'1.0',
'info' => ['style' => 'RPC', 'product' => 'waf-openapi', 'version' => '2021-10-01'],
'directories' => [
[
'children' => ['CreatePostpaidInstance', 'DescribeInstance'],
'type' => 'directory',
'title' => 'Instance information',
],
[
'children' => [
[
'children' => ['DescribeAbnormalCloudResources', 'ReCreateCloudResource', 'SyncProductInstance', 'DescribeCloudResources', 'DescribeResourcePort', 'DescribeProductInstances', 'DescribeResourceSupportRegions', 'DescribeResourceRegionId', 'DescribeResourceInstanceCerts', 'ModifyCloudResource', 'DescribeCloudResourceAccessedPorts', 'DescribeCloudResourceAccessPortDetails', 'ModifyCloudResourceCert', 'DescribeCloudResourceList', 'ModifyCloudResourceDefaultCert', 'DeleteCloudResourceExtensionCert', 'CreateCloudResourceExtensionCert'],
'type' => 'directory',
'title' => 'Cloud service access',
],
[
'children' => ['DescribeDomainUsedPorts', 'ModifyDomain', 'DescribeDomains', 'DescribePunishedDomains', 'ModifyDomainPunishStatus', 'DescribeCertDetail', 'DescribeCerts', 'DescribeDomainDNSRecord', 'DescribeWafSourceIpSegment', 'CreateSM2Cert', 'DescribeCnameCount', 'DescribeDefaultHttps', 'ModifyDefaultHttps', 'CreateCerts', 'VerifyDomainOwner', 'DescribeVerifyContent', 'ModifyDomainCert'],
'type' => 'directory',
'title' => 'CNAME access',
],
[
'children' => ['DescribeHybridCloudResources', 'DescribeHybridCloudProtectableCount'],
'type' => 'directory',
'title' => 'Hybrid cloud access',
],
],
'type' => 'directory',
'title' => 'Access configuration',
],
[
'children' => [
[
'children' => ['CreateDefenseResource', 'DeleteDefenseResource', 'CreateDefenseResourceGroup', 'ModifyDefenseResourceGroup', 'DeleteDefenseResourceGroup', 'DescribeDefenseResourceGroup', 'DescribeDefenseResourceGroups', 'DescribeDefenseResourceGroupNames', 'DescribeDefenseResource', 'DescribeDefenseResources', 'DescribeDefenseResourceNames', 'DescribeDefenseResourceOwnerUid', 'ModifyDefenseResourceXff', 'DescribePauseProtectionStatus', 'DescribeDefenseGroupValidResources'],
'type' => 'directory',
'title' => 'Protected objects',
],
[
'children' => [
'DescribeBaseRuleChangeLog', 'CreateDefenseTemplate', 'ModifyDefenseTemplate', 'ModifyDefenseTemplateStatus', 'CopyDefenseTemplate', 'DeleteDefenseTemplate', 'DescribeDefenseTemplate', 'DescribeDefenseTemplates', 'ModifyTemplateResources', 'DescribeTemplateResources', 'DescribeTemplateResourceCount', 'DescribeDefenseTemplateValidResources', 'DescribeDefenseTemplateValidGroups', 'DescribeDefenseResourceTemplates', 'CreateDefenseRule', 'ModifyDefenseRule', 'ModifyDefenseRuleStatus', 'DeleteDefenseRule', 'DescribeDefenseRules', 'DescribeDefenseRule',
'ModifyDefenseRuleCache', 'DeleteDefenseRuleBlockIp', 'DescribeRelatedDefenseRules', 'DescribeIpAbroadCountryInfos', 'DescribeRuleGroups', 'ModifyDefenseSceneConfig', 'DescribeDefenseSceneConfig', 'DescribeDefenseRuleStatistics', 'DescribeBaseSystemRules', 'DescribeCustomBaseRuleCompileResult', 'DescribeBotRuleLabels', 'DescribeBotAppKey',
],
'type' => 'directory',
'title' => 'Protection rules',
],
[
'children' => ['CreateMajorProtectionBlackIp', 'ModifyMajorProtectionBlackIp', 'DeleteMajorProtectionBlackIp', 'ClearMajorProtectionBlackIp', 'DescribeMajorProtectionBlackIps'],
'type' => 'directory',
'title' => 'Critical event protection',
],
[
'children' => ['AddAddress', 'DescribeAddresses', 'DeleteAddress', 'ClearAddress'],
'type' => 'directory',
'title' => 'Address books',
],
],
'type' => 'directory',
'title' => 'Protection configuration',
],
[
'children' => [
'DeleteApisecAbnormals', 'ModifyApisecAbnormals', 'DescribeApisecAssetTrend', 'DescribeApisecAbnormalDomainStatistic', 'DescribeApisecEventDomainStatistic', 'DescribeApisecSensitiveDomainStatistic', 'ModifyApisecEvents', 'DeleteApisecEvents', 'ModifyApisecLogDeliveryStatus', 'CreateApiExport', 'DescribeApiExports', 'DescribeApisecAbnormals', 'DescribeApisecApiResources', 'ModifyApisecStatus', 'ModifyApisecModuleStatus', 'ModifyApisecApiResource', 'DescribeUserEventType', 'DescribeUserEventTrend', 'DescribeUserAsset', 'DescribeUserApiRequest',
'DescribeUserAbnormalType', 'DescribeUserAbnormalTrend', 'DescribeSensitiveStatistic', 'DescribeSensitiveRequests', 'DescribeSensitiveRequestLog', 'DescribeSensitiveOutboundTrend', 'DescribeSensitiveOutboundStatistic', 'DescribeSensitiveOutboundDistribution', 'DescribeSensitiveDetectionResult', 'DescribeSensitiveApiStatistic', 'DescribeFreeUserEvents', 'DescribeFreeUserEventTypes', 'DescribeFreeUserEventCount', 'DescribeFreeUserAssetCount', 'DescribeApisecUserOperations', 'DescribeApisecSuggestions', 'DescribeApisecStatistics', 'DescribeApisecRules', 'DescribeApisecProtectionResources', 'DescribeApisecProtectionGroups',
'DescribeApisecMatchedHosts', 'DescribeApisecEvents', 'DescribeApisecEventDetail', 'DescribeApisecLogDeliveries', 'DescribeApisecSlsLogStores', 'DescribeApisecSlsProjects', 'ModifyApisecLogDelivery', 'DescribeApisecExamples',
],
'type' => 'directory',
'title' => 'API security',
],
[
'children' => ['DescribeNetworkFlowTimeSeriesMetric', 'DescribeSecurityEventTopNMetric', 'DescribeSecurityEventTimeSeriesMetric', 'DescribeSecurityEventLogs', 'DescribeNetworkFlowTopNMetric', 'DescribeFlowChart', 'DescribePeakTrend', 'DescribeResponseCodeTrendGraph', 'DescribeVisitUas', 'DescribeVisitTopIp', 'DescribeRuleHitsTopResource', 'DescribeRuleHitsTopTuleType', 'DescribeFlowTopResource', 'DescribeFlowTopUrl', 'DescribeThreatEventDetail', 'DescribeThreatEvent', 'DescribeThreatEventTopMetric', 'DescribeAlarmList', 'DescribeAlarmBanner'],
'type' => 'directory',
'title' => 'Report information',
],
[
'children' => ['DescribeUserLogFieldConfig', 'ModifyUserLogFieldConfig', 'DescribeCommonLogFields', 'ModifyUserWafLogStatus', 'DescribeUserWafLogStatus', 'DescribeUserSlsLogRegions', 'DescribeSlsAuthStatus', 'DescribeSlsLogStoreStatus', 'DescribeSlsLogStore', 'ModifyResourceLogStatus', 'DescribeResourceLogStatus', 'CreateLogDeliveryConfig', 'ModifyLogDeliveryConfig', 'DeleteLogDeliveryConfig', 'DescribeLogDeliveryConfig', 'DescribeLogDeliveryConfigs', 'ModifyResourceLogFieldConfig', 'DescribeResourceLogFieldConfig', 'ModifyResourceLogDeliveryStatus', 'DescribeResourceLogDeliveryStatus'],
'type' => 'directory',
'title' => 'Log configuration',
],
[
'children' => [
'DescribeHybridCloudClusterServers', 'DescribeHybridCloudBasicMonitor', 'CreateHybridCloudCluster', 'DescribeHybridCloudServerRegions', 'DescribeHybridCloudUnassignedMachines', 'ModifyHybridCloudClusterBypassStatus', 'DescribeHybridCloudUser', 'DescribeHybridCloudGroups', 'CreateHybridCloudGroup', 'DescribeHybridCloudClusterRule', 'DescribeHybridCloudClusters', 'ModifyHybridCloudClusterRule', 'ModifyHybridCloudGroup', 'ModifyHybridCloudGroupExpansionServer', 'ModifyHybridCloudGroupShrinkServer', 'ModifyHybridCloudSdkPullinStatus', 'ModifyHybridCloudServer', 'DeleteHybridCloudClusterRule', 'CreateHybridCloudClusterRule', 'DescribeHybridCloudClusterRules',
'DescribeHybridCloudProcessMonitor', 'DescribeHybridCloudResourceDetail', 'DescribeHybridCloudSdkServers', 'DescribeHybridCloudSupportRegions', 'DescribeHybridCloudUnsupportPorts', 'DeleteHybridCloudGroup', 'ModifyHybridCloudCluster',
],
'type' => 'directory',
'title' => 'Hybrid cloud cluster management',
],
[
'children' => ['CreateMemberAccounts', 'ModifyMemberAccount', 'DeleteMemberAccount', 'DescribeAccountDelegatedStatus', 'DescribeMemberAccounts'],
'type' => 'directory',
'title' => 'Multi-account management',
],
[
'children' => ['DescribeChargeResult', 'DescribeChargeModule'],
'type' => 'directory',
'title' => 'Pricing inquiry',
],
[
'children' => [
'ModifyPauseProtectionStatus', 'CreatePocFunction', 'DescribePocFunctions', 'DescribeRoleAuthStatus', 'InitializeWafOperationRole', 'DescribeElasticBills', 'DescribePrepayDailyBills', 'DescribeUserTraffic', 'ChangeResourceGroup', 'CreateCloudResource', 'CreateDomain', 'DeleteCloudResource', 'DeleteDomain', 'DescribeDDoSStatus', 'DescribeDomainDetail', 'DescribePostpayBills', 'DescribeRuleHitsTopClientIp', 'DescribeRuleHitsTopRuleId', 'DescribeRuleHitsTopUa', 'DescribeRuleHitsTopUrl',
'ListTagKeys', 'ListTagResources', 'ListTagValues', 'ReleaseInstance', 'TagResources', 'UntagResources',
],
'type' => 'directory',
'title' => 'Others',
],
],
'components' => [
'schemas' => [],
],
'apis' => [
'AddAddress' => [
'summary' => 'Adds addresses to an address book.',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124760',
'abilityTreeNodes' => ['FEATUREwaf4TDPM4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the address book.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''],
],
[
'name' => 'AddressList',
'in' => 'query',
'style' => 'flat',
'schema' => [
'description' => 'The list of addresses to add.',
'type' => 'array',
'items' => ['description' => 'A single address. Supports **IP** addresses or **IP** CIDR blocks, and supports both **IPv4** and **IPv6**.', 'type' => 'string', 'required' => false, 'example' => 'XX.XX.XX.XX', 'title' => ''],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Defense.Control.DefenseAddressInvalid', 'errorMessage' => 'The address in the address book is illegal.', 'description' => 'The address in the address book is illegal.'],
['errorCode' => 'Defense.Control.DefenseAddressOversize', 'errorMessage' => 'The number of addresses in the address book exceeds the limit.', 'description' => 'The number of addresses in the address book exceeds the limit.'],
['errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'errorMessage' => 'Address book operations are too frequent.', 'description' => 'Address book operations are too frequent. Please try again later.'],
],
],
'title' => 'Add addresses to an address book',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:AddAddress',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\"\\n}","type":"json"}]',
],
'ChangeResourceGroup' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '164132',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'ResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF resource to operate on.', 'type' => 'string', 'required' => true, 'example' => 'demo.aliyun.com-waf', 'title' => ''],
],
[
'name' => 'NewResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the new resource group. You can view available resource groups in the resource group console.', 'type' => 'string', 'required' => true, 'example' => 'rg-aek2mcq***', 'title' => ''],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => ['description' => 'The resource type. Fixed value: defenseresource.', 'type' => 'string', 'required' => true, 'example' => 'defenseresource', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'Schema of Response',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '0A916D48-D206-5654-8D37-***'],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'Change resource group',
'summary' => 'Modifies the resource group to which a protected object belongs.',
'changeSet' => [
['createdAt' => '2024-11-13T11:01:28.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ChangeResourceGroup',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
'additionalActions' => [
['action' => 'yundun-waf:ChangeResourceGroup', 'validationType' => 'always'],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0A916D48-D206-5654-8D37-***\\"\\n}","type":"json"}]',
],
'ClearAddress' => [
'summary' => 'Clears all addresses from an address book.',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124760',
'abilityTreeNodes' => ['FEATUREwaf4TDPM4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz****hw0u', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the address book.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '276D7566-31C9-4192-9DD1-51B10D*****', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'errorMessage' => 'Address book operations are too frequent.', 'description' => 'Address book operations are too frequent. Please try again later.'],
],
],
'title' => 'Clear all addresses from an address book',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:ClearAddress',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"276D7566-31C9-4192-9DD1-51B10D*****\\"\\n}","type":"json"}]',
],
'ClearMajorProtectionBlackIp' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124771',
'abilityTreeNodes' => ['FEATUREwaf2KYU04'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '5132', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the IP blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20012033', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The data returned.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ClearMajorProtectionBlackIp',
'summary' => 'Clears the IP blacklist for a critical event protection rule.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ClearMajorProtectionBlackIp'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:ClearMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]',
],
'CopyDefenseTemplate' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'readAndWrite',
'systemTags' => ['operationType' => 'create', 'riskType' => 'none', 'chargeType' => 'free'],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-lbj****x10g', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template that you want to copy.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the newly created protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '12346', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'CopyDefenseTemplate',
'summary' => 'Copies a protection template.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CopyDefenseTemplate'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CopyDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"TemplateId\\": 12346\\n}","type":"json"}]',
],
'CreateApiExport' => [
'summary' => 'Creates an API security data export task.',
'methods' => ['get', 'post'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156330',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zxu3***', 'title' => ''],
],
[
'name' => 'Region',
'in' => 'query',
'schema' => ['description' => 'The language type. Valid values:'."\n"
."\n"
.'- **cn** (default): Chinese.'."\n"
.'- **en**: English.', 'type' => 'string', 'required' => false, 'default' => 'cn', 'example' => 'cn', 'title' => ''],
],
[
'name' => 'ZoneId',
'in' => 'query',
'schema' => ['description' => 'The time zone ID.', 'type' => 'string', 'required' => false, 'example' => 'Asia/Shanghai', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of the export task. Valid values:'."\n"
."\n"
.'- **apisec_api** (default): API asset task.'."\n"
."\n"
.'- **apisec_abnormal**: API risk task.'."\n"
."\n"
.'- **apisec_event**: API security event task.', 'type' => 'string', 'required' => false, 'default' => 'apisec_api', 'example' => 'apisec_api', 'title' => ''],
],
[
'name' => 'Param',
'in' => 'query',
'schema' => ['description' => 'The extended parameters of the export task. You can filter the exported content by specifying conditions. The value is a JSON string constructed from a series of parameters.'."\n"
.'> The specific parameters vary depending on the specified **export task type** (**Type**). For more information, refer to **Export task parameter description**.', 'type' => 'string', 'required' => false, 'example' => '{'."\n"
.' "startTime": 1741449600,'."\n"
.' "endTime": 1744079820,'."\n"
.' "sensitiveLevel": "L1"'."\n"
.'}', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '993', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '62382992-F9AA-52B2-9147-66B3B9E51D74', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Create an API security data export task',
'requestParamsDescription' => '## Export task parameter description.'."\n"
.'### API asset task (**apisec_api**)'."\n"
.'#### Parameter description'."\n"
.'For detailed valid values of the parameters, refer to the parameters with the same names in the [DescribeApisecApiResources](~~DescribeApisecApiResources~~) operation.'."\n"
.'|Name|Type|Example|Description|'."\n"
.'| ----------| ------------ | ---------- | -----------|'."\n"
.'|startTime | Integer|1741449600| The start time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n"
.'| EndTime | Integer|1744097760| The end time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n"
.'| MatchedHost | String|a.aliyun.com| The domain name or IP address to which the API belongs.|'."\n"
.'| ApiFormat | String|/auth/login| The API path.|'."\n"
.'| SensitiveType | String|1004| The type of sensitive data in the response.|'."\n"
.'| ApiStatus | String|OfflineInterface| The status of the API.|'."\n"
.'| Follow | Long|0| Specifies whether the API is followed.|'."\n"
.'| ApiType | String| innerAPI | The service object.|'."\n"
.'| ApiTag | String|SendMail| The business purpose of the API.|'."\n"
.'| SensitiveLevel | String| L3 | The sensitivity level of the API.|'."\n"
.'| ApiMethod | String| POST | The request method of the API.|'."\n"
.'| RequestSensitiveType | String|1004,1005| The type of sensitive information in the request.|'."\n"
.'| AuthFlag | String|0| Specifies whether an authentication field exists.|'."\n"
."\n\n"
.'### API risk task (**apisec_abnormal**)'."\n"
.'#### Parameter description'."\n"
.'For detailed valid values of the parameters, refer to the parameters with the same names in the [DescribeApisecAbnormals](~~DescribeApisecAbnormals~~) operation.'."\n"
.'|Name|Type|Example|Description|'."\n"
.'| ----------| ------------ | ---------- | -----------|'."\n"
.'|startTime | Integer|1741449600| The start time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n"
.'| EndTime | Integer|1744097760| The end time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n"
.'| MatchedHost | String|a.aliyun.com| The domain name or IP address to which the API belongs.|'."\n"
.'| ApiFormat | String|/api/users/login| The API path.|'."\n"
.'| AbnormalLevel | String|medium| The risk level.|'."\n"
.'| AbnormalTag | String| LackOfSpeedLimit | The risk type.|'."\n"
.'| UserStatus | String| Confirmed | The risk status.|'."\n"
.'| Origin | String| custom | The source of the risk type.|'."\n"
.'| ApiTag | String|SendMail| The business purpose of the API.|'."\n"
."\n\n"
.'### API event task (**apisec_event**)'."\n"
.'#### Parameter description'."\n"
.'For detailed valid values of the parameters, refer to the parameters with the same names in the [DescribeApisecEvents](~~DescribeApisecEvents~~) operation.'."\n"
.'|Name|Type|Example|Description|'."\n"
.'| ----------| ------------ | ---------- | -----------|'."\n"
.'| StartTs | Integer|1741449600| The start time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n"
.'| EndTs | Integer|1744097760| The end time of the query. The value is a Unix timestamp (UTC), in seconds.|'."\n"
.'| MatchedHost | String|a.aliyun.com| The domain name or IP address to which the API belongs.|'."\n"
.'| ApiFormat | String|/api/users/login| The API path.|'."\n"
.'| EventLevel | String|medium| The event level.|'."\n"
.'| EventTag | String| ObtainSensitiveUnauthorized | The event type.|'."\n"
.'| UserStatus | String| Confirmed | The event status.|'."\n"
.'| Origin | String| custom | The source of the event type.|'."\n"
.'| ApiTag | String|SendMail| The business purpose of the API.|',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateApiExport'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateApiExport',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"62382992-F9AA-52B2-9147-66B3B9E51D74\\"\\n}","type":"json"}]',
],
'CreateCerts' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '167792',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'CertName',
'in' => 'query',
'schema' => ['description' => 'The certificate name.', 'type' => 'string', 'required' => false, 'example' => 'testrsa1', 'title' => ''],
],
[
'name' => 'CertContent',
'in' => 'query',
'schema' => ['description' => 'The content of the certificate file.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN CERTIFICATE----- 62EcYPWd2****s6MTXcJSfN9Z7rZ9fmxWr2BFN2XbahgnsSXM48ixZJ4krc+1M+j2kcubVpsE2cgHdj4v8H6jUz9Ji4mr7vMNS6dXv8PUkl/qoDeNGCNdyTS5NIL5ir+g92cL8IGOkjgvhlqt9vc65Cgb4mL+n5+DV9uOyTZTW/MojmlgfUekC2xiXa54nxJf17Y1TADGSbyJbsC0Q9nIrHsPl8YKkvRWvIAqYxXZ7wRwWWmv4TMxFhWRiNY7yZIo2ZUhl02S****gIEeg== -----END CERTIFICATE----- ', 'title' => ''],
],
[
'name' => 'CertKey',
'in' => 'query',
'schema' => ['description' => 'The content of the private key file that corresponds to the certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN RSA PRIVATE KEY----- DADTPZoOHd9WtZ3U****RgNQmioPQn2bqdKHop+B/dn/4VZL7Jt8zSDGM9sTMThLyvsmLQKBgQCr+ujntC1kN6pGBj2Fw2l/EA/W3rYEce2tyhjgmG7rZ+A/jVE9fld5sQra6ZdwBcQJaiygoIYoaMF2EjRwc0qwHaluq0C15f6ujSoHh2e+D5zdmkTg/3NKNjqNv6xA2gYpinVDzFdZ9Zujxvuh9o4Vqf0YF8****K5G04RtKadOw== -----END RSA PRIVATE KEY----- ', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-20p****nw01', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5BBA38B1-07AE-559F-8766-AB50****C300', 'title' => ''],
'CertIdentifier' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '123456-cn-hangzhou', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'Upload an international certificate to WAF for cNAME-based access',
'summary' => 'Uploads an international certificate to WAF for CNAME-based access.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateCerts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5BBA38B1-07AE-559F-8766-AB50****C300\\",\\n \\"CertIdentifier\\": \\"123456-cn-hangzhou\\"\\n}","type":"json"}]',
],
'CreateCloudResource' => [
'summary' => 'Connects a cloud service to WAF in cloud native mode. Currently, only ECS and CLB are supported.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226535',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Listen',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The listening configuration.',
'type' => 'object',
'properties' => [
'TLSVersion' => ['description' => 'The TLS version to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
.'- **tlsv1**'."\n"
.'- **tlsv1.1**'."\n"
.'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1', 'title' => ''],
'EnableTLSv3' => ['description' => 'Specifies whether TLS 1.3 is supported. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'CipherSuite' => ['description' => 'The type of cipher suite to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites. This value is available only when **TLSVersion** is set to **tlsv1.2**.'."\n"
."\n"
.'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
'CustomCiphers' => [
'description' => 'The specific custom cipher suites to add. This parameter is used only when **CipherSuite** is set to **99**.',
'type' => 'array',
'items' => ['description' => 'The specific custom cipher suites to add. This parameter is used only when **CipherSuite** is set to **99**.', 'type' => 'string', 'required' => false, 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'ResourceProduct' => [
'description' => 'The cloud service type. Valid values:'."\n"
