间,格式为Unix时间戳(UTC时间),单位为秒。', - 'description' => '', - 'type' => 'string', - 'example' => '1683703260', - ], - 'Origin' => [ - 'title' => '事件类型的来源。取值:'."\n" - .'- **custom**:表示自定义。'."\n" - .'- **default**:表示内置。', - 'description' => '', - 'type' => 'string', - 'example' => 'custom', - ], - 'EventLevel' => [ - 'title' => '事件等级。取值:'."\n" - .'- **high**:表示高危。'."\n" - .'- **medium**:表示中危。'."\n" - .'- **low**:表示低危。', - 'description' => '', - 'type' => 'string', - 'example' => 'low', - ], - 'UserStatus' => [ - 'title' => '事件状态。取值:'."\n" - .'- **toBeConfirmed**:表示待确认。'."\n" - .'- **confirmed**:表示已确认。'."\n" - .'- **actioned**:表示已处置。'."\n" - .'- **ignored**:表示忽略。', - 'description' => '', - 'type' => 'string', - 'example' => 'toBeConfirmed', - ], - 'Note' => [ - 'title' => '备注信息。', - 'description' => '', - 'type' => 'string', - 'example' => 'already confirmed.', - ], - 'EventScope' => [ - 'title' => '安全事件的维度。取值:'."\n" - .'- **ip**(默认):表示IP安全事件。'."\n" - ."\n" - .'- **account**:表示账号安全事件。', - 'description' => '', - 'type' => 'string', - 'example' => 'ip', - ], - 'DetailValue' => [ - 'title' => '安全事件的详细信息,以一系列参数构造的 JSON 格式转化成字符串。', - 'description' => '', - 'type' => 'string', - 'example' => '{\\"location\\":[\\"FR\\",\\"CN\\"],\\"location_type\\":\\"country\\"}', + 'title' => '', + 'example' => '', ], ], - 'title' => '请求结果。', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"EventId\\": \\"18ba94fea9***e66ba0557b7b91\\",\\n \\"EventTag\\": \\"ObtainSensitiveUnauthorized\\",\\n \\"AttackerList\\": [\\n \\"104.234.140.**\\"\\n ],\\n \\"AttackCnt\\": \\"345\\",\\n \\"StartTs\\": \\"1683648000\\",\\n \\"EndTs\\": \\"1683703260\\",\\n \\"Origin\\": \\"custom\\",\\n \\"EventLevel\\": \\"low\\",\\n \\"UserStatus\\": \\"toBeConfirmed\\",\\n \\"Note\\": \\"already confirmed.\\",\\n \\"EventScope\\": \\"ip\\",\\n \\"DetailValue\\": \\"{\\\\\\\\\\\\\\"location\\\\\\\\\\\\\\":[\\\\\\\\\\\\\\"FR\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"CN\\\\\\\\\\\\\\"],\\\\\\\\\\\\\\"location_type\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"country\\\\\\\\\\\\\\"}\\"\\n}","type":"json"}]', - ], - 'DescribeApisecLogDeliveries' => [ - 'summary' => 'Queries the configurations of API security log subscription.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeRuleHitsTopClientIp', + 'summary' => 'Queries the top 10 source IP addresses from which the most attacks originated.', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:12:46.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopClientIp'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopClientIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9F0F9AD6-62E2-50BB-A3E5-30FFB9410262\\",\\n \\"RuleHitsTopClientIp\\": [\\n {\\n \\"Count\\": 531,\\n \\"ClientIp\\": \\"3.3.XX.XX\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeRuleHitsTopResource' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -27823,123 +22400,117 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '224407', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ + 'name' => 'StartTimestamp', + 'in' => 'query', + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], + ], + [ + 'name' => 'EndTimestamp', + 'in' => 'query', + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''], + ], + [ + 'name' => 'RuleType', + 'in' => 'query', + 'schema' => ['description' => 'The type of rule that was triggered. If you do not specify this parameter, data for all rule types is returned.'."\n" + ."\n" + .'- **blacklist**: The IP address blacklist.'."\n" + ."\n" + .'- **custom**: A custom rule.'."\n" + ."\n" + .'- **antiscan**: A scan protection rule.'."\n" + ."\n" + .'- **cc\\_system**: An HTTP flood protection rule.'."\n" + ."\n" + .'- **region\\_block**: The Location Blacklist feature.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3_public_cn-uqm2z****0a'."\n", - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', - ], - 'DeliveryConfigs' => [ - 'description' => 'The configurations of API security log subscription.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'ADA11BC7-AA95-5C31-9095-5802C02ED1DC', 'title' => ''], + 'RuleHitsTopResource' => [ + 'description' => 'The top 10 protected objects that triggered protection rules.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'The details of a protected object that triggered a protection rule.', 'type' => 'object', 'properties' => [ - 'AssertKey' => [ - 'description' => 'The type of the log subscription. Valid values:'."\n" - ."\n" - .'* **risk**: risk information.'."\n" - .'* **event**: attack event information.'."\n" - .'* **asset**: asset information.'."\n", - 'type' => 'string', - 'example' => 'risk', - ], - 'Status' => [ - 'description' => 'The status of API security log subscription. Valid values:'."\n" - ."\n" - .'* **true**: enabled.'."\n" - .'* **false**: disabled.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'LogStoreName' => [ - 'description' => 'The name of the Logstore in Simple Log Service.'."\n", - 'type' => 'string', - 'example' => 'apisec-logstore***'."\n", - ], - 'ProjectName' => [ - 'description' => 'The name of the project in Simple Log Service.'."\n", - 'type' => 'string', - 'example' => 'apisec-project-14316572********', - ], - 'LogRegionId' => [ - 'description' => 'The ID of the region where logs are stored.'."\n", - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], + 'Resource' => ['description' => 'The protected object.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'Count' => ['description' => 'The number of requests that triggered the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '14219', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeRuleHitsTopResource', + 'summary' => 'Queries the top 10 protected objects that triggered protection rules most frequently.', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:15:26.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"DeliveryConfigs\\": [\\n {\\n \\"AssertKey\\": \\"risk\\",\\n \\"LogRegionId\\": \\"cn-hangzhou\\",\\n \\"ProjectName\\": \\"apisec-project-14316572********\\",\\n \\"LogStoreName\\": \\"apisec-logstore***\\\\n\\",\\n \\"Status\\": true\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecLogDeliveries', - ], - 'DescribeApisecSlsLogStores' => [ - 'summary' => 'Queries the Logstores whose names start with apisec- in Simple Log Service.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopResource'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"ADA11BC7-AA95-5C31-9095-5802C02ED1DC\\",\\n \\"RuleHitsTopResource\\": [\\n {\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 14219\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeRuleHitsTopRuleId' => [ + 'summary' => 'Queries the top 10 rule IDs that have triggered mitigation policies the most times.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -27950,112 +22521,130 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '224413', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3_public_cn-uqm2z****0a', - ], + 'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'LogRegionId', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the region where logs are stored.'."\n" - ."\n" - .'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], ], [ - 'name' => 'ProjectName', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the project in Simple Log Service.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'apisec-project-14316572********', - ], + 'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], + ], + [ + 'name' => 'RuleType', + 'in' => 'query', + 'schema' => ['description' => 'The type of rule hit by the protected object. By default, this parameter is not specified, which indicates that all rules are displayed.'."\n" + ."\n" + .'- **blacklist**: IP blacklist.'."\n" + ."\n" + .'- **custom**: Custom rule.'."\n" + ."\n" + .'- **antiscan**: Scan protection rule.'."\n" + ."\n" + .'- **cc_system**: HTTP flood mitigation rule.'."\n" + ."\n" + .'- **region_block**: Location blacklist.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''], + ], + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], + ], + [ + 'name' => 'IsGroupResource', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to aggregate rule hits by protected object.'."\n" + ."\n" + .'- **true (default)**: Aggregates rule hits by protected object. In this case, rule hits are counted based on individual rules only, and the Resource value in the response is empty.'."\n" + .'- **false**: Does not aggregate rule hits by protected object. In this case, rule hits are counted based on both protected objects and rules.', 'type' => 'string', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'."\n", - ], - 'LogStores' => [ - 'description' => 'The names of the Logstores in Simple Log Service.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F6334274-8870-5D2F-A1AD-D6EF885AC1ED', 'title' => ''], + 'RuleHitsTopRuleId' => [ + 'description' => 'The top 10 rule IDs by rule hits.', 'type' => 'array', 'items' => [ - 'description' => 'The name of the Logstore in Simple Log Service.'."\n", - 'type' => 'string', - 'example' => 'apisec-logstore***', + 'description' => 'The rule hit details.', + 'type' => 'object', + 'properties' => [ + 'RuleId' => ['description' => 'The rule ID.', 'type' => 'string', 'example' => '5465465', 'title' => ''], + 'Resource' => ['description' => 'The protected object. This parameter is returned when the IsGroupResource request parameter is set to false.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'Count' => ['description' => 'The number of requests that hit the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '181174784', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'Query top 10 rule iDs by rule hits', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:15:26.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-10-18T06:19:28.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\\\n\\",\\n \\"LogStores\\": [\\n \\"apisec-logstore***\\"\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecSlsLogStores', - ], - 'DescribeApisecSlsProjects' => [ - 'summary' => 'Queries the projects whose names start with apisec- in Simple Log Service.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopRuleId'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopRuleId', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F6334274-8870-5D2F-A1AD-D6EF885AC1ED\\",\\n \\"RuleHitsTopRuleId\\": [\\n {\\n \\"RuleId\\": \\"5465465\\",\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 181174784\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeRuleHitsTopTuleType' => [ + 'summary' => 'Queries the top 10 most frequently triggered protection rule types.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -28066,236 +22655,230 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '224410', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3_public_cn-uqm2z****0a', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'LogRegionId', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the region where logs are stored.'."\n" - ."\n" - .'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], + ], + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], - 'Projects' => [ - 'description' => 'The names of the projects in Simple Log Service.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '45E377CE-0B04-578E-B653-EEA63CFE****', 'title' => ''], + 'RuleHitsTopTuleType' => [ + 'description' => 'The top 10 protection rule types that were hit.', 'type' => 'array', 'items' => [ - 'description' => 'The name of the project in Simple Log Service.'."\n", - 'type' => 'string', - 'example' => 'apisec-project-14316572********'."\n", + 'description' => 'The details about the hits on a protection rule type.', + 'type' => 'object', + 'properties' => [ + 'RuleType' => ['description' => 'The type of rule that was hit. This parameter is not returned by default, which indicates that data for all rule types is returned.'."\n" + ."\n" + .'- **waf**: basic protection rules.'."\n" + ."\n" + .'- **blacklist**: IP address blacklist.'."\n" + ."\n" + .'- **custom**: custom rules.'."\n" + ."\n" + .'- **antiscan**: scan protection rules.'."\n" + ."\n" + .'- **cc\\_system**: HTTP flood protection rules.'."\n" + ."\n" + .'- **region\\_block**: location blacklist.'."\n" + ."\n" + .'- **scene**: bot management.'."\n" + ."\n" + .'- **dlp**: data leak prevention.', 'type' => 'string', 'example' => 'blacklist', 'title' => ''], + 'Count' => ['description' => 'The number of requests that hit the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '698455', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'DescribeRuleHitsTopTuleType', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:15:26.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Projects\\": [\\n \\"apisec-project-14316572********\\\\n\\"\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeApisecSlsProjects', - ], - 'ModifyApisecLogDelivery' => [ - 'summary' => 'Modifies the configurations of API security log subscription.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopTuleType'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopTuleType', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"45E377CE-0B04-578E-B653-EEA63CFE****\\",\\n \\"RuleHitsTopTuleType\\": [\\n {\\n \\"RuleType\\": \\"blacklist\\",\\n \\"Count\\": 698455\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeRuleHitsTopUa' => [ + 'summary' => 'Queries the top 10 User-Agents that initiated the most attacks.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '224402', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3_public_cn-uqm2z****0a', - ], - ], - [ - 'name' => 'AssertKey', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the log subscription. Valid values:'."\n" - ."\n" - .'* **risk**: risk information.'."\n" - .'* **event**: attack event information.'."\n" - .'* **asset**: asset information.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'risk', - ], + 'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'LogRegionId', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the region where logs are stored.'."\n" - ."\n" - .'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not set this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], ], [ - 'name' => 'ProjectName', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the project in Simple Log Service.'."\n" - ."\n" - .'> API security logs can be delivered only to projects whose names start with apisec-.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'apisec-project-14316572********', - ], + 'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'LogStoreName', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the Logstore in Simple Log Service.'."\n" - ."\n" - .'> API security logs can be delivered only to Logstores whose names start with apisec-.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'apisec-logstore***', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8E5C7ED7-503A-5986-A005-36F2511EB89F', 'title' => ''], + 'RuleHitsTopUa' => [ + 'description' => 'The top 10 User-Agents ranked by attack count.', + 'type' => 'array', + 'items' => [ + 'description' => 'The attack information of a User-Agent.', + 'type' => 'object', + 'properties' => [ + 'Count' => ['description' => 'The number of attack requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '531', 'title' => ''], + 'Ua' => ['description' => 'The User-Agent name.', 'type' => 'string', 'example' => 'android', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'Query top 10 attack user-Agents', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:18:17.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","type":"json"}]', - 'title' => 'ModifyApisecLogDelivery', - ], - 'DescribeApisecExamples' => [ - 'summary' => '查询API安全样例信息', - 'methods' => [ - 'get', - 'post', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUa'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopUa', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8E5C7ED7-503A-5986-A005-36F2511EB89F\\",\\n \\"RuleHitsTopUa\\": [\\n {\\n \\"Count\\": 531,\\n \\"Ua\\": \\"android\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeRuleHitsTopUrl' => [ + 'summary' => 'Queries the top 10 URLs that trigger protection rules the most.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -28303,357 +22886,125 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '255326', - 'abilityTreeNodes' => [ - 'FEATUREwaf71G1E8', - ], + 'abilityTreeCode' => '105175', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例ID。'."\n" - ."\n" - .'> 您可以通过调用[DescribeInstance](~~433756~~)接口查看当前WAF实例ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqtm005', - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'ApiId', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'title' => 'API 的 ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '867ade***24ee6e205b8da82b8f84', - ], + 'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'ExampleType', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'title' => '样例的类型。取值:'."\n" - .'- **sensitive**:表示敏感信息类型。'."\n" - ."\n" - .'- **risk**:表示风险类型。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'sensitive', - 'enum' => [ - 'risk', - 'sensitive', - ], - ], + 'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], ], [ - 'name' => 'RequestSensitiveTypeList', + 'name' => 'Resource', 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'title' => '请求敏感信息类型列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '请求敏感信息类型。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1001', - ], - 'required' => false, - 'maxItems' => 100, - ], + 'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'ResponseSensitiveTypeList', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'title' => '响应敏感信息类型列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '响应敏感信息类型。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1001', - ], - 'required' => false, - 'example' => 'LackOfSpeedLimit', - 'maxItems' => 100, - ], - ], - [ - 'name' => 'AbnormalTag', + 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'title' => '风险类型。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'LackOfSpeedLimit', - ], + 'schema' => ['description' => 'The type of protection rule hit by the protected object. By default, this parameter is not specified, which indicates that all rules are displayed.'."\n" + ."\n" + .'- **blacklist**: IP blacklist.'."\n" + ."\n" + .'- **custom**: Custom rule.'."\n" + ."\n" + .'- **antiscan**: Scan protection rule.'."\n" + ."\n" + .'- **cc_system**: HTTP flood mitigation rule.'."\n" + ."\n" + .'- **region_block**: Location blacklist.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''], ], [ - 'name' => 'NextToken', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => '下一页查询凭证(**Token**)。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'MaxResults', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => '分页查询时每页个数。取值范围为:1-5,默认值为 5。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'maximum' => '5', - 'minimum' => '1', - 'example' => '5', - 'default' => '5', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '176', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => '请求结果。', - 'description' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => '本次请求的ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Examples' => [ - 'title' => '样例列表。', - 'description' => '', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '3D8AF43B-08EB-51CE-B33A-93AA****9B0C', 'title' => ''], + 'RuleHitsTopUrl' => [ + 'description' => 'The top 10 URLs with rule hits.', 'type' => 'array', 'items' => [ - 'title' => '样例信息。', - 'description' => '', + 'description' => 'The rule hit information for a URL.', 'type' => 'object', 'properties' => [ - 'Protocol' => [ - 'title' => '协议的类型。取值:'."\n" - .'- **http**:表示http协议。'."\n" - ."\n" - .'- **https**:表示https协议。', - 'description' => '', - 'type' => 'string', - 'example' => 'http', - ], - 'ApiUrl' => [ - 'title' => '完整请求路径。', - 'description' => '', - 'type' => 'string', - 'example' => 'http://www.test.com/api/v1/hello.php?token=TkJGQw', - ], - 'PocPayload' => [ - 'title' => '验证请求。', - 'description' => '', - 'type' => 'string', - 'example' => 'curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64)\' -H \'Host: www.test.com\' -H \'Accept-encoding: gzip, deflate\' -H \'Eagleeye-rpcid: 0.1\' \'http://www.test.com/api/v1/hello.php?token=TkJGQw\'', - ], - 'RequestSensitiveData' => [ - 'title' => '请求敏感数据信息列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '请求敏感数据信息。', - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'SensitiveCode' => [ - 'title' => '敏感信息类型。', - 'description' => '', - 'type' => 'string', - 'example' => '1000', - ], - 'SensitiveDataList' => [ - 'title' => '敏感信息数据列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '敏感信息数据。', - 'description' => '', - 'type' => 'string', - 'example' => '90.88.49.19', - ], - ], - ], - ], - ], - 'ResponseSensitiveData' => [ - 'title' => '响应敏感数据信息列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '响应敏感数据信息。', - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'SensitiveCode' => [ - 'title' => '敏感信息类型。', - 'description' => '', - 'type' => 'string', - 'example' => '1000', - ], - 'SensitiveDataList' => [ - 'title' => '敏感信息数据列表。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '敏感信息数据。', - 'description' => '', - 'type' => 'string', - 'example' => '90.88.49.19', - ], - ], - ], - ], - ], - 'Request' => [ - 'title' => '样例请求内容,以一系列参数构造的 JSON 格式转化成字符串。包含的字段如下:'."\n" - .'- **method**:表示请求方法。'."\n" - .'- **host**:表示请求域名。'."\n" - .'- **header**:表示请求头。'."\n" - .'- **server_port**:表示服务端口。'."\n" - .'- **body**:表示请求体内容。'."\n" - .'- **url**:表示请求路径。'."\n" - .'- **server_protocol**:表示服务端协议。'."\n" - ."\n" - .'> 当 **body** 字段内容超过16K,仅返回部分内容。', - 'description' => '', - 'type' => 'string', - 'example' => '{'."\n" - .' "method": "GET",'."\n" - .' "host": "www.test.com",'."\n" - .' "header": {'."\n" - .' "Accept": "*/*",'."\n" - .' "Connection": "keep-alive"'."\n" - .' },'."\n" - .' "server_port": "80",'."\n" - .' "body": "-",'."\n" - .' "url": "/api/v1/hello.php?token=TkJGQw",'."\n" - .' "server_protocol": "HTTP/1.1"'."\n" - .'}', - ], - 'Response' => [ - 'title' => '样例响应内容,以一系列参数构造的 JSON 格式转化成字符串。包含的字段如下:'."\n" - .'- **status**:表示状态码。'."\n" - .'- **header**:表示响应头。'."\n" - .'- **body**:表示响应体内容。'."\n" - ."\n" - .'> 当 **body** 字段内容超过16K,仅返回部分内容。', - 'description' => '', - 'type' => 'string', - 'example' => '{'."\n" - .' "header": {'."\n" - .' "Connection": "keep-alive",'."\n" - .' "Content-Encoding": "gzip",'."\n" - .' "Content-Type": "text/html; charset=UTF-8"'."\n" - .' },'."\n" - .' "body": "xxxx",'."\n" - .' "status": 200'."\n" - .'}', - ], + 'Count' => ['description' => 'The number of requests that hit the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '21862', 'title' => ''], + 'Url' => ['description' => 'The request URL.'."\n" + .'> The returned value is Base64-encoded.', 'type' => 'string', 'example' => 'd3d3LmFsaXl1bmRvYy5jb20vcGF0aDM=', 'title' => ''], ], + 'title' => '', + 'example' => '', ], - ], - 'NextToken' => [ - 'title' => '下一页查询凭证(**Token**)。', - 'description' => '', - 'type' => 'string', - 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', - ], - 'MaxResults' => [ - 'title' => '分页查询时每页个数。取值范围为:1-5,默认值为 5。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '5', - ], - 'TotalCount' => [ - 'title' => '结果的总数。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '5', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Examples\\": [\\n {\\n \\"Protocol\\": \\"http\\",\\n \\"ApiUrl\\": \\"http://www.test.com/api/v1/hello.php?token=TkJGQw\\",\\n \\"PocPayload\\": \\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64)\' -H \'Host: www.test.com\' -H \'Accept-encoding: gzip, deflate\' -H \'Eagleeye-rpcid: 0.1\' \'http://www.test.com/api/v1/hello.php?token=TkJGQw\'\\",\\n \\"RequestSensitiveData\\": [\\n {\\n \\"SensitiveCode\\": \\"1000\\",\\n \\"SensitiveDataList\\": [\\n \\"90.88.49.19\\"\\n ]\\n }\\n ],\\n \\"ResponseSensitiveData\\": [\\n {\\n \\"SensitiveCode\\": \\"1000\\",\\n \\"SensitiveDataList\\": [\\n \\"90.88.49.19\\"\\n ]\\n }\\n ],\\n \\"Request\\": \\"{\\\\n \\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"host\\\\\\": \\\\\\"www.test.com\\\\\\",\\\\n \\\\\\"header\\\\\\": {\\\\n \\\\\\"Accept\\\\\\": \\\\\\"*/*\\\\\\",\\\\n \\\\\\"Connection\\\\\\": \\\\\\"keep-alive\\\\\\"\\\\n },\\\\n \\\\\\"server_port\\\\\\": \\\\\\"80\\\\\\",\\\\n \\\\\\"body\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"url\\\\\\": \\\\\\"/api/v1/hello.php?token=TkJGQw\\\\\\",\\\\n \\\\\\"server_protocol\\\\\\": \\\\\\"HTTP/1.1\\\\\\"\\\\n}\\",\\n \\"Response\\": \\"{\\\\n \\\\\\"header\\\\\\": {\\\\n \\\\\\"Connection\\\\\\": \\\\\\"keep-alive\\\\\\",\\\\n \\\\\\"Content-Encoding\\\\\\": \\\\\\"gzip\\\\\\",\\\\n \\\\\\"Content-Type\\\\\\": \\\\\\"text/html; charset=UTF-8\\\\\\"\\\\n },\\\\n \\\\\\"body\\\\\\": \\\\\\"xxxx\\\\\\",\\\\n \\\\\\"status\\\\\\": 200\\\\n}\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 5,\\n \\"TotalCount\\": 5\\n}","type":"json"}]', - ], - 'DescribeNetworkFlowTimeSeriesMetric' => [ - 'summary' => 'Retrieves time-series data for all network traffic, including both malicious and legitimate requests.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query top 10 uRLs with protection rule hits', + 'changeSet' => [ + ['createdAt' => '2024-08-15T07:03:32.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUrl'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopUrl', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3D8AF43B-08EB-51CE-B33A-93AA****9B0C\\",\\n \\"RuleHitsTopUrl\\": [\\n {\\n \\"Count\\": 21862,\\n \\"Url\\": \\"d3d3LmFsaXl1bmRvYy5jb20vcGF0aDM=\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeSecurityEventLogs' => [ + 'summary' => 'Queries the detailed logs of attack traffic. Each log entry contains the details of a request that matched a protection rule.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -28664,262 +23015,277 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '258611', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '258811', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The Web Application Firewall (WAF) instance ID.'."\n" - .'> Call the [DescribeInstanceInfo](~~140857~~) operation to retrieve the WAF instance ID.', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'Filter', 'in' => 'query', 'style' => 'json', 'schema' => [ - 'description' => 'Specifies filtering conditions. Multiple filter parameters use AND logic.', + 'description' => 'The filter conditions. A logical AND relationship exists between multiple filter conditions.', 'type' => 'object', 'properties' => [ 'DateRange' => [ - 'description' => 'Specifies the date range for the query.'."\n", + 'description' => 'The time range to query.', 'type' => 'object', 'properties' => [ - 'StartDate' => [ - 'description' => 'Start time of the query range (Unix timestamp, seconds).', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888000', - ], - 'EndDate' => [ - 'description' => 'End time of the query range (Unix timestamp, seconds).', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888600', - ], + 'StartDate' => ['description' => 'The start of the time range to query. The time range cannot exceed the last 30 days. The value is a UNIX timestamp. Unit: seconds.'."\n" + ."\n" + .'> The start time must be within the last 30 days from the current time.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''], ], 'required' => true, + 'title' => '', + 'example' => '', ], 'Conditions' => [ - 'description' => 'The list of filter conditions. Each node describes a filter condition.'."\n", + 'description' => 'A list of filter conditions. Each node describes a filter condition.', 'type' => 'array', 'items' => [ - 'description' => 'Each condition object must specify a filter field (**Key**), a filter operator (**OpValue**), and filter content (**Values**).', + 'description' => 'The configuration of a single query condition. A query condition consists of a **field name**, an **operator**, and a **filter value**. For more information about the supported field names and operators, see the **Additional information about request parameters** section.', 'type' => 'object', 'properties' => [ - 'Key' => [ - 'description' => 'The filter fields. Valid values:'."\n" - .'* matched_host'."\n" - .'* cluster'."\n" - ."\n" - .'For details, see the **Filter fields (Key)** section below.', - 'type' => 'string', - 'required' => false, - 'enumValueTitles' => [], - 'example' => 'matched_host', - ], - 'OpValue' => [ - 'description' => 'The filter operator. For details, see the **Filter operators (OpValue)** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'eq', - ], - 'Values' => [ - 'description' => 'The filter content.'."\n", - 'type' => 'any', - 'required' => false, - 'example' => 'test.waf-top', - ], + 'Key' => ['description' => 'The name of the field to filter. This operation supports all fields.', 'type' => 'string', 'required' => false, 'example' => 'matched_host'."\n", 'title' => ''], + 'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''], + 'Values' => ['description' => 'The filter value.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top', 'title' => ''], ], 'required' => false, + 'title' => '', + 'example' => '', ], 'required' => false, + 'title' => '', + 'example' => '', ], ], 'required' => true, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'Metric', + 'name' => 'PageSize', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies the data type to be returned. Valid values:'."\n" - ."\n" - .'* qps: Returns the queries per second (QPS) processed by WAF. This value is calculated using a peak detection method: QPS is measured every 10 seconds, and the highest value within the specified time range is returned.'."\n" - .'* total_requests: Returns the total number of requests processed by WAF.'."\n" - .'* top5\\_status: Returns the top 5 HTTP status codes returned by the WAF to clients, along with their corresponding time series statistics.'."\n" - .'* top 5\\_upstream_status: Returns the top 5 HTTP status codes returned by the origin server to clients, along with their corresponding time series data.', - 'type' => 'string', - 'required' => true, - 'example' => 'total_requests', - ], + 'schema' => ['description' => 'The number of entries to return on each page for a paged query. The maximum value is **100**.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number to return for a paged query. The default value is **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: The Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ap-southeast-1', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The resource group ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned data.', + 'description' => 'The returned data. For an example of the format, see **Examples**.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C7726', - ], - 'NetworkFlowTimeSeries' => [ - 'description' => 'The array of time-series data. Supports returning data with multiple values.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-******4C7726'."\n", 'title' => ''], + 'SecurityEventLogs' => [ + 'description' => 'A list of detailed attack logs.', 'type' => 'array', 'items' => [ - 'description' => 'Each time-series contains Timestamps (array of timestamps) and Values (array of counts). Both arrays have the same length. Each timestamp in Timestamps corresponds to a count in Values.'."\n", - 'type' => 'object', - 'properties' => [ - 'Metric' => [ - 'description' => 'The metric name, consistent with the Metric request parameter.'."\n", - 'type' => 'string', - 'example' => 'total_requests', - ], - 'Timestamps' => [ - 'description' => 'The array of timestamps (seconds) marking the start of each time interval.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The start time of each data point (Unix timestamp in seconds).'."\n", - 'type' => 'string', - 'example' => '[]', - ], - ], - 'Values' => [ - 'description' => 'The array of counts, each representing the count for the corresponding time interval.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The count for the current time interval.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '[]', - ], - ], - ], + 'description' => 'Each node is an attack log that corresponds to a request. For more information, see the **Log field descriptions** and **Response example** sections.', + 'enumValueTitles' => [], + 'type' => 'any', + 'example' => '{'."\n" + .' "remote_region_id": "11***0",'."\n" + .' "plugin_matched_detail_waf_group": "****",'."\n" + .' "plugin_matched_block_rule_detail": "****",'."\n" + .' "querystring": "-",'."\n" + .' "matched_host": "i-8vbaazr2tboqsq******-443-ecs",'."\n" + .' "remote_country_id": "CN",'."\n" + .' "remote_isp_id": "100**8",'."\n" + .' "request_method": "GET",'."\n" + .' "plugin_matched_test_rule_detail": "[]",'."\n" + .' "request_traceid": "0b6261221742197109309484******",'."\n" + .' "dst_port": "0",'."\n" + .' "host": "39.99.***.109",'."\n" + .' "real_client_ip": "47.92.***.14",'."\n" + .' "request_path": "/.git/HEAD",'."\n" + .' "server_protocol": "HTTP/1.1",'."\n" + .' "timestamp": "1742197109"'."\n" + .'}', + 'title' => '', ], + 'title' => '', + 'example' => '', ], - 'TimeSeriesMetaData' => [ - 'description' => 'The metadata of the returned data.'."\n", + 'SecurityEventMetaData' => [ + 'description' => 'The metadata of the returned data.', 'type' => 'object', 'properties' => [ 'DateRange' => [ - 'description' => 'The query time range.'."\n", + 'description' => 'The time range used for the query.', 'type' => 'object', 'properties' => [ - 'StartDate' => [ - 'description' => 'The start time of the query range (Unix timestamp, seconds). Same as the StartDate request parameter.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888000', - ], - 'EndDate' => [ - 'description' => 'The end time of the query range (Unix timestamp, seconds). Same as the EndDate request parameter.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888600', - ], + 'StartDate' => ['description' => 'The start of the time range used for the query. The value is a UNIX timestamp. Unit: seconds. This value is the same as the \\`StartDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end of the time range used for the query. The value is a UNIX timestamp. Unit: seconds. This value is the same as the \\`EndDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], - 'AggregateInterval' => [ - 'description' => 'The time granularity. For example, 15m indicates that each data point is counted every 15 minutes. For details, see the **Time granularity of time series data points** section below.', - 'type' => 'string', - 'example' => '1m', - ], - 'Units' => [ - 'description' => 'The unit of the returned data. It is fixed as requests.', - 'type' => 'string', - 'example' => 'requests', - ], + 'Units' => ['description' => 'The unit of the returned statistical data.', 'type' => 'string', 'example' => 'requests', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'SecurityEventLogsTotalCount' => ['description' => 'The total number of attack logs found.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [ 400 => [ - [ - 'errorCode' => 'Waf.Report.%s', - 'errorMessage' => 'Invalid parameter:%s.', - ], - [ - 'errorCode' => 'Waf.Report.InternalError', - 'errorMessage' => 'Server error occurred in report service.', - ], + ['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'], + ['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4*****\\",\\n \\"NetworkFlowTimeSeries\\": [\\n {\\n \\"Metric\\": \\"total_requests\\",\\n \\"Timestamps\\": [\\n \\"[]\\"\\n ],\\n \\"Values\\": [\\n 0\\n ]\\n }\\n ],\\n \\"TimeSeriesMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"AggregateInterval\\": \\"1m\\",\\n \\"Units\\": \\"requests\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeNetworkFlowTimeSeriesMetric', - 'requestParamsDescription' => '**Filter fields (Key)**'."\n" + 'staticInfo' => ['returnType' => 'synchronous'], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-******4C7726\\\\n\\",\\n \\"SecurityEventLogs\\": [\\n \\"{\\\\n\\\\t\\\\\\"remote_region_id\\\\\\": \\\\\\"11***0\\\\\\",\\\\n\\\\t\\\\\\"plugin_matched_detail_waf_group\\\\\\": \\\\\\"****\\\\\\",\\\\n\\\\t\\\\\\"plugin_matched_block_rule_detail\\\\\\": \\\\\\"****\\\\\\",\\\\n\\\\t\\\\\\"querystring\\\\\\": \\\\\\"-\\\\\\",\\\\n\\\\t\\\\\\"matched_host\\\\\\": \\\\\\"i-8vbaazr2tboqsq******-443-ecs\\\\\\",\\\\n\\\\t\\\\\\"remote_country_id\\\\\\": \\\\\\"CN\\\\\\",\\\\n\\\\t\\\\\\"remote_isp_id\\\\\\": \\\\\\"100**8\\\\\\",\\\\n\\\\t\\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n\\\\t\\\\\\"plugin_matched_test_rule_detail\\\\\\": \\\\\\"[]\\\\\\",\\\\n\\\\t\\\\\\"request_traceid\\\\\\": \\\\\\"0b6261221742197109309484******\\\\\\",\\\\n\\\\t\\\\\\"dst_port\\\\\\": \\\\\\"0\\\\\\",\\\\n\\\\t\\\\\\"host\\\\\\": \\\\\\"39.99.***.109\\\\\\",\\\\n\\\\t\\\\\\"real_client_ip\\\\\\": \\\\\\"47.92.***.14\\\\\\",\\\\n\\\\t\\\\\\"request_path\\\\\\": \\\\\\"/.git/HEAD\\\\\\",\\\\n\\\\t\\\\\\"server_protocol\\\\\\": \\\\\\"HTTP/1.1\\\\\\",\\\\n\\\\t\\\\\\"timestamp\\\\\\": \\\\\\"1742197109\\\\\\"\\\\n}\\"\\n ],\\n \\"SecurityEventMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\"\\n },\\n \\"SecurityEventLogsTotalCount\\": 1000\\n}","type":"json"}]', + 'title' => 'DescribeSecurityEventLogs', + 'description' => 'Attack traffic refers to requests that hit a rule and are identified as threats. The following three types of requests are not included:'."\n" ."\n" - .'|Field|Description|Supported filter operators|'."\n" - .'|---|---|---|'."\n" - .'|cluster|The protection cluster.|ne, eq, match-one, and all-not-match|'."\n" - .'|matched\\_host|The protected object.|ne, eq, match-one, and all-not-match|'."\n" + .'- Requests that hit a whitelist rule.'."\n" ."\n" - .'**Filter operators (OpValue)**'."\n" + .'- Requests that hit a bot rule whose action is set to Mark for Origin Fetch.'."\n" ."\n" - .'|Operator|Semantics|Description|'."\n" - .'|---|---|---|'."\n" - .'|all-not-match|Does not equal any value|Checks if the value is not equal to any data in the data set. For example, `{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` will exclude 1.XX.XX.1, 2.XX.XX.2, and 3.XX.XX.3 from real_client_ip.|'."\n" - .'|eq|Equals|Checks if the value of a key is equal to a specific string. For example, `{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` will match any request_path whose URL is equal to "/testcase".|'."\n" - .'|match-one|Equals one of multiple values|Checks if the value is equal to any data in the data set. For example, `{"Key":"real_client_ip","OpValue":"match-one","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` will include data where real_client_ip is 1.XX.XX.1, 2.XX.XX.2, or 3.XX.XX.3.|'."\n" - .'|ne|Does not equal|Checks if the value of a key is not equal to a specific string. For example, `{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` will match any request_path whose URL is not equal to "/testcase".|', - 'responseParamsDescription' => '**Time granularity of time series data points**'."\n" + .'- Requests that hit a rule whose action is set to Dynamic Token, Slider, Strict Slider, or JS Challenge, but are allowed because the user passed the verification.', + 'requestParamsDescription' => '**Operator descriptions**'."\n" ."\n" - .'The returned data\'s time granularity varies depending on the query time range:'."\n" - .'- Less than 3 hours: 1-minute (1m) granularity.'."\n" - .'- 3 hours to less than 6 hours: 5-minute (5m) granularity.'."\n" - .'- 6 hours to less than 24 hours: 15-minute (15m) granularity.'."\n" - .'- 24 hours to less than 7 days: 1-hour (1h) granularity.'."\n" - .'- 7 days to less than 30 days: 1-day (1d) granularity.', - ], - 'DescribeSecurityEventTopNMetric' => [ - 'summary' => 'Queries top N data entries of attack traffic. The system performs statistical aggregation on attack traffic from specific dimensions and returns top N data entries.', - 'methods' => [ - 'post', - 'get', + .'| Operator | Meaning | Description |'."\n" + .'| ------------- | ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n" + .'| all-not-match | Not equal to any value | The field value is not equal to any value in the dataset. Filter data where `real_client_ip` is not equal to any value in the collection:<br>`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n" + .'| contain | Contains | The field value contains a specific string. Filter data where the URL contains "test":<br>`{"Key":"request_path","OpValue":"contain","Values":"test"}` |'."\n" + .'| eq | Equals | The field value equals a specific string. Filter data where the URL is "/testcase":<br>`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n" + .'| match-one | Equals one of multiple values | The field value is equal to any value in the dataset. Filter data where `real_client_ip` is equal to any value in the collection:<br>`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n" + .'| ne | Not equal to | The field value does not equal a specific string. Filter data where the URL is not "/testcase":<br>`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n" + .'| not-contain | Does not contain | The field value does not contain a specific string. Filter data where the URL does not contain "test":<br>`{"Key":"request_path","OpValue":"not-contain","Values":"test"}` |'."\n" + .'| prefix-match | Prefix match | The field value starts with a specific string. Filter data where the URL prefix is "/testcase":<br>`{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}` |'."\n" + .'| suffix-match | Suffix match | The field value ends with a specific string. Filter data where the URL suffix is "/testcase":<br>`{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}` |'."\n" + ."\n" + .'**Supported keys for filter conditions**'."\n" + ."\n" + .'| Field name | Description | Supported operators |'."\n" + .'| ----------------- | --------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- |'."\n" + .'| action | The protection action. This is the final action taken on the request. | ne, eq |'."\n" + .'| cluster | The protection cluster. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| defense_scene | The protection module. A request may hit multiple protection modules. Requests filtered by this field may also hit other modules. | ne, eq |'."\n" + .'| host | The `host` field in the HTTP header. | contain,<br>not-contain, ne, eq, match-one, all-not-match, prefix-match, suffix-match |'."\n" + .'| http_cookie | The `cookie` field in the HTTP header. | contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match |'."\n" + .'| http_user_agent | The `User-Agent` field in the HTTP header. | contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match |'."\n" + .'| matched_host | The protected object. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| real_client_ip | The source IP address of the request. Only IP address strings are supported as filter values. CIDR blocks are not supported. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| remote_country_id | The country to which the source IP address of the HTTP request belongs. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| remote_region_id | The province or city to which the source IP address of the HTTP request belongs. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| request_method | The HTTP request method. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| request_path | The HTTP request URL, excluding the query string. | contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match |'."\n" + .'| request_traceid | The unique ID that identifies the request. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| rule_id | The rule ID. A request may hit multiple rules. Requests filtered by this field may also hit other rules. | ne, eq |', + 'responseParamsDescription' => '**Log field descriptions**'."\n" + ."\n" + .'| Field name | Description | Example value |'."\n" + .'| -------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |'."\n" + .'| dst_port | The requested destination port. | 443 |'."\n" + .'| host | The `Host` field in the client request header. This value indicates the accessed domain name or IP address. | api.example.com |'."\n" + .'| matched_host | The WAF protected object (cloud product instance or domain name) that the client request matched. | *.aliyun***.com |'."\n" + .'| plugin_matched_detail_waf_group | The details of the basic protection rule that the request matched, including the matched URI pattern and the raw request URI. | |'."\n" + .'| plugin_matched_block_rule_detail | The details of the protection rule in block mode that the request matched, including the rule ID, action, and protection module. | |'."\n" + .'| plugin_matched_test_rule_detail | The details of the protection rule in monitor mode that the request matched, including the rule ID, action, and protection module. | |'."\n" + .'| querystring | The query string of the client request, which is the part of the URL after the question mark (?). | title=tm_content%3Darticle&pid=123 |'."\n" + .'| remote_region_id | The ID of the province to which the IP address belongs. | 410000 |'."\n" + .'| remote_country_id | The ID of the country to which the source IP address belongs. | CN |'."\n" + .'| remote_isp_id | The ID of the Internet service provider (ISP) to which the source IP address belongs. | 100098 |'."\n" + .'| request_method | The client request method. | GET |'."\n" + .'| request_traceid | The unique ID that WAF generates for the client request. | 7837b11715410386943437009***** |'."\n" + .'| real_client_ip | The actual IP address of the client, as determined by WAF from the request headers. | 192.0.XX.XX |'."\n" + .'| request_path | The request path, which is the part of the URL after the domain name and before the question mark (?). This value does not include the query string. | /news/search.php |'."\n" + .'| server_protocol | The protocol between the client and WAF. | HTTP/1.1 |'."\n" + .'| timestamp | The time when the request was processed by the DPI engine. The value is a UNIX timestamp. Unit: seconds. | 1742197109 |'."\n" + ."\n" + .'**Response example**'."\n" + ."\n" + .'```'."\n" + .'{'."\n" + .' "SecurityEventLogsTotalCount": 1,'."\n" + .' "SecurityEventLogs": ['."\n" + .' {'."\n" + .' "remote_region_id": "110000",'."\n" + .' "plugin_matched_detail_waf_group": "{\\"uri\\":{\\"hit\\":[\\"/.git/\\"],\\"raw\\":\\"/.git/\\"}}",'."\n" + .' "plugin_matched_block_rule_detail": "[{\\"RuleId\\":\\"12***5\\",\\"Action\\":\\"block\\",\\"DefenseScene\\":\\"waf_base\\",\\"RuleType\\":\\"other\\"}]",'."\n" + .' "querystring": "-",'."\n" + .' "matched_host": "i-8vbaazr2tboqsq******-443-ecs",'."\n" + .' "remote_country_id": "CN",'."\n" + .' "remote_isp_id": "100098",'."\n" + .' "request_method": "GET",'."\n" + .' "plugin_matched_test_rule_detail": "[]",'."\n" + .' "request_traceid": "0b6261221742197109309484******",'."\n" + .' "dst_port": "0",'."\n" + .' "host": "39.99.***.109",'."\n" + .' "real_client_ip": "47.92.***.14",'."\n" + .' "request_path": "/.git/HEAD",'."\n" + .' "server_protocol": "HTTP/1.1",'."\n" + .' "timestamp": "1742197109"'."\n" + .' }'."\n" + .' ],'."\n" + .' "SecurityEventMetaData": {'."\n" + .' "DateRange": {'."\n" + .' "StartDate": 1742196600,'."\n" + .' "EndDate": 1742197500'."\n" + .' }'."\n" + .' }'."\n" + .'}'."\n" + .'```', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSecurityEventLogs', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'DescribeSecurityEventTimeSeriesMetric' => [ + 'summary' => 'Queries the time series data of attack traffic. Attack requests are requests that hit a rule and are identified as a threat.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -28930,285 +23296,239 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '258810', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '258794', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'Filter', 'in' => 'query', 'style' => 'json', 'schema' => [ - 'description' => 'The filter conditions for the query. Multiple conditions are evaluated by using a logical AND.'."\n", + 'description' => 'The filter conditions for the query. Multiple filter conditions have a logical AND relationship.', 'type' => 'object', 'properties' => [ 'DateRange' => [ - 'description' => 'The time range for the query.'."\n", + 'description' => 'The time range to query.', 'type' => 'object', 'properties' => [ - 'StartDate' => [ - 'description' => 'The beginning of the time range to query. The value is a Unix timestamp. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'The end of the time range to query. The value is a Unix timestamp. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888600'."\n", - ], + 'StartDate' => ['description' => 'You can query data from the last 30 days. The start time of the query. This is a UNIX timestamp. Unit: seconds.'."\n" + ."\n" + .'> ## The start time must be within the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end time of the query. This is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''], ], 'required' => true, + 'title' => '', + 'example' => '', ], 'Conditions' => [ - 'description' => 'The filter conditions. Each object describes a filter condition.'."\n", + 'description' => 'A list of filter conditions. Each node describes one filter condition.', 'type' => 'array', 'items' => [ - 'description' => 'The filter condition. A condition consists of a **field name**, an **operator**, and **field content**.', + 'description' => 'A single query condition, which consists of a field name, an operator, and a filter value. For information about the supported field names and operators, see Additional information about request parameters.', 'type' => 'object', 'properties' => [ - 'Key' => [ - 'description' => 'The field name. This operation supports all fields. For more information, see the **Supported field names** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'matched_host', - ], - 'OpValue' => [ - 'description' => 'The operator. For more information, see the **Supported operators** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'eq', - ], - 'Values' => [ - 'description' => 'The field content.'."\n", - 'type' => 'any', - 'required' => false, - 'example' => 'test.waf-top'."\n", - ], + 'Key' => ['description' => 'The name of the field to filter. This operation supports all fields.', 'type' => 'string', 'required' => false, 'example' => 'matched_host', 'title' => ''], + 'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''], + 'Values' => ['description' => 'The filter value.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top'."\n", 'title' => ''], ], 'required' => false, + 'title' => '', + 'example' => '', ], 'required' => false, + 'title' => '', + 'example' => '', ], ], 'required' => true, - ], - ], - [ - 'name' => 'Limit', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of data entries that can be returned. Data entries are sorted in descending order before they are returned. Maximum value: 10.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '10'."\n", + 'title' => '', + 'example' => '', ], ], [ 'name' => 'Metric', 'in' => 'query', - 'schema' => [ - 'description' => 'The metric whose top N data entries you want to return. The following metrics are supported:'."\n" - ."\n" - .'> For more information about attack requests, see the "Operation description" section of this topic.'."\n" - ."\n" - .'* real_client_ip: The system aggregates the source IP addresses of attack requests to collect statistics, sorts the statistical results in descending order, and returns top N data entries.'."\n" - .'* http_user_agent: The system aggregates the User-Agent header field of attack requests to collect statistics, sorts the statistical results in descending order, and returns top N data entries.'."\n" - .'* matched_host: The system aggregates the protected objects that are matched by attack requests to collect statistics, sorts the statistical results in descending order, and returns top N data entries.'."\n" - .'* remote_region_id: The system aggregates the countries to which the source IP addresses of attack requests belong to collect statistics, sorts the statistical results in descending order, and returns top N data entries.'."\n" - .'* request_path: The system aggregates the URLs of attack requests to collect statistics, sorts the statistical results in descending order, and returns top N data entries. The URLs exclude query strings.'."\n" - .'* block_defense_scene: The system aggregates the protection modules that block attack requests to collect statistics, sorts the statistical results in descending order, and returns top N data entries. The requests match protection rules whose actions are not set to Monitor.'."\n" - .'* defense_scene: The system aggregates the protection modules that are matched by attack requests to collect statistics, sorts the statistical results in descending order, and returns top N data entries.'."\n" - .'* defense_scene_rule_id: The system returns the IDs of top N protection rules that are matched by attack requests and also the related protection modules. Only protection rules whose actions are not set to Monitor are counted. The system returns the value in the following format:\\'."\n" - .' `{ "Attribute": "waf_base", "Value": 140, "Name": "111034" }`'."\n" - .'* defense_scene_with_rule_id: The system returns the IDs of top N protection rules that are matched by attack requests and also the related protection modules. The IDs and protection modules are connected by using hyphens (-). Protection rules whose actions are set to Monitor and Block are counted. The system returns the value in the following format:\\'."\n" - .' `{ "Attribute": "", "Value": 1, "Name": "120075-waf_base" }`'."\n" - .'* defense_scene_top_rule_id: The system returns top N matched protection rules of a specific protection module. You can specify Conditions in Filter to configure filter conditions. For example, you can use the following condition to query top N matched protection rules of the custom rule module:\\'."\n" - .' `{ "Key": "defense_scene_map", "OpValue": "contain", "Values": "custom_acl" }`'."\n" - .'* defense_scene_rule_type: The system returns top N matched protection rules of the core web protection module. This metric is supported only by the core web protection module because only this module supports subtypes of protection rules. You must specify Conditions in Filter to configure filter conditions. Example:\\'."\n" - .' `{ "Key": "defense_scene", "OpValue": "eq", "Values": "waf_base" }`'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'real_client_ip', - ], + 'schema' => ['description' => 'Specifies the content of the returned data. Different metrics correspond to different data content. This operation supports the following metrics:'."\n" + ."\n" + .'- mitigated\\_requests: Returns the time series statistics of blocked requests.'."\n" + ."\n" + .'- monitored\\_requests: Returns the time series statistics of requests that hit only observation-type rules.'."\n" + ."\n" + .'- mitigated\\_requests\\_group\\_by\\_defense\\_scene: Returns data grouped by module. It records a time series graph of the hit count for each module. A single request may hit multiple modules. Therefore, the hit count returned by this metric may not be consistent with the number of requests.'."\n" + ."\n" + .'- mitigated\\_requests\\_group\\_by\\_block\\_defense\\_scene: Returns data grouped by module. It records a time series graph of the number of blocked requests for each module. A single request is blocked by only one module. Therefore, the count returned by this metric is consistent with the number of requests.', 'type' => 'string', 'required' => true, 'example' => 'mitigated_requests', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: The Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.', - 'type' => 'string', - 'required' => false, - 'example' => 'ap-southeast-1'."\n", - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q'."\n", - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters. For more information, see the **Examples** section below.', + 'description' => 'The returned data. For a sample format, see the Examples section.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D827FCFE-90A7-4330-9326-*****B4C7726', - ], - 'SecurityEventTopNValues' => [ - 'description' => 'The top N data entries returned.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-*****4C7726'."\n", 'title' => ''], + 'SecurityEventTimeSeries' => [ + 'description' => 'The returned time series data. The operation can return time series data for multiple values.', 'type' => 'array', 'items' => [ - 'description' => 'The data entry.'."\n", + 'description' => 'A single set of time series data. The time series data consists of two arrays: \\`Timestamps\\` and \\`Values\\`. The \\`Timestamps\\` array contains a time series with fixed intervals. The \\`Values\\` array contains the statistical count for each interval. The two arrays have the same number of nodes, and their data points have a one-to-one correspondence.', 'type' => 'object', 'properties' => [ - 'Name' => [ - 'description' => 'The field value, which varies based on the metric.'."\n", - 'type' => 'string', - 'example' => '10000', - ], - 'Attribute' => [ - 'description' => 'The additional information, such as the protection module for a protection rule whose ID is returned.'."\n", - 'type' => 'string', - 'example' => 'waf_base'."\n", + 'Metric' => ['description' => 'The content of the returned data. This is consistent with the \\`Metric\\` request parameter.', 'type' => 'string', 'example' => 'monitored_requests', 'title' => ''], + 'Timestamps' => [ + 'description' => 'The time series. Each point represents the start time of a time range.', + 'type' => 'array', + 'items' => ['description' => 'The start time for each data point. This is a UNIX timestamp string.', 'type' => 'string', 'example' => '[]', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'Value' => [ - 'description' => 'The count for the data entry.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1111', + 'Values' => [ + 'description' => 'The data series. Each point represents the statistical count within a specific time range.', + 'type' => 'array', + 'items' => ['description' => 'The statistical count for the current time range.', 'type' => 'integer', 'format' => 'int64', 'example' => '[]'."\n", 'title' => ''], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], - 'TopNMetaData' => [ - 'description' => 'The metadata of the data entries returned.'."\n", + 'TimeSeriesMetaData' => [ + 'description' => 'The metadata of the returned data.', 'type' => 'object', 'properties' => [ 'DateRange' => [ - 'description' => 'The time range that is used for the query.'."\n", + 'description' => 'The time range used for the query.', 'type' => 'object', 'properties' => [ - 'StartDate' => [ - 'description' => 'The beginning of the time range to query. The value is a Unix timestamp. Unit: seconds. This value is the same as the value of StartDate in the request parameters.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'The end of the time range to query. The value is a Unix timestamp. Unit: seconds. This value is the same as the value of EndDate in the request parameters.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888600'."\n", - ], + 'StartDate' => ['description' => 'The start time of the query. This is a UNIX timestamp. Unit: seconds. This value is the same as the \\`StartDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end time of the query. This is a UNIX timestamp. Unit: seconds. This value is the same as the \\`EndDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], - 'Units' => [ - 'description' => 'The unit of the statistics returned. It is fixed as requests.', - 'type' => 'string', - 'example' => 'requests', - ], + 'AggregateInterval' => ['description' => 'The time granularity of each data point in the returned time series data. For example, "15m" indicates that each returned data point represents statistics for a 15-minute interval. For more information about the time granularity of the returned data, see the Time granularity of time series data points section.', 'type' => 'string', 'example' => '1m', 'title' => ''], + 'Units' => ['description' => 'The unit of the returned statistical data.', 'type' => 'string', 'example' => 'requests'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [ 400 => [ - [ - 'errorCode' => 'Waf.Report.%s', - 'errorMessage' => 'Invalid parameter:%s.', - ], - [ - 'errorCode' => 'Waf.Report.InternalError', - 'errorMessage' => 'Server error occurred in report service.', - ], + ['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'], + ['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-*****B4C7726\\\\n\\",\\n \\"SecurityEventTopNValues\\": [\\n {\\n \\"Name\\": \\"10000\\",\\n \\"Attribute\\": \\"waf_base\\\\n\\",\\n \\"Value\\": 1111\\n }\\n ],\\n \\"TopNMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeSecurityEventTopNMetric', - 'description' => 'Attack traffic refers to the traffic of requests that match protection rules and are identified as risky. The following types of requests are excluded:'."\n" + 'title' => 'DescribeSecurityEventTimeSeriesMetric', + 'description' => 'Attack traffic refers to requests that hit a rule and are identified as a threat. The following data is excluded:'."\n" ."\n" - .'* Requests that match the protection rules of the whitelist module.'."\n" - .'* Requests that match the protection rules of the bot management module. The actions of the protection rules are set to Add Tag.'."\n" - .'* Requests that match protection rules with actions set to Dynamic Token-based Authentication, Slider CAPTCHA, Strict Slider CAPTCHA Verification, and JavaScript Validation, pass the verifications specified by the actions, and are allowed.'."\n", - 'requestParamsDescription' => '**Supported operators**'."\n" + .'- Requests that hit a whitelist rule.'."\n" ."\n" - .'|Operator|Meaning|Description|'."\n" - .'|---|---|---|'."\n" - .'|all-not-match|Does Not Equal Any Value|The field value does not equal any value in the data set. For example, you can use the following condition to query the real\\_client\\_ip fields whose value does not equal any value in the data set: `{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.XX.XX.1","2.XX.XX2","3.XX.XX.3"]}`.|'."\n" - .'|contain|Contains|The field value contains a specific string. For example, you can use the following condition to query the URLs that contain the test string: `{"Key":"request_path","OpValue":"contain","Values":"test"}`.|'."\n" - .'|eq|Equals|The field value equals a specific string. For example, you can use the following condition to query the URLs that equal the /testcase string: `{"Key":"request_path","OpValue":"eq","Values":"/testcase"}`.|'."\n" - .'|match-one|Equals One of Multiple Values|The field value equals one of multiple values in the data set. For example, you can use the following condition to query the real\\_client\\_ip fields whose value equals one of multiple values in the data set: `{"Key":"real_client_ip","OpValue":"match-one","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}`.|'."\n" - .'|ne|Does Not Equal|The field value does not equal a specific string. For example, you can use the following condition to query the URLs that do not equal the /testcase string: `{"Key":"request_path","OpValue":"ne","Values":"/testcase"}`.|'."\n" - .'|not-contain|Does Not Contain|The field value does not contain a specific string. For example, you can use the following condition to query the URLs that do not contain the test string: `{"Key":"request_path","OpValue":"not-contain","Values":"test"}`.|'."\n" - .'|prefix-match|Prefix Match|The field value is prefixed with a specific string. For example, you can use the following condition to query the URLs that are prefixed with the /testcase string: `{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}`.|'."\n" - .'|suffix-match|Suffix Match|The field value is suffixed with a specific string. For example, you can use the following condition to query the URLs that are suffixed with the /testcase string: `{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}`.|'."\n" + .'- Requests that hit a bot rule where the rule action is "Mark for origin fetch".'."\n" ."\n" - .'**Supported field names**'."\n" + .'- Requests that hit a rule with the action "Dynamic Token", "Slider", "Strict Slider", or "JS Challenge", but are allowed because the user passed the verification.', + 'requestParamsDescription' => '**Operator descriptions**'."\n" ."\n" - .'|Field name|Description|Supported operator|'."\n" - .'|---|---|---|'."\n" - .'|action|The action that is performed on the request.|ne and eq|'."\n" - .'|cluster|The protection cluster.|ne, eq, match-one, and all-not-match|'."\n" - .'|defense\\_scene|The protection module. A request may match multiple protection modules. The requests that are obtained by matching the value of this field may still match other protection modules.|ne and eq|'."\n" - .'|host|The Host header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|http\\_cookie|The Cookie header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|http\\_user\\_agent|The User-Agent header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|matched\\_host|The protected object.|ne, eq, match-one, and all-not-match|'."\n" - .'|real\\_client\\_ip|The source IP address of the request. Only IP addresses are supported. CIDR blocks are not supported.|ne, eq,match-one, and all-not-match|'."\n" - .'|remote\\_country\\_id|The country to which the source IP address of the HTTP request belongs.|ne, eq, match-one, and all-not-match|'."\n" - .'|remote\\_region\\_id|The province or city to which the source IP address of the HTTP request belongs.|ne, eq, match-one, and all-not-match|'."\n" - .'|request\\_method|The request method of the HTTP request.|ne, eq, match-one, and all-not-match|'."\n" - .'|request\\_path|The URL of the HTTP request, excluding the query string.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|request\\_traceid|The request ID, which is unique.|ne, eq, match-one, and all-not-match|'."\n" - .'|rule\\_id|The ID of the protection rule. A request may match multiple protection rules. The requests that are obtained by matching the value of this field may still match other protection rules.|ne and eq|', - ], - 'DescribeSecurityEventTimeSeriesMetric' => [ - 'summary' => 'Queries the time series data of attack traffic. Attack requests refer to requests that match protection rules and are identified as risky.', - 'methods' => [ - 'post', - 'get', + .'| Operator | Meaning | Description |'."\n" + .'| ------------- | ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n" + .'| all-not-match | Not equal to any value | The field value is not equal to any value in the dataset. For example, to filter requests where real_client_ip is not equal to any value in the collection:<br>`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n" + .'| contain | Contains | The field value contains a specific string. For example, to filter data where the URL contains "test":<br>`{"Key":"request_path","OpValue":"contain","Values":"test"}` |'."\n" + .'| eq | Equals | The field value equals a specific string. For example, to filter data where the URL equals "/testcase":<br>`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n" + .'| match-one | Equals one of multiple values | The field value is equal to any value in the dataset. For example, to filter requests where real_client_ip is equal to any value in the collection:<br>`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n" + .'| ne | Not equal to | The field value does not equal a specific string. For example, to filter statistics where the URL does not equal "/testcase":<br>`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n" + .'| not-contain | Does not contain | The field value does not contain a specific string. For example, to filter data where the URL does not contain "test":<br>`{"Key":"request_path","OpValue":"not-contain","Values":"test"}` |'."\n" + .'| prefix-match | Prefix match | The field value starts with a specific string. For example, to filter data where the URL prefix is "/testcase":<br>`{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}` |'."\n" + .'| suffix-match | Suffix match | The field value ends with a specific string. For example, to filter data where the URL suffix is "/testcase":<br>`{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}` |'."\n" + ."\n" + .'**Supported keys for filter conditions**'."\n" + ."\n" + .'| Field name | Description | Supported operators |'."\n" + .'| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------- |'."\n" + .'| action | The protection action. This is the final action taken on the request. | ne, eq |'."\n" + .'| cluster | The protection cluster. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| defense_scene | The protection module. A request may hit multiple protection modules. Requests filtered by this field may also hit other modules. | ne, eq |'."\n" + .'| host | The host from the HTTP header. | contain,<br>not-contain, ne, eq, match-one, all-not-match, prefix-match, suffix-match |'."\n" + .'| http_cookie | The cookie from the HTTP header. | contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match |'."\n" + .'| http_user_agent | The User-Agent from the HTTP header. | contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match |'."\n" + .'| matched_host | The protected object. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| real_client_ip | The source IP address of the request. The parameter that follows the operator must be an IP address string or a list of IP address strings. Queries by CIDR block are not supported. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| remote_country_id | The country to which the source IP address of the HTTP request belongs. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| remote_region_id | The province or city to which the source IP address of the HTTP request belongs. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| request_method | The HTTP request method. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| request_path | The HTTP request URL, excluding the query string. | contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match |'."\n" + .'| request_traceid | The unique ID that identifies the request. | ne, eq,<br>match-one,<br>all-not-match |'."\n" + .'| rule_id | The rule ID. A request may hit multiple rules. Requests filtered by this field may also hit other rules. | ne, eq |', + 'responseParamsDescription' => '**Time granularity of time series data points**'."\n" + ."\n" + .'The statistical time granularity of the returned data varies based on the selected time range.'."\n" + ."\n" + .'- If the time range is less than 3 hours, the time granularity of the data points is 1m (1 minute).'."\n" + ."\n" + .'- If the time range is 3 hours or more but less than 6 hours, the time granularity of the data points is 5m (5 minutes).'."\n" + ."\n" + .'- If the time range is 6 hours or more but less than 24 hours, the time granularity of the data points is 15m (15 minutes).'."\n" + ."\n" + .'- If the time range is 24 hours or more but less than 7 days, the time granularity of the data points is 1h (1 hour).'."\n" + ."\n" + .'- If the time range is 7 days or more but less than 30 days, the time granularity of the data points is 1d (1 day).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTimeSeriesMetric'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSecurityEventTimeSeriesMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-*****4C7726\\\\n\\",\\n \\"SecurityEventTimeSeries\\": [\\n {\\n \\"Metric\\": \\"monitored_requests\\",\\n \\"Timestamps\\": [\\n \\"[]\\"\\n ],\\n \\"Values\\": [\\n 0\\n ]\\n }\\n ],\\n \\"TimeSeriesMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"AggregateInterval\\": \\"1m\\",\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]', + ], + 'DescribeSecurityEventTopNMetric' => [ + 'summary' => 'Queries the top N statistics of attack traffic, which is aggregated by a specified dimension, sorted, and returned.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -29219,285 +23539,225 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '258794', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '258810', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'Filter', 'in' => 'query', 'style' => 'json', 'schema' => [ - 'description' => 'The filter conditions for the query. Multiple conditions are evaluated by using a logical AND.'."\n", + 'description' => 'The query filter conditions. Multiple filter conditions are evaluated using a logical AND.', 'type' => 'object', 'properties' => [ 'DateRange' => [ - 'description' => 'The time range for the query.'."\n", + 'description' => 'The query time range.', 'type' => 'object', 'properties' => [ - 'StartDate' => [ - 'description' => 'The beginning of the time range to query. The value is a Unix timestamp. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'The end of the time range to query. The value is a Unix timestamp. Unit: seconds.', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888600'."\n", - ], + 'StartDate' => ['description' => 'The query data range cannot exceed the past 30 days. The start time used for querying data, expressed as a UNIX timestamp. Unit: seconds.'."\n" + ."\n\n" + .'> The start time must be later than the current time minus 30 days.'."\n" + .'> -', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end time used for querying data, expressed as a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''], ], 'required' => true, + 'title' => '', + 'example' => '', ], 'Conditions' => [ - 'description' => 'The filter conditions. Each object describes a filter condition.'."\n", + 'description' => 'The list of filter conditions. Each node describes a filter condition.', 'type' => 'array', 'items' => [ - 'description' => 'The filter condition. A condition consists of a **field name**, an **operator**, and **field content**.', + 'description' => 'The configuration of a single query condition. A query condition consists of a **field name**, an **operator**, and **filter values**. For the supported field names and operators in query conditions, see **Supplementary description of request parameters**.', 'type' => 'object', 'properties' => [ - 'Key' => [ - 'description' => 'The field name. This operation supports all fields. For details, see the **Supported field names** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'matched_host', - ], - 'OpValue' => [ - 'description' => 'The operator. For details, see the **Supported operators** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'eq', - ], - 'Values' => [ - 'description' => 'The field content.'."\n", - 'type' => 'any', - 'required' => false, - 'example' => 'test.waf-top'."\n", - ], + 'Key' => ['description' => 'The field name on which the filter operation is performed. This operation supports all fields.', 'type' => 'string', 'required' => false, 'example' => 'matched_host'."\n", 'title' => ''], + 'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''], + 'Values' => ['description' => 'The filter values.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top'."\n", 'title' => ''], ], 'required' => false, + 'title' => '', + 'example' => '', ], 'required' => false, + 'title' => '', + 'example' => '', ], ], 'required' => true, + 'title' => '', + 'example' => '', ], ], [ + 'name' => 'Limit', + 'in' => 'query', + 'schema' => ['description' => 'The number of data entries to return after the statistics are sorted in descending order. Maximum value: 10.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '10'."\n", 'title' => ''], + ], + [ 'name' => 'Metric', 'in' => 'query', - 'schema' => [ - 'description' => 'The metric whose time series data you want to return. The following metrics are supported:'."\n" - ."\n" - .'* mitigated_requests: The system returns the time series data of requests that are blocked.'."\n" - .'* monitored_requests: The system returns the time series data of requests that match Monitor protection rules.'."\n" - .'* mitigated_requests_group_by_defense_scene: The system returns the number of requests that match each protection module. The returned results are grouped by protection module and can be used to generate time series charts. A request can match multiple protection modules. Therefore, the total number of matched requests is inconsistent with the total number of requests.'."\n" - .'* mitigated_requests_group_by_block_defense_scene: The system returns the number of requests that are blocked by each protection module. The returned results are grouped by protection module and can be used to generate time series charts. A request can be blocked by only one protection module. Therefore, the total number of blocked requests is consistent with the total number of requests.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'mitigated_requests', - ], + 'schema' => ['description' => 'Specifies the type of data to return. Different Metric values correspond to different data content. The following Metric values are supported by this API operation:'."\n" + .'> The definition of "attack request" is described in the API operation description. The following descriptions reference this concept.'."\n" + ."\n" + .'- real_client_ip: performs aggregation and sorting of the source IP addresses of attack requests in descending order, and returns the top N entries.'."\n" + .'- http_user_agent: performs aggregation and sorting of the User-Agent values of attack requests in descending order, and returns the top N entries.'."\n" + .'- matched_host: performs aggregation and sorting of the protected objects hit by attack requests in descending order, and returns the top N entries.'."\n" + .'- remote_region_id: performs aggregation and sorting of the countries to which the source IP addresses of attack requests belong in descending order, and returns the top N entries.'."\n" + .'- request_path: performs aggregation and sorting of the URLs (excluding query strings) of attack requests in descending order, and returns the top N entries.'."\n" + .'- block_defense_scene: performs aggregation and sorting of the final action modules of blocked requests (whose action is not "monitor") in descending order, and returns the top N entries.'."\n" + .'- defense_scene: performs aggregation and sorting of all protection modules hit by attack requests in descending order, and returns the top N entries.'."\n" + .'- defense_scene_rule_id: queries the top rule IDs of hit non-monitor rules and the protection modules to which the rules belong. This query returns statistics only for non-monitor mode rules. The returned data format is as follows:<br>'."\n" + .' `{ "Attribute": "waf_base", "Value": 140, "Name": "111034" }`'."\n" + .'- defense_scene_with_rule_id: returns the top N rule IDs ranked by the number of hit requests and the protection modules to which the rules belong, connected by "-". This query does not distinguish between rule actions and includes both monitor rules and block rules. The returned format is as follows:<br>'."\n" + .' `{ "Attribute": "", "Value": 1, "Name": "120075-waf_base" }`'."\n" + .'- defense_scene_top_rule_id: queries the top rule hits of a specific protection module. Specify filter conditions in the Conditions field of Filter. For example, to query the top rule hits of the "custom ACL" module, set the Conditions field as follows:<br>'."\n" + .' `{ "Key": "defense_scene_map", "OpValue": "contain", "Values": "custom_acl" }`'."\n" + .'- defense_scene_rule_type: queries the top hit rule types of the web core protection module. Only the web core protection module supports this query because only web core protection has rule child classes. Specify filter conditions in the Conditions field of Filter. The format is as follows:<br>'."\n" + .'` { "Key": "defense_scene", "OpValue": "eq", "Values": "waf_base" }`', 'type' => 'string', 'required' => true, 'example' => 'real_client_ip', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: The Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.', - 'type' => 'string', - 'required' => false, - 'example' => 'ap-southeast-1'."\n", - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q'."\n", - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters. For more information, see the **Examples** section below.', + 'description' => 'The returned data result. For format examples, see **Examples**.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D827FCFE-90A7-4330-9326-*****4C7726', - ], - 'SecurityEventTimeSeries' => [ - 'description' => 'The time series data returned. This operation can return time series for multiple metrics.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-*****B4C7726'."\n", 'title' => ''], + 'SecurityEventTopNValues' => [ + 'description' => 'The array of top N statistics.', 'type' => 'array', 'items' => [ - 'description' => 'The time series. A time series consists of two arrays: Timestamps and Values. The Timestamps array contains fixed-interval time points. The Values array contains counts for the time points. The two arrays contain the same number of elements and support a one-to-one data point correspondence.'."\n", + 'description' => 'Each element corresponds to a top N statistics entry.', 'type' => 'object', 'properties' => [ - 'Metric' => [ - 'description' => 'The metric. This value is the same as the value of Metric in the request parameters.'."\n", - 'type' => 'string', - 'example' => 'monitored_requests', - ], - 'Timestamps' => [ - 'description' => 'The time points. Each point represents a time range.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The time point. The value is a Unix timestamp.', - 'type' => 'string', - 'example' => '[]', - ], - ], - 'Values' => [ - 'description' => 'The data points. Each point represents a count for a time range.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The data point. The value is a count.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '[]'."\n", - ], - ], + 'Name' => ['description' => 'The value of a specific field. The meaning varies depending on the queried Metric.', 'type' => 'string', 'example' => '10000', 'title' => ''], + 'Attribute' => ['description' => 'The additional information, such as the protection module to which a rule ID belongs.', 'type' => 'string', 'example' => 'waf_base'."\n", 'title' => ''], + 'Value' => ['description' => 'The statistical count used for top N sorting.', 'type' => 'integer', 'format' => 'int64', 'example' => '1111', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], - 'TimeSeriesMetaData' => [ - 'description' => 'The metadata of the time series data returned.'."\n", + 'TopNMetaData' => [ + 'description' => 'The metadata of the returned data.', 'type' => 'object', 'properties' => [ 'DateRange' => [ - 'description' => 'The time range that is used for the query.'."\n", + 'description' => 'The time range used for the query.', 'type' => 'object', 'properties' => [ - 'StartDate' => [ - 'description' => 'The beginning of the time range to query. The value is a Unix timestamp. Unit: seconds. This value is the same as the value of StartDate in the request parameters.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'The end of the time range to query. The value is a Unix timestamp. Unit: seconds. This value is the same as the value of EndDate in the request parameters.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888600'."\n", - ], + 'StartDate' => ['description' => 'The start time used for querying data, expressed as a UNIX timestamp. Unit: seconds. This value is the same as the StartDate in the request parameters.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''], + 'EndDate' => ['description' => 'The end time used for querying data, expressed as a UNIX timestamp. Unit: seconds. This value is the same as the EndDate in the request parameters.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], - 'AggregateInterval' => [ - 'description' => 'The time granularity of data points in the time series data returned. For example, a value of 15m indicates that data points are collected at 15-minute intervals. For more information about time granularities, see the **Time granularities of data points in time series** section below.', - 'type' => 'string', - 'example' => '1m', - ], - 'Units' => [ - 'description' => 'The unit of the statistics returned. It is fixed as requests.', - 'type' => 'string', - 'example' => 'requests', - ], + 'Units' => ['description' => 'The unit of the returned statistics.', 'type' => 'string', 'example' => 'requests'."\n", 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], 'errorCodes' => [ 400 => [ - [ - 'errorCode' => 'Waf.Report.%s', - 'errorMessage' => 'Invalid parameter:%s.', - ], - [ - 'errorCode' => 'Waf.Report.InternalError', - 'errorMessage' => 'Server error occurred in report service.', - ], + ['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'], + ['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-*****4C7726\\\\n\\",\\n \\"SecurityEventTimeSeries\\": [\\n {\\n \\"Metric\\": \\"monitored_requests\\",\\n \\"Timestamps\\": [\\n \\"[]\\"\\n ],\\n \\"Values\\": [\\n 0\\n ]\\n }\\n ],\\n \\"TimeSeriesMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"AggregateInterval\\": \\"1m\\",\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeSecurityEventTimeSeriesMetric', - 'description' => 'Attack traffic refers to the traffic of requests that match protection rules and are identified as risky. The following types of requests are excluded:'."