."\n"
.'- **clb4**: Layer 4 CLB.'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **ecs**: ECS.'."\n"
.'- **nlb**: NLB.'."\n"
.'- **ddos**: Anti-DDoS.',
'type' => 'string',
'required' => true,
'enum' => ['ecs', 'clb4', 'clb7', 'nlb', 'ddos'],
'example' => 'clb4',
'title' => '',
],
'Port' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''],
'ResourceInstanceId' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'required' => false, 'example' => 'lb-bp1*****', 'title' => ''],
'Protocol' => [
'description' => 'The protocol type. Valid values:'."\n"
.'- **http**: HTTP.'."\n"
.'- **https**: HTTPS.',
'type' => 'string',
'required' => false,
'enum' => ['http', 'https'],
'example' => 'http',
'title' => '',
],
'Certificates' => [
'description' => 'The list of certificate IDs.',
'type' => 'array',
'items' => [
'description' => 'The certificate information.',
'type' => 'object',
'properties' => [
'CertificateId' => ['description' => 'The ID of the certificate to add.'."\n"
."\n"
.'> You can call [DescribeResourceInstanceCerts](~~2718120~~) to query the IDs of all SSL certificates associated with the cloud service instance.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''],
'AppliedType' => ['description' => 'The certificate type for the HTTPS protocol. Valid values:'."\n"
."\n"
.'- **default**: default certificate.'."\n"
."\n"
.'- **extension**: extended certificate.', 'type' => 'string', 'required' => false, 'example' => 'default', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
'Http2Enabled' => ['description' => 'Specifies whether to enable HTTP/2. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled.'."\n"
."\n"
.'- **false** (default): HTTP/2 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'ResourceRegionId' => ['description' => 'The region ID of the cloud service.'."\n"
."\n\n"
."\n"
.'> This parameter is required when the instance ID to be connected has not been synchronized to WAF.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
'Domain' => ['description' => 'The domain name connected to WAF.'."\n"
.'> This parameter is required only when the cloud service type is ddos. For other service types, leave this field empty.', 'type' => 'string', 'required' => false, 'example' => 'www.c**sw.net', 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Redirect',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The forwarding configuration.',
'type' => 'object',
'properties' => [
'RequestHeaders' => [
'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**], where **_key_** specifies the custom request header field and **_value_** specifies the value of the field.'."\n"
."\n"
.'> If the custom header field already exists in the request, the system overwrites the value of the field with the specified traffic mark value.',
'type' => 'array',
'items' => [
'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**], where **_key_** specifies the custom request header field and **_value_** specifies the value of the field.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'key1', 'title' => ''],
'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'value1', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 5,
'title' => '',
'example' => '',
],
'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n"
."\n"
.'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n"
."\n"
.'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n"
."\n"
.'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
'XffHeaders' => [
'description' => 'The list of custom header fields used to obtain the client IP address, in the format of [**"header1","header2",...**].'."\n"
."\n"
.'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.',
'type' => 'array',
'items' => ['description' => 'The list of custom header fields used to obtain the client IP address, in the format of [**"header1","header2",...**].'."\n"
."\n"
.'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.', 'type' => 'string', 'required' => false, 'example' => 'header1', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n"
.'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'example' => '1', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n"
.'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'example' => '1', 'title' => ''],
'Keepalive' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n"
."\n"
.'- **true** (default): Persistent connections are enabled.'."\n"
."\n"
.'- **false**: Persistent connections are disabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
'KeepaliveRequests' => ['description' => 'The number of requests that can reuse a persistent connection. Valid values: 60 to 1000.'."\n"
."\n"
.'> After persistent connections are enabled, this parameter specifies how many requests can reuse a persistent connection.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 10 to 3600. Default value: 3600. Unit: seconds.'."\n"
."\n"
.'> Specifies how long an idle persistent connection can remain open before it is released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '3600', 'required' => false, 'example' => '3600', 'title' => ''],
'XffProto' => ['description' => 'Specifies whether to use X-Forward-For-Proto to pass the protocol used by WAF. Valid values:'."\n"
."\n"
.'- **true** (default): The protocol used by WAF is passed.'."\n"
."\n"
.'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.'."\n"
.'> Only Ultimate Edition supports this parameter.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'required' => false],
],
'required' => false,
'title' => '',
'example' => '',
],
],
[
'name' => 'Tag',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The list of tags. A maximum of 20 tags can be specified.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Key' => ['title' => '', 'description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'TagKey1'],
'Value' => ['title' => '', 'description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1'],
],
'required' => false,
'description' => '',
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 21,
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'OwnerUserId',
'in' => 'query',
'schema' => ['description' => 'The UID of the current resource ownership.', 'type' => 'string', 'required' => false, 'example' => '123', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''],
'CloudResourceId' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF.', 'type' => 'string', 'example' => 'lb-***', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"CloudResourceId\\": \\"lb-***\\"\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Connect a cloud service to WAF',
'changeSet' => [
['createdAt' => '2024-12-12T08:00:42.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-10-10T12:43:20.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCloudResource'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateCloudResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
],
],
'CreateCloudResourceExtensionCert' => [
'path' => '',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'],
],
'parameters' => [
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF during cloud native mode access.'."\n"
."\n"
.'> You can call the [CreateCloudResource](~~2839876~~) operation to connect a resource, and then view the resource ID in the response.', 'type' => 'string', 'required' => true, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''],
],
[
'name' => 'CertId',
'in' => 'query',
'schema' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'Schema of Response',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'Add an extension certificate for a cloud native mode resource',
'summary' => 'Adds an extension certificate for a cloud native mode resource.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:CreateCloudResourceExtensionCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
],
'CreateDefenseResource' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106302',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object.'."\n"
."\n"
.'> - Only protected objects of hybrid cloud deployments support custom names.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'abctest.com'],
],
[
'name' => 'Product',
'in' => 'query',
'schema' => ['description' => 'The name of the Alibaba Cloud service. Valid values:'."\n"
."\n"
.'- **alb**: Application Load Balancer (ALB).'."\n"
."\n"
.'- **ecs**: Elastic Compute Service (ECS).'."\n"
."\n"
.'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **nlb**: Network Load Balancer (NLB).'."\n"
."\n"
.'- **waf**: Web Application Firewall (WAF).', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ecs'],
],
[
'name' => 'ResourceGroup',
'in' => 'query',
'schema' => ['description' => 'The name of the protection group to which the protected object is added.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'testGroup'],
],
[
'name' => 'ResourceOrigin',
'in' => 'query',
'schema' => ['description' => 'The origin type of the protected object. Valid values:'."\n"
."\n"
.'- **custom**: a user-defined protected object.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'custom'],
],
[
'name' => 'Pattern',
'in' => 'query',
'schema' => ['description' => 'The type of the protected object. Valid values:'."\n"
."\n"
.'- **domain**: domain name.'."\n"
."\n"
.'- **multi\\_service**: hybrid cloud deployment.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'domain'],
],
[
'name' => 'Detail',
'in' => 'query',
'schema' => ['description' => 'The configuration details of the protected object, in JSON format.'."\n"
."\n"
.'> The required parameters vary based on the values of **Product** and **Pattern**. For more information, see the **Description of the Detail parameter** section.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '{\\"domain\\": \\"zhhclb4test096-05111.test.com\\"}'],
],
[
'name' => 'XffStatus',
'in' => 'query',
'schema' => ['description' => 'Indicates whether the X-Forwarded-For (XFF) proxy feature is enabled. Valid values:'."\n"
."\n"
.'- **0** (default): disabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'required' => false, 'example' => '0'],
],
[
'name' => 'CustomHeaders',
'in' => 'query',
'style' => 'json',
'schema' => [
'title' => '',
'description' => 'The custom header fields used to obtain the actual client IP address when XFF proxy is enabled.'."\n"
."\n"
.'> If XffStatus is set to 1, WAF uses the first IP address from the specified header field as the client IP address to prevent XFF forgery. If you specify multiple header fields, WAF reads them in order. If no valid client IP address is found in the specified header fields, WAF falls back to the first IP address in the X-Forwarded-For header field.',
'type' => 'array',
'items' => ['description' => 'The name of a custom header field from which WAF extracts the client IP address.', 'type' => 'string', 'required' => false, 'example' => 'x-forwarded-for', 'title' => ''],
'required' => false,
'example' => '',
],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the protected object.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'test'],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-4xl*******', 'title' => ''],
],
[
'name' => 'OwnerUserId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud account to which the protected object belongs. This parameter is required only in multi-account scenarios. By default, the protected object belongs to the WAF administrator account.', 'type' => 'string', 'required' => false, 'example' => '123221XXX', 'title' => ''],
],
[
'name' => 'Tag',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'A list of tags. You can add up to 20 tags.',
'type' => 'array',
'items' => [
'description' => 'The tag object.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The key of the tag.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'demoTagKey'],
'Value' => ['description' => 'The value of the tag.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'TagValue1'],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 21,
'example' => '',
],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '1738C613-D054-5191-888B-DC0CF4C3A4A0', 'title' => ''],
'Resource' => ['description' => 'The name of the protected object that is created.', 'type' => 'string', 'example' => 'cdX.XXX-call.cn-alb', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.ResourceExsit', 'errorMessage' => 'Access resource already exists, resource:%s.', 'description' => 'Access resource already exists, existing resource:%s.'],
],
],
'title' => 'CreateDefenseResource',
'summary' => 'Creates a protected object.',
'requestParamsDescription' => '## Description of the Detail parameter'."\n"
."\n"
.'### ALB domain name (Product is set to alb and Pattern is set to domain)'."\n"
."\n"
.'Adds a protected object for the domain name of an Application Load Balancer (ALB) instance protected by WAF.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ---------- | ------ | -------- | ------------------- | ----------------------------------------------------------- |'."\n"
.'| instanceId | String | Yes | alb-cj3w3********1x | The ID of the ALB instance that is protected by WAF. |'."\n"
.'| domain | String | Yes | alb.test.com | The domain name that you want to add to WAF for protection. |'."\n"
."\n"
.'#### Sample request'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "domain": "alb.test.com",'."\n"
.' "instanceId": "alb-cj3w3********1x"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### ECS domain name (Product is set to ecs and Pattern is set to domain)'."\n"
."\n"
.'Adds a protected object for the domain name of an Elastic Compute Service (ECS) instance protected by WAF.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ------ | ------ | -------- | ------------ | ----------------------------------------------------------- |'."\n"
.'| domain | String | Yes | ecs.test.com | The domain name that you want to add to WAF for protection. |'."\n"
."\n"
.'#### Sample request'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "domain": "ecs.test.com"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### CLB domain name (Product is set to clb4 or clb7 and Pattern is set to domain)'."\n"
."\n"
.'Adds a protected object for the domain name of a Classic Load Balancer (CLB) instance protected by WAF.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ------ | ------ | -------- | ------------ | ----------------------------------------------------------- |'."\n"
.'| domain | String | Yes | clb.test.com | The domain name that you want to add to WAF for protection. |'."\n"
."\n"
.'#### Sample request'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "domain": "clb.test.com"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### NLB domain name (Product is set to nlb and Pattern is set to domain)'."\n"
."\n"
.'Adds a protected object for the domain name of a Network Load Balancer (NLB) instance protected by WAF.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ------ | ------ | -------- | ------------ | ----------------------------------------------------------- |'."\n"
.'| domain | String | Yes | nlb.test.com | The domain name that you want to add to WAF for protection. |'."\n"
."\n"
.'#### Sample request'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "domain": "nlb.test.com"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### WAF hybrid cloud deployment (Product is set to waf and Pattern is set to multi\\_service)'."\n"
."\n"
.'Creates a protected object for a URL path of a domain name in a hybrid cloud WAF cluster.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ------ | ------ | -------- | ---------- | ------------------------------------------------------------------------- |'."\n"
.'| domain | String | Yes | a.test.com | The domain name or IP address that you want to add to WAF for protection. |'."\n"
.'| url | String | Yes | /abc | The URL path. |'."\n"
."\n"
.'#### Sample request'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "domain": "a.test.com",'."\n"
.' "url": "/abc"'."\n"
.'}'."\n"
.'```',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1738C613-D054-5191-888B-DC0CF4C3A4A0\\",\\n \\"Resource\\": \\"cdX.XXX-call.cn-alb\\"\\n}","type":"json"}]',
],
'CreateDefenseResourceGroup' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106349',
'abilityTreeNodes' => ['FEATUREwafHQWDCC'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to view the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (\\_), periods (.), and hyphens (-).', 'type' => 'string', 'required' => true, 'example' => 'group221', 'title' => ''],
],
[
'name' => 'AddList',
'in' => 'query',
'schema' => ['description' => 'The protected objects to add to the protected object group. You can add multiple protected objects. Separate them with commas (,).', 'type' => 'string', 'required' => false, 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com'."\n", 'title' => ''],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the protected object group. The description can be up to 512 characters long.', 'type' => 'string', 'required' => false, 'example' => 'test_domain', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5D69B341-4F97-58E7-9E16-1B17FE7A9E98', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'CreateDefenseResourceGroup',
'summary' => 'Creates a protected object group.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseResourceGroup'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5D69B341-4F97-58E7-9E16-1B17FE7A9E98\\"\\n}","type":"json"}]',
],
'CreateDefenseRule' => [
'summary' => 'Create a web core protection rule.',
'methods' => ['post'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106379',
'abilityTreeNodes' => ['FEATUREwaf1LM6V0', 'FEATUREwafI1HM4C', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwaf6XNOII', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafS64FX9', 'FEATUREwafOVI09M', 'FEATUREwafIFHX6M', 'FEATUREwafF105ZO'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to get the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection rule template.'."\n"
."\n"
.'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1122', 'title' => ''],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The scenario to which the protection rule is applied.'."\n"
."\n"
.'If **DefenseType** is set to **template**, valid values are:'."\n"
."\n"
.'- **waf\\_group**: basic protection.'."\n"
."\n"
.'- **waf\\_base**: web core protection.'."\n"
."\n"
.'- **antiscan**: scan protection.'."\n"
."\n"
.'- **ip\\_blacklist**: IP address blacklist.'."\n"
."\n"
.'- **custom\\_acl**: custom rule.'."\n"
."\n"
.'- **whitelist**: whitelist.'."\n"
."\n"
.'- **region\\_block**: geo-blocking.'."\n"
."\n"
.'- **custom\\_response**: custom response.'."\n"
."\n"
.'- **cc**: HTTP flood protection.'."\n"
."\n"
.'- **tamperproof**: webpage tamper-proofing.'."\n"
."\n"
.'- **dlp**: data leakage prevention.'."\n"
."\n"
.'- **spike\\_throttle**: rate limiting for bursts of traffic.'."\n"
."\n"
.'- **bot\\_manager**: bot management.'."\n"
."\n"
.'If **DefenseType** is set to **resource**, valid values are:'."\n"
."\n"
.'- **account\\_identifier**: account identification.'."\n"
."\n"
.'- **custom\\_response**: custom response.'."\n"
."\n"
.'- **waf\\_codec**: decoding.'."\n"
."\n"
.'If **DefenseType** is set to **global**, valid values are:'."\n"
."\n"
.'- **regular\\_custom**: custom regular expression.'."\n"
."\n"
.'- **address\\_book**: address book.'."\n"
."\n"
.'- **custom\\_response**: custom response.'."\n"
."\n"
.'> You can apply a global custom response to a protected object or a rule. If you configure custom response rules at different levels, the rule with the finest-grained scope takes precedence. The priority is as follows: rule > protected object > default page.', 'type' => 'string', 'required' => true, 'example' => 'waf_group', 'title' => ''],
],
[
'name' => 'Rules',
'in' => 'formData',
'schema' => ['description' => 'The details of the protection rule. This value is a JSON string.'."\n"
."\n"
.'> The parameters in the JSON string vary based on the value of **DefenseScene**. For more information, see **Protection rule parameters**.', 'type' => 'string', 'required' => true, 'example' => 'waf_group', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'DefenseType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): a template-based protection rule.'."\n"
."\n"
.'- **resource**: a rule for a specific protected object.'."\n"
."\n"
.'- **global**: a global protection rule.',
'type' => 'string',
'default' => 'template',
'enum' => ['template', 'global', 'resource'],
'required' => false,
'example' => 'template',
'title' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object to which the rule applies.'."\n"
."\n"
.'> This parameter is required only when **DefenseType** is set to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'sec****-waf', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response is an object with the following structure.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', 'title' => ''],
'RuleIds' => ['description' => 'The comma-separated IDs of the created protection rules.', 'type' => 'string', 'example' => '22215,23354,462165', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', 'errorMessage' => 'The whitelist protection rule does not exist.', 'description' => 'The whitelist protection rule does not exist. Rule ID:%s.'],
['errorCode' => 'Defense.Control.DefenseWhitelistConfigInvalid', 'errorMessage' => 'The whitelist rule is misconfigured.', 'description' => 'Error configuring whitelist rule: %s.'],
['errorCode' => 'Defense.Control.DefenseBookTypeInvalid', 'errorMessage' => 'The address book type is illegal.', 'description' => 'The address book type is illegal.'],
['errorCode' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', 'errorMessage' => 'Threat Intelligence Rule configuration error.', 'description' => 'Threat Intelligence Rule configuration error. %s'],
['errorCode' => 'Defense.Control.DefenseIpCountOversize', 'errorMessage' => 'The number of IPs exceeds the limit.', 'description' => 'The number of IPs exceeds the limit.'],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"RuleIds\\": \\"22215,23354,462165\\"\\n}","type":"json"}]',
'title' => 'CreateDefenseRule',
'requestParamsDescription' => '**Protection rule parameters**'."\n"
."\n"
.'## Template protection rule (**template**)'."\n"
."\n"
.'When **DefenseType** is set to **template**, the rule configuration is as follows.'."\n"
."\n"
.'### Basic protection rules (**waf\\_group**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| -------------- | ------- | -------- | --------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n"
.'| status | Integer | Required | 1 | Specifies the initial status of the defense rule. To change the status later, call the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: disabled.
\\- **1** (default): enabled. |'."\n"
.'| action | String | Required | block | Specifies the action for the defense rule. Valid values:
\\- **block**: blocks matching requests.
\\- **monitor**: monitors matching requests. |'."\n"
.'| policyId | Long | Optional | 1012 | Specifies the ID of the defense rule group. Defaults to the medium rule group (1012). |'."\n"
.'| protectionType | String | Optional | sema | Specifies the type of defense rule. Valid values:
\\- **regular** (default): regular expression protection.
\\- **sema**: semantic protection. |'."\n"
.'| config | String | Optional | {"nonInjectionSql":1} | Specifies the custom configuration as a JSON string. For a detailed list of settings, refer to the config object documentation. |'."\n"
."\n"
.'**Parameters**'."\n"
."\n"
.'- When **protectionType** is set to **sema**, where the basic protection rule is semantic protection.'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| --------------- | ------- | -------- | ------- | --------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| nonInjectionSql | Integer | Yes | 1 | Indicates whether non-injection attack detection is enabled. Valid values:
\\- **0**: disabled.
\\- **1** (default): enabled. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "DefenseScene": "waf_group",'."\n"
.' "TemplateId": 322,'."\n"
.' "InstanceId": "waf_cn****",'."\n"
.' "Rules": "[{\\"status\\":1,\\"policyId\\":1012,\\"action\\":\\"block\\"},{\\"status\\":1,\\"action\\":\\"block\\",\\"protectionType\\":\\"sema\\",\\"config\\":\\"{\\\\\\"nonInjectionSql\\\\\\":1}\\"}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### New core web protection (**waf\\_base**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ---------- | ------- | -------- | ----------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| autoUpdate | Boolean | Required | true | Specifies whether to enable automatic updates. Valid values:
\\- **true**: Enables automatic updates.
\\- **false**: Disables automatic updates. |'."\n"
.'| config | Array | Required | \\[{"ruleType":"system","ruleDetail":[{"ruleId":13000412,"ruleStatus":1,"ruleAction":"block"}]}] | The rule configuration to modify.>Call the DescribeBaseSystemRules operation to query the template\'s system protection rule configuration. Call the DescribeDefenseRules operation to query the template\'s custom regular expression rule configuration.> |'."\n"
."\n"
.'**`config`: Configuration details**'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ------------------------ | ------ | -------- | ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| ruleType | String | Required | system | The rule type. Valid values:
\\- **system**: A system rule for Basic Protection.
\\- **custom**: A custom regular expression rule for Basic Protection. |'."\n"
.'| ruleBatchOperationConfig | String | Optional | default | Specifies the batch operation for rules. This parameter cannot be used with the `RuleDetail` parameter. Valid values:
\\- **default**: Restores the default settings.
\\- **all_on**: Enables all rules.
\\- **all_off**: Disables all rules.
\\- **all_block**: Sets the action of all rules to Block.
\\- **all_monitor**: Sets the action of all rules to Monitor. |'."\n"
.'| ruleDetail | Array | Optional | \\[{"ruleId":13000412,"ruleStatus":1,"ruleAction":"block"}]] | The details of the rules to modify. Properties:
\\- **ruleId**: The rule ID.
\\- **ruleStatus**: The rule status.
\\- **ruleAction**: The rule action. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "DefenseScene": "waf_base",'."\n"
.' "TemplateId": 322,'."\n"
.' "InstanceId": "waf_cn****",'."\n"
.' "Rules": "[{\\"autoUpdate\\":true,\\"config\\":[{\\"ruleType\\":\\"system\\",\\"ruleDetail\\":[{\\"ruleId\\":13000412,\\"ruleStatus\\":1,\\"ruleAction\\":\\"block\\"}]}]}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Antiscan rules'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| -------------- | ------- | -------- | ----------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| protectionType | String | required | highfreq | The subtype of the scan protection rule. Valid values:
\\- **highfreq**: high-frequency scan blocking.
\\- **dirscan**: directory traversal blocking.
\\- **scantools**: scan tool blocking. |'."\n"
.'| status | Integer | required | 1 | The status of the protection rule. This parameter is used only when you create a protection rule. To modify the status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: disabled.
\\- **1** (default): enabled. |'."\n"
.'| action | String | required | block | The action for the protection rule. Valid values:
\\- **block**: blocks matching requests.
\\- **monitor**: monitors matching requests. |'."\n"
.'| actionExternal | JSON | optional | {"responseRuleId":123444} | Specifies the extended configuration for the rule\'s action, allowing you to define a custom response. For example, if the **action** parameter is set to **block**, you can specify a custom block page. |'."\n"
.'| config | String | optional | {"target":"remote_addr","interval":60,"ttl":180,"count":20} | Custom configuration, specified as a JSON string. For more information, see **Details of the config parameter**. |'."\n"
."\n"
.'**Detailed configuration**'."\n"
."\n"
.'- When **protectionType** is set to **highfreq** (for high-frequency scan blocking)'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| ----------- | ------- | -------- | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| target | String | Yes | remote_addr | The statistic object type. Valid values:
\\- **remote_addr** (default): IP address.
\\- **cookie.acw_tc**: session.
\\- **header**: custom header. If you select this value, specify the header field in the **subKey** parameter.
\\- **queryarg**: custom parameter. If you select this value, specify the parameter name in the **subKey** parameter.
\\- **cookie**: custom cookie. If you select this value, specify the cookie name in the **subKey** parameter. |'."\n"
.'| subKey | String | No | abc | The specific field of the statistic object. Required when **target** is set to **cookie**, **header**, or **queryarg**. |'."\n"
.'| interval | Integer | No | 60 | The detection duration in seconds. The default value is 60.
The value must be an integer from 5 to 1,800. |'."\n"
.'| ttl | Integer | No | 1800 | The blocking duration in seconds. The default value is 1,800.
The value must be an integer from 60 to 86,400. |'."\n"
.'| count | Integer | No | 20 | Maximum number of times a basic protection rule can be triggered. The default value is 20.
The value must be an integer from 3 to 50,000. |'."\n"
.'| ruleIdCount | Integer | No | 2 | Maximum number of triggered rules. The default value is 2.
The value must be an integer from 1 to 50. |'."\n"
."\n"
.'- When **protectionType** is set to **dirscan** (the scan protection rule for blocking directory traversal)'."\n"
."\n"
.'| Parameter | Type | Required | Value | Description |'."\n"
.'| --------- | ------- | -------- | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| target | String | Required | remote_addr | The target object for statistics and blocking. Valid values:
\\- **remote_addr** (default): IP
\\- **cookie.acw_tc**: session
\\- **header**: custom header
\\- **queryarg**: custom parameter
\\- **cookie**: custom cookie |'."\n"
.'| subKey | String | Optional | 1 | The sub-key of the target object. Specify this parameter only when target is set to **header, queryarg, or cookie**. |'."\n"
.'| interval | Integer | Optional | 60 | The detection duration, in seconds.
Valid values: 5 to 1,800. Default: 60. |'."\n"
.'| ttl | Integer | Optional | 1800 | The block duration, in seconds.
Valid values: 60 to 86,400. Default: 1,800. |'."\n"
.'| count | Integer | Optional | 20 | The maximum number of times a basic protection rule can be triggered.
Valid values: 3 to 50,000. Default: 20. |'."\n"
.'| weight | Float | Optional | 0.5 | The ratio of 404 response codes.
Valid values: 0.01 to 1.0 (with a precision of two decimal places). Default: 0.7. |'."\n"
.'| uriNum | Integer | Optional | 50 | The maximum number of non-existent directories.
Valid values: 2 to 50,000. Default: 50. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 2222,'."\n"
.' "DefenseScene": "antiscan",'."\n"
.' "Rules": "[{\\"protectionType\\":\\"scantools\\",\\"action\\":\\"block\\",\\"status\\":1},{\\"protectionType\\":\\"dirscan\\",\\"status\\":1,\\"action\\":\\"block\\",\\"config\\":\\"{\\\\\\"target\\\\\\":\\\\\\"remote_addr\\\\\\",\\\\\\"interval\\\\\\":10,\\\\\\"ttl\\\\\\":1800,\\\\\\"weight\\\\\\":0.7,\\\\\\"uriNum\\\\\\":50,\\\\\\"count\\\\\\":50}\\"},{\\"protectionType\\":\\"highfreq\\",\\"status\\":1,\\"action\\":\\"block\\",\\"config\\":\\"{\\\\\\"target\\\\\\":\\\\\\"remote_addr\\\\\\",\\\\\\"interval\\\\\\":60,\\\\\\"ttl\\\\\\":1800,\\\\\\"count\\\\\\":20,\\\\\\"ruleIdCount\\\\\\":2}\\"}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### IP blacklist (**ip\\_blacklist**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| -------------- | ------- | -------- | ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n"
.'| name | String | Required | iptest | The name of the ip blacklist rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| status | Integer | Required | 1 | The rule status. Use this parameter only when you create a protection rule. To modify the rule status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: disable
\\- **1** (default): enable |'."\n"
.'| action | String | Required | block | The rule action. Valid values:
\\- **block**: Blocks requests.
\\- **monitor**: Monitors requests. |'."\n"
.'| actionExternal | JSON | Optional | {"responseRuleId":123444} | Extended configuration for the rule action. This parameter applies only to the new custom response feature. When **action** is set to **block**, you can specify a custom block page. |'."\n"
.'| remoteAddr | Array | Required | \\["1.1.XX.XX", "3.1.XX.XX/24"] | The IP addresses or CIDR blocks to add to the ip blacklist. Use the format ["ip1","ip2",...]. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 2222,'."\n"
.' "DefenseScene": "ip_blacklist",'."\n"
.' "Rules": "[{\\"name\\":\\"iptest1\\",\\"remoteAddr\\":[\\"1.1.1.2\\",\\"3.3.3.3/24\\"],\\"action\\":\\"monitor\\",\\"status\\":1},{\\"name\\":\\"iptest2\\",\\"remoteAddr\\":[\\"4.4.4.4\\",\\"5.5.5.5/32\\"],\\"action\\":\\"block\\",\\"status\\":1}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Custom rule (**custom\\_acl**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| -------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Yes | iptest | The name of the custom ACL rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| status | Integer | Yes | 1 | Specifies the status of the protection rule. This parameter applies only when you create a protection rule. To change the status of an existing rule, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: disabled
\\- **1** (default): enabled |'."\n"
.'| action | String | Yes | block | Specifies the action of the protection rule. Valid values:
\\- **block**: Blocks the request.
\\- **monitor**: Monitors the request.
\\- **js**: Triggers a JS challenge.
\\- **captcha**: Triggers a CAPTCHA.
\\- **captcha_strict**: Triggers a strict CAPTCHA.
**Note** The actions available for custom ACL rules are limited to those shown in the **WAF console**. |'."\n"
.'| actionExternal | JSON | No | {"responseRuleId":123444} | Specifies the extended configuration for the protection rule action. This parameter is available only for the new version of custom responses. When **action** is set to **block**, you can specify a custom block page. When **action** is set to **captcha**/ **captcha_strict**, you can specify a custom CAPTCHA page. |'."\n"
.'| conditions | Array | Yes | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | Specifies the match conditions for the ACL rule. The value is a JSON string. You can specify up to five match conditions. For more information, see the description of `conditions` in [Parameters of protection rules](~~3026503~~). |'."\n"
.'| ccStatus | Integer | Yes | 1 | Specifies whether to enable rate limiting. Valid values:
\\- **0**: Disables rate limiting.
\\- **1**: Enables rate limiting. |'."\n"
.'| ratelimit | JSON | No | {"target":"remote_addr","interval":5,"threshold":2,"ttl":1800,"status":{"code":404,"count":2}} | Specifies the detailed configuration for rate limiting. The value is a JSON string. This parameter is required only when `ccStatus` is set to **1**. For more information, see the description of `ratelimit` in [Parameters of protection rules](~~3026503~~). |'."\n"
.'| effect | String | No | rule | Specifies the scope of rate limiting. This parameter is required only when `ccStatus` is set to **1**. Valid values:
\\- **service**: Applies to the protected object.
\\- **rule**: Applies to the single rule. |'."\n"
.'| grayStatus | Integer | No | 1 | Specifies whether to enable grayscale release for the rule. Valid values:
\\- **0** (default): Disables grayscale release.
\\- **1**: Enables grayscale release. |'."\n"
.'| grayConfig | JSON | No | {"grayTarget":"header","grayRate":80,"graySubKey":"test"} | Specifies the configuration for the grayscale release. The value is a JSON string. This parameter is required only when `grayStatus` is set to **1**. For more information, see the description of `grayConfig` in [Parameters of protection rules](~~3026503~~). |'."\n"
.'| timeConfig | JSON | No | {"timeScope":"period","timeZone":8,"timePeriods":[{"start":1758771729787,"end":1758816000000}]} | Specifies the schedule that determines when the rule is active. The value is a JSON string. For more information, see the description of `timeConfig` in [Parameters of protection rules](~~3026503~~). |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'The provided document was analyzed for user interface (UI) terms according to the established criteria.'."\n"
."\n\n"
."\n\n"
.'The document contains a JSON code example, which consists of API parameters and code variables. Per the exclusion criteria, these are not considered UI elements such as buttons, menus, or labels.'."\n"
."\n\n"
."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 6242,'."\n"
.' "DefenseScene": "custom_acl",'."\n"
.' "Rules":"[{\\"name\\":\\"acl_test\\",\\"action\\":\\"block\\",\\"conditions\\":[{\\"key\\":\\"URL\\",\\"opValue\\":\\"contain\\",\\"values\\":\\"abc\\"}],\\"ratelimit\\":{\\"target\\":\\"remote_addr\\",\\"interval\\":5,\\"threshold\\":2,\\"ttl\\":1800,\\"status\\":{\\"code\\":404,\\"count\\":2}},\\"ccStatus\\":1,\\"effect\\":\\"rule\\",\\"status\\":1,\\"origin\\":\\"custom\\",\\"timeConfig\\":{\\"timeScope\\":\\"cycle\\",\\"timeZone\\":8,\\"weekTimePeriods\\":[{\\"day\\":\\"1\\",\\"dayPeriods\\":[{\\"start\\":0,\\"end\\":51644084}]},{\\"day\\":\\"1,2,5\\",\\"dayPeriods\\":[{\\"start\\":0,\\"end\\":42928908}]}]},\\"grayStatus\\":1,\\"grayConfig\\":{\\"grayRate\\":80,\\"graySubKey\\":\\"test\\",\\"grayTarget\\":\\"header\\"}}]"'."\n"
.'}'."\n"
."\n\n"
."\n\n"
."\n"
.'Therefore, no UI terms were extracted from the document.'."\n"
."\n\n"
."\n\n"
.'UI term extraction requires documentation containing interface descriptions, operational steps, or screenshots.'."\n"
.'```'."\n"
."\n"
.'### Whitelist'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| -------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Required | whitelistTest | The name of the whitelist rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| status | Integer | Required | 1 | The status of the protection rule. Use this parameter only when you create a protection rule. To modify the rule\'s status, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: Disabled.