\n" + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'Query top attack traffic statistics', + 'description' => 'Attack traffic refers to requests that have rule hits and are identified as risky. The following three types of data are excluded:'."\n" ."\n" - .'* Requests that match the protection rules of the whitelist module.'."\n" - .'* Requests that match the protection rules of the bot management module. The actions of the protection rules are set to Add Tag.'."\n" - .'* Requests that match protection rules with actions set to Dynamic Token-based Authentication, Slider CAPTCHA, Strict Slider CAPTCHA Verification, and JavaScript Validation, pass the verifications specified by the actions, and are allowed.'."\n", - 'requestParamsDescription' => '**Supported operators**'."\n" + .'- Requests that hit whitelist rules.'."\n" + .'- Requests that hit bot rules but whose rule action is set to "back-to-origin marking".'."\n" + .'- Requests that hit rules with actions set to "dynamic token", "slider", "strict slider", or "JS authenticate", but the user passes the verification and the requests are allowed.', + 'requestParamsDescription' => '**Operator description**'."\n" ."\n" .'|Operator|Meaning|Description|'."\n" - .'|---|---|---|'."\n" - .'|all-not-match|Does Not Equal Any Value|The field value does not equal any value in the data set. For example, you can use the following condition to query the real\\_client\\_ip fields whose value does not equal any value in the data set: `{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}`.|'."\n" - .'|contain|Contains|The field value contains a specific string. For example, you can use the following condition to query the URLs that contain the test string: `{"Key":"request_path","OpValue":"contain","Values":"test"}`.|'."\n" - .'|eq|Equals|The field value equals a specific string. For example, you can use the following condition to query the URLs that equal the /testcase string: `{"Key":"request_path","OpValue":"eq","Values":"/testcase"}`.|'."\n" - .'|match-one|Equals One of Multiple Values|The field value equals one of multiple values in the data set. For example, you can use the following condition to query the real\\_client\\_ip fields whose value equals one of multiple values in the data set: `{"Key":"real_client_ip","OpValue":"match-one","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}`.|'."\n" - .'|ne|Does Not Equal|The field value does not equal a specific string. For example, you can use the following condition to query the URLs that do not equal the /testcase string: `{"Key":"request_path","OpValue":"ne","Values":"/testcase"}`.|'."\n" - .'|not-contain|Does Not Contain|The field value does not contain a specific string. For example, you can use the following condition to query the URLs that do not contain the test string: `{"Key":"request_path","OpValue":"not-contain","Values":"test"}`.|'."\n" - .'|prefix-match|Prefix Match|The field value is prefixed with a specific string. For example, you can use the following condition to query the URLs that are prefixed with the /testcase string: `{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}`.|'."\n" - .'|suffix-match|Suffix Match|The field value is suffixed with a specific string. For example, you can use the following condition to query the URLs that are suffixed with the /testcase string: `{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}`.|'."\n" - ."\n" - .'**Supported field names**'."\n" + .'|----------|------------|------------|'."\n" + .'|all-not-match|Not equal to any value|The field value is not equal to any value in the data set. For example, to filter real_client_ip not equal to any value in the set:<br>`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}`|'."\n" + .'|contain|Contains|The field value contains a specific string. For example, to filter data where the URL contains "test":<br>`{"Key":"request_path","OpValue":"contain","Values":"test"}` |'."\n" + .'|eq|Equal to|The field value is equal to a specific string. For example, to filter data where the URL is "/testcase":<br>`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}`|'."\n" + .'|match-one|Equal to one of multiple values|The field value is equal to any value in the data set. For example, to filter real_client_ip equal to any value in the set:<br>`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}`|'."\n" + .'|ne|Not equal to|The field value is not equal to a specific string. For example, to filter statistics where the URL is not "/testcase":<br>`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n" + .'|not-contain|Does not contain|The field value does not contain a specific string. For example, to filter data where the URL does not contain "test":<br>`{"Key":"request_path","OpValue":"not-contain","Values":"test"}` |'."\n" + .'|prefix-match|Prefix match|The field value starts with a specific string. For example, to filter data where the URL starts with "/testcase":<br>`{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}`|'."\n" + .'|suffix-match | Suffix match| The field value ends with a specific string. For example, to filter data where the URL ends with "/testcase":<br>`{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}`|'."\n" + ."\n\n" + .'**Supported keys for filter conditions**'."\n" ."\n" - .'|Field name|Description|Supported operator|'."\n" - .'|---|---|---|'."\n" - .'|action|The action that is performed on the request.|ne and eq|'."\n" - .'|cluster|The protection cluster.|ne, eq, match-one, and all-not-match|'."\n" - .'|defense\\_scene|The protection module. A request may match multiple protection modules. The requests that are obtained by matching the value of this field may still match other protection modules.|ne and eq|'."\n" - .'|host|The Host header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|http\\_cookie|The Cookie header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|http\\_user\\_agent|The User-Agent header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|matched\\_host|The protected object.|ne, eq, match-one, and all-not-match|'."\n" - .'|real\\_client\\_ip|The source IP address of the request. Only IP addresses are supported. CIDR blocks are not supported.|ne, eq, match-one, and all-not-match|'."\n" - .'|remote\\_country\\_id|The country to which the source IP address of the HTTP request belongs.|ne, eq, match-one, and all-not-match|'."\n" - .'|remote\\_region\\_id|The province or city to which the source IP address of the HTTP request belongs.|ne, eq, match-one, and all-not-match|'."\n" - .'|request\\_method|The request method of the HTTP request.|ne, eq, match-one, and all-not-match|'."\n" - .'|request\\_path|The URL of the HTTP request, excluding the query string.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|request\\_traceid|The request ID, which is unique.|ne, eq, match-one, and all-not-match|'."\n" - .'|rule\\_id|The ID of the protection rule. A request may match multiple protection rules. The requests that are obtained by matching the value of this field may still match other protection rules.|ne and eq|', - 'responseParamsDescription' => '**Time granularities of data points in time series**'."\n" - ."\n" - .'The time granularities of data points in returned data vary based on the time range for the query.'."\n" - ."\n" - .'* Query time range: less than 3 hours '."\n" - .'</br>Time granularity: 1m, which indicates that data points are collected at 1-minute intervals'."\n" - .'* Query time range: [3 hours, 6 hours)'."\n" - .'</br>Time granularity: 5m, which indicates that data points are collected at 5-minute intervals'."\n" - .'* Query time range: [6 hours, 24 hours) '."\n" - .'</br>Time granularity: 15m, which indicates that data points are collected at 15-minute intervals'."\n" - .'* Query time range: [24 hours, 7 days) '."\n" - .'</br>Time granularity: 1h, which indicates that data points are collected at 1-hour intervals'."\n" - .'* Query time range: [7 days, 30 days) '."\n" - .'</br>Time granularity: 1d, which indicates that data points are collected at 1-day intervals', - ], - 'DescribeSecurityEventLogs' => [ - 'summary' => 'Queries the logs of attack traffic. Each log records the details of a request that matches protection rules.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'https', + .'|Field name|Field description|Supported operators|'."\n" + .'|----------|------------|------------|'."\n" + .'|action|The protection action, which is the final action taken on the request.|ne, eq|'."\n" + .'|cluster|The protection cluster.|ne, eq,<br>match-one,<br>all-not-match|'."\n" + .'|defense_scene |The protection module. A request may match multiple protection modules. Requests filtered by this field may also match other modules.|ne, eq|'."\n" + .'|host|The host in the HTTP header.|contain,<br>not-contain, ne, eq, match-one, all-not-match, prefix-match, suffix-match|'."\n" + .'|http_cookie|The cookie in the HTTP header.|contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match|'."\n" + .'|http_user_agent|The User-Agent obtained from the HTTP header.|contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match|'."\n" + .'|matched_host|The protected object.|ne, eq,<br>match-one,<br>all-not-match|'."\n" + .'|real_client_ip|The source IP address of the request. The parameter following the operator can only be an IP address string or a list of IP address strings. CIDR block queries are not supported.|ne, eq,<br>match-one,<br>all-not-match|'."\n" + .'|remote_country_id|The country to which the source IP address of the HTTP request belongs.|ne, eq,<br>match-one,<br>all-not-match|'."\n" + .'|remote_region_id|The province or city to which the source IP address of the HTTP request belongs.|ne, eq,<br>match-one,<br>all-not-match|'."\n" + .'|request_method|The HTTP request method.|ne, eq,<br>match-one,<br>all-not-match|'."\n" + .'|request_path|The HTTP request URL, excluding the query string.|contain,<br>not-contain, ne, eq, match-one,<br>all-not-match, prefix-match, suffix-match|'."\n" + .'|request_traceid |The unique ID that identifies the request.|ne, eq,<br>match-one,<br>all-not-match|'."\n" + .'|rule_id|The rule ID. A request may match multiple rules. Requests filtered by this field may also match other rules.|ne, eq|', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTopNMetric'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSecurityEventTopNMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-*****B4C7726\\\\n\\",\\n \\"SecurityEventTopNValues\\": [\\n {\\n \\"Name\\": \\"10000\\",\\n \\"Attribute\\": \\"waf_base\\\\n\\",\\n \\"Value\\": 1111\\n }\\n ],\\n \\"TopNMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]', + ], + 'DescribeSensitiveApiStatistic' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -29508,295 +23768,171 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '258811', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], - 'autoTest' => true, + 'abilityTreeCode' => '187678', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'Filter', + 'name' => 'MatchedHost', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => 'The filter conditions for the query. Multiple conditions are evaluated by using a logical AND.'."\n", - 'type' => 'object', - 'properties' => [ - 'DateRange' => [ - 'description' => 'The time range for the query.'."\n", - 'type' => 'object', - 'properties' => [ - 'StartDate' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888600'."\n", - ], - ], - 'required' => true, - ], - 'Conditions' => [ - 'description' => 'The filter conditions. Each object describes a filter condition.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The filter condition. A condition consists of a **field name**, an **operator**, and **field content**.', - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The field name. This operation supports all fields. For more information, see the **Supported field names** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'matched_host', - ], - 'OpValue' => [ - 'description' => 'The operator. For more information, see the **Supported operators** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'eq', - ], - 'Values' => [ - 'description' => 'The field content.'."\n", - 'type' => 'any', - 'required' => false, - 'example' => 'test.waf-top', - ], - ], - 'required' => false, - ], - 'required' => false, - ], - ], - 'required' => true, - ], + 'schema' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'required' => false, 'example' => 'a.***.com', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Maximum value: **100**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '10', - ], + 'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC) in seconds.'."\n" + .'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''], + ], + [ + 'name' => 'EndTime', + 'in' => 'query', + 'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC) in seconds.'."\n" + ."\n" + .'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''], ], [ 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The page number to return in a paged query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '25', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '269', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: The Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.', - 'type' => 'string', - 'required' => false, - 'example' => 'ap-southeast-1'."\n", - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q'."\n", - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'Type', + 'in' => 'query', + 'schema' => ['description' => 'The dimension for statistics. Valid values:'."\n" + ."\n" + .'- **matchedHost** (default): statistics by domain name.'."\n" + ."\n" + .'- **apiFormat**: statistics by API operation.'."\n" + ."\n" + .'> When the **apiFormat** dimension is used, specify the corresponding domain name in the **MatchedHost** parameter.', 'type' => 'string', 'default' => 'matchedHost', 'required' => false, 'example' => 'matchedHost', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.', + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C7726'."\n", - ], - 'SecurityEventLogs' => [ - 'description' => 'The attack logs returned.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Data' => [ + 'description' => 'The statistics list.', 'type' => 'array', 'items' => [ - 'description' => 'The attack log. Each log records a request. For more information, see the **Log fields** section below.', - 'type' => 'any', - 'enumValueTitles' => [], - 'example' => '{'."\n" - .' "remote_region_id": "110000",'."\n" - .' "plugin_matched_detail_waf_group": "{\\"uri\\":{\\"hit\\":[\\"/.git/\\"],\\"raw\\":\\"/.git/\\"}}",'."\n" - .' "plugin_matched_block_rule_detail": "[{\\"RuleId\\":\\"12***5\\",\\"Action\\":\\"block\\",\\"DefenseScene\\":\\"waf_base\\",\\"RuleType\\":\\"other\\"}]",'."\n" - .' "querystring": "-",'."\n" - .' "matched_host": "i-8vbaazr2tboqsq******-443-ecs",'."\n" - .' "remote_country_id": "CN",'."\n" - .' "remote_isp_id": "100098",'."\n" - .' "request_method": "GET",'."\n" - .' "plugin_matched_test_rule_detail": "[]",'."\n" - .' "request_traceid": "0b6261221742197109309484******",'."\n" - .' "dst_port": "0",'."\n" - .' "host": "39.99.XX.XX",'."\n" - .' "real_client_ip": "47.92.XX.XX",'."\n" - .' "request_path": "/.git/HEAD",'."\n" - .' "server_protocol": "HTTP/1.1",'."\n" - .' "timestamp": "1742197109"'."\n" - .' }', - ], - ], - 'SecurityEventMetaData' => [ - 'description' => 'The metadata of the time series data returned.'."\n", - 'type' => 'object', - 'properties' => [ - 'DateRange' => [ - 'description' => 'The time range that is used for the query.'."\n", - 'type' => 'object', - 'properties' => [ - 'StartDate' => [ - 'description' => 'The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds. This value is the same as the value of StartDate in the request parameters.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'The end of the time range to query. The value is a UNIX timestamp. Unit: seconds. This value is the same as the value of EndDate in the request parameters.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888600'."\n", + 'description' => 'The statistics information.', + 'type' => 'object', + 'properties' => [ + 'SensitiveOutboundCount' => ['description' => 'The number of outbound sensitive personal information items at the domain name level.', 'type' => 'integer', 'format' => 'int64', 'example' => '127', 'title' => ''], + 'MatchedHost' => ['description' => 'The domain name or IP address.', 'type' => 'string', 'example' => 'www.***.top', 'title' => ''], + 'List' => [ + 'description' => 'The list of API operation statistics information under the domain name.'."\n" + ."\n" + .'> This field is returned only when the **Type** parameter is set to **apiFormat**, which represents the API dimension statistics information.', + 'type' => 'array', + 'items' => [ + 'description' => 'The API operation statistics information under the domain name.', + 'type' => 'object', + 'properties' => [ + 'SensitiveCode' => [ + 'description' => 'The list of sensitive data types.', + 'type' => 'array', + 'items' => ['description' => 'The sensitive data type.', 'type' => 'string', 'example' => '1003', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/login', 'title' => ''], + 'SensitiveCount' => ['description' => 'The number of outbound sensitive personal information items at the API level.', 'type' => 'integer', 'format' => 'int64', 'example' => '55', 'title' => ''], + 'ApiId' => ['description' => 'The ID of the API operation.', 'type' => 'string', 'example' => 'd288137009c119a873d4c395****', 'title' => ''], + 'InfoCount' => ['description' => 'The number of outbound personal information entries at the API level.', 'type' => 'integer', 'format' => 'int64', 'example' => '78', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], + 'InfoOutboundCount' => ['description' => 'The number of outbound personal information entries at the domain name level.', 'type' => 'integer', 'format' => 'int64', 'example' => '213', 'title' => ''], ], - 'Units' => [ - 'description' => 'The unit of the statistics returned. The value is fixed as requests.', - 'type' => 'string', - 'example' => 'requests', - ], + 'title' => '', + 'example' => '', ], - ], - 'SecurityEventLogsTotalCount' => [ - 'description' => 'The total number of logs returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Report.%s', - 'errorMessage' => 'Invalid parameter:%s.', - ], - [ - 'errorCode' => 'Waf.Report.InternalError', - 'errorMessage' => 'Server error occurred in report service.', - ], - ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-******4C7726\\\\n\\",\\n \\"SecurityEventLogs\\": [\\n \\"参见返回数据示例\\"\\n ],\\n \\"SecurityEventMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\"\\n },\\n \\"SecurityEventLogsTotalCount\\": 1000\\n}","type":"json"}]', - 'title' => 'DescribeSecurityEventLogs', - 'description' => 'Attack traffic refers to the traffic of requests that match protection rules and are identified as risky. The following types of requests are excluded:'."\n" - ."\n" - .'* Requests that match the protection rules of the whitelist module.'."\n" - .'* Requests that match the protection rules of the bot management module. The actions of the protection rules are set to Add Tag.'."\n" - .'* Requests that match protection rules with actions set to Dynamic Token-based Authentication, Slider CAPTCHA, Strict Slider CAPTCHA Verification, and JavaScript Validation, pass the verifications specified by the actions, and are allowed.'."\n", - 'requestParamsDescription' => '**Supported operators**'."\n" - ."\n" - .'|Operator|Meaning|Description|'."\n" - .'|---|---|---|'."\n" - .'|all-not-match|Does Not Equal Any Value|The field value does not equal any value in the data set. For example, you can use the following condition to query the real\\_client\\_ip fields whose value does not equal any value in the data set:`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}`.|'."\n" - .'|contain|Contains|The field value contains a specific string. For example, you can use the following condition to query the URLs that contain the test string:`{"Key":"request_path","OpValue":"contain","Values":"test"}`.|'."\n" - .'|eq|Equals|The field value equals a specific string. For example, you can use the following condition to query the URLs that equal the /testcase string:`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}`.|'."\n" - .'|match-one|Equals One of Multiple Values|The field value equals one of multiple values in the data set. For example, you can use the following condition to query the real\\_client\\_ip fields whose value equals one of multiple values in the data set:`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}`.|'."\n" - .'|ne|Does Not Equal|The field value does not equal a specific string. For example, you can use the following condition to query the URLs that do not equal the /testcase string:`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}`.|'."\n" - .'|not-contain|Does Not Contain|The field value does not contain a specific string. For example, you can use the following condition to query the URLs that do not contain the test string:`{"Key":"request_path","OpValue":"not-contain","Values":"test"}`.|'."\n" - .'|prefix-match|Prefix Match|The field value is prefixed with a specific string. For example, you can use the following condition to query the URLs that are prefixed with the /testcase string:`{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}`.|'."\n" - .'|suffix-match|Suffix Match|The field value is suffixed with a specific string. For example, you can use the following condition to query the URLs that are suffixed with the /testcase string:`{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}`.|'."\n" - ."\n" - .'**Supported field names**'."\n" - ."\n" - .'|Field name|Description|Supported operator|'."\n" - .'|---|---|---|'."\n" - .'|action|The action that is performed on the request.|ne and eq|'."\n" - .'|cluster|The protection cluster.|ne, eq, match-one, and all-not-match|'."\n" - .'|defense\\_scene|The protection module. A request may match multiple protection modules. The requests that are obtained by matching the value of this field may still match other protection modules.|ne and eq|'."\n" - .'|host|The Host header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|http\\_cookie|The Cookie header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|http\\_user\\_agent|The User-Agent header field of the HTTP request.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|matched\\_host|The protected object.|ne, eq, match-one, and all-not-match|'."\n" - .'|real\\_client\\_ip|The source IP address of the request. Only IP addresses are supported. CIDR blocks are not supported.|ne, eq, match-one, and all-not-match|'."\n" - .'|remote\\_country\\_id|The country to which the source IP address of the HTTP request belongs.|ne, eq, match-one, and all-not-match|'."\n" - .'|remote\\_region\\_id|The province or city to which the source IP address of the HTTP request belongs.|ne, eq, match-one, and all-not-match|'."\n" - .'|request\\_method|The request method of the HTTP request.|ne, eq, match-one, and all-not-match|'."\n" - .'|request\\_path|The URL of the HTTP request, excluding the query string.|contain, not-contain, ne, eq, match-one, all-not-match, prefix-match, and suffix-match|'."\n" - .'|request\\_traceid|The request ID, which is unique.|ne, eq, match-one, and all-not-match|'."\n" - .'|rule\\_id|The ID of the protection rule. A request may match multiple protection rules. The requests that are obtained by matching the value of this field may still match other protection rules.|ne and eq|', - 'responseParamsDescription' => '**Log fields**'."\n" - ."\n" - .'|Field name|Description|Example|'."\n" - .'|---|---|---|'."\n" - .'|dst\\_port|The destination port that is requested.|0|'."\n" - .'|host|The Host header field of the client request. The field contains the domain name or IP address that is accessed. The value of this field varies based on your service settings.|39.99.XX.XX|'."\n" - .'|matched\\_host|The protected object that is matched by the client request. The protected object can be a cloud service instance or a domain name.|i-8vbaazr2tboqsq******-443-ecs|'."\n" - .'|plugin\\_matched\\_detail\\_waf\\_group|The details of the matched protection rules of the core web protection module, including the reason why the protection rules are matched.|{\\"uri\\":{\\"hit\\":[\\"/.git/\\"],\\"raw\\":\\"/.git/\\"}}|'."\n" - .'|plugin\\_matched\\_block\\_rule\\_detail|The details of the matched protection rules whose actions are not set to Monitor, including the IDs and actions of the protection rules and the related protection modules.|[{\\"RuleId\\":\\"12***5\\",\\"Action\\":\\"block\\",\\"DefenseScene\\":\\"waf_base\\",\\"RuleType\\":\\"other\\"}]|'."\n" - .'|plugin\\_matched\\_test\\_rule\\_detail|The details of the matched protection rules whose actions are set to Monitor, including the IDs and actions of the protection rules and the related protection modules.|[]|'."\n" - .'|querystring|The query string of the client request. The query string refers to the part that follows the question mark (?) in the URL of the request.|-|'."\n" - .'|remote\\_region\\_id|The ID of the province to which the source IP address belongs.|110000|'."\n" - .'|remote\\_country\\_id|The ID of the country to which the source IP address belongs.|CN|'."\n" - .'|remote\\_isp\\_id|The ID of the data center to which the source IP address belongs.|100098|'."\n" - .'|request\\_method|The request method.|GET|'."\n" - .'|request\\_traceid|The unique identifier that is generated by WAF for the client request.|0b6261221742197109309484******|'."\n" - .'|real\\_client\\_ip|The originating IP address of the client that sends the request. WAF performs request analysis to obtain the IP address.|47.92.XX.XX|'."\n" - .'|request\\_path|The relative path that is requested. The relative path refers to the part between the domain name and the question mark (?) in the URL of the request. The relative path does not include the query string.|/.git/HEAD|'."\n" - .'|server\\_protocol|The protocol that is used for communication between the client and WAF.|HTTP/1.1|'."\n" - .'|timestamp|The time when the request was processed by WAF. The value is a UNIX timestamp.|1742197109|', - ], - 'DescribeNetworkFlowTopNMetric' => [ - 'summary' => 'Retrieves top aggregated traffic statistics, sorted by various dimensions, including malicious and legitimate requests.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query statistics on sites and API operations that involve personal information', + 'summary' => 'Queries statistics on sites and API operations that involve personal information.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveApiStatistic'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveApiStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 127,\\n \\"MatchedHost\\": \\"www.***.top\\",\\n \\"List\\": [\\n {\\n \\"SensitiveCode\\": [\\n \\"1003\\"\\n ],\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"SensitiveCount\\": 55,\\n \\"ApiId\\": \\"d288137009c119a873d4c395****\\",\\n \\"InfoCount\\": 78\\n }\\n ],\\n \\"InfoOutboundCount\\": 213\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeSensitiveDetectionResult' => [ + 'summary' => 'Queries the detection results of API security compliance requirements.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -29807,263 +23943,149 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '258808', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], - 'autoTest' => true, + 'abilityTreeCode' => '187711', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The Web Application Firewall (WAF) instance ID.'."\n" - ."\n" - .'> Call the [DescribeInstanceInfo](~~140857~~) operation to retrieve the WAF instance ID.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****'."\n", - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****', 'title' => ''], ], [ - 'name' => 'Filter', + 'name' => 'StartTime', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => 'An array of filter conditions. Multiple filter parameters use AND logic.'."\n", - 'type' => 'object', - 'properties' => [ - 'DateRange' => [ - 'description' => 'Specifies the date range for the query.'."\n", - 'type' => 'object', - 'properties' => [ - 'StartDate' => [ - 'description' => 'Start time of the query range (Unix timestamp, seconds).', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'End time of the query range (Unix timestamp, seconds).', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1713888600'."\n", - ], - ], - 'required' => true, - ], - 'Conditions' => [ - 'description' => 'The list of filter conditions. Each node describes a filter condition.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'Each condition object must specify a filter field (**Key**), a filter operator (**OpValue**), and filter content (**Values**).', - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'description' => 'The filter fields. Valid values:'."\n" - ."\n" - .'* matched_host'."\n" - .'* cluster'."\n" - ."\n" - .'For details, see the **Filter fields (Key)** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'matched_host', - ], - 'OpValue' => [ - 'description' => 'The filter operator.'."\n" - .'For details, see the **Filter operators (OpValue)** section below.', - 'type' => 'string', - 'required' => false, - 'example' => 'eq', - ], - 'Values' => [ - 'description' => 'The filter content.'."\n", - 'type' => 'any', - 'required' => false, - 'example' => 'test.waf-top'."\n", - ], - ], - 'required' => false, - ], - 'required' => false, - ], - ], - 'required' => true, - ], + 'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''], ], [ - 'name' => 'Limit', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'Returns up to 10 data entries, sorted in descending order.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '10', - ], + 'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''], ], [ - 'name' => 'Metric', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies the data type to be returned. Valid values:'."\n" - ."\n" - .'* real_client_ip: The top N requests, sorted in descending order by source IP address, aggregated from all the current user\'s WAF requests.'."\n" - .'* request_path: The top N requests, sorted in descending order by user-agent, aggregated from all the current user\'s WAF requests.'."\n" - .'* request_path: The top N requests, sorted in descending order by request URL, aggregated from all the current user\'s WAF requests.'."\n" - .'* matched_host_by_total_requests: The top N protected objects and their request counts for the current user.'."\n" - .'* matched_host_by_qps: The top N protected objects and their queries per second (QPS) values.'."\n" - .'* matched_host_by_status: When using it, you must specify status in the Conditions field of the Filter parameter. If the HTTP response code returned by WAF matches the status specified in the Conditions, then the top N data is returned, sorted in descending order by protected objects. The format for specifying the status is as follows:\\'."\n" - .' {"Key":"status","OpValue":"eq","Values":"200"}'."\n" - .'* matched_host_by_upstream_status: When using it, you must specify upstream_status in the Conditions field of the Filter parameter. If the HTTP response code returned by the origin server matches the upstream_status specified, the top N data is returned, sorted in descending order by protected objects. The format for specifying the upstream_status is as follows:\\'."\n" - .' {"Key":"upstream_status","OpValue":"eq","Values":"200"}', - 'type' => 'string', - 'required' => true, - 'example' => 'matched_host_by_upstream_status', - ], + 'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: The Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'ap-southeast-1'."\n", - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The resource group ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q'."\n", - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned data.', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C7726', - ], - 'NetworkFlowTopNValues' => [ - 'description' => 'The top statistical data array returned.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'Each data point corresponds to a single top statistic.'."\n", - 'type' => 'object', - 'properties' => [ - 'Name' => [ - 'description' => 'The value of this field varies depending on the queried Metric.'."\n", - 'type' => 'string', - 'example' => '127.0.0.1'."\n", - ], - 'Attribute' => [ - 'description' => 'Returns additional information, such as the country, province, or city to which an IP address belongs.', - 'type' => 'string', - 'example' => '""', - ], - 'Value' => [ - 'description' => 'Counts for top ranking.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1123', - ], - ], - ], - ], - 'TopNMetaData' => [ - 'description' => 'The metadata of the returned data.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Data' => [ + 'description' => 'The compliance detection results.', 'type' => 'object', 'properties' => [ - 'DateRange' => [ - 'description' => 'The query time range.'."\n", - 'type' => 'object', - 'properties' => [ - 'StartDate' => [ - 'description' => 'The start time of the query range (Unix timestamp, seconds). Same as the StartDate request parameter.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888000'."\n", - ], - 'EndDate' => [ - 'description' => 'The end time of the query range (Unix timestamp, seconds). Same as the EndDate request parameter.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1713888600'."\n", + 'Result' => [ + 'description' => 'The compliance detection list.', + 'type' => 'array', + 'items' => [ + 'description' => 'The compliance detection information.', + 'type' => 'object', + 'properties' => [ + 'Max' => [ + 'description' => 'The maximum values of sensitive data type statistics.', + 'type' => 'object', + 'properties' => [ + 'SensitiveCode' => ['description' => 'The sensitive data type with the highest count.', 'type' => 'integer', 'format' => 'int64', 'example' => '1003', 'title' => ''], + 'OutboundCount' => ['description' => 'The number of cross-border personal information records corresponding to the sensitive data type with the highest count.', 'type' => 'integer', 'format' => 'int64', 'example' => '54', 'title' => ''], + 'InfoCount' => ['description' => 'The number of personal information records corresponding to the sensitive data type with the highest count.', 'type' => 'integer', 'format' => 'int64', 'example' => '187', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'DetectionResult' => ['description' => 'The compliance detection result. Valid values: '."\n" + .'- **report**: A data cross-border transfer risk exists.'."\n" + .'- **none**: No data cross-border transfer risk exists.', 'type' => 'string', 'example' => 'report', 'title' => ''], + 'List' => [ + 'description' => 'The detection list of sensitive data types.', + 'type' => 'array', + 'items' => [ + 'description' => 'The detection information of a sensitive data type.', + 'type' => 'object', + 'properties' => [ + 'SensitiveCode' => ['description' => 'The sensitive data type.', 'type' => 'integer', 'format' => 'int64', 'example' => '1002', 'title' => ''], + 'OutboundCount' => ['description' => 'The number of cross-border personal information records.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''], + 'InfoCount' => ['description' => 'The number of personal information records.', 'type' => 'integer', 'format' => 'int64', 'example' => '11', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', + ], ], + 'title' => '', + 'example' => '', ], - ], - 'Units' => [ - 'description' => 'The unit of the returned data. It is fixed as requests.', - 'type' => 'string', - 'example' => 'requests', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'Waf.Report.%s', - 'errorMessage' => 'Invalid parameter:%s.', - ], - [ - 'errorCode' => 'Waf.Report.InternalError', - 'errorMessage' => 'Server error occurred in report service.', - ], - ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-******4C7726\\",\\n \\"NetworkFlowTopNValues\\": [\\n {\\n \\"Name\\": \\"127.0.0.1\\",\\n \\"Attribute\\": \\" CN\\",\\n \\"Value\\": 1123\\n }\\n ],\\n \\"TopNMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeNetworkFlowTopNMetric', - 'requestParamsDescription' => '**Filter fields (Key)**'."\n" - ."\n" - .'|Field|Description|Supported filter operators|'."\n" - .'|---|---|---|'."\n" - .'|cluster|The protection cluster.|ne, eq, match-one, and all-not-match|'."\n" - .'|matched\\_host|The protected object.|ne, eq, match-one, and all-not-match|'."\n" - ."\n" - .'**Filter operators (OpValue)**'."\n" - ."\n" - .'|Filter operator|Semantics|Description|'."\n" - .'|---|---|---|'."\n" - .'|all-not-match|Does not equal any value|Checks if the value is not equal to any data in the data set. For example, `{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` will exclude 1.XX.XX.1, 2.XX.XX.2, and 3.XX.XX.3 from real_client_ip.|'."\n" - .'|eq|Equals|Checks if the value of a key is equal to a specific string. For example, `{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` will match any request_path whose URL is equal to "/testcase".|'."\n" - .'|match-one|Equals one of multiple values|Checks if the value is equal to any data in the data set. For example, `{"Key":"real_client_ip","OpValue":"match-one","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` will include data where real_client_ip is 1.XX.XX.1, 2.XX.XX.2, or 3.XX.XX.3.|'."\n" - .'|ne|Does not equal|Checks if the value of a key is not equal to a specific string. For example, `{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` will match any request_path whose URL is not equal to "/testcase".|', - ], - 'DescribeFlowChart' => [ - 'summary' => 'Queries the traffic statistics of requests that are forwarded to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query API security compliance detection results', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveDetectionResult'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveDetectionResult', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": {\\n \\"Result\\": [\\n {\\n \\"Max\\": {\\n \\"SensitiveCode\\": 1003,\\n \\"OutboundCount\\": 54,\\n \\"InfoCount\\": 187\\n },\\n \\"DetectionResult\\": \\"report\\",\\n \\"List\\": [\\n {\\n \\"SensitiveCode\\": 1002,\\n \\"OutboundCount\\": 6,\\n \\"InfoCount\\": 11\\n }\\n ]\\n }\\n ]\\n }\\n}","type":"json"}]', + ], + 'DescribeSensitiveOutboundDistribution' => [ + 'summary' => 'Queries the distribution of outbound traffic that contains personal information.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -30074,267 +24096,116 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '187676', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ - 'name' => 'EndTimestamp', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds. The time is in Coordinated Universal Time (UTC).'."\n" + ."\n" + .'> Compliance review supports queries for the last month, the last 3 months, the last 6 months, the last 12 months, and the period from January 1 of the previous year to the present. Make sure that the specified time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''], ], [ - 'name' => 'Interval', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The time interval. Unit: seconds. The value must be an integral multiple of 60.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '300', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. The time is in UTC.'."\n" + ."\n" + .'> Compliance review supports queries for the last month, the last 3 months, the last 6 months, the last 12 months, and the period from January 1 of the previous year to the present. Make sure that the specified time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''], ], [ - 'name' => 'Resource', - 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], - ], - [ - 'name' => 'InstanceId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '443', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'BFA71416-670E-585D-AAE6-E7BBEE248FAB', - ], - 'FlowChart' => [ - 'description' => 'The traffic statistics.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Data' => [ + 'description' => 'A list of outbound traffic distributions that contain personal information.', 'type' => 'array', 'items' => [ - 'description' => 'The traffic statistics.'."\n", + 'description' => 'Information about outbound traffic that contains personal information.', 'type' => 'object', 'properties' => [ - 'MaxPv' => [ - 'description' => 'The peak traffic.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2932', - ], - 'AntibotBlockSum' => [ - 'description' => 'The number of requests that are blocked by bot management rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'CcCustomReportsSum' => [ - 'description' => 'The number of requests that are monitored by custom HTTP flood protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'RatelimitBlockSum' => [ - 'description' => 'The number of requests that are blocked by rate limiting rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'BlacklistBlockSum' => [ - 'description' => 'The number of requests that are blocked by the IP address blacklist.'."\n", - 'type' => 'string', - 'example' => '0', - ], - 'CcSystemBlocksSum' => [ - 'description' => 'The number of requests that are blocked by HTTP flood protection rules created by the system.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'BlacklistReportsSum' => [ - 'description' => 'The number of requests that are monitored by the IP address blacklist.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'Index' => [ - 'description' => 'The serial number of the time interval. The serial numbers are arranged in chronological order.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RobotCount' => [ - 'description' => 'The total number of bot requests.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1110', - ], - 'Count' => [ - 'description' => 'The total number of requests.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2932', - ], - 'RegionBlockReportsSum' => [ - 'description' => 'The number of requests that are monitored by region blacklist rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'AntiScanBlockSum' => [ - 'description' => 'The number of requests that are blocked by scan protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'CcSystemReportsSum' => [ - 'description' => 'The number of requests that are monitored by HTTP flood protection rules created by the system.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'AntibotReportSum' => [ - 'description' => 'The number of requests that are monitored by bot management rules.'."\n", - 'type' => 'string', - 'example' => '0', - ], - 'InBytes' => [ - 'description' => 'The total number of requests that are redirected to the WAF instance.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '121645464', - ], - 'WafBlockSum' => [ - 'description' => 'The number of requests that are blocked by basic protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'CcCustomBlockSum' => [ - 'description' => 'The number of requests that are blocked by custom HTTP flood protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'AntiscanReportsSum' => [ - 'description' => 'The number of requests that are monitored by scan protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'AclCustomBlockSum' => [ - 'description' => 'The number of requests that are blocked by custom access control list (ACL) rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'RatelimitReportSum' => [ - 'description' => 'The number of requests that are monitored by rate limiting rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'WafReportSum' => [ - 'description' => 'The number of requests that are monitored by basic protection rules.'."\n", - 'type' => 'string', - 'example' => '0', - ], - 'AclCustomReportsSum' => [ - 'description' => 'The number of requests that are monitored by custom ACL rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'OutBytes' => [ - 'description' => 'The total number of requests that are forwarded by the WAF instance.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1200540464', - ], - 'RegionBlockBlocksSum' => [ - 'description' => 'The number of requests that are blocked by region blacklist rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], + 'SensitiveOutboundCount' => ['description' => 'The number of outbound sensitive information entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '144', 'title' => ''], + 'Country' => ['description' => 'The destination country.', 'type' => 'string', 'example' => 'US', 'title' => ''], + 'InfoOutboundCount' => ['description' => 'The number of outbound personal information entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '213', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BFA71416-670E-585D-AAE6-E7BBEE248FAB\\",\\n \\"FlowChart\\": [\\n {\\n \\"MaxPv\\": 2932,\\n \\"AntibotBlockSum\\": 0,\\n \\"CcCustomReportsSum\\": 0,\\n \\"RatelimitBlockSum\\": 0,\\n \\"BlacklistBlockSum\\": \\"0\\",\\n \\"CcSystemBlocksSum\\": 0,\\n \\"BlacklistReportsSum\\": 0,\\n \\"Index\\": 10,\\n \\"RobotCount\\": 1110,\\n \\"Count\\": 2932,\\n \\"RegionBlockReportsSum\\": 0,\\n \\"AntiScanBlockSum\\": 0,\\n \\"CcSystemReportsSum\\": 0,\\n \\"AntibotReportSum\\": \\"0\\",\\n \\"InBytes\\": 121645464,\\n \\"WafBlockSum\\": 0,\\n \\"CcCustomBlockSum\\": 0,\\n \\"AntiscanReportsSum\\": 0,\\n \\"AclCustomBlockSum\\": 0,\\n \\"RatelimitReportSum\\": 0,\\n \\"WafReportSum\\": \\"0\\",\\n \\"AclCustomReportsSum\\": 0,\\n \\"OutBytes\\": 1200540464,\\n \\"RegionBlockBlocksSum\\": 0\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeFlowChart', - ], - 'DescribePeakTrend' => [ - 'summary' => 'Queries the queries per second (QPS) statistics of a WAF instance.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeSensitiveOutboundDistribution', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveOutboundDistribution', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 144,\\n \\"Country\\": \\"US\\",\\n \\"InfoOutboundCount\\": 213\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeSensitiveOutboundStatistic' => [ + 'summary' => 'Queries statistics about outbound transfers of personal information.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -30345,163 +24216,200 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '187677', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'EndTimestamp', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386340', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp that is in UTC. Unit: seconds.'."\n" + ."\n" + .'> The compliance assessment feature supports querying data from the last month, the last 3 months, the last 6 months, the last 12 months, and from January 1 of the previous year to the present. Make sure that the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''], ], [ - 'name' => 'Interval', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The time interval. Unit: seconds. The value must be an integral multiple of 60.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '300', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp that is in UTC. Unit: seconds.'."\n" + ."\n" + .'> The compliance assessment feature supports querying data from the last month, the last 3 months, the last 6 months, the last 12 months, and from January 1 of the previous year to the present. Make sure that the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'SensitiveType', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The type of information to query. Valid values:'."\n" + ."\n" + .'- **info**: all personal information. This is the default value.'."\n" + ."\n" + .'- **sensitive**: only sensitive personal information.', 'type' => 'string', 'required' => false, 'example' => 'info', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'SensitiveLevel', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The sensitivity level. Valid values:'."\n" + ."\n" + .'- **high**: high.'."\n" + ."\n" + .'- **medium**: medium.'."\n" + ."\n" + .'- **low**: low.', 'type' => 'string', 'required' => false, 'example' => 'high', 'title' => ''], + ], + [ + 'name' => 'SensitiveCode', + 'in' => 'query', + 'schema' => ['description' => 'The type of sensitive data. Separate multiple types with commas (,).'."\n" + ."\n" + .'> Call the [DescribeApisecRules](~~2859155~~) operation to obtain the supported sensitive data types. This parameter supports only built-in sensitive data types.', 'type' => 'string', 'required' => false, 'example' => '1000,1001', 'title' => ''], + ], + [ + 'name' => 'DetectionResult', + 'in' => 'query', + 'schema' => ['description' => 'The assessment result. Valid values:'."\n" + ."\n" + .'- **report**: a data outbound transfer threat exists.'."\n" + ."\n" + .'- **none**: no data outbound transfer threat exists.', 'type' => 'string', 'required' => false, 'example' => 'report', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '25', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'OrderKey', + 'in' => 'query', + 'schema' => ['description' => 'The field to use for sorting. Valid values:'."\n" + ."\n" + .'- **total\\_count**: sorts by the total number of personal information data entries. This is the default value.'."\n" + ."\n" + .'- **outbound\\_count**: sorts by the total number of outbound transfer data entries.', 'type' => 'string', 'required' => false, 'example' => 'total_count', 'title' => ''], + ], + [ + 'name' => 'OrderWay', + 'in' => 'query', + 'schema' => ['description' => 'The sorting order. Valid values:'."\n" + ."\n" + .'- **desc**: descending order. This is the default value.'."\n" + ."\n" + .'- **asc**: ascending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter is available only for hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', - ], - 'FlowChart' => [ - 'description' => 'An array of the QPS statistics of the WAF instance.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned for outbound transfer statistics.', 'type' => 'integer', 'format' => 'int64', 'example' => '5', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''], + 'Data' => [ + 'description' => 'The list of statistics on outbound transfers of personal information.', 'type' => 'array', 'items' => [ - 'description' => 'The QPS statistics of the WAF instance.'."\n", + 'description' => 'The statistics on outbound transfers for a specific sensitive data type.', 'type' => 'object', 'properties' => [ - 'AntiScanSum' => [ - 'description' => 'The number of requests that are monitored or blocked by the scan protection module.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'AclSum' => [ - 'description' => 'The number of requests that are monitored or blocked by the custom rule (access control) module.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'WafSum' => [ - 'description' => 'The number of requests that are monitored or blocked by the regular expression protection engine.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'CcSum' => [ - 'description' => 'The number of requests that are monitored or blocked by the HTTP flood protection module.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - 'Index' => [ - 'description' => 'The serial number of the time interval. The serial numbers are arranged in chronological order.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'Count' => [ - 'description' => 'The total number of requests.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2622', - ], + 'SensitiveLevel' => ['description' => 'The sensitivity level. Valid values:'."\n" + ."\n" + .'- **high**: high.'."\n" + ."\n" + .'- **medium**: medium.'."\n" + ."\n" + .'- **low**: low.', 'type' => 'string', 'example' => 'high', 'title' => ''], + 'SensitiveCode' => ['description' => 'The code that represents the type of sensitive data.'."\n" + ."\n" + .'> Call the [DescribeApisecRules](~~2859155~~) operation to obtain the supported sensitive data types.', 'type' => 'integer', 'format' => 'int64', 'example' => '1001', 'title' => ''], + 'OutboundCount' => ['description' => 'The number of outbound transfer data entries for the sensitive data type.', 'type' => 'integer', 'format' => 'int64', 'example' => '300', 'title' => ''], + 'DetectionResult' => ['description' => 'The assessment result. Valid values:'."\n" + ."\n" + .'- **report**: a data outbound transfer threat exists.'."\n" + ."\n" + .'- **none**: no data outbound transfer threat exists.', 'type' => 'string', 'example' => 'report', 'title' => ''], + 'SensitiveType' => ['description' => 'The type of information. Valid values:'."\n" + ."\n" + .'- **info**: all personal information.'."\n" + ."\n" + .'- **sensitive**: only sensitive personal information.', 'type' => 'string', 'example' => 'info', 'title' => ''], + 'InfoCount' => ['description' => 'The total number of personal information data entries detected.', 'type' => 'integer', 'format' => 'int64', 'example' => '546', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\",\\n \\"FlowChart\\": [\\n {\\n \\"AntiScanSum\\": 0,\\n \\"AclSum\\": 0,\\n \\"WafSum\\": 0,\\n \\"CcSum\\": 0,\\n \\"Index\\": 10,\\n \\"Count\\": 2622\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribePeakTrend', - ], - 'DescribeResponseCodeTrendGraph' => [ - 'summary' => 'Queries the trend of the number of error codes that are returned to clients or Web Application Firewall (WAF). The error codes include 302, 405, 444, 499, and 5XX.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'DescribeSensitiveOutboundStatistic', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveOutboundStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveLevel\\": \\"high\\",\\n \\"SensitiveCode\\": 1001,\\n \\"OutboundCount\\": 300,\\n \\"DetectionResult\\": \\"report\\",\\n \\"SensitiveType\\": \\"info\\",\\n \\"InfoCount\\": 546\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeSensitiveOutboundTrend' => [ + 'summary' => 'Queries the trend of cross-border transfer of personal information data.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -30512,176 +24420,114 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '106569', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '187670', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', - 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], - ], - [ - 'name' => 'EndTimestamp', - 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], - ], - [ - 'name' => 'Interval', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The time interval. Unit: seconds. The value must be an integral multiple of 60.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '300', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'Type', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the error codes. Valid values:'."\n" - ."\n" - .'* **waf:** error codes that are returned to clients from WAF.'."\n" - .'* **upstream:** error codes that are returned to WAF from the origin server.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf', - ], + 'schema' => ['description' => 'The start time of the query. Specify the value as a UNIX timestamp (UTC). Unit: seconds.'."\n" + .'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The end time of the query. Specify the value as a UNIX timestamp (UTC). Unit: seconds.'."\n" + ."\n" + .'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000'."\n", 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '433', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The result of the request.'."\n", + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '7D46493E-84DD-58CE-80A7-8643****9ECC', - ], - 'ResponseCodes' => [ - 'description' => 'The array of the statistics of the error codes.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '7', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''], + 'Data' => [ + 'description' => 'The list of cross-border data transfer information.', 'type' => 'array', 'items' => [ - 'description' => 'The statistics of the error codes.'."\n", + 'description' => 'The cross-border data transfer information.', 'type' => 'object', 'properties' => [ - '5xxPv' => [ - 'description' => 'The number of 5xx error codes that are returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2932', - ], - 'Index' => [ - 'description' => 'The serial number of the time interval. The serial numbers are arranged in chronological order.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - '405Pv' => [ - 'description' => 'The number of 405 error codes that are returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '121645464', - ], - '499Pv' => [ - 'description' => 'The number of 499 error codes that are returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - '302Pv' => [ - 'description' => 'The number of 302 error codes that are returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], - '444Pv' => [ - 'description' => 'The number of 444 error codes that are returned.', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '0', - ], + 'SensitiveOutboundCount' => ['description' => 'The total number of sensitive information records transferred cross-border.', 'type' => 'integer', 'format' => 'int64', 'example' => '378', 'title' => ''], + 'Timestamp' => ['description' => 'The time of the cross-border data transfer. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1672502400', 'title' => ''], + 'InfoCount' => ['description' => 'The total number of personal information records.', 'type' => 'integer', 'format' => 'int64', 'example' => '672', 'title' => ''], + 'InfoOutboundCount' => ['description' => 'The total number of personal information records transferred cross-border.', 'type' => 'integer', 'format' => 'int64', 'example' => '541', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7D46493E-84DD-58CE-80A7-8643F2B09ECC\\",\\n \\"ResponseCodes\\": [\\n {\\n \\"5xxPv\\": 2932,\\n \\"Index\\": 10,\\n \\"405Pv\\": 121645464,\\n \\"499Pv\\": 0,\\n \\"302Pv\\": 0,\\n \\"444Pv\\": 0\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeResponseCodeTrendGraph', - ], - 'DescribeVisitUas' => [ - 'summary' => 'Queries the top 10 user agents that are used to initiate requests.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query cross-border transfer trend of personal information', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveOutboundTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 7,\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 378,\\n \\"Timestamp\\": 1672502400,\\n \\"InfoCount\\": 672,\\n \\"InfoOutboundCount\\": 541\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeSensitiveRequestLog' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -30692,128 +24538,171 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '104799', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '188086', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['title' => '', 'description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****'], ], [ - 'name' => 'EndTimestamp', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], + 'schema' => ['title' => '', 'description' => 'The start time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723392000', 'required' => false], ], [ - 'name' => 'Resource', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['title' => '', 'description' => 'The end time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1726057800', 'required' => false], ], [ - 'name' => 'InstanceId', + 'name' => 'MatchedHost', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['title' => '', 'description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'a.***.com', 'required' => false], + ], + [ + 'name' => 'ApiFormat', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/api/users/login'."\n", 'required' => false], + ], + [ + 'name' => 'ClientIP', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The IP address.', 'type' => 'string', 'example' => '103.118.55.**', 'required' => false], + ], + [ + 'name' => 'SensitiveCode', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The sensitive data type.'."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.', 'type' => 'string', 'example' => '1000,1001', 'required' => false], + ], + [ + 'name' => 'SensitiveData', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The response sensitive data.', 'type' => 'string', 'example' => 'user', 'required' => false], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The page number of the page to return in a paged query. Default value: **1**, which indicates the first page. Paging starts from page 1.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'default' => '1', 'required' => false], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The number of entries to return on each page in a paged query. Default value: **10**, which indicates 10 entries per page. Paging starts from page 1.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '10', 'minimum' => '1', 'example' => '10', 'default' => '10', 'required' => false], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The hybrid cloud cluster ID.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud cluster information.', 'type' => 'string', 'example' => '433', 'required' => false], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['title' => '', 'description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'required' => false], + ], + [ + 'name' => 'Account', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The account information.', 'type' => 'string', 'example' => 'admin', 'required' => false], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '2847CE98-AFAE-5A64-B80E-60461717F9DE', - ], - 'Uas' => [ - 'description' => 'The array of the top 10 user agents that are used to initiate requests.'."\n", + 'TotalCount' => ['title' => '', 'description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '7'], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****'], + 'Data' => [ + 'title' => '', + 'description' => 'The list of access logs.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the user agent that is used to initiate requests.'."\n", + 'title' => '', + 'description' => 'The access log information.', 'type' => 'object', 'properties' => [ - 'Count' => [ - 'description' => 'The number of requests that use the user agent.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '698455', - ], - 'Ua' => [ - 'description' => 'The user agent.'."\n", - 'type' => 'string', - 'example' => 'chrome', - ], - ], + 'MatchedHost' => ['title' => '', 'description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'a.****.com'], + 'ApiFormat' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/api/users/login'], + 'TraceId' => ['title' => '', 'description' => 'The log ID.', 'type' => 'string', 'example' => '0a3d455b17027784870843933dce3d'], + 'RequestTime' => ['title' => '', 'description' => 'The request time, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723392000'], + 'Count' => ['title' => '', 'description' => 'The number of outbound sensitive data entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '12'], + 'ClientIP' => ['title' => '', 'description' => 'The IP address.', 'type' => 'string', 'example' => '103.118.55.**'], + 'ApiId' => ['title' => '', 'description' => 'The ID of the API.', 'type' => 'string', 'example' => '197b52abcd81d6a8bd4***e477'], + 'SensitiveList' => ['title' => '', 'description' => 'The sensitive data information. The value is a JSON string constructed from a series of parameters. The key of the JSON object is the sensitive data type identifier, which can be built-in or custom. The value is a list of sensitive data entries.'."\n" + ."\n" + .'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.', 'type' => 'string', 'example' => '{'."\n" + .' "1000":[ '."\n" + .' "90.88.49.19",'."\n" + .' "90.88.49.19"'."\n" + .' ],'."\n" + .' "835436":[ '."\n" + .' "www.abc.com"'."\n" + .' ]'."\n" + .'}'], + 'RemoteCountryId' => ['title' => '', 'description' => 'The region to which the IP address belongs, in region identifier code format.', 'type' => 'string', 'example' => 'CN'], + 'Account' => ['title' => '', 'description' => 'The account of the request.', 'type' => 'string', 'example' => 'admin'], + ], + 'example' => '', ], + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2847CE98-AFAE-5A64-B80E-60461717F9DE\\",\\n \\"Uas\\": [\\n {\\n \\"Count\\": 698455,\\n \\"Ua\\": \\"chrome\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeVisitUas', - ], - 'DescribeVisitTopIp' => [ - 'summary' => 'Queries the top 10 IP addresses from which requests are sent.', - 'methods' => [ - 'post', - 'get', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query access logs of sensitive data', + 'summary' => 'Queries the access log information of sensitive data.', + 'changeSet' => [ + ['createdAt' => '2025-01-16T13:23:42.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-11-26T09:04:16.000Z', 'description' => 'Response parameters changed'], ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveRequestLog'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveRequestLog', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 7,\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"Data\\": [\\n {\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/users/login\\",\\n \\"TraceId\\": \\"0a3d455b17027784870843933dce3d\\",\\n \\"RequestTime\\": 1723392000,\\n \\"Count\\": 12,\\n \\"ClientIP\\": \\"103.118.55.**\\",\\n \\"ApiId\\": \\"197b52abcd81d6a8bd4***e477\\",\\n \\"SensitiveList\\": \\"{\\\\n \\\\\\"1000\\\\\\":[ \\\\n \\\\\\"90.88.49.19\\\\\\",\\\\n \\\\\\"90.88.49.19\\\\\\"\\\\n ],\\\\n \\\\\\"835436\\\\\\":[ \\\\n \\\\\\"www.abc.com\\\\\\"\\\\n ]\\\\n}\\",\\n \\"RemoteCountryId\\": \\"CN\\",\\n \\"Account\\": \\"admin\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeSensitiveRequests' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -30821,141 +24710,164 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '187966', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ - 'name' => 'Resource', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'StartTimestamp', + 'name' => 'SensitiveCode', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The type of sensitive data.'."\n" + .'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1001', 'title' => ''], ], [ - 'name' => 'EndTimestamp', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], + 'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1723392000', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''], + ], + [ + 'name' => 'SensitiveData', + 'in' => 'query', + 'schema' => ['description' => 'The sensitive data.', 'type' => 'string', 'required' => false, 'example' => 'card', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number when you use paged query. Default value: **1**, which indicates that the first page is returned in the paging result.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page when you use paged query. Default value: 10, which indicates that each page contains 10 entries in the paging result.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '25', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '269', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwkpn****5i', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '5D2B8DAE-A761-58CB-A68D-74989E4831DA', - ], - 'TopIp' => [ - 'description' => 'The array of the top 10 IP addresses from which requests are sent.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', 'title' => ''], + 'Data' => [ + 'description' => 'The list of data tracing results.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the IP address from which requests are sent.'."\n", + 'description' => 'The data tracing information.', 'type' => 'object', 'properties' => [ - 'Area' => [ - 'description' => 'The ordinal number of the area to which the IP address belongs.'."\n", - 'type' => 'string', - 'example' => '310000', - ], - 'Ip' => [ - 'description' => 'The IP address.'."\n", - 'type' => 'string', - 'example' => '1.1.XX.XX', - ], - 'Isp' => [ - 'description' => 'The ISP.'."\n", - 'type' => 'string', - 'example' => 'AAA', + 'EventCount' => ['description' => 'The number of events in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '679', 'title' => ''], + 'MatchedHost' => ['description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'a.****.com', 'title' => ''], + 'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/users/login', 'title' => ''], + 'DetectionResult' => ['description' => 'The assessment result. Valid values:'."\n" + .'- **leak**: a leak risk exists.'."\n" + .'- **none**: no leak risk exists.', 'type' => 'string', 'example' => 'leak', 'title' => ''], + 'ClientIP' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '103.118.55.**', 'title' => ''], + 'ApiId' => ['description' => 'The ID of the API.', 'type' => 'string', 'example' => '09559c0d71ca2ffc996b81***836d8', 'title' => ''], + 'SensitiveList' => [ + 'description' => 'The list of sensitive data.', + 'type' => 'array', + 'items' => ['description' => 'The sensitive data.', 'type' => 'string', 'example' => 'card', 'title' => ''], + 'title' => '', + 'example' => '', ], - 'Count' => [ - 'description' => 'The total number of requests that are sent from the IP address.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '2622', + 'InfoCount' => [ + 'description' => 'The list of sensitive data statistics.', + 'type' => 'array', + 'items' => [ + 'description' => 'The sensitive data statistics information.', + 'type' => 'object', + 'properties' => [ + 'Count' => ['description' => 'The number of sensitive data entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '23', 'title' => ''], + 'Code' => ['description' => 'The type of sensitive data.', 'type' => 'string', 'example' => '1001', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], + 'AbnormalCount' => ['description' => 'The number of risks in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '23', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5D2B8DAE-A761-58CB-A68D-74989E4831DA\\",\\n \\"TopIp\\": [\\n {\\n \\"Area\\": \\"310000\\",\\n \\"Ip\\": \\"1.1.XX.XX\\",\\n \\"Isp\\": \\"AAA\\",\\n \\"Count\\": 2622\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeVisitTopIp', - ], - 'DescribeRuleHitsTopResource' => [ - 'summary' => 'Queries the top 10 protected objects that trigger protection rules.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query sensitive data tracing results', + 'summary' => 'Queries the results of sensitive data tracing.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveRequests', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"Data\\": [\\n {\\n \\"EventCount\\": 679,\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/users/login\\",\\n \\"DetectionResult\\": \\"leak\\",\\n \\"ClientIP\\": \\"103.118.55.**\\",\\n \\"ApiId\\": \\"09559c0d71ca2ffc996b81***836d8\\",\\n \\"SensitiveList\\": [\\n \\"card\\"\\n ],\\n \\"InfoCount\\": [\\n {\\n \\"Count\\": 23,\\n \\"Code\\": \\"1001\\"\\n }\\n ],\\n \\"AbnormalCount\\": 23\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeSensitiveStatistic' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -30966,134 +24878,135 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '188100', + 'abilityTreeNodes' => ['FEATUREwaf8XGRZR'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbq****', 'title' => ''], ], [ - 'name' => 'EndTimestamp', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386340', - ], + 'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''], ], [ - 'name' => 'RuleType', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of rules that are triggered by the protected object. By default, this parameter is not specified and all types of rules are queried.'."\n" - ."\n" - .'* **blacklist:** IP address blacklist rules.'."\n" - .'* **custom:** custom rules.'."\n" - .'* **antiscan:** scan protection rules.'."\n" - .'* **cc_system:** HTTP flood protection rules.'."\n" - .'* **region_block:** region blacklist rules.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'blacklist', - ], + 'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'StatisticType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The type of data statistics. Valid values:'."\n" + .'- **ip**: IP address statistics.'."\n" + .'- **host**: domain name statistics.'."\n" + .'- **sensitive_code**: sensitive data type statistics.'."\n" + .'- **api**: sensitive data API operation statistics.', 'type' => 'string', 'default' => 'ip', 'required' => false, 'example' => 'ip', 'title' => ''], + ], + [ + 'name' => 'PageNumber', + 'in' => 'query', + 'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates that the first page is returned.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates that each page contains 10 entries.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '20', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'ADA11BC7-AA95-5C31-9095-5802C02ED1DC', - ], - 'RuleHitsTopResource' => [ - 'description' => 'The array of the top 10 protected objects that trigger protection rules.'."\n", + 'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Data' => [ + 'description' => 'The list of sensitive data statistics.', 'type' => 'array', 'items' => [ - 'description' => 'The match details of the protection rules that are triggered by the protected object.'."\n", + 'description' => 'The sensitive data statistics information.', 'type' => 'object', 'properties' => [ - 'Resource' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'Count' => [ - 'description' => 'The number of requests that match protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '14219', - ], - ], + 'SensitiveCode' => ['description' => 'The sensitive data type.'."\n" + ."\n" + .'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'string', 'example' => '1003', 'title' => ''], + 'MatchedHost' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'a.****.com', 'title' => ''], + 'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/login', 'title' => ''], + 'Count' => ['description' => 'The number of data entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '169', 'title' => ''], + 'ClientIP' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '10.50.11.**', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"ADA11BC7-AA95-5C31-9095-5802C02ED1DC\\",\\n \\"RuleHitsTopResource\\": [\\n {\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 14219\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeRuleHitsTopResource', - ], - 'DescribeRuleHitsTopRuleId' => [ - 'summary' => 'Queries the IDs of the top 10 protection rules that are matched by requests.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + 'title' => 'Query sensitive data statistics for tracing audits', + 'summary' => 'Queries sensitive data statistics for tracing audits.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveCode\\": \\"1003\\",\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"Count\\": 169,\\n \\"ClientIP\\": \\"10.50.11.**\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeSlsAuthStatus' => [ + 'summary' => 'Queries the Logstore authorization status.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -31104,162 +25017,159 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '111394', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-g4t3g****04', 'title' => ''], ], [ - 'name' => 'EndTimestamp', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: indicates the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2okfav****iq', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', + 'type' => 'object', + 'properties' => [ + 'Status' => ['description' => 'The authorization status. Valid values:'."\n" + ."\n" + .'- **true**: indicates that authorization is granted.'."\n" + ."\n" + .'- **false**: indicates that authorization is not granted.', 'type' => 'boolean', 'example' => 'false', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '3589D3A3-4A04-51CB-AA89-353ED20ACB10', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'DescribeSlsAuthStatus', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsAuthStatus'], + ], + ], + 'ramActions' => [ [ - 'name' => 'RuleType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of rules that are triggered by the protected object. By default, this parameter is not specified and all types of rules are queried.'."\n" - ."\n" - .'* **blacklist:** IP address blacklist rules.'."\n" - .'* **custom:** custom rules.'."\n" - .'* **antiscan:** scan protection rules.'."\n" - .'* **cc_system:** HTTP flood protection rules.'."\n" - .'* **region_block:** region blacklist rules.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'blacklist', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSlsAuthStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": false,\\n \\"RequestId\\": \\"3589D3A3-4A04-51CB-AA89-353ED20ACB10\\"\\n}","type":"json"}]', + ], + 'DescribeSlsLogStore' => [ + 'summary' => 'Retrieves Logstore information, including total capacity, storage duration, and used capacity.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'AK' => [], ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'get', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '114313', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], + ], + 'parameters' => [ [ - 'name' => 'IsGroupResource', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether protected objects that trigger protection rules are returned in the response. Valid values'."\n" - ."\n" - .'- **true**: returns only the number of times each protection rule is triggered. If you set IsGroupResource to true, Resource is left empty.'."\n" - .'- **false**: returns the number of times each protection rule is triggered by each protected object.', - 'type' => 'string', - 'required' => false, - 'example' => 'true', - 'default' => 'true', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zpr3d****0o', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: indicates the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2wf3mn****vq', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'F6334274-8870-5D2F-A1AD-D6EF885AC1ED', - ], - 'RuleHitsTopRuleId' => [ - 'description' => 'The array of the IDs of the top 10 rules that are matched by requests.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The match details of the rule.'."\n", - 'type' => 'object', - 'properties' => [ - 'RuleId' => [ - 'description' => 'The ID of the rule.'."\n", - 'type' => 'string', - 'example' => '5465465', - ], - 'Resource' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'Count' => [ - 'description' => 'The number of requests that match the rule.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '181174784', - ], - ], - ], - ], + 'LogStoreName' => ['description' => 'The name of the Logstore.', 'type' => 'string', 'example' => 'wafng-logstore', 'title' => ''], + 'RequestId' => ['description' => 'The request', 'type' => 'string', 'example' => 'CAC0A24B-486A-5E12-9894-BE860E5F41CC', 'title' => ''], + 'Quota' => ['description' => 'The capacity of the Logstore. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '3298534883328', 'title' => ''], + 'ProjectName' => ['description' => 'The name of the Simple Log Service project.', 'type' => 'string', 'example' => 'wafng-project-14316572********-cn-hangzhou', 'title' => ''], + 'Used' => ['description' => 'The used capacity of the Logstore. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '35471136', 'title' => ''], + 'Ttl' => ['description' => 'The log retention period. Unit: days.', 'type' => 'integer', 'format' => 'int32', 'example' => '180', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F6334274-8870-5D2F-A1AD-D6EF885AC1ED\\",\\n \\"RuleHitsTopRuleId\\": [\\n {\\n \\"RuleId\\": \\"5465465\\",\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 181174784\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeRuleHitsTopRuleId', - ], - 'DescribeRuleHitsTopTuleType' => [ - 'summary' => 'Queries the top 10 protection modules that are matched.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeSlsLogStore', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStore'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSlsLogStore', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"LogStoreName\\": \\"wafng-logstore\\",\\n \\"RequestId\\": \\"CAC0A24B-486A-5E12-9894-BE860E5F41CC\\",\\n \\"Quota\\": 3298534883328,\\n \\"ProjectName\\": \\"wafng-project-14316572********-cn-hangzhou\\",\\n \\"Used\\": 35471136,\\n \\"Ttl\\": 180\\n}","type":"json"}]', + ], + 'DescribeSlsLogStoreStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -31270,136 +25180,179 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '114229', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The start point of the time period for which to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm35****02', 'title' => ''], ], [ - 'name' => 'EndTimestamp', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end point of the time period for which to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: indicates the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmzedqv****ma', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', + 'description' => 'The result of the request.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID', 'type' => 'string', 'example' => '184F538F-C115-5C89-A4EF-C79CD2E29AC7', 'title' => ''], + 'ExistStatus' => ['description' => 'Indicates whether a Logstore is created for WAF. Valid values:'."\n" + ."\n" + .'- **true**: A Logstore is created.'."\n" + ."\n" + .'- **false**: No Logstore is created.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'title' => 'DescribeSlsLogStoreStatus', + 'summary' => 'Queries the status of a Simple Log Service Logstore.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStoreStatus'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSlsLogStoreStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"184F538F-C115-5C89-A4EF-C79CD2E29AC7\\",\\n \\"ExistStatus\\": true\\n}","type":"json"}]', + ], + 'DescribeTemplateResourceCount' => [ + 'summary' => 'Queries the number of protected resources that are associated with one or more protection templates.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'read', + 'systemTags' => [ + 'operationType' => 'list', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], + ], + 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-lbj****gx08', 'title' => ''], + ], + [ + 'name' => 'TemplateIds', + 'in' => 'query', + 'schema' => ['description' => 'The IDs of protection templates. Separate multiple IDs with commas (,).', 'type' => 'string', 'required' => true, 'example' => '12345,12346', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'example' => 'rg-aekzwwkpn****5i', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwkpn****5i', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '45E377CE-0B04-578E-B653-EEA63CFE****', - ], - 'RuleHitsTopTuleType' => [ - 'description' => 'The top 10 protection modules that are matched.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'B8064433-9781-5E86-806E-C1DD****1D95', 'title' => ''], + 'ResourceCount' => [ + 'description' => 'An array of resource count objects. Each object contains the number of protected objects, protected object groups, and protected assets that are associated with a protection template.', 'type' => 'array', 'items' => [ - 'description' => 'The match details of the protection module.'."\n", + 'description' => 'The resource count details for a protection template, including the number of protected objects, protected object groups, and protected assets.', 'type' => 'object', 'properties' => [ - 'RuleType' => [ - 'description' => 'The type of rule that is matched. By default, this parameter is not returned. This indicates that all types of rules that are matched are returned.'."\n" - ."\n" - .'* **waf:** basic protection rules.'."\n" - .'* **blacklist:** IP address blacklist rules.'."\n" - .'* **custom:** custom rules.'."\n" - .'* **antiscan:** scan protection rules.'."\n" - .'* **cc_system:** HTTP flood protection rules.'."\n" - .'* **region_block:** region blacklist rules.'."\n" - .'* **scene:** bot management rules.'."\n" - .'* **dlp:** data leakage prevention rules.'."\n", - 'type' => 'string', - 'example' => 'cc_system', - ], - 'Count' => [ - 'description' => 'The number of requests that match protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '698455', - ], + 'SingleCount' => ['description' => 'The number of protected objects that are associated with the protection template.', 'type' => 'integer', 'format' => 'int32', 'example' => '30', 'title' => ''], + 'GroupCount' => ['description' => 'The number of protected object groups that are associated with the protection template.', 'type' => 'integer', 'format' => 'int32', 'example' => '30', 'title' => ''], + 'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '12345', 'title' => ''], + 'AssetCount' => ['description' => 'The number of protected assets that are associated with the protection template.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"45E377CE-0B04-578E-B653-EEA63CFE****\\",\\n \\"RuleHitsTopTuleType\\": [\\n {\\n \\"RuleType\\": \\"blacklist\\",\\n \\"Count\\": 698455\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeRuleHitsTopTuleType', - ], - 'DescribeRuleHitsTopUrl' => [ - 'summary' => 'Queries the top 10 URLs that trigger protection rules.