\\- **1** (default): Enabled. |'."\n"
.'| conditions | Array | Required | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | A JSON string that contains an array of match conditions for the whitelist. You can specify up to five match conditions. For more information, see the description of `conditions` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n"
.'| tags | Array | Required | \\["waf", "regular"] | The protection modules to which the whitelist rule applies. Specify the values in the `["XX1", "XX2",...]` format. Valid values:
\\- **waf**: All modules
\\- **customrule_rule**: Specific custom rule
\\- **customrule**: custom rules
\\- **blacklist**: IP blacklist
\\- **blacklist_rule**: Specific IP blacklist rule
\\- **antiscan**: scan protection
\\- **regular**: basic protection rules
\\- **regular_rule**: Specific basic protection rule
\\- **regular_type**: Specific basic protection rule type
\\- **regular_field**: Specific basic protection field
\\- **major_protection**: Major event protection
\\- **cc**: CC protection
\\- **region_block**: region blocking
\\- **antibot_scene**: bot protection
\\- **antibot_scene_rule**: Specific bot protection rule ID
\\- **antibot_scene_label**: Specific bot protection rule type
\\- **dlp**: data loss prevention
\\- **tamperproof**: web tamper proofing
\\- **spike_throttle**: spike throttling protection |'."\n"
.'| regularRules | Array | Optional | \\[ "111111", "222222" ] | A list of basic protection rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `regular_rule`. |'."\n"
.'| regularTypes | Array | Optional | \\[ "xss", "css" ] | A list of basic protection rule types to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `regular_type`. Valid values:
\\- **sqli**: SQL injection
\\- **xss**: cross-site scripting
\\- **code_exec**: code execution
\\- **crlf**: CRLF
\\- **lfilei**: local file inclusion
\\- **rfilei**: remote file inclusion
\\- **webshell**: webshell
\\- **csrf**: CSRF
\\- **other**: Other |'."\n"
.'| regularFields | Array | Optional | \\[{"key":"URL"},{"key":"Header","subKey":"abc"}] | A JSON string that contains an array of fields to exclude from basic protection. You can specify up to five fields. For more information, see **regularFields Configuration**. Configure this parameter only when the `tags` parameter is set to `regular_field`. |'."\n"
.'| customRules | Array | Optional | \\[ "111111", "222222" ] | A list of custom rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `customrule_rule`. |'."\n"
.'| blacklistRules | Array | Optional | \\[ "111111", "222222" ] | A list of IP blacklist rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `blacklist_rule`. |'."\n"
.'| botRules | Array | Optional | \\[ "111111", "222222" ] | A list of bot protection rule IDs to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `antibot_scene_rule`. |'."\n"
.'| botLables | Array | Optional | \\[ "abc", "cdcc" ] | A list of bot protection rule types to exclude from detection. Specify the values in the `["XX1", "XX2",...]` format. Configure this parameter only when the `tags` parameter is set to `antibot_scene_label`. You can call the [DescribeBotRuleLabels](~~DescribeBotRuleLabels~~) operation to query the available rule types. |'."\n"
."\n"
.'**Configuring `regularFields`**'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| --------- | ------ | -------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| key | String | required | URL | The field to ignore. Valid values:
\\- **URL-All**: all fields of the URI.
\\- **URL**: the entire URI.
\\- **URLPath**: the URI path.
\\- **Query-All**: all query arguments.
\\- **Query-Arg**: a specified query argument.
\\- **Cookie-All**: all cookies.
\\- **Cookie-Exact**: a specified cookie name.
\\- **Header-All**: all headers.
\\- **Header**: a specified header field.
\\- **Body-All**: all arguments in the request body. |'."\n"
.'| subKey | String | optional | abc | The specific field to ignore. Required if **key** is **URLPath**, **Query-Arg**, **Cookie-Exact**, or **Header**. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'### Custom response rule (**custom\\_response**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ------------ | ------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| responseType | String | Yes | response_block | The custom response type. Set this to `response_block` to block the request. |'."\n"
.'| status | Integer | Yes | 1 | The status of the defense rule. This parameter is used only when you create a defense rule. To modify the status of an existing rule, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: disabled.
\\- **1** (default): enabled. |'."\n"
.'| config | String | Yes | {"responseCode":400,"responseHeaders":[{"key":"custom","value":"123"},{"key":"aaa","value":"2223"}],"responseContent":"HelloWorld"} | The custom configuration, specified as a JSON string. For details, see **config parameter details**. |'."\n"
."\n"
.'**Config**'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| --------------- | ------- | -------- | --------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| responseCode | Integer | required | 400 | The response code. |'."\n"
.'| responseHeaders | Array | optional | \\[{"key":"custom","value":"123"},{"key":"aaaa","value":"2223"}] | A list of custom response headers, formatted as a JSON string. The **key** is the header field, and the **value** is the header value. |'."\n"
.'| responseContent | String | required | helloworld | The content of the custom response. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 2841,'."\n"
.' "DefenseScene": "custom_response",'."\n"
.' "Rules":"[{\\"responseType\\":\\"response_block\\",\\"config\\":\\"{\\\\\\"templateName\\\\\\":\\\\\\"aaa\\\\\\",\\\\\\"responseCode\\\\\\":\\\\\\"400\\\\\\",\\\\\\"responseContent\\\\\\":\\\\\\"helloWorld\\\\\\",\\\\\\"responseHeaders\\\\\\":[{\\\\\\"key\\\\\\":\\\\\\"test1\\\\\\",\\\\\\"value\\\\\\":\\\\\\"abc\\\\\\"}]}\\",\\"status\\":1}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Region block rule (**region\\_block**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ---------------- | ------- | -------- | ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n"
.'| cnRegionList | String | Optional | 610000,230000 | A comma-separated list of region codes for Chinese mainland regions. Specify ["**CN**"] to block all Chinese mainland regions (excluding Hong Kong, Macao, and Taiwan). For the definitions of the region codes, see **Description of region codes in the Chinese mainland**. |'."\n"
.'| abroadRegionList | String | Optional | KE,KG | A comma-separated list of country and region codes for regions outside the Chinese mainland. Call the [DescribeIpAbroadCountryInfos](~~2928841~~) operation to query the supported country and region codes. |'."\n"
.'| status | Integer | Required | 1 | Specifies the status of the protection rule. This parameter applies only when creating a protection rule. To modify the status of an existing protection rule, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: Disabled.
\\- **1** (default): Enabled. |'."\n"
.'| action | String | Required | block | Specifies the action to perform. Valid values:
\\- **block**: blocks matching requests.
\\- **monitor**: monitors matching requests; captcha: performs a CAPTCHA challenge on matching requests; captcha_strict: performs a strict CAPTCHA challenge on matching requests. |'."\n"
.'| actionExternal | JSON | Optional | {"responseRuleId":123444} | Specifies the extended configuration for the action. This parameter is available only with the custom response feature. When **action** is set to **block**, you can specify a custom block page. When **action** is set to **captcha** or **captcha_strict**, you can specify a custom CAPTCHA page. |'."\n"
."\n"
.'**Chinese mainland region IDs**'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "110000": "Beijing",'."\n"
.' "120000": "Tianjin",'."\n"
.' "130000": "Hebei",'."\n"
.' "140000": "Shanxi",'."\n"
.' "150000": "Inner Mongolia",'."\n"
.' "210000": "Liaoning",'."\n"
.' "220000": "Jilin",'."\n"
.' "230000": "Heilongjiang",'."\n"
.' "310000": "Shanghai",'."\n"
.' "320000": "Jiangsu",'."\n"
.' "330000": "Zhejiang",'."\n"
.' "340000": "Anhui",'."\n"
.' "350000": "Fujian",'."\n"
.' "360000": "Jiangxi",'."\n"
.' "370000": "Shandong",'."\n"
.' "410000": "Henan",'."\n"
.' "420000": "Hubei",'."\n"
.' "430000": "Hunan",'."\n"
.' "440000": "Guangdong",'."\n"
.' "450000": "Guangxi",'."\n"
.' "460000": "Hainan",'."\n"
.' "500000": "Chongqing",'."\n"
.' "510000": "Sichuan",'."\n"
.' "520000": "Guizhou",'."\n"
.' "530000": "Yunnan",'."\n"
.' "540000": "Tibet",'."\n"
.' "610000": "Shaanxi",'."\n"
.' "620000": "Gansu",'."\n"
.' "630000": "Qinghai",'."\n"
.' "640000": "Ningxia",'."\n"
.' "650000": "Xinjiang",'."\n"
.' "MO_01": "Macao SAR, China",'."\n"
.' "HK_01": "Hong Kong SAR, China",'."\n"
.' "TW_01": "Taiwan, China",'."\n"
.' "CN": "Mainland China"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'##### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 2341,'."\n"
.' "DefenseScene": "region_block",'."\n"
.' "Rules": "[{\\"cnRegionList\\":\\"CN,HK_01,TW_01,MO_01\\",\\"abroadRegionList\\":\\"AU,NZ\\",\\"action\\":\\"block\\",\\"status\\":1}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Protection rules (**CC**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| --------- | ------- | -------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| mode | Integer | Yes | 0 | The CC protection mode. Valid values:
\\- **0** (default): normal protection.
\\- **1**: emergency protection. |'."\n"
.'| status | Integer | Yes | 1 | The protection rule status. Set this parameter only when you create a protection rule. To modify the protection rule status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: disabled.
\\- **1** (default): enabled. |'."\n"
.'| action | String | No | js | The protection rule action. Valid values:
\\- **js** (default): JS challenge.
\\- **monitor**: monitor. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 2241,'."\n"
.' "DefenseScene": "cc",'."\n"
.' "Rules":"[{\\"mode\\":0,\\"status\\":1,\\"action\\":\\"js\\"}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Website tamper-proofing rule (**tamperproof**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| --------- | ------- | -------- | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Yes | test | The name of the defense rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| url | String | Yes | /abc | The URL of the cached page. |'."\n"
.'| ua | String | No | app | The user-agent for accessing this path. |'."\n"
.'| protocol | String | Yes | https | The protocol of the cached page URL. Valid values: **http** and **https**. |'."\n"
.'| status | Integer | Yes | 1 | The status of the defense rule. This parameter is for rule creation only. To modify the status, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: disabled.
\\- **1** (default): enabled. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 1241,'."\n"
.' "DefenseScene": "tamperproof",'."\n"
.' "Rules": "[{\\"name\\":\\"test1\\",\\"url\\":\\"www.test1.com\\",\\"ua\\":\\"firefox\\",\\"protocol\\":\\"https\\",\\"status\\":1}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### DLP rules'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ---------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n"
.'| name | String | Required | test | The name of the protection rule. It must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| conditions | Array | Required | \\[{"key":"HttpCode","opValue":"contain","values":"400,401,402,403,404,405,500,501,502,503,504,505"},{"key":"URL","opValue":"contain","values":"test"}] | The match conditions, specified as a JSON string. You can specify up to two match conditions, which are combined with a logical AND. For details, see **Detailed conditions configuration**. |'."\n"
.'| status | Integer | Required | 1 | The status of the protection rule. This parameter applies only when creating a protection rule. To modify the status of a protection rule, use the RuleStatus parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: Disabled
\\- **1** (default): Enabled |'."\n"
.'| action | String | Required | block | The action to perform when a request matches the rule. Valid values:
\\- **block**: Blocks the request. This action is available only if the match conditions include a response code.
\\- **monitor**: Monitors the request.
\\- **filter**: Filters for sensitive information. This action is available only if a sensitive information match condition is configured. |'."\n"
."\n"
.'**Condition parameters**'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| --------- | ------ | -------- | ------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| key | String | required | URL | The match field. Valid values: **URL**, **HttpCode**, and **SensitiveInfo**. |'."\n"
.'| opValue | String | required | contain | The logical operator. The value is always **contain**. |'."\n"
.'| values | String | required | abc | The content to match. Separate multiple values with a comma (,).
For **HttpCode**, the valid values are: **400**, **401**, **402**, **403**, **404**, **405** (for the **405–499** range), **500**, **501**, **502**, **503**, **504**, and **505** (for the **505–599** range).
For **SensitiveInfo**, the valid values are:
\\- **phone**: Phone number.
\\- **card**: Credit card.
\\- **id**: ID card.
\\- **word**: Default sensitive word. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'### Spike throttle (**spike\\_throttle**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example | Description |'."\n"
.'| ---------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Yes | iptest | The name of the rate limiting rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| status | Integer | Yes | 1 | The status of the defense rule. This parameter is for rule creation only. To modify the status of a defense rule, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: Disabled.
\\- **1** (default): Enabled. |'."\n"
.'| action | String | Yes | block | The rule action. Valid values:
\\- **block**: Blocks matching requests.
\\- **monitor**: Monitors matching requests. |'."\n"
.'| actionExternal | JSON | No | {"responseRuleId":123444} | The extended configuration for the rule action. This is used to specify a custom block page when **action** is set to **block**. |'."\n"
.'| conditions | Array | Yes | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | The match conditions for the ACL, specified as a JSON array. You can define up to five match conditions. For detailed configuration, see the `conditions` description in [Defense Rule Parameter Configuration](~~3026503~~). |'."\n"
.'| cnRegionList | String | No | 610000,230000 | The regions in the Chinese mainland to block. To block all regions in the Chinese mainland (excluding Hong Kong, Macao, and Taiwan), specify "**CN**". Separate multiple region codes with commas (,). For a list of region codes, see **Region Codes for the Chinese mainland**. |'."\n"
.'| abroadRegionList | String | No | KE,KG | The regions outside the Chinese mainland to block. Separate multiple region codes with commas (,). You can call the [DescribeIpAbroadCountryInfos](~~2928841~~) operation to query the supported countries and regions. |'."\n"
.'| type | String | Yes | qps | The rate limiting mode. Valid values:
\\- **qps**: Limits traffic based on queries per second (QPS).
\\- **ratio** (default): Limits traffic by percentage. |'."\n"
.'| threshold | Integer | Yes | 500 | The rate limiting threshold. Its meaning depends on the type parameter:
\\- If the type is **qps**: Specifies the QPS threshold. The valid range is 1 to 5,000,000. Requests exceeding this threshold are blocked.
\\- If the type is **ratio**: Specifies the percentage of requests to allow. The valid range is 1 to 99. For example, a value of 80 allows 80% of requests. |'."\n"
."\n"
.'**Region IDs in Chinese mainland**'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "110000": "Beijing Municipality",'."\n"
.' "120000": "Tianjin Municipality",'."\n"
.' "130000": "Hebei Province",'."\n"
.' "140000": "Shanxi Province",'."\n"
.' "150000": "Inner Mongolia Autonomous Region",'."\n"
.' "210000": "Liaoning Province",'."\n"
.' "220000": "Jilin Province",'."\n"
.' "230000": "Heilongjiang Province",'."\n"
.' "310000": "Shanghai Municipality",'."\n"
.' "320000": "Jiangsu Province",'."\n"
.' "330000": "Zhejiang Province",'."\n"
.' "340000": "Anhui Province",'."\n"
.' "350000": "Fujian Province",'."\n"
.' "360000": "Jiangxi Province",'."\n"
.' "370000": "Shandong Province",'."\n"
.' "410000": "Henan Province",'."\n"
.' "420000": "Hubei Province",'."\n"
.' "430000": "Hunan Province",'."\n"
.' "440000": "Guangdong Province",'."\n"
.' "450000": "Guangxi Zhuang Autonomous Region",'."\n"
.' "460000": "Hainan Province",'."\n"
.' "500000": "Chongqing Municipality",'."\n"
.' "510000": "Sichuan Province",'."\n"
.' "520000": "Guizhou Province",'."\n"
.' "530000": "Yunnan Province",'."\n"
.' "540000": "Tibet Autonomous Region",'."\n"
.' "610000": "Shaanxi Province",'."\n"
.' "620000": "Gansu Province",'."\n"
.' "630000": "Qinghai Province",'."\n"
.' "640000": "Ningxia Hui Autonomous Region",'."\n"
.' "650000": "Xinjiang Uygur Autonomous Region",'."\n"
.' "MO_01": "Macao, China",'."\n"
.' "HK_01": "Hong Kong, China",'."\n"
.' "TW_01": "Taiwan, China",'."\n"
.' "CN": "Chinese mainland",'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'##### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_****",'."\n"
.' "TemplateId": 2341,'."\n"
.' "DefenseScene": "spike_throttle",'."\n"
.' "Rules":"[{\\"name\\":\\"test\\",\\"action\\":\\"monitor\\",\\"conditions\\":[{\\"key\\":\\"URL\\",\\"opValue\\":\\"contain-one\\",\\"values\\":\\"abctest,abctest2\\"}],\\"status\\":1,\\"type\\":\\"qps\\",\\"threshold\\":1000,\\"cnRegionList\\":\\"110000,140000\\",\\"abroadRegionList\\":\\"AD,AL\\"}]"}'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Bot management rules (**bot\\_manager**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| -------------- | ------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Required | iptest | The name of the advanced custom BOT ACL rule. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| status | Integer | Required | 1 | The rule status. This parameter applies only when you create a rule. To modify the status of an existing rule, use the `RuleStatus` parameter of the [ModifyDefenseRuleStatus](~~461618~~) operation. Valid values:
\\- **0**: Disabled.
\\- **1** (default): Enabled. |'."\n"
.'| action | String | Required | block | The rule action. Valid values:
\\- **block**: Block.
\\- **monitor**: Monitor.
\\- **js**: JS challenge.
\\- **captcha**: CAPTCHA.
\\- **captcha_strict**: Strict CAPTCHA.
\\- **upstream_tag**: Upstream tagging.
**Note** Refer to the **WAF console** for the list of supported actions. |'."\n"
.'| actionExternal | JSON | Optional | {"responseRuleId":123444} or
{"upstreamHeader":{"header":"test","systemKey":["type","id"]}} | A JSON string that contains the extended configuration for the rule action. The JSON string contains the following fields:
\\- `upstreamHeader`: The configuration for upstream tagging. This field applies only when **action** is set to **upstream_tag**. For more information, see **Upstream Tagging upstreamHeader Configuration**.
\\- `responseRuleId`: The ID of the custom response rule.
If **action** is **block**, `responseRuleId` is the ID of a custom block page rule.
If **action** is **captcha** or **captcha_strict**, `responseRuleId` is the ID of a custom CAPTCHA page rule. |'."\n"
.'| conditions | Array | Required | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | The match conditions for the ACL rule, specified as a JSON array. You can specify up to 10 match conditions. For more information about the configuration, see the description of `conditions` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n"
.'| ccStatus | Integer | Required | 1 | Specifies whether the rate limit is enabled. Valid values:
\\- **0**: Disabled.
\\- **1**: Enabled. |'."\n"
.'| ratelimit | JSON | Optional | {"target":"remote_addr","interval":5,"threshold":2,"ttl":1800,"status":{"code":404,"count":2}} | A JSON string that contains the detailed configuration for the rate limit. This parameter applies only when `ccStatus` is set to **1**. For more information about the configuration, see the description of `ratelimit` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n"
.'| effect | String | Optional | rule | The scope of the rate limit. This parameter applies only when `ccStatus` is set to **1**. Valid values:
\\- **service**: The rate limit applies to the protected object.
\\- **rule**: The rate limit applies to a single rule. |'."\n"
.'| botBehavior | String | Optional | malicious | The rule category. Valid values:
\\- **suspicious** (default): Suspicious bot.
\\- **malicious**: Malicious bot. |'."\n"
.'| grayStatus | Integer | Optional | 1 | Specifies whether a canary release is enabled. Valid values:
\\- **0** (default): Disabled.
\\- **1**: Enabled. |'."\n"
.'| grayConfig | JSON | Optional | {"grayTarget":"header","grayRate":80,"graySubKey":"test"} | A JSON string that contains the configuration for the canary release. This parameter applies only when `grayStatus` is set to **1**. For more information about the configuration, see the description of `grayConfig` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n"
.'| timeConfig | JSON | Optional | {"timeScope":"period","timeZone":8,"timePeriods":[{"start":1758771729787,"end":1758816000000}]} | A JSON string that contains the schedule configuration for the rule. For more information about the configuration, see the description of `timeConfig` in [Protection Rule Parameter Configuration](~~3026503~~). |'."\n"
."\n"
.'**Back-to-source tagging with `upstreamHeader`**'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ----------- | ------ | -------- | -------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| header | String | Yes | abc | The header name for back-to-origin tagging. |'."\n"
.'| systemKey | Array | Yes | \\["id","type"] | The system fields for back-to-origin tagging. The order of these fields determines the content of the header. Valid values:
\\- **id**: The rule ID.
\\- **type**: The rule type.
\\- **websdk.umid**: The UMID from the web client.
\\- **ssl_client_ja3_fingerprinting_md5**: The JA3 fingerprint.
\\- **ssl_client_ja4_fingerprinting_md5**: The JA4 fingerprint.
\\- **http2_client_fingerprint_md5**: The HTTP/2 fingerprint.
\\- **appsdk.eeid_umid**: The device UMID.
\\- **appsdk.eeid_running_frame_magisk**: Indicates whether the Magisk framework is used.
\\- **appsdk.eeid_running_frame_frida**: Indicates whether Frida injection is present.
\\- **appsdk.eeid_running_frame_fishhook**: Indicates whether FishHook injection is present.
\\- **appsdk.eeid_running_frame_edxposed**: Indicates whether the EdXposed framework is used.
\\- **appsdk.is_xposed**: Indicates whether the Xposed framework is used.
\\- **appsdk.eeid_running_frame_va**: Indicates whether the VirtualApp framework is used.
\\- **appsdk.eeid_running_frame_cydia**: Indicates whether Cydia is installed.
\\- **appsdk.eeid_is_batch**: Indicates whether the device is a device farm device.
\\- **appsdk.eeid_is_root**: Indicates whether the device is rooted.
\\- **appsdk.eeid_is_fake**: Indicates whether the device is a fake device.
\\- **appsdk.eeid_is_virtual**: Indicates whether app cloning or a virtual environment is used.
\\- **appsdk.pkguncrypted**: Indicates whether app decryption has occurred.
\\- **appsdk.eeid_is_hook**: Indicates whether hooking behavior is present.
\\- **appsdk.eeid_is_debugged**: Indicates whether the app is being debugged.
\\- **appsdk.eeid_is_simulator**: Indicates whether the device is an emulator.
\\- **appsdk.eeid_is_proxy**: Indicates whether a proxy is used.
\\- **appsdk.eeid_is_highrisk**: Indicates whether the device is high-risk.
\\- **appsdk.adbstate**: Indicates whether ADB is enabled.
\\- **appsdk.eeid_abnormal_time**: Indicates whether the device time is abnormal.
\\- **appsdk.eeid_short_uptime**: Indicates whether the device uptime is short.
\\- **appsdk.screenon**: Indicates whether the screen is on.
\\- **appsdk.collectend**: Indicates whether data collection has ended.
\\- **appsdk.pkgreleasemode**: Indicates whether the app is in debug mode.
\\- **appsdk.elapsedtime**: The elapsed time since boot.
\\- **appsdk.isfront**: Indicates whether the app is running in the foreground.
\\- **appsdk.passwordunlock**: Indicates whether the device is screen-locked.
\\- **appsdk.fingerprintauth**: Indicates whether fingerprint authentication is enabled.
\\- **appsdk.brand**: The device brand.
\\- **appsdk.model**: The device model.
\\- **appsdk.batterychange**: The change in battery level since the last collection.
\\- **appsdk.batterystatus**: The battery charging status.
\\- **appsdk.batterylevel**: The battery level.
\\- **appsdk.brightness**: The screen brightness.
\\- **appsdk.packagesign**: The package signature hash.
\\- **appsdk.screenres**: The screen resolution.
\\- **appsdk.packagename**: The application package name.
\\- **appsdk.platform**: The platform.
\\- **appsdk.hookframe**: The hooking framework.
-**appsdk.version**: The APPSDK version.
\\- **appsdk.appname**: The application name.
\\- **appsdk.appversion**: The application version.
\\- **appsdk.hardware**: The hardware name.
\\- **appsdk.timestamp**: The data collection timestamp.
\\- **appsdk.devicename**: The device name.
\\- **appsdk.product**: The product code name.
\\- **appsdk.eeid_running_frame_script**: Indicates whether automation accessibility tools are installed.
**Note**: The fields available for back-to-origin tagging depend on the specific bot feature. For a list of supported fields, see the bot custom rule settings in the WAF console. |'."\n"
.'| customValue | String | No | test | A custom string to include in the header. |'."\n"
."\n"
.'## Resource-level rules (**resource**)'."\n"
."\n"
.'When **DefenseType** is set to **resource**, the rule configuration is as follows.'."\n"
."\n"
.'### Account extraction (**account\\_identifier**)'."\n"
."\n"
.'Each protected object can have only one account extraction rule.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ------------------ | ----- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| accountIdentifiers | array | Yes | \\[ { "key": "Header","subKey": "header-test", "decodeType": "jwt", "position": "username", "priority": 1 }, { "key": "Post-Arg", "subKey": "body_test", "decodeType": "plain", "priority": 2 } ] | An array of JSON objects that specifies the account identifier configurations. You can provide up to 5 objects. For field descriptions, see the accountIdentifiers data structure. |'."\n"
."\n"
.'**`accountIdentifiers` configuration**'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ---------- | ------- | -------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| key | String | Yes | Query-Arg | The location of the field to extract. Valid values: **Query-Arg**, **Cookie-Exact**, **Post-Arg**, and **Header**. |'."\n"
.'| subKey | String | Yes | query-test | The name of the field to extract from the source specified by the `key` parameter. |'."\n"
.'| decodeType | String | No | jwt | The authentication method. Valid values:
\\- **plain**: plaintext.
\\- **basic**: Basic authentication.
\\- **jwt**: JWT authentication. For JWT authentication, use the **position** parameter to specify the decoded account field. |'."\n"
.'| priority | Integer | Yes | 1 | The matching priority of the extraction policy. A traffic request can match at most one policy. Valid values are integers from 0 to 20, where a lower value indicates a higher priority. Priority values must be unique. |'."\n"
.'| position | String | No | account | The field in the decoded JWT payload that contains the account identifier. Required for JWT authentication. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "DefenseScene": "account_identifier",'."\n"
.' "Resource": "example.**.com-waf",'."\n"
.' "DefenseType": "resource",'."\n"
.' "InstanceId": "waf_cn****",'."\n"
.' "Rules": "[{\\"accountIdentifiers\\":[{\\"key\\":\\"Header\\",\\"subKey\\":\\"header-test\\",\\"decodeType\\":\\"jwt\\",\\"position\\":\\"username\\",\\"priority\\":1},{\\"key\\":\\"Post-Arg\\",\\"subKey\\":\\"body_test\\",\\"decodeType\\":\\"plain\\",\\"priority\\":2}]}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Custom response rules (**custom\\_response**)'."\n"
."\n"
.'You can configure only one custom response rule per protected object. The priority for response pages is as follows: rule level > protected object level > default page.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ------------- | ---- | -------- | ------------- | ------------------------------------------------------------------------------------------------------------ |'."\n"
.'| blockRuleId | Long | Optional | 1123 | The rule ID for the custom block page that is returned when a protected object triggers a block. |'."\n"
.'| captchaRuleId | Long | Optional | 1123 | The rule ID for the custom slider page that is returned when a protected object triggers a slider challenge. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "DefenseScene": "custom_response",'."\n"
.' "Resource": "example.**.com-waf",'."\n"
.' "DefenseType": "resource",'."\n"
.' "InstanceId": "waf_cn****",'."\n"
.' "Rules": "[{\\"blockRuleId\\":900000,\\"captchaRuleId\\":900001}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Protected object decoding (**waf\\_codec**)'."\n"
."\n"
.'You can configure only one decoding rule per protected object.'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| --------- | ----- | -------- | ---------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| codecList | Array | Yes | \\["comment","space-zip","json","xml","form","multipart","graphql","js-unicode","url","hex","html","php","java","utf7","oct"] | Specifies the transformations to enable. Valid values:
\\- **url**: URL decoding (Always enabled).
\\- **js-unicode**: Unicode decoding (Always enabled).
\\- **oct**: OCT decoding (Always enabled).
\\- **hex**: hex decoding (Always enabled).
\\- **comment**: comment decoding (Always enabled).
\\- **space-zip**: space decoding (Always enabled).
\\- **multipart**: Multipart parsing.
\\- **json**: JSON parsing.
\\- **xml**: XML parsing.
\\- **php**: PHP deserialization.
\\- **html**: HTML entity decoding.
\\- **utf7**: UTF-7 decoding.
\\- **base64**: Base64 decoding.
\\- **form**: Form parsing.
\\- **gzip**: Gzip decompression.
\\- **java**: Java deserialization.
\\- **graphql**: GraphQL parsing. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "DefenseScene": "waf_codec",'."\n"
.' "Resource": "example.**.com-waf",'."\n"
.' "DefenseType": "resource",'."\n"
.' "InstanceId": "waf_cn****",'."\n"
.' "Rules": "[{\\"codecList\\":[\\"comment\\",\\"space-zip\\",\\"json\\",\\"xml\\",\\"form\\",\\"multipart\\",\\"graphql\\",\\"js-unicode\\",\\"url\\",\\"hex\\",\\"html\\",\\"php\\",\\"java\\",\\"utf7\\",\\"gzip\\",\\"oct\\",\\"base64\\"]}]"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'## Global dimension (**global**)'."\n"
."\n"
.'When **DefenseType** is set to **global**, the rule configuration is as follows.'."\n"
."\n"
.'### Custom regular expression rule (**regular\\_custom**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ----------- | ------ | -------- | ------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Required | ruleTest | The name of the custom regular expression rule. The name must be 1 to 255 characters in length and can contain Chinese characters, letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| detectType | String | Required | sqli | The detection type. Valid values:
\\- **sqli**: SQL injection.
\\- **xss**: cross-site scripting.
\\- **cmdi**: OS command injection.
\\- **expression_injection**: expression injection (including EL, SpEL, and OGNL expressions).
\\- **java_deserialization**: Java deserialization.
\\- **dot_net_deserialization**: .NET deserialization.
\\- **php_deserialization**: PHP deserialization.
\\- **code_exec**: remote code execution (JNDI/XPATH).
\\- **ssrf**: server-side request forgery (SSRF).
\\- **path_traversal**: path traversal.
\\- **arbitrary_file_uploading**: arbitrary file upload.
\\- **webshell**: webshell.
\\- **rfilei**: remote file inclusion (RFI).
\\- **lfilei**: local file inclusion (LFI).
\\- **protocol_violation**: protocol violation.
\\- **scanner_behavior**: scanner behavior.
\\- **logic_flaw**: logic flaw.
\\- **arbitrary_file_reading**: arbitrary file read.
\\- **arbitrary_file_download**: arbitrary file download.
\\- **xxe**: XML external entity injection (XXE).
\\- **csrf**: cross-site request forgery (CSRF).
\\- **crlf**: CRLF injection.
\\- **other**: other. |'."\n"
.'| riskLevel | String | Required | strict | The risk level. Valid values:
\\- **super_strict**: super strict.
\\- **strict**: strict.
\\- **medium**: medium.
\\- **loose**: loose. |'."\n"
.'| description | String | Optional | Rule description. | The description of the rule. |'."\n"
.'| condition | Array | Required | \\[{"key":"IP","opValue":"eq","values":"11.XX.XX.1"},{"key":"Header","subKey":"abc","opValue":"contains","values":"test"}] | The match conditions for the rule, specified as a JSON string. You can specify up to five match conditions. For details, see **condition details**. |'."\n"
."\n"
.'**Condition configuration**'."\n"
."\n"
.'| Parameter | Type | Required | Value | Description |'."\n"
.'| --------- | ------ | -------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| key | String | required | Query-Arg | The custom match field. Valid values: **File-Name**, **Url**, **Raw-Url**, **Request-Url**, **Http-Method**, **Directory**, **Query**, **Raw-Header**, **Body**, **Extension**, **Union-Args**, **All-Data**, **All-Keys**, **Multipart-Keys**, **Multipart-Values**, **Header-Keys**, **Header-Values**, **Post-Arg-Keys**, **Post-Arg-Values**, **Query-Arg-Keys**, **Query-Arg-Values**, **Cookie-Keys**, **Cookie-Values**, **Header**, **Query-Arg**, **Post-Arg**, and **Multipart**. |'."\n"
.'| subKey | String | optional | query-test | The sub-match field.> A sub-match field is supported only when the match field is **Header**, **Query-Arg**, **Post-Arg**, or **Multipart**.> |'."\n"
.'| opValue | String | required | contain | The logical operator. Valid values: **regex**, **prefix-match**, **suffix-match**, **eq**, and **contain**. |'."\n"
.'| values | String | required | abc | The content to match. Separate multiple values with a comma (,). |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "name": "ruleTest",'."\n"
.' "detectType": "sqli",'."\n"
.' "riskLevel": "strict",'."\n"
.' "condition": [{"key": "FileName","opValue": "eq","values": "test"}]'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Address book (**address\\_book**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ----------- | ------ | -------- | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Required | bookTest | The name of the address book. It must be 1 to 255 characters long and can contain letters, digits, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| valueType | String | Required | IP | The type of the address book. Valid values:
\\- **IP**: The address book contains IP addresses. |'."\n"
.'| description | String | Optional | addressbookTest | The description of the address book. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "name": "bookTest",'."\n"
.' "valueType": "ip",'."\n"
.' "description": "addressbookTest"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Custom response (**custom\\_response**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ---------------- | ------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | Required | test | The name of the custom response rule. It must be 1–255 characters long and can contain letters, digits, Chinese characters, underscores (_), periods (.), and hyphens (-). |'."\n"
.'| action | String | Required | block | The protection rule action. Valid values:
\\- **block**: Blocks the request.
\\- **captcha**: Triggers a captcha challenge. |'."\n"
.'| responseCode | Integer | Optional | 400 | The response code to return.
\\- Required for a custom block page.
\\- Not supported for a custom captcha page, which returns a 200 response code. |'."\n"
.'| responseHeaders | Array | Optional | \\[{"key":"custom","value":"123"},{"key":"aaaa","value":"2223"}] | A list of custom response headers, specified as a JSON string. In each object, **key** is the header field and **value** is the header value. |'."\n"
.'| designType | String | Optional | custom | The response configuration type. This parameter is required only when **action** is set to **captcha**. Valid values:
\\- **custom**: A custom configuration.
\\- **preDefine**: A predefined configuration. |'."\n"
.'| responseContent | String | Optional | helloworld | The custom response content. This parameter is required for custom captcha or custom block pages. |'."\n"
.'| preDefineContent | Array | Optional | \\[{"language":"cn","title":"test","description":"desc","captchaColor":"#FFFF","showTraceId":false},{"language":"en","title":"titel","description":"desc","captchaColor":"#FFFF","showTraceId":false}] | The predefined configuration content. This parameter is required when **designType** is set to **preDefine**. For details, see the **Detailed predefined configuration** section. |'."\n"
."\n"
.'**Predefined Configuration Details**'."\n"
."\n"
.'| Parameter | Type | Required | Example value | Description |'."\n"
.'| ------------ | ------- | -------- | -------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| language | String | Yes | en | The language configuration. Valid values:
\\- **en**: English.
\\- **cn**: Chinese. |'."\n"
.'| icon | String | Yes | https://img.alicdn.com/imgextra/i1/O1CN01L12MaQ1ZwfYKk7Yrc_!!6000000003259-2-tps-900-594.png | The URL of a publicly accessible icon. |'."\n"
.'| title | String | Yes | test_title | The custom title for the slider page. |'."\n"
.'| description | String | Yes | For a better experience, slide to complete the verification before accessing the web page. | The custom description for the slider page. |'."\n"
.'| captchaColor | String | Yes | \\#ff6a00 | The color of the slider. |'."\n"
.'| showTraceId | boolean | Yes | true | Specifies whether to display the Trace ID on the slider page. Valid values:
\\- **true**: Displays the Trace ID.