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeTemplateResourceCount', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResourceCount'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeTemplateResourceCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B8064433-9781-5E86-806E-C1DD****1D95\\",\\n \\"ResourceCount\\": [\\n {\\n \\"SingleCount\\": 30,\\n \\"GroupCount\\": 30,\\n \\"TemplateId\\": 12345,\\n \\"AssetCount\\": 10\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeTemplateResources' => [ + 'summary' => 'Queries the resources attached to a protection template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -31407,149 +25360,137 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '105175', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'waf_cdnsdf3****'], ], [ - 'name' => 'EndTimestamp', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'title' => '', 'example' => '1020'], ], [ - 'name' => 'Resource', + 'name' => 'ResourceType', 'in' => 'query', 'schema' => [ - 'description' => 'The protected object.'."\n", + 'description' => 'The type of the protected resource. Valid values:'."\n" + ."\n" + .'- **single**: a protected object.'."\n" + ."\n" + .'- **group**: a protected object group.'."\n" + ."\n" + .'- **asset**: a protected asset.', 'type' => 'string', 'required' => true, - 'example' => 'www.aliyundoc.com', + 'title' => '', + 'enum' => ['single', 'group', 'asset'], + 'example' => 'single', ], ], [ - 'name' => 'RuleType', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of rules that are triggered by the protected object. By default, this parameter is not specified and all types of rules are queried.'."\n" - ."\n" - .'* **blacklist:** IP address blacklist rules.'."\n" - .'* **custom:** custom rules.'."\n" - .'* **antiscan:** scan protection rules.'."\n" - .'* **cc_system:** HTTP flood protection rules.'."\n" - .'* **region_block:** region blacklist rules.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'blacklist', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'default' => 'cn-hangzhou', 'title' => '', 'example' => 'cn-hangzhou'], ], [ - 'name' => 'InstanceId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'rg-acfm***q'], ], [ - 'name' => 'RegionId', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The token that is used to retrieve the next page of results. This is the value of the **NextToken** parameter returned from the last API call. You do not need to specify this parameter for the first query.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'AAAAAJ7ob7*******MhJJ1ELRE='], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'MaxResults', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The number of entries to return on each page for a paged query. Valid values: 1 to 500. Default value: 500.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'maximum' => '500', 'minimum' => '1', 'default' => '500', 'title' => '', 'example' => '20'], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The name of the protected object or protected object group for the fuzzy query.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'abc.test.com-waf'], + ], + [ + 'name' => 'AssetApi', + 'in' => 'query', + 'schema' => ['type' => 'string', 'title' => '', 'description' => 'The API of the protected asset for the fuzzy query.', 'required' => false, 'example' => 'abc.com'], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '3D8AF43B-08EB-51CE-B33A-93AA****9B0C', - ], - 'RuleHitsTopUrl' => [ - 'description' => 'The top 10 URLs that match protection rules.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'title' => '', 'example' => 'C7BC9373-3960-53B0-8968-2B13454AE18F'], + 'Resources' => [ + 'description' => 'A list of the names of the attached protected objects or protected object groups, or the IDs of the protected assets.', 'type' => 'array', - 'items' => [ - 'description' => 'The match details of protection rules that are triggered by the URL.'."\n", - 'type' => 'object', - 'properties' => [ - 'Count' => [ - 'description' => 'The number of requests that match protection rules.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '21862', - ], - 'Url' => [ - 'description' => 'The request URL.'."\n" - ."\n" - .'> The value is Base64-encoded.'."\n", - 'type' => 'string', - 'example' => 'd3d3LmFsaXl1bmRvYy5jb20vcGF0aDM=', - ], - ], - ], + 'items' => ['description' => 'The name of the protected object or protected object group, or the ID of the protected asset.', 'type' => 'string', 'title' => '', 'example' => 'alb-wewbb23dfset***'], + 'title' => '', + 'example' => '', ], + 'TotalCount' => ['description' => 'The total number of returned entries.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '25'], + 'NextToken' => ['description' => 'The token that is used to retrieve the next page of results. This parameter is returned if a next page exists.'."\n" + ."\n" + .'> If a value is returned for this parameter, a next page exists. You can use the returned **NextToken** value as a request parameter to retrieve the data on the next page. When no value is returned, all data has been retrieved.', 'type' => 'string', 'title' => '', 'example' => 'AAAAABLQv******37sHZaHk4='], + 'MaxResults' => ['description' => 'The number of entries returned on each page. Valid values: 1 to 500. Default value: 500.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '20'], + 'TemplateId' => ['type' => 'integer', 'format' => 'int64', 'description' => 'The ID of the protection template.', 'title' => '', 'example' => '168465'], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3D8AF43B-08EB-51CE-B33A-93AA****9B0C\\",\\n \\"RuleHitsTopUrl\\": [\\n {\\n \\"Count\\": 21862,\\n \\"Url\\": \\"d3d3LmFsaXl1bmRvYy5jb20vcGF0aDM=\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeRuleHitsTopUrl', - ], - 'DescribeRuleHitsTopClientIp' => [ - 'summary' => 'Queries the top 10 IP addresses from which attacks are initiated.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Defense.Control.DefenseTemplateNotExist', 'errorMessage' => 'The protection template does not exist.', 'description' => 'The protection template does not exist.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'DescribeTemplateResources', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResources'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeTemplateResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C7BC9373-3960-53B0-8968-2B13454AE18F\\",\\n \\"Resources\\": [\\n \\"alb-wewbb23dfset***\\"\\n ],\\n \\"TotalCount\\": 25,\\n \\"NextToken\\": \\"AAAAABLQv******37sHZaHk4=\\",\\n \\"MaxResults\\": 20,\\n \\"TemplateId\\": 168465\\n}","type":"json"}]', + ], + 'DescribeThreatEvent' => [ + 'summary' => 'Queries a paginated list of notable security events.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -31557,147 +25498,155 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '111428', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'DomainName', 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], + 'schema' => ['description' => 'The domain name that is protected by WAF. If you do not specify this parameter, security events for all domain names are queried.', 'type' => 'string', 'required' => false, 'default' => '', 'example' => 'www.abc.com', 'title' => ''], ], [ - 'name' => 'EndTimestamp', + 'name' => 'StartTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', - ], + 'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1668496310000', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'EndTime', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1749916800000', 'title' => ''], ], [ - 'name' => 'RuleType', + 'name' => 'PageNumber', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of rules that are triggered by the protected object. By default, this parameter is not specified and all types of rules are queried.'."\n" - ."\n" - .'* **blacklist:** IP address blacklist rules.'."\n" - .'* **custom:** custom rules.'."\n" - .'* **antiscan:** scan protection rules.'."\n" - .'* **cc_system:** HTTP flood protection rules.'."\n" - .'* **region_block:** region blacklist rules.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'blacklist', - ], + 'schema' => ['description' => 'The page number of the page to return. Default value: 1.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'PageSize', + 'in' => 'query', + 'schema' => ['description' => 'The number of entries per page. Default value: **5**. Valid values: 1 to 200.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '5', 'example' => '10', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-2bl4****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aeky65ka*****', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The data returned.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '9F0F9AD6-62E2-50BB-A3E5-30FFB9410262', - ], - 'RuleHitsTopClientIp' => [ - 'description' => 'The array of the top 10 IP addresses from which attacks are initiated.'."\n", + 'TotalCount' => ['description' => 'The total number of security events that match the query conditions.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '98106632-6865-5600-A834-3D909***', 'title' => ''], + 'ThreatEvents' => [ 'type' => 'array', 'items' => [ - 'description' => 'The information about the attacks that are initiated from the IP address.'."\n", 'type' => 'object', 'properties' => [ - 'Count' => [ - 'description' => 'The number of attacks that are initiated from the IP address.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '531', - ], - 'ClientIp' => [ - 'description' => 'The IP address of the service client.'."\n", - 'type' => 'string', - 'example' => '3.3.XX.XX', - ], + 'EventLevel' => ['description' => 'The severity level of the security event. Valid values:'."\n" + ."\n" + .'- **critical**'."\n" + ."\n" + .'- **high**'."\n" + ."\n" + .'- **medium**'."\n" + ."\n" + .'- **low**', 'type' => 'string', 'example' => 'high', 'title' => ''], + 'EndTime' => ['description' => 'The time when the last attack occurred. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1768406400000', 'title' => ''], + 'EventSrc' => ['description' => 'The source IP address of the attack.'."\n" + ."\n" + .'> A security event may have multiple source IP addresses. This operation returns only one of them.', 'type' => 'string', 'example' => '3.3.3.3', 'title' => ''], + 'EventId' => ['description' => 'The ID of the security event.', 'type' => 'string', 'example' => 'f439994c8ab39f84eced33490f0c4388', 'title' => ''], + 'BlockRate' => ['description' => 'The percentage of attack requests that were blocked by WAF.', 'type' => 'string', 'example' => '100%', 'title' => ''], + 'EventTag' => ['description' => 'The type of the security event. Valid values:'."\n" + ."\n" + .'- **MultipleDomainDirscan**: a directory and file scan against multiple domain names.'."\n" + ."\n" + .'- **SingleDomainDirscan**: a directory and file scan against a single domain name.'."\n" + ."\n" + .'- **MultipleDomainWebscan**: a web vulnerability scan against multiple domain names.'."\n" + ."\n" + .'- **SingleDomainWebscan**: a web vulnerability scan against a single domain name.'."\n" + ."\n" + .'- **MultipleDomainWebattack**: a web vulnerability attack against multiple domain names.'."\n" + ."\n" + .'- **SingleDomainWebattack**: a web vulnerability attack against a single domain name.'."\n" + ."\n" + .'- **SingleURLWebattack**: a web vulnerability attack against a specific URL.'."\n" + ."\n" + .'- **SingleURLSqlattack**: an SQL injection attack against a specific URL.'."\n" + ."\n" + .'- **SingleURLXssattack**: an XSS attack against a specific URL.'."\n" + ."\n" + .'- **WebshellUpload**: an attack that attempts to upload backdoor trojans.'."\n" + ."\n" + .'- **RandomVulnTest**: a random web vulnerability probe.', 'type' => 'string', 'example' => 'Event_InternalLoginWeakPasswd', 'title' => ''], + 'EventTarget' => ['description' => 'The protected object that is the target of the attack.'."\n" + ."\n" + .'> A security event may have multiple protected objects as targets. This operation returns only one of them.', 'type' => 'string', 'example' => 'test.aliyundemo.com-waf', 'title' => ''], ], + 'description' => 'The security event.', + 'title' => '', + 'example' => '', ], + 'description' => 'The list of notable security events.', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9F0F9AD6-62E2-50BB-A3E5-30FFB9410262\\",\\n \\"RuleHitsTopClientIp\\": [\\n {\\n \\"Count\\": 531,\\n \\"ClientIp\\": \\"3.3.XX.XX\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeRuleHitsTopClientIp', - ], - 'DescribeFlowTopResource' => [ - 'summary' => 'Queries the top 10 protected objects that receive requests.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeThreatEvent', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeThreatEvent', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"98106632-6865-5600-A834-3D909***\\",\\n \\"ThreatEvents\\": [\\n {\\n \\"EventLevel\\": \\"high\\",\\n \\"EndTime\\": 1768406400000,\\n \\"EventSrc\\": \\"3.3.3.3\\",\\n \\"EventId\\": \\"f439994c8ab39f84eced33490f0c4388\\",\\n \\"BlockRate\\": \\"100%\\",\\n \\"EventTag\\": \\"Event_InternalLoginWeakPasswd\\",\\n \\"EventTarget\\": \\"test.aliyundemo.com-waf\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeThreatEventDetail' => [ + 'summary' => 'Retrieves the details of a security event that requires attention.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -31708,118 +25657,148 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '114528', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', - 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], - ], - [ - 'name' => 'EndTimestamp', + 'name' => 'EventId', 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386340', - ], + 'schema' => ['description' => 'The ID of the security event.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => '1661131a028f72a976703f4a4082ad87', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-lbj*****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzhks66****', 'title' => ''], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '8F0E0B9A-B518-5C6D-BEFC-A373DDE4F652', - ], - 'RuleHitsTopResource' => [ - 'description' => 'The array of the top 10 protected objects that receive requests.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the requests received by the protected object.'."\n", - 'type' => 'object', - 'properties' => [ - 'Resource' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com', - ], - 'Count' => [ - 'description' => 'The total number of requests received by the protected object in a specified time range.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '181174784', - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B1****', 'title' => ''], + 'ThreatEventDetail' => [ + 'type' => 'object', + 'properties' => [ + 'IsPersistent' => ['description' => 'Indicates whether the event is a persistent attack. Valid values:'."\n" + ."\n" + .'- **0**: The event is not a persistent attack.'."\n" + ."\n" + .'- **1**: The event is a persistent attack.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''], + 'EventLevel' => ['description' => 'The severity level of the event. Valid values:'."\n" + ."\n" + .'- **critical**: Critical severity.'."\n" + ."\n" + .'- **high**: High severity.'."\n" + ."\n" + .'- **medium**: Medium severity.'."\n" + ."\n" + .'- **low**: Low severity.', 'type' => 'string', 'example' => 'high', 'title' => ''], + 'EventBlock' => ['description' => 'The number of attacks that were blocked in the security event.', 'type' => 'string', 'example' => '20', 'title' => ''], + 'EventCnt' => ['description' => 'The total number of attacks in the security event.', 'type' => 'string', 'example' => '20', 'title' => ''], + 'EndTime' => ['description' => 'The time of the most recent attack. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1749916800000', 'title' => ''], + 'EventIntelligence' => ['description' => 'The threat intelligence associated with the event. The value is a JSON array in the string format.', 'type' => 'string', 'example' => '["CVE-2020-14882","DDoS Attack"]', 'title' => ''], + 'EventSrcRegion' => ['description' => 'The region of the source IP address of the attack.', 'type' => 'string', 'example' => 'GB-ENG', 'title' => ''], + 'EventSrc' => ['description' => 'The source IP address of the attack.'."\n" + ."\n" + .'> A security event may have multiple source IP addresses. This operation returns only one of them.', 'type' => 'string', 'example' => 'XX.XX.XX.XX', 'title' => ''], + 'EventSuggest' => ['description' => 'The security suggestion. Valid values:'."\n" + ."\n" + .'- **ProtectInterface**: The attack target appears to be a backend management address. If the address has specific access patterns, configure custom rules in the access control module to restrict access.'."\n" + ."\n" + .'- **BlockArea**: Monitor the attack source region. If the attack source region is different from your normal business regions, configure a location blacklist or an IP address blacklist in the access control module to restrict access.'."\n" + ."\n" + .'- **SwitchBlock**: The current protection rule is in Alert mode. To ensure business security, switch to Block mode. Before you switch, check for false positives.'."\n" + ."\n" + .'- **FixBug**: Check the attack target for security vulnerabilities. If any vulnerabilities exist, fix them promptly to prevent exploitation.'."\n" + ."\n" + .'- **SwitchStrict**: If it does not affect your normal business, change the policies of modules, such as protection rules and scan protection, to a stricter mode. Before you change the policies, check for false positives.'."\n" + ."\n" + .'- **ProtectFile**: Check the target domain name for sensitive files or paths to prevent them from being detected and exploited.'."\n" + ."\n" + .'- **BlockIP**: The source IP address has a high degree of maliciousness. Keep monitoring it. If it does not affect your normal business, use an IP address blacklist to block access from the malicious IP address.'."\n" + ."\n" + .'- **KeepConcerned**: No threats are found. Continue to monitor the situation.', 'type' => 'string', 'example' => 'FixBug', 'title' => ''], + 'EventCondition' => ['description' => 'The filter condition for viewing logs. The value is a JSON object in the string format.', 'type' => 'string', 'example' => '{"end_ts": 1766637714, "start_ts": 1764096746, "condition": {"real_client_ip": ["78.153.140.179", "78.153.140.203", "78.153.140.177", "78.153.140.178", "78.153.140.151"]}}', 'title' => ''], + 'EventTag' => ['description' => 'The name of the event. Valid values:'."\n" + ."\n" + .'- **MultipleDomainDirscan**: A directory and file scan for multiple domain names.'."\n" + ."\n" + .'- **SingleDomainDirscan**: A directory and file scan for a single domain name.'."\n" + ."\n" + .'- **MultipleDomainWebscan**: A web vulnerability scan for multiple domain names.'."\n" + ."\n" + .'- **SingleDomainWebscan**: A web vulnerability scan for a single domain name.'."\n" + ."\n" + .'- **MultipleDomainWebattack**: A web vulnerability attack on multiple domain names.'."\n" + ."\n" + .'- **SingleDomainWebattack**: A web vulnerability attack on a single domain name.'."\n" + ."\n" + .'- **SingleURLWebattack**: A web vulnerability attack on a specific URL.'."\n" + ."\n" + .'- **SingleURLSqlattack**: An SQL injection attack on a specific URL.'."\n" + ."\n" + .'- **SingleURLXssattack**: A cross-site scripting (XSS) attack on a specific URL.'."\n" + ."\n" + .'- **WebshellUpload**: An attempt to upload backdoor trojans.'."\n" + ."\n" + .'- **RandomVulnTest**: A random web vulnerability probe.', 'type' => 'string', 'example' => 'MultipleDomainWebattack', 'title' => ''], + 'EventSrcCountry' => ['description' => 'The country of the source IP address of the attack.', 'type' => 'string', 'example' => 'GB', 'title' => ''], ], + 'description' => 'The details of the security event.', + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8F0E0B9A-B518-5C6D-BEFC-A373DDE4F652\\",\\n \\"RuleHitsTopResource\\": [\\n {\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 181174784\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeFlowTopResource', - ], - 'DescribeRuleHitsTopUa' => [ - 'summary' => 'Queries the top 10 user agents that are used to initiate attacks.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeThreatEventDetail', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeThreatEventDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B1****\\",\\n \\"ThreatEventDetail\\": {\\n \\"IsPersistent\\": 1,\\n \\"EventLevel\\": \\"high\\",\\n \\"EventBlock\\": \\"20\\",\\n \\"EventCnt\\": \\"20\\",\\n \\"EndTime\\": 1749916800000,\\n \\"EventIntelligence\\": \\"[\\\\\\"CVE-2020-14882\\\\\\",\\\\\\"DDoS Attack\\\\\\"]\\",\\n \\"EventSrcRegion\\": \\"GB-ENG\\",\\n \\"EventSrc\\": \\"XX.XX.XX.XX\\",\\n \\"EventSuggest\\": \\"FixBug\\",\\n \\"EventCondition\\": \\"{\\\\\\"end_ts\\\\\\": 1766637714, \\\\\\"start_ts\\\\\\": 1764096746, \\\\\\"condition\\\\\\": {\\\\\\"real_client_ip\\\\\\": [\\\\\\"78.153.140.179\\\\\\", \\\\\\"78.153.140.203\\\\\\", \\\\\\"78.153.140.177\\\\\\", \\\\\\"78.153.140.178\\\\\\", \\\\\\"78.153.140.151\\\\\\"]}}\\",\\n \\"EventTag\\": \\"MultipleDomainWebattack\\",\\n \\"EventSrcCountry\\": \\"GB\\"\\n }\\n}","type":"json"}]', + ], + 'DescribeThreatEventTopMetric' => [ + 'summary' => 'Queries the top 5 statistics of security events aggregated by different statistical objects and sorted in descending order.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -31830,127 +25809,120 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '114535', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ - 'name' => 'StartTimestamp', + 'name' => 'Metric', 'in' => 'query', 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", + 'description' => 'The statistical metric. Different values of Metric correspond to different statistical objects. Valid values:'."\n" + .'- **time**: aggregates statistics by attack time, sorts them in descending order, and returns the top 5 records.'."\n" + .'- **src**: aggregates statistics by source IP address of attack requests, sorts them in descending order, and returns the top 5 records.'."\n" + .'- **target**: aggregates statistics by URL of attack requests (excluding query strings), sorts them in descending order, and returns the top 5 records.'."\n" + .'- **type**: aggregates statistics by attack type, sorts them in descending order, and returns the top 5 records.'."\n" + .'- **tools**: aggregates statistics by attack tool, sorts them in descending order, and returns the top 5 records.', + 'enumValueTitles' => ['src' => 'src', 'time' => 'time', 'type' => 'type', 'tools' => 'tools', 'target' => 'target'], 'type' => 'string', 'required' => true, - 'example' => '1665331200', - ], - ], - [ - 'name' => 'EndTimestamp', - 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386280', + 'enum' => ['time', 'src', 'target', 'type', 'tools'], + 'example' => 'time', + 'title' => '', ], ], [ - 'name' => 'Resource', + 'name' => 'EventId', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the security event.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => '0b7ab137a065aab7656986***11db', 'title' => ''], ], [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '8E5C7ED7-503A-5986-A005-36F2511EB89F', - ], - 'RuleHitsTopUa' => [ - 'description' => 'The array of the top 10 user agents that are used to initiate attacks.'."\n", + 'TopMetrics' => [ + 'description' => 'The list of statistics.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the user agent that is used to initiate attacks.'."\n", + 'description' => 'The statistics.', 'type' => 'object', 'properties' => [ - 'Count' => [ - 'description' => 'The number of attacks that are initiated from the IP address.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '531', - ], - 'Ua' => [ - 'description' => 'The user agent.'."\n", - 'type' => 'string', - 'example' => 'android', - ], - ], + 'Cnt' => ['description' => 'The number of attacks.', 'type' => 'integer', 'format' => 'int64', 'example' => '20', 'title' => ''], + 'Value' => ['description' => 'The attack value. The meaning of this field varies depending on the value of **Metric**.'."\n" + ."\n" + .'- If **Metric** is set to **time**, this field indicates the attack time.'."\n" + .'- If **Metric** is set to **src**, this field indicates the source IP address of the attack.'."\n" + .'- If **Metric** is set to **target**, this field indicates the URL of the attack request.'."\n" + .'- If **Metric** is set to **type**, this field indicates the attack type. **dirscan** indicates directory scanning, **webscan** indicates web scanning, and other attack types are described in the **detectType** (detection type) parameter of the **custom regular rule** (**regular_custom**) in the [**CreateDefenseRule**](~~461421~~) operation.'."\n" + .'- If **Metric** is set to **tools**, this field indicates the attack tool.', 'type' => 'string', 'example' => '115.28.209.212', 'title' => ''], + 'Country' => ['description' => 'The country to which the source IP address of the attack belongs.'."\n" + .'> This field returns a meaningful value only when the statistical object (**Metric**) is set to source IP address (**src**).', 'type' => 'string', 'example' => 'CN', 'title' => ''], + 'Region' => ['description' => 'The region to which the source IP address of the attack belongs.'."\n" + .'> This field returns a meaningful value only when the statistical object (**Metric**) is set to source IP address (**src**).', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '12EF3845-CCEB-4B84-AE60-2B49B*****EE5', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8E5C7ED7-503A-5986-A005-36F2511EB89F\\",\\n \\"RuleHitsTopUa\\": [\\n {\\n \\"Count\\": 531,\\n \\"Ua\\": \\"android\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeRuleHitsTopUa', - ], - 'DescribeFlowTopUrl' => [ - 'summary' => 'Queries the top 10 URLs that are used to initiate requests.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query top statistics of security events', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeThreatEventTopMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TopMetrics\\": [\\n {\\n \\"Cnt\\": 20,\\n \\"Value\\": \\"115.28.209.212\\",\\n \\"Country\\": \\"CN\\",\\n \\"Region\\": \\"cn-hangzhou\\"\\n }\\n ],\\n \\"RequestId\\": \\"12EF3845-CCEB-4B84-AE60-2B49B*****EE5\\"\\n}","type":"json"}]', + ], + 'DescribeUserAbnormalTrend' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -31961,127 +25933,107 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '155225', + 'abilityTreeNodes' => ['FEATUREwafWE25G7'], ], 'parameters' => [ [ - 'name' => 'StartTimestamp', - 'in' => 'query', - 'schema' => [ - 'description' => 'The beginning of the time range to query. Unit: seconds.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '1665331200', - ], - ], - [ - 'name' => 'EndTimestamp', - 'in' => 'query', - 'schema' => [ - 'description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1665386340', - ], - ], - [ - 'name' => 'Resource', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'www.aliyundoc.com', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-uqm342yj***', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter is applicable only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain the hybrid cloud cluster ID.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '520D4E4C-B8EC-5602-ACB6-4D378ACBA28D', - ], - 'RuleHitsTopUrl' => [ - 'description' => 'The array of the top 10 URLs that are used to initiate requests.'."\n", + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'Trend' => [ + 'description' => 'The list of API security risk trend data points.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the URL that is used to initiate requests.'."\n", + 'description' => 'The details of a risk trend data point.', 'type' => 'object', 'properties' => [ - 'Count' => [ - 'description' => 'The total number of requests that are initiated by using the URL.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '181174784', - ], - 'Url' => [ - 'description' => 'The URL that is used to initiate requests.'."\n", - 'type' => 'string', - 'example' => 'www.aliyundoc.com/path1', - ], - ], + 'AbnormalHigh' => ['description' => 'The number of high-severity security risks.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''], + 'AbnormalLow' => ['description' => 'The number of low-severity security risks.', 'type' => 'integer', 'format' => 'int64', 'example' => '23', 'title' => ''], + 'AbnormalMedium' => ['description' => 'The number of medium-severity security risks.', 'type' => 'integer', 'format' => 'int64', 'example' => '14', 'title' => ''], + 'Timestamp' => ['description' => 'The point in time when the statistics were collected. This value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1722268800', 'title' => ''], + 'TimeStamp' => ['description' => 'The point in time when the statistics were collected. This value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'deprecated' => true, 'example' => '1722268800', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"520D4E4C-B8EC-5602-ACB6-4D378ACBA28D\\",\\n \\"RuleHitsTopUrl\\": [\\n {\\n \\"Count\\": 181174784,\\n \\"Url\\": \\"www.aliyundoc.com/path1\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeFlowTopUrl', - ], - 'DescribeThreatEventDetail' => [ - 'summary' => '查看威胁事件详情', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeUserAbnormalTrend', + 'summary' => 'Queries the trend of API security risks for a Web Application Firewall (WAF) instance.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserAbnormalTrend'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserAbnormalTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Trend\\": [\\n {\\n \\"AbnormalHigh\\": 12,\\n \\"AbnormalLow\\": 23,\\n \\"AbnormalMedium\\": 14,\\n \\"Timestamp\\": 1722268800,\\n \\"TimeStamp\\": 1722268800\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeUserAbnormalType' => [ + 'summary' => 'Queries user risk types and statistics related to API security in Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -32092,149 +26044,146 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '114528', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '156222', + 'abilityTreeNodes' => ['FEATUREwafWE25G7'], ], 'parameters' => [ [ - 'name' => 'EventId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '1661131a028f72a976703f4a4082ad87', - 'default' => '', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-g4***201', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-lbj*****', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the IDs of hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '993', 'title' => ''], + ], + [ + 'name' => 'StartTime', + 'in' => 'query', + 'schema' => ['description' => 'The beginning of the time range to query. Specify the time as a UNIX timestamp in seconds. The time is in UTC.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1723435200', 'title' => ''], + ], + [ + 'name' => 'EndTime', + 'in' => 'query', + 'schema' => ['description' => 'The end of the time range to query. Specify the time as a UNIX timestamp in seconds. The time is in UTC.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1726113600', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-ac***lani', 'title' => ''], + ], + [ + 'name' => 'UserStatusList', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => '', - 'type' => 'string', + 'type' => 'array', + 'items' => ['description' => 'The risk state for which to collect statistics. Valid values:'."\n" + ."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + ."\n" + .'- **confirmed**: confirmed.'."\n" + ."\n" + .'- **toBeFixed**: to be fixed.'."\n" + ."\n" + .'- **fixed**: fixed (manually verified).'."\n" + ."\n" + .'- **ignored**: ignored.'."\n" + ."\n" + .'- **toBeVerified**: to be verified by the system.'."\n" + ."\n" + .'- **notFixed**: verification failed (not fixed).'."\n" + ."\n" + .'- **systemFixed**: fixed (verified by the system).', 'type' => 'string', 'required' => false, 'example' => 'toBeConfirmed', 'title' => ''], + 'description' => 'The list of risk states for which to collect statistics.'."\n" + ."\n" + .'> By default, statistics are collected for risks in the **toBeConfirmed**, **toBeFixed**, **toBeVerified**, and **notFixed** states.', 'required' => false, - 'example' => 'rg-aekzhks66****', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response object.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B1****', - ], - 'ThreatEventDetail' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'IsPersistent' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'EventLevel' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'high', - ], - 'EventBlock' => [ - 'description' => '', - 'type' => 'string', - 'example' => '20', - ], - 'EventCnt' => [ - 'description' => '', - 'type' => 'string', - 'example' => '20', - ], - 'EndTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1749916800000', - ], - 'EventIntelligence' => [ - 'description' => '', - 'type' => 'string', - 'example' => '["CVE-2020-14882","DDoS Attack"]', - ], - 'EventSrcRegion' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'GB-ENG', - ], - 'EventSrc' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'XX.XX.XX.XX', - ], - 'EventSuggest' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'FixBug', - ], - 'EventCondition' => [ - 'description' => '', - 'type' => 'string', - 'example' => '{"end_ts": 1766637714, "start_ts": 1764096746, "condition": {"real_client_ip": ["78.153.140.179", "78.153.140.203", "78.153.140.177", "78.153.140.178", "78.153.140.151"]}}', - ], - 'EventTag' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'MultipleDomainWebattack', - ], - 'EventSrcCountry' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'GB', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '3E1CB966-1407-5988-9432-7***D784', 'title' => ''], + 'Abnormal' => [ + 'description' => 'The risk types detected by API security and the number of risks for each type.', + 'type' => 'array', + 'items' => [ + 'description' => 'An object that contains the details of a risk type, including the risk code, category, and count.', + 'type' => 'object', + 'properties' => [ + 'AbnormalCode' => ['description' => 'The code that identifies the specific risk, such as `Risk_InternalWeakPasswd`.', 'type' => 'string', 'example' => 'Risk_InternalWeakPasswd', 'title' => ''], + 'AbnormalParentType' => ['description' => 'The parent category of the risk, such as `RiskType_Account`.', 'type' => 'string', 'example' => 'RiskType_Account', 'title' => ''], + 'AbnormalType' => ['description' => 'The type of the risk detected by API security.'."\n" + ."\n" + .'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported risk types.', 'type' => 'string', 'example' => 'Risk_InternalWeakPasswd', 'title' => ''], + 'AbnormalCount' => ['description' => 'The total number of risks detected for this risk type.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B1****\\",\\n \\"ThreatEventDetail\\": {\\n \\"IsPersistent\\": 1,\\n \\"EventLevel\\": \\"high\\",\\n \\"EventBlock\\": \\"20\\",\\n \\"EventCnt\\": \\"20\\",\\n \\"EndTime\\": 1749916800000,\\n \\"EventIntelligence\\": \\"[\\\\\\"CVE-2020-14882\\\\\\",\\\\\\"DDoS Attack\\\\\\"]\\",\\n \\"EventSrcRegion\\": \\"GB-ENG\\",\\n \\"EventSrc\\": \\"XX.XX.XX.XX\\",\\n \\"EventSuggest\\": \\"FixBug\\",\\n \\"EventCondition\\": \\"{\\\\\\"end_ts\\\\\\": 1766637714, \\\\\\"start_ts\\\\\\": 1764096746, \\\\\\"condition\\\\\\": {\\\\\\"real_client_ip\\\\\\": [\\\\\\"78.153.140.179\\\\\\", \\\\\\"78.153.140.203\\\\\\", \\\\\\"78.153.140.177\\\\\\", \\\\\\"78.153.140.178\\\\\\", \\\\\\"78.153.140.151\\\\\\"]}}\\",\\n \\"EventTag\\": \\"MultipleDomainWebattack\\",\\n \\"EventSrcCountry\\": \\"GB\\"\\n }\\n}","type":"json"}]', - ], - 'DescribeThreatEvent' => [ - 'summary' => '查看攻击事件列表', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeUserAbnormalType', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserAbnormalType', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3E1CB966-1407-5988-9432-7***D784\\",\\n \\"Abnormal\\": [\\n {\\n \\"AbnormalCode\\": \\"Risk_InternalWeakPasswd\\",\\n \\"AbnormalParentType\\": \\"RiskType_Account\\",\\n \\"AbnormalType\\": \\"Risk_InternalWeakPasswd\\",\\n \\"AbnormalCount\\": 10\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeUserApiRequest' => [ + 'summary' => 'Queries traffic statistics for an API operation.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -32242,181 +26191,173 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '111428', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '155227', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ - 'name' => 'DomainName', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'www.abc.com', - 'default' => '', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zxu38***', 'title' => ''], ], [ - 'name' => 'StartTime', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1668496310000', - ], + 'schema' => ['description' => 'The domain name or IP address of the API operation.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'This parameter is deprecated. Use the ApiId parameter instead.'."\n" + ."\n" + .'></notice>', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'c.***.com', 'title' => ''], ], [ - 'name' => 'EndTime', + 'name' => 'ApiFormat', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1749916800000', - ], + 'schema' => ['description' => 'The API operation.'."\n" + ."\n" + .'><notice>'."\n" + ."\n" + .'This parameter is deprecated. Use the ApiId parameter instead.'."\n" + ."\n" + .'></notice>', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => '/api/v1/know', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'Type', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The type of statistics. Valid values:'."\n" + ."\n" + .'- **api\\_ip**: total traffic.'."\n" + ."\n" + .'- **api\\_cross\\_border\\_ip**: cross-border traffic.'."\n" + ."\n" + .'- **api\\_bot\\_ip**: bot traffic.'."\n" + ."\n" + .'- **remote\\_region**: geographic location statistics.'."\n" + ."\n" + .'- **client\\_id**: client type statistics.'."\n" + ."\n" + .'- **http\\_referer**: Referer statistics.'."\n" + ."\n" + .'- **api\\_cnt**: total number of calls.'."\n" + ."\n" + .'- **bot\\_cnt**: number of bot requests.'."\n" + ."\n" + .'- **cross\\_border\\_cnt**: number of cross-border requests.'."\n" + ."\n" + .'- **api\\_freq**: call frequency.', 'type' => 'string', 'default' => 'api_ip', 'required' => false, 'example' => 'api_ip', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - 'default' => '5', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'ApiId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-2bl4****', - ], + 'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'required' => true, 'example' => '3799f0695c0d687f3295d132fe49bc14', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aeky65ka*****', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '98106632-6865-5600-A834-3D909***', - ], - 'ThreatEvents' => [ - 'description' => '', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D13E4540-4432-5AD7-B216-6369512514F4', 'title' => ''], + 'Requests' => [ + 'description' => 'The list of statistics.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'The statistics information.', 'type' => 'object', 'properties' => [ - 'EventLevel' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'high', - ], - 'EndTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1768406400000', - ], - 'EventSrc' => [ - 'description' => '', - 'type' => 'string', - 'example' => '3.3.3.3', - ], - 'EventId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'f439994c8ab39f84eced33490f0c4388', - ], - 'BlockRate' => [ - 'description' => '', - 'type' => 'string', - 'example' => '100%', - ], - 'EventTag' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'Event_InternalLoginWeakPasswd', - ], - 'EventTarget' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test.aliyundemo.com-waf', - ], - ], + 'Value' => ['description' => 'The statistics information. This includes:'."\n" + ."\n" + .'- **client\\_list**: the client tool.'."\n" + ."\n" + .'- **ip**: the IP address information.'."\n" + ."\n" + .'- **region\\_id**: the region.'."\n" + ."\n" + .'- **country\\_id**: the country.', 'type' => 'string', 'example' => '{'."\n" + .' "client_list": ['."\n" + .' "Unknown"'."\n" + .' ],'."\n" + .' "ip": "47.92.113.***",'."\n" + .' "region_id": "110000",'."\n" + .' "country_id": "CN"'."\n" + .'}', 'title' => ''], + 'Count' => ['description' => 'The number of statistics.', 'type' => 'integer', 'format' => 'int64', 'example' => '76', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"98106632-6865-5600-A834-3D909***\\",\\n \\"ThreatEvents\\": [\\n {\\n \\"EventLevel\\": \\"high\\",\\n \\"EndTime\\": 1768406400000,\\n \\"EventSrc\\": \\"3.3.3.3\\",\\n \\"EventId\\": \\"f439994c8ab39f84eced33490f0c4388\\",\\n \\"BlockRate\\": \\"100%\\",\\n \\"EventTag\\": \\"Event_InternalLoginWeakPasswd\\",\\n \\"EventTarget\\": \\"test.aliyundemo.com-waf\\"\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeThreatEventTopMetric' => [ - 'summary' => '查询安全事件Top攻击统计数据', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'DescribeUserApiRequest', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserApiRequest'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserApiRequest', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D13E4540-4432-5AD7-B216-6369512514F4\\",\\n \\"Requests\\": [\\n {\\n \\"Value\\": \\"{\\\\n \\\\\\"client_list\\\\\\": [\\\\n \\\\\\"Unknown\\\\\\"\\\\n ],\\\\n \\\\\\"ip\\\\\\": \\\\\\"47.92.113.***\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"110000\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"CN\\\\\\"\\\\n}\\",\\n \\"Count\\": 76\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'DescribeUserAsset' => [ + 'summary' => 'Queries API security user asset statistics.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -32427,137 +26368,118 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '114535', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], - 'tenantRelevance' => 'tenant', + 'abilityTreeCode' => '155224', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ - 'name' => 'Metric', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'enumValueTitles' => [ - 'src' => 'src', - 'time' => 'time', - 'type' => 'type', - 'tools' => 'tools', - 'target' => 'target', - ], - 'example' => 'time', - 'enum' => [ - 'time', - 'src', - 'target', - 'type', - 'tools', - ], - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-uax37ijm***', 'title' => ''], ], [ - 'name' => 'EventId', + 'name' => 'DataType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => '0b7ab137a065aab7656986***11db', - 'default' => '', - ], + 'schema' => ['description' => 'The type of statistics. Valid values:'."\n" + .'- **asset_num**: total number of API assets.'."\n" + .'- **asset_active**: number of active APIs.'."\n" + .'- **asset_newborn**: number of APIs added today.'."\n" + .'- **asset_offline**: number of inactive APIs.'."\n" + .'- **asset_bot**: number of APIs with bot requests.'."\n" + .'- **asset_cross_border**: number of APIs with cross-border data transfer.'."\n" + .'- **sensitive_api**: number of APIs with sensitive data in responses.'."\n" + .'- **sensitive_domain**: number of sites with sensitive data in responses.', 'type' => 'string', 'required' => true, 'example' => 'asset_num', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'Days', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['title' => '', 'description' => 'The query time in UNIX timestamp format (UTC). Unit: seconds.'."\n" + .'><notice>This parameter is deprecated.></notice>', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => '1723435200'], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'TopMetrics' => [ - 'description' => '', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''], + 'Assets' => [ + 'description' => 'The list of asset statistics.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'The asset statistics information.', 'type' => 'object', 'properties' => [ - 'Cnt' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '20', - ], - 'Value' => [ - 'description' => '', - 'type' => 'string', - 'example' => '115.28.209.212', - ], - 'Country' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'CN', - ], - 'Region' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], + 'AssetNum' => ['description' => 'The number of statistics.', 'type' => 'integer', 'format' => 'int64', 'example' => '134', 'title' => ''], + 'TimeStamp' => ['description' => 'The time of the statistics in UNIX timestamp format (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723435200', 'title' => ''], ], + 'title' => '', + 'example' => '', ], - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '12EF3845-CCEB-4B84-AE60-2B49B*****EE5', + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TopMetrics\\": [\\n {\\n \\"Cnt\\": 20,\\n \\"Value\\": \\"115.28.209.212\\",\\n \\"Country\\": \\"CN\\",\\n \\"Region\\": \\"cn-hangzhou\\"\\n }\\n ],\\n \\"RequestId\\": \\"12EF3845-CCEB-4B84-AE60-2B49B*****EE5\\"\\n}","type":"json"}]', - ], - 'DescribeAlarmList' => [ - 'summary' => '查询实例信息', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query API security user asset statistics', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserAsset', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Assets\\": [\\n {\\n \\"AssetNum\\": 134,\\n \\"TimeStamp\\": 1723435200\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeUserEventTrend' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -32568,120 +26490,119 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', - ], + 'abilityTreeCode' => '155226', + 'abilityTreeNodes' => ['FEATUREwafDX9EQ6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-pe33e****', - ], + 'schema' => ['title' => '', 'description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz2797x***'], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The ID of the hybrid cloud cluster.'."\n" + .'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'example' => '428', 'required' => false], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['title' => '', 'description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aekzwwk****cv5i', 'required' => false], + ], + [ + 'name' => 'EventScope', + 'in' => 'query', 'schema' => [ - 'description' => '', + 'title' => '', + 'description' => 'The dimension of security events. Valid values:'."\n" + .'- **ip** (default): IP security events.'."\n" + .'- **account**: account security events.', 'type' => 'string', + 'example' => 'ip', + 'default' => 'ip', + 'enum' => ['ip', 'account'], 'required' => false, - 'example' => 'rg-aek2ipnu***', ], ], ], 'responses' => [ 200 => [ - 'headers' => [], 'schema' => [ + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '8D8EBFB7-E1EB-5236-952A-092EDC72***', - ], - 'Alarms' => [ - 'description' => '', + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'F51E6DD6-B2D2-57C9-90F1-FAFD0A19DE00'], + 'Trend' => [ + 'title' => '', + 'description' => 'The attack trend list.', 'type' => 'array', 'items' => [ - 'description' => '', + 'title' => '', + 'description' => 'The attack details.', 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Type' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'qps', - ], - 'MaxQps' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '12000', - ], - 'EndTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1605600798', - ], - 'Cause' => [ - 'description' => '', - 'type' => 'string', - 'example' => '4count', - ], - 'StartTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1605600767', - ], - 'Spec' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10000', - ], - ], + 'EventHigh' => ['title' => '', 'description' => 'The number of high-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '9'], + 'EventLow' => ['title' => '', 'description' => 'The number of low-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '23'], + 'EventMedium' => ['title' => '', 'description' => 'The number of medium-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '17'], + 'Timestamp' => ['title' => '', 'description' => 'The statistics time, in UNIX timestamp format (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723435200'], + 'TimeStamp' => ['title' => '', 'description' => 'The statistics time, in UNIX timestamp format (UTC). Unit: seconds.'."\n" + .'><notice>This parameter is deprecated. Use the Timestamp parameter instead.></notice>', 'type' => 'integer', 'format' => 'int64', 'deprecated' => true, 'example' => '1723435200'], + ], + 'example' => '', ], + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8D8EBFB7-E1EB-5236-952A-092EDC72***\\",\\n \\"Alarms\\": [\\n {\\n \\"Status\\": 1,\\n \\"Type\\": \\"qps\\",\\n \\"MaxQps\\": 12000,\\n \\"EndTime\\": 1605600798,\\n \\"Cause\\": \\"4count\\",\\n \\"StartTime\\": 1605600767,\\n \\"Spec\\": 10000\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeAlarmBanner' => [ - 'summary' => '查询实例信息', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query API security attack trend', + 'summary' => 'Queries the trend of API security attacks.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserEventTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F51E6DD6-B2D2-57C9-90F1-FAFD0A19DE00\\",\\n \\"Trend\\": [\\n {\\n \\"EventHigh\\": 9,\\n \\"EventLow\\": 23,\\n \\"EventMedium\\": 17,\\n \\"Timestamp\\": 1723435200,\\n \\"TimeStamp\\": 1723435200\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeUserEventType' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -32692,96 +26613,157 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafVPSU1I', - ], + 'abilityTreeCode' => '156221', + 'abilityTreeNodes' => ['FEATUREwafDX9EQ6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-kf74****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-5y***h0t', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter applies only to hybrid cloud scenarios. Call [DescribeHybridCloudClusters](~~2849376~~) to obtain information about hybrid cloud clusters.', 'type' => 'string', 'example' => '976', 'title' => '', 'required' => false], + ], + [ + 'name' => 'StartTime', + 'in' => 'query', + 'schema' => ['description' => 'The start time of the query. The value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723435200', 'title' => '', 'required' => false], + ], + [ + 'name' => 'EndTime', + 'in' => 'query', + 'schema' => ['description' => 'The end time of the query. The value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1726113600', 'title' => '', 'required' => false], ], [ 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aek***ktt3y', 'title' => '', 'required' => false], + ], + [ + 'name' => 'UserStatusList', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => '', - 'type' => 'string', + 'type' => 'array', + 'items' => ['description' => 'The status of the security event. Valid values:'."\n" + ."\n" + .'- **toBeConfirmed**: to be confirmed.'."\n" + ."\n" + .'- **confirmed**: confirmed.'."\n" + ."\n" + .'- **actioned**: handled.'."\n" + ."\n" + .'- **ignored**: ignored.', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => '', 'required' => false], + 'description' => 'A list of security event statuses.'."\n" + ."\n" + .'> By default, statistics are collected for security events in the **toBeConfirmed**, **confirmed**, and **actioned** states.', 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'EventScope', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The dimension of the security event. Valid values:'."\n" + ."\n" + .'- **ip** (default): IP security events.'."\n" + ."\n" + .'- **account**: account security events.', 'type' => 'string', + 'example' => 'ip', + 'default' => 'ip', + 'enum' => ['ip', 'account'], + 'title' => '', 'required' => false, - 'example' => 'rg-aek2zerdgm****', ], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response to the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '5555DC36-0CF2-5AA3-B1C7-D6BD8****', - ], - 'BannerStatus' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Status' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'Type' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'sandbox', - ], - 'Cause' => [ - 'description' => '', - 'type' => 'string', - 'example' => '4count', - ], - 'Count' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '9008', + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '177BA739-6512-5470-98C6-E***0BAA3D', 'title' => ''], + 'Event' => [ + 'description' => 'A list of security event types and their statistics.', + 'type' => 'array', + 'items' => [ + 'description' => 'The type and statistics of the event.', + 'type' => 'object', + 'properties' => [ + 'EventCount' => ['description' => 'The number of events.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''], + 'EventType' => ['description' => 'The type of the event.'."\n" + ."\n" + .'> Call [DescribeApisecRules](~~2859155~~) to obtain the supported event types.', 'type' => 'string', 'example' => 'Event_LoginCollision', 'title' => ''], + 'EventParentType' => ['description' => 'The parent type of the event.', 'type' => 'string', 'example' => 'EventType_Account', 'title' => ''], + 'EventCode' => ['description' => 'The event code.', 'type' => 'string', 'example' => 'Event_LoginCollision', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5555DC36-0CF2-5AA3-B1C7-D6BD8****\\",\\n \\"BannerStatus\\": {\\n \\"Status\\": true,\\n \\"Type\\": \\"sandbox\\",\\n \\"Cause\\": \\"4count\\",\\n \\"Count\\": 9008\\n }\\n}","type":"json"}]', - ], - 'DescribeUserLogFieldConfig' => [ - 'summary' => '查询用户日志配置', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'DescribeUserEventType', + 'summary' => 'Queries the types and statistics of user security events.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserEventType'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserEventType', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"177BA739-6512-5470-98C6-E***0BAA3D\\",\\n \\"Event\\": [\\n {\\n \\"EventCount\\": 0,\\n \\"EventType\\": \\"Event_LoginCollision\\",\\n \\"EventParentType\\": \\"EventType_Account\\",\\n \\"EventCode\\": \\"Event_LoginCollision\\"\\n }\\n ]\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + ], + 'DescribeUserLogFieldConfig' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -32793,9 +26775,7 @@ 'riskType' => 'none', 'chargeType' => 'free', 'abilityTreeCode' => '111385', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], 'autoTest' => true, 'tenantRelevance' => 'tenant', ], @@ -32803,44 +26783,30 @@ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-0*****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-0*****', 'title' => ''], ], [ 'name' => 'DeliveryType', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'sls', - 'default' => 'sls', - ], + 'schema' => ['description' => 'The log delivery type. Valid values:'."\n" + ."\n" + .'- **sls**: Simple Log Service.', 'type' => 'string', 'default' => 'sls', 'required' => false, 'example' => 'sls', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek24******', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek24******', 'title' => ''], ], ], 'responses' => [ @@ -32848,154 +26814,96 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'AddList' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'acl_action,acl_rule_id', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '653778B4-4D47-5223-855B-4E******', - ], - 'LogDeliveryStrategy' => [ - 'description' => '', - 'type' => 'string', - 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', - ], - 'ExtendConfig' => [ - 'description' => '', - 'type' => 'string', - 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}', - ], - 'ConfigStatus' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'success_finished', - ], - 'DelList' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'waf_rule_id,waf_rule_type', - ], - 'FieldList' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'account,acl_action,acl_rule_id,acl_rule_type', - ], - 'DeliveryType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'sls', - ], + 'AddList' => ['description' => 'The additional log fields that are added to the default configuration. Multiple fields are separated by commas (,) in the `a,b,c,...` format.', 'type' => 'string', 'example' => 'acl_action,acl_rule_id', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '653778B4-4D47-5223-855B-4E******', 'title' => ''], + 'LogDeliveryStrategy' => ['description' => 'The log delivery policies. Multiple policies are supported. The value is a JSON-formatted string that contains an array of policy objects.'."\n" + ."\n" + .'> For more information, see the **LogDeliveryStrategy** parameter description in [ModifyUserLogFieldConfig](~~ModifyUserLogFieldConfig~~).', 'type' => 'string', 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', 'title' => ''], + 'ExtendConfig' => ['description' => 'The extended configuration for log delivery. The value is a JSON-formatted string that contains configuration key-value pairs, such as custom request headers.'."\n" + ."\n" + .'> For more information, see the **ExtendConfig** parameter description in [ModifyUserLogFieldConfig](~~ModifyUserLogFieldConfig~~).', 'type' => 'string', 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}', 'title' => ''], + 'ConfigStatus' => ['description' => 'The status of the log field configuration. Valid values:'."\n" + ."\n" + .'- **initial**: The log field configuration is being initialized.'."\n" + ."\n" + .'- **updating**: The log field configuration is being updated.'."\n" + ."\n" + .'- **failed\\_finished**: The log field configuration update failed.'."\n" + ."\n" + .'- **success\\_finished**: The log field configuration update succeeded.', 'type' => 'string', 'example' => 'success_finished', 'title' => ''], + 'DelList' => ['description' => 'The default log fields that are excluded from the log delivery configuration. Multiple fields are separated by commas (,) in the `a,b,c,...` format.', 'type' => 'string', 'example' => 'waf_rule_id,waf_rule_type', 'title' => ''], + 'FieldList' => ['description' => 'The complete list of log fields that are delivered. Multiple fields are separated by commas (,) in the `a,b,c,...` format.', 'type' => 'string', 'example' => 'account,acl_action,acl_rule_id,acl_rule_type', 'title' => ''], + 'DeliveryType' => ['description' => 'The log delivery type. Valid values:'."\n" + ."\n" + .'- **sls**: Simple Log Service.', 'type' => 'string', 'example' => 'sls', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AddList\\": \\"acl_action,acl_rule_id\\",\\n \\"RequestId\\": \\"653778B4-4D47-5223-855B-4E******\\",\\n \\"LogType\\": 0,\\n \\"LogDeliveryStrategy\\": \\"[{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"blockLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"normalRequestLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"checkLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100}]\\",\\n \\"ExtendConfig\\": \\"{\\\\\\\\\\\\\\"request_header\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"Ali-Cdn-Real-Ip\\\\\\\\\\\\\\"}\\",\\n \\"ConfigStatus\\": \\"success_finished\\",\\n \\"DelList\\": \\"waf_rule_id,waf_rule_type\\",\\n \\"FieldList\\": \\"account,acl_action,acl_rule_id,acl_rule_type\\",\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]', - ], - 'ModifyUserLogFieldConfig' => [ - 'summary' => ' 修改用户日志服务的默认字段配置', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'DescribeUserLogFieldConfig', + 'summary' => 'Queries the log field configuration of a Web Application Firewall (WAF) instance, including additional fields, removed fields, delivery strategies, and extended settings.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AddList\\": \\"acl_action,acl_rule_id\\",\\n \\"RequestId\\": \\"653778B4-4D47-5223-855B-4E******\\",\\n \\"LogDeliveryStrategy\\": \\"[{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"blockLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"normalRequestLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"checkLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100}]\\",\\n \\"ExtendConfig\\": \\"{\\\\\\\\\\\\\\"request_header\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"Ali-Cdn-Real-Ip\\\\\\\\\\\\\\"}\\",\\n \\"ConfigStatus\\": \\"success_finished\\",\\n \\"DelList\\": \\"waf_rule_id,waf_rule_type\\",\\n \\"FieldList\\": \\"account,acl_action,acl_rule_id,acl_rule_type\\",\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]', + ], + 'DescribeUserSlsLogRegions' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '111386', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], - 'autoTest' => true, - 'tenantRelevance' => 'tenant', + 'abilityTreeCode' => '201946', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-fou****', - ], - ], - [ - 'name' => 'FieldList', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids', - ], - ], - [ - 'name' => 'ExtendConfig', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '{\\"request_header\\":\\"App-Id,channelCode\\"}', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm2z****0a', 'title' => ''], ], [ - 'name' => 'DeliveryType', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'sls', - 'default' => 'sls', - ], - ], - [ - 'name' => 'LogDeliveryStrategy', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -33003,30 +26911,83 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'E2D63742-9BAA-*****', - ], + 'LogRegions' => [ + 'description' => 'The list of log storage region IDs.', + 'type' => 'array', + 'items' => ['description' => 'The log storage region ID. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: China (Hangzhou).'."\n" + .'- **cn-beijing**: China (Beijing).'."\n" + .'- **cn-hongkong**: China (Hong Kong).'."\n" + .'- **ap-southeast-1**: Singapore.'."\n" + .'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" + .'- **ap-southeast-5**: Indonesia (Jakarta).'."\n" + .'- **ap-southeast-6**: Philippines (Manila).'."\n" + .'- **ap-southeast-7**: Thailand (Bangkok).'."\n" + .'- **me-east-1**: UAE (Dubai).'."\n" + .'- **eu-central-1**: Germany (Frankfurt).'."\n" + .'- **us-east-1**: US (Virginia).'."\n" + .'- **us-west-1**: US (Silicon Valley).'."\n" + .'- **ap-northeast-1**: Japan (Tokyo).'."\n" + .'- **ap-northeast-2**: South Korea (Seoul).'."\n" + .'- **ap-south-1**: India (Mumbai), deactivated.'."\n" + .'- **eu-west-1**: UK (London).'."\n" + .'- **cn-hangzhou-finance**: China East 1 Hangzhou Finance Cloud.'."\n" + .'- **cn-shanghai-finance-1**: China East 2 Shanghai Finance Cloud.'."\n" + .'- **cn-shenzhen-finance**: China South 1 Shenzhen Finance Cloud.'."\n" + ."\n\n" + ."\n\n" + .'> Finance Cloud regions are available only to Finance Cloud users, and Finance Cloud users can obtain only these regions.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E2D63742-9BAA-*****\\"\\n}","type":"json"}]', - ], - 'DescribeCommonLogFields' => [ - 'summary' => '查询日志服务支持的所有字段', - 'methods' => [ - 'post', - 'get', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Query available log storage regions', + 'summary' => 'Queries the log storage regions available to the user.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T11:54:57.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserSlsLogRegions'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserSlsLogRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"LogRegions\\": [\\n \\"cn-hangzhou\\"\\n ],\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\"\\n}","type":"json"}]', + ], + 'DescribeUserTraffic' => [ + 'summary' => 'Queries the real-time traffic of a user by traffic type.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -33034,210 +26995,156 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '111390', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '119795', + 'abilityTreeNodes' => ['FEATUREwafW12QEG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-l*****', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***'."\n", 'title' => ''], ], [ - 'name' => 'IsRequired', + 'name' => 'StartTimestamp', 'in' => 'query', - 'allowEmptyValue' => true, - 'schema' => [ - 'description' => '', - 'type' => 'boolean', - 'required' => false, - 'example' => 'false', - ], + 'schema' => ['description' => 'The beginning of the time range to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1665331200', 'title' => ''], ], [ - 'name' => 'IsDefault', + 'name' => 'EndTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], + 'schema' => ['description' => 'The end of the time range to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1665386280', 'title' => ''], ], [ - 'name' => 'LogKeyList', + 'name' => 'Type', 'in' => 'query', - 'style' => 'json', - 'schema' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'final_action', - ], - 'required' => false, - ], + 'schema' => ['description' => 'The type of real-time user traffic. Valid values:'."\n" + .'- bot: the number of bot management requests.'."\n" + .'- risk: the number of times risk identification is triggered.'."\n" + .'- custom_acl_captcha: the number of times the slider action of custom rules is triggered.'."\n" + .'- qps: the peak QPS.'."\n" + .'- apisec: the number of API security requests.'."\n" + .'- alb: the number of requests connected through ALB.'."\n" + .'- mse: the number of requests connected through MSE.'."\n" + .'- fc: the number of requests connected through Function Compute.'."\n" + .'- sae: the number of requests connected through Serverless App Engine.'."\n" + .'- apig: the number of requests connected through Cloud Native API Gateway.'."\n" + .'- nlb: the number of requests connected through NLB.', 'type' => 'string', 'required' => false, 'example' => 'qps', 'title' => ''], + ], + [ + 'name' => 'Interval', + 'in' => 'query', + 'schema' => ['description' => 'The time interval. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '3600', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek2sxgs*****', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-ae*******i', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '6', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'AB0775EB-2594-598A-97E1-51B1*******', - ], - 'LogFieldList' => [ - 'description' => '', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'EC10C9EA-A367-52D5-***-***'."\n", 'title' => ''], + 'UserTraffic' => [ + 'description' => 'The list of user traffic data.', 'type' => 'array', 'items' => [ - 'description' => '', + 'description' => 'The user traffic data.', 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => '1', - ], - 'IsDefault' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'IsRequired' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'LogKey' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'final_action', - ], + 'Pv' => ['description' => 'The usage.', 'type' => 'integer', 'format' => 'int64', 'example' => '1024', 'title' => ''], + 'Index' => ['description' => 'The sequence number sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''], ], + 'title' => '', + 'example' => '', ], + 'title' => '', + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 6,\\n \\"RequestId\\": \\"AB0775EB-2594-598A-97E1-51B1*******\\",\\n \\"LogFieldList\\": [\\n {\\n \\"Status\\": true,\\n \\"IsDefault\\": true,\\n \\"Description\\": \\"waf action\\",\\n \\"IsRequired\\": true,\\n \\"LogKey\\": \\"final_action\\"\\n }\\n ]\\n}","type":"json"}]', - ], - 'ModifyUserWafLogStatus' => [ - 'summary' => '开通或关闭WAF日志服务', - 'methods' => [ - 'post', + 'title' => 'Query user traffic', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserTraffic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"EC10C9EA-A367-52D5-***-***\\\\n\\",\\n \\"UserTraffic\\": [\\n {\\n \\"Pv\\": 1024,\\n \\"Index\\": 10\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeUserWafLogStatus' => [ + 'summary' => 'Queries the status, region ID, and status modification time of Web Application Firewall (WAF) logs.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'get', 'riskType' => 'none', - 'chargeType' => 'paid', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'chargeType' => 'free', + 'abilityTreeCode' => '201942', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-mp9153****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy34****0j', 'title' => ''], ], [ - 'name' => 'LogStatus', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: indicates the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'LogRegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-beijing', - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -33245,37 +27152,93 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-****-A47C-6B19160*****', - ], - 'LogStoreName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'wafng-logstore', - ], - 'ProjectName' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'wafng-project-14316572********-cn-hangzhou', - ], + 'RequestId' => ['description' => 'The request ID, which is used to locate and troubleshoot issues.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], + 'LogStatus' => ['description' => 'The status of WAF logs.'."\n" + ."\n" + .'- **initializing**: The logs are being initialized.'."\n" + ."\n" + .'- **initialize\\_failed**: The initialization failed.'."\n" + ."\n" + .'- **normal**: The logs are running properly.'."\n" + ."\n" + .'- **releasing**: The logs are being released.'."\n" + ."\n" + .'- **release\\_failed**: The release failed.', 'type' => 'string', 'example' => 'normal', 'title' => ''], + 'LogRegionId' => ['description' => 'The ID of the region where logs are stored. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: indicates China East 1 (Hangzhou).'."\n" + ."\n" + .'- **cn-beijing**: indicates China North 2 (Beijing).'."\n" + ."\n" + .'- **cn-hongkong**: indicates China (Hong Kong).'."\n" + ."\n" + .'- **ap-southeast-1**: indicates Singapore.'."\n" + ."\n" + .'- **ap-southeast-3**: indicates Malaysia (Kuala Lumpur).'."\n" + ."\n" + .'- **ap-southeast-5**: indicates Indonesia (Jakarta).'."\n" + ."\n" + .'- **ap-southeast-6**: indicates Philippines (Manila).'."\n" + ."\n" + .'- **ap-southeast-7**: indicates Thailand (Bangkok).'."\n" + ."\n" + .'- **me-east-1**: indicates UAE (Dubai).'."\n" + ."\n" + .'- **eu-central-1**: indicates Germany (Frankfurt).'."\n" + ."\n" + .'- **us-east-1**: indicates US (Virginia).'."\n" + ."\n" + .'- **us-west-1**: indicates US (Silicon Valley).'."\n" + ."\n" + .'- **ap-northeast-1**: indicates Japan (Tokyo).'."\n" + ."\n" + .'- **ap-northeast-2**: indicates South Korea (Seoul).'."\n" + ."\n" + .'- **eu-west-1**: indicates UK (London).'."\n" + ."\n" + .'- **cn-hangzhou-finance**: indicates China East 1 Hangzhou Finance Cloud.'."\n" + ."\n" + .'- **cn-shanghai-finance-1**: indicates China East 2 Shanghai Finance Cloud.'."\n" + ."\n" + .'- **cn-shenzhen-finance**: indicates China South 1 Shenzhen Finance Cloud.'."\n" + ."\n" + .'> The Finance Cloud regions are available only to Finance Cloud users, and Finance Cloud users can obtain only these regions.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''], + 'StatusUpdateTime' => ['description' => 'The time when the log status was modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1706771796859', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-****-A47C-6B19160*****\\",\\n \\"ProjectName\\": true,\\n \\"LogStoreName\\": \\"wafng-logstore\\"\\n}","type":"json"}]', - ], - 'DescribeUserWafLogStatus' => [ - 'summary' => 'Queries the status, region ID, and status modification time of Web Application Firewall (WAF) logs.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeUserWafLogStatus', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserWafLogStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserWafLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"LogStatus\\": \\"normal\\",\\n \\"LogRegionId\\": \\"cn-hangzhou\\",\\n \\"StatusUpdateTime\\": 1706771796859\\n}","type":"json"}]', + ], + 'DescribeVerifyContent' => [ + 'summary' => 'Queries the domain ownership verification content of a Web Application Firewall (WAF) instance.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -33286,47 +27249,34 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '201942', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '178150', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-nwy34****0j', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'DomainName', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The domain name that you want to query for ownership verification content.', 'type' => 'string', 'required' => true, 'example' => 'example.com', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'AccessOrigin', 'in' => 'query', - 'schema' => [ - 'description' => '阿里云资源组ID。', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The source of the domain name. Valid values:'."\n" + ."\n" + .'- **share**: The domain name is added to WAF in CNAME record mode.'."\n" + ."\n" + .'- **asset**: The domain name is added to WAF as a custom asset.'."\n" + ."\n" + .'- **hybrid\\_cloud\\_cname**: The domain name is added to WAF in hybrid cloud CNAME record mode.'."\n" + ."\n" + .'- **tgw**: The domain name is added to WAF in cloud native mode.', 'type' => 'string', 'required' => true, 'example' => 'share', 'title' => ''], ], ], 'responses' => [ @@ -33334,72 +27284,65 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D****', - ], - 'LogStatus' => [ - 'description' => 'The status of WAF logs.'."\n" - ."\n" - .'* **initializing**'."\n" - .'* **initialize_failed**'."\n" - .'* **normal**'."\n" - .'* **releasing**'."\n" - .'* **release_failed**'."\n", - 'type' => 'string', - 'example' => 'normal', - ], - 'LogRegionId' => [ - 'description' => 'The ID of the region where WAF logs are stored. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: China (Hangzhou).'."\n" - .'* **cn-beijing**: China (Beijing).'."\n" - .'* **cn-hongkong**: China (Hong Kong).'."\n" - .'* **ap-southeast-1**: Singapore.'."\n" - .'* **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" - .'* **ap-southeast-5**: Indonesia (Jakarta).'."\n" - .'* **ap-southeast-6**: Philippines (Manila).'."\n" - .'* **ap-southeast-7**: Thailand (Bangkok).'."\n" - .'* **me-east-1**: UAE (Dubai).'."\n" - .'* **eu-central-1**: Germany (Frankfurt).'."\n" - .'* **us-east-1**: US (Virginia).'."\n" - .'* **us-west-1**: US (Silicon Valley).'."\n" - .'* **ap-northeast-1**: Japan (Tokyo).'."\n" - .'* **ap-northeast-2**: South Korea (Seoul).'."\n" - .'* **eu-west-1**: UK (London).'."\n" - .'* **cn-hangzhou-finance**: China East 1 Finance.'."\n" - .'* **cn-shanghai-finance-1**: China East 2 Finance.'."\n" - .'* **cn-shenzhen-finance**: China South 1 Finance.'."\n" - ."\n" - .'> The China East 1 Finance, China East 2 Finance, and China South 1 Finance regions are available only for Alibaba Finance Cloud users. Alibaba Finance Cloud users are also limited to storing logs within these specific regions.', - 'type' => 'string', - 'example' => 'cn-hangzhou', + 'DnsContent' => [ + 'type' => 'object', + 'properties' => [ + 'RR' => ['description' => 'The host record of the DNS TXT record used for domain ownership verification.', 'type' => 'string', 'example' => 'verification', 'title' => ''], + 'Type' => ['description' => 'The type of the DNS record used for verification.', 'type' => 'string', 'example' => 'TXT', 'title' => ''], + 'Value' => ['description' => 'The value of the DNS TXT record used for verification.', 'type' => 'string', 'example' => 'verify_0a246ca99d504ba087472d***', 'title' => ''], + ], + 'description' => 'The DNS-based verification content, including the TXT record details.', + 'title' => '', + 'example' => '', ], - 'StatusUpdateTime' => [ - 'description' => 'The time when the log status was modified. Unit: milliseconds.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1706771796859', + 'FileContent' => [ + 'type' => 'object', + 'properties' => [ + 'TopDomain' => ['description' => 'The root domain of the domain name to be verified.', 'type' => 'string', 'example' => 'aliyundemo.com', 'title' => ''], + 'VerifyPath' => ['description' => 'The URL that is used to access the verification file.', 'type' => 'string', 'example' => 'http://xxx.xxx.com//xxx.html', 'title' => ''], + 'FileName' => ['description' => 'The name of the verification file.', 'type' => 'string', 'example' => 'xxx.html', 'title' => ''], + 'Value' => ['description' => 'The content of the verification file.', 'type' => 'string', 'example' => 'verify_0a246ca99d504ba08***', 'title' => ''], + 'DownloadUrl' => ['description' => 'The download URL of the verification file.', 'type' => 'string', 'example' => 'http://oss.xxx.com//xxx.html', 'title' => ''], + ], + 'description' => 'The file-based verification content, including the file name, path, and download URL.', + 'title' => '', + 'example' => '', ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''], + 'VerifyResult' => ['description' => 'Indicates whether the domain ownership verification is successful.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], ], - 'description' => '', + 'description' => 'The response parameters.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"LogStatus\\": \\"normal\\",\\n \\"LogRegionId\\": \\"cn-hangzhou\\",\\n \\"StatusUpdateTime\\": 1706771796859\\n}","type":"json"}]', - 'title' => 'DescribeUserWafLogStatus', - ], - 'DescribeUserSlsLogRegions' => [ - 'summary' => 'Queries available regions for log storage.', - 'methods' => [ - 'post', - 'get', + 'title' => 'DescribeVerifyContent', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeVerifyContent', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DnsContent\\": {\\n \\"RR\\": \\"verification\\",\\n \\"Type\\": \\"TXT\\",\\n \\"Value\\": \\"verify_0a246ca99d504ba087472d***\\"\\n },\\n \\"FileContent\\": {\\n \\"TopDomain\\": \\"aliyundemo.com\\",\\n \\"VerifyPath\\": \\"http://xxx.xxx.com//xxx.html\\",\\n \\"FileName\\": \\"xxx.html\\",\\n \\"Value\\": \\"verify_0a246ca99d504ba08***\\",\\n \\"DownloadUrl\\": \\"http://oss.xxx.com//xxx.html\\"\\n },\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"VerifyResult\\": true\\n}","type":"json"}]', + ], + 'DescribeVisitTopIp' => [ + 'summary' => 'Queries the top 10 IP addresses that initiate the most requests.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -33410,112 +27353,108 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '201946', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-uqm2z****0a', - ], + 'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'StartTimestamp', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], + ], + [ + 'name' => 'EndTimestamp', + 'in' => 'query', + 'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not set this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], + ], + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'LogRegions' => [ - 'description' => 'The region IDs.'."\n", + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5D2B8DAE-A761-58CB-A68D-74989E4831DA', 'title' => ''], + 'TopIp' => [ + 'description' => 'The top 10 IP addresses by traffic.', 'type' => 'array', 'items' => [ - 'description' => 'The region ID. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: China (Hangzhou).'."\n" - .'* **cn-beijing**: China (Beijing).'."\n" - .'* **cn-hongkong**: China (Hong Kong).'."\n" - .'* **ap-southeast-1**: Singapore.'."\n" - .'* **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n" - .'* **ap-southeast-5**: Indonesia (Jakarta).'."\n" - .'* **ap-southeast-6**: Philippines (Manila).'."\n" - .'* **ap-southeast-7**: Thailand (Bangkok).'."\n" - .'* **me-east-1**: UAE (Dubai).'."\n" - .'* **eu-central-1**: Germany (Frankfurt).'."\n" - .'* **us-east-1**: US (Virginia).'."\n" - .'* **us-west-1**: US (Silicon Valley).'."\n" - .'* **ap-northeast-1**: Japan (Tokyo).'."\n" - .'* **ap-northeast-2**: South Korea (Seoul).'."\n" - .'* **ap-south-1**: India (Mumbai) Closed Down.'."\n" - .'* **eu-west-1**: UK (London).'."\n" - .'* **cn-hangzhou-finance**: China East 1 Finance.'."\n" - .'* **cn-shanghai-finance-1**: China East 2 Finance.'."\n" - .'* **cn-shenzhen-finance**: China South 1 Finance.'."\n" - ."\n" - .'> The China East 1 Finance, China East 2 Finance, and China South 1 Finance regions are available only for Alibaba Finance Cloud users. Alibaba Finance Cloud users are also limited to storing logs within these specific regions.', - 'type' => 'string', - 'example' => 'cn-hangzhou', + 'description' => 'The traffic statistics of an IP address.', + 'type' => 'object', + 'properties' => [ + 'Area' => ['description' => 'The region code.', 'type' => 'string', 'example' => '310000', 'title' => ''], + 'Ip' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''], + 'Isp' => ['description' => 'The Internet service provider.', 'type' => 'string', 'example' => 'AAA', 'title' => ''], + 'Count' => ['description' => 'The total number of requests from the IP address.', 'type' => 'integer', 'format' => 'int64', 'example' => '2622', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892****', + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'title' => 'Query top 10 IP addresses by traffic', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:18:17.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"LogRegions\\": [\\n \\"cn-hangzhou\\"\\n ],\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\"\\n}","type":"json"}]', - 'title' => 'DescribeUserSlsLogRegions', - ], - 'DescribeSlsAuthStatus' => [ - 'summary' => 'Queries whether Web Application Firewall (WAF) is authorized to access Logstores.', - 'methods' => [ - 'post', - 'get', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitTopIp'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeVisitTopIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5D2B8DAE-A761-58CB-A68D-74989E4831DA\\",\\n \\"TopIp\\": [\\n {\\n \\"Area\\": \\"310000\\",\\n \\"Ip\\": \\"1.1.XX.XX\\",\\n \\"Isp\\": \\"AAA\\",\\n \\"Count\\": 2622\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeVisitUas' => [ + 'summary' => 'Queries the top 10 User-Agents that initiate the most requests.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -33526,85 +27465,107 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '111394', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '104799', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ + 'name' => 'StartTimestamp', + 'in' => 'query', + 'schema' => ['description' => 'The start time of the query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''], + ], + [ + 'name' => 'EndTimestamp', + 'in' => 'query', + 'schema' => ['description' => 'The end time of the query. Unit: seconds. If you do not set this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-g4t3g****04', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek2okfav****iq', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => 'Indicates whether WAF is authorized to access Logstores. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'false', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '3589D3A3-4A04-51CB-AA89-353ED20A****', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2847CE98-AFAE-5A64-B80E-60461717F9DE', 'title' => ''], + 'Uas' => [ + 'description' => 'The top 10 User-Agents by traffic.', + 'type' => 'array', + 'items' => [ + 'description' => 'The User-Agent traffic statistics.', + 'type' => 'object', + 'properties' => [ + 'Count' => ['description' => 'The total number of requests from the User-Agent.', 'type' => 'integer', 'format' => 'int64', 'example' => '698455', 'title' => ''], + 'Ua' => ['description' => 'The User-Agent name.', 'type' => 'string', 'example' => 'chrome', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": false,\\n \\"RequestId\\": \\"3589D3A3-4A04-51CB-AA89-353ED20ACB10\\"\\n}","type":"json"}]', - 'title' => 'DescribeSlsAuthStatus', - ], - 'DescribeSlsLogStoreStatus' => [ - 'summary' => 'Queries the status of a Simple Log Service Logstore.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query top 10 user-Agents by traffic', + 'changeSet' => [ + ['createdAt' => '2024-08-27T07:18:17.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-04-18T02:11:02.000Z', 'description' => 'Response parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitUas'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeVisitUas', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2847CE98-AFAE-5A64-B80E-60461717F9DE\\",\\n \\"Uas\\": [\\n {\\n \\"Count\\": 698455,\\n \\"Ua\\": \\"chrome\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'DescribeWafSourceIpSegment' => [ + 'summary' => 'Queries the back-to-origin CIDR blocks of WAF.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -33615,136 +27576,129 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '114229', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '115641', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-uqm35****02', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-*****', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfmzedqv****ma', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The query result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '184F538F-C115-5C89-A4EF-C79CD2E29AC7', - ], - 'ExistStatus' => [ - 'description' => 'Indicates whether a Logstore is created for WAF. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9087ADDC-9047-4D02-82A7-33021B58083C', 'title' => ''], + 'WafSourceIp' => [ + 'description' => 'The list of WAF back-to-origin IP addresses CIDR blocks used by the protection cluster.', + 'type' => 'object', + 'properties' => [ + 'IPv6' => [ + 'description' => 'The list of IPv6 back-to-origin CIDR blocks.', + 'type' => 'array', + 'items' => ['description' => 'The IPv6 back-to-origin CIDR block.', 'type' => 'string', 'example' => '2408:XXXX:3c:4800::/56', 'title' => ''], + 'title' => '', + 'example' => '', + ], + 'IPv4' => [ + 'description' => 'The list of IPv4 back-to-origin CIDR blocks.', + 'type' => 'array', + 'items' => ['description' => 'The IPv4 back-to-origin CIDR block.', 'type' => 'string', 'example' => '101.200.XX.XX/24', 'title' => ''], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', ], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"184F538F-C115-5C89-A4EF-C79CD2E29AC7\\",\\n \\"ExistStatus\\": true\\n}","type":"json"}]', - 'title' => 'DescribeSlsLogStoreStatus', - ], - 'DescribeSlsLogStore' => [ - 'summary' => 'Queries information about a Logstore, such as the total capacity, storage duration, and used capacity.', - 'methods' => [ - 'post', - 'get', + 'title' => 'Query back-to-origin CIDR blocks of a WAF instance', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeWafSourceIpSegment'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeWafSourceIpSegment', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9087ADDC-9047-4D02-82A7-33021B58083C\\",\\n \\"WafSourceIp\\": {\\n \\"IPv6\\": [\\n \\"2408:XXXX:3c:4800::/56\\"\\n ],\\n \\"IPv4\\": [\\n \\"101.200.XX.XX/24\\"\\n ]\\n }\\n}","type":"json"}]', + ], + 'InitializeWafOperationRole' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '114313', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '113863', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-zpr3d****0o', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aek2wf3mn****vq', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -33752,170 +27706,156 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'LogStoreName' => [ - 'description' => 'The name of the Logstore.'."\n", - 'type' => 'string', - 'example' => 'wafng-logstore', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'CAC0A24B-486A-5E12-9894-BE860E5F****', - ], - 'Quota' => [ - 'description' => 'The capacity of the Logstore. Unit: bytes.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '3298534883328', - ], - 'ProjectName' => [ - 'description' => 'The name of the Simple Log Service project.'."\n", - 'type' => 'string', - 'example' => 'wafng-project-14316572********-cn-hangzhou', - ], - 'Used' => [ - 'description' => 'The used capacity of the Logstore. Unit: bytes.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '35471136', - ], - 'Ttl' => [ - 'description' => 'The storage duration of the Logstore. Unit: days.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '180', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '4EC9EA6C-F80A-5D25-A8F7-***', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"LogStoreName\\": \\"wafng-logstore\\",\\n \\"RequestId\\": \\"CAC0A24B-486A-5E12-9894-BE860E5F41CC\\",\\n \\"Quota\\": 3298534883328,\\n \\"ProjectName\\": \\"wafng-project-14316572********-cn-hangzhou\\",\\n \\"Used\\": 35471136,\\n \\"Ttl\\": 180\\n}","type":"json"}]', - 'title' => 'DescribeSlsLogStore', - ], - 'ModifyResourceLogStatus' => [ - 'summary' => 'Enables or disables the log collection feature for a protected object.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'RoleAlreadyExists', 'errorMessage' => 'Service Linked Role Already Exists.', 'description' => 'The role already exists.'], + ['errorCode' => 'NoPermissonCreatesServiceLinkedRole', 'errorMessage' => 'No Permisson Create Service Linked Role.', 'description' => 'You do not have the permissions to create the service-linked role.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'InitializeWafOperationRole', + 'summary' => 'Initializes a service-linked role for WAF.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:InitializeWafOperationRole', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4EC9EA6C-F80A-5D25-A8F7-***\\"\\n}","type":"json"}]', + ], + 'ListTagKeys' => [ + 'summary' => 'Queries tag keys.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'list', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '111393', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '164269', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11zcl****', - ], - ], - [ - 'name' => 'Resource', + 'name' => 'RegionId', 'in' => 'query', - 'allowEmptyValue' => true, - 'schema' => [ - 'description' => 'The protected object on which you want to manage the log collection feature.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'alb-wewbb23dfsetetcic1242-0****', - ], + 'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou'], ], [ - 'name' => 'Status', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to enable the log collection feature for the protected object. Valid values:'."\n" - ."\n" - .'* **true:** enables the log collection feature.'."\n" - .'* **false:** disables the log collection feature.'."\n", - 'type' => 'boolean', - 'required' => true, - 'example' => 'true', - ], + 'schema' => ['title' => '', 'description' => 'The token that is used to start the next query.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****'], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceType', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['title' => '', 'description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-wwo****iw02', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => 'Indicates whether the log collection feature is enabled for the protected object. Valid values:'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '7C55A3E5-638A-5D6E-9A2F-C3CE5A677EC5', + 'NextToken' => ['title' => '', 'description' => 'The token that is used to start the next query. If this parameter is empty, no more results are returned.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '8CB8BB88-24C7-5608-BF5E-4DCA****CF1C', 'title' => ''], + 'Keys' => [ + 'title' => '', + 'description' => 'The list of tag keys and types.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Key' => ['title' => '', 'description' => 'The tag key.', 'type' => 'string', 'example' => 'demoTagKey'], + 'Category' => ['description' => 'The tag type. Valid values:'."\n" + ."\n" + .'- custom: custom tag.'."\n" + .'- system: system tag.', 'type' => 'string', 'example' => 'custom', 'title' => ''], + ], + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": true,\\n \\"RequestId\\": \\"7C55A3E5-638A-5D6E-9A2F-C3CE5A677EC5\\"\\n}","type":"json"}]', - 'title' => 'ModifyResourceLogStatus', - ], - 'DescribeResourceLogStatus' => [ - 'summary' => 'Queries whether the log collection feature is enabled for a protected object.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Query tag keys', + 'changeSet' => [ + ['createdAt' => '2024-11-12T13:24:11.000Z', 'description' => 'Request parameters changed'], ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagKeys'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:ListTagKeys', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"RequestId\\": \\"8CB8BB88-24C7-5608-BF5E-4DCA****CF1C\\",\\n \\"Keys\\": [\\n {\\n \\"Key\\": \\"demoTagKey\\",\\n \\"Category\\": \\"custom\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'ListTagResources' => [ + 'summary' => 'Queries the tags that are added to a resource.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -33926,197 +27866,175 @@ 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '111392', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], - 'autoTest' => true, + 'abilityTreeCode' => '164021', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11zcl****', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: indicates the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'cn-hangzhou'], ], [ - 'name' => 'Resources', + 'name' => 'NextToken', 'in' => 'query', - 'allowEmptyValue' => true, - 'schema' => [ - 'description' => 'The protected object that you want to query. You can specify multiple protected objects. Separate the protected objects with commas (,).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'alb-wewbb23dfsetetcic1242-0****,alb-wewbb23dfsetetcic1242-1****', - ], + 'schema' => ['description' => 'A pagination token for the next query', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceType', 'in' => 'query', + 'schema' => ['description' => 'The resource type. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'], + ], + [ + 'name' => 'ResourceId', + 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', + 'title' => '', + 'description' => 'The resource IDs. You can specify up to 50 resource IDs.', + 'type' => 'array', + 'items' => ['description' => 'The resource ID.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxaliyundoc.com-waf', 'title' => ''], 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'maxItems' => 51, + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'Tag', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', + 'title' => '', + 'description' => 'The tags that are added to the resource.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The tag key.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'Tagkey1'], + 'Value' => ['description' => 'The tag value.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'TagValue1'], + ], + 'required' => false, + 'description' => '', + 'title' => '', + 'example' => '', + ], 'required' => false, - 'example' => 'rg-acfm***q', + 'maxItems' => 21, + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The returned result.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '0DABF8AB-2321-5F8D-A8D7-922D757FBFFE', - ], - 'Result' => [ - 'description' => 'The returned result.'."\n", + 'NextToken' => ['description' => 'A pagination token. It can be used in the next request to retrieve a new page of results. If NextToken is empty, no next page exists.', 'type' => 'string', 'title' => '', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '716E64DA-044F-51C7-B528-2FBF****AE4F', 'title' => ''], + 'TagResources' => [ + 'title' => '', + 'description' => 'The resource list.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the protected object.'."\n", 'type' => 'object', 'properties' => [ - 'Status' => [ - 'description' => 'Indicates whether the log collection feature is enabled for the protected object. Valid values:'."\n" - ."\n" - .'* **true:** The log collection feature is enabled.'."\n" - .'* **false:** The log collection feature is disabled.'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'Resource' => [ - 'description' => 'The protected object.'."\n", - 'type' => 'string', - 'example' => 'alb-wewbb23dfsetetcic****', - ], + 'ResourceType' => ['description' => 'The resource type. ALIYUN::WAF::DEFENSERESOURCE is returned.', 'type' => 'string', 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'], + 'TagValue' => ['description' => 'The tag value.', 'type' => 'string', 'title' => '', 'example' => 'TayValue1'], + 'ResourceId' => ['description' => 'The resource ID.', 'type' => 'string', 'title' => '', 'example' => 'c754d2a4-28f1-46df-b557-9586173a****'], + 'TagKey' => ['description' => 'The tag key.', 'type' => 'string', 'title' => '', 'example' => 'TagKey1'], ], + 'description' => '', + 'title' => '', + 'example' => '', ], + 'example' => '', ], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0DABF8AB-2321-5F8D-A8D7-922D757FBFFE\\",\\n \\"Result\\": [\\n {\\n \\"Status\\": true,\\n \\"Resource\\": \\"alb-wewbb23dfsetetcic****\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeResourceLogStatus', - ], - 'CreateLogDeliveryConfig' => [ - 'summary' => 'Creates a hybrid cloud log delivery configuration.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ListTagResources', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagResources'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:ListTagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"RequestId\\": \\"716E64DA-044F-51C7-B528-2FBF****AE4F\\",\\n \\"TagResources\\": [\\n {\\n \\"ResourceType\\": \\"ALIYUN::WAF::DEFENSERESOURCE\\",\\n \\"TagValue\\": \\"TayValue1\\",\\n \\"ResourceId\\": \\"c754d2a4-28f1-46df-b557-9586173a****\\",\\n \\"TagKey\\": \\"TagKey1\\"\\n }\\n ]\\n}","type":"json"}]', + ], + 'ListTagValues' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'write', + 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'get', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '164272', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'NextToken', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['title' => '', 'description' => 'The token for the next query.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n"], ], [ - 'name' => 'DeliveryName', + 'name' => 'ResourceType', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the log delivery configuration.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'test1', - ], + 'schema' => ['title' => '', 'description' => 'The resource type. Fixed value: ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'], ], [ - 'name' => 'DeliveryType', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the log delivery configuration. Valid values:'."\n" - ."\n" - .'* **syslog**: Logs are delivered to a syslog service.'."\n" - .'* **kafka**: Logs are delivered to a Kafka service.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'kafka', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-lbj****x10g', 'title' => ''], ], [ - 'name' => 'DeliveryDetail', + 'name' => 'Key', 'in' => 'query', - 'schema' => [ - 'description' => 'The content of the log delivery configuration. Set the value to a JSON string that contains multiple parameters.'."\n" - ."\n" - .'> The parameters vary based on the type of the **log delivery configuration** specified by **DeliveryType**. For more information, see **Parameter description for log delivery configuration**.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '', - ], + 'schema' => ['description' => 'The tag key.', 'type' => 'string', 'required' => true, 'example' => 'demoKey', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwk****cv5i', 'title' => ''], ], ], 'responses' => [ @@ -34124,79 +28042,54 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'DeliveryName' => [ - 'description' => 'The name of the log delivery configuration.'."\n", - 'type' => 'string', - 'example' => 'test1', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', + 'NextToken' => ['title' => '', 'description' => 'The token for the next query. If NextToken is empty, no more results exist.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n"], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '705114BB-EAEF-5CC4-8837-F1D4****BB5B', 'title' => ''], + 'Values' => [ + 'title' => '', + 'description' => 'The list of tag values.', + 'type' => 'array', + 'items' => ['description' => 'The tag value.', 'type' => 'string', 'example' => 'TagValue1', 'title' => ''], + 'example' => '', ], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DeliveryName\\": \\"test1\\",\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\"\\n}","type":"json"}]', - 'title' => 'CreateLogDeliveryConfig', - 'requestParamsDescription' => '## Parameter description for log delivery configuration'."\n" - ."\n" - .'### Deliver logs to a syslog service (DeliveryType set to **syslog**)'."\n" - ."\n" - .'#### Parameter description'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|servers|Array|Yes|\\[{"address":"11.11.XX.XX","port":8000}\\]|The remote address of the syslog service. You can specify only one address.<br>- **address**: the domain name or IP address of the server. The IP address can be an IPv4 or IPv6 address. You must specify an address.<br>- **port**: the port of the server. You must specify a port.|'."\n" - .'|rfcVersion|String|No|rfc3164|The Request for Comments (RFC) that defines the syslog protocol. Valid values:<br>- **rfc3164**: RFC 3164. This is the default value.<br>- **rfc5424**: RFC 5424.|'."\n" - .'|protocol|String|Yes|tcp|The protocol that is supported by the syslog protocol. Valid values:<br>- **tcp**: TCP.<br>- **udp**: UDP.|'."\n" - ."\n" - .'#### Examples'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_cn-n*******",'."\n" - .' "DeliveryName": "test1",'."\n" - .' "DeliveryType": "syslog",'."\n" - .' "DeliveryDetail": "{\\"rfcVersion\\":\\"rfc3164\\",\\"protocol\\":\\"tcp\\",\\"servers\\":[{\\"address\\":\\"11.11.XX.XX\\",\\"port\\":8000}]}"'."\n" - .'}'."\n" - .'```'."\n" - ."\n" - .'### Deliver logs to a Kafka service (DeliveryType set to **kafka**)'."\n" - ."\n" - .'#### Parameter description'."\n" - ."\n" - .'|Parameter|Type|Required|Example|Description|'."\n" - .'|---|---|---|---|---|'."\n" - .'|servers|Array|Yes|\\[{"address":"a.com","port":8000}\\]|The remote address of the Kafka service. You can specify up to three addresses.<br>- **address**: the domain name or IP address of the server. The IP address can be an IPv4 or IPv6 address. You must specify an address.<br>- **port**: the port of the server. You must specify a port.|'."\n" - .'|kafkaTopic|String|Yes|test|The ID or name of the Kafka topic.|'."\n" - .'|protocol|String|Yes|PLAINTEXT|The security protocol of Kafka. Valid values:<br>- **PLAINTEXT**: the PLAINTEXT protocol. <br>- **SASL_PLAINTEXT**: the SASL_PLAINTEXT protocol.<br>- **SASL_SSL**: the SASL_SSL protocol.|'."\n" - .'|saslUserName|String|No|user123|The username for Kafka Simple Authentication and Security Layer (SASL) authentication. If you set protocol to SASL_PLAINTEXT or SASL_SSL, you must specify this parameter.|'."\n" - .'|saslPassword|String|No|user\\*\\*\\*|The password for Kafka SASL authentication. If you set protocol to SASL_PLAINTEXT or SASL_SSL, you must specify this parameter.|'."\n" - ."\n" - .'#### Examples'."\n" - ."\n" - .'```json'."\n" - .'{'."\n" - .' "InstanceId": "waf_v2_public_cn-n*********",'."\n" - .' "DeliveryName": "test2",'."\n" - .' "DeliveryType": "kafka",'."\n" - .' "DeliveryDetail": "{\\"kafkaTopic\\":\\"topictest1\\",\\"protocol\\":\\"SASL_PLAINTEXT\\",\\"servers\\":[{\\"address\\":\\"a.com\\",\\"port\\":1000},{\\"address\\":\\"ba.com\\",\\"port\\":1000},{\\"address\\":\\"c.com\\",\\"port\\":1000}],\\"saslUserName\\":\\"user123\\",\\"saslPassword\\":\\"user****\\"}"'."\n" - .'}'."\n" - .'```', - ], - 'ModifyLogDeliveryConfig' => [ - 'summary' => 'Modifies a hybrid cloud log delivery configuration.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'Query tag values of a specified tag key', + 'summary' => 'Queries the tag values that correspond to a specified tag key.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T13:24:10.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagValues'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:ListTagValues', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\\\n\\",\\n \\"RequestId\\": \\"705114BB-EAEF-5CC4-8837-F1D4****BB5B\\",\\n \\"Values\\": [\\n \\"TagValue1\\"\\n ]\\n}","type":"json"}]', + ], + 'ModifyApisecAbnormals' => [ + 'summary' => 'Modifies the status of API security risks in batches.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -34204,119 +28097,125 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '229991', + 'abilityTreeNodes' => ['FEATUREwafWE25G7'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-****', 'title' => ''], ], [ - 'name' => 'DeliveryName', + 'name' => 'AbnormalIds', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The name of the log delivery configuration that you want to modify.'."\n", - 'type' => 'string', + 'description' => 'A list of API security risk IDs.', + 'type' => 'array', + 'items' => ['description' => 'The ID of the API security risk.', 'type' => 'string', 'required' => false, 'example' => 'a50b820efee0989df3b54b2089*****', 'title' => ''], 'required' => true, - 'example' => 'test1', + 'maxItems' => 20, + 'minItems' => 1, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'DeliveryType', + 'name' => 'UserStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the log delivery configuration that you want to modify. Valid values:'."\n" - ."\n" - .'* **syslog**: Logs are delivered to a syslog service.'."\n" - .'* **kafka**: Logs are delivered to a Kafka service.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'kafka', - ], + 'schema' => ['description' => 'The status of the security risk. Valid values:'."\n" + ."\n" + .'- **toBeConfirmed**: The security risk is to be confirmed.'."\n" + ."\n" + .'- **confirmed**: The security risk is confirmed.'."\n" + ."\n" + .'- **toBeFixed**: The security risk is to be fixed.'."\n" + ."\n" + .'- **fixed**: The security risk is fixed.'."\n" + ."\n" + .'- **ignored**: The security risk is ignored.', 'type' => 'string', 'required' => true, 'example' => 'fixed', 'title' => ''], ], [ - 'name' => 'DeliveryDetail', + 'name' => 'Note', 'in' => 'query', - 'schema' => [ - 'description' => 'The content of the log delivery configuration. Set the value to a JSON string that contains multiple parameters.'."\n" - ."\n" - .'> This parameter is the same as the **DeliveryDetail** parameter of the **CreateLogDeliveryConfig** operation. For more information, see **Parameter description for log delivery configuration** of the [CreateLogDeliveryConfig](~~CreateLogDeliveryConfig~~) operation.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '', - ], + 'schema' => ['description' => 'The remarks for the status change.', 'type' => 'string', 'required' => false, 'example' => 'already fixed.', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter is available only for hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'DeliveryName' => [ - 'description' => 'The name of the log delivery configuration.'."\n", - 'type' => 'string', - 'example' => 'test1', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DeliveryName\\": \\"test1\\",\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyLogDeliveryConfig', - ], - 'DeleteLogDeliveryConfig' => [ - 'summary' => 'Delets a hybrid cloud log delivery configuration.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'ModifyApisecAbnormals', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecAbnormals'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecAbnormals', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\"\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'ModifyApisecApiResource' => [ + 'summary' => 'Modifies the annotation of an API asset in the API security module of Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -34324,359 +28223,366 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '205953', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '168714', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-n6w***x52m', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'DeliveryName', + 'name' => 'Follow', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'test1', - ], + 'schema' => ['description' => 'Indicates whether to follow the API asset. Valid values:'."\n" + ."\n" + .'- **1**: follows the API asset.'."\n" + ."\n" + .'- **0** (default): does not follow the API asset.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'required' => false, 'example' => '0', 'title' => ''], + ], + [ + 'name' => 'Note', + 'in' => 'query', + 'schema' => ['description' => 'The remarks of the API asset. You can use this parameter to add a custom annotation to the API asset for easier identification.', 'type' => 'string', 'required' => false, 'example' => 'know', 'title' => ''], + ], + [ + 'name' => 'ApiId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the API asset that you want to modify.', 'type' => 'string', 'required' => true, 'example' => 'c68995b89069595c5c0399676f3ca64f', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter is required only for hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the ID of the hybrid cloud cluster.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-*****', - ], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'], ], + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*****\\"\\n}","type":"json"}]', - 'title' => 'DeleteLogDeliveryConfig', - ], - 'DescribeLogDeliveryConfig' => [ - 'summary' => 'Queries a hybrid cloud log delivery configuration.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'ModifyApisecApiResource', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecApiResource'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecApiResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'ModifyApisecEvents' => [ + 'summary' => 'Modifies the status of a batch of API security events.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '230005', + 'abilityTreeNodes' => ['FEATUREwafVPSU1I'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-*****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_***', 'title' => ''], ], [ - 'name' => 'DeliveryName', + 'name' => 'EventIds', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The name of the log delivery configuration.'."\n", - 'type' => 'string', + 'description' => 'A list of API security event IDs.', + 'type' => 'array', + 'items' => ['description' => 'An API security event ID.', 'type' => 'string', 'example' => '7298c9f5b137c83****', 'title' => '', 'required' => false], 'required' => true, - 'example' => 'test1', + 'maxItems' => 20, + 'minItems' => 1, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'UserStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The status of the event. Valid values:'."\n" + ."\n" + .'- **toBeConfirmed**: The event is pending confirmation.'."\n" + ."\n" + .'- **confirmed**: The event is confirmed.'."\n" + ."\n" + .'- **ignored**: The event is ignored.', 'type' => 'string', 'required' => true, 'example' => 'confirmed', 'title' => ''], + ], + [ + 'name' => 'Note', + 'in' => 'query', + 'schema' => ['description' => 'The remarks.', 'type' => 'string', 'required' => false, 'example' => 'already confirmed.', 'title' => ''], + ], + [ + 'name' => 'ClusterId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n" + ."\n" + .'> This parameter is available only for hybrid cloud scenarios. Call [DescribeHybridCloudClusters](~~2849376~~) to obtain information about hybrid cloud clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false], ], [ 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], + ], + [ + 'name' => 'EventScope', + 'in' => 'query', 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" + 'description' => 'The dimension of the security event. Valid values:'."\n" + ."\n" + .'- **ip** (default): IP security event.'."\n" ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", + .'- **account**: account security event.', 'type' => 'string', + 'example' => 'ip', + 'default' => 'ip', + 'enum' => ['ip', 'account'], + 'title' => '', 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', ], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The request result.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-******', - ], - 'DeliveryConfig' => [ - 'description' => 'The information about the log delivery configuration.'."\n", - 'type' => 'object', - 'properties' => [ - 'DeliveryName' => [ - 'description' => 'The name of the log delivery configuration.'."\n", - 'type' => 'string', - 'example' => 'test1', - ], - 'DeliveryType' => [ - 'description' => 'The type of the log delivery configuration. Valid values:'."\n" - ."\n" - .'* **syslog**: Logs are delivered to a syslog service.'."\n" - .'* **kafka**: Logs are delivered to a Kafka service.'."\n", - 'type' => 'string', - 'example' => 'syslog', - ], - 'DeliveryDetail' => [ - 'description' => 'The content of the log delivery configuration. The value is a JSON string that contains multiple parameters.'."\n" - ."\n" - .'> This parameter is the same as the **DeliveryDetail** parameter of the **CreateLogDeliveryConfig** operation. For more information, see **Parameter description for log delivery configuration** of the [CreateLogDeliveryConfig](~~CreateLogDeliveryConfig~~) operation.'."\n", - 'type' => 'string', - 'example' => '', - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-****-6B19160D5EB0', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-******\\",\\n \\"DeliveryConfig\\": {\\n \\"DeliveryName\\": \\"test1\\",\\n \\"DeliveryType\\": \\"syslog\\",\\n \\"DeliveryDetail\\": \\"详见各个外发投递类型的内容详情\\\\n\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeLogDeliveryConfig', - ], - 'DescribeLogDeliveryConfigs' => [ - 'summary' => 'Queries all hybrid cloud log delivery configurations.', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'ModifyApisecEvents', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-****-6B19160D5EB0\\"\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'ModifyApisecLogDelivery' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '224402', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-zz11sr5****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''], ], [ - 'name' => 'DeliveryNameLike', + 'name' => 'AssertKey', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the log delivery configuration. Fuzzy queries are supported.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test', - ], + 'schema' => ['description' => 'The type of the log subscription. Valid values:'."\n" + ."\n" + .'- **risk**: risk information.'."\n" + ."\n" + .'- **event**: attack event information.'."\n" + ."\n" + .'- **asset**: asset information.', 'type' => 'string', 'required' => true, 'example' => 'risk', 'title' => ''], ], [ - 'name' => 'DeliveryType', + 'name' => 'LogRegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the log delivery configuration that you want to query. Valid values:'."\n" - ."\n" - .'* **syslog**: Logs are delivered to a syslog service.'."\n" - .'* **kafka**: Logs are delivered to a Kafka service.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'kafka', - ], + 'schema' => ['description' => 'The ID of the region where logs are stored.'."\n" + ."\n" + .'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ProjectName', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The name of the project in Simple Log Service.'."\n" + ."\n" + .'> API security logs can only be delivered to projects whose name starts with apisec-.', 'type' => 'string', 'required' => true, 'example' => 'apisec-project-14316572********', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'LogStoreName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The name of the Logstore in Simple Log Service.'."\n" + ."\n" + .'> API security logs can only be delivered to Logstores whose name starts with apisec-.', 'type' => 'string', 'required' => true, 'example' => 'apisec-logstore***', 'title' => ''], ], [ - 'name' => 'NextToken', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'MaxResults', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'integer', - 'format' => 'int32', - 'default' => '20', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', - ], - 'DeliveryConfigs' => [ - 'description' => 'The information about the log delivery configuration.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'DeliveryName' => [ - 'description' => 'The name of the log delivery configuration.'."\n", - 'type' => 'string', - 'example' => 'test1', - ], - 'DeliveryDetail' => [ - 'description' => 'The content of the log delivery configuration. The value is a JSON string that contains multiple parameters.'."\n" - ."\n" - .'> This parameter is the same as the **DeliveryDetail** parameter of the **CreateLogDeliveryConfig** operation. For more information, see **Parameter description for log delivery configuration** of the [CreateLogDeliveryConfig](~~CreateLogDeliveryConfig~~) operation.'."\n", - 'type' => 'string', - 'example' => '', - ], - 'DeliveryType' => [ - 'description' => 'The type of the log delivery configuration. Valid values:'."\n" - ."\n" - .'* **syslog**: Logs are delivered to a syslog service.'."\n" - .'* **kafka**: Logs are delivered to a Kafka service.'."\n", - 'type' => 'string', - 'example' => 'kafka', - ], - ], - ], - ], - 'NextToken' => [ - 'type' => 'string', - ], - 'MaxResults' => [ - 'type' => 'integer', - 'format' => 'int32', - ], - 'TotalCount' => [ - 'type' => 'integer', - 'format' => 'int32', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"DeliveryConfigs\\": [\\n {\\n \\"DeliveryName\\": \\"test1\\",\\n \\"DeliveryDetail\\": \\"详见各个外发投递类型的内容详情\\",\\n \\"DeliveryType\\": \\"kafka\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20,\\n \\"TotalCount\\": 5\\n}","type":"json"}]', - 'title' => 'DescribeLogDeliveryConfigs', - ], - 'ModifyResourceLogFieldConfig' => [ - 'summary' => '修改防护对象的日志字段配置', - 'methods' => [ - 'post', - 'get', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'title' => 'ModifyApisecLogDelivery', + 'summary' => 'Updates the API security log subscription settings.', + 'changeSet' => [ + ['createdAt' => '2024-11-12T11:54:57.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecLogDelivery'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecLogDelivery', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'schemes' => [ - 'https', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","type":"json"}]', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + ], + 'ModifyApisecLogDeliveryStatus' => [ + 'summary' => 'Modifies the subscription status of API security logs.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -34687,124 +28593,204 @@ 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '235280', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], - 'autoTest' => true, - 'tenantRelevance' => 'tenant', + 'abilityTreeCode' => '225244', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-uax****3k0e', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''], ], [ - 'name' => 'FieldList', + 'name' => 'AssertKey', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids', - ], + 'schema' => ['description' => 'The log subscription type. Valid values:'."\n" + ."\n" + .'- **risk**: risk information.'."\n" + .'- **event**: attack event information.'."\n" + .'- **asset**: asset information.', 'type' => 'string', 'required' => true, 'example' => 'risk', 'title' => ''], ], [ - 'name' => 'ExtendConfig', + 'name' => 'Status', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}', - ], + 'schema' => ['description' => 'The enabling status of API security log subscribe. Valid values:'."\n" + ."\n" + .'- **true**: Enabled.'."\n" + ."\n" + .'- **false**: shutdown.', 'type' => 'boolean', 'required' => true, 'example' => 'true', 'title' => ''], ], [ - 'name' => 'DeliveryType', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'sls', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + 'description' => 'The response parameters.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + ], + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], + ], + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Modify API security log subscription status', + 'changeSet' => [ + ['createdAt' => '2024-11-12T11:54:56.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecLogDeliveryStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","type":"json"}]', + ], + 'ModifyApisecModuleStatus' => [ + 'summary' => 'Modifies the status of protected objects or protected object groups for the API security protection module.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'Resource', + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '189643', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'cwaf-***-waf', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm**', 'title' => ''], ], [ - 'name' => 'LogDeliveryStrategy', + 'name' => 'Resources', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', - ], + 'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => false, 'example' => 'cwaf-***-waf', 'title' => ''], + ], + [ + 'name' => 'ReportStatus', + 'in' => 'query', + 'schema' => ['description' => 'The compliance review status. Valid values: '."\n" + .'- **1**: Enabled.'."\n" + .'- **0**: Disabled.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'TraceStatus', + 'in' => 'query', + 'schema' => ['description' => 'The tracing audit status. Valid values: '."\n" + .'- **1**: Enabled.'."\n" + .'- **0**: Disabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'ResourceGroups', + 'in' => 'query', + 'schema' => ['description' => 'The name of the protected object group to which the protected object is added.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B****', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B****\\"\\n}","type":"json"}]', - ], - 'DescribeResourceLogFieldConfig' => [ - 'summary' => '查询防护对象日志字段配置', - 'methods' => [ - 'post', - 'get', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], + ], + 'title' => 'Modify API security protection module status', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecModuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + ], + 'ModifyApisecStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -34812,127 +28798,99 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '235277', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], - 'autoTest' => true, - 'tenantRelevance' => 'tenant', + 'abilityTreeCode' => '189028', + 'abilityTreeNodes' => ['FEATUREwaf71G1E8'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-zpr3*******', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ - 'name' => 'DeliveryType', + 'name' => 'Resources', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'sls', - ], + 'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => false, 'example' => 'alb-wewbb23dfset***', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ApisecStatus', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The API security status. Valid values: '."\n" + .'- **1**: enabled.'."\n" + .'- **0**: disabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'ResourceGroups', + 'in' => 'query', + 'schema' => ['description' => 'The name of the protected object group to which the protected object is added.', 'type' => 'string', 'required' => false, 'example' => 'group', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'test.waf.com-waf', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'AddList' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'acl_test,acl_action,acl_rule_id,waf_test,acl_rule_type', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '7B53B47C-D368-5344-BB5E-79******', - ], - 'LogDeliveryStrategy' => [ - 'description' => '', - 'type' => 'string', - 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', - ], - 'ExtendConfig' => [ - 'description' => '', - 'type' => 'string', - 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}', - ], - 'DelList' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'waf_rule_id,waf_rule_type', - ], - 'FieldList' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids', - ], - 'DeliveryType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'sls', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'eventInfo' => [ + 'enable' => false, + 'eventNames' => [], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AddList\\": \\"acl_test,acl_action,acl_rule_id,waf_test,acl_rule_type\\",\\n \\"RequestId\\": \\"7B53B47C-D368-5344-BB5E-79******\\",\\n \\"LogDeliveryStrategy\\": \\"[{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"blockLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"normalRequestLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"checkLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100}]\\",\\n \\"ExtendConfig\\": \\"{\\\\\\\\\\\\\\"request_header\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"Ali-Cdn-Real-Ip\\\\\\\\\\\\\\"}\\",\\n \\"DelList\\": \\"waf_rule_id,waf_rule_type\\",\\n \\"FieldList\\": \\"account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids\\",\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]', - ], - 'ModifyResourceLogDeliveryStatus' => [ - 'summary' => '修改防护对象日志外发状态', - 'methods' => [ - 'post', - 'get', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], - 'schemes' => [ - 'https', + 'title' => 'Modify API security status', + 'summary' => 'Modifies the status of protected objects or protected object groups for API security.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + ], + 'ModifyCloudResource' => [ + 'summary' => 'Modifies the configuration of a cloud service that is connected to Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -34943,72 +28901,208 @@ 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '235293', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeCode' => '226537', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-uqm35*****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''], ], [ - 'name' => 'DeliveryName', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'export-kafka', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'Resource', + 'name' => 'Listen', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'description' => '', - 'type' => 'string', + 'description' => 'The listening configuration.', + 'type' => 'object', + 'properties' => [ + 'TLSVersion' => ['description' => 'The TLS version to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1.2', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Specifies whether TLS 1.3 is supported. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of cipher suite to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites. This value is available only when **TLSVersion** is set to **tlsv1.2**.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''], + 'CustomCiphers' => [ + 'description' => 'The custom cipher suites.', + 'type' => 'array', + 'items' => ['description' => 'The specific custom cipher suite to add. This parameter is used only when **CipherSuite** is set to **99**.', 'type' => 'string', 'required' => false, 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'ResourceProduct' => [ + 'description' => 'The type of cloud service. Valid values:'."\n" + ."\n" + .'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **ecs**: Elastic Compute Service (ECS).'."\n" + .'- **nlb**: Network Load Balancer (NLB).', + 'type' => 'string', + 'deprecated' => true, + 'required' => false, + 'enum' => ['ecs', 'clb4', 'clb7', 'nlb'], + 'example' => 'clb7', + 'title' => '', + ], + 'ResourceInstanceId' => ['description' => 'The instance ID of the resource.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-***', 'title' => ''], + 'Port' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'example' => '80', 'title' => ''], + 'Protocol' => [ + 'description' => 'The protocol type. Valid values:'."\n" + .'- **http**: HTTP.'."\n" + .'- **https**: HTTPS.', + 'type' => 'string', + 'required' => true, + 'enum' => ['http', 'https'], + 'example' => 'http', + 'title' => '', + ], + 'Certificates' => [ + 'description' => 'The certificate information.', + 'type' => 'array', + 'items' => [ + 'description' => 'The certificate information.', + 'type' => 'object', + 'properties' => [ + 'CertificateId' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''], + 'AppliedType' => ['description' => 'The type of certificate for HTTPS. Valid values:'."\n" + ."\n" + .'- **default**: default certificate.'."\n" + ."\n" + .'- **extension**: extended certificate.', 'type' => 'string', 'required' => false, 'example' => 'default', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'Http2Enabled' => ['description' => 'Specifies whether to enable HTTP/2. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 is enabled.'."\n" + ."\n" + .'- **false** (default): HTTP/2 is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + ], 'required' => true, - 'example' => 'test.waf.com-waf', + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'Status', + 'name' => 'Redirect', 'in' => 'query', + 'style' => 'json', 'schema' => [ - 'description' => '', - 'type' => 'boolean', - 'required' => true, - 'example' => 'true', + 'description' => 'The forwarding configuration.', + 'type' => 'object', + 'properties' => [ + 'RequestHeaders' => [ + 'description' => 'The traffic mark fields and values of the domain name, which are used to mark traffic processed by WAF.', + 'type' => 'array', + 'items' => [ + 'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**]. **_key_** specifies the custom request header field, and **_value_** specifies the value of the field.'."\n" + ."\n" + .'> If the custom header field already exists in the request, the system overwrites the value of the field with the specified traffic mark value.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'key1', 'title' => ''], + 'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'value1', 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'maxItems' => 5, + 'title' => '', + 'example' => '', + ], + 'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n" + ."\n" + .'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n" + ."\n" + .'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n" + ."\n" + .'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], + 'XffHeaders' => [ + 'description' => 'The list of custom header fields used to obtain the client IP address, in the format of **["header1","header2",...]**.'."\n" + ."\n" + .'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.', + 'type' => 'array', + 'items' => ['description' => 'The list of custom header fields used to obtain the client IP address, in the format of **["header1","header2",...]**.'."\n" + ."\n" + .'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.', 'type' => 'string', 'pattern' => '^[^\';<>=|\\(\\)]+$', 'required' => false, 'example' => 'header1', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n" + .'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '3600', 'minimum' => '1', 'example' => '1', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n" + .'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '3600', 'minimum' => '1', 'example' => '1', 'title' => ''], + 'Keepalive' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n" + ."\n" + .'- **true** (default): Persistent connections are enabled.'."\n" + ."\n" + .'- **false**: Persistent connections are not enabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], + 'KeepaliveRequests' => ['description' => 'The number of requests that can reuse a persistent connection. Valid values: 60 to 1000.'."\n" + ."\n" + .'> After persistent connections are enabled, this parameter specifies how many requests can reuse a persistent connection.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout period of a persistent connection. Valid values: 10 to 3600. Default value: 3600. Unit: seconds.'."\n" + ."\n" + .'> Specifies how long an idle persistent connection can remain open before it is released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '3600', 'required' => false, 'example' => '15', 'title' => ''], + 'XffProto' => ['description' => 'Specifies whether to use X-Forward-For-Proto to pass the protocol used by WAF. Valid values:'."\n" + ."\n" + .'- **true** (default): The protocol used by WAF is passed.'."\n" + ."\n" + .'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'required' => false], + ], + 'required' => false, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'CloudResourceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF when the resource is connected in cloud native mode.'."\n" + ."\n" + .'> You can call [CreateCloudResource](~~2839876~~) to connect a resource and view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-***-80-clb7', 'title' => ''], ], ], 'responses' => [ @@ -35016,97 +29110,160 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19******', - ], - 'DeliveryName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test1', - ], - 'Status' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'DeliveryType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'sls', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''], + 'CloudResource' => ['description' => 'The ID of the connected resource.', 'type' => 'string', 'example' => 'lb-xxx-80-clb7', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19******\\",\\n \\"DeliveryName\\": \\"test1\\",\\n \\"Status\\": true,\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]', - ], - 'DescribeResourceLogDeliveryStatus' => [ - 'summary' => '查询防护对象日志外发状态', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.OnlyBeOneDefaultCert', 'errorMessage' => 'There can be only one default certificate.', 'description' => 'There can be only one default certificate.'], + ['errorCode' => 'Waf.Control.CloudProductInfoNotMartch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'], + ['errorCode' => 'Waf.Control.CloudProductInfoEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'."\n"], + ['errorCode' => 'Waf.Control.DefenseResourceEmpty', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'], + ], ], - 'schemes' => [ - 'https', + 'gatewayOptions' => [ + 'gatewayProtocols' => [], ], + 'title' => 'Modify cloud service access configuration', + 'changeSet' => [ + ['createdAt' => '2024-10-10T12:43:20.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyCloudResource'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyCloudResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"CloudResource\\": \\"lb-xxx-80-clb7\\"\\n}","type":"json"}]', + ], + 'ModifyCloudResourceCert' => [ + 'summary' => 'Modifies the certificate for a resource managed by WAF in cloud native mode.', + 'path' => '', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'none', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '235288', - 'abilityTreeNodes' => [ - 'FEATUREwafJYSA2F', - ], + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-g6z3z*****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ - 'name' => 'Resources', + 'name' => 'ResourceProduct', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The type of the cloud product. Valid values:'."\n" + ."\n" + .'- **ecs**: Elastic Compute Service (ECS).'."\n" + ."\n" + .'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n" + ."\n" + .'- **nlb**: Network Load Balancer (NLB).', 'type' => 'string', - 'required' => true, - 'example' => 'alb-wewbb23dfsetetcic1242-0****,test.waf.com-waf', + 'deprecated' => true, + 'required' => false, + 'enum' => ['ecs', 'clb4', 'nlb'], + 'example' => 'clb4', + 'title' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ResourceInstanceId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the cloud product instance.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-bp1*****jqnnqk5uj2p', 'title' => ''], + ], + [ + 'name' => 'Port', + 'in' => 'query', + 'schema' => ['description' => 'The port of the cloud product that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'maximum' => '65534', 'minimum' => '1', 'example' => '443', 'title' => ''], + ], + [ + 'name' => 'Certificates', + 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'CertificateId' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '232***-cn-hangzhou', 'title' => ''], + 'AppliedType' => [ + 'description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n" + ."\n" + .'- **default**: the default certificate.'."\n" + ."\n" + .'- **extension**: the additional certificate.', + 'type' => 'string', + 'required' => true, + 'enum' => ['default', 'extension'], + 'example' => 'default', + 'title' => '', + ], + ], + 'required' => true, + 'description' => 'The list of certificates.', + 'title' => '', + 'example' => '', + ], + 'required' => true, + 'maxItems' => 100, + 'description' => 'The list of certificates.'."\n" + ."\n" + .'> Enter all certificate IDs. This includes the default certificate and all additional certificates. After you submit the request, WAF compares the submitted IDs with the existing ones. WAF adds new certificates and deletes certificates that are not in your list. Deleting a certificate may affect related services.', + 'title' => '', + 'example' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'CloudResourceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the resource that is added to WAF. WAF automatically generates this ID when you add the resource in cloud native mode.'."\n" + ."\n" + .'> Call the [CreateCloudResource](~~2839876~~) operation to add a resource. Then, view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''], ], ], 'responses' => [ @@ -35114,176 +29271,246 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], - 'LogConfigs' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Resource' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'test.waf.com-waf', - ], - 'Status' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'DeliveryName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'export-kafka', - ], - 'DeliveryType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'kafka', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'title' => '', 'example' => 'A47D2DC0-7151-51EF-BFB7-***'], ], + 'title' => '', + 'description' => 'The response schema.', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"LogConfigs\\": [\\n {\\n \\"Resource\\": \\"test.waf.com-waf\\",\\n \\"Status\\": true,\\n \\"DeliveryName\\": \\"export-kafka\\",\\n \\"DeliveryType\\": \\"kafka\\"\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeHybridCloudClusterServers' => [ - 'summary' => '集群机器列表', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.OnlyBeOneDefaultCert', 'errorMessage' => 'There can be only one default certificate.', 'description' => 'There can be only one default certificate.'], + ['errorCode' => 'Waf.Pullin.MaxCertCountLimit', 'errorMessage' => 'The number of selected certificate IDs exceeds the maximum number in the system.', 'description' => 'The number of selected certificate IDs exceeds the maximum number in the system.'], + ['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'], + ['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'], + ['errorCode' => 'Waf.Pullin.CloudProductParamNotMatch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'."\n"], + ], ], - 'schemes' => [ - 'http', - 'https', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ModifyCloudResourceCert', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyCloudResourceCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"A47D2DC0-7151-51EF-BFB7-***\\"\\n}","type":"json"}]', + ], + 'ModifyCloudResourceDefaultCert' => [ + 'path' => '', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'], ], 'parameters' => [ [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-******nd07', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-kf74****', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'CloudResourceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF during cloud native mode access.'."\n" + ."\n" + .'> You can call [CreateCloudResource](~~2839876~~) to connect a resource, and then view the resource ID in the response.', 'type' => 'string', 'required' => true, 'example' => 'lb-***-80-clb7', 'title' => ''], ], [ - 'name' => 'Ip', + 'name' => 'CertId', 'in' => 'query', - 'allowEmptyValue' => true, - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1.X.X.1', - ], + 'schema' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''], ], [ - 'name' => 'HostName', + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'online-***wwq', + 'title' => '', + 'description' => 'Schema of Response', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***'], + ], + 'example' => '', ], ], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'Modify the default certificate for a cloud service', + 'summary' => 'Modifies the default certificate for a cloud native mode resource.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ [ - 'name' => 'GroupType', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'protect', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyCloudResourceDefaultCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\"\\n}","type":"json"}]', + ], + 'ModifyDefaultHttps' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'GroupName', + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '226996', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], + ], + 'parameters' => [ + [ + 'name' => 'CertId', + 'in' => 'query', + 'schema' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'TLSVersion', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The version of the TLS protocol. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', - 'required' => false, - 'example' => 'test', + 'required' => true, + 'enum' => ['tlsv1', 'tlsv1.1', 'tlsv1.2', 'tlsv1.3'], + 'example' => 'tlsv1', + 'title' => '', ], ], [ - 'name' => 'PageSize', + 'name' => 'CipherSuite', 'in' => 'query', 'schema' => [ - 'description' => '', + 'description' => 'The type of the cipher suite. Valid values:'."\n" + ."\n" + .'- **1**: adds all cipher suites.'."\n" + ."\n" + .'- **2**: adds strong cipher suites.'."\n" + ."\n" + .'- **99**: adds custom cipher suites.', 'type' => 'integer', 'format' => 'int32', + 'default' => '1', + 'enum' => ['1', '2', '99'], 'required' => false, - 'example' => '10', + 'example' => '0', + 'title' => '', ], ], [ - 'name' => 'PageNumber', + 'name' => 'CustomCiphers', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', + 'description' => 'The custom cipher suites that you want to add. This parameter is used only when **CipherSuite** is set to **99**.', + 'type' => 'array', + 'items' => [ + 'description' => 'The custom cipher suite.', + 'type' => 'string', + 'enum' => [ + 'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-SHA256', 'ECDHE-ECDSA-AES256-SHA384', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES128-SHA256', 'ECDHE-RSA-AES256-SHA384', 'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256', 'AES256-SHA256', 'ECDHE-ECDSA-AES128-SHA', 'ECDHE-ECDSA-AES256-SHA', 'ECDHE-RSA-AES128-SHA', 'ECDHE-RSA-AES256-SHA', 'AES128-SHA', 'AES256-SHA', 'DES-CBC3-SHA', 'RSA+3DES', + '!aNULL', '!eNULL', '!LOW', '!MD5', '!EXP', '!DSS', '!PSK', '!SRP', '!kECDH', '!CAMELLIA', '!IDEA', '!SEED', + ], + 'required' => false, + 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', + 'title' => '', + ], 'required' => false, - 'example' => '1', + 'maxItems' => 100, + 'title' => '', + 'example' => '', ], ], [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to view the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], + ], + [ + 'name' => 'EnableTLSv3', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to support TLS 1.3. Valid values:'."\n" + ."\n" + .'- **true**: supports TLS 1.3.'."\n" + ."\n" + .'- **false**: does not support TLS 1.3.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + ], + [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -35291,272 +29518,152 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '3', - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'C3B0FDD2-11CE-59A5-BEB5-*****1A969', - ], - 'ClusterServers' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'GroupName' => [ - 'description' => '', - 'type' => 'string', - 'example' => '', - ], - 'Operator' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'aliyun。', - ], - 'Status' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ok', - ], - 'RegionCodeValue' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'RegionCode' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'beijing', - ], - 'Memory' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '33547386880', - ], - 'Ip' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1.*.*1。', - ], - 'Cpu' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '4', - ], - 'Mid' => [ - 'description' => '', - 'type' => 'string', - 'example' => '28ab688cd403563e8e173*****79600', - ], - 'ContinentsValue' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '410', - ], - 'Mac' => [ - 'description' => '', - 'type' => 'string', - 'example' => '**:**:00:02:eb:c7', - ], - 'GroupId' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'JobStatus' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'running', - ], - 'GroupType' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'protect', - ], - 'CustomName' => [ - 'description' => '', - 'type' => 'string', - 'example' => '', - ], - 'UpdateTimestamp' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1711953897000', - ], - 'Continents' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'asiapacific', - ], - 'CreateTimestamp' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1665987186000', - ], - 'HostName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'qsh5-sec-waf-*****-6', - ], - 'OperatorValue' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID, which is used to locate and troubleshoot issues.', 'type' => 'string', 'example' => '276D7566-31C9-4192-9DD1-***', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 3,\\n \\"RequestId\\": \\"C3B0FDD2-11CE-59A5-BEB5-*****1A969\\",\\n \\"ClusterServers\\": [\\n {\\n \\"GroupName\\": \\"测试组。\\",\\n \\"Operator\\": \\"aliyun。\\",\\n \\"Status\\": \\"ok\\",\\n \\"RegionCodeValue\\": 0,\\n \\"RegionCode\\": \\"beijing\\",\\n \\"Memory\\": 33547386880,\\n \\"Ip\\": \\"1.*.*1。\\",\\n \\"Cpu\\": 4,\\n \\"Mid\\": \\"28ab688cd403563e8e173*****79600\\",\\n \\"ContinentsValue\\": 410,\\n \\"Mac\\": \\"**:**:00:02:eb:c7\\",\\n \\"GroupId\\": 1,\\n \\"JobStatus\\": \\"running\\",\\n \\"GroupType\\": \\"protect\\",\\n \\"CustomName\\": \\"测试组\\",\\n \\"UpdateTimestamp\\": 1711953897000,\\n \\"Continents\\": \\"asiapacific\\",\\n \\"CreateTimestamp\\": 1665987186000,\\n \\"HostName\\": \\"qsh5-sec-waf-*****-6\\",\\n \\"OperatorValue\\": 0\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeHybridCloudBasicMonitor' => [ - 'summary' => 'Queries the system status of a node in a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.InvalidCertIdentifier', 'errorMessage' => 'Invalid certificate ID, certificate ID:%s.', 'description' => 'Invalid certificate ID, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate ID:%s.', 'description' => ''], + ['errorCode' => 'Waf.Pullin.CertEmptyCN', 'errorMessage' => 'The common name of the certificate is empty, certificate ID:%s.', 'description' => ''], + ['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.InvalidTLS', 'errorMessage' => 'invalid TLS,TLS:%s .', 'description' => ''], + ['errorCode' => 'Waf.Pullin.InvalidEnableTLSv3', 'errorMessage' => 'invalid EnableTLSv3:%s .', 'description' => ''], + ['errorCode' => 'Waf.Pullin.InvalidCipherSuit', 'errorMessage' => 'Invalid CipherSuit,CipherSuit:%s.', 'description' => ''], + ['errorCode' => 'Waf.Pullin.InvalidCustomCiphers', 'errorMessage' => 'Invalid InvalidCustomCiphers, CustomCiphers:%s .', 'description' => ''], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'ModifyDefaultHttps', + 'summary' => 'Modifies the default SSL/TLS settings.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefaultHttps'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefaultHttps', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"276D7566-31C9-4192-9DD1-***\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseResourceGroup' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '106353', + 'abilityTreeNodes' => ['FEATUREwafHQWDCC'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7mz****hw0u', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'Mid', + 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the node.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'f451e90fcb068905ab379468****db42', - ], + 'schema' => ['description' => 'The name of the protected object group to modify.', 'type' => 'string', 'required' => true, 'example' => 'test01', 'title' => ''], + ], + [ + 'name' => 'AddList', + 'in' => 'query', + 'schema' => ['description' => 'The protected objects to add to the protected object group. Separate multiple protected objects with commas (,). If this parameter is empty, no protected objects are added to the protected object group.', 'type' => 'string', 'required' => false, 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com', 'title' => ''], + ], + [ + 'name' => 'DeleteList', + 'in' => 'query', + 'schema' => ['description' => 'The protected objects to remove from the protected object group. Separate multiple protected objects with commas (,). If this parameter is empty, no protected objects are removed from the protected object group.', 'type' => 'string', 'required' => false, 'example' => 'test14.waf.com,test24.waf.com', 'title' => ''], + ], + [ + 'name' => 'Description', + 'in' => 'query', + 'schema' => ['description' => 'The description of the protected object group. The description can be up to 512 characters long.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is located. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '0B8AF42B-16A9-5762-AEF3-D148****FE5D', - ], - 'BasicMonitors' => [ - 'description' => 'The basic metrics.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The basic metric.'."\n", - 'type' => 'object', - 'properties' => [ - 'MonitorName' => [ - 'description' => 'The metric. Valid values:'."\n" - ."\n" - .'* **basic_monitor_cpu_usage**: the CPU.'."\n" - .'* **basic_monitor_memory_usage**: the memory.'."\n" - .'* **basic_monitor_disk_usage**: the disk.'."\n", - 'type' => 'string', - 'example' => 'basic_monitor_cpu_usage', - ], - 'UseRatio' => [ - 'description' => 'The resource usage.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '5.905694', - ], - 'Levle' => [ - 'type' => 'string', - ], - ], - ], - ], - 'TotalCount' => [ - 'type' => 'integer', - 'format' => 'int32', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2CC1AFDE-BB31-5A2F-906E-92FCBDDE6B75', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0B8AF42B-16A9-5762-AEF3-D148****FE5D\\",\\n \\"BasicMonitors\\": [\\n {\\n \\"MonitorName\\": \\"basic_monitor_cpu_usage\\",\\n \\"UseRatio\\": 5.905694,\\n \\"Levle\\": \\"normal\\"\\n }\\n ],\\n \\"TotalCount\\": 0\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudBasicMonitor', - ], - 'CreateHybridCloudCluster' => [ - 'summary' => 'Creates a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyDefenseResourceGroup', + 'summary' => 'Modifies the configuration of a protected object group.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceGroup'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2CC1AFDE-BB31-5A2F-906E-92FCBDDE6B75\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseResourceXff' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -35564,569 +29671,512 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124693', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '144829', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ + 'name' => 'XffStatus', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether a Layer 7 proxy is deployed in front of WAF. Layer 7 proxies include Anti-DDoS Proxy and Alibaba Cloud CDN. Valid values:'."\n" + ."\n" + .'- **0 (default)**: No.'."\n" + ."\n" + .'- **1**: Yes.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '0', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo****ek07', 'title' => ''], ], [ - 'name' => 'ClusterName', + 'name' => 'CustomHeaders', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The name of the cluster.'."\n", - 'type' => 'string', - 'required' => true, + 'description' => 'The custom header fields.'."\n" + ."\n" + .'> The first IP address in the specified header field is used as the client source IP address to prevent X-Forwarded-For (XFF) spoofing. If multiple headers are specified, they are tried in sequence to obtain the source IP address. If the first header does not contain an IP address, the system tries the second header, and so on. If no IP address is found in any of the specified headers, the system uses the first IP address in the X-Forwarded-For header.', + 'type' => 'array', + 'items' => ['description' => 'The custom header field.', 'type' => 'string', 'required' => false, 'example' => 'x-forwarded-for', 'title' => ''], + 'required' => false, + 'maxItems' => 5, + 'title' => '', 'example' => '', ], ], [ - 'name' => 'HttpPorts', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTP ports that are supported. Set this parameter to a string. Specify multiple ports in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '80,8080', - ], + 'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => true, 'example' => 'alb-4pxu81fgagx3h6y****-alb', 'title' => ''], ], [ - 'name' => 'HttpsPorts', + 'name' => 'AcwCookieStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTPS ports that are supported. Set this parameter to a string. Specify multiple ports in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '443,8443', - ], + 'schema' => ['description' => 'The status of the tracking cookie.'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1 (default)**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ - 'name' => 'AccessMode', + 'name' => 'AcwSecureStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The network access mode. Valid values:'."\n" - ."\n" - .'* **internet**: Internet access.'."\n" - .'* **vpc**: internal network access by using Express Connect circuits.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'internet', - ], + 'schema' => ['description' => 'The status of the secure attribute of the tracking cookie.'."\n" + ."\n" + .'- **0 (default)**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ - 'name' => 'AccessRegion', + 'name' => 'AcwV3SecureStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the virtual private cloud (VPC) resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: China (Hangzhou).'."\n" - .'* **cn-beiijng**: China (Beijing).'."\n" - .'* **cn-shanghai**: China (Shanghai).'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The status of the secure attribute of the slider CAPTCHA cookie.'."\n" + ."\n" + .'- **0 (default)**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''], ], [ - 'name' => 'LogFieldsNotReturned', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - 'deprecated' => true, - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ProtectionServerCount', + 'name' => 'ResponseHeaders', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The number of protection nodes that can be added to the cluster.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', + 'description' => 'The response header parameters.', + 'type' => 'array', + 'items' => [ + 'description' => 'The response header parameters.', + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'Specifies the key for a custom response header.', 'type' => 'string', 'maxLength' => 50, 'required' => false, 'example' => 'Header-Key'."\n", 'title' => ''], + 'Value' => ['description' => 'Specifies the value for a custom response header.', 'type' => 'string', 'maxLength' => 50, 'required' => false, 'example' => 'Header-Value'."\n", 'title' => ''], + ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'required' => false, + 'maxItems' => 5, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'Remark', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2ki****miwq', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The remarks about the cluster.'."\n", - 'type' => 'string', - 'required' => false, + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6C094583-9B3F-5BD8-8748-DC638E48****', 'title' => ''], + ], + 'description' => '', + 'title' => '', 'example' => '', ], ], + ], + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.AbnormalStatus', 'errorMessage' => 'The status of the access resource is abnormal. Resource:%s.', 'description' => 'The status of the access resource is abnormal. Resource:%s.'], + ], + ], + 'title' => 'ModifyDefenseResourceXff', + 'summary' => 'Modifies the cookie settings of a protected object and the method to identify the originating IP addresses of clients.', + 'changeSet' => [ + ['createdAt' => '2025-02-24T08:09:13.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '100', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceXff'], + ], + ], + 'ramActions' => [ [ - 'name' => 'ProxyType', - 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the cluster. Valid value:'."\n" - ."\n" - .'* **cname**: reverse proxy cluster.'."\n" - .'* **service**: SDK-based traffic mirroring cluster.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cname', - 'default' => 'cname', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseResourceXff', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6C094583-9B3F-5BD8-8748-DC638E48****\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseRule' => [ + 'methods' => ['post'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'RuleStatus', + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '106380', + 'abilityTreeNodes' => [ + 'FEATUREwaf1LM6V0', 'FEATUREwafOVI09M', 'FEATUREwafF105ZO', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwafIFHX6M', 'FEATUREwafI1HM4C', 'FEATUREwaf16U367', 'FEATUREwaf6XNOII', 'FEATUREwafS64FX9', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafRM5KJ7', 'FEATUREwaf4TDPM4', 'FEATUREwafOUMN3V', 'FEATUREwafVG3S9P', 'FEATUREwafIDKGGL', 'FEATUREwafWUANSU', 'FEATUREwafVZXFDE', + 'FEATUREwaf6KFDRU', + ], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of manual bypass. Valid values:'."\n" - ."\n" - .'* **on**: enabled.'."\n" - .'* **off**: disabled.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'on', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'RuleType', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the rule. Valid value:'."\n" - ."\n" - .'* **bypass**: allows requests without security checks.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'bypass', - ], + 'schema' => ['description' => 'The ID of the protection template.'."\n" + ."\n" + .'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '5325', 'title' => ''], ], [ - 'name' => 'RuleConfig', + 'name' => 'DefenseScene', 'in' => 'query', - 'schema' => [ - 'description' => 'The configurations of the rule.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '{'."\n" - .' "enable": true,'."\n" - .' "param": {'."\n" - .' "breaker": {'."\n" - .' "duration": 1,'."\n" - .' "failed": 1,'."\n" - .' "recent_failed": 1'."\n" - .' },'."\n" - .' "disable_protect": false,'."\n" - .' "max_request_body_len": 1,'."\n" - .' "timeout": 1'."\n" - .' }'."\n" - .'}', - ], + 'schema' => ['description' => 'The protection scenario to modify. For more information, see the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'required' => false, 'example' => 'waf_group', 'title' => ''], ], [ - 'name' => 'ProxyStatus', + 'name' => 'Rules', + 'in' => 'formData', + 'schema' => ['description' => 'The details of the protection rule, in a JSON string format. Specify the rule ID and the configuration of the protection rule to modify. The details include the following:'."\n" + ."\n" + .'- **id**: The ID of the rule. This parameter is required. Data type: Long.'."\n" + ."\n" + .'- Configuration of the protection rule: The parameters are the same as the **Rules** parameter of the [CreateDefenseRule](~~461421~~) operation. For more information, see the description of the protection rule parameters in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'required' => true, 'example' => '['."\n" + .' {'."\n" + .' "id": 2344,'."\n" + .' "policyId": 1012,'."\n" + .' "action": "block"'."\n" + .' }'."\n" + .']', 'title' => ''], + ], + [ + 'name' => 'DefenseType', 'in' => 'query', 'schema' => [ - 'description' => 'The status of the proxy gateway. Valid value:'."\n" + 'description' => 'The type of the protection rule. Valid values:'."\n" + ."\n" + .'- **template** (default): a template protection rule.'."\n" ."\n" - .'* **on**: enabled.'."\n" - .'* **off**: disabled.'."\n", + .'- **resource**: a rule for a specific protected object.'."\n" + ."\n" + .'- **global**: a global rule.', 'type' => 'string', + 'default' => 'template', + 'enum' => ['global', 'resource', 'template'], 'required' => false, - 'example' => 'off', - 'default' => 'off', + 'example' => 'template', + 'title' => '', ], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid value:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'schema' => ['description' => 'The protected object for which you want to modify the rule.'."\n" + ."\n" + .'> This parameter is required only when **DefenseType** is set to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'rencs***-waf', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The returned data.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '66A98669-ER12-WE34-23PO-301469*****E', - ], - 'Data' => [ - 'description' => 'The ID of the cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '1EEA9C98-F166-54FE-ADE3-08D8****BDFA', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', 'errorMessage' => 'The whitelist protection rule does not exist.', 'description' => 'The whitelist protection rule does not exist. Rule ID:%s.'], + ['errorCode' => 'Defense.Control.DefenseWhitelistConfigInvalid', 'errorMessage' => 'The whitelist rule is misconfigured.', 'description' => 'Error configuring whitelist rule: %s.'], + ['errorCode' => 'Defense.Control.DefenseBookTypeInvalid', 'errorMessage' => 'The address book type is illegal.', 'description' => 'The address book type is illegal.'], + ['errorCode' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', 'errorMessage' => 'Threat Intelligence Rule configuration error.', 'description' => 'Threat Intelligence Rule configuration error. %s'], + ['errorCode' => 'Defense.Control.DefenseIpCountOversize', 'errorMessage' => 'The number of IPs exceeds the limit.', 'description' => 'The number of IPs exceeds the limit.'], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"Data\\": 1\\n}","type":"json"}]', - 'title' => 'CreateHybridCloudCluster', - ], - 'DescribeHybridCloudServerRegions' => [ - 'summary' => 'Queries information about the regions that the hybrid cloud mode supports, such as the Internet service providers (ISPs), continents, and cities.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyDefenseRule', + 'summary' => 'Modifies the configuration of a protection rule.', + 'changeSet' => [ + ['createdAt' => '2024-10-18T13:59:15.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-05-17T07:33:46.000Z', 'description' => 'Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRule'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1EEA9C98-F166-54FE-ADE3-08D8****BDFA\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseRuleCache' => [ + 'summary' => 'Updates the cache for a web tamper-proofing rule.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '137716', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-5yd****7009', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zvp****xm2r', 'title' => ''], ], [ - 'name' => 'RegionCode', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The code of the region.'."\n" - ."\n" - .'> This parameter is required if you set RegionType to region. The value is the code of the city.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '410', - ], + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '123', 'title' => ''], ], [ - 'name' => 'RegionType', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the region. Valid values:'."\n" - ."\n" - .'* **operator**: the ISP.'."\n" - .'* **continents**: the continent.'."\n" - .'* **region**: the city.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'region', - 'enum' => [ - 'operator', - 'continents', - 'region', - ], - ], + 'schema' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '0FBBDE11-C35F-531B-96BA-64CA****C875', - ], - 'Regions' => [ - 'description' => 'The information about the regions.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The information about the region.'."\n", - 'type' => 'object', - 'properties' => [ - 'Code' => [ - 'description' => 'The code of the region.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'Name' => [ - 'description' => 'The name of the region.'."\n", - 'type' => 'string', - 'example' => 'aliyun', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'A0F2B994-8645-5270-A05D-9DAD8C35****', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0FBBDE11-C35F-531B-96BA-64CA****C875\\",\\n \\"Regions\\": [\\n {\\n \\"Code\\": 1,\\n \\"Name\\": \\"aliyun\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudServerRegions', - ], - 'DescribeHybridCloudUnassignedMachines' => [ - 'summary' => 'Queries servers that are not assigned to a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyDefenseRuleCache', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleCache'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseRuleCache', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"A0F2B994-8645-5270-A05D-9DAD8C35****\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseRuleStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '106381', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-5yd****7009', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '123', - ], + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '7239', 'title' => ''], ], [ - 'name' => 'Ip', + 'name' => 'RuleId', 'in' => 'query', - 'schema' => [ - 'description' => 'The IP address of the server.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1.X.X.1', - ], + 'schema' => ['description' => 'The ID of the protection rule to modify.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20002615', 'title' => ''], ], [ - 'name' => 'HostName', + 'name' => 'RuleStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The host name.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'online-xagent1', - ], + 'schema' => ['description' => 'The new status of the protection rule. Valid values:'."\n" + ."\n" + .'- **0**: disabled'."\n" + ."\n" + .'- **1**: enabled', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'DefenseType', 'in' => 'query', 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" + 'description' => 'The type of the protection rule. Valid values:'."\n" ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", + .'- **template** (default): a template protection rule.'."\n" + ."\n" + .'- **resource**: a rule that is configured for a protected object.', + 'enumValueTitles' => ['template' => 'template', 'resource' => 'resource'], 'type' => 'string', + 'default' => 'template', + 'enum' => ['template', 'resource', 'global'], 'required' => false, - 'example' => 'rg-acfm***q', + 'example' => 'template', + 'title' => '', ], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '28', - ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '3EBCFCE9-4A3C-5E01-915D-691B****510A', - ], - 'UnassignedMachines' => [ - 'description' => 'The servers that are not assigned to the hybrid cloud cluster.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The server that is not assigned to the hybrid cloud cluster.'."\n", - 'type' => 'object', - 'properties' => [ - 'CustomName' => [ - 'description' => 'The name of the node.'."\n", - 'type' => 'string', - 'example' => 'exampleName', - ], - 'Memory' => [ - 'description' => 'The memory size. Unit: KB. A conversion factor of 1,000 is used.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '31580872', - ], - 'Ip' => [ - 'description' => 'The IP address of the server.'."\n", - 'type' => 'string', - 'example' => '1.X.X.1'."\n", - ], - 'Cpu' => [ - 'description' => 'The number of CPU cores.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '16', - ], - 'Mid' => [ - 'description' => 'The ID of the node.'."\n", - 'type' => 'string', - 'example' => '78db009ab6cf055a9085f9f4****ae3a', - ], - 'HostName' => [ - 'description' => 'The host name.'."\n", - 'type' => 'string', - 'example' => 'online-xagent1'."\n", - ], - 'Mac' => [ - 'description' => 'The media access control (MAC) address of the device.'."\n", - 'type' => 'string', - 'example' => '00163e2686ac', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BB305BF3-3C71-57A9-9704-E22F567689B0', 'title' => ''], ], - 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 28,\\n \\"RequestId\\": \\"3EBCFCE9-4A3C-5E01-915D-691B****510A\\",\\n \\"UnassignedMachines\\": [\\n {\\n \\"CustomName\\": \\"exampleName\\",\\n \\"Memory\\": 31580872,\\n \\"Ip\\": \\"1.X.X.1\\\\n\\",\\n \\"Cpu\\": 16,\\n \\"Mid\\": \\"78db009ab6cf055a9085f9f4****ae3a\\",\\n \\"HostName\\": \\"online-xagent1\\\\n\\",\\n \\"Mac\\": \\"00163e2686ac\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudUnassignedMachines', - ], - 'ModifyHybridCloudClusterBypassStatus' => [ - 'summary' => 'Enables or disables manual bypass for a hybrid cloud cluster whose type is set to SDK Integration Mode.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyDefenseRuleStatus', + 'summary' => 'Enables or disables a protection rule.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseRuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BB305BF3-3C71-57A9-9704-E22F567689B0\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseSceneConfig' => [ + 'summary' => 'Modifies the mitigation settings for a protection scenario.', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -36137,73 +30187,53 @@ 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '174009', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], - 'autoTest' => true, + 'abilityTreeCode' => '255326', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'**'."\n" - ."\n" - .'**You can call the **DescribeInstanceInfo[ operation to obtain the ID of the WAF instance.](~~140857~~)'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''], ], [ - 'name' => 'ClusterResourceId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'hdbc_cluster_****', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false], ], [ - 'name' => 'RuleStatus', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of manual bypass. Valid values:'."\n" - ."\n" - .'* **on**: enabled.'."\n" - .'* **off**: disabled. This is the default value.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'on', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false], ], [ - 'name' => 'RegionId', + 'name' => 'DefenseScene', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The protection scenario for which you want to modify the mitigation settings. Valid values:'."\n" + ."\n" + .'- **apisec**: API security.', 'type' => 'string', 'required' => true, 'example' => 'apisec', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'ConfigKey', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The name of the configuration item to modify.'."\n" + ."\n" + .'If **DefenseScene** is set to **apisec**, the valid value is:'."\n" + ."\n" + .'- **autoEnabled**: indicates whether core API security detection is automatically enabled for new resources.', 'type' => 'string', 'required' => true, 'example' => 'autoEnableStatus', 'title' => ''], + ], + [ + 'name' => 'ConfigValue', + 'in' => 'query', + 'schema' => ['description' => 'The value to set for the configuration item.'."\n" + ."\n" + .'