\\- **false**: Hides the Trace ID. |'."\n"
."\n"
.'#### Custom block page configuration'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "name": "test",'."\n"
.' "action": "block",'."\n"
.' "responseContent": "helloworld",'."\n"
.' "responseCode": 401,'."\n"
.' "responseHeaders": [{"key":"t1","value":"v1"}],'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'#### Predefined slider page configuration'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.'"name": "test",'."\n"
.'"designType": "preDefine",'."\n"
.'"action": "captcha",'."\n"
.'"responseHeaders": ['."\n"
.' {'."\n"
.' "key": "Content-Type",'."\n"
.' "value": "text/html"'."\n"
.' }'."\n"
.'],'."\n"
.'"preDefineContent": ['."\n"
.' {'."\n"
.' "language": "en",'."\n"
.' "icon": "https://img.alicdn.com/imgextra/i1/O1CN01L12MaQ1ZwfYKk7Yrc_!!6000000003259-2-tps-900-594.png",'."\n"
.' "title": "Access Verification",'."\n"
.' "description": "Slide to complete verification.",'."\n"
.' "captchaColor": "#ff6a00",'."\n"
.' "showTraceId": true'."\n"
.' }'."\n"
.']'."\n"
.'}'."\n"
.'```',
'changeSet' => [
['createdAt' => '2024-09-02T09:44:33.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2023-05-17T07:33:46.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseRule'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'CreateDefenseTemplate' => [
'summary' => 'Creates a protection template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106370',
'abilityTreeNodes' => ['FEATUREwaf1LM6V0', 'FEATUREwafI1HM4C', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwaf6XNOII', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafS64FX9', 'FEATUREwafOVI09M', 'FEATUREwafIFHX6M', 'FEATUREwafF105ZO', 'FEATUREwaf16U367', 'FEATUREwafQHH3HH', 'FEATUREwaf10VDFG', 'FEATUREwafRM5KJ7'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateName',
'in' => 'query',
'schema' => ['description' => 'The name of the protection template. The name must be 1 to 255 characters in length and can contain letters, digits, underscores (\\_), periods (.), and hyphens (-).'."\n"
."\n"
.'> Template names must be unique within the same protection scenario (**DefenseScene**).', 'type' => 'string', 'required' => true, 'example' => 'test221', 'title' => ''],
],
[
'name' => 'TemplateType',
'in' => 'query',
'schema' => ['description' => 'The type of the protection template. Valid values:'."\n"
."\n"
.'- **user\\_default**: a default template created by the user.'."\n"
."\n"
.'- **user\\_custom**: a custom template created by the user.', 'type' => 'string', 'required' => true, 'example' => 'user_default', 'title' => ''],
],
[
'name' => 'TemplateStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the protection template. Valid values:'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The protection scenario. For more information, see the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'required' => true, 'example' => 'waf_group', 'title' => ''],
],
[
'name' => 'TemplateOrigin',
'in' => 'query',
'schema' => ['description' => 'The origin of the protection template. The value must be **custom**, which indicates a user-defined template.', 'type' => 'string', 'required' => true, 'example' => 'custom', 'title' => ''],
],
[
'name' => 'DefenseSubScene',
'in' => 'query',
'schema' => [
'description' => 'The sub-scenario of the protection template. Valid values:'."\n"
."\n"
.'- **bot\\_custom\\_acl**: a protection template for advanced custom rules for Bot management.',
'enumValueTitles' => [],
'type' => 'string',
'required' => false,
'example' => 'bot_custom_acl',
'title' => '',
],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the protection template.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'UnbindResources',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The protected object to unbind.', 'type' => 'string', 'required' => false, 'example' => 'abc', 'title' => ''],
'maxItems' => 200,
'description' => 'The protected objects to unbind from the default protection template. Specify the value in the \\[**"XX1","XX2",...**] format.'."\n"
."\n"
.'> This parameter takes effect only when you create a **default template** (**TemplateType** is set to **user\\_default**).',
'required' => false,
'title' => '',
'example' => '',
],
],
[
'name' => 'UnbindResourceGroups',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The protected object group to unbind.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''],
'maxItems' => 200,
'description' => 'The protected object groups to unbind from the default protection template. Specify the value in the \\[**"group1","group2",...**] format.'."\n"
."\n"
.'> This parameter takes effect only when you create a **default template** (**TemplateType** is set to **user\\_default**).',
'required' => false,
'title' => '',
'example' => '',
],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The data returned.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F48ABDF7-D777-5F26-892A-57349765D7A9', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '2212', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F48ABDF7-D777-5F26-892A-57349765D7A9\\",\\n \\"TemplateId\\": 2212\\n}","type":"json"}]',
'title' => 'CreateDefenseTemplate',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseTemplate'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'CreateDomain' => [
'summary' => 'Adds a domain name to a WAF instance by using Website Config for protection.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106298',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name to query.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'Listen',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The listening configuration.',
'type' => 'object',
'properties' => [
'HttpsPorts' => [
'description' => 'The listening ports for HTTPS.',
'type' => 'array',
'items' => ['description' => 'The listening ports for HTTPS, in the format of [**port1,port2,......,portN**].', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '[443,8443]', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'HttpPorts' => [
'description' => 'The listening ports for HTTP.',
'type' => 'array',
'items' => ['description' => 'The listening ports for HTTP, in the format of [**port1,port2,……**].', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '[80,81]', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'Http2Enabled' => [
'description' => 'Specifies whether to enable HTTP/2. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled.'."\n"
."\n"
.'- **false** (default): HTTP/2 is not enabled.',
'enumValueTitles' => [],
'type' => 'boolean',
'required' => false,
'example' => 'true',
'title' => '',
],
'CertId' => ['description' => 'The ID of the certificate to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS.', 'type' => 'string', 'required' => false, 'example' => '123', 'title' => ''],
'SM2Enabled' => ['description' => 'Specifies whether to enable the China Encryption (SM) certificate.', 'type' => 'boolean', 'default' => 'false', 'required' => false, 'example' => 'true', 'title' => ''],
'SM2CertId' => ['description' => 'The ID of the China Encryption (SM) certificate to add. This parameter is used only when SM2Enabled is set to true.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''],
'SM2AccessOnly' => ['description' => 'Specifies whether only China Encryption (SM) clients can access the domain name. This parameter is used only when SM2Enabled is set to true.'."\n"
."\n"
.'- true: Only China Encryption (SM) clients can access the domain name.'."\n"
."\n"
.'- false: Both China Encryption (SM) and non-China Encryption (SM) clients can access the domain name.', 'type' => 'boolean', 'default' => 'false', 'required' => false, 'example' => 'true', 'title' => ''],
'TLSVersion' => ['description' => 'The TLS version to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
.'- **tlsv1**'."\n"
.'- **tlsv1.1**'."\n"
.'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1', 'title' => ''],
'EnableTLSv3' => ['description' => 'Specifies whether to support TLS 1.3. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'CipherSuite' => ['description' => 'The type of cipher suite to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites. This value is available only when **TLSVersion** is set to **tlsv1.2**.'."\n"
."\n"
.'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '2', 'title' => ''],
'CustomCiphers' => [
'description' => 'The custom cipher suites to add.',
'type' => 'array',
'items' => ['description' => 'The custom cipher suites to add. This parameter is used only when **CipherSuite** is set to **99**.', 'type' => 'string', 'required' => false, 'example' => '["xxx","ffas"]', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'FocusHttps' => ['description' => 'Specifies whether to enable forced HTTPS redirect. This parameter is used only when HttpsPorts is not empty (which indicates that the domain name uses HTTPS) and HttpPorts is empty (which indicates that the domain name does not use HTTP). Valid values:'."\n"
."\n"
.'- **true**: Forced HTTPS redirect is enabled.'."\n"
."\n"
.'- **false**: Forced HTTPS redirect is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n"
."\n"
.'- **0** (default): The client traffic has not been forwarded by any Layer 7 proxy before reaching WAF.'."\n"
."\n"
.'- **1**: WAF reads the first value in the X-Forwarded-For (XFF) header as the client IP address.'."\n"
."\n"
.'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
'XffHeaders' => [
'description' => 'The list of custom header fields used to obtain the client IP address.',
'type' => 'array',
'items' => ['description' => 'The list of custom header fields used to obtain the client IP address, in the format of [**"header1","header2",……**].'."\n"
."\n"
.'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'string', 'required' => false, 'example' => '["Client-ip","cip"]', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'IPv6Enabled' => ['description' => 'Specifies whether to enable IPv6. Valid values:'."\n"
."\n"
.'- **true**: IPv6 is enabled.'."\n"
."\n"
.'- **false** (default): IPv6 is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'ProtectionResource' => ['description' => 'The type of protection resource to use. Valid values:'."\n"
."\n"
.'- **share** (default): shared cluster.'."\n"
."\n"
.'- **gslb**: shared cluster-based intelligent load balancing.', 'type' => 'string', 'required' => false, 'default' => 'share', 'example' => 'share', 'title' => ''],
'ExclusiveIp' => ['description' => 'Specifies whether to enable an exclusive IP address. This parameter is used only when **IPv6Enabled** is set to **false** (which indicates that IPv6 is not enabled) and **ProtectionResource** is set to **share** (which indicates that a shared cluster is used). Valid values:'."\n"
."\n"
.'- **true**: An exclusive IP address is enabled.'."\n"
."\n"
.'- **false** (default): An exclusive IP address is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'HstsIncludeSubDomain' => ['title' => '', 'description' => 'Specifies whether HSTS includes subdomains. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Not enabled.', 'type' => 'boolean', 'required' => false, 'example' => ''],
'HstsPreload' => ['title' => '', 'description' => 'Specifies whether to enable HSTS preloading. This feature is disabled by default. Valid values:'."\n"
.'- true: Enabled.'."\n"
.'- false: Disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false'],
'HstsMaxAge' => ['title' => '', 'description' => 'The HSTS expiration time. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '365000', 'required' => false],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Redirect',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The forwarding configuration.',
'type' => 'object',
'properties' => [
'Backends' => [
'description' => 'The IP addresses or back-to-origin domain names of the origin server corresponding to the domain name.',
'type' => 'array',
'items' => ['description' => 'The IP addresses or back-to-origin domain names of the origin server corresponding to the domain name. You can set only one type: origin server IP addresses or back-to-origin domain names. When the back-to-origin address is a domain name, only IPv4 is supported. IPv6 is not supported.'."\n"
."\n"
.'- To set origin server IP addresses, use the format [**"ip1","ip2",……**]. A maximum of 20 IP addresses are supported.'."\n"
."\n"
.'- To set back-to-origin domain names, use the format [**"domain"**]. A maximum of 20 domain name addresses are supported.', 'type' => 'string', 'required' => false, 'example' => '['."\n"
.' "1.1.XX.XX",'."\n"
.' "2.2.XX.XX"'."\n"
.']', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'Loadbalance' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n"
."\n"
.'- **iphash**: IP hash algorithm.'."\n"
."\n"
.'- **roundRobin**: round-robin algorithm.'."\n"
."\n"
.'- **leastTime**: Least Time algorithm. This value is available only when **ProtectionResource** is set to **gslb**, which indicates that the shared cluster-based intelligent load balancing is used.', 'type' => 'string', 'required' => true, 'default' => 'iphash', 'example' => 'roundRobin', 'title' => ''],
'FocusHttpBackend' => ['description' => 'Specifies whether to enable forced HTTP back-to-origin. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: Forced HTTP back-to-origin is enabled.'."\n"
."\n"
.'- **false**: Forced HTTP back-to-origin is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'SniEnabled' => ['description' => 'Specifies whether to enable back-to-origin SNI. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: Back-to-origin SNI is enabled.'."\n"
."\n"
.'- **false** (default): Back-to-origin SNI is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'SniHost' => ['description' => 'The value of the custom SNI extension field. If this parameter is not set, the value of the **Host** field in the request header is used as the SNI extension field value by default.'."\n"
.'In most cases, you do not need to customize the SNI unless your service has special configuration requirements and you want WAF to use an SNI that is different from the actual request Host in back-to-origin requests (the custom SNI set here).'."\n"
."\n"
.'> This parameter is required only when **SniEnabled** is set to **true**, which indicates that back-to-origin SNI is enabled.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
'RequestHeaders' => [
'description' => 'The traffic mark field and value of the domain name, used to mark traffic processed by WAF.'."\n"
."\n"
.'By specifying custom request header fields and corresponding values, when the access traffic of the domain name passes through WAF, WAF automatically adds the specified custom field values to the request header as traffic marks, which helps the backend service collect relevant information.',
'type' => 'array',
'items' => [
'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**]. **_key_** indicates the specified custom request header field, and **_value_** indicates the value set for the field.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The specified custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'aaa', 'title' => ''],
'Value' => ['description' => 'The value set for the custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'bbb', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 5,
'title' => '',
'example' => '',
],
'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds.'."\n"
.'Valid values: 1 to 3600.'."\n"
.'Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '120', 'title' => ''],
'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n"
.'Valid values: 1 to 3600.'."\n"
.'Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n"
.'Valid values: 1 to 3600.'."\n"
.'Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''],
'CnameEnabled' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n"
."\n"
.'- **true**: Public cloud disaster recovery is enabled.'."\n"
."\n"
.'- **false** (default): Public cloud disaster recovery is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'RoutingRules' => ['description' => 'The hybrid cloud forwarding rules. The value is a string converted from a JSON array. Each element in the JSON array is a structure that contains the following fields:'."\n"
.'- **rs**: Array type | The list of back-to-origin IP addresses or back-to-origin CNAMEs.'."\n"
."\n"
.'- **backupRs**: Array type | The list of backup back-to-origin IP addresses or back-to-origin CNAMEs. This field is required. Use [] to indicate that no backup is set.'."\n"
."\n"
.'- **location**: String type | The name of the protection node.'."\n"
."\n"
.'- **locationId**: Long type | The ID of the protection node.', 'type' => 'string', 'required' => false, 'example' => '['."\n"
.' {'."\n"
.' "rs":'."\n"
.' ['."\n"
.' "1.1.XX.XX"'."\n"
.' ],'."\n"
.' "backupRs":'."\n"
.' ['."\n"
.' "2.2.XX.XX"'."\n"
.' ],'."\n"
.' "locationId": 535,'."\n"
.' "location": "test1111"'."\n"
.' }'."\n"
.']', 'title' => ''],
'Keepalive' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n"
."\n"
.'- **true** (default): Persistent connections are enabled.'."\n"
."\n"
.'- **false**: Persistent connections are not enabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
'Retry' => ['description' => 'Specifies whether to retry when WAF fails to forward requests to the origin server. Valid values:'."\n"
."\n"
.'- **true** (default): Retry is enabled.'."\n"
."\n"
.'- **false**: Retry is not enabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
'KeepaliveRequests' => ['description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000. Default value: 1000.'."\n"
."\n"
.'> The number of persistent connections to reuse after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n"
."\n"
.'> The idle time after which a reused persistent connection is released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '15', 'required' => false, 'example' => '15', 'title' => ''],
'XffProto' => ['description' => 'Specifies whether to use X-Forward-For-Proto to pass the protocol used by WAF. Valid values:'."\n"
."\n"
.'- **true** (default): The protocol used by WAF is passed.'."\n"
."\n"
.'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'false', 'title' => ''],
'BackupBackends' => [
'description' => 'The backup origin server IP addresses or back-to-origin domain names corresponding to the domain name.',
'type' => 'array',
'items' => ['description' => 'The backup origin server IP addresses or back-to-origin domain names corresponding to the domain name. You can set only one type: origin server IP addresses or back-to-origin domain names. When the back-to-origin address is a domain name, only IPv4 is supported. IPv6 is not supported.'."\n"
."\n"
.'- To set origin server IP addresses, use the format [**"ip1","ip2",……**]. A maximum of 20 IP addresses are supported.'."\n"
."\n"
.'- To set back-to-origin domain names, use the format [**"domain"**]. A maximum of 20 domain name addresses are supported.', 'type' => 'string', 'required' => false, 'example' => '['."\n"
.' "1.1.XX.XX",'."\n"
.' "2.2.XX.XX"'."\n"
.']', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'XClientIp' => ['description' => 'Specifies whether to allow WAF to overwrite X-Client-IP. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'XTrueIp' => ['description' => 'Specifies whether to allow WAF to overwrite X-True-IP. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'WebServerType' => ['description' => 'Specifies whether to allow WAF to overwrite Web-Server-Type. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'WLProxyClientIp' => ['description' => 'Specifies whether to allow WAF to overwrite WL-Proxy-Client-IP. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.'."\n"
.'> Only the Ultimate Edition supports this feature.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'required' => false],