> The value of this parameter depends on the value of **ConfigKey**. For more information, see **Description of mitigation setting parameters**.', 'type' => 'string', 'required' => true, 'example' => 'true', 'title' => ''], ], ], 'responses' => [ @@ -36211,528 +30241,881 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], - 'description' => '', + 'description' => 'The response parameters.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyHybridCloudClusterBypassStatus', - ], - 'DescribeHybridCloudUser' => [ - 'summary' => 'Queries the HTTP and HTTPS ports that you can use when you add a domain name to Web Application Firewall (WAF) in hybrid cloud mode.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyDefenseSceneConfig', + 'requestParamsDescription' => '## Mitigation setting parameters'."\n" + ."\n" + .'### API security (**apisec**)'."\n" + ."\n" + .'If **DefenseScene** is set to **apisec**, you can modify the configuration for API security.'."\n" + ."\n" + .'If **ConfigKey** is set to **autoEnabled**, set **ConfigValue** to "**true**" or "**false**".'."\n" + ."\n" + .'```json'."\n" + .'{'."\n" + .' "InstanceId": "waf_cn****",'."\n" + .' "DefenseScene": "apisec",'."\n" + .' "ConfigKey": "autoEnabled",'."\n" + .' "ConfigValue": "true"'."\n" + .'}'."\n" + .'```', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseSceneConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseTemplate' => [ + 'summary' => 'Modifies a defense template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '112175', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-***********', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], + ], + [ + 'name' => 'TemplateName', + 'in' => 'query', + 'schema' => ['description' => 'The name of the protection template. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (\\_), periods (.), and hyphens (-).'."\n" + ."\n" + .'> Template names must be unique for the same protection scenario (**DefenseScene**).', 'type' => 'string', 'required' => true, 'example' => 'test', 'title' => ''], + ], + [ + 'name' => 'TemplateId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the protection template to modify.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '7392', 'title' => ''], + ], + [ + 'name' => 'Description', + 'in' => 'query', + 'schema' => ['description' => 'The description of the protection template.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '9178CB86-285F-5679-A30A-3B3F007E4206', - ], - 'UserInfo' => [ - 'description' => 'The information about the ports that can be used by a hybrid cloud cluster.'."\n", - 'type' => 'object', - 'properties' => [ - 'HttpsPorts' => [ - 'description' => 'The HTTPS ports. The value is a string. If multiple ports are returned, the value is in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'example' => '8443,443', - ], - 'HttpPorts' => [ - 'description' => 'The HTTP ports. The value is a string. If multiple ports are returned, the value is in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'example' => '80,8080', - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '1A68C85D-7467-5BB1-9A7E-2E8A5D96D88A', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9178CB86-285F-5679-A30A-3B3F007E4206\\",\\n \\"UserInfo\\": {\\n \\"HttpsPorts\\": \\"8443,443\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudUser', - ], - 'DescribeHybridCloudGroups' => [ - 'summary' => 'Queries the hybrid cloud node groups that are added to Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyDefenseTemplate', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplate'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1A68C85D-7467-5BB1-9A7E-2E8A5D96D88A\\"\\n}","type":"json"}]', + ], + 'ModifyDefenseTemplateStatus' => [ + 'summary' => 'Changes the status of a protection rule template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '136062', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '106371', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-********w0b', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '428', - ], + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2249', 'title' => ''], ], [ - 'name' => 'GroupName', + 'name' => 'TemplateStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the node group that you want to query.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => 'groupName1', - ], + 'schema' => ['description' => 'The new status of the protection rule template. Valid values:'."\n" + ."\n" + .'- **0**: Disabled.'."\n" + ."\n" + .'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], ], [ - 'name' => 'GroupType', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the node group. Valid values:'."\n" - ."\n" - .'* **protect**'."\n" - .'* **control**'."\n" - .'* **storage**'."\n" - .'* **controlStorage**'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'protect', - ], + 'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ + 'headers' => [], 'schema' => [ - 'description' => 'The page number. Default value: **1**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', + 'description' => 'The result of the request.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '58007AE3-65D9-57BA-ABB4-1A544015FB50', 'title' => ''], + ], + 'title' => '', + 'example' => '', ], ], + ], + 'title' => 'ModifyDefenseTemplateStatus', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplateStatus'], + ], + ], + 'ramActions' => [ [ - 'name' => 'PageSize', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of entries per page. Default value: **10**.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseTemplateStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"58007AE3-65D9-57BA-ABB4-1A544015FB50\\"\\n}","type":"json"}]', + ], + 'ModifyDomain' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ [ - 'name' => 'ClusterProxyType', + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '114036', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of proxy cluster that is used. Valid values:'."\n" - ."\n" - .'* **service**: service-based traffic mirroring.'."\n" - .'* **cname**: reverse proxy.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cname', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou:** the Chinese mainland.'."\n" - .'* **ap-southeast-1:** outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The domain name whose configurations you want to modify.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'DomainId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''], ], - ], - 'responses' => [ - 200 => [ + [ + 'name' => 'Listen', + 'in' => 'query', + 'style' => 'json', 'schema' => [ + 'description' => 'The listening settings.', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => 'The total number of entries returned.'."\n", + 'HttpsPorts' => [ + 'description' => 'The HTTPS listening ports. The format is \\[**port1,port2,...**].', + 'type' => 'array', + 'items' => ['description' => 'An HTTPS listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '443', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'HttpPorts' => [ + 'description' => 'The HTTP listening ports. The format is \\[**port1,port2,...**].', + 'type' => 'array', + 'items' => ['description' => 'An HTTP listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 is enabled.'."\n" + ."\n" + .'- **false** (default): HTTP/2 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'CertId' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => false, 'example' => '123', 'title' => ''], + 'SM2Enabled' => ['description' => 'Indicates whether SM certificates are enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'SM2CertId' => ['description' => 'The ID of the SM certificate. This parameter is required only when SM2Enabled is set to true.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''], + 'SM2AccessOnly' => ['description' => 'Indicates whether access is allowed only from SM clients. This parameter is available only when SM2Enabled is set to true. Valid values:'."\n" + ."\n" + .'- true: Only SM clients can access the website.'."\n" + ."\n" + .'- false: Both SM and non-SM clients can access the website.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'TLSVersion' => ['description' => 'The TLS version. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" + ."\n" + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1', 'title' => ''], + 'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is supported.'."\n" + ."\n" + .'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'CipherSuite' => ['description' => 'The type of the cipher suite. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites. You can select this value only when you set **TLSVersion** to **tlsv1.2**.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '2', 'title' => ''], + 'CustomCiphers' => [ + 'description' => 'The custom cipher suites. This parameter is available only when you set **CipherSuite** to **99**.', + 'type' => 'array', + 'items' => ['description' => 'A custom cipher suite.', 'type' => 'string', 'required' => false, 'example' => '["xxx","ffas"]', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'FocusHttps' => ['description' => 'Indicates whether forced HTTPS redirection is enabled. This parameter is available only when the domain uses HTTPS but not HTTP. Valid values:'."\n" + ."\n" + .'- **true**: Forced HTTPS redirection is enabled.'."\n" + ."\n" + .'- **false**: Forced HTTPS redirection is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'XffHeaderMode' => [ + 'description' => 'The method that WAF uses to obtain the real IP address of a client. Valid values:'."\n" + ."\n" + .'- **0** (default): WAF obtains the client IP address from the TCP connection. This option is suitable if no Layer 7 proxies are deployed in front of WAF.'."\n" + ."\n" + .'- **1**: WAF obtains the client IP address from the first value of the X-Forwarded-For (XFF) header.'."\n" + ."\n" + .'- **2**: WAF obtains the client IP address from a custom header field.', + 'enumValueTitles' => [], 'type' => 'integer', 'format' => 'int32', - 'example' => '146', + 'enum' => ['0', '1', '2', '3'], + 'required' => false, + 'example' => '2', + 'title' => '', ], - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '045660E7-C4C6-5CD7-8182-7B337D95****', + 'XffHeaders' => [ + 'description' => 'The custom header fields that are used to obtain the client IP address. The format is \\[**"header1","header2",...**].'."\n" + ."\n" + .'> This parameter is required only when you set **XffHeaderMode** to 2.', + 'type' => 'array', + 'items' => ['description' => 'A custom header field from which to retrieve the client IP.', 'type' => 'string', 'required' => false, 'example' => 'Client-ip', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', ], - 'Groups' => [ - 'description' => 'The node groups.'."\n", + 'IPv6Enabled' => ['description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n" + ."\n" + .'- **true**: IPv6 is enabled.'."\n" + ."\n" + .'- **false** (default): IPv6 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'ProtectionResource' => ['description' => 'The type of the protection resource. Valid values:'."\n" + ."\n" + .'- **share** (default): a shared cluster.'."\n" + ."\n" + .'- **gslb**: a shared cluster with global server load balancing.', 'type' => 'string', 'required' => false, 'default' => 'share', 'example' => 'share', 'title' => ''], + 'ExclusiveIp' => ['description' => 'Indicates whether an exclusive IP address is enabled. This parameter is available only when you set **IPv6Enabled** to false and **ProtectionResource** to **share**. Valid values:'."\n" + ."\n" + .'- **true**: An exclusive IP address is enabled.'."\n" + ."\n" + .'- **false** (default): An exclusive IP address is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'HstsIncludeSubDomain' => ['description' => 'Indicates whether subdomains are included in the HTTP Strict Transport Security (HSTS) policy. Valid values:'."\n" + ."\n" + .'- **true**: Subdomains are included.'."\n" + ."\n" + .'- **false**: Subdomains are not included.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''], + 'HstsPreload' => ['description' => 'Indicates whether HSTS preload is enabled. Default value: false. Valid values:'."\n" + ."\n" + .'- true: HSTS preload is enabled.'."\n" + ."\n" + .'- false: HSTS preload is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''], + 'HstsMaxAge' => ['description' => 'The time-to-live (TTL) of the HSTS policy. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '365000', 'title' => ''], + ], + 'required' => true, + 'title' => '', + 'example' => '', + ], + ], + [ + 'name' => 'Redirect', + 'in' => 'query', + 'style' => 'json', + 'schema' => [ + 'description' => 'The forwarding settings.', + 'type' => 'object', + 'properties' => [ + 'Backends' => [ + 'description' => 'The IP addresses or domain names of the origin server. You can specify only one type of address. If you specify a domain name, only IPv4 is supported. IPv6 is not supported.'."\n" + ."\n" + .'- IP addresses: The format is \\[**"ip1","ip2",...**]. You can specify up to 20 IP addresses.'."\n" + ."\n" + .'- Domain names: The format is \\[**"domain"**]. You can specify up to 20 domain names.', + 'type' => 'array', + 'items' => ['description' => 'An IP address or domain name of the origin server.', 'type' => 'string', 'required' => false, 'example' => '1.1.XX.XX', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'Loadbalance' => ['description' => 'The load balancing algorithm for back-to-origin requests. Valid values:'."\n" + ."\n" + .'- **iphash**: the IP hash algorithm.'."\n" + ."\n" + .'- **roundRobin**: the round-robin algorithm.'."\n" + ."\n" + .'- **leastTime**: the least time algorithm. This value is available only when you set **ProtectionResource** to **gslb**.', 'type' => 'string', 'required' => true, 'default' => 'iphash', 'example' => 'iphash', 'title' => ''], + 'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. This parameter is available only when you specify **HttpsPorts**. Valid values:'."\n" + ."\n" + .'- **true**: Forced HTTP back-to-origin is enabled.'."\n" + ."\n" + .'- **false**: Forced HTTP back-to-origin is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'SniEnabled' => ['description' => 'Indicates whether back-to-origin Server Name Indication (SNI) is enabled. This parameter is available only when you specify **HttpsPorts**. Valid values:'."\n" + ."\n" + .'- **true**: Back-to-origin SNI is enabled.'."\n" + ."\n" + .'- **false** (default): Back-to-origin SNI is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'SniHost' => ['description' => 'The value of the custom SNI field. If you do not set this parameter, the value of the **Host** field from the request header is used by default. You typically do not need to set this parameter unless your business requires a custom SNI value for back-to-origin requests.'."\n" + ."\n" + .'> This parameter is available only when you set **SniEnabled** to true.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''], + 'RequestHeaders' => [ + 'description' => 'The custom header fields and their values for traffic marking.'."\n" + ."\n" + .'WAF adds these fields and values to the request headers when traffic passes through WAF. This helps backend services identify and collect statistics on WAF-processed traffic.', 'type' => 'array', 'items' => [ - 'description' => 'The information about the node group.'."\n", + 'description' => 'The format is \\[**{"k":"*key*","v":"*value*"}**]. ***key*** specifies the custom header field, and ***value*** specifies the value of the field.'."\n" + ."\n" + .'> If the custom header field already exists in the request, WAF overwrites its value with the specified value.', 'type' => 'object', 'properties' => [ - 'GroupName' => [ - 'description' => 'The name of the node group.'."\n", - 'type' => 'string', - 'example' => 'StorageGroup', - ], - 'RegionCodeValue' => [ - 'description' => 'The city code of the protected cluster.'."\n" - ."\n" - .'> For more information about city codes, see City codes in this topic.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'LoadBalanceIp' => [ - 'description' => 'The IP address of the server used for load balancing.'."\n", - 'type' => 'string', - 'example' => '1.1.XX.XX', - ], - 'BackSourceMark' => [ - 'description' => 'The back-to-origin mark of the protected cluster. The value is in the {ISP name}-{Continent name}-{City name}-{Back-to-origin identifier} format. The back-to-origin identifier is optional.'."\n" - ."\n" - .'> For more information about ISP names, continent names, city names, and back-to-origin identifiers, see the following sections.'."\n", - 'type' => 'string', - 'example' => 'aliyun-asiapacific-beijing-12345678', - ], - 'GroupType' => [ - 'description' => 'The type of the node group. Valid values:'."\n" - ."\n" - .'* **protect**'."\n" - .'* **control**'."\n" - .'* **storage**'."\n" - .'* **controlStorage**'."\n", - 'type' => 'string', - 'example' => 'protect', - ], - 'LocationId' => [ - 'description' => 'The ID of the protection node.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1312', - ], - 'Ports' => [ - 'description' => 'The port that is used by the hybrid cloud cluster. The value of this parameter is a string. If multiple ports are returned, the value is in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'example' => '80,9200,20018', - ], - 'ContinentsValue' => [ - 'description' => 'The continent code of the protected cluster.'."\n" - ."\n" - .'> For more information about continent codes, see Continent codes in this topic.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '410', - ], - 'GroupId' => [ - 'description' => 'The ID of the node group.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '123', - ], - 'Remark' => [ - 'description' => 'The description of the node group.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'OperatorValue' => [ - 'description' => 'The ISP code of the protected cluster.'."\n" - ."\n" - .'> For more information about ISP codes, see ISP codes in this topic.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], + 'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'aaa', 'title' => ''], + 'Value' => ['description' => 'The value of the custom header field.', 'type' => 'string', 'required' => false, 'example' => 'bbb', 'title' => ''], ], + 'required' => false, + 'title' => '', + 'example' => '', ], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds. Valid values: 1 to 3600. Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '120', 'title' => ''], + 'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds. Valid values: 1 to 3600. Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''], + 'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds. Valid values: 1 to 3600. Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''], + 'CnameEnabled' => ['description' => 'Indicates whether public cloud disaster recovery is enabled. Valid values:'."\n" + ."\n" + .'- **true**: Public cloud disaster recovery is enabled.'."\n" + ."\n" + .'- **false** (default): Public cloud disaster recovery is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'RoutingRules' => ['description' => 'The forwarding rules for a hybrid cloud deployment. This parameter is a string that contains a JSON array. Each element in the array is a struct that contains the following fields:'."\n" + ."\n" + .'- **rs**: an array of strings. The back-to-origin IP addresses or CNAMEs.'."\n" + ."\n" + .'- **backupRs**: an array of strings. The backup back-to-origin IP addresses or CNAMEs. This field is required. If you do not want to specify backup addresses, set it to \\[].'."\n" + ."\n" + .'- **location**: a string. The name of the protection node.'."\n" + ."\n" + .'- **locationId**: a long integer. The ID of the protection node.', 'type' => 'string', 'required' => false, 'example' => '['."\n" + .' {'."\n" + .' "rs":'."\n" + .' ['."\n" + .' "1.1.XX.XX"'."\n" + .' ],'."\n" + .' "backupRs":'."\n" + .' ['."\n" + .' "2.2.XX.XX"'."\n" + .' ],'."\n" + .' "locationId": 535,'."\n" + .' "location": "test1111"'."\n" + .' }'."\n" + .']', 'title' => ''], + 'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n" + ."\n" + .'- **true** (default): Persistent connections are enabled.'."\n" + ."\n" + .'- **false**: Persistent connections are disabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], + 'Retry' => ['description' => 'Indicates whether forwarding requests to the origin server are retried when the requests fail. Valid values:'."\n" + ."\n" + .'- **true** (default): Requests are retried.'."\n" + ."\n" + .'- **false**: Requests are not retried.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], + 'KeepaliveRequests' => ['description' => 'The number of requests that can be reused in a persistent connection. Valid values: 60 to 1000. Default value: 1000.'."\n" + ."\n" + .'> This parameter is available only when you enable persistent connections.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''], + 'KeepaliveTimeout' => ['description' => 'The idle timeout for a persistent connection. Unit: seconds. Valid values: 1 to 60. Default value: 15.'."\n" + ."\n" + .'> This parameter specifies the amount of time that an idle persistent connection can remain open.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '15', 'required' => false, 'example' => '15', 'title' => ''], + 'XffProto' => ['description' => 'Indicates whether the X-Forwarded-Proto header is used to pass the protocol used by WAF to the origin server. Valid values:'."\n" + ."\n" + .'- **true** (default): The WAF protocol is passed.'."\n" + ."\n" + .'- **false**: The WAF protocol is not passed.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''], + 'BackupBackends' => [ + 'description' => 'The IP addresses or domain names of the backup origin server.', + 'type' => 'array', + 'items' => ['description' => 'The IP addresses or domain names of the backup origin server. You can specify only one type of address. If you specify a domain name, only IPv4 is supported. IPv6 is not supported.'."\n" + ."\n" + .'- IP addresses: The format is \\[**"ip1","ip2",...**]. You can specify up to 20 IP addresses.'."\n" + ."\n" + .'- Domain names: The format is \\[**"domain"**]. You can specify up to 20 domain names.', 'type' => 'string', 'required' => false, 'example' => '['."\n" + .' "1.1.XX.XX",'."\n" + .' "2.2.XX.XX"'."\n" + .']', 'title' => ''], + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'XClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-Client-IP header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'XTrueIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-True-IP header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'WebServerType' => ['description' => 'Indicates whether WAF is allowed to overwrite the Web-Server-Type header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'WLProxyClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the WL-Proxy-Client-IP header. Valid values:'."\n" + ."\n" + .'- **true** (default): WAF is allowed to overwrite the header.'."\n" + ."\n" + .'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''], + 'MaxBodySize' => ['description' => 'The maximum size of a request body. Unit: GB. Valid values: 2 to 10. Default value: 2.'."\n" + ."\n" + .'> This parameter is supported only by the WAF Ultimate edition.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'title' => '', 'required' => false], + 'Http2Origin' => ['description' => 'Indicates whether HTTP/2 is enabled for back-to-origin requests. Valid values:'."\n" + ."\n" + .'- **true**: HTTP/2 is enabled for back-to-origin requests.'."\n" + ."\n" + .'- **false**: HTTP/2 is disabled for back-to-origin requests.', 'type' => 'boolean', 'title' => '', 'required' => false, 'example' => 'true'], + 'Http2OriginMaxConcurrency' => ['description' => 'The maximum number of concurrent HTTP/2 back-to-origin requests. Valid values: 1 to 512. Default value: 2.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '512', 'minimum' => '1', 'example' => '128', 'title' => '', 'required' => false], + 'ProxyProtocol' => ['description' => 'Indicates whether the Proxy Protocol is enabled to preserve client IP addresses.'."\n" + ."\n" + .'- **true**: The Proxy Protocol is enabled. If you select this option, you can view the client IP address on the origin server.'."\n" + ."\n" + .'- **false**: The Proxy Protocol is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''], + 'BackendPorts' => [ + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'ListenPort' => ['description' => 'The WAF listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''], + 'BackendPort' => ['description' => 'The port of the origin server.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''], + 'Protocol' => ['description' => 'The protocol of the listening port. Valid values:'."\n" + ."\n" + .'- **http**: HTTP.'."\n" + ."\n" + .'- **https**: HTTPS.', 'type' => 'string', 'required' => false, 'example' => 'http', 'title' => ''], + ], + 'description' => 'A custom port mapping for back-to-origin.', + 'required' => false, + 'title' => '', + 'example' => '', + ], + 'description' => 'The custom port mappings for back-to-origin.', + 'required' => false, + 'title' => '', + 'example' => '', ], ], - 'description' => '', + 'required' => true, + 'title' => '', + 'example' => '', + ], + ], + [ + 'name' => 'RegionId', + 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'AccessType', + 'in' => 'query', + 'schema' => ['description' => 'The access mode of the WAF instance. Valid values:'."\n" + ."\n" + .'- **share** (default): onboarding by using a CNAME record.'."\n" + ."\n" + .'- **hybrid\\_cloud\\_cname**: onboarding by using a hybrid cloud CNAME record.', 'type' => 'string', 'default' => 'share', 'required' => false, 'example' => 'share', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ + 'schema' => [ + 'description' => 'The response structure.', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D****', 'title' => ''], + 'DomainInfo' => [ + 'description' => 'The information about the modified domain name.', + 'type' => 'object', + 'properties' => [ + 'Cname' => ['description' => 'The CNAME that is assigned by WAF to the domain name.', 'type' => 'string', 'example' => 'xxxxxcvdaf.****.com', 'title' => ''], + 'Domain' => ['description' => 'The domain name whose configurations are modified.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''], + 'DomainId' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 146,\\n \\"RequestId\\": \\"045660E7-C4C6-5CD7-8182-7B337D95ADF4\\",\\n \\"Groups\\": [\\n {\\n \\"GroupName\\": \\"StorageGroup\\",\\n \\"RegionCodeValue\\": 0,\\n \\"LoadBalanceIp\\": \\"1.1.XX.XX\\",\\n \\"BackSourceMark\\": \\"aliyun-asiapacific-beijing-56477821\\",\\n \\"GroupType\\": \\"protect\\",\\n \\"LocationId\\": 1312,\\n \\"Ports\\": \\"80,9200,20018\\",\\n \\"ContinentsValue\\": 410,\\n \\"GroupId\\": 123,\\n \\"Remark\\": \\"备注\\",\\n \\"OperatorValue\\": 0\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudGroups', - 'responseParamsDescription' => '### ISP codes'."\n" - ."\n" - .'|ISP code|ISP tag|ISP description|'."\n" - .'|---|---|---|'."\n" - .'|0|aliyun|Alibaba Cloud|'."\n" - .'|3|tencent|Tencent Cloud|'."\n" - .'|100|google|Google Cloud|'."\n" - .'|200|IDC|IDC|'."\n" - ."\n" - .'### Continent codes'."\n" - ."\n" - .'|Continent code|Continent tag|Continent description|'."\n" - .'|---|---|---|'."\n" - .'|410|asiapacific|asiapacific|'."\n" - .'|411|euro|euro|'."\n" - ."\n" - .'### City codes'."\n" - ."\n" - .'|Continent code|City code|City tag|City description|'."\n" - .'|---|---|---|---|'."\n" - .'|411|0|frankfurt|Frankfurt|'."\n" - .'|411|1|siliconvallery|Silicon Valley|'."\n" - .'|411|2|Virginia|Virginia|'."\n" - .'|410|0|beijing|Beijing|'."\n" - .'|410|1|shanghai|Shanghai|'."\n" - .'|410|2|hongkong|Hong Kong, China|'."\n" - .'|410|3|jakarta|Jakarta|'."\n" - .'|410|4|hangzhou|Hangzhou|'."\n" - .'|410|5|zhangjiakou|Zhangjiakou|'."\n" - .'|410|6|shenzhen|Shenzhen|'."\n" - .'|410|7|singapore|Singapore|'."\n" - .'|410|8|Tokyo|Tokyo|'."\n" - .'|410|9|changsha|Changsha|'."\n" - .'|410|10|public\\_cloud|Public cloud|'."\n" - .'|410|11|nanjing|Nanjing|', - ], - 'CreateHybridCloudGroup' => [ - 'summary' => 'Creates a node group for a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.BusinessViolation', 'errorMessage' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'description' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'], + ['errorCode' => 'Waf.Control.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'."\n"], + ['errorCode' => 'Waf.Control.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match'."\n"], + ['errorCode' => 'Waf.Control.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'], + ['errorCode' => 'Waf.Pullin.BackupBackendConflict', 'errorMessage' => 'The backup backend configuration conflicts.', 'description' => 'The backup link back-to-source configuration conflicts.'], + ['errorCode' => 'Waf.Pullin.BackendPortIncompatible', 'errorMessage' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.', 'description' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.'], + ['errorCode' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', 'errorMessage' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', 'description' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.'], + ['errorCode' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', 'errorMessage' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', 'description' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.'], + ['errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'], + ['errorCode' => 'Waf.Pullin.InvalidMaxAgeWithPreload', 'errorMessage' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000.', 'description' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000'], + ['errorCode' => 'Waf.Pullin.InvalidIncludeSubDomainWithPreload', 'errorMessage' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'], + ['errorCode' => 'Waf.Pullin.InvalidCustomCiphers', 'errorMessage' => 'Invalid custom cipher suite.', 'description' => 'Invalid custom cipher suite.'], + ['errorCode' => 'Waf.Pullin.InvalidHttp2OriginWithProxyProtocol', 'errorMessage' => 'http2Origin and proxyProtocol cannot be opened at the same time.', 'description' => 'http2Origin and proxyProtocol cannot be opened at the same time.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'ModifyDomain', + 'summary' => 'Updates a CNAME-based domain name onboarded to Web Application Firewall (WAF).', + 'changeSet' => [ + ['createdAt' => '2024-11-28T15:04:53.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-01-30T12:16:58.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-04-27T06:05:43.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-04-18T02:11:03.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2023-01-10T12:29:44.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2023-01-05T12:39:23.000Z', 'description' => 'Request parameters changed, Response parameters changed'], + ['createdAt' => '2022-11-28T08:16:57.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2022-11-25T01:57:31.000Z', 'description' => 'Request parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomain'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D****\\",\\n \\"DomainInfo\\": {\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n}","type":"json"}]', + ], + 'ModifyDomainCert' => [ + 'path' => '', + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'none', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '136094', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-n6w***x52m', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-ww**b06', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'Domain', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The domain name that is added to WAF in CNAME record mode.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''], ], [ - 'name' => 'GroupName', + 'name' => 'CertId', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the node group.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'demoGroupName', - ], + 'schema' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''], ], [ - 'name' => 'GroupType', + 'name' => 'TLSVersion', 'in' => 'query', 'schema' => [ - 'description' => 'The type of the node group. Valid values:'."\n" + 'description' => 'The Transport Layer Security (TLS) version. Valid values:'."\n" + ."\n" + .'- **tlsv1**'."\n" ."\n" - .'* **protect**'."\n" - .'* **control**'."\n" - .'* **storage**'."\n" - .'* **controlStorage**'."\n", + .'- **tlsv1.1**'."\n" + ."\n" + .'- **tlsv1.2**', 'type' => 'string', - 'required' => true, - 'example' => 'protect', + 'enum' => ['tlsv1', 'tlsv1.1', 'tlsv1.2', 'tlsv1.3'], + 'required' => false, + 'example' => 'tlsv1', + 'title' => '', ], ], [ - 'name' => 'LoadBalanceIp', + 'name' => 'CipherSuite', 'in' => 'query', 'schema' => [ - 'description' => 'The IP address of the server used for load balancing.'."\n", + 'description' => 'The type of the cipher suite. Valid values:'."\n" + ."\n" + .'- **1**: all cipher suites.'."\n" + ."\n" + .'- **2**: strong cipher suites.'."\n" + ."\n" + .'- **99**: custom cipher suites.', 'type' => 'string', - 'required' => true, - 'example' => '3.3.3.3', + 'enum' => ['1', '2', '99'], + 'required' => false, + 'example' => '1', + 'title' => '', ], ], [ - 'name' => 'Remark', + 'name' => 'CustomCiphers', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The remarks.'."\n", - 'type' => 'string', + 'type' => 'array', + 'items' => [ + 'description' => 'A custom cipher suite.', + 'type' => 'string', + 'enum' => ['ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-SHA256', 'ECDHE-ECDSA-AES256-SHA384', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES128-SHA256', 'ECDHE-RSA-AES256-SHA384', 'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256', 'AES256-SHA256', 'ECDHE-ECDSA-AES128-SHA', 'ECDHE-ECDSA-AES256-SHA', 'ECDHE-RSA-AES128-SHA', 'ECDHE-RSA-AES256-SHA', 'AES128-SHA', 'AES256-SHA', 'DES-CBC3-SHA'], + 'required' => false, + 'example' => 'ECDHE-ECDSA-AES256-SHA384', + 'title' => '', + ], + 'maxItems' => 100, + 'description' => 'The custom cipher suites. This parameter is available only when you set **CipherSuite** to **99**.', 'required' => false, - 'example' => 'demoRamark', + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'LocationCode', + 'name' => 'EnableTLSv3', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the node resides. Specify the parameter in the Carrier code-Continent code-City code format.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '0-410-0', - ], + 'schema' => ['description' => 'Indicates whether to enable TLS 1.3. Valid values:'."\n" + ."\n" + .'- **true**: TLS 1.3 is enabled.'."\n" + ."\n" + .'- **false**: TLS 1.3 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''], ], [ - 'name' => 'BackSourceMark', + 'name' => 'RegionId', 'in' => 'query', + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], + ], + ], + 'responses' => [ + 200 => [ 'schema' => [ - 'description' => 'The region in which the node resides. Specify the parameter in the Carrier code-Continent code-City code format.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'aliyun-asiapacific-beijing', + 'type' => 'object', + 'properties' => [ + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'title' => '', 'example' => '03E3B4DD-2BE7-5D9D-80E8-***'], + ], + 'title' => '', + 'description' => 'The response parameters.', + 'example' => '', + ], + ], + ], + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.MustListenHTTPS', 'errorMessage' => 'The domain name must listen to the HTTPS protocol. Domain:%s.', 'description' => 'The domain name must listen to the HTTPS protocol. Domain name:%s.'], + ], + ], + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ModifyDomainCert', + 'summary' => 'Modifies the certificate that is associated with a domain name added to a Web Application Firewall (WAF) instance in CNAME record mode.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomainCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"03E3B4DD-2BE7-5D9D-80E8-***\\"\\n}","type":"json"}]', + ], + 'ModifyDomainPunishStatus' => [ + 'summary' => 'Re-connects a domain name that is in the ICP filing violation penalty status.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], + 'security' => [ + [ + 'AK' => [], + ], + ], + 'operationType' => 'write', + 'systemTags' => [ + 'operationType' => 'update', + 'riskType' => 'none', + 'chargeType' => 'free', + 'abilityTreeCode' => '124497', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], + 'autoTest' => true, + ], + 'parameters' => [ + [ + 'name' => 'InstanceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-zxu****0g02', 'title' => ''], + ], + [ + 'name' => 'Domain', + 'in' => 'query', + 'schema' => ['description' => 'The domain name that is in the ICP filing violation penalty status.', 'type' => 'string', 'required' => true, 'example' => 'demo.xxxxaliyundoc.com', 'title' => ''], + ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ @@ -36741,365 +31124,323 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '48F7C7BA-0932-50EA-89AD-5B0E1***274', - ], - 'Data' => [ - 'description' => 'The ID of the node group.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '70E65A35-22B8-567C-B0A0-A2E9****20AE', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"48F7C7BA-0932-50EA-89AD-5B0E1***274\\",\\n \\"Data\\": 1\\n}","type":"json"}]', - 'title' => 'CreateHybridCloudGroup', - ], - 'DescribeHybridCloudClusterRule' => [ - 'summary' => 'Obtains the rule information about a hybrid cloud cluster.', - 'methods' => [ - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'errorMessage' => 'The domain does not have an ICP filling or has been blacklisted.', 'description' => 'The domain name is not filed or is on the blacklist.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Re-connect a domain name in ICP filing violation penalty status', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomainPunishStatus'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomainPunishStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"70E65A35-22B8-567C-B0A0-A2E9****20AE\\"\\n}","type":"json"}]', + ], + 'ModifyHybridCloudCluster' => [ + 'summary' => 'Updates hybrid cloud cluster settings, such as the cluster name, ports, and access mode.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', - 'deprecated' => false, + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafSBJ1DO', - ], + 'abilityTreeCode' => '124727', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], 'autoTest' => true, - 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ + 'name' => 'Id', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], + ], + [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-uqm33n***02', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'ClusterName', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The name of the hybrid cloud cluster.', 'type' => 'string', 'required' => true, 'example' => 'waf-example-***', 'title' => ''], + ], + [ + 'name' => 'HttpPorts', + 'in' => 'query', + 'schema' => ['description' => 'The list of HTTP ports supported by the hybrid cloud cluster. Separate multiple ports with commas (,). Format: **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '80,8080', 'title' => ''], + ], + [ + 'name' => 'HttpsPorts', + 'in' => 'query', + 'schema' => ['description' => 'The list of HTTPS ports supported by the hybrid cloud cluster. Separate multiple ports with commas (,). Format: **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '443,8443', 'title' => ''], + ], + [ + 'name' => 'AccessMode', + 'in' => 'query', + 'schema' => ['description' => 'The network access mode of the hybrid cloud cluster. Valid values:'."\n" + ."\n" + .'- **internet**: access over the Internet.'."\n" + ."\n" + .'- **vpc**: access over a leased line through a virtual private cloud (VPC).', 'type' => 'string', 'required' => true, 'example' => 'internet', 'title' => ''], + ], + [ + 'name' => 'AccessRegion', + 'in' => 'query', + 'schema' => ['description' => 'The region in which the leased line resides. This parameter is required when AccessMode is set to vpc. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Hangzhou.'."\n" + ."\n" + .'- **cn-beijing**: Beijing.'."\n" + ."\n" + .'- **cn-shanghai**: Shanghai.', 'type' => 'string', 'required' => false, 'example' => 'cn-beijing', 'title' => ''], + ], + [ + 'name' => 'LogFieldsNotReturned', + 'in' => 'query', + 'schema' => ['description' => 'The log fields that are excluded from the response.', 'type' => 'string', 'required' => false, 'example' => 'log_example', 'title' => ''], + ], + [ + 'name' => 'ProtectionServerCount', + 'in' => 'query', + 'schema' => ['description' => 'The maximum number of protection nodes that can be added to the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], + ], + [ + 'name' => 'Remark', + 'in' => 'query', + 'schema' => ['description' => 'The remarks of the hybrid cloud cluster.', 'type' => 'string', 'required' => false, 'example' => 'remarkExample', 'title' => ''], + ], + [ + 'name' => 'ProxyType', + 'in' => 'query', + 'schema' => ['description' => 'The type of the hybrid cloud cluster. Valid values:'."\n" + ."\n" + .'- **cname**: a reverse proxy cluster.'."\n" + ."\n" + .'- **service**: a service cluster.', 'type' => 'string', 'default' => 'cname', 'required' => false, 'example' => 'service', 'title' => ''], + ], + [ + 'name' => 'RuleStatus', + 'in' => 'query', + 'schema' => ['description' => 'Indicates whether the rule is enabled. Valid values:'."\n" + ."\n" + .'- **on**: The rule is enabled.'."\n" + ."\n" + .'- **off**: The rule is disabled.', 'type' => 'string', 'required' => false, 'example' => 'off', 'title' => ''], + ], + [ + 'name' => 'RuleConfig', + 'in' => 'query', + 'schema' => ['description' => 'The rule configuration in JSON format. This includes settings such as the circuit breaker, request body length limit, and timeout.', 'type' => 'string', 'required' => false, 'example' => '{'."\n" + .' "enable": true,'."\n" + .' "param": {'."\n" + .' "breaker": {'."\n" + .' "duration": 1,'."\n" + .' "failed": 1,'."\n" + .' "recent_failed": 1'."\n" + .' },'."\n" + .' "disable_protect": false,'."\n" + .' "max_request_body_len": 1,'."\n" + .' "timeout": 1'."\n" + .' }'."\n" + .'}', 'title' => ''], ], [ 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the rule. Valid values:'."\n" - ."\n" - .'* **pullin**: The traffic redirection rule of the hybrid cloud cluster.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'pullin', - ], + 'schema' => ['description' => 'The rule type. Valid values:'."\n" + ."\n" + .'- **bypass**: WAF bypasses security checks.', 'type' => 'string', 'required' => false, 'example' => 'bypass', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ProxyStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid value:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'Indicates whether the proxy gateway is enabled. Valid values:'."\n" + ."\n" + .'- **on**: The proxy gateway is enabled.'."\n" + ."\n" + .'- **off**: The proxy gateway is disabled.', 'type' => 'string', 'default' => 'off', 'required' => false, 'example' => 'off', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'ClusterRuleResourceId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '1F29A6D2-9EB6-526D-A997-36888**99CB', - ], - 'ClusterRule' => [ - 'description' => 'The details of the rule.'."\n", - 'type' => 'object', - 'properties' => [ - 'RuleType' => [ - 'description' => 'The type of the rule. Valid values:'."\n" - ."\n" - .'* **pullin**: The traffic redirection rule of the hybrid cloud cluster.'."\n", - 'type' => 'string', - 'example' => 'pullin', - ], - 'RuleConfig' => [ - 'description' => 'The configuration of the rule.'."\n", - 'type' => 'string', - 'example' => '{\\"check_mode\\":\\"all\\",\\"exclude\\":{\\"exact\\":[],\\"regex\\":[]}}', - ], - 'RuleStatus' => [ - 'description' => 'The status of the rule. Valid values:'."\n" - ."\n" - .'* **on**: enabled.'."\n" - .'* **off**: disabled.'."\n", - 'type' => 'string', - 'example' => 'on', - ], - 'ClusterRuleResourceId' => [ - 'type' => 'string', - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1F29A6D2-9EB6-526D-A997-36888**99CB\\",\\n \\"ClusterRule\\": {\\n \\"RuleType\\": \\"pullin\\",\\n \\"RuleConfig\\": \\"{\\\\\\\\\\\\\\"check_mode\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"all\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"exclude\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\"exact\\\\\\\\\\\\\\":[],\\\\\\\\\\\\\\"regex\\\\\\\\\\\\\\":[]}}\\",\\n \\"RuleStatus\\": \\"on\\",\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-2m*****m0w\\"\\n }\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudClusterRule', - ], - 'DescribeHybridCloudClusters' => [ - 'summary' => 'Queries a list of hybrid cloud clusters.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\"\\n}","type":"json"}]', + 'title' => 'ModifyHybridCloudCluster', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudCluster', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyHybridCloudClusterBypassStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '227268', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '174009', + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], + 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-uqm35****02', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''], + ], + [ + 'name' => 'ClusterResourceId', + 'in' => 'query', + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'string', 'required' => true, 'example' => 'hdbc_cluster_****', 'title' => ''], + ], + [ + 'name' => 'RuleStatus', + 'in' => 'query', + 'schema' => ['description' => 'The status of the manual bypass. Valid values:'."\n" + ."\n" + .'- **on**: The manual bypass is enabled.'."\n" + ."\n" + .'- **off** (default): The manual bypass is disabled.', 'type' => 'string', 'required' => true, 'example' => 'on', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '66A98669-ER12-WE34-23PO-301469*****E', - ], - 'ClusterInfos' => [ - 'description' => 'The information about the clusters.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'HttpsPorts' => [ - 'description' => 'The HTTPS ports. The value is a string. If multiple ports are returned, the value is in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'example' => '443,8443', - ], - 'ProtectionServerCount' => [ - 'description' => 'The number of protection nodes that can be added to the cluster.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'ProxyStatus' => [ - 'description' => 'The status of the proxy gateway. Valid values:'."\n" - ."\n" - .'* **on**: enabled.'."\n" - .'* **off**: disabled.'."\n", - 'type' => 'string', - 'example' => 'off', - ], - 'RuleType' => [ - 'description' => 'The type of the rule. Valid value:'."\n" - ."\n" - .'* **bypass**: Requests are allowed without security checks.'."\n", - 'type' => 'string', - 'example' => 'bypass', - ], - 'AccessRegion' => [ - 'description' => 'The region where the virtual private cloud (VPC) resides. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: China (Hangzhou).'."\n" - .'* **cn-beiijng**: China (Beijing).'."\n" - .'* **cn-shanghai**: China (Shanghai).'."\n", - 'type' => 'string', - 'example' => 'cn-hangzhou', - ], - 'Remark' => [ - 'description' => 'The remarks about the cluster.'."\n", - 'type' => 'string', - 'example' => 'demo', - ], - 'ClusterResourceId' => [ - 'description' => 'The ID of the hybrid cloud cluster resource.'."\n", - 'type' => 'string', - 'example' => 'hdbc-cluster-t1****a', - ], - 'ClusterName' => [ - 'description' => 'The name of the cluster.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'RuleStatus' => [ - 'description' => 'The status of manual bypass. Valid values:'."\n" - ."\n" - .'* **on**: enabled.'."\n" - .'* **off**: disabled.'."\n", - 'type' => 'string', - 'example' => 'off', - ], - 'Id' => [ - 'description' => 'The ID of the cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '524**8', - ], - 'AccessMode' => [ - 'description' => 'The network access mode. Valid values:'."\n" - ."\n" - .'* **internet**: Internet access.'."\n" - .'* **vpc**: internal network access by using Express Connect circuits.'."\n", - 'type' => 'string', - 'example' => 'internet', - ], - 'ProxyType' => [ - 'description' => 'The type of the cluster. Valid values:'."\n" - ."\n" - .'* **cname**: reverse proxy cluster.'."\n" - .'* **service**: SDK-based traffic mirroring cluster.'."\n", - 'type' => 'string', - 'example' => 'cname', - ], - 'RuleConfig' => [ - 'description' => 'The configurations of the rule.'."\n", - 'type' => 'string', - 'example' => '{"enable":true,"param":{"breaker":{"duration":1,"failed":1,"recent_failed":1},"disable_protect":false,"max_request_body_len":1,"timeout":1}}', - ], - 'HttpPorts' => [ - 'description' => 'The HTTP ports. The value is a string. If multiple ports are returned, the value is in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'example' => '80,8080', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'ModifyHybridCloudClusterBypassStatus', + 'summary' => 'Modifies the manual bypass status for a hybrid cloud cluster that is integrated with an SDK.', + 'changeSet' => [ + ['createdAt' => '2024-12-30T10:12:02.000Z', 'description' => 'Request parameters changed'], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"ClusterInfos\\": [\\n {\\n \\"HttpsPorts\\": \\"443,8443\\",\\n \\"ProtectionServerCount\\": 1,\\n \\"ProxyStatus\\": \\"off\\",\\n \\"RuleType\\": \\"bypass\\",\\n \\"AccessRegion\\": \\"cn-hangzhou\\",\\n \\"Remark\\": \\"测试集群备注\\",\\n \\"ClusterResourceId\\": \\"hdbc-cluster-t1****a\\",\\n \\"ClusterName\\": \\"混合云**集群\\",\\n \\"RuleStatus\\": \\"off\\",\\n \\"Id\\": 0,\\n \\"AccessMode\\": \\"internet\\",\\n \\"ProxyType\\": \\"cname\\",\\n \\"RuleConfig\\": \\"{\\\\\\"enable\\\\\\":true,\\\\\\"param\\\\\\":{\\\\\\"breaker\\\\\\":{\\\\\\"duration\\\\\\":1,\\\\\\"failed\\\\\\":1,\\\\\\"recent_failed\\\\\\":1},\\\\\\"disable_protect\\\\\\":false,\\\\\\"max_request_body_len\\\\\\":1,\\\\\\"timeout\\\\\\":1}}\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudClusters', - ], - 'ModifyHybridCloudClusterRule' => [ - 'summary' => 'Modifies the rule of a hybrid cloud cluster.', - 'methods' => [ - 'get', - 'post', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudClusterBypassStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudClusterBypassStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + ], + 'ModifyHybridCloudClusterRule' => [ + 'methods' => ['get', 'post'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -37112,135 +31453,110 @@ 'riskType' => 'none', 'chargeType' => 'free', 'abilityTreeCode' => '137983', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the DescribeInstanceInfo operation to query the ID of the WAF instance.[](~~140857~~)'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-n6w***x52m', - ], + 'schema' => ['description' => 'Instance ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-n6w***x52m', 'title' => ''], ], [ 'name' => 'ClusterRuleResourceId', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], + 'schema' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'required' => false, 'example' => 'hdbc-clusterrule-*******ym0w', 'title' => ''], ], [ 'name' => 'RuleConfig', 'in' => 'query', - 'schema' => [ - 'description' => 'The configuration of the rule.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '{\\"check_mode\\":\\"part\\",\\"include\\":{\\"exact\\":[],\\"regex\\":[]}}', - 'default' => '""', - ], + 'schema' => ['description' => 'The traffic redirection rule configuration.'."\n" + ."\n" + .'<notice>The mode cannot be modified.</notice>'."\n" + .'- **check_mode**: The mode. Valid values:'."\n" + .' - **all**: full traffic redirection.'."\n" + .' - **part**: partial traffic redirection.'."\n" + .'- **type**: The rule matching type. Valid values:'."\n" + .' - **exact**: exact match.'."\n" + .' - **regex**: regular expression.'."\n" + .'- **substance**: The rule value.', 'type' => 'string', 'default' => '""', 'required' => false, 'example' => '{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region of the WAF instance. Valid value:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1018', - ], + 'schema' => ['description' => '[Deprecated] The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '10*', 'title' => ''], ], [ 'name' => 'RuleType', 'in' => 'query', - 'schema' => [ - 'description' => 'The type of the rule. Valid values:'."\n" - ."\n" - .'* **pullin**: The traffic redirection rule.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'pullin', - ], + 'schema' => ['description' => '[Deprecated] The rule type. Valid values:'."\n" + .'- **pullin**: traffic redirection configuration.', 'type' => 'string', 'required' => false, 'example' => 'pullin', 'title' => ''], ], [ 'name' => 'RuleStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of the rule. Valid values:'."\n" - ."\n" - .'* **on**: enables the rule.'."\n" - .'* **off**: disables the rule.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'on', - ], + 'schema' => ['description' => 'The rule status. Valid values:'."\n" + .'- **on**: enabled.'."\n" + .'- **off**: disabled.', 'type' => 'string', 'required' => false, 'example' => 'on', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'The response parameters.'."\n", + 'title' => '', + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '03D73D88-57D8-5BA2-96A4-6357CE***19', - ], + 'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '03D73D88-57D8-5BA2-96A4-6357CE***19'], + ], + 'example' => '', + ], + ], + ], + 'title' => 'Modify hybrid cloud cluster rule information', + 'summary' => 'Modifies the rule information of a hybrid cloud cluster.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], ], 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"03D73D88-57D8-5BA2-96A4-6357CE***19\\"\\n}","type":"json"}]', - 'title' => 'ModifyHybridCloudClusterRule', ], 'ModifyHybridCloudGroup' => [ - 'summary' => 'Modifies a node group in a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'summary' => 'Modifies the information of a cluster group.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -37252,119 +31568,93 @@ 'riskType' => 'none', 'chargeType' => 'free', 'abilityTreeCode' => '136071', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'GroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the node group.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud group.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'GroupName', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the node group.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'demo', - ], + 'schema' => ['description' => 'The name of the hybrid cloud group.', 'type' => 'string', 'required' => true, 'example' => 'test-group', 'title' => ''], ], [ 'name' => 'Remark', 'in' => 'query', - 'schema' => [ - 'description' => 'The remarks.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'test', - ], + 'schema' => ['description' => 'The remarks.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid value:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'description' => 'The returned data.'."\n", + 'description' => 'The response.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D***0', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D***0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D***0\\"\\n}","type":"json"}]', 'title' => 'ModifyHybridCloudGroup', - ], - 'ModifyHybridCloudGroupExpansionServer' => [ - 'summary' => 'Adds a node to a node group of a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroup'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyHybridCloudGroupExpansionServer' => [ + 'summary' => 'Adds a node to a node group in a hybrid cloud cluster of a Web Application Firewall (WAF) instance.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -37376,109 +31666,86 @@ 'riskType' => 'none', 'chargeType' => 'free', 'abilityTreeCode' => '136075', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'GroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the node group.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the node group in the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'Mids', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the node.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '612929b133e7ff**0d0', - ], + 'schema' => ['description' => 'The ID of the node that you want to add to the node group.', 'type' => 'string', 'required' => true, 'example' => '612929b133e7ff**0d0', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Resource Manager resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '7BD7F9A1-0E72-5BC1-8248-C629B4***B6', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '7BD7F9A1-0E72-5BC1-8248-C629B4***B6', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7BD7F9A1-0E72-5BC1-8248-C629B4***B6\\"\\n}","type":"json"}]', 'title' => 'ModifyHybridCloudGroupExpansionServer', - ], - 'ModifyHybridCloudGroupShrinkServer' => [ - 'summary' => 'Deletes a node from a node group of a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudGroupExpansionServer', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7BD7F9A1-0E72-5BC1-8248-C629B4***B6\\"\\n}","type":"json"}]', + ], + 'ModifyHybridCloudGroupShrinkServer' => [ + 'summary' => 'Deletes nodes from a cluster group.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -37490,110 +31757,87 @@ 'riskType' => 'none', 'chargeType' => 'free', 'abilityTreeCode' => '156785', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldb****05', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldb****05', 'title' => ''], ], [ 'name' => 'ClusterId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the hybrid cloud cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'GroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the node group.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the node group.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''], ], [ 'name' => 'Mids', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the node.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'b1bf3f544f30c1de0b72d91290***bbbb', - ], + 'schema' => ['description' => 'The node ID.', 'type' => 'string', 'required' => true, 'example' => 'b1bf3f544f30c1de0b72d91290***bbbb', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm2th****v6ay', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2th****v6ay', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], + ], + 'title' => '', + 'example' => '', + ], + ], + ], + 'title' => 'Delete nodes from a cluster group', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroupShrinkServer'], + ], + ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudGroupShrinkServer', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], ], 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyHybridCloudGroupShrinkServer', ], 'ModifyHybridCloudSdkPullinStatus' => [ - 'summary' => 'Modifies the traffic redirection status of a hybrid cloud cluster by using an SDK.', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -37604,75 +31848,73 @@ 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafSBJ1DO', - ], + 'abilityTreeNodes' => ['FEATUREwafSBJ1DO'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7pp2le***01', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp2le***01', 'title' => ''], ], [ 'name' => 'PullinStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The status of traffic redirection. Valid values:'."\n" - ."\n" - .'* **on**'."\n" - .'* **off**'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'on', - ], + 'schema' => ['description' => 'The status of traffic redirection. Valid values of the parameter:'."\n" + ."\n" + .'- **on**: Enable'."\n" + ."\n" + .'- **off**: Disable', 'type' => 'string', 'required' => true, 'example' => 'on', 'title' => ''], ], [ 'name' => 'Mid', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the SDK.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'b3dbc5153317c79d8ca9f9***ea', - ], + 'schema' => ['description' => 'The ID of the SDK.', 'type' => 'string', 'required' => true, 'example' => 'b3dbc5153317c79d8ca9f9***ea', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B191**EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B191**EB0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B191**EB0\\"\\n}","type":"json"}]', 'title' => 'ModifyHybridCloudSdkPullinStatus', - ], - 'ModifyHybridCloudServer' => [ - 'summary' => 'Modifies the information about a hybrid cloud node.', - 'methods' => [ - 'post', - 'get', + 'summary' => 'Modifies the traffic redirection status of a hybrid cloud SDK.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudSdkPullinStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudSdkPullinStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B191**EB0\\"\\n}","type":"json"}]', + ], + 'ModifyHybridCloudServer' => [ + 'summary' => 'Modifies hybrid cloud node information.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -37684,127 +31926,99 @@ 'riskType' => 'none', 'chargeType' => 'free', 'abilityTreeCode' => '136073', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], 'autoTest' => true, ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ 'name' => 'Mid', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the node.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'b1bf3f544f30c1de0b72d91290**ccb', - ], + 'schema' => ['description' => 'The node ID.', 'type' => 'string', 'required' => true, 'example' => 'b1bf3f544f30c1de0b72d91290**ccb', 'title' => ''], ], [ 'name' => 'CustomName', 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the node.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'demo', - ], + 'schema' => ['description' => 'The node name.', 'type' => 'string', 'required' => true, 'example' => '节点名称', 'title' => ''], ], [ 'name' => 'Operator', 'in' => 'query', - 'schema' => [ - 'description' => 'The cloud service provider.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'aliyun', - ], + 'schema' => ['description' => 'The cloud service provider.', 'type' => 'string', 'required' => true, 'example' => 'aliyun', 'title' => ''], ], [ 'name' => 'Continents', 'in' => 'query', - 'schema' => [ - 'description' => 'The continent.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'asiapacific', - ], + 'schema' => ['description' => 'The continent.', 'type' => 'string', 'required' => true, 'example' => 'asiapacific', 'title' => ''], ], [ 'name' => 'RegionCode', 'in' => 'query', - 'schema' => [ - 'description' => 'The city.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'beijing', - ], + 'schema' => ['description' => 'The city.', 'type' => 'string', 'required' => true, 'example' => 'beijing', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'description' => 'The response parameters.'."\n", + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '26DCD663-5EB8-5103-B270-E24A32***5F0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '26DCD663-5EB8-5103-B270-E24A32***5F0', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"26DCD663-5EB8-5103-B270-E24A32***5F0\\"\\n}","type":"json"}]', - 'title' => 'ModifyHybridCloudServer', - ], - 'DeleteHybridCloudClusterRule' => [ - 'summary' => '删除集群规则信息', - 'methods' => [ - 'post', - 'get', + 'title' => 'Modify hybrid cloud node information', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudServer'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudServer', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"26DCD663-5EB8-5103-B270-E24A32***5F0\\"\\n}","type":"json"}]', + ], + 'ModifyLogDeliveryConfig' => [ + 'summary' => 'Modifies a log delivery configuration for a hybrid cloud cluster.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -37812,495 +32026,344 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'delete', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '136069', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeNodes' => ['FEATUREwafR5NU4G'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ClusterRuleResourceId', + 'name' => 'DeliveryName', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'hdbc-clusterrule-*******m0w', - ], + 'schema' => ['description' => 'The name of the log delivery configuration that you want to modify.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''], + ], + [ + 'name' => 'DeliveryType', + 'in' => 'query', + 'schema' => ['description' => 'The type of the log delivery destination. Valid values:'."\n" + ."\n" + .'- **syslog**: delivers logs to a syslog server.'."\n" + ."\n" + .'- **kafka**: delivers logs to a Kafka cluster.', 'type' => 'string', 'required' => true, 'example' => 'syslog', 'title' => ''], + ], + [ + 'name' => 'DeliveryDetail', + 'in' => 'query', + 'schema' => ['description' => 'The details of the log delivery configuration, in JSON format.'."\n" + ."\n" + .'> The value of this parameter is the same as the **DeliveryDetail** parameter of the **CreateLogDeliveryConfig** operation. For more information, see [CreateLogDeliveryConfig]().', 'type' => 'string', 'required' => true, 'example' => '{'."\n" + .' "rfcVersion": "rfc3164",'."\n" + .' "protocol": "tcp",'."\n" + .' "servers": ['."\n" + .' {'."\n" + .' "address": "1.1.1.1",'."\n" + .' "port": 20'."\n" + .' }'."\n" + .' ]'."\n" + .'}', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => '', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'DeliveryName' => ['description' => 'The name of the log delivery configuration that was modified.', 'type' => 'string', 'example' => 'test1', 'title' => ''], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''], ], + 'description' => 'The response parameters.', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', - ], - 'CreateHybridCloudClusterRule' => [ - 'summary' => '新增集群规则信息', - 'methods' => [ - 'get', - 'post', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DeliveryName\\": \\"test1\\",\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + 'title' => 'ModifyLogDeliveryConfig', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + ], + 'ModifyMajorProtectionBlackIp' => [ + 'summary' => 'Modifies an IP address blacklist for critical event protection.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '137983', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], - 'autoTest' => true, + 'abilityTreeCode' => '124761', + 'abilityTreeNodes' => ['FEATUREwaf2KYU04'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-0xldbqt****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'ClusterId', + 'name' => 'TemplateId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '428', - ], + 'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '5132', 'title' => ''], ], [ - 'name' => 'RuleType', + 'name' => 'RuleId', 'in' => 'query', - 'allowEmptyValue' => true, - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'pullin', - ], + 'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20012033', 'title' => ''], ], [ - 'name' => 'RuleStatus', + 'name' => 'IpList', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'on', - ], + 'schema' => ['description' => 'The IP address blacklist to add. You can specify custom IP addresses or CIDR blocks. Both IPv4 and IPv6 addresses are supported. Separate multiple IP addresses with commas (,).'."\n" + .'For more information, see [Critical event protection](~~425591~~).', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '12.XX.XX.2,3.XX.XX.3/24'], ], [ - 'name' => 'RuleConfig', + 'name' => 'ExpiredTime', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}', - 'default' => '""', - ], + 'schema' => ['description' => 'The time after which the IP address blacklist becomes invalid. Unit: seconds.'."\n" + ."\n" + .'> If the value is **0**, the IP address blacklist is permanently valid.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1662603328', 'title' => ''], + ], + [ + 'name' => 'Description', + 'in' => 'query', + 'schema' => ['description' => 'The description of the IP address blacklist.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'test'], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'headers' => [], 'schema' => [ - 'title' => 'Schema of Response', - 'description' => '', + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => '', - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-*****-3014697B11AE', - ], - 'ClusterRuleResourceId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'hdbc-clusterrule-*******m0w', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-*****-3014697B11AE\\",\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-*******m0w\\"\\n}","type":"json"}]', - ], - 'DescribeHybridCloudClusterRules' => [ - 'summary' => '集群规则列表', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyMajorProtectionBlackIp', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMajorProtectionBlackIp'], + ], ], - 'schemes' => [ - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]', + ], + 'ModifyMemberAccount' => [ + 'summary' => 'Modifies the information of a member account that is managed by the multi-account management feature of Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '213362', + 'abilityTreeNodes' => ['FEATUREwaf4WHEC3'], ], 'parameters' => [ [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例的ID。'."\n" - ."\n" - .'> 您可以调用[DescribeInstance](~~433756~~)获取当前WAF实例的ID。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-****', - ], - ], - [ - 'name' => 'RuleType', - 'in' => 'query', - 'allowEmptyValue' => true, - 'schema' => [ - 'title' => '规则类型。取值范围如下:'."\n" - .'- **pullin**:集群引流', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'pullin', - ], - ], - [ - 'name' => 'ClusterId', - 'in' => 'query', - 'schema' => [ - 'title' => '混合云集群 ID。'."\n" - .'> 只针对混合云场景,您可以调用[DescribeHybridCloudClusters](~~2849376~~)获取混合云集群信息。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '428', - ], - ], - [ - 'name' => 'PageSize', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'title' => '分页查询时,每页包含多少条结果。默认值为**10**,表示每页包含10条结果。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'title' => '分页查询时,返回第几页数据。默认值为**1**,表示返回第1页数据。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity**-*******021', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'SourceIp', 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The source IP address of the request.', 'type' => 'string', 'required' => false, 'example' => '0.0.XX.XX', 'title' => ''], ], [ - 'name' => 'RuleContent', + 'name' => 'MemberAccountId', 'in' => 'query', - 'schema' => [ - 'title' => '场景联动规则内容。格式详情请参见[场景联动规则编写说明](~~171059~~)。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1.1.1.1', - ], + 'schema' => ['description' => 'The ID of the member account that is managed by the WAF multi-account management feature.', 'type' => 'string', 'required' => true, 'example' => '131**********39', 'title' => ''], ], [ - 'name' => 'RuleMatchType', + 'name' => 'Description', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'exact', - ], + 'schema' => ['description' => 'The description of the member account. The description must be 1 to 256 characters in length and can contain letters, digits, Chinese characters, periods (.), underscores (\\_), hyphens (-), and asterisks (\\*).', 'type' => 'string', 'required' => true, 'example' => 'account1', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => '', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'title' => '查询到的云产品接入总数量。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '10', - ], - 'RequestId' => [ - 'title' => '本次请求的ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'Data' => [ - 'title' => '集群ID。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '合规检测结果。', - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'ClusterId' => [ - 'title' => '混合云集群 ID', - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1099', - ], - 'ClusterRuleResourceId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'hdbc-clusterrule-*****khzre0ym0w', - ], - 'RuleConfig' => [ - 'title' => '规则配置信息。', - 'description' => '', - 'type' => 'string', - 'example' => '{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}', - ], - 'RuleType' => [ - 'title' => '防护对象命中的规则类型。默认不设置该参数,表示显示全部规则。'."\n" - ."\n" - .'- **blacklist**: 表示命中IP黑名单。'."\n" - ."\n" - .'- **custom**:表示命中自定义规则。'."\n" - ."\n" - .'- **antiscan**: 表示命中扫描防护规则。'."\n" - ."\n" - .'- **cc_system**: 表示命中CC防护规则。'."\n" - ."\n" - .'- **region_block**: 表示区域封禁。'."\n", - 'description' => '', - 'type' => 'string', - 'example' => 'pullin', - ], - 'Status' => [ - 'title' => '规则的状态。取值:'."\n" - ."\n" - .'- **1**:表示开启。'."\n" - ."\n" - .'- **0**:表示关闭。', - 'description' => '', - 'type' => 'string', - 'example' => '1', - ], - 'Version' => [ - 'title' => '并发锁版本号。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"ClusterId\\": 1099,\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-*****khzre0ym0w\\",\\n \\"RuleConfig\\": \\"{\\\\\\\\\\\\\\"check_mode\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"all\\\\\\\\\\\\\\", \\\\\\\\\\\\\\"type\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"exact\\\\\\\\\\\\\\", \\\\\\\\\\\\\\"substance\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"122\\\\\\\\\\\\\\"}\\",\\n \\"RuleType\\": \\"pullin\\",\\n \\"Status\\": \\"1\\",\\n \\"Version\\": 1\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeHybridCloudProcessMonitor' => [ - 'summary' => 'Queries the status of applications running on a hybrid cloud cluster node.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyMemberAccount', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMemberAccount'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyMemberAccount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', + ], + 'ModifyPauseProtectionStatus' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '222985', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance that you want to query.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-7mz****hw0u', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''], ], [ - 'name' => 'Mid', + 'name' => 'PauseStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the SDK.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '2fdb63fea03b173bc9e65c24****d7d5', - ], + 'schema' => ['description' => 'Specifies whether to pause WAF protection.'."\n" + ."\n" + .'- **0 (default)**: WAF protection is not paused.'."\n" + ."\n" + .'- **1**: WAF protection is paused.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '0', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -38308,173 +32371,101 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'DBF79169-B6A0-5C8E-86B2-CFE3****496E', - ], - 'ProcessMonitors' => [ - 'description' => 'The status of the applications.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The status of the application. Valid values:'."\n", - 'type' => 'object', - 'properties' => [ - 'ProcessName' => [ - 'description' => 'The service that the application provides. Valid values:'."\n" - ."\n" - .'* **tianqingproxy**: centralized management service.'."\n" - .'* **redis**: storage service.'."\n" - .'* **scc**: traffic calculation service.'."\n" - .'* **keeper**: threat intelligence service.'."\n" - .'* **node_exporter**: application log upload service.'."\n" - .'* **xagent**: traffic detection service.'."\n" - .'* **noproxy**: traffic forwarding service.'."\n" - .'* **xloge**: attack log upload service.'."\n" - .'* **ilogtail**: log collection service.'."\n" - .'* **xlogd**: log analysis service.'."\n", - 'type' => 'string', - 'example' => 'tianqingproxy', - ], - 'ProcessStatus' => [ - 'description' => 'The status of the application. Valid values:'."\n" - ."\n" - .'* **0**: abnormal.'."\n" - .'* **1**: normal.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Levle' => [ - 'type' => 'string', - ], - ], - ], - ], - 'TotalCount' => [ - 'type' => 'integer', - 'format' => 'int32', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-*****-******-D5EB0', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"DBF79169-B6A0-5C8E-86B2-CFE3****496E\\",\\n \\"ProcessMonitors\\": [\\n {\\n \\"ProcessName\\": \\"示例应用名称\\",\\n \\"ProcessStatus\\": 1,\\n \\"Levle\\": \\"normal\\"\\n }\\n ],\\n \\"TotalCount\\": 0\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudProcessMonitor', - ], - 'DescribeHybridCloudResourceDetail' => [ - 'summary' => '查询混合云域名详情', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyPauseProtectionStatus', + 'summary' => 'Modifies the protection status of Web Application Firewall (WAF).', + 'changeSet' => [ + ['createdAt' => '2024-09-02T03:44:32.000Z', 'description' => 'Request parameters changed'], + ['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'], ], - 'schemes' => [ - 'http', - 'https', + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyPauseProtectionStatus'], + ], ], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyPauseProtectionStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-*****-******-D5EB0\\"\\n}","type":"json"}]', + ], + 'ModifyResourceLogDeliveryStatus' => [ + 'summary' => 'Modifies the log delivery status of a protected object in Web Application Firewall (WAF).', + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '235293', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-0xldbqt****', - ], - ], - [ - 'name' => 'Domain', - 'in' => 'query', - 'schema' => [ - 'title' => '域名', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'www.*****.com', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm35*****', 'title' => ''], ], [ - 'name' => 'Backend', + 'name' => 'DeliveryName', 'in' => 'query', - 'schema' => [ - 'title' => '回源地址', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => '1.1.XX.XX', - ], + 'schema' => ['description' => 'The name of the log delivery configuration.'."\n" + ."\n" + .'> This parameter is required when you enable log delivery by setting **Status** to **true**.', 'type' => 'string', 'required' => false, 'example' => 'export-kafka', 'title' => ''], ], [ - 'name' => 'PageNumber', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '1', - 'default' => '1', - ], + 'schema' => ['description' => 'The protected object for which you want to modify the log delivery status.', 'type' => 'string', 'required' => true, 'example' => 'test.waf.com-waf', 'title' => ''], ], [ - 'name' => 'PageSize', + 'name' => 'Status', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'maximum' => '50', - 'example' => '10', - 'default' => '10', - ], + 'schema' => ['description' => 'Indicates whether to enable log delivery for the protected object. Valid values:'."\n" + ."\n" + .'- **true**: enables log delivery.'."\n" + ."\n" + .'- **false**: disables log delivery.', 'type' => 'boolean', 'required' => true, 'example' => 'true', 'title' => ''], ], [ - 'name' => 'CnameEnabled', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'boolean', - 'required' => false, - 'example' => 'true', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], - ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ @@ -38482,720 +32473,469 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', - ], - 'Domain' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Status' => [ - 'title' => '域名状态', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'ResourceManagerResourceGroupId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'rg-***aby', - ], - 'Uid' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1046011128270720', - ], - 'Listen' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'HttpsPorts' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '443,8443,7443,6443', - ], - ], - 'ProtectionResource' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'share', - ], - 'CustomCiphers' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', - ], - ], - 'TLSVersion' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'tlsv1', - ], - 'Http2Enabled' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'CertId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '19312542-cn-hangzhou', - ], - 'CipherSuite' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '0', - ], - 'EnableTLSv3' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'IPv6Enabled' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'FocusHttps' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'XffHeaders' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '["test"]', - ], - ], - 'XffHeaderMode' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'ExclusiveIp' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'HttpPorts' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '80,8080,9080,9081,9082,8182', - ], - ], - ], - ], - 'Id' => [ - 'description' => 'id', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '31323', - ], - 'Redirect' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'ConnectTimeout' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Keepalive' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'SniEnabled' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'CnameEnabled' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'KeepaliveTimeout' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'ReadTimeout' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'Backends' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1.1.1.1', - ], - ], - 'SniHost' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'eew111', - ], - 'FocusHttpBackend' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'WriteTimeout' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1', - ], - 'RoutingRules' => [ - 'description' => '', - 'type' => 'string', - 'example' => '[{\\"backupRs\\":[],\\"location\\":\\"v3-test\\",\\"locationId\\":1148,\\"rs\\":[\\"39.98.217.197\\",\\"2.2.2.2\\"]}]', - ], - 'Retry' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - 'RequestHeaders' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Value' => [ - 'description' => '', - 'type' => 'string', - 'example' => '9506360478730', - ], - 'Key' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'L2x1ZmZ5L2NvcmUvYXBwcy9tLnl1bmR1bi53YWYuMS9wbHVnaW5z', - ], - ], - ], - ], - 'KeepaliveRequests' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1000', - ], - 'Loadbalance' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'iphash', - ], - ], - ], - 'Domain' => [ - 'title' => '域名', - 'description' => '', - 'type' => 'string', - 'example' => 'www.*****.com', - ], - 'Cname' => [ - 'title' => 'CNAME', - 'description' => 'CNAME', - 'type' => 'string', - 'example' => 'kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com', - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19******', 'title' => ''], + 'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''], + 'Status' => ['description' => 'Indicates whether log delivery is enabled for the protected object. Valid values:'."\n" + ."\n" + .'- **true**: Log delivery is enabled.'."\n" + ."\n" + .'- **false**: Log delivery is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'DeliveryType' => ['description' => 'The type of log delivery destination for the protected object. Valid values:'."\n" + ."\n" + .'- **syslog**: logs are delivered to a syslog server.'."\n" + ."\n" + .'- **kafka**: logs are delivered to a Kafka cluster.', 'type' => 'string', 'example' => 'sls', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"Domain\\": {\\n \\"Status\\": 1,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-***aby\\",\\n \\"Uid\\": \\"1046011128270720\\",\\n \\"Listen\\": {\\n \\"HttpsPorts\\": [\\n 0\\n ],\\n \\"ProtectionResource\\": \\"share\\",\\n \\"CustomCiphers\\": [\\n \\"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384\\"\\n ],\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"Http2Enabled\\": true,\\n \\"CertId\\": \\"19312542-cn-hangzhou\\",\\n \\"CipherSuite\\": 0,\\n \\"EnableTLSv3\\": true,\\n \\"IPv6Enabled\\": true,\\n \\"FocusHttps\\": true,\\n \\"XffHeaders\\": [\\n \\"[\\\\\\"test\\\\\\"]\\"\\n ],\\n \\"XffHeaderMode\\": 1,\\n \\"ExclusiveIp\\": true,\\n \\"HttpPorts\\": [\\n 0\\n ]\\n },\\n \\"Id\\": 31323,\\n \\"Redirect\\": {\\n \\"ConnectTimeout\\": 1,\\n \\"Keepalive\\": true,\\n \\"SniEnabled\\": true,\\n \\"CnameEnabled\\": true,\\n \\"KeepaliveTimeout\\": 1,\\n \\"ReadTimeout\\": 1,\\n \\"Backends\\": [\\n \\"1.1.1.1\\"\\n ],\\n \\"SniHost\\": \\"eew111\\",\\n \\"FocusHttpBackend\\": true,\\n \\"WriteTimeout\\": 1,\\n \\"RoutingRules\\": \\"[{\\\\\\\\\\\\\\"backupRs\\\\\\\\\\\\\\":[],\\\\\\\\\\\\\\"location\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"v3-test\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"locationId\\\\\\\\\\\\\\":1148,\\\\\\\\\\\\\\"rs\\\\\\\\\\\\\\":[\\\\\\\\\\\\\\"39.98.217.197\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"2.2.2.2\\\\\\\\\\\\\\"]}]\\",\\n \\"Retry\\": true,\\n \\"RequestHeaders\\": [\\n {\\n \\"Value\\": \\"9506360478730\\",\\n \\"Key\\": \\"L2x1ZmZ5L2NvcmUvYXBwcy9tLnl1bmR1bi53YWYuMS9wbHVnaW5z\\"\\n }\\n ],\\n \\"KeepaliveRequests\\": 1000,\\n \\"Loadbalance\\": \\"iphash\\"\\n },\\n \\"Domain\\": \\"www.*****.com\\",\\n \\"Cname\\": \\"kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com\\"\\n }\\n}","type":"json"}]', - ], - 'DescribeHybridCloudSdkServers' => [ - 'summary' => '获取SDK信息', - 'methods' => [ - 'get', - 'post', + 'title' => 'ModifyResourceLogDeliveryStatus', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyResourceLogDeliveryStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19******\\",\\n \\"DeliveryName\\": \\"test1\\",\\n \\"Status\\": true,\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]', + ], + 'ModifyResourceLogFieldConfig' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', - 'deprecated' => false, + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '235280', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], + 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-i7m2***0b', - ], + 'schema' => ['type' => 'string', 'required' => true, 'description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'title' => '', 'example' => 'waf_v3prepaid_public_cn-uax****3k0e'], ], [ - 'name' => 'Ip', + 'name' => 'FieldList', 'in' => 'query', - 'allowEmptyValue' => true, - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['type' => 'string', 'required' => true, 'description' => 'The list of log fields to deliver. Use the \\`a,b,c,...