'Http2Origin' => ['title' => '', 'description' => 'Specifies whether to enable HTTP/2 back-to-origin. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 back-to-origin is enabled.'."\n"
."\n"
.'- **false**: HTTP/2 back-to-origin is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true'],
'Http2OriginMaxConcurrency' => ['title' => '', 'description' => 'The maximum number of concurrent connections for HTTP/2 back-to-origin. Valid values: 1 to 512. Default value: 128.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '512', 'minimum' => '1', 'example' => '128', 'required' => false],
'BackendPorts' => [
'description' => 'The custom port configuration.',
'type' => 'array',
'items' => [
'description' => 'The custom port configuration.',
'type' => 'object',
'properties' => [
'ListenPort' => ['description' => 'The listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''],
'BackendPort' => ['description' => 'The back-to-origin port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''],
'Protocol' => ['description' => 'The protocol of the listening port. Valid values:'."\n"
."\n"
.'- **http**: The protocol of the listening port is HTTP.'."\n"
."\n"
.'- **https**: The protocol of the listening port is HTTPS.', 'type' => 'string', 'required' => false, 'example' => 'http', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
'ProxyProtocol' => ['title' => '', 'description' => 'Specifies whether the client source IP preservation feature is enabled.'."\n"
.'- **true**: The client source IP preservation feature is enabled. After this feature is enabled, the backend service can view the originating IP address of the client.'."\n"
.'- **false**: The client source IP preservation feature is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false'],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'title' => '', 'required' => true, 'example' => 'cn-hangzhou'],
],
[
'name' => 'AccessType',
'in' => 'query',
'schema' => ['description' => 'The access type of the WAF instance. Valid values:'."\n"
."\n"
.'- **share** (default): CNAME access.'."\n"
."\n"
.'- **hybrid\\_cloud\\_cname**: hybrid cloud CNAME access.', 'type' => 'string', 'default' => 'share', 'required' => false, 'example' => 'share', 'title' => ''],
],
[
'name' => 'Tag',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The tag list, which contains a maximum of 20 items.',
'type' => 'array',
'items' => [
'description' => 'The tags of the resource. A maximum of 20 items are supported.',
'type' => 'object',
'properties' => [
'Key' => ['title' => '', 'description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'Tagkey1'],
'Value' => ['title' => '', 'description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1'],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 21,
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response returned after the domain name is added.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'DomainInfo' => [
'description' => 'The information about the added domain name.',
'type' => 'object',
'properties' => [
'Cname' => ['description' => 'The CNAME assigned by WAF to the domain name.', 'type' => 'string', 'example' => 'xxxxxwww.****.com', 'title' => ''],
'Domain' => ['description' => 'The added domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'DomainId' => ['description' => 'The domain name ID.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.ResourceExsit', 'errorMessage' => 'Access resource already exists, resource:%s.', 'description' => 'Access resource already exists, existing resource:%s.'],
['errorCode' => 'Waf.Pullin.BusinessViolation', 'errorMessage' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'description' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'],
['errorCode' => 'Waf.Pullin.Http2OriginMustOnHttp2Enable', 'errorMessage' => 'When HTTP2 origin is enabled, HTTP2 listening must be enabled.', 'description' => 'When HTTP2 back-to-source is enabled, HTTP2 listening must be enabled.'],
['errorCode' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', 'errorMessage' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', 'description' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.'],
['errorCode' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', 'errorMessage' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', 'description' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.'],
['errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'],
['errorCode' => 'Waf.Pullin.InvalidMaxAgeWithPreload', 'errorMessage' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000.', 'description' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000'],
['errorCode' => 'Waf.Pullin.InvalidIncludeSubDomainWithPreload', 'errorMessage' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'],
['errorCode' => 'Waf.Pullin.InvalidCustomCiphers', 'errorMessage' => 'Invalid custom cipher suite.', 'description' => 'Invalid custom cipher suite.'],
['errorCode' => 'Waf.Pullin.InvalidHttp2OriginWithProxyProtocol', 'errorMessage' => 'http2Origin and proxyProtocol cannot be opened at the same time.', 'description' => 'http2Origin and proxyProtocol cannot be opened at the same time.'],
],
],
'title' => 'Add a CNAME access resource',
'changeSet' => [
['createdAt' => '2024-12-12T08:00:42.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2024-11-28T15:04:53.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-01-30T12:16:58.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-04-27T06:05:43.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-04-18T02:11:03.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-03-31T03:11:45.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2023-01-10T12:29:44.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-01-05T12:39:23.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2022-11-28T08:16:57.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2022-11-25T01:57:31.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDomain'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDomain',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"DomainInfo\\": {\\n \\"Cname\\": \\"xxxxxwww.****.com\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n}","type":"json"}]',
],
'CreateHybridCloudCluster' => [
'summary' => 'Creates a hybrid cloud Web Application Firewall (WAF) cluster.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124693',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'ClusterName',
'in' => 'query',
'schema' => ['description' => 'The name of the hybrid cloud cluster.', 'type' => 'string', 'required' => true, 'example' => 'test', 'title' => ''],
],
[
'name' => 'HttpPorts',
'in' => 'query',
'schema' => ['description' => 'The listening ports for the HTTP protocol. Separate multiple ports with commas (,), such as **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '80,8080', 'title' => ''],
],
[
'name' => 'HttpsPorts',
'in' => 'query',
'schema' => ['description' => 'The listening ports for the HTTPS protocol. Separate multiple ports with commas (,), such as **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '443,8443', 'title' => ''],
],
[
'name' => 'AccessMode',
'in' => 'query',
'schema' => ['description' => 'The network access mode of the cluster. Valid values:'."\n"
."\n"
.'- **internet**: access over the Internet.'."\n"
."\n"
.'- **vpc**: access over an Express Connect circuit.', 'type' => 'string', 'required' => true, 'example' => 'internet', 'title' => ''],
],
[
'name' => 'AccessRegion',
'in' => 'query',
'schema' => ['description' => 'The region for Express Connect circuit access. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Hangzhou.'."\n"
."\n"
.'- **cn-beijing**: Beijing.'."\n"
."\n"
.'- **cn-shanghai**: Shanghai.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'LogFieldsNotReturned',
'in' => 'query',
'schema' => ['description' => '> This parameter is deprecated. It no longer returns meaningful data.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'deprecated', 'title' => ''],
],
[
'name' => 'ProtectionServerCount',
'in' => 'query',
'schema' => ['description' => 'The maximum number of protection nodes that can be added to the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'Remark',
'in' => 'query',
'schema' => ['description' => 'The description of the hybrid cloud cluster.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'ProxyType',
'in' => 'query',
'schema' => ['description' => 'The type of the hybrid cloud cluster. Valid values:'."\n"
."\n"
.'- **cname**: reverse proxy cluster. Traffic is forwarded through CNAME resolution.'."\n"
."\n"
.'- **service**: transparent proxy cluster. Traffic is forwarded at the service level.', 'type' => 'string', 'default' => 'cname', 'required' => false, 'example' => 'cname', 'title' => ''],
],
[
'name' => 'RuleStatus',
'in' => 'query',
'schema' => ['description' => 'Indicates whether manual bypass is enabled for the cluster. Valid values:'."\n"
."\n"
.'- **on**: Manual bypass is enabled.'."\n"
."\n"
.'- **off**: Manual bypass is disabled.', 'type' => 'string', 'required' => false, 'example' => 'on', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The type of the bypass rule. Valid values:'."\n"
."\n"
.'- **bypass**: skips WAF security checks and allows traffic to pass through directly.', 'type' => 'string', 'required' => false, 'example' => 'bypass', 'title' => ''],
],
[
'name' => 'RuleConfig',
'in' => 'query',
'schema' => ['description' => 'The configuration of the bypass rule, in JSON format. This includes settings such as circuit breaker thresholds, request body size limits, and timeout values.', 'type' => 'string', 'required' => false, 'example' => '{'."\n"
.' "enable": true,'."\n"
.' "param": {'."\n"
.' "breaker": {'."\n"
.' "duration": 1,'."\n"
.' "failed": 1,'."\n"
.' "recent_failed": 1'."\n"
.' },'."\n"
.' "disable_protect": false,'."\n"
.' "max_request_body_len": 1,'."\n"
.' "timeout": 1'."\n"
.' }'."\n"
.'}', 'title' => ''],
],
[
'name' => 'ProxyStatus',
'in' => 'query',
'schema' => ['description' => 'Indicates whether the proxy gateway is enabled for the cluster. Valid values:'."\n"
."\n"
.'- **on**: The proxy gateway is enabled.'."\n"
."\n"
.'- **off**: The proxy gateway is disabled.', 'type' => 'string', 'default' => 'off', 'required' => false, 'example' => 'off', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''],
'Data' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"Data\\": 1\\n}","type":"json"}]',
'title' => 'CreateHybridCloudCluster',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateHybridCloudCluster',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'CreateHybridCloudClusterRule' => [
'summary' => 'Creates a Hybrid Cloud Web Application Firewall (WAF) cluster rule.',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '137983',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n"
."\n"
.'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about Hybrid Cloud WAF clusters.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '428', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'allowEmptyValue' => true,
'schema' => ['description' => 'The type of the traffic redirection rule. Valid values:'."\n"
."\n"
.'- **pullin**: traffic redirection', 'type' => 'string', 'required' => true, 'example' => 'pullin', 'title' => ''],
],
[
'name' => 'RuleStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the traffic redirection rule. Valid values:'."\n"
."\n"
.'- **on**: enabled.'."\n"
."\n"
.'- **off**: disabled.', 'type' => 'string', 'required' => true, 'example' => 'on', 'title' => ''],
],
[
'name' => 'RuleConfig',
'in' => 'query',
'schema' => ['description' => 'The configuration of the traffic redirection rule, in JSON format.'."\n"
."\n"
.'> The modes are mutually exclusive. You can select only one mode. If you change the mode, all traffic redirection rules in the previous mode are cleared.'."\n"
."\n"
.'- **check\\_mode**: the traffic redirection mode. Valid values:'."\n"
."\n"
.' - **all**: redirects all traffic.'."\n"
."\n"
.' - **part**: redirects a specific portion of traffic.'."\n"
."\n"
.'- **type**: the match type for the rule. Valid values:'."\n"
."\n"
.' - **exact**: exact match.'."\n"
."\n"
.' - **regex**: regular expression match.'."\n"
."\n"
.'- **substance**: the match value of the rule.', 'type' => 'string', 'default' => '""', 'required' => false, 'example' => 'full volume drainage:{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}'."\n"
.'Specified partial drainage:{\\"check_mode\\": \\"part\\", \\"type\\": \\"exact\\", \\"substance\\": \\"12222\\"}', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'title' => '', 'example' => '66A98669-CC6E-4F3E-*****-3014697B11AE'],
'ClusterRuleResourceId' => ['description' => 'The ID of the cluster rule resource.', 'type' => 'string', 'example' => 'hdbc-clusterrule-*******m0w', 'title' => ''],
],
'example' => '',
],
],
],
'title' => 'CreateHybridCloudClusterRule',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-*****-3014697B11AE\\",\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-*******m0w\\"\\n}","type":"json"}]',
],
'CreateHybridCloudGroup' => [
'summary' => 'Creates a node group in a Hybrid Cloud Web Application Firewall (WAF) cluster.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '136094',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-n6w***x52m', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the node group.', 'type' => 'string', 'required' => true, 'example' => 'test', 'title' => ''],
],
[
'name' => 'GroupType',
'in' => 'query',
'schema' => ['description' => 'The type of the node group. Valid values:'."\n"
."\n"
.'- **protect**: a protection node group that processes traffic filtering.'."\n"
."\n"
.'- **control**: a control node group that manages cluster configurations.'."\n"
."\n"
.'- **storage**: a storage node group that stores logs and data.'."\n"
."\n"
.'- **controlStorage**: a node group that serves as both control and storage.', 'type' => 'string', 'required' => true, 'example' => 'protect', 'title' => ''],
],
[
'name' => 'LoadBalanceIp',
'in' => 'query',
'schema' => ['description' => 'The IP address of the load balancer that is associated with the node group.', 'type' => 'string', 'required' => true, 'example' => '3.3.3.3', 'title' => ''],
],
[
'name' => 'Remark',
'in' => 'query',
'schema' => ['description' => 'The remarks on the node group. You can use this parameter to add a brief description for the node group.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'LocationCode',
'in' => 'query',
'schema' => ['description' => 'The location code of the region where the node group resides. The value is in the format of Carrier-Continent-City.', 'type' => 'string', 'required' => false, 'example' => '0-410-0', 'title' => ''],
],
[
'name' => 'BackSourceMark',
'in' => 'query',
'schema' => ['description' => 'The back-to-origin mark of the node group. The value is in the format of Carrier-Continent-City, which is used to identify the origin of back-to-origin requests.', 'type' => 'string', 'required' => false, 'example' => 'aliyun-asiapacific-beijing', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '48F7C7BA-0932-50EA-89AD-5B0E1***274', 'title' => ''],
'Data' => ['description' => 'The ID of the created node group.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"48F7C7BA-0932-50EA-89AD-5B0E1***274\\",\\n \\"Data\\": 1\\n}","type":"json"}]',
'title' => 'CreateHybridCloudGroup',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateHybridCloudGroup'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateHybridCloudGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'CreateLogDeliveryConfig' => [
'summary' => 'Creates a log delivery configuration for a Web Application Firewall (WAF) instance in a hybrid cloud.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'DeliveryName',
'in' => 'query',
'schema' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''],
],
[
'name' => 'DeliveryType',
'in' => 'query',
'schema' => ['description' => 'The type of the log delivery configuration. Valid values:'."\n"
."\n"
.'- **syslog**: Delivers logs to a syslog service.'."\n"
."\n"
.'- **kafka**: Delivers logs to a Kafka service.', 'type' => 'string', 'required' => true, 'example' => 'syslog', 'title' => ''],
],
[
'name' => 'DeliveryDetail',
'in' => 'query',
'schema' => ['description' => 'The details of the log delivery configuration. The value is a JSON string that is generated from a series of parameters.'."\n"
."\n"
.'> The parameters vary based on the value of **DeliveryType**. For more information, see **Parameters for log delivery configuration details**.', 'type' => 'string', 'required' => true, 'example' => '{'."\n"
.' "rfcVersion": "rfc3164",'."\n"
.' "protocol": "tcp",'."\n"
.' "servers": ['."\n"
.' {'."\n"
.' "address": "1.1.1.1",'."\n"
.' "port": 20'."\n"
.' }'."\n"
.' ]'."\n"
.'}', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DeliveryName\\": \\"test1\\",\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\"\\n}","type":"json"}]',
'title' => 'CreateLogDeliveryConfig',
'requestParamsDescription' => '## Log delivery configuration details'."\n"
."\n"
.'### Deliver logs to a syslog service (**syslog**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ---------- | ------ | -------- | ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| servers | Array | Yes | \\[{"address":"11.11.XX.XX","port":8000}] | The remote address of the syslog service. If DeliveryType is set to **syslog**, you can specify only one address. The address includes the following parameters:
\\- **address**: The domain name or IP address of the server. IPv4 and IPv6 addresses are supported. This parameter is required.
\\- **port**: The server port. This parameter is required. |'."\n"
.'| rfcVersion | String | No | rfc3164 | The RFC version for syslog. Valid values:
\\- **rfc3164** (default): RFC 3164.
\\- **rfc5424**: RFC 5424. |'."\n"
.'| protocol | String | Yes | tcp | The protocol for syslog. Valid values:
\\- **tcp**: TCP.
\\- **udp**: UDP. |'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_cn-n*******",'."\n"
.' "DeliveryName": "test1",'."\n"
.' "DeliveryType": "syslog",'."\n"
.' "DeliveryDetail": "{\\"rfcVersion\\":\\"rfc3164\\",\\"protocol\\":\\"tcp\\",\\"servers\\":[{\\"address\\":\\"11.11.XX.XX\\",\\"port\\":8000}]}"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'### Deliver logs to a Kafka service (**kafka**)'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ---------------- | ------ | -------- | ---------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| servers | Array | Yes | \\[{"address":"a.com","port":8000}] | The remote address of the Kafka service. If DeliveryType is set to **kafka**, you can specify up to three addresses. Each address includes the following parameters:
\\- **address**: The domain name or IP address of the server. IPv4 and IPv6 addresses are supported. This parameter is required.
\\- **port**: The server port. This parameter is required. |'."\n"
.'| kafkaTopic | String | Yes | test | The topic ID or name for Kafka. |'."\n"
.'| protocol | String | Yes | PLAINTEXT | The security protocol for Kafka. Valid values:
\\- **PLAINTEXT** (default): PLAINTEXT.
\\- **SASL_PLAINTEXT**: SASL_PLAINTEXT.
\\- **SASL_SSL**: SASL_SSL. |'."\n"
.'| saslUserName | String | No | user123 | The username for SASL authentication of the Kafka service. This parameter is required if **protocol** is set to **SASL_PLAINTEXT** or **SASL_SSL**. |'."\n"
.'| saslPassword | String | No | user*** | The password for SASL authentication of the Kafka service. This parameter is required if **protocol** is set to **SASL_PLAINTEXT** or **SASL_SSL**. |'."\n"
.'| pemCert | String | No | Cert | The custom certificate for the Kafka service. The certificate must be in the PEM format. |'."\n"
.'| compressionCodec | String | No | none | The compression type for Kafka. Valid values:
\\- **none** (default): no compression.
\\- **gzip**: Gzip.
\\- **zstd**: Zstandard.
\\- **lz4**: LZ4.