\\` format.'."\n" + ."\n" + .'> - Include all required log fields. Call [DescribeCommonLogFields](~~DescribeCommonLogFields~~) to view the log fields that WAF Simple Log Service supports.'."\n" + .'>'."\n" + .'> - If the log fields include **request\\_header**, use the **ExtendConfig** parameter to specify the request headers to deliver.', 'title' => '', 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids'], ], [ - 'name' => 'HostName', + 'name' => 'ExtendConfig', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['type' => 'string', 'description' => 'The extension configuration for log delivery. This is a JSON object converted to a string.'."\n" + ."\n" + .'> For more information, see the description of the **ExtendConfig** parameter.', 'required' => false, 'title' => '', 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}'], ], [ - 'name' => 'ClusterName', + 'name' => 'DeliveryType', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['type' => 'string', 'required' => true, 'description' => 'The log delivery type. Valid values:'."\n" + ."\n" + .'- **sls**: Alibaba Cloud Simple Log Service.'."\n" + ."\n" + .'- **kafka**: Delivers logs to an external Kafka cluster.'."\n" + ."\n" + .'- **syslog**: Delivers logs to an external syslog server.', 'title' => '', 'example' => 'sls'], ], [ - 'name' => 'PageSize', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '10', - ], + 'schema' => ['type' => 'string', 'description' => 'The ID of the Alibaba Cloud resource group.', 'required' => false, 'title' => '', 'example' => 'rg-acfm***q'], ], [ - 'name' => 'PageNumber', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'required' => false, - 'example' => '1', - ], + 'schema' => ['type' => 'string', 'default' => 'cn-hangzhou', 'description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'required' => false, 'title' => '', 'example' => 'cn-hangzhou'], ], [ - 'name' => 'RegionId', + 'name' => 'Resource', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['type' => 'string', 'required' => true, 'description' => 'The protected object to modify.', 'title' => '', 'example' => 'cwaf-***-waf'], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'LogDeliveryStrategy', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['type' => 'string', 'required' => false, 'description' => 'The log delivery policies. Multiple policies are supported. This is a JSON array of policy objects converted to a string.'."\n" + ."\n" + .'> For more information, see the description of the **LogDeliveryStrategy** parameter.', 'title' => '', 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]'], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => '', 'type' => 'object', 'properties' => [ - 'TotalCount' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '5', - ], - 'SdkServers' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Status' => [ - 'type' => 'string', - ], - 'PullinStatus' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'on', - ], - 'ResourceId' => [ - 'type' => 'string', - ], - 'Ip' => [ - 'description' => '', - 'type' => 'string', - 'example' => '127.0.0.1', - ], - 'CreateTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1621428205000', - ], - 'UpdateTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1719489906000', - ], - 'ClusterName' => [ - 'description' => '', - 'type' => 'string', - 'example' => '', - ], - 'Mid' => [ - 'description' => 'SDKID。', - 'type' => 'string', - 'example' => 'b11327c21790846374051d5d**83c', - ], - 'ProtectionGroupAddress' => [ - 'type' => 'string', - ], - 'HostName' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'qsh5-sec-8-fedd**005', - ], - ], - ], - ], - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => '', - 'type' => 'string', - 'example' => '3600F008-2E76-5D0B-BC76-EFBD****6D', - ], + 'RequestId' => ['type' => 'string', 'description' => 'The request ID.', 'title' => '', 'example' => 'D7861F61-5B61-46CE-A47C-6B****'], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"SdkServers\\": [\\n {\\n \\"Status\\": \\"1\\",\\n \\"PullinStatus\\": \\"on\\",\\n \\"ResourceId\\": \\"test-antifaud-2.jqt.wafqax.top-waf\\",\\n \\"Ip\\": \\"127.0.0.1\\",\\n \\"CreateTime\\": 1621428205000,\\n \\"UpdateTime\\": 1719489906000,\\n \\"ClusterName\\": \\"集群名称\\",\\n \\"Mid\\": \\"b11327c21790846374051d5d**83c\\",\\n \\"ProtectionGroupAddress\\": \\"1.1.1.1\\",\\n \\"HostName\\": \\"qsh5-sec-8-fedd**005\\"\\n }\\n ],\\n \\"RequestId\\": \\"3600F008-2E76-5D0B-BC76-EFBD****6D\\"\\n}","type":"json"}]', - ], - 'DescribeHybridCloudSupportRegions' => [ - 'summary' => '查询接入区域', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ModifyResourceLogFieldConfig', + 'summary' => 'Modifies the log field configuration of a protected object.', + 'requestParamsDescription' => '## The LogDeliveryStrategy parameter'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ------- | ------- | -------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| logType | String | Yes | blockLog | The log type. Valid values:<br>\\- **blockLog**: Blocked request logs.<br>\\- **normalRequestLog**: Normal request logs.<br>\\- **checkLog**: Detection logs. |'."\n" + .'| rate | Integer | Yes | 90 | The log sampling ratio. The value must be between 1 and 100. |'."\n" + ."\n" + .'## The ExtendConfig parameter'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| -------------- | ------ | -------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| request_header | String | Yes | blockLog | The request headers for log delivery. You can specify up to five headers. Use the `a,b,c,...` format.><notice> If the log fields to deliver include `request_header`, this parameter is required. Otherwise, the modification of the default configurations for all fields fails.></notice> |', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyResourceLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B****\\"\\n}","type":"json"}]', + ], + 'ModifyResourceLogStatus' => [ + 'summary' => 'Enables or disables the log collection feature for a protected object.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '111393', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-uqm3e3s6x03', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11zcl****', 'title' => ''], + ], + [ + 'name' => 'Resource', + 'in' => 'query', + 'allowEmptyValue' => true, + 'schema' => ['description' => 'The protected object on which you want to manage the log collection feature.', 'type' => 'string', 'required' => true, 'example' => 'alb-wewbb23dfsetetcic1242-0****', 'title' => ''], + ], + [ + 'name' => 'Status', + 'in' => 'query', + 'schema' => ['description' => 'Specifies whether to enable the log collection feature for the protected object. Valid values:'."\n" + ."\n" + .'- **true**: Enables the feature.'."\n" + ."\n" + .'- **false**: Disables the feature.', 'type' => 'boolean', 'required' => true, 'example' => 'true', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: The Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], + ], + [ + 'name' => 'TraceStatus', + 'in' => 'query', + 'schema' => ['type' => 'boolean', 'description' => '', 'title' => '', 'example' => ''], + ], + [ + 'name' => 'TraceConfig', + 'in' => 'query', + 'style' => 'json', 'schema' => [ + 'type' => 'object', + 'properties' => [ + 'Workspace' => ['type' => 'string', 'example' => 'cms-test', 'description' => '', 'title' => ''], + 'RatePerMille' => ['type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '1', 'example' => '0', 'description' => '', 'title' => ''], + ], 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + 'title' => '', + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'description' => 'The result of the request.', 'type' => 'object', 'properties' => [ - 'SupportRegions' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'string', - 'example' => '[\'cn-hangzhou\', \'cn-shanghai\', \'cn-beijing\']', - ], - ], - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '256959D5-3B45-54CD-A66D-F75F11E8E754', - ], + 'Status' => ['description' => 'Indicates whether the log collection feature is enabled for the protected object. Valid values:'."\n" + ."\n" + .'- **true**: The feature is enabled.'."\n" + ."\n" + .'- **false**: The feature is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '7C55A3E5-638A-5D6E-9A2F-C3CE5A677EC5', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SupportRegions\\": [\\n \\"[\'cn-hangzhou\', \'cn-shanghai\', \'cn-beijing\']\\"\\n ],\\n \\"RequestId\\": \\"256959D5-3B45-54CD-A66D-F75F11E8E754\\"\\n}","type":"json"}]', - ], - 'DescribeHybridCloudUnsupportPorts' => [ - 'summary' => 'Queries the ports that are not supported by the hybrid cloud mode.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyResourceLogStatus', + 'changeSet' => [ + ['createdAt' => '2024-09-06T03:56:05.000Z', 'description' => 'Response parameters changed'], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyResourceLogStatus'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyResourceLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": true,\\n \\"RequestId\\": \\"7C55A3E5-638A-5D6E-9A2F-C3CE5A677EC5\\"\\n}","type":"json"}]', + ], + 'ModifyTemplateResources' => [ + 'summary' => 'Attaches protected objects to or detaches protected objects from a protection template.', + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '178409', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '106377', + 'abilityTreeNodes' => ['FEATUREwaf10VDFG'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'TemplateId', 'in' => 'query', + 'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2291', 'title' => ''], + ], + [ + 'name' => 'BindResources', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The region ID of the Web Application Firewall (WAF) instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', + 'description' => 'The protected objects to attach. The value is in the \\[**"XX1","XX2",...**] format.', + 'type' => 'array', + 'items' => ['description' => 'The protected object to attach.', 'type' => 'string', 'required' => false, 'example' => 'abc', 'title' => ''], 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'maxItems' => 200, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'BindResourceGroups', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', + 'description' => 'The protected object groups to attach. The value is in the \\[**"group1","group2",...**] format.', + 'type' => 'array', + 'items' => ['description' => 'The protected object group to attach.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''], 'required' => false, - 'example' => 'rg-acfm***q', + 'maxItems' => 200, + 'title' => '', + 'example' => '', ], ], - ], - 'responses' => [ - 200 => [ + [ + 'name' => 'UnbindResources', + 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'HttpsPorts' => [ - 'description' => 'The HTTPS ports. The value is a string. If multiple ports are returned, the value is in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'example' => '443,8443,8021,3443,2443,9011', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => 'C2E97B3F-1623-4CDF-A7E2-FD9D****027A', - ], - 'HttpPorts' => [ - 'description' => 'The HTTP ports. The value is a string. If multiple ports are returned, the value is in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'example' => '80,8080', - ], - ], - 'description' => '', + 'description' => 'The protected objects to detach. The value is in the \\[**"XX1","XX2",...**] format.', + 'type' => 'array', + 'items' => ['description' => 'The protected object to detach.', 'type' => 'string', 'required' => false, 'example' => 'abc', 'title' => ''], + 'required' => false, + 'maxItems' => 200, + 'title' => '', + 'example' => '', ], ], - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"HttpsPorts\\": \\"443,8443,8021,3443,2443,9011\\",\\n \\"RequestId\\": \\"C2E97B3F-1623-4CDF-A7E2-FD9D****027A\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n}","type":"json"}]', - 'title' => 'DescribeHybridCloudUnsupportPorts', - ], - 'DeleteHybridCloudGroup' => [ - 'summary' => '删除组信息', - 'methods' => [ - 'post', - 'get', - ], - 'schemes' => [ - 'http', - 'https', - ], - 'security' => [ - [ - 'AK' => [], - ], - ], - 'operationType' => 'write', - 'systemTags' => [ - 'operationType' => 'delete', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '136069', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], - ], - 'parameters' => [ [ - 'name' => 'InstanceId', + 'name' => 'UnbindResourceGroups', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity-cn-*****tm005', + 'description' => 'The protected object groups to detach. The value is in the \\[**"group1","group2",...**] format.', + 'type' => 'array', + 'items' => ['description' => 'The protected object group to detach.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''], + 'required' => false, + 'maxItems' => 200, + 'title' => '', + 'example' => '', ], ], [ - 'name' => 'ClusterId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'GroupId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'BindAssets', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => '', - 'type' => 'string', + 'type' => 'array', + 'items' => ['description' => 'The ID of the protected asset to attach.', 'type' => 'string', 'example' => '6a266967ebe50041*****0438af3f3519', 'title' => '', 'required' => false], + 'maxItems' => 200, + 'title' => '', + 'description' => 'The IDs of the protected assets to attach. The value is in the \\[**"XX1","XX2",...**] format.', 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'UnbindAssets', 'in' => 'query', + 'style' => 'flat', 'schema' => [ - 'description' => '', - 'type' => 'string', + 'type' => 'array', + 'items' => ['description' => 'The ID of the protected asset to detach.', 'type' => 'string', 'example' => '6a26696*****4193670438af3f3519', 'title' => '', 'required' => false], + 'maxItems' => 200, + 'title' => '', + 'description' => 'The IDs of the protected assets to detach. The value is in the \\[**"XX1","XX2",...**] format.', 'required' => false, - 'example' => 'rg-acfm***q', + 'example' => '', ], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ + 'description' => 'The response parameters.', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-*****60D5EB0', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'CF708F2F-FFB0-54D4-B1E0-B84A7CEB****', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*****60D5EB0\\"\\n}","type":"json"}]', - ], - 'ModifyHybridCloudCluster' => [ - 'summary' => 'Modifies information about a hybrid cloud cluster.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyTemplateResources', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyTemplateResources'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyTemplateResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"CF708F2F-FFB0-54D4-B1E0-B84A7CEB****\\"\\n}","type":"json"}]', + ], + 'ModifyUserLogFieldConfig' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -39206,204 +32946,120 @@ 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '124727', - 'abilityTreeNodes' => [ - 'FEATUREwafR5NU4G', - ], + 'abilityTreeCode' => '111386', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], 'autoTest' => true, + 'tenantRelevance' => 'tenant', ], 'parameters' => [ [ - 'name' => 'Id', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the cluster.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'required' => true, - 'example' => '1', - ], - ], - [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-mp9153****', - ], - ], - [ - 'name' => 'ClusterName', - 'in' => 'query', - 'schema' => [ - 'description' => 'The name of the cluster.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call the [DescribeInstance](~~433756~~) operation to view the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-fou****', 'title' => ''], ], [ - 'name' => 'HttpPorts', - 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTP ports that are supported. Set this parameter to a string. Specify multiple ports in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '80,8080', - ], - ], - [ - 'name' => 'HttpsPorts', - 'in' => 'query', - 'schema' => [ - 'description' => 'The HTTPS ports that are supported. Set this parameter to a string. Specify multiple ports in the **port1,port2,port3** format.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '443,8443', - ], - ], - [ - 'name' => 'AccessMode', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => true, - ], - ], - [ - 'name' => 'AccessRegion', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], - ], - [ - 'name' => 'LogFieldsNotReturned', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'required' => false, - ], - ], - [ - 'name' => 'ProtectionServerCount', - 'in' => 'query', - 'schema' => [ - 'description' => 'The number of protection nodes that can be added to the cluster.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '1', - ], - ], - [ - 'name' => 'Remark', - 'in' => 'query', - 'schema' => [ - 'description' => 'The remarks about the cluster.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '', - ], - ], - [ - 'name' => 'ProxyType', + 'name' => 'FieldList', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'cname', - ], + 'schema' => ['description' => 'The list of log fields to deliver. Use the \\`a,b,c,...\\` format.'."\n" + ."\n" + .'> - You must include all required log fields. Call the [DescribeCommonLogFields](~~DescribeCommonLogFields~~) operation to view the log fields that WAF supports.'."\n" + .'>'."\n" + .'> - If the log fields include **request\\_header**, use the **ExtendConfig** parameter to specify the request headers to deliver.', 'type' => 'string', 'required' => true, 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids', 'title' => ''], ], [ - 'name' => 'RuleStatus', + 'name' => 'ExtendConfig', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The extended configuration for log delivery, in JSON format.'."\n" + ."\n" + .'> For more information, see the description of the **ExtendConfig** parameter.', 'type' => 'string', 'required' => false, 'example' => '{\\"request_header\\":\\"App-Id,channelCode\\"}', 'title' => ''], ], [ - 'name' => 'RuleConfig', + 'name' => 'DeliveryType', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], + 'schema' => ['description' => 'The delivery type. Valid value:'."\n" + ."\n" + .'- **sls**: Simple Log Service.', 'type' => 'string', 'default' => 'sls', 'required' => false, 'example' => 'sls', 'title' => ''], ], [ - 'name' => 'RuleType', - 'in' => 'query', - 'schema' => [ - 'type' => 'string', - ], - ], - [ - 'name' => 'ProxyStatus', + 'name' => 'LogDeliveryStrategy', 'in' => 'query', - 'schema' => [ - 'type' => 'string', - 'default' => 'off', - ], + 'schema' => ['description' => 'The log delivery strategy, in JSON array format. You can specify multiple strategies.'."\n" + ."\n" + .'> For more information, see the description of the **LogDeliveryStrategy** parameter.', 'type' => 'string', 'required' => false, 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region ID of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '2EFCFE18-78F8-5079-B312-07***48B', - ], + 'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'E2D63742-9BAA-*****', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\"\\n}","type":"json"}]', - 'title' => 'ModifyHybridCloudCluster', - ], - 'CreateMemberAccounts' => [ - 'summary' => 'Adds members to use the multi-account management feature of Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'ModifyUserLogFieldConfig', + 'summary' => 'Modifies the default log field configuration of a Web Application Firewall (WAF) instance for log delivery to Simple Log Service.', + 'requestParamsDescription' => '## LogDeliveryStrategy parameter'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| ------- | ------- | -------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| logType | String | Yes | blockLog | The log type. Valid values:<br>\\- **blockLog**: blocked logs.<br>\\- **normalRequestLog**: normal request logs.<br>\\- **checkLog**: detection logs. |'."\n" + .'| rate | Integer | Yes | 90 | The log sampling ratio, in percentage. Valid values: 1 to 100. |'."\n" + ."\n" + .'## ExtendConfig parameter'."\n" + ."\n" + .'#### Parameters'."\n" + ."\n" + .'| Name | Type | Required | Example | Description |'."\n" + .'| -------------- | ------ | -------- | ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n" + .'| request_header | String | Yes | App-Id,channelCode | The request headers for log delivery. You can specify up to 5 headers. Use the `a,b,c,...` format.><notice> If the log fields to deliver include `request_header`, you must specify this parameter. Otherwise, the modification of the default configurations for all fields fails.></notice> |', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyUserLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E2D63742-9BAA-*****\\"\\n}","type":"json"}]', + ], + 'ModifyUserWafLogStatus' => [ + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], @@ -39411,217 +33067,219 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'create', + 'operationType' => 'update', 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '213361', - 'abilityTreeNodes' => [ - 'FEATUREwaf4WHEC3', - ], + 'chargeType' => 'paid', + 'abilityTreeNodes' => ['FEATUREwafJYSA2F'], ], 'parameters' => [ [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'LogStatus', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'Indicates whether Simple Log Service is enabled. Valid values:'."\n" + ."\n" + .'- **0**: Simple Log Service is disabled.'."\n" + ."\n" + .'- **1**: Simple Log Service is enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], [ - 'name' => 'SourceIp', + 'name' => 'LogRegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The source IP address of the request. The system automatically obtains the value of this parameter.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '1.1.X.X', - ], + 'schema' => ['description' => 'The ID of the log storage region. If this parameter is not specified, Simple Log Service is enabled in the region where the WAF instance resides.'."\n" + ."\n" + .'- **cn-hangzhou**: the default region where Simple Log Service is enabled for a WAF instance in the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: the default region where Simple Log Service is enabled for a WAF instance outside the Chinese mainland.'."\n" + ."\n" + .'> Call [DescribeUserSlsLogRegions](~~2712598~~) to query the available log storage regions.', 'type' => 'string', 'required' => false, 'example' => 'cn-beijing', 'title' => ''], ], [ - 'name' => 'MemberAccountIds', + 'name' => 'RegionId', 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'description' => 'The Alibaba Cloud account IDs of the members that you want to add. You can add up to 10 members at the same time.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The Alibaba Cloud account ID of the member.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '139**********55', - ], - 'required' => true, - 'maxItems' => 20, - 'minItems' => 1, - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'description' => 'The response parameters.'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '66A98669-ER12-WE34-23PO-301469*****E', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-****-A47C-6B19160*****', 'title' => ''], + 'LogStoreName' => ['description' => 'The name of the Logstore in Simple Log Service (SLS).', 'type' => 'string', 'example' => 'wafng-logstore', 'title' => ''], + 'ProjectName' => ['description' => 'Indicates whether the Simple Log Service project is created.', 'type' => 'boolean', 'example' => 'wafng-project-14316572********-cn-hangzhou', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\"\\n}","type":"json"}]', - 'title' => 'CreateMemberAccounts', - ], - 'ModifyMemberAccount' => [ - 'summary' => 'Modifies the information about members that are added for multi-account management.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ModifyUserWafLogStatus', + 'summary' => 'Enables or disables Simple Log Service for Web Application Firewall (WAF).', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyUserWafLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-****-A47C-6B19160*****\\",\\n \\"LogStoreName\\": \\"wafng-logstore\\",\\n \\"ProjectName\\": true\\n}","type":"json"}]', + ], + 'ReCreateCloudResource' => [ + 'methods' => ['post'], + 'schemes' => ['https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', + 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'none', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '213362', - 'abilityTreeNodes' => [ - 'FEATUREwaf4WHEC3', - ], + 'abilityTreeCode' => '264065', + 'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'], ], 'parameters' => [ [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceInstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-bp*********k5uj2p', 'title' => ''], ], [ - 'name' => 'InstanceId', + 'name' => 'Port', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_elasticity**-*******021', - ], + 'schema' => ['description' => 'The port of the cloud service that is connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'example' => '443', 'title' => ''], ], [ - 'name' => 'SourceIp', + 'name' => 'ResourceProduct', 'in' => 'query', 'schema' => [ - 'description' => 'The source IP address of the request. The system automatically obtains the value of this parameter.'."\n", + 'description' => 'The type of the cloud service. Valid values:'."\n" + ."\n" + .'- **clb4**: Layer 4 CLB.'."\n" + ."\n" + .'- **clb7**: Layer 7 CLB.'."\n" + ."\n" + .'- **ecs**: ECS.'."\n" + .'- **nlb**: NLB.', 'type' => 'string', + 'deprecated' => true, 'required' => false, - 'example' => '0.0.XX.XX', + 'enum' => ['clb7', 'clb4', 'ecs', 'nlb'], + 'example' => 'clb7', + 'title' => '', ], ], [ - 'name' => 'MemberAccountId', + 'name' => 'CloudResourceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The Alibaba Cloud account ID of the managed member.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '131**********39', - ], + 'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF during cloud native mode registration.'."\n" + ."\n" + .'> You can call [CreateCloudResource](~~2839876~~) to connect a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''], ], [ - 'name' => 'Description', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The description of the member. The description must be 1 to 256 characters in length, and can contain letters, digits, periods (.), underscores (\\_), hyphens (-), and asterisks (\\*).'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'account1', - ], + 'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], + ], + [ + 'name' => 'ResourceManagerResourceGroupId', + 'in' => 'query', + 'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ 'schema' => [ + 'title' => '', + 'description' => 'Schema of Response', 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', - ], + 'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'], ], - 'description' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyMemberAccount', - ], - 'DeleteMemberAccount' => [ - 'summary' => 'Removes the members that are added for multi-account management in Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + 'errorCodes' => [ + 400 => [ + ['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.ResourceNotExist', 'errorMessage' => 'The accessed resource already exists. Resource:%s.', 'description' => 'The accessed resource already exists. Resource:%s.'], + ['errorCode' => 'Waf.Pullin.AlreadyAccessed', 'errorMessage' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', 'description' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.'], + ['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'], + ['errorCode' => 'Waf.Pullin.CloudProductParamNotMatch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'."\n"], + ['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'], + ['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'title' => 'Re-register a cloud service with WAF', + 'summary' => 'Re-registers a cloud service with WAF. This operation is used only when the cloud native mode status is protection exception.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], + 'ramActions' => [ + [ + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:ReCreateCloudResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]', + ], + 'ReleaseInstance' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -39632,195 +33290,152 @@ 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '213363', - 'abilityTreeNodes' => [ - 'FEATUREwaf4WHEC3', - ], + 'abilityTreeCode' => '115002', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], + 'autoTest' => true, ], 'parameters' => [ [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], - ], - [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_esasdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''], ], [ - 'name' => 'SourceIp', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The source IP address of the request. The system automatically obtains the value of this parameter.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '0.0.XX.XX', - ], + 'schema' => ['description' => 'The region to which the WAF instance belongs. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: indicates the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''], ], [ - 'name' => 'MemberAccountId', + 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The Alibaba Cloud account ID of the managed member.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => '131***********39', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '5ABE714C-8890-5D7E-A08B-45CB****5473', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '65626467-8002-5022-9F5F-***', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5ABE714C-8890-5D7E-A08B-45CB650F5473\\"\\n}","type":"json"}]', - 'title' => 'DeleteMemberAccount', - ], - 'DescribeAccountDelegatedStatus' => [ - 'summary' => 'Queries whether an Alibaba Cloud account is the delegated administrator account of a Web Application Firewall (WAF) instance.', - 'methods' => [ - 'post', - 'get', + 'title' => 'ReleaseInstance', + 'summary' => 'Releases a Web Application Firewall (WAF) 3.0 instance.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:ReleaseInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"65626467-8002-5022-9F5F-***\\"\\n}","type":"json"}]', + ], + 'SyncProductInstance' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], - 'operationType' => 'read', + 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'get', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '213360', - 'abilityTreeNodes' => [ - 'FEATUREwaf4WHEC3', - ], + 'abilityTreeCode' => '143827', + 'abilityTreeNodes' => ['FEATUREwafHU8RSD'], ], 'parameters' => [ [ 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zsk****fb09', 'title' => ''], ], [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: the Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''], ], [ 'name' => 'ResourceManagerResourceGroupId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], + 'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4co****f5qa', 'title' => ''], ], ], 'responses' => [ 200 => [ + 'headers' => [], 'schema' => [ 'type' => 'object', 'properties' => [ - 'AccountId' => [ - 'description' => 'The ID of the Alibaba Cloud account.'."\n", - 'type' => 'string', - 'example' => '10***********34', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '8161375D-5958-5627-BFDE-DF14****3E87', - ], - 'DelegatedStatus' => [ - 'description' => 'Indicates whether the Alibaba Cloud account is the delegated administrator account of the WAF instance.'."\n" - ."\n" - .'* **true**'."\n" - .'* **false**'."\n", - 'type' => 'boolean', - 'example' => 'true', - ], - 'AccountName' => [ - 'description' => 'The name of the Alibaba Cloud account. This parameter is returned only if the account is the delegated administrator account.'."\n", - 'type' => 'string', - 'example' => 'account_test', - ], + 'RequestId' => ['description' => 'The ID of the request, which is used to locate and troubleshoot issues.', 'type' => 'string', 'example' => '45BA2382-7C3F-5B29-9A83-C3BCE586****', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8161375D-5958-5627-BFDE-DF1458A73E87\\",\\n \\"DelegatedStatus\\": true,\\n \\"AccountName\\": \\"account_test\\",\\n \\"AccountId\\": \\"10***********34\\"\\n}","type":"json"}]', - 'title' => 'DescribeAccountDelegatedStatus', - ], - 'DescribeMemberAccounts' => [ - 'summary' => 'Queries information about members.', - 'methods' => [ - 'post', - 'get', + 'title' => 'SyncProductInstance', + 'summary' => 'Synchronizes Elastic Compute Service (ECS), Classic Load Balancer (CLB), and Network Load Balancer (NLB) instances to Web Application Firewall (WAF).', + 'description' => 'After you call this operation, the system performs the synchronization asynchronously. You can call the [DescribeProductInstances](~~2743168~~) operation to query the synchronization result.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'SyncProductInstance'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:SyncProductInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"45BA2382-7C3F-5B29-9A83-C3BCE586****\\"\\n}","type":"json"}]', + ], + 'TagResources' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -39828,72 +33443,63 @@ ], 'operationType' => 'write', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '213364', - 'abilityTreeNodes' => [ - 'FEATUREwaf4WHEC3', - ], + 'abilityTreeCode' => '164018', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', - ], - ], - [ 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'cn-hangzhou'], ], [ - 'name' => 'InstanceId', + 'name' => 'ResourceType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', - ], + 'schema' => ['description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'], ], [ - 'name' => 'SourceIp', + 'name' => 'ResourceId', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The source IP address of the request. The system specifies this parameter.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => '0.0.XX.XX', + 'title' => '', + 'description' => 'The IDs of the resources. You can specify up to 50 resource IDs.', + 'type' => 'array', + 'items' => ['description' => 'The ID of the resource.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxaliyundoc.com-waf', 'title' => ''], + 'required' => true, + 'maxItems' => 51, + 'example' => '', ], ], [ - 'name' => 'AccountStatus', + 'name' => 'Tag', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The status of the member that you want to query.'."\n" - ."\n" - .'* **enabled**: managed.'."\n" - .'* **disabled**: not managed.'."\n" - .'* **disabling**: being deleted.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'enabled', + 'title' => '', + 'description' => 'The tags to add to the resource.', + 'type' => 'array', + 'items' => [ + 'type' => 'object', + 'properties' => [ + 'Key' => ['description' => 'The key of tag N to add to the resource. Valid values of N: 1 to 20.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'demoTagKey'], + 'Value' => ['description' => 'The value of tag N to add to the resource. Valid values of N: 1 to 20.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'demoTagValue'], + ], + 'required' => false, + 'description' => '', + 'title' => '', + 'example' => '', + ], + 'required' => true, + 'maxItems' => 21, + 'example' => '', ], ], ], @@ -39902,172 +33508,147 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '50C4A80D-D46C-57E0-9A7D-03C0****4852', - ], - 'AccountInfos' => [ - 'description' => 'The information about the member.'."\n", - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'AccountId' => [ - 'description' => 'The ID of the member.'."\n", - 'type' => 'string', - 'example' => '169************21', - ], - 'AccountName' => [ - 'description' => 'The name of the member.'."\n", - 'type' => 'string', - 'example' => 'ipflgmqqnbjg', - ], - 'AccountStatus' => [ - 'description' => 'The status of the member.'."\n" - ."\n" - .'* **enabled**: managed.'."\n" - .'* **disabled**: not managed.'."\n" - .'* **disabling**: being deleted.'."\n", - 'type' => 'string', - 'example' => 'enabled', - ], - 'Description' => [ - 'description' => 'The description of the member.'."\n", - 'type' => 'string', - 'example' => 'test', - ], - 'GmtCreate' => [ - 'description' => 'The time when the member was added.'."\n", - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1683367751000', - ], - ], - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '57F8460F-8A62-5D79-8ED5-653C****0C6B', 'title' => ''], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"50C4A80D-D46C-57E0-9A7D-03C078474852\\",\\n \\"AccountInfos\\": [\\n {\\n \\"AccountId\\": \\"169************21\\",\\n \\"AccountName\\": \\"ipflgmqqnbjg\\",\\n \\"AccountStatus\\": \\"enabled\\",\\n \\"Description\\": \\"test\\",\\n \\"GmtCreate\\": 1683367751000\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'DescribeMemberAccounts', - ], - 'ChangeResourceGroup' => [ - 'summary' => 'Changes the resource group to which a protected object belongs.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'TagResources', + 'summary' => 'Adds tags to resources.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'TagResources'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:TagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"57F8460F-8A62-5D79-8ED5-653C****0C6B\\"\\n}","type":"json"}]', + ], + 'UntagResources' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], ], ], 'operationType' => 'write', - 'deprecated' => false, 'systemTags' => [ - 'operationType' => 'update', + 'operationType' => 'delete', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '164132', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '164020', + 'abilityTreeNodes' => ['FEATUREwafNZKQ0J'], ], 'parameters' => [ [ - 'name' => 'ResourceId', + 'name' => 'RegionId', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the protected object that you want to manage.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'demo.aliyun.com-waf', - ], + 'schema' => ['description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" + ."\n" + .'- **cn-hangzhou**: Chinese mainland.'."\n" + ."\n" + .'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'cn-hangzhou'], ], [ - 'name' => 'NewResourceGroupId', + 'name' => 'ResourceType', 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the new resource group. You can view the available resource groups in the Resource Management console.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'rg-aek2mcq***', - ], + 'schema' => ['description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'], ], [ - 'name' => 'ResourceType', + 'name' => 'All', 'in' => 'query', - 'schema' => [ - 'description' => 'The resource type. Set the value to defenseresource.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'defenseresource', - ], + 'schema' => ['description' => 'Specifies whether to remove all tags from the specified resource groups or members. Valid values:'."\n" + ."\n" + .'- false (default)'."\n" + ."\n" + .'- true', 'type' => 'boolean', 'required' => false, 'title' => '', 'example' => 'false'], ], [ - 'name' => 'RegionId', + 'name' => 'ResourceId', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', + 'title' => '', + 'description' => 'The resource IDs. You can specify up to 50 resource IDs.', + 'type' => 'array', + 'items' => ['description' => 'The resource ID.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxxaliyundoc.com-waf', 'title' => ''], + 'required' => true, + 'maxItems' => 51, + 'example' => '', ], ], [ - 'name' => 'ResourceManagerResourceGroupId', + 'name' => 'TagKey', 'in' => 'query', + 'style' => 'repeatList', 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', + 'title' => '', + 'description' => 'The tag keys. You can specify up to 20 tag keys.', + 'type' => 'array', + 'items' => ['description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'demoTagKey', 'title' => ''], 'required' => false, - 'example' => 'rg-acfm***q', + 'maxItems' => 21, + 'example' => '', ], ], ], 'responses' => [ 200 => [ 'schema' => [ - 'title' => 'Schema of Response', - 'description' => 'Schema of Response'."\n", 'type' => 'object', 'properties' => [ - 'RequestId' => [ - 'title' => 'Id of the request', - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => '0A916D48-D206-5654-8D37-***', - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7A4B8DB1-A8B0-5362-A65D-6A55****07C5', 'title' => ''], ], + 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', - ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0A916D48-D206-5654-8D37-***\\"\\n}","type":"json"}]', - 'title' => 'ChangeResourceGroup', - ], - 'ListTagKeys' => [ - 'summary' => 'Queries tag keys.', - 'methods' => [ - 'post', - 'get', + 'staticInfo' => ['returnType' => 'synchronous'], + 'title' => 'UntagResources', + 'summary' => 'Removes tags from resources and then deletes the tags.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'UntagResources'], + ], ], - 'schemes' => [ - 'http', - 'https', + 'ramActions' => [ + [ + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:UntagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], ], + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7A4B8DB1-A8B0-5362-A65D-6A55****07C5\\"\\n}","type":"json"}]', + ], + 'VerifyDomainOwner' => [ + 'methods' => ['post', 'get'], + 'schemes' => ['http', 'https'], 'security' => [ [ 'AK' => [], @@ -40075,61 +33656,55 @@ ], 'operationType' => 'read', 'systemTags' => [ - 'operationType' => 'list', + 'operationType' => 'update', 'riskType' => 'none', 'chargeType' => 'free', - 'abilityTreeCode' => '164269', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', - ], + 'abilityTreeCode' => '178142', + 'abilityTreeNodes' => ['FEATUREwafD36LCH'], ], 'parameters' => [ [ - 'name' => 'RegionId', + 'name' => 'InstanceId', 'in' => 'query', - 'schema' => [ - 'title' => '地域', - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - ], + 'schema' => ['description' => 'The ID of the WAF instance.'."\n" + ."\n" + .'> Call [DescribeInstance](~~433756~~) to obtain the WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-*****', 'title' => ''], ], [ - 'name' => 'NextToken', + 'name' => 'DomainName', 'in' => 'query', - 'schema' => [ - 'title' => '下一个查询开始Token', - 'description' => 'The pagination token that is used in the next request to retrieve a new page of results.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'caeba0bbb2be03f84eb48b699f0*****', - ], + 'schema' => ['description' => 'The domain name whose ownership you want to verify.', 'type' => 'string', 'required' => true, 'example' => 'example.com', 'title' => ''], ], [ - 'name' => 'ResourceType', + 'name' => 'VerifyType', 'in' => 'query', 'schema' => [ - 'title' => '资源类型', - 'description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.'."\n", + 'description' => 'The verification method. Valid values:'."\n" + ."\n" + .'- **dnsCheck**: DNS verification.'."\n" + ."\n" + .'- **fileCheck**: File verification.', + 'enumValueTitles' => ['fileCheck' => 'File verification', 'dnsCheck' => 'DNS verification'], 'type' => 'string', 'required' => true, - 'example' => 'ALIYUN::WAF::DEFENSERESOURCE', + 'example' => 'dnsCheck', + 'title' => '', ], ], [ - 'name' => 'InstanceId', + 'name' => 'Protocol', 'in' => 'query', 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" + 'description' => 'The protocol type used for file verification. This parameter is required only when you set VerifyType to fileCheck. Valid values:'."\n" + ."\n" + .'- **HTTP**: the HTTP protocol.'."\n" ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", + .'- **HTTPS**: the HTTPS protocol.', + 'enumValueTitles' => ['HTTPS' => 'HTTPS', 'HTTP' => 'HTTP'], 'type' => 'string', - 'required' => true, - 'example' => 'waf_v3prepaid_public_cn-wwo****iw02', + 'required' => false, + 'example' => 'HTTP', + 'title' => '', ], ], ], @@ -40138,1363 +33713,4977 @@ 'schema' => [ 'type' => 'object', 'properties' => [ - 'NextToken' => [ - 'title' => '下一个查询开始Token,NextToken为空说明没有下一个', - 'description' => 'A pagination token. It can be used in the next request to retrieve a new page of results. If NextToken is empty, no next page exists.'."\n", - 'type' => 'string', - 'example' => 'caeba0bbb2be03f84eb48b699f0*****', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '8CB8BB88-24C7-5608-BF5E-4DCA****CF1C', - ], - 'Keys' => [ - 'title' => '资源列表', - 'description' => 'The keys and types of the tags.'."\n", - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'title' => '标签键', - 'description' => 'The key of the tag.'."\n", - 'type' => 'string', - 'example' => 'demoTagKey', - ], - 'Category' => [ - 'description' => 'The type of the tag. Valid values:'."\n" - ."\n" - .'* custom'."\n" - .'* system'."\n", - 'type' => 'string', - 'example' => 'custom', - ], - ], + 'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''], + 'VerifyResult' => [ + 'description' => 'The verification result.', + 'type' => 'object', + 'properties' => [ + 'FailCode' => ['description' => 'The reason why the verification failed.'."\n" + ."\n" + .'- DnsTxtVerifyFailed: The DNS TXT record does not match.'."\n" + ."\n" + .'- DnsServerError: The DNS server is abnormal.'."\n" + ."\n" + .'- VerifyFileNotExist: The verification file does not exist.'."\n" + ."\n" + .'- VerifyDomainNotAccess: Failed to access the domain name.'."\n" + ."\n" + .'- FileContentVerifyFailed: The file content does not match.', 'type' => 'string', 'example' => 'DnsTxtVerifyFailed', 'title' => ''], + 'Result' => ['description' => 'The verification result. Valid values:'."\n" + ."\n" + .'- **true**: The verification is successful.'."\n" + ."\n" + .'- **false**: The verification failed.', 'type' => 'boolean', 'example' => 'true', 'title' => ''], ], + 'title' => '', + 'example' => '', ], ], 'description' => '', + 'title' => '', + 'example' => '', ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + 'title' => 'VerifyDomainOwner', + 'summary' => 'Verifies that you own the specified domain name. Domain ownership must be verified before you can add a domain name to Web Application Firewall (WAF) by using CNAME access.', + 'changeSet' => [], + 'flowControl' => [ + 'flowControlList' => [], ], - 'eventInfo' => [ - 'enable' => false, - 'eventNames' => [], + 'ramActions' => [ + [ + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:VerifyDomainOwner', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"RequestId\\": \\"8CB8BB88-24C7-5608-BF5E-4DCA****CF1C\\",\\n \\"Keys\\": [\\n {\\n \\"Key\\": \\"demoTagKey\\",\\n \\"Category\\": \\"custom\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'ListTagKeys', + 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"VerifyResult\\": {\\n \\"FailCode\\": \\"DnsTxtVerifyFailed\\",\\n \\"Result\\": true\\n }\\n}","type":"json"}]', ], - 'UntagResources' => [ - 'summary' => 'Removes tags from resources and then deletes the tags.', - 'methods' => [ - 'post', - 'get', + ], + 'endpoints' => [ + ['regionId' => 'ap-southeast-1', 'regionName' => 'Singapore', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'wafopenapi.ap-southeast-1.aliyuncs.com', 'endpoint' => 'wafopenapi.ap-southeast-1.aliyuncs.com', 'vpc' => 'wafopenapi-intl.vpc-proxy.aliyuncs.com'], + ['regionId' => 'cn-hangzhou', 'regionName' => 'China (Hangzhou)', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'wafopenapi.cn-hangzhou.aliyuncs.com', 'endpoint' => 'wafopenapi.cn-hangzhou.aliyuncs.com', 'vpc' => 'wafopenapi.vpc-proxy.aliyuncs.com'], + ], + 'errorCodes' => [ + ['code' => '10900', 'message' => 'Invalid parameter', 'http_code' => 400, 'description' => 'Invalid parameter'], + ['code' => '11001', 'message' => 'Internal server error', 'http_code' => 400, 'description' => 'System internal error'], + ['code' => '500', 'message' => 'Internal server error', 'http_code' => 500, 'description' => 'Internal System Error'], + ['code' => 'AccountSafeUsed', 'message' => 'The feature of account security is being used.', 'http_code' => 400, 'description' => 'The account security feature is in use.'], + ['code' => 'AclIpCountOverLimit', 'message' => 'Ip count in ACL rule is over limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the custom rule (ACL) exceeds the limit.'], + ['code' => 'AclParamError', 'message' => 'Acl param invalid.', 'http_code' => 400, 'description' => 'The ACL parameter is invalid.'], + ['code' => 'AntifraudOrAntifriaudJsUsed', 'message' => 'The feature of data risk control is being used.', 'http_code' => 400, 'description' => 'The data risk control feature is in use.'], + ['code' => 'BotAlgorithmUsed', 'message' => 'The feature of crawler behavior algorithm is being used.', 'http_code' => 400, 'description' => 'The typical bot behavior identification feature is in effect.'], + ['code' => 'BusinessDomainNotRecord', 'message' => 'The specified domain name is not ICP filed.', 'http_code' => 400, 'description' => 'The specified domain name does not have an ICP filing.'], + ['code' => 'BusinessInvalidArgument', 'message' => 'The specified parameters are invalid.', 'http_code' => 403, 'description' => 'The specified parameter is invalid.'], + ['code' => 'BusinessInvalidDomainIpInvalid', 'message' => 'The IP address cannot be added.', 'http_code' => 403, 'description' => 'The IP address cannot be added.'], + ['code' => 'BusinessInvalidIpv6', 'message' => 'Back-to-origin IPv6 addresses are not supported. To add these IP addresses, you must enable the feature of forwarding requests to origin servers over IPv6.', 'http_code' => 403, 'description' => 'Back-to-origin IPv6 addresses are not supported. To add these IP addresses, you must enable the feature of forwarding requests to origin servers over IPv6.'], + ['code' => 'BusinessInvalidSourceIp', 'message' => 'The origin fetch address includes disallowed IP addresses or domains.', 'http_code' => 400, 'description' => 'The back-to-origin addresses include IP addresses and domain names that are not allowed.'], + ['code' => 'BusinessIpDomain', 'message' => 'The current access domain does not support in IP format.', 'http_code' => 400, 'description' => 'The IP address format is not supported.'], + ['code' => 'BusinessMainDomainNotSupport', 'message' => 'The added primary domain name is not supported.', 'http_code' => 403, 'description' => 'The added second-level domain name is not supported.'], + ['code' => 'BusinessSourceIpSupportVirtuaIp', 'message' => 'You can only add wan net ip.', 'http_code' => 403, 'description' => 'Currently, it is a customized version of shared virtual host, and only the IP address of Wanwang virtual host can be added.'], + ['code' => 'BusinessViolation', 'message' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.', 'http_code' => 400, 'description' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.'], + ['code' => 'CertDomainNotMatch', 'message' => 'The certificate does not include this domain.', 'http_code' => 400, 'description' => 'This certificate does not contain the domain name.'], + ['code' => 'CertExpiredError', 'message' => 'The certificate has expired. Do not continue using this certificate.', 'http_code' => 400, 'description' => 'The certificate is expired. You can no longer use this certificate.'], + ['code' => 'CertFormatError', 'message' => 'The certificate is malformed.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'], + ['code' => 'CertKeyNotMatch', 'message' => 'The certificate file and private key do not match.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key of the certificate.'], + ['code' => 'CertNameDuplicateError', 'message' => 'The certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate already exists.'], + ['code' => 'CertNameExisted', 'message' => 'The certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate already exists.'], + ['code' => 'CertNotExist', 'message' => 'The certificate is not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'], + ['code' => 'ComboError', 'message' => 'No package information is available.', 'http_code' => 400, 'description' => 'No software package information is available.'], + ['code' => 'CustomAclOrCcUsed', 'message' => 'The feature of advanced conditions is being used.', 'http_code' => 400, 'description' => 'The custom rule (ACL) is in use.'], + ['code' => 'CustomRulesGroupUsed', 'message' => 'The feature of custom rule group is being used.', 'http_code' => 400, 'description' => 'The custom policy group is in use.'], + ['code' => 'CustomSpeedLimitUsed', 'message' => 'The feature of custom throttling is being used.', 'http_code' => 400, 'description' => 'The custom rule (throttling) is in use.'], + ['code' => 'Defense.Contro.DefenseTemplateSubSceneNotExist', 'message' => 'The protection scenario template sub-scene does not exist.', 'http_code' => 400, 'description' => 'The protection scenario template sub-scene does not exist.'], + ['code' => 'Defense.Control.DefenseActonExpiredTimeInvalid', 'message' => 'The expiration time of the rule action is invalid.', 'http_code' => 400, 'description' => 'The expiration time of the rule action is invalid.'], + ['code' => 'Defense.Control.DefenseAddressBookInUse', 'message' => 'The address book is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'The address book is in use and cannot be deleted. Rules for using this address book: %s.'], + ['code' => 'Defense.Control.DefenseAddressFileFormatError', 'message' => 'The format of the uploaded address book file is incorrect.', 'http_code' => 400, 'description' => 'The format of the uploaded address book file is incorrect.'], + ['code' => 'Defense.Control.DefenseAddressInvalid', 'message' => 'The address in the address book is illegal.', 'http_code' => 400, 'description' => 'The address in the address book is illegal.'], + ['code' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'message' => 'Address book operations are too frequent.', 'http_code' => 400, 'description' => 'Address book operations are too frequent. Please try again later.'], + ['code' => 'Defense.Control.DefenseAddressOversize', 'message' => 'The number of addresses in the address book exceeds the limit.', 'http_code' => 400, 'description' => 'The number of addresses in the address book exceeds the limit.'], + ['code' => 'Defense.Control.DefenseAddressUploading', 'message' => 'The address book file is being uploaded, please try again later.', 'http_code' => 400, 'description' => 'The address book file is being uploaded, please try again later.'], + ['code' => 'Defense.Control.DefenseAiAssetPositionInvalid', 'message' => 'The position parameter of the large model protection asset is incorrect.', 'http_code' => 400, 'description' => 'The position parameter of the large model protection asset is incorrect.'], + ['code' => 'Defense.Control.DefenseAiWhitelistStatusInvalid', 'message' => 'The status of ai whitelist is invalid.', 'http_code' => 400, 'description' => 'The status of the intelligent whitelist is invalid.'], + ['code' => 'Defense.Control.DefenseAntiscanRuleConfigInvalid', 'message' => 'The configuration of anti scanning rules in the scanning protection policy is illegal.', 'http_code' => 400, 'description' => 'The configuration of the scan protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseAntiscanRuleConfigInvalid', 'message' => 'The configuration of the scan protection rule is invalid.', 'http_code' => 400, 'description' => 'The configuration of the scan protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseApisecRuleRegexInvalid', 'message' => 'The regular expression in the API security rule is invalid. Error reason: %s.', 'http_code' => 400, 'description' => 'The regular expression in an API security rule is invalid. Error reason:%s.'], + ['code' => 'Defense.Control.DefenseAssetConditionDuplicate', 'message' => 'The match conditions of the asset is duplicated with other assets.', 'http_code' => 400, 'description' => 'The match conditions of the asset is duplicated with other assets.'], + ['code' => 'Defense.Control.DefenseAssetConditionInvalid', 'message' => 'The protection asset flow matching condition is incorrect.', 'http_code' => 400, 'description' => 'The protection asset flow matching condition is incorrect.'], + ['code' => 'Defense.Control.DefenseAssetConfigInvalid', 'message' => 'The protection asset is configured incorrectly.', 'http_code' => 400, 'description' => 'The protection asset is configured incorrectly.'], + ['code' => 'Defense.Control.DefenseAssetCountOversize', 'message' => 'The number of protected assets exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected assets exceeds the limit.'], + ['code' => 'Defense.Control.DefenseAssetExist', 'message' => 'Protective asset configuration already exists.', 'http_code' => 400, 'description' => 'Protective asset configuration already exists.'], + ['code' => 'Defense.Control.DefenseAssetNameComplicate', 'message' => 'The name of the asset duplicates another asset.', 'http_code' => 400, 'description' => 'The name of the asset duplicates another asset.'], + ['code' => 'Defense.Control.DefenseAssetNameInvalid', 'message' => 'The asset name is illegal.', 'http_code' => 400, 'description' => 'The asset name is illegal.'], + ['code' => 'Defense.Control.DefenseAssetNotExist', 'message' => 'Protective asset does not exist.', 'http_code' => 400, 'description' => 'Protective asset does not exist.'], + ['code' => 'Defense.Control.DefenseAssetNotSupported', 'message' => 'The protected assets feature is not supported.', 'http_code' => 400, 'description' => 'The protected assets feature is not supported.'], + ['code' => 'Defense.Control.DefenseAssetStatusInvalid', 'message' => 'The asset status is illegal.', 'http_code' => 400, 'description' => 'The asset status is illegal.'], + ['code' => 'Defense.Control.DefenseBookTypeInvalid', 'message' => 'The address book type is illegal.', 'http_code' => 400, 'description' => 'The address book type is illegal.'], + ['code' => 'Defense.Control.DefenseBotManagerWebSdkNotSupport', 'message' => 'Fencing object does not support automatic integration with WebSdk.', 'http_code' => 400, 'description' => 'Fencing object does not support automatic integration with WebSdk.'], + ['code' => 'Defense.Control.DefenseBotResourceCrossBindError', 'message' => 'The same protection object in a Bot scene cannot be integrated and bound at the same time.', 'http_code' => 400, 'description' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.'], + ['code' => 'Defense.Control.DefenseBotResourceCrossBindError', 'message' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.', 'http_code' => 400, 'description' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.'], + ['code' => 'Defense.Control.DefenseClientSideDetectionConfigInvalid', 'message' => 'The client-side protection detection rule is incorrectly configured.', 'http_code' => 400, 'description' => 'The client-side protection detection rule is incorrectly configured.'], + ['code' => 'Defense.Control.DefenseCodecRuleAlreadyExist', 'message' => 'Duplicate anti scanning rules in the scanning protection strategy.', 'http_code' => 400, 'description' => 'The scan protection rule exists.'], + ['code' => 'Defense.Control.DefenseCodecRuleAlreadyExist', 'message' => 'The scan protection rule exists.', 'http_code' => 400, 'description' => 'The scan protection rule exists.'], + ['code' => 'Defense.Control.DefenseConfigNotSupported', 'message' => 'The defense configuration is not supported.', 'http_code' => 400, 'description' => 'The protection feature is not supported.'], + ['code' => 'Defense.Control.DefenseCustomResponseHeadersOutOfSize', 'message' => 'The number of custom headers of custom response rules in the protection policy exceeds the limit.', 'http_code' => 400, 'description' => 'The number of custom Header fields in the custom response rule exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseCustomResponseHeadersOutOfSize', 'message' => 'The number of custom Header fields in the custom response rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of custom Header fields in the custom response rule exceeds the limit.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleActionInvalid', 'message' => 'The custom response rule action does not match the rule action.', 'http_code' => 400, 'description' => 'Custom response rule action does not match rule action'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleConfigInvalid', 'message' => 'Illegal configuration of custom response rule in protection policy.', 'http_code' => 400, 'description' => 'The configuration of the custom response rule is invalid.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleConfigInvalid', 'message' => 'The configuration of the custom response rule is invalid.', 'http_code' => 400, 'description' => 'The configuration of the custom response rule is invalid.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleExist', 'message' => 'The custom response rule in the protection policy already exists.', 'http_code' => 400, 'description' => 'The custom response rule exists.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleExist', 'message' => 'The custom response rule exists.', 'http_code' => 400, 'description' => 'The custom response rule exists.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleInUse', 'message' => 'The custom response rule is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'Custom response rule in use, list of associated rules:%s, list of associated objects:%s'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleNotExist', 'message' => 'The custom response rule does not exist.', 'http_code' => 400, 'description' => 'The custom response rule does not exist.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleNotPermitDelete', 'message' => 'The custom response rule in the protection policy cannot be deleted', 'http_code' => 400, 'description' => 'You cannot delete custom response rules.'], + ['code' => 'Defense.Control.DefenseCustomResponseRuleNotPermitDelete', 'message' => 'You cannot delete custom response rules.', 'http_code' => 400, 'description' => 'You cannot delete custom response rules.'], + ['code' => 'Defense.Control.DefenseDownloadOssFileFailed', 'message' => 'Failed to parse OSS files.', 'http_code' => 400, 'description' => 'Failed to parse OSS files.'], + ['code' => 'Defense.Control.DefenseExtensionPluginContentNotEmpty', 'message' => 'Extension content cannot be empty.', 'http_code' => 400, 'description' => 'Extension content cannot be empty.'], + ['code' => 'Defense.Control.DefenseExtensionPluginIdInvalid', 'message' => 'Invalid extension ID.', 'http_code' => 400, 'description' => 'Invalid extension ID.'], + ['code' => 'Defense.Control.DefenseExtensionPluginIdNotEmpty', 'message' => 'Extension ID is not allowed to be empty.', 'http_code' => 400, 'description' => 'Extension ID is not allowed to be empty.'], + ['code' => 'Defense.Control.DefenseExtensionPluginParamsNotEmpty', 'message' => 'Extension parameter cannot be empty.', 'http_code' => 400, 'description' => 'Extension parameter cannot be empty.'], + ['code' => 'Defense.Control.DefenseExtensionPluginParamsTypeNotSupport', 'message' => 'The extension parameter type is not supported.', 'http_code' => 400, 'description' => 'The extension parameter type is not supported.'], + ['code' => 'Defense.Control.DefenseExtensionPluginParamsValueTypeNotMatch', 'message' => 'Extension parameter value does not match type.', 'http_code' => 400, 'description' => 'Extension parameter value does not match type.'], + ['code' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'message' => 'The Extension rule is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'Extension rule in use, association rule list:%s'], + ['code' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'message' => 'Extension rule in use, list of association rules:%s.', 'http_code' => 400, 'description' => 'Extension rule in use, list of association rules:%s.'], + ['code' => 'Defense.Control.DefenseInOperation', 'message' => 'Protection configuration is operating, please try again later.', 'http_code' => 400, 'description' => 'Protection configuration is operating, please try again later.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpEmpty', 'message' => 'The IP in the IP blacklist cannot be empty.', 'http_code' => 400, 'description' => 'You must add IP addresses to the IP address blacklist.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpEmpty', 'message' => 'You must add IP addresses to the IP address blacklist.', 'http_code' => 400, 'description' => 'You must add IP addresses to the IP address blacklist.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpInvalid', 'message' => 'Illegal IP in IP blacklist.', 'http_code' => 400, 'description' => 'The IP addresses in the IP address blacklist are invalid.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpInvalid', 'message' => 'The IP addresses in the IP address blacklist are invalid.', 'http_code' => 400, 'description' => 'The IP addresses in the IP address blacklist are invalid.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpOutOfRange', 'message' => 'The number of IPS in the IP blacklist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist exceeds the limit.'], + ['code' => 'Defense.Control.DefenseIpBlacklistIpOutOfRange', 'message' => 'The number of IP addresses in the IP address blacklist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist exceeds the limit.'], + ['code' => 'Defense.Control.DefenseIpCountOversize', 'message' => 'The number of IPs exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IPs exceeds the limit.'], + ['code' => 'Defense.Control.DefenseLogModifyStatusFailed', 'message' => 'Failed to modify protected object state through log service.', 'http_code' => 400, 'description' => 'Failed to change the Log Service configuration for the protected object.'], + ['code' => 'Defense.Control.DefenseLogModifyStatusFailed', 'message' => 'Failed to change the status of the protected object.', 'http_code' => 400, 'description' => 'Failed to change the status of the protected object.'], + ['code' => 'Defense.Control.DefenseLogTimeExpired', 'message' => 'The time for querying logs has expired.', 'http_code' => 400, 'description' => 'The query log time has expired.'], + ['code' => 'Defense.Control.DefenseMajorProtectionRuleConfigInvalid', 'message' => 'The rules that are configured in the protection template for major events are invalid.', 'http_code' => 400, 'description' => 'The rules that are configured in the protection template for major events are invalid.'], + ['code' => 'Defense.Control.DefenseMajorProtectionRuleExist', 'message' => 'The rules that are configured in the protection template for major events already exist.', 'http_code' => 400, 'description' => 'The rules that are configured in the protection template for major events already exist.'], + ['code' => 'Defense.Control.DefenseOssFileNotFound', 'message' => 'Failed to find the OSS files that are uploaded.', 'http_code' => 400, 'description' => 'Failed to find the OSS files that are uploaded.'], + ['code' => 'Defense.Control.DefensePolicyInUse', 'message' => 'The custom regular rule group is referenced by the template and cannot be deleted.', 'http_code' => 400, 'description' => 'The custom regular expression rule group is referenced by the template and cannot be deleted.'], + ['code' => 'Defense.Control.DefensePolicyNotFound', 'message' => 'Regular rule group does not exist.', 'http_code' => 400, 'description' => 'The regular expression rule group does not exist.'], + ['code' => 'Defense.Control.DefensePolicyNotFound', 'message' => 'The regular expression rule group does not exist.', 'http_code' => 400, 'description' => 'The regular expression rule group does not exist.'], + ['code' => 'Defense.Control.DefensePolicyOwnedByAnotherUser', 'message' => 'Custom regular rule group does not belong to this user.', 'http_code' => 400, 'description' => 'The regular expression rule group does not belong to the user.'], + ['code' => 'Defense.Control.DefensePolicyOwnedByAnotherUser', 'message' => 'The regular expression rule group does not belong to the user.', 'http_code' => 400, 'description' => 'The regular expression rule group does not belong to the user.'], + ['code' => 'Defense.Control.DefensePolicyRuleAlreadyExist', 'message' => 'Regular rule group rule in basic protection policy already exists.', 'http_code' => 400, 'description' => 'Regular expression rules exist in the basic protection rule module.'], + ['code' => 'Defense.Control.DefensePolicyRuleAlreadyExist', 'message' => 'Regular expression rules exist.', 'http_code' => 400, 'description' => 'Regular expression rules exist.'], + ['code' => 'Defense.Control.DefenseResourceAccessNotDelete', 'message' => 'The protection object from access cannot be deleted.', 'http_code' => 400, 'description' => 'You cannot delete the protected objects that are automatically synchronized.'], + ['code' => 'Defense.Control.DefenseResourceAccessNotDelete', 'message' => 'You cannot delete the protected objects that are automatically synchronized.', 'http_code' => 400, 'description' => 'You cannot delete the protected objects that are automatically synchronized.'], + ['code' => 'Defense.Control.DefenseResourceAddDeleteSameTime', 'message' => 'The protected objects in the protection group cannot be bound and unbound at the same time.', 'http_code' => 400, 'description' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.'], + ['code' => 'Defense.Control.DefenseResourceAddDeleteSameTime', 'message' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.', 'http_code' => 400, 'description' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.'], + ['code' => 'Defense.Control.DefenseResourceAlreadyInCustom', 'message' => 'The protection object has been bound with a custom protection policy.', 'http_code' => 400, 'description' => 'The protected object is bound to a custom protection rule.'], + ['code' => 'Defense.Control.DefenseResourceAlreadyInCustom', 'message' => 'The protected object is bound to a custom protection template.', 'http_code' => 400, 'description' => 'The protected object is bound to a custom protection template.'], + ['code' => 'Defense.Control.DefenseResourceAndGroupConflict', 'message' => 'The name of the protected object is the same as the name of the protected object group.', 'http_code' => 400, 'description' => 'The name of the protected object is the same as the name of the protected object group.'], + ['code' => 'Defense.Control.DefenseResourceCountOverSize', 'message' => 'The number of protected objects exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceDetailInvalid', 'message' => 'The detail field of the protected object is illegal.', 'http_code' => 400, 'description' => 'The detail field for the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceDetailInvalid', 'message' => 'The detail field of the protected object is invalid.', 'http_code' => 400, 'description' => 'The detail field for the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceDetailNotEmpty', 'message' => 'The details of the protected object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the detail field for the protected object.'], + ['code' => 'Defense.Control.DefenseResourceDetailNotEmpty', 'message' => 'You must configure the detail field of the protected object.', 'http_code' => 400, 'description' => 'You must configure the detail field for the protected object.'], + ['code' => 'Defense.Control.DefenseResourceExist', 'message' => 'Protection object already exists.', 'http_code' => 400, 'description' => 'The protected object exists.'], + ['code' => 'Defense.Control.DefenseResourceExist', 'message' => 'The protected object exists.', 'http_code' => 400, 'description' => 'The protected object exists.'], + ['code' => 'Defense.Control.DefenseResourceGroupCountOverSize', 'message' => 'The number of protection groups exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected object groups exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseResourceGroupCountOverSize', 'message' => 'The number of protected object groups exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected object groups exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceGroupDescriptionInvalid', 'message' => 'Illegal protection group description information.', 'http_code' => 400, 'description' => 'The description of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupDescriptionInvalid', 'message' => 'The description of the protected object group is invalid.', 'http_code' => 400, 'description' => 'The description of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupExist', 'message' => 'Protection group already exists.', 'http_code' => 400, 'description' => 'The protected object group exists.'], + ['code' => 'Defense.Control.DefenseResourceGroupExist', 'message' => 'The protected object group exists.', 'http_code' => 400, 'description' => 'The protected object group exists.'], + ['code' => 'Defense.Control.DefenseResourceGroupNameInvalid', 'message' => 'Illegal protection group name.', 'http_code' => 400, 'description' => 'The name of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupNameInvalid', 'message' => 'The name of the protected object group is invalid.', 'http_code' => 400, 'description' => 'The name of the protected object group is invalid.'], + ['code' => 'Defense.Control.DefenseResourceGroupNotExist', 'message' => 'Protection group does not exist.', 'http_code' => 400, 'description' => 'The protected object group does not exist.'], + ['code' => 'Defense.Control.DefenseResourceGroupNotExist', 'message' => 'The protected object group does not exist.', 'http_code' => 400, 'description' => 'The protected object group does not exist.'], + ['code' => 'Defense.Control.DefenseResourceInGroupCountOverSize', 'message' => 'The number of protected objects in the protection group exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protected object group exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseResourceInGroupCountOverSize', 'message' => 'The number of protected objects in the protected object group exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protected object group exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceInTemplateCountOverSize', 'message' => 'The number of protected objects in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protection template exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceInvalid', 'message' => 'The name of the protected object is illegal.', 'http_code' => 400, 'description' => 'The name of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceInvalid', 'message' => 'The name of the protected object is invalid.', 'http_code' => 400, 'description' => 'The name of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceModelInvalid', 'message' => 'The model of the protected object is illegal.', 'http_code' => 400, 'description' => 'The model of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceModelInvalid', 'message' => 'The model of the protected object is invalid.', 'http_code' => 400, 'description' => 'The model of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceNameAndAssetConflict', 'message' => 'The protected object or protection group name is the same as the protected asset ID.', 'http_code' => 400, 'description' => 'The protected object or protection group name is the same as the protected asset ID.'], + ['code' => 'Defense.Control.DefenseResourceNotExist', 'message' => 'Protection object does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'], + ['code' => 'Defense.Control.DefenseResourceNotExist', 'message' => 'The protected object does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotEmpty', 'message' => 'The protection form of the protected object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the protection pattern of the protected object.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotEmpty', 'message' => 'You must configure the protection pattern of the protected object.', 'http_code' => 400, 'description' => 'You must configure the protection pattern of the protected object.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotFound', 'message' => 'The protection form of the protected object is illegal.', 'http_code' => 400, 'description' => 'The protection pattern of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourcePatternNotFound', 'message' => 'The protection pattern of the protected object is invalid.', 'http_code' => 400, 'description' => 'The protection pattern of the protected object is invalid.'], + ['code' => 'Defense.Control.DefenseResourceProductNotEmpty', 'message' => 'The product information of the protection object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the service information about the protected object.'], + ['code' => 'Defense.Control.DefenseResourceProductNotEmpty', 'message' => 'You must configure the service information about the protected object.', 'http_code' => 400, 'description' => 'You must configure the service information about the protected object.'], + ['code' => 'Defense.Control.DefenseResourceRelationExist', 'message' => 'The protection object has been bound.', 'http_code' => 400, 'description' => 'The protected object is added to a protected object group.'], + ['code' => 'Defense.Control.DefenseResourceRelationExist', 'message' => 'The protected object is added to a protected object group.', 'http_code' => 400, 'description' => 'The protected object is added to a protected object group.'], + ['code' => 'Defense.Control.DefenseResourceRelationNotExist', 'message' => 'The protected object is not added to the protected object group.', 'http_code' => 400, 'description' => 'The fencing object is not added to the fencing object group'], + ['code' => 'Defense.Control.DefenseResourceRuleAccountDecodeTypeInvalid', 'message' => 'The decoding type in the account extraction rule is invalid.', 'http_code' => 400, 'description' => 'The decoding type in the account extraction rule is invalid.'], + ['code' => 'Defense.Control.DefenseResourceRuleAccountOversize', 'message' => 'The number of extracted configurations in the account extraction rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of extracted configurations in the account extraction rule exceeds the limit.'], + ['code' => 'Defense.Control.DefenseResourceRuleAccountPriorityInvalid', 'message' => 'The configuration priority in the account extraction rule is invalid.', 'http_code' => 400, 'description' => 'The configuration priority in the account extraction rule is invalid.'], + ['code' => 'Defense.Control.DefenseResourceRuleNotPermitModify', 'message' => 'This protected resource rule cannot be modified.', 'http_code' => 400, 'description' => 'This protected resource rule cannot be modified.'], + ['code' => 'Defense.Control.DefenseResourceRuleNotPermitUpdateStatus', 'message' => 'This protected resource rule does not allow update status.', 'http_code' => 400, 'description' => 'This protected resource rule does not allow update status'], + ['code' => 'Defense.Control.DefenseResourceTemplateIdInvalid', 'message' => 'When querying the protection objects or protection groups that can be bound in the protection policy, the protection policy ID is invalid.', 'http_code' => 400, 'description' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.'], + ['code' => 'Defense.Control.DefenseResourceTemplateIdInvalid', 'message' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.', 'http_code' => 400, 'description' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.'], + ['code' => 'Defense.Control.DefenseResponseStatusInvalid', 'message' => 'Response log switch status is illegal.', 'http_code' => 400, 'description' => 'The status of the response log switch is invalid.'], + ['code' => 'Defense.Control.DefenseRuleAccountProtectorConfigInvalid', 'message' => 'Account Security Rule configuration error.', 'http_code' => 400, 'description' => 'Error configuring account security rules in protection rules. %s'], + ['code' => 'Defense.Control.DefenseRuleActionInvalid', 'message' => 'Illegal action of protection rules.', 'http_code' => 400, 'description' => 'The action that is defined in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleActionInvalid', 'message' => 'The action that is defined in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The action that is defined in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleAttackLevelConflict', 'message' => 'The attack level of the large model prompt word attack protection rule is repeated.', 'http_code' => 400, 'description' => 'The attack level of the large model prompt word attack protection rule is repeated.'], + ['code' => 'Defense.Control.DefenseRuleAutoOriginInvalid', 'message' => 'The origin of auto rules is invalid.', 'http_code' => 400, 'description' => 'The origin of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleAutoUpdateInvalid', 'message' => 'Invalid automatic update configuration.', 'http_code' => 400, 'description' => 'Invalid automatic update configuration.'], + ['code' => 'Defense.Control.DefenseRuleBotConfigInvalid', 'message' => 'Illegal Bot Scene Rule Configuration.', 'http_code' => 400, 'description' => 'The scenario-specific configuration is invalid.'], + ['code' => 'Defense.Control.DefenseRuleBotTrafficInvalid', 'message' => 'Illegal traffic characteristics in Bot scene.', 'http_code' => 400, 'description' => 'The traffic characteristics in the scenario-specific configuration are invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionEmpty', 'message' => 'The flow characteristic in the protection rule cannot be empty.', 'http_code' => 400, 'description' => 'You must configure traffic characteristics in the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleConditionEmpty', 'message' => 'You must configure the traffic characteristics in the protection rule.', 'http_code' => 400, 'description' => 'You must configure traffic characteristics in the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleConditionKeyInvalid', 'message' => 'Invalid flow characteristic matching field of protection rule.', 'http_code' => 400, 'description' => 'The match field in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionKeyInvalid', 'message' => 'The match field in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The match field in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionOpValueInvalid', 'message' => 'Invalid protection rule flow characteristic logic symbol.', 'http_code' => 400, 'description' => 'The logical operator in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionOpValueInvalid', 'message' => 'The logical operator in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The logical operator in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionOversize', 'message' => 'The number of flow characteristics of the protection rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of traffic features in the protection rule exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseRuleConditionValueInvalid', 'message' => 'Matching content of flow characteristics of invalid protection rules.', 'http_code' => 400, 'description' => 'The match content in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConditionValueInvalid', 'message' => 'The match content in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The match content in the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleConfigNotPermitModify', 'message' => 'The protection scenario rule cannot be modified.', 'http_code' => 400, 'description' => 'The protection scenario rule cannot be modified.'], + ['code' => 'Defense.Control.DefenseRuleContentModerationConfigInvalid', 'message' => 'Large model content security scenario protection rule configuration error.', 'http_code' => 400, 'description' => 'Large model content security scenario protection rule configuration error.'], + ['code' => 'Defense.Control.DefenseRuleCountOverSize', 'message' => 'The number of protection rules exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection rules exceeds the limit.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountEmpty', 'message' => 'Number of protection rules created or modified at a time cannot be empty.', 'http_code' => 400, 'description' => 'You must specify the number of protection rules that you want to create or modify at the same time.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountEmpty', 'message' => 'You must specify the number of protection rules that you want to create or modify at the same time.', 'http_code' => 400, 'description' => 'You must specify the number of protection rules that you want to create or modify at the same time.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountOverSize', 'message' => 'The number of protection resources in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected resources in the protection template exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseRuleCreateModifyCountOverSize', 'message' => 'The number of protected resources in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected resources in the protection template exceeds the limit.'], + ['code' => 'Defense.Control.DefenseRuleDetectAttackLevelConflict', 'message' => 'The detection type and attack level in the content security protection rules of the large model are the same.', 'http_code' => 400, 'description' => 'The detection type and attack level in the content security protection rules of the large model are the same.'], + ['code' => 'Defense.Control.DefenseRuleDistinctConditionOpValueInvalid', 'message' => 'Invalid traffic feature logic symbol for protection deduplication statistics rule.', 'http_code' => 400, 'description' => 'Invalid traffic feature logic symbol for protection deduplication statistics rule'], + ['code' => 'Defense.Control.DefenseRuleDistinctConditionValueInvalid', 'message' => 'The threshold configuration of the deduplication statistics of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The threshold configuration of the deduplication statistics of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleGrayConfigInvalid', 'message' => 'The gray-scale effective configuration of the rule is invalid.', 'http_code' => 400, 'description' => 'Invalid canary release configurations for protection rules'], + ['code' => 'Defense.Control.DefenseRuleIdConflict', 'message' => 'The protection rule ID is duplicate.', 'http_code' => 400, 'description' => 'The protection rule ID is duplicate.'], + ['code' => 'Defense.Control.DefenseRuleNameAlreadyInUse', 'message' => 'Protection rule duplicate name.', 'http_code' => 400, 'description' => 'The name of the protection rule exists.'], + ['code' => 'Defense.Control.DefenseRuleNameAlreadyInUse', 'message' => 'The name of the protection rule exists.', 'http_code' => 400, 'description' => 'The name of the protection rule exists.'], + ['code' => 'Defense.Control.DefenseRuleNameConflict', 'message' => 'Duplicate protection rule name in batch request.', 'http_code' => 400, 'description' => 'Duplicate protection rule names are specified in the batch of requests.'], + ['code' => 'Defense.Control.DefenseRuleNameConflict', 'message' => 'Duplicate protection rule names are specified in the batch of requests.', 'http_code' => 400, 'description' => 'Duplicate protection rule names are specified in the batch of requests.'], + ['code' => 'Defense.Control.DefenseRuleNameInvalid', 'message' => 'Illegal protection rule name.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleNameInvalid', 'message' => 'The name of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleNotExist', 'message' => 'Protection rule does not exist.', 'http_code' => 400, 'description' => 'The protection rule does not exist.'], + ['code' => 'Defense.Control.DefenseRuleNotExist', 'message' => 'The protection rule does not exist.', 'http_code' => 400, 'description' => 'The protection rule does not exist.'], + ['code' => 'Defense.Control.DefenseRuleNotPermitCreate', 'message' => 'This protection scenario rule is not allowed to be created.', 'http_code' => 400, 'description' => 'This protection scenario rule is not allowed to be created.'], + ['code' => 'Defense.Control.DefenseRuleNotPermitDelete', 'message' => 'The protection scenario rule cannot be deleted.', 'http_code' => 400, 'description' => 'The protection scenario rule cannot be deleted.'], + ['code' => 'Defense.Control.DefenseRuleOriginEmpty', 'message' => 'The source of protection rule cannot be empty.', 'http_code' => 400, 'description' => 'You must specify the source of the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleOriginEmpty', 'message' => 'You must specify the source of the protection rule.', 'http_code' => 400, 'description' => 'You must specify the source of the protection rule.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitInvalid', 'message' => 'Speed limit configuration of invalid protection rules.', 'http_code' => 400, 'description' => 'The rate-limiting configuration of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitInvalid', 'message' => 'The rate-limiting configuration of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The rate-limiting configuration of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitTargetInvalid', 'message' => 'Invalid protection rule speed limit target.', 'http_code' => 400, 'description' => 'The rate-limiting statistical object of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleRateLimitTargetInvalid', 'message' => 'The rate-limiting threshold of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The rate-limiting threshold of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleStatusInvalid', 'message' => 'Illegal protection rule status.', 'http_code' => 400, 'description' => 'The status of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleStatusInvalid', 'message' => 'The status of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The status of the protection rule is invalid.'], + ['code' => 'Defense.Control.DefenseRuleStatusNotSupported', 'message' => 'The operation is not supported in the current protection rule state.', 'http_code' => 400, 'description' => 'The operation is not supported in the current protection rule state'], + ['code' => 'Defense.Control.DefenseRuleTamperProofConfigInvalid', 'message' => 'Site tamper prevention configuration error in protection rules.', 'http_code' => 400, 'description' => 'The website tamper-proofing configuration is invalid.'], + ['code' => 'Defense.Control.DefenseRuleTamperProofProtocolConflict', 'message' => 'Site tamper-proof protocol conflict in protection rules.', 'http_code' => 400, 'description' => 'The protocol in the website tamper-proofing rule conflicts.'], + ['code' => 'Defense.Control.DefenseRuleTimeConfigInvalid', 'message' => 'The timing configuration of the rule is invalid.', 'http_code' => 400, 'description' => 'Invalid validity period configurations for protection rules'], + ['code' => 'Defense.Control.DefenseRuleUpstreamActionConfigInvalid', 'message' => 'The configuration of the upstream tagging action is invalid.', 'http_code' => 400, 'description' => 'Invalid configurations for marking back-to-origin requests'], + ['code' => 'Defense.Control.DefenseRuleUrlConflict', 'message' => 'Page tamper-proof rule URL duplication.', 'http_code' => 400, 'description' => 'The protected URL in the website tamper-proofing rule already exists.'], + ['code' => 'Defense.Control.DefenseSaleSpecValueInvalid', 'message' => 'Sales Rule Configuration Exception.', 'http_code' => 400, 'description' => 'The configuration of the sales rule is abnormal.'], + ['code' => 'Defense.Control.DefenseSaleSpecValueInvalid', 'message' => 'The configuration of the sales rule is abnormal.', 'http_code' => 400, 'description' => 'The configuration of the sales rule is abnormal.'], + ['code' => 'Defense.Control.DefenseSceneNotSupported', 'message' => 'This protection scenario is not supported.', 'http_code' => 400, 'description' => 'The protection scenario is not supported.'], + ['code' => 'Defense.Control.DefenseSceneNotSupported', 'message' => 'The protection scenario is not supported.', 'http_code' => 400, 'description' => 'The protection scenario is not supported.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindNotSupportAsset', 'message' => 'The protection template does not support binding or unbinding protected assets. Only protected objects and protected groups are supported.', 'http_code' => 400, 'description' => 'The protection template does not support binding or unbinding protected assets. Only protected objects and protected groups are supported.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindOnlySupportAsset', 'message' => 'The protection template only supports binding or unbinding protected assets, but does not support binding or unbinding protected objects and protected groups.', 'http_code' => 400, 'description' => 'The protection template only supports binding or unbinding protected assets, but does not support binding or unbinding protected objects and protection groups.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceInvalid', 'message' => 'If the resource bound or unbound by the protection template is invalid, it may have been added to other user-defined templates or protection groups.', 'http_code' => 400, 'description' => 'The protected resource that is bound to or unbound from the protection template is invalid. The protected resource is bound to other custom templates or added to protected object groups.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceInvalid', 'message' => 'The protected object that is bound to or unbound from the protection template is invalid. The protected object is bound to other custom templates or added to protected object groups.', 'http_code' => 400, 'description' => 'The protected resource that is bound to or unbound from the protection template is invalid. The protected resource is bound to other custom templates or added to protected object groups.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceNotFound', 'message' => 'The resource bound or unbound by the protection template was not found.', 'http_code' => 400, 'description' => 'Failed to find the protected resource that is bound to or unbound from the protection template.'], + ['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceNotFound', 'message' => 'Failed to find the protected object that is bound to or unbound from the protection template.', 'http_code' => 400, 'description' => 'Failed to find the protected resource that is bound to or unbound from the protection template.'], + ['code' => 'Defense.Control.DefenseTemplateCountOverSize', 'message' => 'The number of protective templates exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection templates exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseTemplateCountOverSize', 'message' => 'The number of protection templates exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection templates exceeds the limit.'], + ['code' => 'Defense.Control.DefenseTemplateDescriptionInvalid', 'message' => 'Illegal protection template description.', 'http_code' => 400, 'description' => 'The description of the protection template is invalid.'], + ['code' => 'Defense.Control.DefenseTemplateDetailInvalid', 'message' => 'Protection template configuration details field is invalid.', 'http_code' => 400, 'description' => 'Protection template configuration details field is invalid'], + ['code' => 'Defense.Control.DefenseTemplateInGrayOperation', 'message' => 'Protection template grayscale upgrade operation, please try again later.', 'http_code' => 400, 'description' => 'Protection template grayscale upgrade operation, please try again later'], + ['code' => 'Defense.Control.DefenseTemplateInOperation', 'message' => 'Protective template operation, please try again later.', 'http_code' => 400, 'description' => 'The protection template is in use. Try again later.'], + ['code' => 'Defense.Control.DefenseTemplateNameInUse', 'message' => 'Protection template name has been used.', 'http_code' => 400, 'description' => 'The name of the protection template is being used.'], + ['code' => 'Defense.Control.DefenseTemplateNameInUse', 'message' => 'The name of the protection template is being used.', 'http_code' => 400, 'description' => 'The name of the protection template is being used.'], + ['code' => 'Defense.Control.DefenseTemplateNotExist', 'message' => 'Protective template does not exist.', 'http_code' => 400, 'description' => 'The protection template does not exist.'], + ['code' => 'Defense.Control.DefenseTemplateNotExist', 'message' => 'The protection template does not exist.', 'http_code' => 400, 'description' => 'The protection template does not exist.'], + ['code' => 'Defense.Control.DefenseTemplateOwnedByAnotherUser', 'message' => 'Protection template does not belong to this user.', 'http_code' => 400, 'description' => 'The protection template does not belong to the user.'], + ['code' => 'Defense.Control.DefenseTemplateOwnedByAnotherUser', 'message' => 'The protection template does not belong to the user.', 'http_code' => 400, 'description' => 'The protection template does not belong to the user.'], + ['code' => 'Defense.Control.DefenseTemplateRuleNotPermitCreate', 'message' => 'You cannot create protection rules.', 'http_code' => 400, 'description' => 'This protection module rule does not allow creation'], + ['code' => 'Defense.Control.DefenseTemplateRuleNotPermitDelete', 'message' => 'Rules in this protection policy are not allowed to be deleted.', 'http_code' => 400, 'description' => 'You cannot delete protection rules from the protection template.'], + ['code' => 'Defense.Control.DefenseTemplateRuleNotPermitDelete', 'message' => 'You cannot delete protection rules.', 'http_code' => 400, 'description' => 'You cannot delete protection rules.'], + ['code' => 'Defense.Control.DefenseTemplateRuleStatusNotPermitModify', 'message' => 'The status of this protection rule cannot be modified.', 'http_code' => 400, 'description' => 'The status of the protection rule cannot be modified.'], + ['code' => 'Defense.Control.DefenseTemplateStatusInvalid', 'message' => 'Illegal status of protective template.', 'http_code' => 400, 'description' => 'The status of the protection template is invalid.'], + ['code' => 'Defense.Control.DefenseTemplateStatusInvalid', 'message' => 'The status of the protection template is invalid.', 'http_code' => 400, 'description' => 'The status of the protection template is invalid.'], + ['code' => 'Defense.Control.DefenseTemplateTypeBindUnbindResourceInvalid', 'message' => 'Only user-defined protection templates can bind or unbind protection resources.', 'http_code' => 400, 'description' => 'Only custom protection templates can be bound to or unbound from protected resources.'], + ['code' => 'Defense.Control.DefenseTemplateTypeBindUnbindResourceInvalid', 'message' => 'Only custom protection templates can be bound to or unbound from protected resources.', 'http_code' => 400, 'description' => 'Only custom protection templates can be bound to or unbound from protected resources.'], + ['code' => 'Defense.Control.DefenseTemplateUserDefaultExist', 'message' => 'User default protection template already exists.', 'http_code' => 400, 'description' => 'The default protection template exists.'], + ['code' => 'Defense.Control.DefenseTemplateUserDefaultExist', 'message' => 'The default protection template exists.', 'http_code' => 400, 'description' => 'The default protection template exists.'], + ['code' => 'Defense.Control.DefenseTemplateUserDefaultNotSupport', 'message' => 'The default protection template is not supported.', 'http_code' => 400, 'description' => 'The default protection template is not supported.'], + ['code' => 'Defense.Control.DefenseTestActionInvalid', 'message' => 'Illegal test of protective function action.', 'http_code' => 400, 'description' => 'The action that is used to test the protection feature is invalid.'], + ['code' => 'Defense.Control.DefenseTestExpiredTimeInvalid', 'message' => 'Illegal timeout for testing protective functions.', 'http_code' => 400, 'description' => 'The timeout period to test the protection feature is invalid.'], + ['code' => 'Defense.Control.DefenseTestUserIpInvalid', 'message' => 'Illegal user IP to test protection function.', 'http_code' => 400, 'description' => 'The IP address that is used to test the protection feature is invalid.'], + ['code' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', 'message' => 'Threat Intelligence Rule configuration error.', 'http_code' => 400, 'description' => 'Threat Intelligence Rule configuration error. %s'], + ['code' => 'Defense.Control.DefenseTraceIdInvalid', 'message' => 'The format of the log request ID is incorrect.', 'http_code' => 400, 'description' => 'The log request ID format is incorrect'], + ['code' => 'Defense.Control.DefenseTrafficGuideAlreadyExist', 'message' => 'Drainage strategy already exists.', 'http_code' => 400, 'description' => 'Drainage strategy already exists.'], + ['code' => 'Defense.Control.DefenseTrafficGuideConfigModelInvalid', 'message' => 'Drainage strategy mode is invalid.', 'http_code' => 400, 'description' => 'Drainage strategy mode is invalid.'], + ['code' => 'Defense.Control.DefenseTrafficGuideConfigProductInvalid', 'message' => 'Drainage strategy products are ineffective.', 'http_code' => 400, 'description' => 'The traffic‑generation strategy product is ineffective.'], + ['code' => 'Defense.Control.DefenseTrafficGuideConfigStrategyInvalid', 'message' => 'The drainage strategy is ineffective.', 'http_code' => 400, 'description' => 'The drainage strategy is ineffective.'], + ['code' => 'Defense.Control.DefenseTrafficGuideCountOverSize', 'message' => 'Only one drainage strategy is supported.', 'http_code' => 400, 'description' => 'Only one drainage strategy is supported.'], + ['code' => 'Defense.Control.DefenseTrafficGuideRuleCountOverSize', 'message' => 'The number of regular or precise rules for drainage policies exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular or precise rules for drainage policies exceeds the limit.'], + ['code' => 'Defense.Control.DefenseUploadOssFileFailed', 'message' => 'Failed to upload OSS files.', 'http_code' => 400, 'description' => 'Failed to upload the OSS file.'], + ['code' => 'Defense.Control.DefenseVastIpDescriptionInvalid', 'message' => 'The description of the IP address blacklist is invalid.', 'http_code' => 400, 'description' => 'The description of the IP address blacklist is invalid.'], + ['code' => 'Defense.Control.DefenseVastIpExpiredTimeInvalid', 'message' => 'The expiration time of the IP address blacklist for protection for major events is invalid.', 'http_code' => 400, 'description' => 'The expiration time of the IP address blacklist for protection for major events is invalid.'], + ['code' => 'Defense.Control.DefenseVastIpFileEmpty', 'message' => 'The content of the IP address blacklist file for protection for major events is empty.', 'http_code' => 400, 'description' => 'The IP address blacklist file for protection for major events is empty.'], + ['code' => 'Defense.Control.DefenseVastIpFileFormatError', 'message' => 'The format of the IP address blacklist file for protection for major events is invalid.', 'http_code' => 400, 'description' => 'The format of the IP address blacklist file for protection for major events is invalid.'], + ['code' => 'Defense.Control.DefenseVastIpFileOversize', 'message' => 'The number of IP addresses in the IP address blacklist file for protection for major events exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist file for protection for major events exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseVastIpOperationCountOversize', 'message' => 'The number of IP addresses that are operated each time exceeds the upper limit. The IP addresses are the IP addresses in the IP address blacklist for protection for major events.', 'http_code' => 400, 'description' => 'The number of IP addresses that are operated each time exceeds the upper limit. The IP addresses are the IP addresses in the IP address blacklist for protection for major events.'], + ['code' => 'Defense.Control.DefenseVastIpTotalCountOversize', 'message' => 'The total number of IP addresses in the IP address blacklist for protection for major events exceeds the upper limit.', 'http_code' => 400, 'description' => 'The total number of IP addresses in the IP address blacklist for protection for major events exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseVastIpUploadFormError', 'message' => 'Failed to obtain the information about the uploaded IP address blacklist file for protection for major events.', 'http_code' => 400, 'description' => 'Failed to obtain the information about the uploaded IP address blacklist file for protection for major events.'], + ['code' => 'Defense.Control.DefenseWafCustomRuleCompileFailed', 'message' => 'Custom regular rule compilation failed.', 'http_code' => 400, 'description' => 'Custom regular rule compilation failed'], + ['code' => 'Defense.Control.DefenseWafCustomRuleConfigInvalid', 'message' => 'Invalid custom regular rule configuration.', 'http_code' => 400, 'description' => 'Invalid custom regular rule configuration.'], + ['code' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', 'message' => 'The whitelist protection rule does not exist.', 'http_code' => 400, 'description' => 'The whitelist protection rule does not exist. Rule ID:%s.'], + ['code' => 'Defense.Control.DefenseWhitelistBypassTagInvalid', 'message' => 'The white mark in the white list is invalid.', 'http_code' => 400, 'description' => 'The whitelist tag is invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistBypassTagInvalid', 'message' => 'The whitelist parameter is invalid.', 'http_code' => 400, 'description' => 'The whitelist parameter is invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistCategoryInvalid', 'message' => 'Invalid whitelist whitelist policy module.', 'http_code' => 400, 'description' => 'Protection modules defined in the whitelist are invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistCategoryInvalid', 'message' => 'Protection modules defined in the whitelist are invalid.', 'http_code' => 400, 'description' => 'Protection modules that are defined in the whitelist are invalid.'], + ['code' => 'Defense.Control.DefenseWhitelistConfigInvalid', 'message' => 'The whitelist rule is misconfigured.', 'http_code' => 400, 'description' => 'Error configuring whitelist rule: %s.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularRuleSize', 'message' => 'The number of white regular rule IDS in the white list exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular expression rules in the whitelist exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularRuleSize', 'message' => 'The number of regular expression rules in the whitelist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular expression rules in the whitelist exceeds the limit.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularTypeSize', 'message' => 'The number of white regular rule types in the white list exceeds the limit.', 'http_code' => 400, 'description' => 'The number of types of regular expression rules in the whitelist exceeds the upper limit.'], + ['code' => 'Defense.Control.DefenseWhitelistRegularTypeSize', 'message' => 'The number of types of regular expression rules in the whitelist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of types of regular expression rules in the whitelist exceeds the limit.'], + ['code' => 'Defense.Control.InvalidDefenseRuleID', 'message' => 'The protection rule ID is invalid.', 'http_code' => 400, 'description' => 'The protection rule ID is invalid.'], + ['code' => 'Defense.Control.InvalidParameter', 'message' => 'Invalid parameter.', 'http_code' => 400, 'description' => 'The parameter is invalid.'], + ['code' => 'Defense.Control.InvalidParameter', 'message' => 'The parameter is invalid.', 'http_code' => 400, 'description' => 'The parameter is invalid.'], + ['code' => 'Defense.Control.ProductNotSupportRule', 'message' => 'Access mode does not support this protection scenario rule.%s.', 'http_code' => 400, 'description' => 'Access mode does not support this protection scenario rule.%s.'], + ['code' => 'DlpUsed', 'message' => 'The feature of data leakage prevention is being used.', 'http_code' => 400, 'description' => 'The data leakage prevention feature is in effect.'], + ['code' => 'DomainDuplicateError', 'message' => 'The domain has been configured.', 'http_code' => 400, 'description' => 'The configuration of the domain name is complete.'], + ['code' => 'DomainNotBeianOrInBlackList', 'message' => 'The domain does not have an ICP filling or has been blacklisted.', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or is added to the blacklist.'], + ['code' => 'DomainNotBeianOrInBlackList', 'message' => 'Blacklist or Domain Names That Do Not Have ICP Filings', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or has committed a penalty.'], + ['code' => 'DomainNotExist', 'message' => 'The specified domain does not exist.', 'http_code' => 400, 'description' => 'The specified domain name does not exist.'], + ['code' => 'DomainQuotaExceed', 'message' => 'Domain Quota Exceed.', 'http_code' => 400, 'description' => 'The quota of domain names is reached.'], + ['code' => 'DomainRetSourceNotSupport', 'message' => 'Your waf does not support return to domain.', 'http_code' => 400, 'description' => 'Your WAF instance does not support back-to-origin domain names.'], + ['code' => 'DomainUsedByOthers', 'message' => 'The domain name is being used by another owner.', 'http_code' => 400, 'description' => 'The domain name is being used by another user.'], + ['code' => 'DrainageOverrun', 'message' => 'The number of ports for which WAF protection is enabled exceeds the quota.', 'http_code' => 403, 'description' => 'The number of connected ports exceeds the system limit.'], + ['code' => 'ExtensiveDomainUsedError', 'message' => 'Another user has used this wildcard domain in Waf.', 'http_code' => 400, 'description' => 'The wildcard domain is already used.'], + ['code' => 'FunctionAvailableError', 'message' => 'The function is not available.', 'http_code' => 403, 'description' => 'The function is not available.'], + ['code' => 'IllegalDefaultCertificate', 'message' => 'The default certificate does not exist.', 'http_code' => 403, 'description' => 'The default certificate for transparent access is invalid.'], + ['code' => 'InternalError', 'message' => 'Unknown error.', 'http_code' => 500, 'description' => 'Request processing failed due to unknown error'], + ['code' => 'InvalidIncludeSubDomainWithPreload', 'message' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'http_code' => 400, 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'], + ['code' => 'InvalidParameter', 'message' => 'Invalid parameter.', 'http_code' => 400, 'description' => 'Invalid parameter'], + ['code' => 'InvalidParameters', 'message' => 'Invalid parameters.', 'http_code' => 400, 'description' => 'The parameters are illegal.'], + ['code' => 'Log.Control.ApisecSpecInfoNotFound', 'message' => 'API security service has not been activated.', 'http_code' => 400, 'description' => 'API security service has not been activated.'], + ['code' => 'Log.Control.AssumeRoleFailed', 'message' => 'Insufficient permissions, please authorize.', 'http_code' => 400, 'description' => 'You do not have the required permissions. Obtain the required permissions.'], + ['code' => 'Log.Control.AssumeRoleFailed', 'message' => 'You do not have the required permissions. Obtain the required permissions.', 'http_code' => 400, 'description' => 'You do not have the required permissions. Obtain the required permissions.'], + ['code' => 'Log.Control.BatchDescribeSlsDispatchStatusFailed', 'message' => 'Query whether SLS service is open error.', 'http_code' => 400, 'description' => 'Failed to check whether Log Service is activated.'], + ['code' => 'Log.Control.BatchDescribeSlsDispatchStatusFailed', 'message' => 'Failed to check whether Log Service is activated.', 'http_code' => 400, 'description' => 'Failed to check whether Log Service is activated.'], + ['code' => 'Log.Control.BatchDescribeSlsLogStoreFailed', 'message' => 'Failed to obtain the logstore list of Log Service SLS.', 'http_code' => 400, 'description' => 'Failed to obtain the logstore list of Log Service SLS.'], + ['code' => 'Log.Control.BatchDescribeSlsProjectFailed', 'message' => 'Failed to obtain the project list of Log Service SLS.', 'http_code' => 400, 'description' => 'Failed to obtain the project list of Log Service SLS.'], + ['code' => 'Log.Control.ClusterDeliveryNameEmpty', 'message' => 'When you enable WAF cluster outgoing logs, the outgoing configuration name cannot be empty.', 'http_code' => 400, 'description' => 'When you enable WAF cluster outgoing logs, the outgoing configuration name cannot be empty.'], + ['code' => 'Log.Control.CreateEtlMetaFailed', 'message' => 'Open Log Distribution Failed.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'], + ['code' => 'Log.Control.CreateEtlMetaFailed', 'message' => 'Failed to enable the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'], + ['code' => 'Log.Control.CreateProjectLogstoreFailed', 'message' => 'Failed to create Projects and Logstores.', 'http_code' => 400, 'description' => 'Failed to create a project and a Logstore.'], + ['code' => 'Log.Control.CreateProjectLogstoreFailed', 'message' => 'Failed to create a project and a Logstore.', 'http_code' => 400, 'description' => 'Failed to create a project and a Logstore.'], + ['code' => 'Log.Control.DeleteEtlMetaFailed', 'message' => 'Failed to close log distribution.', 'http_code' => 400, 'description' => 'Failed to disable the Log Service for WAF feature.'], + ['code' => 'Log.Control.DeleteEtlMetaFailed', 'message' => 'Failed to disable the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to disable the Log Service for WAF feature.'], + ['code' => 'Log.Control.DeleteLogStoreFailed', 'message' => 'Failed to delete LogStore.', 'http_code' => 400, 'description' => 'Failed to delete the Logstore.'], + ['code' => 'Log.Control.DeleteLogStoreFailed', 'message' => 'Failed to delete the Logstore.', 'http_code' => 400, 'description' => 'Failed to delete the Logstore.'], + ['code' => 'Log.Control.DeliveryConfigCountExceed', 'message' => 'The count of WAF outgoing configurations exceeds the limit.', 'http_code' => 400, 'description' => 'The number of WAF outgoing configurations exceeds the limit.'], + ['code' => 'Log.Control.DeliveryConfigInUse', 'message' => 'WAF cluster outgoing configuration is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'The delivery configuration is in use and cannot be deleted.'], + ['code' => 'Log.Control.DeliveryConfigNameDuplicate', 'message' => 'WAF outgoing configuration name is duplicate.', 'http_code' => 400, 'description' => 'WAF outgoing configuration name is duplicate.'], + ['code' => 'Log.Control.DeliveryConfigNotExist', 'message' => 'The WAF cluster log outgoing configuration does not exist.', 'http_code' => 400, 'description' => 'The WAF cluster log outgoing configuration does not exist.'], + ['code' => 'Log.Control.DescribeLogstoreInfoFailed', 'message' => 'Failed to view LogStore information.', 'http_code' => 400, 'description' => 'Failed to view the Logstore information.'], + ['code' => 'Log.Control.DescribeLogstoreInfoFailed', 'message' => 'Failed to view the Logstore information.', 'http_code' => 400, 'description' => 'Failed to view the Logstore information.'], + ['code' => 'Log.Control.DescribeSlsAuthFailed', 'message' => 'Error querying user for authorization to operate SLS resource.', 'http_code' => 400, 'description' => 'Failed to check whether a user is authorized to manage Log Service resources.'], + ['code' => 'Log.Control.DescribeSlsAuthFailed', 'message' => 'Failed to check whether a user is authorized to manage Log Service resources.', 'http_code' => 400, 'description' => 'Failed to check whether a user is authorized to manage Log Service resources.'], + ['code' => 'Log.Control.DescribeSlsDispatchStatusFailed', 'message' => 'Query Log Distribution Status Error.', 'http_code' => 400, 'description' => 'Failed to query the status of the Log Service for WAF feature.'], + ['code' => 'Log.Control.DescribeSlsDispatchStatusFailed', 'message' => 'Failed to query the status of the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to query the status of the Log Service for WAF feature.'], + ['code' => 'Log.Control.EtlMetaExistError', 'message' => 'Log distribution already exists.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is enabled.'], + ['code' => 'Log.Control.EtlMetaExistError', 'message' => 'The Log Service for WAF feature is enabled.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is enabled.'], + ['code' => 'Log.Control.EtlMetaNotExist', 'message' => 'Log distribution configuration does not exist.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is not enabled.'], + ['code' => 'Log.Control.EtlMetaNotExist', 'message' => 'The Log Service for WAF feature is not enabled.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is not enabled.'], + ['code' => 'Log.Control.HybridCloudNotSupport', 'message' => 'The hybrid cloud extension node is not supported. Please purchase and try again.', 'http_code' => 400, 'description' => 'The hybrid cloud extension node is not supported. Please purchase and try again.'], + ['code' => 'Log.Control.HybridClusterNotExist', 'message' => 'The hybrid cloud cluster does not exist.', 'http_code' => 400, 'description' => 'The hybrid cloud cluster does not exist.'], + ['code' => 'Log.Control.InDebtError', 'message' => 'You have a bill in arrears and do not meet the requirements for automatic logging service. Please recharge your bill and settle it before trying again.', 'http_code' => 400, 'description' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.'], + ['code' => 'Log.Control.InDebtError', 'message' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.', 'http_code' => 400, 'description' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.'], + ['code' => 'Log.Control.InvalidAssertKey', 'message' => 'The AssertKey is invalid.', 'http_code' => 400, 'description' => 'Invalid AssertKey parameter'], + ['code' => 'Log.Control.InvalidInstanceId', 'message' => 'The instance ID is invalid.', 'http_code' => 400, 'description' => 'The instance ID is invalid.'], + ['code' => 'Log.Control.InvalidParameter', 'message' => 'The parameter is invalid.', 'http_code' => 400, 'description' => 'The request parameter is invalid. Please verify the request parameter.'], + ['code' => 'Log.Control.InvalidParameter', 'message' => 'Parameter error. Check and correct the parameter and try again.', 'http_code' => 400, 'description' => 'Parameter error. Check and correct the parameter and try again.'], + ['code' => 'Log.Control.InvalidSlsParam', 'message' => 'Invalid parameters for Log Service SLS.', 'http_code' => 400, 'description' => 'Invalid parameters for Log Service SLS'], + ['code' => 'Log.Control.InvalidUserId', 'message' => 'Invalid user id.', 'http_code' => 400, 'description' => 'The user ID is invalid.'], + ['code' => 'Log.Control.InvalidUserId', 'message' => 'The user ID is invalid.', 'http_code' => 400, 'description' => 'The user ID is invalid.'], + ['code' => 'Log.Control.KafkaConfigParamError', 'message' => 'The Kafka log outgoing configuration parameter is incorrect.', 'http_code' => 400, 'description' => 'The Kafka log outgoing configuration parameter is incorrect.'], + ['code' => 'Log.Control.LogServiceNotSupport', 'message' => 'Log Service is not supported. Please try again after purchasing.', 'http_code' => 400, 'description' => 'Log Service is not supported. Please try again after purchasing.'], + ['code' => 'Log.Control.ModifyEtlMetaFailed', 'message' => 'Failed to modify log distribution configuration.', 'http_code' => 400, 'description' => 'Failed to modify the configuration of the Log Service for WAF feature.'], + ['code' => 'Log.Control.ModifyEtlMetaFailed', 'message' => 'Failed to modify the configuration of the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to modify the configuration of the Log Service for WAF feature.'], + ['code' => 'Log.Control.ModifyUserLogFieldConfigError', 'message' => 'The user failed to modify the log field.', 'http_code' => 400, 'description' => 'Failed to modify the log fields.'], + ['code' => 'Log.Control.ModifyUserLogFieldConfigError', 'message' => 'Failed to modify the log fields.', 'http_code' => 400, 'description' => 'Failed to modify the log fields.'], + ['code' => 'Log.Control.ModifyUserLogSpecError', 'message' => 'modify user log spec code failed, please try again later.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'], + ['code' => 'Log.Control.OpenSlsServiceFailed', 'message' => 'Failed to open SLS.', 'http_code' => 400, 'description' => 'Failed to activate Log Service.'], + ['code' => 'Log.Control.OpenSlsServiceFailed', 'message' => 'Failed to activate Log Service.', 'http_code' => 400, 'description' => 'Failed to activate Log Service.'], + ['code' => 'Log.Control.ResourceCountTooMuch', 'message' => 'When querying the log delivery status of protected resources, the number of protected resources exceeds the limit.', 'http_code' => 400, 'description' => 'When querying the log delivery status of protected resources, the number of protected resources exceeds the limit.'], + ['code' => 'Log.Control.ResourceDeliveryNameEmpty', 'message' => 'When you enable external log delivery for protected resources, the external delivery configuration name cannot be empty.', 'http_code' => 400, 'description' => 'When you enable external log delivery for protected resources, the external delivery configuration name cannot be empty.'], + ['code' => 'Log.Control.ResourceNotExist', 'message' => 'The protected resource does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'], + ['code' => 'Log.Control.ResourceNotSupportDelivery', 'message' => 'The protected resource does not support enabling external log delivery.', 'http_code' => 400, 'description' => 'The protected resource does not support enabling external log delivery.'], + ['code' => 'Log.Control.SlsLogStoreNotExist', 'message' => 'LogStore for SLS does not exist.', 'http_code' => 400, 'description' => 'The Logstore does not exist.'], + ['code' => 'Log.Control.SlsLogStoreNotExist', 'message' => 'The Logstore does not exist.', 'http_code' => 400, 'description' => 'The Logstore does not exist.'], + ['code' => 'Log.Control.SlsProjectNotExist', 'message' => 'Projects for SLS do not exist.', 'http_code' => 400, 'description' => 'The project does not exist.'], + ['code' => 'Log.Control.SlsProjectNotExist', 'message' => 'The project does not exist.', 'http_code' => 400, 'description' => 'The project does not exist.'], + ['code' => 'Log.Control.SyslogConfigParamError', 'message' => 'Syslog outgoing configuration parameter error.', 'http_code' => 400, 'description' => 'Syslog outgoing configuration parameter error.'], + ['code' => 'Log.Control.UserLogFieldIsUpdating', 'message' => 'The user log field is being configured.', 'http_code' => 400, 'description' => 'The log fields are being configured.'], + ['code' => 'Log.Control.UserLogFieldIsUpdating', 'message' => 'The log field is being configured.', 'http_code' => 400, 'description' => 'The log field is being configured.'], + ['code' => 'Log.Control.UserLogOpenedError', 'message' => 'Log Service activation failed.', 'http_code' => 400, 'description' => 'Log Service activation failed.'], + ['code' => 'Log.Control.UserRegionNotFound', 'message' => 'User region not found.', 'http_code' => 400, 'description' => 'User region not found.'], + ['code' => 'NoPermission', 'message' => 'The current operation is not authorized. Please contact the main account to perform authorization after the RAM console is authorized.', 'http_code' => 400, 'description' => 'You are not authorized to perform this operation. Contact the owner of the Alibaba Cloud account to obtain authorization in the RAM console.'], + ['code' => 'NoPermissonCreatesServiceLinkedRole', 'message' => 'No Permisson Create Service Linked Role.', 'http_code' => 400, 'description' => 'You do not have the permissions to create the service-linked role.'], + ['code' => 'NormalizedUsed', 'message' => 'The feature of positive security model is being used.', 'http_code' => 400, 'description' => 'The positive security model is in use'], + ['code' => 'ParamError', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The requested parameter is invalid.'], + ['code' => 'PropertyConvertFailed', 'message' => 'The property convert failed.', 'http_code' => 400, 'description' => 'Request processing failed due to an unknown error.'], + ['code' => 'Rasp.Attach.DeleteFail', 'message' => 'The access record in the access switch ON state cannot be deleted.', 'http_code' => 200, 'description' => 'The access record in the access switch ON state cannot be deleted.'], + ['code' => 'Rasp.Sale.NotExist', 'message' => 'User not purchased.', 'http_code' => 400, 'description' => 'The user has not purchased a RASP instance.'], + ['code' => 'Rasp.UnexpectedError', 'message' => 'Unknown error.', 'http_code' => 500, 'description' => 'Request processing failed due to unknown error'], + ['code' => 'RedirectionStarting', 'message' => 'WAF protection is being enabled for the port. Try again later.', 'http_code' => 403, 'description' => 'WAF protection is being enabled for the port. Try again later.'], + ['code' => 'RequestError', 'message' => 'The system is unavailable. Please try again later.', 'http_code' => 400, 'description' => 'The system is unavailable. Try again later.'], + ['code' => 'RiskyDomain', 'message' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.', 'http_code' => 400, 'description' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.'."\n"], + ['code' => 'RoleAlreadyExists', 'message' => 'Service Linked Role Already Exists.', 'http_code' => 400, 'description' => 'The role already exists.'], + ['code' => 'RsListenPortError', 'message' => 'The specified origin server listening port is invalid.', 'http_code' => 403, 'description' => 'The specified origin server listening port is invalid.'], + ['code' => 'Rule.Service.CustomRuleGroupCountGreaterMaxCapacity', 'message' => 'The number of custom rule groups exceeds the purchase limit.', 'http_code' => 400, 'description' => 'The number of custom rule groups exceeds the upper limit.'], + ['code' => 'Rule.Service.CustomRuleGroupCountGreaterMaxCapacity', 'message' => 'The number of custom rule groups exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of custom rule groups exceeds the upper limit.'], + ['code' => 'Rule.Service.GenericException', 'message' => 'Internal error.', 'http_code' => 400, 'description' => 'An internal error occurred.'], + ['code' => 'Rule.Service.GenericException', 'message' => 'A system error occurred.', 'http_code' => 400, 'description' => 'A system error occurred.'], + ['code' => 'Rule.Service.InternalUnknownError', 'message' => 'Unknown error.', 'http_code' => 400, 'description' => 'An unknown error occurred.'], + ['code' => 'Rule.Service.InternalUnknownError', 'message' => 'An unknown error occurred.', 'http_code' => 400, 'description' => 'An unknown error occurred.'], + ['code' => 'Rule.Service.InvalidParameter', 'message' => 'Parameter check failed.', 'http_code' => 400, 'description' => 'Failed to verify parameters.'], + ['code' => 'Rule.Service.InvalidParameter', 'message' => 'Failed to verify parameters.', 'http_code' => 400, 'description' => 'Failed to verify parameters.'], + ['code' => 'Rule.Service.NotFoundObject', 'message' => 'No corresponding data found.', 'http_code' => 400, 'description' => 'Failed to find the specified data.'], + ['code' => 'Rule.Service.NotFoundObject', 'message' => 'Failed to find the specified data.', 'http_code' => 400, 'description' => 'Failed to find the specified data.'], + ['code' => 'Rule.Service.NotFoundPolicy', 'message' => 'Rule group not found.', 'http_code' => 400, 'description' => 'No rule groups found.'], + ['code' => 'Rule.Service.NotFoundPolicy', 'message' => 'No rule groups found.', 'http_code' => 400, 'description' => 'No rule groups are found.'], + ['code' => 'Rule.Service.NotFoundRule', 'message' => 'No rules found.', 'http_code' => 400, 'description' => 'No rules are found.'], + ['code' => 'Rule.Service.NotSupportedCustomRuleGroup', 'message' => 'Custom rule group not purchased, please upgrade.', 'http_code' => 400, 'description' => 'The custom rule group is not supported. Upgrade your instance and try again.'], + ['code' => 'Rule.Service.NotSupportedCustomRuleGroup', 'message' => 'The custom rule group is not supported.', 'http_code' => 400, 'description' => 'The custom rule group is not supported.'], + ['code' => 'Rule.Service.NotSupportedOperation', 'message' => 'This operation is not supported.', 'http_code' => 400, 'description' => 'The operation is not supported.'], + ['code' => 'Rule.Service.NotSupportedOperation', 'message' => 'The operation is not supported.', 'http_code' => 400, 'description' => 'The operation is not supported.'], + ['code' => 'Rule.Service.ParameterFormatError', 'message' => 'Parameter format error.', 'http_code' => 400, 'description' => 'The parameter format is invalid.'], + ['code' => 'Rule.Service.ParameterFormatError', 'message' => 'The format of the parameter is invalid.', 'http_code' => 400, 'description' => 'The format of the parameter is invalid.'], + ['code' => 'Rule.Service.ParameterIsEmpty', 'message' => 'Empty parameter.', 'http_code' => 400, 'description' => 'You must configure the parameter.'], + ['code' => 'Rule.Service.ParameterIsEmpty', 'message' => 'You must configure the parameter.', 'http_code' => 400, 'description' => 'You must configure the parameter.'], + ['code' => 'Rule.Service.ParameterNotInRange', 'message' => 'Parameter exceeded expected range.', 'http_code' => 400, 'description' => 'The parameter value is invalid.'], + ['code' => 'Rule.Service.ParameterNotInRange', 'message' => 'The parameter value is invalid.', 'http_code' => 400, 'description' => 'The parameter value is invalid.'], + ['code' => 'Rule.Service.PolicyNameAlreadyExist', 'message' => 'Rule group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'], + ['code' => 'Rule.Service.PolicyNameAlreadyExist', 'message' => 'The group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'], + ['code' => 'Rule.Service.PolicyStatusError', 'message' => 'Rule group in use, unable to operate.', 'http_code' => 400, 'description' => 'The rule group is in use and cannot be applied.'], + ['code' => 'Rule.Service.PolicyStatusError', 'message' => 'The rule group is in use and cannot be operated.', 'http_code' => 400, 'description' => 'The rule group is in use and cannot be operated.'], + ['code' => 'RuleNameDuplicated', 'message' => 'Rule name already in use.', 'http_code' => 400, 'description' => 'The name of the rule is used.'], + ['code' => 'RuleNameInvalidError', 'message' => 'The name of rule is invalid.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'], + ['code' => 'RuleNotExist', 'message' => 'The specified rule does not exist.', 'http_code' => 400, 'description' => 'The specified protection rule does not exist.'], + ['code' => 'RuleQueryParamError', 'message' => 'The request parameter is invalid.', 'http_code' => 403, 'description' => 'The request parameter is invalid.'], + ['code' => 'SecondLevelDomainQuotaExceed', 'message' => 'Second Level Domain Quota Exceed.', 'http_code' => 403, 'description' => 'Second Level Domain Quota Exceed.'], + ['code' => 'TamperproofUsed', 'message' => 'The feature of website tamper-proofing is being used.', 'http_code' => 400, 'description' => 'The website tamper-proofing feature is in use.'], + ['code' => 'TestErrorCode.%s.', 'message' => 'TestErrorMsg.%s.', 'http_code' => 400, 'description' => 'Error code of the test'], + ['code' => 'UnderDDoS', 'message' => 'The current WAF instance is in the defense/blackhole state, and it is not allowed to enable the Exclusive IP/GSLB configuration', 'http_code' => 400, 'description' => 'Traffic scrubbing or blackhole filtering is triggered for the WAF instance. You cannot enable Exclusive IP Address or Shared Cluster-based Intelligent Load Balancing.'], + ['code' => 'UserMigrating', 'message' => 'WAF user is migrating, the operation of resource does not support.', 'http_code' => 400, 'description' => 'WAF users are being migrated and cannot access resources.'], + ['code' => 'UserNotFound', 'message' => 'The specified user does not exist.', 'http_code' => 403, 'description' => 'The specified user does not exist.'], + ['code' => 'VasdUsedUp', 'message' => 'The resource package has been used up. For example, all VIP addresses are used.', 'http_code' => 403, 'description' => 'The resource package has been used up. For example, all VIP addresses are used.'], + ['code' => 'VerifyDomainCountExceed', 'message' => 'The number of domain names exceeds the limit. You can upgrade the domain package.', 'http_code' => 400, 'description' => 'The number of domain names exceeds the upper limit. You can upgrade the extra domain package.'], + ['code' => 'VerifyHttpPortNotSupport', 'message' => 'An invalid HTTP port is specified.', 'http_code' => 400, 'description' => 'The specified HTTP port is invalid.'], + ['code' => 'VerifyInfoLeakageNotSupport', 'message' => 'Information leakage prevention is not supported.', 'http_code' => 403, 'description' => 'Data leak prevention is not supported.'], + ['code' => 'VerifyMainDomainCountExceed', 'message' => 'The number of primary domains exceeds the limit. You can upgrade the domain package.', 'http_code' => 400, 'description' => 'The number of second-level domain names exceeds the upper limit. You can upgrade the domain name package.'], + ['code' => 'VerifyRuleCountExceed', 'message' => 'The number of rules exceeds the limit.', 'http_code' => 400, 'description' => 'The number of rules exceeds the upper limit.'], + ['code' => 'VerifyScreenNotSupport', 'message' => 'Large screens are not supported.', 'http_code' => 403, 'description' => 'The data visualization feature is not supported.'], + ['code' => 'VerifyTamperproofNotSupport', 'message' => 'Tamper resistance is not supported.', 'http_code' => 403, 'description' => 'Website tamper-proofing is not supported.'], + ['code' => 'Waf.Control.AllAccessCnameNeedMigrate', 'message' => 'The user access configuration has not been migrated yet. Please confirm after migration.', 'http_code' => 400, 'description' => 'The migration of domain name configurations is not complete.'], + ['code' => 'Waf.Control.ApisecDefaultRuleNotSupportDelete', 'message' => 'The default rules for API security do not support deletion.', 'http_code' => 400, 'description' => 'The default rules for API security do not support deletion.'], + ['code' => 'Waf.Control.ApisecExportTypeExist', 'message' => 'API security export task already exists.', 'http_code' => 400, 'description' => 'API security export task already exists.'], + ['code' => 'Waf.Control.ApisecInSystemUpdate', 'message' => 'API security service upgrade, expected to last 90 minutes, please try again later.', 'http_code' => 400, 'description' => 'API security service upgrade, expected to last 90 minutes, please try again later.'], + ['code' => 'Waf.Control.ApisecIsInitializing', 'message' => 'API security service initialization, expected to last for 1 minute, please try again later.', 'http_code' => 400, 'description' => 'API security service initialization, expected to last for 1 minute, please try again later.'], + ['code' => 'Waf.Control.ApisecNotSupport', 'message' => 'The API security module is not supported.', 'http_code' => 400, 'description' => 'The API security module is not supported.'], + ['code' => 'Waf.Control.ApisecRuleHostParameterConflict', 'message' => 'The content of the domain name field in the API security rule is duplicate.', 'http_code' => 400, 'description' => 'The content of the domain name field in the API security rule is duplicate.'], + ['code' => 'Waf.Control.ApisecRuleInOperation', 'message' => 'The API security policy configuration is operating, please try again later.', 'http_code' => 400, 'description' => 'The API security policy configuration is operating, please try again later.'], + ['code' => 'Waf.Control.ApisecRuleNotExist', 'message' => 'API security rule does not exist.', 'http_code' => 400, 'description' => 'API security rule does not exist.'], + ['code' => 'Waf.Control.CloudProductInfoEmpty', 'message' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'http_code' => 400, 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'."\n"], + ['code' => 'Waf.Control.CloudProductInfoNotMartch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'], + ['code' => 'Waf.Control.CnameBatchOpsFailedDomains', 'message' => 'Failed to upgrade the domain name to WAF3.0 or roll back the domain name to WAF2.0.', 'http_code' => 400, 'description' => 'Failed to upgrade the domain name to WAF3.0 or roll back the domain name to WAF2.0.'], + ['code' => 'Waf.Control.Conflict', 'message' => 'Configuration Conflict', 'http_code' => 400, 'description' => 'A configuration conflict occurs. Try again later.'], + ['code' => 'Waf.Control.DefenseResourceCountOverSize', 'message' => 'The maximum number of protected objects is exceeded.', 'http_code' => 400, 'description' => 'The number of protected objects exceeds the upper limit.'], + ['code' => 'Waf.Control.DefenseResourceEmpty', 'message' => 'CloudResourceId parameter is illegal.', 'http_code' => 400, 'description' => 'CloudResourceId parameter is illegal'], + ['code' => 'Waf.Control.DomainAndDomainIdBothEmpty', 'message' => 'domain and domainId cannot be empty at the same time.', 'http_code' => 400, 'description' => 'The domain name and domain name ID cannot be empty at the same time.'."\n"], + ['code' => 'Waf.Control.DomainAndDomainIdNotMatch', 'message' => 'domain and domainId do not match.', 'http_code' => 400, 'description' => 'The input parameters Domain and DomainId do not match'."\n"], + ['code' => 'Waf.Control.DomainExist', 'message' => 'The domain has been configured.', 'http_code' => 400, 'description' => 'The domain name already exists. Select an appropriate domain name again.'], + ['code' => 'Waf.Control.DomainExist', 'message' => 'The domain name already exists.', 'http_code' => 400, 'description' => 'The domain name already exists.'], + ['code' => 'Waf.Control.DomainFormatInvalid', 'message' => 'Incorrect domain name format.', 'http_code' => 400, 'description' => 'Incorrect domain name format.'], + ['code' => 'Waf.Control.DomainIdIsIllegal', 'message' => 'The input parameter, the domainId is illegal.', 'http_code' => 400, 'description' => 'Illegal entry DomainId'], + ['code' => 'Waf.Control.DomainNotEmpty', 'message' => 'The domain name must be specified.', 'http_code' => 400, 'description' => 'The domain name is not specified.'], + ['code' => 'Waf.Control.DomainOwnerNotVerify', 'message' => 'The user domain ownership is not verified.', 'http_code' => 400, 'description' => 'The ownership of the domain name is not verified.'], + ['code' => 'Waf.Control.DomainsNotEmpty', 'message' => 'The domain name list cannot be empty.', 'http_code' => 400, 'description' => 'You must select at least one domain name.'], + ['code' => 'Waf.Control.DomainTxtRecordValidateFailed', 'message' => 'Failed to verify the ownership of the primary domain name', 'http_code' => 400, 'description' => 'Failed to verify the ownership of the second-level domain name. Enter the second-level domain name that you own.'], + ['code' => 'Waf.Control.ExportDomainsExist', 'message' => 'The domain name export task is in progress. Please do not export it repeatedly.', 'http_code' => 400, 'description' => 'The task of exporting domain names is running. Do not repeat the export.'], + ['code' => 'Waf.Control.ExportingTasksMoreThanFifty', 'message' => 'The number of tasks being exported cannot exceed 50', 'http_code' => 400, 'description' => 'The number of tasks being exported cannot exceed 50.'], + ['code' => 'Waf.Control.FingerStatusNotEmpty', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The request parameters are invalid. Verify the request parameters.'], + ['code' => 'Waf.Control.InstanceExpired', 'message' => 'The instance has expired and does not support POC.', 'http_code' => 400, 'description' => 'The instance has expired and does not support POC.'], + ['code' => 'Waf.Control.InstanceStatusNotSupport', 'message' => 'Migration is not supported in the current instance state.', 'http_code' => 400, 'description' => 'Instances in this state cannot be migrated.'], + ['code' => 'Waf.Control.InsufficientPocQuota', 'message' => 'Insufficient POC quota.', 'http_code' => 400, 'description' => 'Insufficient POC quota.'], + ['code' => 'Waf.Control.InvalidApisecComplianceCode', 'message' => 'The information data type in the compliance check rule is invalid.', 'http_code' => 400, 'description' => 'The information data type in the compliance check rule is invalid.'], + ['code' => 'Waf.Control.InvalidApisecRuleCondition', 'message' => 'The condition parameter in the API security rule is invalid.', 'http_code' => 400, 'description' => 'The condition parameter in the API security rule is invalid.'], + ['code' => 'Waf.Control.InvalidApisecRuleParam', 'message' => 'The API security rule parameter is invalid.', 'http_code' => 400, 'description' => 'The API security rule parameter is invalid.'], + ['code' => 'Waf.Control.InvalidApisecTrafficTime', 'message' => 'The time parameter for API security compliance check is invalid.', 'http_code' => 400, 'description' => 'The time parameter for API security compliance check is invalid.'], + ['code' => 'Waf.Control.InvalidApisecWhitelistTags', 'message' => 'The tags parameter in the API security whitelist rule is invalid.', 'http_code' => 400, 'description' => 'The tags parameter in the API security whitelist rule is invalid.'], + ['code' => 'Waf.Control.InvalidDelegatedUserId', 'message' => 'Invalid delegated administrator user ID.', 'http_code' => 400, 'description' => 'Invalid delegated administrator user ID.'], + ['code' => 'Waf.Control.InvalidMemberUserId', 'message' => 'Invalid member account user ID.', 'http_code' => 400, 'description' => 'Invalid member account user ID.'], + ['code' => 'Waf.Control.InvalidParameter', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The request parameters are invalid. Verify the request parameters.'], + ['code' => 'Waf.Control.MemberHasWafInstance', 'message' => 'The member account already holds a WAF instance and cannot be managed by a delegated administrator account.', 'http_code' => 400, 'description' => 'The member account already holds a WAF instance and cannot be managed by an administrator account.'], + ['code' => 'Waf.Control.MemberNotExist', 'message' => 'The member account does not exist. Please check and try again.', 'http_code' => 400, 'description' => 'The member account does not exist. Please check and try again.'], + ['code' => 'Waf.Control.MemberUserInBatchTooMuch', 'message' => 'The number of member accounts for batch operations exceeds the limit.', 'http_code' => 400, 'description' => 'The number of member accounts for batch operations exceeds the limit.'], + ['code' => 'Waf.Control.MemberUserOverLimit', 'message' => 'The number of managed member accounts has exceeded the WAF instance specification limit. Please upgrade and try again.', 'http_code' => 400, 'description' => 'The number of managed member accounts exceeds the WAF instance specification limit. Upgrade and try again.'], + ['code' => 'Waf.Control.MigrateTaskExist', 'message' => 'The migration task already exists.', 'http_code' => 400, 'description' => 'The migration task already exists.'], + ['code' => 'Waf.Control.ModuleCodeInvalid', 'message' => 'The code of the pricing module is incorrect.', 'http_code' => 400, 'description' => 'The code of the pricing module is incorrect.'], + ['code' => 'Waf.Control.NotRollBack', 'message' => 'During the migration, the domain name has been modified or added to the access configuration in V3. You cannot roll back or abort the upgrade.', 'http_code' => 400, 'description' => 'During the migration, the domain name has been modified or added to the access configuration in V3. You cannot roll back or abort the upgrade.'], + ['code' => 'Waf.Control.NotSupportRd', 'message' => 'The user\'s WAF instance does not support multi-account management. Please upgrade and try again.', 'http_code' => 400, 'description' => 'The user\'s WAF instance does not support multi-account management. Please upgrade and try again.'], + ['code' => 'Waf.Control.PocFunctionBought', 'message' => 'The function specified to enable POC has already been purchased.', 'http_code' => 400, 'description' => 'The function specified to enable POC has already been purchased.'], + ['code' => 'Waf.Control.PocIllegalType', 'message' => 'Type field value is incorrect when enabling POC.', 'http_code' => 400, 'description' => 'Type field value is incorrect when enabling POC.'], + ['code' => 'Waf.Control.PocInvalidEdition', 'message' => 'The WAF version does not support the POC function.', 'http_code' => 400, 'description' => 'The WAF version does not support the POC function.'], + ['code' => 'Waf.Control.PocRepeatedEnable', 'message' => 'POC has been enabled and cannot be repeated.', 'http_code' => 400, 'description' => 'POC has been enabled and cannot be repeated.'], + ['code' => 'Waf.Control.ResourceDirectoryNotExist', 'message' => 'The user has not activated the resource directory. Please try again after activating.', 'http_code' => 400, 'description' => 'The user has not activated the resource directory. Please try again after activating.'], + ['code' => 'Waf.Control.TopDomainNotEmpty', 'message' => 'The top-level domain must be specified.', 'http_code' => 400, 'description' => 'The second-level domain name is not specified.'], + ['code' => 'Waf.Control.UserAlreadyMigrated', 'message' => 'The user configuration has been migrated to the new version of WAF.', 'http_code' => 400, 'description' => 'User configurations are migrated to WAF 3.0.'], + ['code' => 'Waf.Control.UserMigrating', 'message' => 'The user is not allowed to access the configuration during the migration.', 'http_code' => 400, 'description' => 'The user is not allowed to access the configuration during the migration.'], + ['code' => 'Waf.Control.VerifyRecordNotFound', 'message' => 'The verification record does not exist.', 'http_code' => 400, 'description' => 'The verification record does not exist.'], + ['code' => 'Waf.HybridCloud.AccessModeInvalid', 'message' => 'The access type is invalid.', 'http_code' => 400, 'description' => 'The access type is invalid.'], + ['code' => 'Waf.HybridCloud.AccessModeIsEmpty', 'message' => 'The access mode cannot be empty.', 'http_code' => 400, 'description' => 'The access mode cannot be empty.'], + ['code' => 'Waf.HybridCloud.AccessRegionInvalid', 'message' => 'The access region is invalid.', 'http_code' => 400, 'description' => 'The region is invalid.'], + ['code' => 'Waf.HybridCloud.ApisecRuleConfigConflict', 'message' => 'API security rule configuration conflicts.', 'http_code' => 400, 'description' => 'API security rule configuration conflicts'], + ['code' => 'Waf.HybridCloud.ApisecRuleParamError', 'message' => 'API security rule parameter exception.', 'http_code' => 400, 'description' => 'API security rule parameter exception'], + ['code' => 'Waf.HybridCloud.ApisecRuleServiceError', 'message' => 'API security rule service exception.', 'http_code' => 400, 'description' => 'API security rule service exception'], + ['code' => 'Waf.HybridCloud.ClusterIdNotEmpty', 'message' => 'The cluster ID cannot be empty.', 'http_code' => 400, 'description' => 'The cluster ID cannot be empty.'], + ['code' => 'Waf.HybridCloud.ClusterNameEmpty', 'message' => 'The cluster name cannot be empty.', 'http_code' => 400, 'description' => 'The cluster name cannot be empty.'], + ['code' => 'Waf.HybridCloud.ClusterNameExist', 'message' => 'The cluster name already exists.', 'http_code' => 400, 'description' => 'The cluster name already exists.'], + ['code' => 'Waf.HybridCloud.ClusterNotFound', 'message' => 'No cluster information found.', 'http_code' => 400, 'description' => 'No cluster information is found.'], + ['code' => 'Waf.HybridCloud.ClusterRuleAlreadyExists', 'message' => 'Cluster rule already exists.', 'http_code' => 400, 'description' => 'Cluster rule already exists.'], + ['code' => 'Waf.HybridCloud.ClusterRuleContentEmpty', 'message' => 'Cluster rule content cannot be empty.', 'http_code' => 400, 'description' => 'Cluster rule content cannot be empty.'], + ['code' => 'Waf.HybridCloud.ClusterRuleDontUsed', 'message' => 'Cluster rules have been updated to a new version. For more information, see the latest API documentation.', 'http_code' => 400, 'description' => 'Cluster rules have been updated to a new version. For more information, see the latest API documentation.'], + ['code' => 'Waf.HybridCloud.ClusterRuleNotFound', 'message' => 'The cluster rule resource ID does not exist.', 'http_code' => 400, 'description' => 'The cluster rule resource ID does not exist.'], + ['code' => 'Waf.HybridCloud.ClusterRuleResourceIdEmpty', 'message' => 'Cluster rule resource ID cannot be empty.', 'http_code' => 400, 'description' => 'Cluster rule resource ID cannot be empty'], + ['code' => 'Waf.HybridCloud.ClusterRuleStatusIsEmpty', 'message' => 'The rule status of the service-oriented cluster cannot be empty', 'http_code' => 400, 'description' => 'The rule status must be specified.'], + ['code' => 'Waf.HybridCloud.ClusterRuleTypeDontUpdate', 'message' => 'The cluster rule type cannot be modified.', 'http_code' => 400, 'description' => 'The cluster rule type cannot be modified.'], + ['code' => 'Waf.HybridCloud.ClusterRuleTypeIsEmpty', 'message' => 'The service-oriented cluster rule type cannot be empty', 'http_code' => 400, 'description' => 'The rule type must be specified.'], + ['code' => 'Waf.HybridCloud.ClusterRuleTypeNotExist', 'message' => 'The cluster rule type is incorrect.', 'http_code' => 400, 'description' => 'The cluster rule type is incorrect.'], + ['code' => 'Waf.HybridCloud.ExactRuleCountOverSize', 'message' => 'The number of precise matching rules exceeds the limit', 'http_code' => 400, 'description' => 'The number of exact match rules exceeds the limit.'], + ['code' => 'Waf.HybridCloud.GroupCreationError', 'message' => 'You must create storage groups, management groups, and protection groups in sequence.', 'http_code' => 400, 'description' => 'You must create groups in sequence.'], + ['code' => 'Waf.HybridCloud.GroupDeleteDomainReferError', 'message' => 'You cannot delete the group because the domain names in the group are in use. Remove the domain names from the group first.', 'http_code' => 400, 'description' => 'You cannot delete the group because the domain names in the group are in use. Remove the domain names from the group first.'], + ['code' => 'Waf.HybridCloud.GroupDeleteDomainReferError', 'message' => 'A domain name is currently using this protection group. Please delete the domain name reference relationship before proceeding.', 'http_code' => 400, 'description' => 'A domain name is currently using this protection group. Delete the domain name reference relationship before performing the operation.'], + ['code' => 'Waf.HybridCloud.GroupDeleteNodeInError', 'message' => 'You cannot delete the group. Remove the nodes from the group first.', 'http_code' => 400, 'description' => 'The group cannot be deleted. Remove nodes from the group first.'], + ['code' => 'Waf.HybridCloud.GroupDeletionError', 'message' => 'You must delete protection groups, management groups, and storage groups in sequence.', 'http_code' => 400, 'description' => 'Delete groups in sequence.'], + ['code' => 'Waf.HybridCloud.GroupIdInvalid', 'message' => 'The group ID is invalid.', 'http_code' => 400, 'description' => 'The group ID is invalid.'], + ['code' => 'Waf.HybridCloud.GroupLocationNotEmpty', 'message' => 'The group region cannot be empty.', 'http_code' => 400, 'description' => 'The group region cannot be empty.'], + ['code' => 'Waf.HybridCloud.GroupNameNotEmpty', 'message' => 'The group name cannot be empty.', 'http_code' => 400, 'description' => 'The group name cannot be empty.'], + ['code' => 'Waf.HybridCloud.GroupProtectionNodeOverrun', 'message' => 'The number of protected nodes exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of protected nodes exceeds the upper limit.'], + ['code' => 'Waf.HybridCloud.GroupVagentIdInvalid', 'message' => 'The group ID is invalid.', 'http_code' => 400, 'description' => 'The group ID is invalid.'], + ['code' => 'Waf.HybridCloud.HttpPortIsEmpty', 'message' => 'The HTTP ports cannot be empty.', 'http_code' => 400, 'description' => 'The HTTP ports cannot be empty.'], + ['code' => 'Waf.HybridCloud.HttpsPortIsEmpty', 'message' => 'The HTTPS ports cannot be empty.', 'http_code' => 400, 'description' => 'The HTTPS ports cannot be empty.'], + ['code' => 'Waf.HybridCloud.HybridCloudApisecNotSupport', 'message' => 'WAF instances do not support hybrid cloud API security.', 'http_code' => 400, 'description' => 'WAF instances do not support hybrid cloud API security'], + ['code' => 'Waf.HybridCloud.HybridCloudNotsupport', 'message' => 'Hybrid cloud is not supported.', 'http_code' => 400, 'description' => 'Hybrid clouds are not supported.'], + ['code' => 'Waf.HybridCloud.InternalError', 'message' => 'Internal service error.', 'http_code' => 400, 'description' => 'Internal Service Error'], + ['code' => 'Waf.HybridCloud.InvalidGroupType', 'message' => 'The group type is invalid.', 'http_code' => 400, 'description' => 'The group type is invalid.'], + ['code' => 'Waf.HybridCloud.InvalidHttpPort', 'message' => 'The HTTP port is invalid.', 'http_code' => 400, 'description' => 'The HTTP port is invalid.'], + ['code' => 'Waf.HybridCloud.InvalidHttpsPort', 'message' => 'The HTTPS port is invalid.', 'http_code' => 400, 'description' => 'The HTTPS port is invalid.'], + ['code' => 'Waf.HybridCloud.LoadBalanceIpNotEmpty', 'message' => 'The server IP address for load balancing cannot be empty.', 'http_code' => 400, 'description' => 'The server IP address for load balancing cannot be empty.'], + ['code' => 'Waf.HybridCloud.ProtectionCountOrverLoad', 'message' => 'The number of protected domains exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of protected nodes exceeds the specification.'], + ['code' => 'Waf.HybridCloud.ProtectionServerCountInvalid', 'message' => 'The number of protected domains is invalid.', 'http_code' => 400, 'description' => 'The number of protected nodes is invalid.'], + ['code' => 'Waf.HybridCloud.PullinRuleFormatInvalid', 'message' => 'Incorrect format of drainage rules', 'http_code' => 400, 'description' => 'The format of traffic redirection rules is invalid.'], + ['code' => 'Waf.HybridCloud.RegexRuleCountOverSize', 'message' => 'The number of regular matching rules exceeds the limit', 'http_code' => 400, 'description' => 'The number of regular expression rules exceeds the limit.'], + ['code' => 'Waf.HybridCloud.SdkInfoNotExist', 'message' => 'SDK info not exist.', 'http_code' => 400, 'description' => 'The traffic redirection node does not exist.'], + ['code' => 'Waf.HybridCloud.SdkMidIsEmpty', 'message' => 'Machine unique identifier mid cannot be empty', 'http_code' => 400, 'description' => 'The machine ID must be specified.'], + ['code' => 'Waf.HybridCloud.ServerContinentsInvalid', 'message' => 'The continent is invalid.', 'http_code' => 400, 'description' => 'The continent is invalid.'], + ['code' => 'Waf.HybridCloud.ServerContinestsUnuseable', 'message' => 'The continent is not supported.', 'http_code' => 400, 'description' => 'The continent is not supported.'], + ['code' => 'Waf.HybridCloud.ServerMidInvalid', 'message' => 'The machine ID is invalid.', 'http_code' => 400, 'description' => 'The machine ID is invalid.'], + ['code' => 'Waf.HybridCloud.ServerMidNotExist', 'message' => 'The machine ID does not exist.', 'http_code' => 400, 'description' => 'The machine ID does not exist.'], + ['code' => 'Waf.HybridCloud.ServerOperatorInvalid', 'message' => 'The operator is invalid.', 'http_code' => 400, 'description' => 'The operator is invalid.'], + ['code' => 'Waf.HybridCloud.ServerOperatorUnuseable', 'message' => 'The operator is not supported.', 'http_code' => 400, 'description' => 'The operator is not supported.'], + ['code' => 'Waf.HybridCloud.ServerRegionCodeInvalid', 'message' => 'The city is invalid.', 'http_code' => 400, 'description' => 'The city is invalid.'], + ['code' => 'Waf.HybridCloud.ServerRegionCodeUnuseable', 'message' => 'The city is not supported.', 'http_code' => 400, 'description' => 'The city is not supported.'], + ['code' => 'Waf.HybridCloud.ServerRegionTypeInvalid', 'message' => 'The region type is invalid.', 'http_code' => 400, 'description' => 'The region type is invalid.'], + ['code' => 'Waf.HybridCloud.ServerUpdateFailed', 'message' => 'Failed to update the server information.', 'http_code' => 400, 'description' => 'Failed to update the server information.'], + ['code' => 'Waf.HybridCloud.UniqueClusterGroupType', 'message' => 'You can create only one group of this type in a cluster.', 'http_code' => 400, 'description' => 'You can create only one group of this type in a cluster.'], + ['code' => 'Waf.HybridCloud.UniqueGroupName', 'message' => 'The group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'], + ['code' => 'Waf.HybridCloud.UserNoPermission', 'message' => 'You do not have the permissions to perform this operation.', 'http_code' => 400, 'description' => 'You do not have the permissions to perform this operation.'], + ['code' => 'Waf.Instance.MaxTransparentIpPortCountLimit', 'message' => 'The number of transparent access exceeds the current maximum number that can be added', 'http_code' => 400, 'description' => 'The maximum number of instances that you can add to WAF in transparent proxy mode is exceeded.'], + ['code' => 'Waf.Instance.ValidFaild', 'message' => 'WAF instance check failed. Check whether the instance ID is correct.', 'http_code' => 400, 'description' => 'WAF instance check failed. Check whether the instance ID is correct.'], + ['code' => 'Waf.Pullin.AbnormalStatus', 'message' => 'The status of the access resource is abnormal. Resource:%s.', 'http_code' => 400, 'description' => 'The status of the access resource is abnormal. Resource:%s.'], + ['code' => 'Waf.Pullin.AlreadyAccessed', 'message' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', 'http_code' => 400, 'description' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.'], + ['code' => 'Waf.Pullin.BackedInBacklist', 'message' => 'The input back-to-source IP is in the system blacklist, please update the back-to-source IP.', 'http_code' => 400, 'description' => 'The back-to-origin IP address is in the blacklist. Change the back-to-origin IP address.'], + ['code' => 'Waf.Pullin.BackendPortIncompatible', 'message' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.', 'http_code' => 400, 'description' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.'], + ['code' => 'Waf.Pullin.BackendPortNotMatched', 'message' => 'The back-to-source port does not match the listening port. Listening protocol:%s, listening port:%s, back-to-source port:%s.', 'http_code' => 400, 'description' => 'The back-to-source port does not match the listening port. Listening protocol:%s, listening port:%s, back-to-source port:%s.'], + ['code' => 'Waf.Pullin.BackupBackendConflict', 'message' => 'The backup backend configuration conflicts.', 'http_code' => 400, 'description' => 'The backup link back-to-source configuration conflicts.'], + ['code' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'message' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'http_code' => 400, 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'], + ['code' => 'Waf.Pullin.BusinessDomainNotRecord', 'message' => 'The domain name does not have an ICP filing.', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing.'], + ['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.', 'http_code' => 400, 'description' => 'Domain name business is suspected of violating regulations. If you have any questions, please go through the work order process.'], + ['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'Domain services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'http_code' => 400, 'description' => 'Domain services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'], + ['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'http_code' => 400, 'description' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'], + ['code' => 'Waf.Pullin.CertAuthFailed', 'message' => 'Certificate authorization failed.', 'http_code' => 400, 'description' => 'Failed to perform certificate authentication.'], + ['code' => 'Waf.Pullin.CertAuthFailed', 'message' => 'Failed to perform certificate authentication.', 'http_code' => 400, 'description' => 'Failed to perform certificate authentication.'], + ['code' => 'Waf.Pullin.CertExist', 'message' => 'Certificate already exists.', 'http_code' => 400, 'description' => 'The certificate exists.'], + ['code' => 'Waf.Pullin.CertExist', 'message' => 'The certificate exists.', 'http_code' => 400, 'description' => 'The certificate exists.'], + ['code' => 'Waf.Pullin.CertExpired', 'message' => 'Certificate has expired.', 'http_code' => 400, 'description' => 'The certificate is expired.'], + ['code' => 'Waf.Pullin.CertExpired', 'message' => 'The certificate has expired.', 'http_code' => 400, 'description' => 'The certificate has expired.'], + ['code' => 'Waf.Pullin.CertExpired', 'message' => 'Certificate expired, certificate ID:%s .', 'http_code' => 400, 'description' => 'Certificate expired, certificate ID:%s.'], + ['code' => 'Waf.Pullin.CertKeyEmpty', 'message' => 'Certificate private key is empty.', 'http_code' => 400, 'description' => 'The private key of the certificate is empty.'], + ['code' => 'Waf.Pullin.CertKeyEmpty', 'message' => 'The private key of the certificate is empty.', 'http_code' => 400, 'description' => 'The private key of the certificate is empty.'], + ['code' => 'Waf.Pullin.CertKeyNotMatch', 'message' => 'Certificate file does not match private key.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key.'], + ['code' => 'Waf.Pullin.CertKeyNotMatch', 'message' => 'The certificate file does not match the private key.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key.'], + ['code' => 'Waf.Pullin.CertNameExist', 'message' => 'Certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate is being used.'], + ['code' => 'Waf.Pullin.CertNameExist', 'message' => 'The name of the certificate is being used.', 'http_code' => 400, 'description' => 'The name of the certificate is being used.'], + ['code' => 'Waf.Pullin.CertNotExist', 'message' => 'Certificate does not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'], + ['code' => 'Waf.Pullin.CertNotExist', 'message' => 'The certificate does not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'], + ['code' => 'Waf.Pullin.CertNotExist', 'message' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'http_code' => 400, 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'], + ['code' => 'Waf.Pullin.CertNotMatchDomain', 'message' => 'The domain name is not included in the certificate.', 'http_code' => 400, 'description' => 'The domain name is not included in the certificate.'], + ['code' => 'Waf.Pullin.CertSaveFailed', 'message' => 'Certificate save failed.', 'http_code' => 400, 'description' => 'Failed to store the certificate.'], + ['code' => 'Waf.Pullin.CertSaveFailed', 'message' => 'Failed to store the certificate.', 'http_code' => 400, 'description' => 'Failed to store the certificate.'], + ['code' => 'Waf.Pullin.ClientCertificateOpened', 'message' => 'Clb Instance port Client Certiticate is opened.', 'http_code' => 400, 'description' => 'Mutual authentication is enabled for the ports of CLB instances. The ports cannot be added to WAF.'], + ['code' => 'Waf.Pullin.CloudProductParamEmpty', 'message' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'http_code' => 400, 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'], + ['code' => 'Waf.Pullin.CloudProductParamNotMarch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'], + ['code' => 'Waf.Pullin.CloudProductParamNotMatch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'."\n"], + ['code' => 'Waf.Pullin.CloudResourceInvalid', 'message' => 'CloudResourceId parameter is illegal.', 'http_code' => 400, 'description' => 'CloudResourceId parameter is illegal'], + ['code' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', 'message' => 'domain and domainId cannot be empty at the same time.', 'http_code' => 400, 'description' => 'The domain name and domain name ID cannot be empty at the same time.'], + ['code' => 'Waf.Pullin.DomainAndDomainIdNotMatch', 'message' => 'domain and domainId do not match.', 'http_code' => 400, 'description' => 'The input parameters Domain and DomainId do not match.'], + ['code' => 'Waf.Pullin.DomainExistInOldWaf', 'message' => 'Domain name exists in WAF 2.0.', 'http_code' => 400, 'description' => 'The domain name is added to WAF of the earlier version.'], + ['code' => 'Waf.Pullin.DomainExistInOldWaf', 'message' => 'The domain name is added to WAF of the earlier version.', 'http_code' => 403, 'description' => 'The domain name is already configured in WAF 2.0.'], + ['code' => 'Waf.Pullin.DomainIdIsIllegal', 'message' => 'The input parameter, the domainId is illegal.', 'http_code' => 400, 'description' => 'Illegal entry DomainId'], + ['code' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'message' => 'The domain does not have an ICP filling or has been blacklisted.', 'http_code' => 400, 'description' => 'The domain name is not filed or is on the blacklist.'], + ['code' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'message' => 'Blacklist or Domain Names That Do Not Have ICP Filings', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or has committed a penalty.'], + ['code' => 'Waf.Pullin.DomainOwnedByOtherUser', 'message' => 'The domain name is already in use by another user.', 'http_code' => 400, 'description' => 'The domain name is used by another user.'], + ['code' => 'Waf.Pullin.DomainOwnedByOtherUser', 'message' => 'The domain name is used by other users.', 'http_code' => 400, 'description' => 'The domain name is used by another user.'], + ['code' => 'Waf.Pullin.DuplicateCertificateId', 'message' => 'Duplicate certificate ID', 'http_code' => 400, 'description' => 'The ID of the certificate already exists.'], + ['code' => 'Waf.Pullin.ExtensiveDomainUsedError', 'message' => 'The generic domain name is already in use by other users.', 'http_code' => 400, 'description' => 'The wildcard domain name is used by another user.'], + ['code' => 'Waf.Pullin.ExtensiveDomainUsedError', 'message' => 'The wildcard domain name is used by other users.', 'http_code' => 400, 'description' => 'The wildcard domain name is used by other users.'], + ['code' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', 'message' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', 'http_code' => 400, 'description' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.'], + ['code' => 'Waf.Pullin.Http2OriginMustOnHttp2Enable', 'message' => 'When HTTP2 origin is enabled, HTTP2 listening must be enabled.', 'http_code' => 400, 'description' => 'When HTTP2 back-to-source is enabled, HTTP2 listening must be enabled.'], + ['code' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', 'message' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', 'http_code' => 400, 'description' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.'], + ['code' => 'Waf.Pullin.InsufficientExclusiveVip', 'message' => 'The number of exclusive IP addresses that you have purchased is insufficient. Purchase more on the upgrade page.', 'http_code' => 400, 'description' => 'The number of exclusive IP addresses that you have purchased is insufficient. Purchase more on the upgrade page.'], + ['code' => 'Waf.Pullin.InvalidAttachKey', 'message' => 'Invalid parameter name.', 'http_code' => 400, 'description' => 'The name of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidAttachKey', 'message' => 'The name of the parameter is invalid.', 'http_code' => 400, 'description' => 'The name of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidAttachValue', 'message' => 'Invalid parameter value.', 'http_code' => 400, 'description' => 'The value of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidAttachValue', 'message' => 'The value of the parameter is invalid.', 'http_code' => 400, 'description' => 'The value of the parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidBackend', 'message' => 'Invalid return information.', 'http_code' => 400, 'description' => 'The back-to-origin information is invalid.'], + ['code' => 'Waf.Pullin.InvalidBackend', 'message' => 'The back-to-origin information is invalid.', 'http_code' => 400, 'description' => 'The back-to-origin information is invalid.'], + ['code' => 'Waf.Pullin.InvalidCertByHttpProtocol', 'message' => 'HTTP protocol cannot enter certificate', 'http_code' => 400, 'description' => 'You cannot enter a certificate for the HTTP protocol.'], + ['code' => 'Waf.Pullin.InvalidCertByHttpsProtocol', 'message' => 'HTTPS protocol must enter a certificate', 'http_code' => 400, 'description' => 'You must enter a certificate for the HTTPS protocol.'], + ['code' => 'Waf.Pullin.InvalidCertFormat', 'message' => 'Certificate format error.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'], + ['code' => 'Waf.Pullin.InvalidCertFormat', 'message' => 'The format of the certificate is invalid.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'], + ['code' => 'Waf.Pullin.InvalidCertIdentifier', 'message' => 'Invalid certificate ID, certificate ID:%s.', 'http_code' => 400, 'description' => 'Invalid certificate ID, certificate ID:%s.'], + ['code' => 'Waf.Pullin.InvalidCipherSuit', 'message' => 'Invalid CipherSuit', 'http_code' => 400, 'description' => 'The cipher suite is invalid.'], + ['code' => 'Waf.Pullin.InvalidClusterPort', 'message' => 'The cluster port is invalid.', 'http_code' => 400, 'description' => 'HybridCloud cluster port is invalid.'], + ['code' => 'Waf.Pullin.InvalidCustomCiphers', 'message' => 'Invalid custom cipher suite.', 'http_code' => 400, 'description' => 'Invalid custom cipher suite.'], + ['code' => 'Waf.Pullin.InvalidDefaultCert', 'message' => 'Invalid default certificate.', 'http_code' => 400, 'description' => 'The default certificate is invalid.'], + ['code' => 'Waf.Pullin.InvalidDomain', 'message' => 'Invalid domain name.', 'http_code' => 400, 'description' => 'The domain name is invalid.'], + ['code' => 'Waf.Pullin.InvalidDomain', 'message' => 'The domain name is invalid.', 'http_code' => 400, 'description' => 'The domain name is invalid.'], + ['code' => 'Waf.Pullin.InvalidHttp2OriginWithProxyProtocol', 'message' => 'http2Origin and proxyProtocol cannot be opened at the same time.', 'http_code' => 400, 'description' => 'http2Origin and proxyProtocol cannot be opened at the same time.'], + ['code' => 'Waf.Pullin.InvalidIncludeSubDomainWithPreload', 'message' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'http_code' => 400, 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'], + ['code' => 'Waf.Pullin.InvalidMaxAgeWithPreload', 'message' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000.', 'http_code' => 400, 'description' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000'], + ['code' => 'Waf.Pullin.InvalidProtocolPort', 'message' => 'Protocol port not entered.', 'http_code' => 400, 'description' => 'You must specify the port.'], + ['code' => 'Waf.Pullin.InvalidProtocolPort', 'message' => 'The port is not specified.', 'http_code' => 400, 'description' => 'The port is not specified.'], + ['code' => 'Waf.Pullin.InvalidPunishScope', 'message' => 'The punish scope parameter is invalid.', 'http_code' => 400, 'description' => 'The penalty dimension parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidRequestHeader', 'message' => 'Invalid Enable Traffic Marker parameter.', 'http_code' => 400, 'description' => 'The Enable Traffic Mark parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidRequestHeader', 'message' => 'The Enable Traffic Mark parameter is invalid.', 'http_code' => 400, 'description' => 'The Enable Traffic Mark parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidResource', 'message' => 'Invalid resource.', 'http_code' => 400, 'description' => 'The resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidResource', 'message' => 'The resource is invalid.', 'http_code' => 400, 'description' => 'The resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidResourceProduct', 'message' => 'Invalid cloud product type.', 'http_code' => 400, 'description' => 'The cloud service type is invalid.'], + ['code' => 'Waf.Pullin.InvalidResourceStatus', 'message' => 'Invalid resource state.', 'http_code' => 400, 'description' => 'The status of the resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidResourceStatus', 'message' => 'The status of the resource is invalid.', 'http_code' => 400, 'description' => 'The status of the resource is invalid.'], + ['code' => 'Waf.Pullin.InvalidServiceAttachData', 'message' => 'Invalid cloud product parameters.', 'http_code' => 400, 'description' => 'The cloud service parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidServiceAttachData', 'message' => 'The Cloud Service parameter is invalid.', 'http_code' => 400, 'description' => 'The Cloud Service parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidTLS', 'message' => 'invalid TLS', 'http_code' => 400, 'description' => 'The TLS parameter is invalid.'], + ['code' => 'Waf.Pullin.InvalidUserStatus', 'message' => 'Invalid user state.', 'http_code' => 400, 'description' => 'The status of the user is invalid.'], + ['code' => 'Waf.Pullin.InvalidUserStatus', 'message' => 'The status of the user is invalid.', 'http_code' => 400, 'description' => 'The status of the user is invalid.'], + ['code' => 'Waf.Pullin.MaxCertCountLimit', 'message' => 'The number of selected certificate IDs exceeds the maximum number in the system.', 'http_code' => 400, 'description' => 'The number of selected certificate IDs exceeds the maximum number in the system.'], + ['code' => 'Waf.Pullin.MaxDomainCountLimit', 'message' => 'Exceeds the maximum number of domain names that can be entered', 'http_code' => 400, 'description' => 'The maximum number of domain names that you can enter is exceeded.'], + ['code' => 'Waf.Pullin.MaxProductCountLimit', 'message' => '可接入的云产品数不足', 'http_code' => 400, 'description' => 'The maximum number of instances that you can add to WAF is exceeded.'], + ['code' => 'Waf.Pullin.MustListenHTTPS', 'message' => 'The domain name must listen to the HTTPS protocol. Domain:%s.', 'http_code' => 400, 'description' => 'The domain name must listen to the HTTPS protocol. Domain name:%s.'], + ['code' => 'Waf.Pullin.OnlyBeOneDefaultCert', 'message' => 'There can be only one default certificate.', 'http_code' => 400, 'description' => 'There can be only one default certificate.'], + ['code' => 'Waf.Pullin.OpenExclusiveIpInNotShare', 'message' => 'Turn on exclusive IP, only share cluster can be selected.', 'http_code' => 400, 'description' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.OpenExclusiveIpInNotShare', 'message' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.', 'http_code' => 400, 'description' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.OpenExclusiveIpIPv6', 'message' => 'Exclusive IP and Ipv6, cannot be enabled at the same time.', 'http_code' => 400, 'description' => 'Exclusive IP and Ipv6 cannot be enabled at the same time.'], + ['code' => 'Waf.Pullin.OpenIPv6InNotShare', 'message' => 'Turn on IPv6, share cluster is the only option.', 'http_code' => 400, 'description' => 'If you turn on IPv6, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.OpenIPv6InNotShare', 'message' => 'If you turn on IPv6, you can select only a shared cluster.', 'http_code' => 400, 'description' => 'If you turn on IPv6, you can select only a shared cluster.'], + ['code' => 'Waf.Pullin.PortProcessing', 'message' => 'Port is processing', 'http_code' => 400, 'description' => 'The port is being processed. Try again later.'], + ['code' => 'Waf.Pullin.PortProcessing', 'message' => 'The port is being processed, please try again later.', 'http_code' => 400, 'description' => 'The port is being processed, please try again later.'], + ['code' => 'Waf.Pullin.ProtocolNotSet', 'message' => 'Protocol not entered.', 'http_code' => 400, 'description' => 'You must specify the protocol.'], + ['code' => 'Waf.Pullin.ProtocolNotSet', 'message' => 'You must specify the protocol.', 'http_code' => 400, 'description' => 'You must specify the protocol.'], + ['code' => 'Waf.Pullin.ResourceAllocationFailed', 'message' => 'Failed to allocate resources.', 'http_code' => 400, 'description' => 'Failed to allocate resources.'], + ['code' => 'Waf.Pullin.ResourceCreating', 'message' => 'Accessed resources are being created.', 'http_code' => 400, 'description' => 'The resource is being created.'], + ['code' => 'Waf.Pullin.ResourceCreating', 'message' => 'The resource is being created.', 'http_code' => 400, 'description' => 'The resource is being created.'], + ['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'Accessed resource already exists.', 'http_code' => 400, 'description' => 'The resource exists.'], + ['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'The resource exists.', 'http_code' => 400, 'description' => 'The resource exists.'], + ['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'Access resource already exists, resource:%s.', 'http_code' => 400, 'description' => 'Access resource already exists, existing resource:%s.'], + ['code' => 'Waf.Pullin.ResourceInstanceIdNotExist', 'message' => 'The instance ID does not exist.', 'http_code' => 400, 'description' => 'The instance ID does not exist.'], + ['code' => 'Waf.Pullin.ResourceInstanceIpNotMatched', 'message' => 'The instance does not match the Public IP, please click Synchronize and try again.', 'http_code' => 400, 'description' => 'The ID of the instance does not match the IP address of the instance. Click Synchronize Instances and retry.'], + ['code' => 'Waf.Pullin.ResourceInstancePortNotExist', 'message' => 'The port of the instance does not exist.', 'http_code' => 400, 'description' => 'The port number does not exist.'], + ['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'Access resource does not exist.', 'http_code' => 400, 'description' => 'The resource does not exist.'], + ['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'The resource does not exist.', 'http_code' => 400, 'description' => 'The resource does not exist.'], + ['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'The accessed resource already exists. Resource:%s.', 'http_code' => 400, 'description' => 'The accessed resource already exists. Resource:%s.'], + ['code' => 'Waf.Pullin.ResourceOwnerError', 'message' => 'Resource attribution user is incorrect.', 'http_code' => 400, 'description' => 'The user to which the resource belongs is invalid.'], + ['code' => 'Waf.Pullin.ResourceOwnerError', 'message' => 'The user to which the resource belongs is invalid.', 'http_code' => 400, 'description' => 'The user to which the resource belongs is invalid.'], + ['code' => 'Waf.Pullin.ResourceProcessing', 'message' => 'The resource is in operation, please try again later.', 'http_code' => 400, 'description' => 'The resource is in operation, please try again later.'], + ['code' => 'Waf.Pullin.RiskyDomain', 'message' => 'RT001, sorry, this domain name cannot be added due to security problems. You can appeal through the work order.', 'http_code' => 400, 'description' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.'], + ['code' => 'Waf.Pullin.UnderDDoS', 'message' => 'The current WAF instance is in the defense/blackhole state, and it is not allowed to enable the Exclusive IP/GSLB configuration', 'http_code' => 400, 'description' => 'Traffic scrubbing or blackhole filtering is triggered for the WAF instance. You cannot enable Exclusive IP Address or Shared Cluster-based Intelligent Load Balancing.'], + ['code' => 'Waf.Pullin.UnSupportedPort', 'message' => 'Return port not supported.', 'http_code' => 400, 'description' => 'The port over which requests are redirected to the origin server is not supported.'], + ['code' => 'Waf.Pullin.UnSupportedPort', 'message' => 'The port over which requests are redirected to the origin server is not supported.', 'http_code' => 400, 'description' => 'The port over which requests are redirected to the origin server is not supported.'], + ['code' => 'Waf.Report.%s', 'message' => 'Invalid parameter:%s.', 'http_code' => 400, 'description' => 'Invalid parameter:%s'], + ['code' => 'Waf.Report.InternalError', 'message' => 'Server error occurred in report service.', 'http_code' => 400, 'description' => 'Report Service Internal Error'], + ['code' => 'WafMigrating', 'message' => 'WAF user is migrating, the operation of resource does not support.', 'http_code' => 400, 'description' => 'WAF users are not allowed to access related resources during migration.'], + ['code' => 'WxbbOrWxbbJsUsed', 'message' => 'The feature of app protection is being used.', 'http_code' => 400, 'description' => 'The app protection feature is in use.'], + ['code' => 'Defense.Control.InvalidDefenseRuleConfig', 'message' => 'Invalid protection rule configuration. %s.', 'http_code' => 400, 'description' => 'Invalid protection rule configuration.'], + ], + 'changeSet' => [ + [ + 'apis' => [ + ['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeDefenseRules'], ], - 'schemes' => [ - 'http', - 'https', + 'createdAt' => '2025-03-27T04:35:03.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeApisecApiResources'], + ['description' => 'Response parameters changed', 'api' => 'DescribeApisecEvents'], + ['description' => 'Response parameters changed', 'api' => 'DescribeApisecStatistics'], ], - 'security' => [ - [ - 'AK' => [], + 'createdAt' => '2025-02-24T13:16:32.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResource'], + ['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResources'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDefenseResourceXff'], + ], + 'createdAt' => '2025-02-24T08:09:44.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeApisecAbnormals'], + ['description' => 'Request parameters changed', 'api' => 'DescribeSensitiveRequestLog'], + ], + 'createdAt' => '2025-01-16T13:24:13.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribePunishedDomains'], + ], + 'createdAt' => '2025-01-15T12:33:46.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeDefenseTemplates'], + ], + 'createdAt' => '2025-01-03T06:43:53.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'ModifyHybridCloudClusterBypassStatus'], + ], + 'createdAt' => '2024-12-30T10:12:48.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeDefenseResourceTemplates'], + ['description' => 'Request parameters changed', 'api' => 'DescribeDefenseTemplates'], + ], + 'createdAt' => '2024-12-30T06:37:53.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateCloudResource'], + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDomain'], + ], + 'createdAt' => '2024-12-12T08:02:05.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2024-11-28T15:05:24.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeSensitiveRequestLog'], + ], + 'createdAt' => '2024-11-26T09:04:53.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'ChangeResourceGroup'], + ], + 'createdAt' => '2024-11-13T11:01:42.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateSM2Cert'], + ['description' => 'Request parameters changed', 'api' => 'DescribeCnameCount'], + ['description' => 'Request parameters changed', 'api' => 'ListTagKeys'], + ['description' => 'Request parameters changed', 'api' => 'ListTagValues'], + ], + 'createdAt' => '2024-11-12T13:24:43.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecAbnormalDomainStatistic'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecAssetTrend'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecEventDomainStatistic'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecSensitiveDomainStatistic'], + ], + 'createdAt' => '2024-11-12T12:57:21.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecLogDeliveries'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsLogStores'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsProjects'], + ['description' => 'Request parameters changed', 'api' => 'DescribeUserSlsLogRegions'], + ['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDelivery'], + ['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDeliveryStatus'], + ], + 'createdAt' => '2024-11-12T11:55:30.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribeResourceSupportRegions'], + ], + 'createdAt' => '2024-11-06T13:26:45.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'ModifyDefenseRule'], + ], + 'createdAt' => '2024-10-18T13:59:41.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateCloudResource'], + ['description' => 'Request parameters changed', 'api' => 'ModifyCloudResource'], + ], + 'createdAt' => '2024-10-10T12:43:53.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'ModifyResourceLogStatus'], + ], + 'createdAt' => '2024-09-06T03:56:49.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDefenseRule'], + ], + 'createdAt' => '2024-09-02T09:45:29.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DeleteDefenseResourceGroup'], + ['description' => 'Request parameters changed', 'api' => 'DescribeDefenseResources'], + ['description' => 'Request parameters changed', 'api' => 'ModifyPauseProtectionStatus'], + ], + 'createdAt' => '2024-09-02T03:45:16.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudServerRegions'], + ['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudUnassignedMachines'], + ], + 'createdAt' => '2024-08-29T01:28:49.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudClusters'], + ['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudGroups'], + ['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudResources'], + ['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudUser'], + ], + 'createdAt' => '2024-08-29T01:20:04.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DeleteDefenseResourceGroup'], + ['description' => 'Request parameters changed', 'api' => 'DescribeDefenseResources'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDefenseResourceXff'], + ['description' => 'Request parameters changed', 'api' => 'ModifyPauseProtectionStatus'], + ], + 'createdAt' => '2024-08-29T01:08:27.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecAbnormalDomainStatistic'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecAssetTrend'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecEventDomainStatistic'], + ], + 'createdAt' => '2024-08-29T00:41:11.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecSensitiveDomainStatistic'], + ], + 'createdAt' => '2024-08-27T09:34:53.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecLogDeliveries'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsLogStores'], + ['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsProjects'], + ['description' => 'Request parameters changed', 'api' => 'DescribeUserSlsLogRegions'], + ['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDelivery'], + ['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDeliveryStatus'], + ], + 'createdAt' => '2024-08-27T07:55:18.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeAccountDelegatedStatus'], + ['description' => 'Request parameters changed', 'api' => 'DescribePauseProtectionStatus'], + ], + 'createdAt' => '2024-08-27T07:27:41.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeFlowChart'], + ['description' => 'Request parameters changed', 'api' => 'DescribeFlowTopResource'], + ['description' => 'Request parameters changed', 'api' => 'DescribePeakTrend'], + ['description' => 'Request parameters changed', 'api' => 'DescribeResponseCodeTrendGraph'], + ], + 'createdAt' => '2024-08-27T07:23:48.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopUa'], + ['description' => 'Request parameters changed', 'api' => 'DescribeVisitTopIp'], + ['description' => 'Request parameters changed', 'api' => 'DescribeVisitUas'], + ], + 'createdAt' => '2024-08-27T07:18:30.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopResource'], + ['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopRuleId'], + ['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopTuleType'], + ], + 'createdAt' => '2024-08-27T07:15:38.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopClientIp'], + ], + 'createdAt' => '2024-08-27T07:13:17.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeFlowTopUrl'], + ], + 'createdAt' => '2024-08-27T06:52:03.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeCnameCount'], + ], + 'createdAt' => '2024-08-15T07:34:21.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopUrl'], + ], + 'createdAt' => '2024-08-15T07:04:04.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeDDoSStatus'], + ], + 'createdAt' => '2024-08-15T06:51:46.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribeCloudResources'], + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribeProductInstances'], + ], + 'createdAt' => '2024-07-09T07:10:39.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'], + ], + 'createdAt' => '2024-06-06T09:50:01.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeResponseCodeTrendGraph'], + ], + 'createdAt' => '2024-04-16T02:38:05.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeProductInstances'], + ], + 'createdAt' => '2024-04-02T13:44:23.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResources'], + ], + 'createdAt' => '2024-03-21T12:30:50.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeHybridCloudResources'], + ], + 'createdAt' => '2024-02-22T02:47:49.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeHybridCloudResources'], + ], + 'createdAt' => '2024-02-20T09:23:23.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2024-01-30T12:17:22.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeHybridCloudResources'], + ], + 'createdAt' => '2023-10-19T12:17:33.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeHybridCloudGroups'], + ], + 'createdAt' => '2023-10-18T12:20:57.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopRuleId'], + ], + 'createdAt' => '2023-10-18T06:20:01.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResources'], + ], + 'createdAt' => '2023-08-24T09:08:07.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeFlowChart'], + ], + 'createdAt' => '2023-07-27T11:08:23.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeDefenseTemplate'], + ], + 'createdAt' => '2023-07-26T09:09:20.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'CreateDefenseRule'], + ['description' => 'Response parameters changed', 'api' => 'ModifyDefenseRule'], + ], + 'createdAt' => '2023-05-17T07:34:05.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2023-04-27T06:06:10.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeDomainDetail'], + ], + 'createdAt' => '2023-04-18T11:16:44.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Request parameters changed, Response parameters changed, Response parameters changed', 'api' => 'DescribeDomains'], + ['description' => 'Response parameters changed', 'api' => 'DescribeVisitUas'], + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2023-04-18T02:11:06.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDomain'], + ], + 'createdAt' => '2023-03-31T03:12:06.000Z', + 'description' => '', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2023-01-10T12:30:48.000Z', + 'description' => 'CNAME接入的回源超时时间取值范围调整', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Request parameters changed, Response parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2023-01-05T12:40:09.000Z', + 'description' => '混合云增加长连接超时时间等参数', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2022-11-28T08:18:31.000Z', + 'description' => 'WAF3.0控制台 开放长连接配置。', + ], + [ + 'apis' => [ + ['description' => 'Request parameters changed', 'api' => 'CreateDomain'], + ['description' => 'Request parameters changed', 'api' => 'DeleteDomain'], + ['description' => 'Request parameters changed', 'api' => 'ModifyDomain'], + ], + 'createdAt' => '2022-11-25T01:59:49.000Z', + 'description' => '新增混合云cname接入', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeInstance'], + ], + 'createdAt' => '2022-11-02T05:56:56.000Z', + 'description' => '实例查询接口,新加创建实例字段。', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeInstance'], + ], + 'createdAt' => '2022-07-04T11:04:45.000Z', + 'description' => '支持BOT,防篡改,防敏感信息', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeInstance'], + ], + 'createdAt' => '2022-03-31T13:15:05.000Z', + 'description' => '重保场景化功能', + ], + [ + 'apis' => [ + ['description' => 'OpenAPI offline', 'api' => 'DescribeInstanceExtend'], + ], + 'createdAt' => '2022-03-31T13:13:25.000Z', + 'description' => '重保功能发布', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeInstanceCompatible'], + ], + 'createdAt' => '2022-01-20T05:53:09.000Z', + 'description' => '新老版本WAF的实例查询接口,新加商品CODE字段。', + ], + [ + 'apis' => [ + ['description' => 'Response parameters changed', 'api' => 'DescribeInstanceCompatible'], + ], + 'createdAt' => '2022-01-06T09:54:28.000Z', + 'description' => '查询实例接口新加付费类型字段。', + ], + [ + 'apis' => [ + ['description' => 'OpenAPI offline', 'api' => 'DescribeInstance'], + ['description' => 'OpenAPI offline', 'api' => 'DescribeInstanceCompatible'], + ], + 'createdAt' => '2021-12-28T04:35:06.000Z', + 'description' => 'WAF新版本API', + ], + ], + 'flowControl' => [ + 'flowControlList' => [ + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomain'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CopyDefenseTemplate'], + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'UntagResources'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplateValidGroups'], + ['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormalDomainStatistic'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceGroup'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopResource'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroup'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStoreStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePunishedDomains'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMajorProtectionBlackIp'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserSlsLogRegions'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveDetectionResult'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecAbnormals'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveRequestLog'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePauseProtectionStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleGroups'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyTemplateResources'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateApiExport'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMajorProtectionBlackIps'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTopNMetric'], + ['threshold' => '150', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResourceAccessPortDetails'], + ['threshold' => '35', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSensitiveDomainStatistic'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleCache'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateHybridCloudGroup'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecLogDelivery'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsLogStores'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeInstance'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudSdkPullinStatus'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecEvents'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecAbnormals'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplate'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudUser'], + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagValues'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMemberAccount'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUrl'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsProjects'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudResources'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResponseCodeTrendGraph'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ClearMajorProtectionBlackIp'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseTemplate'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsAuthStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRule'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCloudResource'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormals'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDetail'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudClusterBypassStatus'], + ['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMajorProtectionBlackIp'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertDetail'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResource'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseResourceGroup'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMemberAccount'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecUserOperations'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMemberAccounts'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'SyncProductInstance'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserApiRequest'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserAbnormalTrend'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteCloudResource'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudGroups'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDomain'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResources'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseRule'], + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'TagResources'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTimeSeriesMetric'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveApiStatistic'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAssetTrend'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResources'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeAccountDelegatedStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplate'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceNames'], + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagResources'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopTuleType'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplateStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceRegionId'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMemberAccounts'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDDoSStatus'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDNSRecord'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseRule'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyCloudResource'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyResourceLogStatus'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowChart'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCerts'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroup'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseTemplate'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecApiResources'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUa'], + ['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProductInstances'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyPauseProtectionStatus'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseResourceGroup'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserWafLogStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionResources'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMajorProtectionBlackIp'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceLogStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecApiResource'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefaultHttps'], + ['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagKeys'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionGroups'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudServer'], + ['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResources'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroupShrinkServer'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRule'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRules'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserEventType'], + ['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeWafSourceIpSegment'], + ['threshold' => '100', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceXff'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePeakTrend'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomains'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreatePostpaidInstance'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroupNames'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopUrl'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitUas'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopRuleId'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResourceCount'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopResource'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecLogDeliveries'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourcePort'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroups'], + ['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplates'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceInstanceCerts'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStore'], + ['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitTopIp'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomainPunishStatus'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceTemplates'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopClientIp'], + ['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecEventDomainStatistic'], + ['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDomain'], + ['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceSupportRegions'], + ], + ], + 'ram' => [ + 'productCode' => 'WAFV3', + 'productName' => 'Web Application Firewall', + 'ramCodes' => ['yundun-waf'], + 'ramLevel' => 'RESOURCE', + 'ramConditions' => [ + [ + 'name' => 'acs:ResourceGroupId', + 'schema' => ['type' => 'String', 'description' => '资源组ID'], + ], + ], + 'ramActions' => [ + [ + 'apiName' => 'DescribeApisecAbnormalDomainStatistic', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecAbnormalDomainStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'write', - 'systemTags' => [ + [ + 'apiName' => 'DescribeRuleHitsTopClientIp', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopClientIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyHybridCloudCluster', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudCluster', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateCerts', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCerts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribePauseProtectionStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePauseProtectionStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseResourceGroup', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSensitiveRequestLog', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveRequestLog', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteCloudResource', + 'description' => '', 'operationType' => 'delete', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '164020', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteCloudResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'title' => '地域', - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', + [ + 'apiName' => 'ModifyHybridCloudGroup', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceType', - 'in' => 'query', - 'schema' => [ - 'title' => '资源类型', - 'description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ALIYUN::WAF::DEFENSERESOURCE', + ], + [ + 'apiName' => 'ModifyApisecStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'All', - 'in' => 'query', - 'schema' => [ - 'title' => '是否全部删除,只针对TagKey.N为空时有效。 取值范围: true false True False 默认是 false', - 'description' => 'Specifies whether to remove all tags from the specified resource groups or members. Valid values:'."\n" - ."\n" - .'* false (default)'."\n" - .'* true'."\n", - 'type' => 'boolean', - 'required' => false, - 'example' => 'false', + ], + [ + 'apiName' => 'ModifyApisecAbnormals', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecAbnormals', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceId', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'title' => '资源ID,最多50个子项', - 'description' => 'The resource IDs. You can specify up to 50 resource IDs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The resource ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demo.xxxxaliyundoc.com-waf', - ], - 'required' => true, - 'maxItems' => 51, + ], + [ + 'apiName' => 'ModifyTemplateResources', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyTemplateResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'TagKey', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'title' => '标签键,最多20个子项', - 'description' => 'The tag keys. You can specify up to 20 tag keys.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The tag key.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demoTagKey', - ], - 'required' => false, - 'maxItems' => 21, + ], + [ + 'apiName' => 'DescribeApisecSlsProjects', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSlsProjects', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '7A4B8DB1-A8B0-5362-A65D-6A55****07C5', - ], - ], - 'description' => '', + [ + 'apiName' => 'CreateDefenseRule', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + [ + 'apiName' => 'CreateHybridCloudGroup', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateHybridCloudGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7A4B8DB1-A8B0-5362-A65D-6A55****07C5\\"\\n}","type":"json"}]', - 'title' => 'UntagResources', - ], - 'ListTagResources' => [ - 'summary' => 'Queries the tags that are added to a resource.', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'DescribeApisecEventDomainStatistic', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecEventDomainStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + [ + 'apiName' => 'DescribeApisecMatchedHosts', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecMatchedHosts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'CreateMemberAccounts', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateMemberAccounts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'read', - 'systemTags' => [ + [ + 'apiName' => 'DescribeDefenseResourceOwnerUid', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceOwnerUid', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteAddress', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteAddress', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteCloudResourceExtensionCert', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteCloudResourceExtensionCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeVisitTopIp', + 'description' => '', 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '164021', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeVisitTopIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'title' => '地域', - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', + [ + 'apiName' => 'DescribeCommonLogFields', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCommonLogFields', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'NextToken', - 'in' => 'query', - 'schema' => [ - 'title' => '下一个查询开始Token', - 'description' => 'The pagination token that is used in the next request to retrieve a new page of results.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'caeba0bbb2be03f84eb48b699f0*****', + ], + [ + 'apiName' => 'DescribeDefenseResourceTemplates', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceTemplates', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceType', - 'in' => 'query', - 'schema' => [ - 'title' => '资源类型', - 'description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ALIYUN::WAF::DEFENSERESOURCE', + ], + [ + 'apiName' => 'DescribeHybridCloudUser', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudUser', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceId', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'title' => '资源ID,最多 50个子项', - 'description' => 'The resource IDs. You can specify up to 50 resource IDs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The resource ID.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demo.xxxaliyundoc.com-waf', - ], - 'required' => false, - 'maxItems' => 51, + ], + [ + 'apiName' => 'DescribeApisecStatistics', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecStatistics', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'Tag', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'title' => '标签列表,最多包含20个子项', - 'description' => 'The tags that are added to the resource.'."\n", - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'title' => '标签键', - 'description' => 'The key of tag N that is added to the resource. Valid values of N: 1 to 20.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'Tagkey1', - ], - 'Value' => [ - 'title' => '标签值', - 'description' => 'The value of tag N that is added to the resource. Valid values of N: 1 to 20.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'TagValue1', - ], - ], - 'required' => false, - ], - 'required' => false, - 'maxItems' => 21, + ], + [ + 'apiName' => 'DescribeRuleHitsTopResource', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'NextToken' => [ - 'title' => '下一个查询开始Token,NextToken为空说明没有下一个', - 'description' => 'A pagination token. It can be used in the next request to retrieve a new page of results. If NextToken is empty, no next page exists.'."\n", - 'type' => 'string', - 'example' => 'caeba0bbb2be03f84eb48b699f0*****', - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '716E64DA-044F-51C7-B528-2FBF****AE4F', - ], - 'TagResources' => [ - 'title' => '资源列表', - 'description' => 'The list of resources.'."\n", - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'ResourceType' => [ - 'title' => '资源类型', - 'description' => 'The type of the resource. ALIYUN::WAF::DEFENSERESOURCE is returned.'."\n", - 'type' => 'string', - 'example' => 'ALIYUN::WAF::DEFENSERESOURCE', - ], - 'TagValue' => [ - 'title' => '标签值', - 'description' => 'The value of tag N that is added to the resource.'."\n", - 'type' => 'string', - 'example' => 'TayValue1', - ], - 'ResourceId' => [ - 'title' => '资源ID', - 'description' => 'The resource ID.'."\n", - 'type' => 'string', - 'example' => 'c754d2a4-28f1-46df-b557-9586173a****', - ], - 'TagKey' => [ - 'title' => '标签键', - 'description' => 'The key of tag N that is added to the resource.'."\n", - 'type' => 'string', - 'example' => 'TagKey1', - ], - ], - ], - ], - ], - 'description' => '', + [ + 'apiName' => 'DescribeDefenseSceneConfig', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseSceneConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteDefenseRule', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + [ + 'apiName' => 'DescribePeakTrend', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePeakTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"RequestId\\": \\"716E64DA-044F-51C7-B528-2FBF****AE4F\\",\\n \\"TagResources\\": [\\n {\\n \\"ResourceType\\": \\"ALIYUN::WAF::DEFENSERESOURCE\\",\\n \\"TagValue\\": \\"TayValue1\\",\\n \\"ResourceId\\": \\"c754d2a4-28f1-46df-b557-9586173a****\\",\\n \\"TagKey\\": \\"TagKey1\\"\\n }\\n ]\\n}","type":"json"}]', - 'title' => 'ListTagResources', - ], - 'ListTagValues' => [ - 'summary' => 'Queries the tag values of a tag key.', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'DescribeDefenseRule', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + [ + 'apiName' => 'DescribeThreatEventTopMetric', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeThreatEventTopMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'ModifyDefenseTemplateStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseTemplateStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'read', - 'systemTags' => [ + [ + 'apiName' => 'DescribeDomainDetail', + 'description' => '', 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '164272', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainDetail', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}-waf'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'NextToken', - 'in' => 'query', - 'schema' => [ - 'title' => '下一个查询开始Token', - 'description' => 'The pagination token that is used in the next request to retrieve a new page of results.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n", + [ + 'apiName' => 'DescribeSecurityEventTopNMetric', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSecurityEventTopNMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceType', - 'in' => 'query', - 'schema' => [ - 'title' => '资源类型', - 'description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ALIYUN::WAF::DEFENSERESOURCE', + ], + [ + 'apiName' => 'ModifyDomainCert', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomainCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> Obtain the ID of the WAF instance by calling the [DescribeInstance](~~433756~~) operation.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-lbj****x10g', + ], + [ + 'apiName' => 'DescribeDefenseTemplateValidGroups', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplateValidGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'Key', - 'in' => 'query', - 'schema' => [ - 'description' => 'The tag key.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'demoKey', + ], + [ + 'apiName' => 'DeleteLogDeliveryConfig', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The region of the WAF instance. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', - 'title' => '', + ], + [ + 'apiName' => 'DescribeNetworkFlowTimeSeriesMetric', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeNetworkFlowTimeSeriesMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzwwk****cv5i', + ], + [ + 'apiName' => 'DescribeUserSlsLogRegions', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserSlsLogRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'NextToken' => [ - 'title' => '下一个查询开始Token,NextToken为空说明没有下一个', - 'description' => 'A pagination token. It can be used in the next request to retrieve a new page of results. If NextToken is empty, no next page exists.'."\n", - 'type' => 'string', - 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n", - ], - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '705114BB-EAEF-5CC4-8837-F1D4****BB5B', - ], - 'Values' => [ - 'title' => '资源列表', - 'description' => 'The tag values.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The tag value.'."\n", - 'type' => 'string', - 'example' => 'TagValue1', - ], - ], - ], - 'description' => '', + [ + 'apiName' => 'DescribeVisitUas', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeVisitUas', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + [ + 'apiName' => 'DescribeRuleHitsTopUrl', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopUrl', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\\\n\\",\\n \\"RequestId\\": \\"705114BB-EAEF-5CC4-8837-F1D4****BB5B\\",\\n \\"Values\\": [\\n \\"TagValue1\\"\\n ]\\n}","type":"json"}]', - 'title' => 'ListTagValues', - ], - 'TagResources' => [ - 'summary' => 'Adds tags to resources.', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'CreateCloudResourceExtensionCert', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCloudResourceExtensionCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + [ + 'apiName' => 'DescribeHybridCloudServerRegions', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudServerRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'ModifyApisecModuleStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecModuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'write', - 'systemTags' => [ + [ + 'apiName' => 'DescribeFlowChart', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFlowChart', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDefenseSceneConfig', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseSceneConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDefenseRuleStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseRuleStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecLogDeliveries', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecLogDeliveries', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeLogDeliveryConfig', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeBaseSystemRules', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBaseSystemRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeResourceSupportRegions', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceSupportRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'TagResources', + 'description' => '', 'operationType' => 'create', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '164018', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', + 'ramAction' => [ + 'action' => 'yundun-waf:TagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'title' => '地域', - 'description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: Chinese mainland.'."\n" - .'* **ap-southeast-1**: Outside the Chinese mainland.', - 'type' => 'string', - 'required' => true, - 'example' => 'cn-hangzhou', + [ + 'apiName' => 'CreateDefenseTemplate', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceType', - 'in' => 'query', - 'schema' => [ - 'title' => '资源类型', - 'description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'ALIYUN::WAF::DEFENSERESOURCE', + ], + [ + 'apiName' => 'DescribeApisecEventDetail', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecEventDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceId', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'title' => '资源ID,最多 50个子项', - 'description' => 'The IDs of the resources. You can specify up to 50 resource IDs.'."\n", - 'type' => 'array', - 'items' => [ - 'description' => 'The ID of the resource.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demo.xxxaliyundoc.com-waf', - ], - 'required' => true, - 'maxItems' => 51, + ], + [ + 'apiName' => 'CreateSM2Cert', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateSM2Cert', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'Tag', - 'in' => 'query', - 'style' => 'repeatList', - 'schema' => [ - 'title' => '标签列表,最多包含20个子项', - 'description' => 'The tags to add to the resource.'."\n", - 'type' => 'array', - 'items' => [ - 'type' => 'object', - 'properties' => [ - 'Key' => [ - 'title' => '标签键', - 'description' => 'The key of tag N to add to the resource. Valid values of N: 1 to 20.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demoTagKey', - ], - 'Value' => [ - 'title' => '标签值', - 'description' => 'The value of tag N to add to the resource. Valid values of N: 1 to 20.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'demoTagValue', - ], - ], - 'required' => false, - ], - 'required' => true, - 'maxItems' => 21, + ], + [ + 'apiName' => 'DescribeBaseRuleChangeLog', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBaseRuleChangeLog', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The request ID.'."\n", - 'type' => 'string', - 'example' => '57F8460F-8A62-5D79-8ED5-653C****0C6B', - ], - ], - 'description' => '', + [ + 'apiName' => 'DescribeCustomBaseRuleCompileResult', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCustomBaseRuleCompileResult', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'staticInfo' => [ - 'returnType' => 'synchronous', + [ + 'apiName' => 'DescribeUserEventType', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserEventType', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"57F8460F-8A62-5D79-8ED5-653C****0C6B\\"\\n}","type":"json"}]', - 'title' => 'TagResources', - ], - 'DescribeChargeResult' => [ - 'summary' => '查询WAF计价模块的计价结果', - 'methods' => [ - 'get', - 'post', + [ + 'apiName' => 'CreateCloudResource', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateCloudResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], + ], ], - 'schemes' => [ - 'https', + [ + 'apiName' => 'DescribeDefenseResourceGroups', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'DeleteApisecEvents', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteApisecEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'read', - 'systemTags' => [ + [ + 'apiName' => 'DescribeApisecRules', + 'description' => '', 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '255326', - 'abilityTreeNodes' => [ - 'FEATUREwafA15E7F', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], - 'tenantRelevance' => 'publicInformation', ], - 'parameters' => [ - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + [ + 'apiName' => 'ModifyUserWafLogStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyUserWafLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + ], + [ + 'apiName' => 'DescribeUserAbnormalTrend', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserAbnormalTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'PayType', - 'in' => 'query', - 'schema' => [ - 'title' => '实例的付费类型。取值:'."\n" - .'- **POSTPAY**:表示按量付费 WAF 实例。', - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'POSTPAY', + ], + [ + 'apiName' => 'DeleteApisecAbnormals', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteApisecAbnormals', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ChargeCycle', - 'in' => 'query', - 'schema' => [ - 'title' => '计算的周期,取值:'."\n" - .'- **Year**:表示计算1年的计费结果。'."\n" - .'- **Month**:表示计算1个月的计费结果。'."\n" - .'- **Day**:表示计算1天的计费结果。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'Day', - 'default' => 'Day', + ], + [ + 'apiName' => 'ModifyHybridCloudSdkPullinStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudSdkPullinStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ChargeModules', - 'in' => 'query', - 'style' => 'flat', - 'schema' => [ - 'title' => '需要计算的计费模块信息。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'ModuleCode' => [ - 'title' => '计价模块标识。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'domainCount', - ], - 'Usage' => [ - 'title' => '计价模块的用量。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'required' => false, - 'example' => '10', - ], - ], - 'required' => false, - ], - 'required' => true, + ], + [ + 'apiName' => 'ListTagResources', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:ListTagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'title' => '本次请求的ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'TotalSeCu' => [ - 'title' => '计算的计价模块中的SeCU总数量。', - 'description' => '', - 'type' => 'number', - 'format' => 'double', - 'example' => '1080', - ], - 'ModuleDetails' => [ - 'title' => '计价模块的计算结果信息。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '单个计价模块的计算结果信息。', - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'ModuleCode' => [ - 'title' => '计价模块标识。', - 'description' => '', - 'type' => 'string', - 'example' => 'domainCount', - ], - 'SeCu' => [ - 'title' => '计价模块的SeCU数量。', - 'description' => '', - 'type' => 'number', - 'format' => 'double', - 'example' => '1080', - ], - ], - ], - ], - ], + [ + 'apiName' => 'DescribeApiExports', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApiExports', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"TotalSeCu\\": 1080,\\n \\"ModuleDetails\\": [\\n {\\n \\"ModuleCode\\": \\"domainCount\\",\\n \\"SeCu\\": 1080\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeChargeModule' => [ - 'summary' => '查询WAF计价模块信息', - 'methods' => [ - 'get', - 'post', + [ + 'apiName' => 'ModifyApisecEvents', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'https', + [ + 'apiName' => 'DescribeApisecApiResources', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecApiResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'DescribeAlarmBanner', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAlarmBanner', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'read', - 'systemTags' => [ + [ + 'apiName' => 'DescribeSensitiveRequests', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveRequests', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeUserEventTrend', + 'description' => '', 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '255326', - 'abilityTreeNodes' => [ - 'FEATUREwafA15E7F', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserEventTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], - 'tenantRelevance' => 'publicInformation', ], - 'parameters' => [ - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'title' => 'WAF实例所属地域。取值:'."\n" - ."\n" - .'- **cn-hangzhou**:表示中国内地。'."\n" - ."\n" - .'- **ap-southeast-1**:表示非中国内地。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + [ + 'apiName' => 'DescribePocFunctions', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePocFunctions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'title' => '阿里云资源组ID。', - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + ], + [ + 'apiName' => 'DescribeHybridCloudSupportRegions', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudSupportRegions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'PayType', - 'in' => 'query', - 'schema' => [ - 'title' => '实例的付费类型。取值:'."\n" - .'- **POSTPAY**:表示按量付费 WAF 实例。'."\n", - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'POSTPAY', + ], + [ + 'apiName' => 'DescribeTemplateResources', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeTemplateResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'title' => '本次请求的ID。', - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - 'ChargeModules' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'ModuleCode' => [ - 'title' => '计费模块标识。', - 'description' => '', - 'type' => 'string', - 'example' => 'domainCount', - ], - 'PeriodType' => [ - 'title' => '计费模块的计费类型,取值:'."\n" - .'- **Hour**:表示小时计费。', - 'description' => '', - 'type' => 'string', - 'example' => 'Hour', - ], - 'UsageType' => [ - 'title' => '计费模块的计费单位,取值:'."\n" - .'- **template**:表示模版。'."\n" - .'- **qps**:表示qps。'."\n" - .'- **domain**:表示域名。'."\n" - .'- **rule**:表示规则。'."\n" - .'- **resource**:表示防护对象。'."\n" - .'- **reqest**:表示请求。'."\n" - .'- **function**:表示功能启用。'."\n", - 'description' => '', - 'type' => 'string', - 'example' => 'domain', - ], - 'UsageUnitFactor' => [ - 'title' => '计费模块的计费单位系数。', - 'description' => '', - 'type' => 'integer', - 'format' => 'int32', - 'example' => '1', - ], - 'ChargeMode' => [ - 'title' => '计费模块的定价模式,取值:'."\n" - .'- **NORMAL_PRICE**:表示阶梯定价。'."\n" - .'- **STEP_ACCUMULATION**:表示阶梯定价。', - 'description' => '', - 'type' => 'string', - 'example' => 'NORMAL_PRICE', - ], - 'ChargeModeDetails' => [ - 'title' => '计费模块的定价详细信息。', - 'description' => '', - 'type' => 'array', - 'items' => [ - 'title' => '计费模块的定价详细信息,以一系列参数构造的 JSON 格式转化成字符串。', - 'description' => '', - 'type' => 'string', - 'example' => '{'."\n" - .'"cu": 5.0,'."\n" - .'"range": {'."\n" - .'"type": "lcrc", '."\n" - .' "min": "2",'."\n" - .' "max": "10"'."\n" - .' }'."\n" - .'}', - ], - ], - ], - ], - ], - ], + [ + 'apiName' => 'ReleaseInstance', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:ReleaseInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"ChargeModules\\": [\\n {\\n \\"ModuleCode\\": \\"domainCount\\",\\n \\"PeriodType\\": \\"Hour\\",\\n \\"UsageType\\": \\"domain\\",\\n \\"UsageUnitFactor\\": 1,\\n \\"ChargeMode\\": \\"NORMAL_PRICE\\",\\n \\"ChargeModeDetails\\": [\\n \\"{\\\\n\\\\\\"cu\\\\\\": 5.0,\\\\n\\\\\\"range\\\\\\": {\\\\n\\\\\\"type\\\\\\": \\\\\\"lcrc\\\\\\", \\\\n \\\\\\"min\\\\\\": \\\\\\"2\\\\\\",\\\\n \\\\\\"max\\\\\\": \\\\\\"10\\\\\\"\\\\n }\\\\n}\\"\\n ]\\n }\\n ]\\n}","type":"json"}]', - ], - 'ModifyPauseProtectionStatus' => [ - 'summary' => 'Modifies the protection status of Web Application Firewall (WAF).', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'ListTagKeys', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:ListTagKeys', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + [ + 'apiName' => 'DescribeAccountDelegatedStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAccountDelegatedStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'ModifyLogDeliveryConfig', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'write', - 'systemTags' => [ + [ + 'apiName' => 'DescribeCloudResources', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDefenseTemplate', + 'description' => '', 'operationType' => 'update', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '222985', - 'abilityTreeNodes' => [ - 'FEATUREwafNZKQ0J', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the WAF instance.'."\n" - ."\n" - .'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.'."\n", - 'type' => 'string', - 'required' => true, - 'example' => 'waf-cn-tl32ast****', + [ + 'apiName' => 'DescribeMajorProtectionBlackIps', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeMajorProtectionBlackIps', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'PauseStatus', - 'in' => 'query', - 'schema' => [ - 'description' => 'Specifies whether to pause WAF protection.'."\n" - ."\n" - .'* **0**: does not pause WAF protection. This is the default value.'."\n" - .'* **1**: pauses WAF protection.'."\n", - 'type' => 'integer', - 'format' => 'int32', - 'required' => true, - 'example' => '0', + ], + [ + 'apiName' => 'DescribeApisecSensitiveDomainStatistic', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSensitiveDomainStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The ID of the Alibaba Cloud resource group.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + ], + [ + 'apiName' => 'DescribeVerifyContent', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeVerifyContent', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => 'The region in which the WAF instance is deployed. Valid values:'."\n" - ."\n" - .'* **cn-hangzhou**: the Chinese mainland.'."\n" - .'* **ap-southeast-1**: outside the Chinese mainland.'."\n", - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + ], + [ + 'apiName' => 'DescribeSensitiveOutboundTrend', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveOutboundTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => 'The ID of the request.'."\n", - 'type' => 'string', - 'example' => 'D7861F61-*****-******-D5EB0', - ], - ], - 'description' => '', + [ + 'apiName' => 'ModifyCloudResourceCert', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyCloudResourceCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-*****-******-D5EB0\\"\\n}","type":"json"}]', - 'title' => 'ModifyPauseProtectionStatus', - ], - 'CreatePocFunction' => [ - 'summary' => '开启防护功能POC', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'ModifyUserLogFieldConfig', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyUserLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'https', + [ + 'apiName' => 'ModifyHybridCloudClusterBypassStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudClusterBypassStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'DescribeNetworkFlowTopNMetric', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeNetworkFlowTopNMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'readAndWrite', - 'systemTags' => [ + [ + 'apiName' => 'ModifyDefenseRule', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeTemplateResourceCount', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeTemplateResourceCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecProtectionGroups', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecProtectionGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefaultHttps', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefaultHttps', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseResources', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], + ], + ], + [ + 'apiName' => 'DescribeCloudResourceList', + 'description' => '', + 'operationType' => 'list', + 'additionalActions' => [ + ['action' => 'yundun-waf:DescribeCloudResourceList', 'validationType' => 'conditional'], + ], + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResourceList', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], + [ + 'apiName' => 'DescribeLogDeliveryConfigs', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeLogDeliveryConfigs', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSecurityEventTimeSeriesMetric', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSecurityEventTimeSeriesMetric', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudProcessMonitor', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudProcessMonitor', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSecurityEventLogs', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSecurityEventLogs', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateApiExport', + 'description' => '', 'operationType' => 'create', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '231682', - 'abilityTreeNodes' => [ - 'FEATUREwafH82E50', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateApiExport', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****', + [ + 'apiName' => 'ModifyMemberAccount', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyMemberAccount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'Type', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'botWeb', + ], + [ + 'apiName' => 'DescribeRelatedDefenseRules', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRelatedDefenseRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + ], + [ + 'apiName' => 'ModifyCloudResource', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyCloudResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + ], + [ + 'apiName' => 'DescribeSlsLogStore', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSlsLogStore', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', - ], - ], + [ + 'apiName' => 'CreateLogDeliveryConfig', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateLogDeliveryConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]', - ], - 'DescribePocFunctions' => [ - 'summary' => '查询开启POC的功能信息', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'DescribeFreeUserEventCount', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserEventCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'https', + [ + 'apiName' => 'DescribeResourceLogStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'UntagResources', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:UntagResources', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], ], ], - 'operationType' => 'read', - 'systemTags' => [ + [ + 'apiName' => 'DescribeApisecAssetTrend', + 'description' => '', 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '231693', - 'abilityTreeNodes' => [ - 'FEATUREwafH82E50', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecAssetTrend', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_cdnsdf3****'."\n", + [ + 'apiName' => 'CopyDefenseTemplate', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CopyDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + ], + [ + 'apiName' => 'DescribeDefenseRules', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + ], + [ + 'apiName' => 'DescribeBotRuleLabels', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBotRuleLabels', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '1557B42F-B889-460A-B17F-1DE5C5AD7FF2', - ], - 'Functions' => [ - 'description' => '', - 'type' => 'array', - 'items' => [ - 'description' => '', - 'type' => 'object', - 'properties' => [ - 'Type' => [ - 'description' => '', - 'type' => 'string', - 'example' => 'botWeb', - ], - 'ExpireTime' => [ - 'description' => '', - 'type' => 'integer', - 'format' => 'int64', - 'example' => '1760581677000', - ], - ], - ], - ], - ], + [ + 'apiName' => 'DescribeCloudResourceAccessPortDetails', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResourceAccessPortDetails', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1557B42F-B889-460A-B17F-1DE5C5AD7FF2\\",\\n \\"Functions\\": [\\n {\\n \\"Type\\": \\"botWeb\\",\\n \\"ExpireTime\\": 1760581677000\\n }\\n ]\\n}","type":"json"}]', - ], - 'DescribeRoleAuthStatus' => [ - 'summary' => '查询授权状态', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'VerifyDomainOwner', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:VerifyDomainOwner', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + [ + 'apiName' => 'DescribeUserAbnormalType', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserAbnormalType', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'CreateMajorProtectionBlackIp', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'operationType' => 'read', - 'systemTags' => [ + [ + 'apiName' => 'DescribeChargeModule', + 'description' => '', 'operationType' => 'get', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeChargeModule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + [ + 'apiName' => 'ModifyDomain', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-aekzhalsanv***', + ], + [ + 'apiName' => 'DescribeFreeUserEventTypes', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserEventTypes', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'headers' => [], - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '79ECBB08-079C-57C5-A676-***', - ], - 'AuthStatus' => [ - 'description' => '', - 'type' => 'boolean', - 'example' => 'true', - ], - ], + [ + 'apiName' => 'DescribeFreeUserEvents', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"79ECBB08-079C-57C5-A676-***\\",\\n \\"AuthStatus\\": true\\n}","type":"json"}]', - ], - 'InitializeWafOperationRole' => [ - 'summary' => '创建WAF服务关联角色', - 'methods' => [ - 'post', - 'get', + [ + 'apiName' => 'ModifyHybridCloudGroupShrinkServer', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudGroupShrinkServer', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'schemes' => [ - 'http', - 'https', + [ + 'apiName' => 'DescribeResourceLogDeliveryStatus', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceLogDeliveryStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], ], - 'security' => [ - [ - 'AK' => [], + [ + 'apiName' => 'CreateDefenseResource', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], ], ], - 'operationType' => 'write', - 'systemTags' => [ + [ + 'apiName' => 'DescribeHybridCloudUnsupportPorts', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudUnsupportPorts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecAbnormals', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecAbnormals', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeResourceInstanceCerts', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceInstanceCerts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribePostpayBills', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePostpayBills', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeChargeResult', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeChargeResult', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSensitiveStatistic', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecSuggestions', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSuggestions', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateDomain', + 'description' => '', 'operationType' => 'create', - 'riskType' => 'none', - 'chargeType' => 'free', - 'abilityTreeCode' => '113863', - 'abilityTreeNodes' => [ - 'FEATUREwafHU8RSD', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ], ], ], - 'parameters' => [ - [ - 'name' => 'InstanceId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => true, - 'example' => 'waf_v2_public_cn-***', + [ + 'apiName' => 'DescribeCerts', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCerts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'RegionId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'cn-hangzhou', - 'default' => 'cn-hangzhou', + ], + [ + 'apiName' => 'DeleteMajorProtectionBlackIp', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], - [ - 'name' => 'ResourceManagerResourceGroupId', - 'in' => 'query', - 'schema' => [ - 'description' => '', - 'type' => 'string', - 'required' => false, - 'example' => 'rg-acfm***q', + ], + [ + 'apiName' => 'DescribeInstance', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responses' => [ - 200 => [ - 'schema' => [ - 'type' => 'object', - 'properties' => [ - 'RequestId' => [ - 'description' => '', - 'type' => 'string', - 'example' => '4EC9EA6C-F80A-5D25-A8F7-***', - ], - ], + [ + 'apiName' => 'DescribeDefenseRuleStatistics', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseRuleStatistics', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'errorCodes' => [ - 400 => [ - [ - 'errorCode' => 'RoleAlreadyExists', - 'errorMessage' => 'Service Linked Role Already Exists.', + [ + 'apiName' => 'DescribeBotAppKey', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeBotAppKey', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], ], - [ - 'errorCode' => 'NoPermissonCreatesServiceLinkedRole', - 'errorMessage' => 'No Permisson Create Service Linked Role.', + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeUserTraffic', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserTraffic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ListTagValues', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:ListTagValues', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeAbnormalCloudResources', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAbnormalCloudResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeElasticBills', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeElasticBills', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyApisecLogDelivery', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecLogDelivery', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ChangeResourceGroup', + 'description' => '', + 'operationType' => 'update', + 'additionalActions' => [ + ['action' => 'yundun-waf:ChangeResourceGroup', 'validationType' => 'always'], + ], + 'ramAction' => [ + 'action' => 'yundun-waf:ChangeResourceGroup', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], + [ + 'apiName' => 'DescribePunishedDomains', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePunishedDomains', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecEvents', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecEvents', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeCnameCount', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCnameCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeRuleHitsTopRuleId', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopRuleId', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyResourceLogFieldConfig', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyResourceLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseTemplates', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplates', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeUserLogFieldConfig', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeRuleHitsTopUa', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopUa', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteHybridCloudGroup', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteHybridCloudGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateHybridCloudCluster', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateHybridCloudCluster', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSensitiveDetectionResult', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveDetectionResult', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeCloudResourceAccessedPorts', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCloudResourceAccessedPorts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeAddresses', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAddresses', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDefaultHttps', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefaultHttps', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteDefenseResource', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], + [ + 'apiName' => 'DescribeThreatEvent', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeThreatEvent', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomains', + 'description' => '', + 'operationType' => 'get', + 'additionalActions' => [ + ['action' => 'yundun-waf:DescribeDomains', 'validationType' => 'conditional'], + ], + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomains', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudClusterServers', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusterServers', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDefenseRuleCache', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseRuleCache', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeUserApiRequest', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserApiRequest', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecUserOperations', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecUserOperations', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateDefenseResourceGroup', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSlsLogStoreStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSlsLogStoreStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudProtectableCount', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudProtectableCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeMemberAccounts', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeMemberAccounts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreatePostpaidInstance', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreatePostpaidInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseResource', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResource', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], + [ + 'apiName' => 'DeleteDefenseTemplate', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudResourceDetail', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudResourceDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteDomain', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDomain', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'], + ], + ], + ], + [ + 'apiName' => 'ClearAddress', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:ClearAddress', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDefenseResourceGroup', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyResourceLogStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyResourceLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeWafSourceIpSegment', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeWafSourceIpSegment', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeRuleHitsTopTuleType', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleHitsTopTuleType', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyHybridCloudClusterRule', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudBasicMonitor', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudBasicMonitor', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteMemberAccount', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteMemberAccount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDDoSStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDDoSStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyApisecLogDeliveryStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecLogDeliveryStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudUnassignedMachines', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudUnassignedMachines', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseTemplate', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplate', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeThreatEventDetail', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeThreatEventDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyHybridCloudServer', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudServer', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeFreeUserAssetCount', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFreeUserAssetCount', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'SyncProductInstance', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:SyncProductInstance', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDefenseResourceXff', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDefenseResourceXff', + 'authLevel' => 'resource', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomainUsedPorts', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainUsedPorts', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeUserAsset', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserAsset', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecProtectionResources', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecProtectionResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecSlsLogStores', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecSlsLogStores', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseResourceGroupNames', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceGroupNames', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyHybridCloudGroupExpansionServer', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyHybridCloudGroupExpansionServer', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudClusterRule', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSensitiveOutboundStatistic', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveOutboundStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreateHybridCloudClusterRule', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreateHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ClearMajorProtectionBlackIp', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:ClearMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteHybridCloudClusterRule', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteHybridCloudClusterRule', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'InitializeWafOperationRole', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:InitializeWafOperationRole', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudSdkServers', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudSdkServers', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSensitiveApiStatistic', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveApiStatistic', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyApisecApiResource', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyApisecApiResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeProductInstances', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeProductInstances', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeResponseCodeTrendGraph', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResponseCodeTrendGraph', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudClusterRules', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusterRules', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudResources', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeRuleGroups', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRuleGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeUserWafLogStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeUserWafLogStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeResourceRegionId', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceRegionId', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeApisecExamples', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeApisecExamples', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'CreatePocFunction', + 'description' => '', + 'operationType' => 'create', + 'ramAction' => [ + 'action' => 'yundun-waf:CreatePocFunction', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeRoleAuthStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeRoleAuthStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeResourcePort', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourcePort', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyCloudResourceDefaultCert', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyCloudResourceDefaultCert', + 'authLevel' => 'operate', + 'actionConditions' => [], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDomainDNSRecord', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDomainDNSRecord', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ReCreateCloudResource', + 'description' => '', + 'operationType' => 'none', + 'ramAction' => [ + 'action' => 'yundun-waf:ReCreateCloudResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseTemplateValidResources', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseTemplateValidResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribePrepayDailyBills', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribePrepayDailyBills', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudClusters', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudClusters', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeFlowTopUrl', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFlowTopUrl', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'AddAddress', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:AddAddress', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyPauseProtectionStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyPauseProtectionStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteDefenseRuleBlockIp', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseRuleBlockIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeIpAbroadCountryInfos', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeIpAbroadCountryInfos', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeAlarmList', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeAlarmList', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyDomainPunishStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyDomainPunishStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSensitiveOutboundDistribution', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSensitiveOutboundDistribution', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseGroupValidResources', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseGroupValidResources', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeFlowTopResource', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeFlowTopResource', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyResourceLogDeliveryStatus', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyResourceLogDeliveryStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeResourceLogFieldConfig', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeResourceLogFieldConfig', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeHybridCloudGroups', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeHybridCloudGroups', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'ModifyMajorProtectionBlackIp', + 'description' => '', + 'operationType' => 'update', + 'ramAction' => [ + 'action' => 'yundun-waf:ModifyMajorProtectionBlackIp', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeCertDetail', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeCertDetail', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DeleteDefenseResourceGroup', + 'description' => '', + 'operationType' => 'delete', + 'ramAction' => [ + 'action' => 'yundun-waf:DeleteDefenseResourceGroup', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeDefenseResourceNames', + 'description' => '', + 'operationType' => 'list', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeDefenseResourceNames', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], + ], + ], + ], + [ + 'apiName' => 'DescribeSlsAuthStatus', + 'description' => '', + 'operationType' => 'get', + 'ramAction' => [ + 'action' => 'yundun-waf:DescribeSlsAuthStatus', + 'authLevel' => 'operate', + 'actionConditions' => [ + ['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'], + ], + 'resources' => [ + ['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'], ], ], ], - 'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4EC9EA6C-F80A-5D25-A8F7-***\\"\\n}","type":"json"}]', - ], - ], - 'endpoints' => [ - [ - 'regionId' => 'cn-hangzhou', - 'endpoint' => 'wafopenapi.cn-hangzhou.aliyuncs.com', ], - [ - 'regionId' => 'ap-southeast-1', - 'endpoint' => 'wafopenapi.ap-southeast-1.aliyuncs.com', + 'resourceTypes' => [ + ['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'], + ['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'], + ['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}-waf'], + ['validationType' => 'always', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'], + ['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'], ], ], ]; |