\\- **snappy**: Snappy. |'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_v2_public_cn-n*********",'."\n"
.' "DeliveryName": "test2",'."\n"
.' "DeliveryType": "kafka",'."\n"
.' "DeliveryDetail": "{\\"kafkaTopic\\":\\"topictest1\\",\\"protocol\\":\\"SASL_PLAINTEXT\\",\\"servers\\":[{\\"address\\":\\"a.com\\",\\"port\\":1000},{\\"address\\":\\"ba.com\\",\\"port\\":1000},{\\"address\\":\\"c.com\\",\\"port\\":1000}],\\"saslUserName\\":\\"user123\\",\\"saslPassword\\":\\"user****\\"}"'."\n"
.'}'."\n"
.'```',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'CreateMajorProtectionBlackIp' => [
'summary' => 'Creates an IP address blacklist for critical event protection.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124760',
'abilityTreeNodes' => ['FEATUREwaf2KYU04'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-2r42s6y****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2221', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '232324', 'title' => ''],
],
[
'name' => 'IpList',
'in' => 'query',
'schema' => ['description' => 'The IP address blacklist to add. You can specify custom IP addresses or CIDR blocks. Both IPv4 and IPv6 addresses are supported. Separate multiple IP addresses with commas (,). For more information, see [Critical event protection](~~425591~~).', 'type' => 'string', 'required' => true, 'example' => '192.0.XX.XX,192.0.XX.XX/24', 'title' => ''],
],
[
'name' => 'ExpiredTime',
'in' => 'query',
'schema' => ['description' => 'The timestamp after which the IP address blacklist becomes invalid. Unit: seconds.'."\n"
."\n"
.'> If you set this parameter to **0**, the IP address blacklist is permanently valid.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1716528465', 'title' => ''],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the IP address blacklist.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'Protection for major events'],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D****', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'CreateMajorProtectionBlackIp',
'description' => 'This operation is available only on the China site (aliyun.com).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMajorProtectionBlackIp'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D****\\"\\n}","type":"json"}]',
],
'CreateMemberAccounts' => [
'summary' => 'Adds member accounts to use the multi-account management feature of Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '213361',
'abilityTreeNodes' => ['FEATUREwaf4WHEC3'],
],
'parameters' => [
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to view your current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'SourceIp',
'in' => 'query',
'schema' => ['description' => 'The source IP address of the request. The system automatically obtains the value of this parameter.', 'type' => 'string', 'required' => false, 'example' => '1.1.X.X', 'title' => ''],
],
[
'name' => 'MemberAccountIds',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The Alibaba Cloud account IDs of the members that you want to add. You can add up to 10 members at the same time.',
'type' => 'array',
'items' => ['description' => 'The Alibaba Cloud account ID of the member.', 'type' => 'string', 'required' => false, 'example' => '139**********55', 'title' => ''],
'required' => true,
'maxItems' => 20,
'minItems' => 1,
'title' => '',
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameter.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'CreateMemberAccounts',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMemberAccounts'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateMemberAccounts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\"\\n}","type":"json"}]',
],
'CreatePocFunction' => [
'summary' => 'Starts a trial for a proof of concept (POC) feature.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'readAndWrite',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '231682',
'abilityTreeNodes' => ['FEATUREwafH82E50'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of the POC feature trial. Valid values:'."\n"
."\n"
.'- **apisec**: API security.'."\n"
."\n"
.'- **botWeb**: bot management for websites.'."\n"
."\n"
.'- **botApp**: bot management for applications.'."\n"
."\n"
.'- **largeLanguageModel**: protection for AI-powered applications.', 'type' => 'string', 'required' => true, 'example' => 'botWeb', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
],
'description' => 'The response.',
'title' => '',
'example' => '',
],
],
],
'title' => 'CreatePocFunction',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreatePocFunction',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]',
],
'CreatePostpaidInstance' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '166793',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4gh****wela', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '73A4E786-8235-50C0-9631-87C8****4A36', 'title' => ''],
'InstanceId' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'title' => '', 'example' => 'waf_v2_public_cn-x0r****gr1i'],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'CreatePostpaidInstance',
'summary' => 'Creates a pay-as-you-go Web Application Firewall (WAF) 3.0 instance.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreatePostpaidInstance'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreatePostpaidInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"73A4E786-8235-50C0-9631-87C8****4A36\\",\\n \\"InstanceId\\": \\"waf_v2_public_cn-x0r****gr1i\\"\\n}","type":"json"}]',
],
'CreateSM2Cert' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'CertName',
'in' => 'query',
'schema' => ['description' => 'The certificate name.', 'type' => 'string', 'required' => false, 'example' => 'test-sm2', 'title' => ''],
],
[
'name' => 'EncryptCertificate',
'in' => 'query',
'schema' => ['description' => 'The content of the SM encryption certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN CERTIFICATE-----'."\n"
.'***'."\n"
.'-----END CERTIFICATE-----', 'title' => ''],
],
[
'name' => 'EncryptPrivateKey',
'in' => 'query',
'schema' => ['description' => 'The private key content of the SM encryption certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN PRIVATE KEY-----'."\n"
.'***'."\n"
.'-----END PRIVATE KEY-----', 'title' => ''],
],
[
'name' => 'SignCertificate',
'in' => 'query',
'schema' => ['description' => 'The signing certificate content of the SM certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN CERTIFICATE-----'."\n"
.'***'."\n"
.'-----END CERTIFICATE-----', 'title' => ''],
],
[
'name' => 'SignPrivateKey',
'in' => 'query',
'schema' => ['description' => 'The private key content of the SM signing certificate.', 'type' => 'string', 'required' => false, 'example' => '-----BEGIN PRIVATE KEY-----'."\n"
.'***'."\n"
.'-----END PRIVATE KEY-----', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''],
'CertIdentifier' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '***-cn-hangzhou', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Upload SM certificate for cNAME-based WAF access',
'summary' => 'Uploads a China National Cryptographic Algorithm (SM) certificate for a domain that is added to WAF in CNAME mode.',
'changeSet' => [
['createdAt' => '2024-11-12T13:24:10.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateSM2Cert',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"CertIdentifier\\": \\"***-cn-hangzhou\\"\\n}","type":"json"}]',
],
'DeleteAddress' => [
'summary' => 'Deletes addresses from an address book.',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124760',
'abilityTreeNodes' => ['FEATUREwaf4TDPM4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo36****0i', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the address book.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''],
],
[
'name' => 'AddressList',
'in' => 'query',
'style' => 'flat',
'schema' => [
'description' => 'The list of addresses to delete.',
'type' => 'array',
'items' => ['description' => 'A single address. IP addresses and CIDR blocks are supported. Both IPv4 and IPv6 are supported.', 'type' => 'string', 'required' => false, 'example' => 'XX.XX.XX.XX/32', 'title' => ''],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C33EB3D5-AF96-43CA-9C7E-37A8****6A1E', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Defense.Control.DefenseAddressOversize', 'errorMessage' => 'The number of addresses in the address book exceeds the limit.', 'description' => 'The number of addresses in the address book exceeds the limit.'],
['errorCode' => 'Defense.Control.DefenseAddressInvalid', 'errorMessage' => 'The address in the address book is illegal.', 'description' => 'The address in the address book is illegal.'],
['errorCode' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'errorMessage' => 'Address book operations are too frequent.', 'description' => 'Address book operations are too frequent. Please try again later.'],
],
],
'title' => 'Delete addresses from an address book',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteAddress',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C33EB3D5-AF96-43CA-9C7E-37A8****6A1E\\"\\n}","type":"json"}]',
],
'DeleteApisecAbnormals' => [
'summary' => 'Deletes API security risks in batches.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '229948',
'abilityTreeNodes' => ['FEATUREwafWE25G7'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy*****', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter is applicable only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'AbnormalIds',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The list of API security risk IDs.',
'type' => 'array',
'items' => ['description' => 'The API security risk ID.', 'type' => 'string', 'required' => false, 'example' => '4d4b1a5fe2100b86f629e2db63*****', 'title' => ''],
'required' => true,
'maxItems' => 20,
'minItems' => 1,
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Batch delete API security risks',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecAbnormals'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteApisecAbnormals',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
],
'DeleteApisecEvents' => [
'summary' => 'Deletes API security events in batches.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '230004',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-g4t*****'],
],
[
'name' => 'EventIds',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The list of API security event IDs.',
'type' => 'array',
'items' => ['title' => '', 'description' => 'The API security event ID.', 'type' => 'string', 'example' => 'eb370fb29781f75c07cabd5b2*****', 'required' => false],
'required' => true,
'maxItems' => 20,
'minItems' => 1,
'example' => '',
],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The hybrid cloud cluster ID.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'example' => '428', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'required' => false],
],
[
'name' => 'EventScope',
'in' => 'query',
'schema' => [
'title' => '',
'description' => 'The dimension of the security event. Valid values:'."\n"
."\n"
.'- **ip**: IP-dimension security events.'."\n"
."\n"
.'- **account**: account-dimension security events.',
'type' => 'string',
'example' => 'ip',
'default' => 'ip',
'enum' => ['ip', 'account'],
'required' => false,
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Batch delete API security events',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecEvents'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteApisecEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
],
'DeleteCloudResource' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226538',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to view the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => ['description' => 'The type of the cloud service. Valid values:'."\n"
."\n"
.'- **clb4**: Layer 4 CLB.'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **ecs**: ECS.'."\n"
."\n"
.'- **nlb**: Network Load Balancer (NLB).', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'clb7', 'title' => ''],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-bp1*****jqnnqk5uj2p', 'title' => ''],
],
[
'name' => 'Port',
'in' => 'query',
'schema' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'example' => '443', 'title' => ''],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protected resource. WAF automatically generates this ID when you add the cloud service to WAF.'."\n"
."\n"
.'> Call [CreateCloudResource](~~2839876~~) to add a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-****py9kcm2n6nuesiu2a-80-clb4', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request. Alibaba Cloud generates a unique ID for each request. You can use this ID to troubleshoot issues.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Control.DefenseResourceEmpty', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'],
['errorCode' => 'Waf.Control.CloudProductInfoEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'."\n"],
['errorCode' => 'Waf.Control.CloudProductInfoNotMartch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'],
],
],
'title' => 'DeleteCloudResource',
'summary' => 'Removes a cloud service from Web Application Firewall (WAF). This operation currently supports only Elastic Compute Service (ECS) and Classic Load Balancer (CLB).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteCloudResource'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteCloudResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\"\\n}","type":"json"}]',
],
'DeleteCloudResourceExtensionCert' => [
'summary' => 'Deletes an extension certificate for a cloud service connected in cloud native mode.',
'path' => '',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'],
],
'parameters' => [
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepay_public_intl-sg-***', 'title' => ''],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF when the resource is connected in cloud native mode.'."\n"
."\n"
.'> You can call the [CreateCloudResource](~~2839876~~) operation to connect a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => true, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''],
],
[
'name' => 'CertId',
'in' => 'query',
'schema' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'Schema of Response',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => '56B40D30-4960-4F19-B7D5-***'],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'Delete an extension certificate for a cloud service',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteCloudResourceExtensionCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"56B40D30-4960-4F19-B7D5-***\\"\\n}","type":"json"}]',
],
'DeleteDefenseResource' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106306',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-9lb*******', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The name of the protected object.', 'type' => 'string', 'required' => true, 'example' => 'zhh*****.test.top-clb7'],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '745F051D-95FD-57EC-9DC1-79BB4883C6A4', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Delete a protected object',
'summary' => 'Deletes a protected object.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"745F051D-95FD-57EC-9DC1-79BB4883C6A4\\"\\n}","type":"json"}]',
],
'DeleteDefenseResourceGroup' => [
'summary' => 'Deletes a protected object group.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106355',
'abilityTreeNodes' => ['FEATUREwafHQWDCC'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group that you want to delete.', 'type' => 'string', 'required' => true, 'example' => 'group221', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '25BE1169-9AE4-5D7D-8293-C33242ABB549', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteDefenseResourceGroup',
'changeSet' => [
['createdAt' => '2024-09-02T03:44:32.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseResourceGroup'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"25BE1169-9AE4-5D7D-8293-C33242ABB549\\"\\n}","type":"json"}]',
],
'DeleteDefenseRule' => [
'summary' => 'Deletes the specified protection rules.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106469',
'abilityTreeNodes' => [
'FEATUREwaf1LM6V0', 'FEATUREwafOVI09M', 'FEATUREwafF105ZO', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwafIFHX6M', 'FEATUREwafI1HM4C', 'FEATUREwaf16U367', 'FEATUREwaf6XNOII', 'FEATUREwafS64FX9', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafRM5KJ7', 'FEATUREwaf4TDPM4', 'FEATUREwafOUMN3V', 'FEATUREwafVG3S9P', 'FEATUREwafIDKGGL', 'FEATUREwafWUANSU', 'FEATUREwafVZXFDE',
'FEATUREwaf6KFDRU',
],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection rule template that you want to delete.'."\n"
."\n"
.'> This parameter is required only when you set **DefenseType** to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '2221', 'title' => ''],
],
[
'name' => 'RuleIds',
'in' => 'query',
'schema' => ['description' => 'The IDs of the protection rules that you want to delete. Separate multiple IDs with commas (,).', 'type' => 'string', 'required' => true, 'example' => '2223455,23354,465565', 'title' => ''],
],
[
'name' => 'DefenseType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): a protection rule template.'."\n"
."\n"
.'- **resource**: a rule for a protected object.'."\n"
."\n"
.'- **global**: a global rule.',
'type' => 'string',
'default' => 'template',
'enum' => ['template', 'global', 'resource'],
'required' => false,
'example' => 'template',
'title' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object of the rule that you want to delete.'."\n"
."\n"
.'> This parameter is required only when you set **DefenseType** to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'rencs***-waf', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EC856FE-6D31-5861-8275-E5DEDB539089', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Defense.Control.DefenseAddressBookInUse', 'errorMessage' => 'The address book is in use and cannot be deleted.', 'description' => 'The address book is in use and cannot be deleted. Rules for using this address book: %s.'],
['errorCode' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'errorMessage' => 'The Extension rule is in use and cannot be deleted.', 'description' => 'Extension rule in use, association rule list:%s'],
],
],
'title' => 'DeleteDefenseRule',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseRule'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EC856FE-6D31-5861-8275-E5DEDB539089\\"\\n}","type":"json"}]',
],
'DeleteDefenseRuleBlockIp' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '203840',
'abilityTreeNodes' => ['FEATUREwafAFURH8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-9lb37yxse05', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '4057', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the scan protection rule for which you want to unblock an IP address.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '36998', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteDefenseRuleBlockIp',
'summary' => 'Unblocks an IP address that is blocked by the scan protection module.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseRuleBlockIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\"\\n}","type":"json"}]',
],
'DeleteDefenseTemplate' => [
'summary' => 'Deletes a protection rule template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106372',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template to be deleted.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '3155', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'E2DE6F11-6FED-5909-95F2-2520B58C5BC7', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteDefenseTemplate',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseTemplate'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E2DE6F11-6FED-5909-95F2-2520B58C5BC7\\"\\n}","type":"json"}]',
],
'DeleteDomain' => [
'summary' => 'Deletes a CNAME-connected domain name.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106552',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name that has been connected to WAF.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'AccessType',
'in' => 'query',
'schema' => ['description' => 'The access type of the WAF instance. Valid values:'."\n"
."\n"
.'- **share** (default): CNAME access.'."\n"
.'- **hybrid\\_cloud_cname**: hybrid cloud reverse proxy access.', 'type' => 'string', 'default' => 'share', 'required' => false, 'example' => 'share', 'title' => ''],
],
[
'name' => 'DomainId',
'in' => 'query',
'schema' => ['description' => 'The domain name ID.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Control.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'."\n"],
['errorCode' => 'Waf.Control.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match'."\n"],
['errorCode' => 'Waf.Control.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'],
['errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'],
],
],
'title' => 'Delete a cNAME-connected resource',
'changeSet' => [
['createdAt' => '2022-11-25T01:57:31.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDomain'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDomain',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]',
],
'DeleteHybridCloudClusterRule' => [
'summary' => 'Deletes a hybrid cloud cluster rule from a Web Application Firewall (WAF) instance.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '136069',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'ClusterRuleResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the cluster rule resource.', 'type' => 'string', 'required' => true, 'example' => 'hdbc-clusterrule-*******m0w', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteHybridCloudClusterRule',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
],
'DeleteHybridCloudGroup' => [
'summary' => 'Deletes a group.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '136069',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-*****tm005', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'GroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the node group.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-*****60D5EB0', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteHybridCloudGroup',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteHybridCloudGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*****60D5EB0\\"\\n}","type":"json"}]',
],
'DeleteLogDeliveryConfig' => [
'summary' => 'Deletes a log delivery configuration.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '205953',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-n6w***x52m', 'title' => ''],
],
[
'name' => 'DeliveryName',
'in' => 'query',
'schema' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-*****', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteLogDeliveryConfig',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-*****\\"\\n}","type":"json"}]',
],
'DeleteMajorProtectionBlackIp' => [
'summary' => 'Deletes an IP address from the blacklist for critical event protection.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124769',
'abilityTreeNodes' => ['FEATUREwaf2KYU04'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '5332', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20013135', 'title' => ''],
],
[
'name' => 'IpList',
'in' => 'query',
'schema' => ['description' => 'The IP address blacklist to be deleted. Supports custom IP addresses or IP address segments in the blacklist, and supports both IPv4 and IPv6. Multiple IP addresses are separated by commas (,). For more information, see [Critical event protection](~~425591~~).', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '192.0.XX.XX,192.0.XX.XX/24'."\n"],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteMajorProtectionBlackIp',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMajorProtectionBlackIp'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]',
],
'DeleteMemberAccount' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '213363',
'abilityTreeNodes' => ['FEATUREwaf4WHEC3'],
],
'parameters' => [
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_esasdf3****', 'title' => ''],
],
[
'name' => 'SourceIp',
'in' => 'query',
'schema' => ['description' => 'The source IP address of the request. You do not need to specify this parameter. The system automatically obtains this value.', 'type' => 'string', 'required' => false, 'example' => '0.0.XX.XX', 'title' => ''],
],
[
'name' => 'MemberAccountId',
'in' => 'query',
'schema' => ['description' => 'The ID of the member account that you want to delete from WAF.', 'type' => 'string', 'required' => true, 'example' => '131***********39', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5ABE714C-8890-5D7E-A08B-45CB650F5473', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DeleteMemberAccount',
'summary' => 'Deletes a Web Application Firewall (WAF) member account.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMemberAccount'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteMemberAccount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5ABE714C-8890-5D7E-A08B-45CB650F5473\\"\\n}","type":"json"}]',
],
'DescribeAbnormalCloudResources' => [
'summary' => 'Queries abnormal cloud resources added in cloud native mode.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'none',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '265430',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'title' => '', 'example' => '66A98669-CC6E-4F3E-80A6-***'],
'AbnormalCloudResources' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'ResourceInstanceId' => ['description' => 'The ID of the instance that is added to WAF.', 'type' => 'string', 'example' => 'lb-***', 'title' => ''],
'ResourceInstancePort' => ['description' => 'The port of the instance that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'ResourceInstanceName' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'example' => 'test-name', 'title' => ''],
'ResourceProduct' => ['description' => 'The cloud service to which the resource belongs. By default, instances of Application Load Balancer (ALB), MSE, FC, and SAE are returned. Valid values:'."\n"
."\n"
.'- **alb**: ALB.'."\n"
."\n"
.'- **mse**: MSE.'."\n"
."\n"
.'- **fc**: FC.'."\n"
."\n"
.'- **sae**: SAE.'."\n"
."\n"
.'- **ecs**: ECS.'."\n"
."\n"
.'- **clb4**: Classic Load Balancer (CLB) that uses TCP.'."\n"
."\n"
.'- **clb7**: CLB that uses HTTP or HTTPS.'."\n"
."\n"
.'- **nlb**: Network Load Balancer (NLB).'."\n"
."\n"
.'> Each cloud service is supported in different regions. If you specify this parameter, make sure that the specified cloud service is supported in the selected region. Otherwise, the request may fail.', 'type' => 'string', 'example' => 'clb7', 'title' => ''],
'Reason' => ['description' => 'The cause of the exception. Valid values:'."\n"
."\n"
.'- **InvalidCert**: The certificate is invalid.'."\n"
."\n"
.'- **ClientCertOpend**: Mutual authentication is enabled.'."\n"
."\n"
.'- **NetworkConfigLost**: A network error occurred.'."\n"
."\n"
.'- **UserUploadCert**: A custom certificate is uploaded.'."\n"
."\n"
.'- **CertNotExistInCertCenter**: The certificate ID does not exist in SSL Certificate Service.'."\n"
."\n"
.'- **CertExpired**: The certificate has expired.'."\n"
."\n"
.'- **EmptyCertCN**: The common name (CN) is empty.', 'type' => 'string', 'example' => 'CertExpired', 'title' => ''],
'Details' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Code' => ['description' => 'The cause of the exception. Valid values:'."\n"
."\n"
.'InvalidCert: The certificate is invalid.'."\n"
."\n"
.'ClientCertOpend: Mutual authentication is enabled.'."\n"
."\n"
.'NetworkConfigLost: A network error occurred.'."\n"
."\n"
.'UserUploadCert: A custom certificate is uploaded.'."\n"
."\n"
.'CertNotExistInCertCenter: The certificate ID does not exist in SSL Certificate Service.'."\n"
."\n"
.'CertExpired: The certificate has expired.'."\n"
."\n"
.'EmptyCertCN: The common name (CN) is empty.', 'type' => 'string', 'example' => 'CertExpired', 'title' => ''],
'CertName' => ['description' => 'The name of the certificate in SSL Certificate Service.', 'type' => 'string', 'example' => 'test-name', 'title' => ''],
'ProductCertId' => ['description' => 'The ID of the certificate that is configured in the cloud service console.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'ProductCertName' => ['description' => 'The name of the certificate that is configured in the cloud service console.', 'type' => 'string', 'example' => 'test-cert-name', 'title' => ''],
'ProductDomainExtension' => ['description' => 'The additional domain name that is configured in the cloud service console.', 'type' => 'string', 'example' => 'www.test.com', 'title' => ''],
'AppliedType' => ['description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n"
."\n"
.'- **default**: default certificate.'."\n"
."\n"
.'- **extension**: additional certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''],
'CommonName' => ['description' => 'The common name (CN) of the certificate.', 'type' => 'string', 'example' => 'www.test.com'."\n", 'title' => ''],
'ExpireTime' => ['description' => 'The time when the certificate expires. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1735009193', 'title' => ''],
],
'description' => 'The details of the exception.',
'title' => '',
'example' => '',
],
'description' => 'The details of the exception.',
'title' => '',
'example' => '',
],
'CloudResourceId' => ['description' => 'The ID of the cloud resource. This ID is automatically generated by WAF when the resource is added.', 'type' => 'string', 'example' => 'lb-***-80-clb7', 'title' => ''],
],
'description' => 'A cloud resource that is in an abnormal state.',
'title' => '',
'example' => '',
],
'description' => 'The abnormal cloud resources that are added in cloud native mode.',
'title' => '',
'example' => '',
],
],
'description' => 'The response parameters.',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.ResourceNotExist', 'errorMessage' => 'The accessed resource already exists. Resource:%s.', 'description' => 'The accessed resource already exists. Resource:%s.'],
['errorCode' => 'Waf.Pullin.AlreadyAccessed', 'errorMessage' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', 'description' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.'],
],
],
'title' => 'DescribeAbnormalCloudResources',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:DescribeAbnormalCloudResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-***\\",\\n \\"AbnormalCloudResources\\": [\\n {\\n \\"ResourceInstanceId\\": \\"lb-***\\",\\n \\"ResourceInstancePort\\": 80,\\n \\"ResourceInstanceName\\": \\"test-name\\",\\n \\"ResourceProduct\\": \\"clb7\\",\\n \\"Reason\\": \\"CertExpired\\",\\n \\"Details\\": [\\n {\\n \\"Code\\": \\"CertExpired\\",\\n \\"CertName\\": \\"test-name\\",\\n \\"ProductCertId\\": \\"123-cn-hangzhou\\",\\n \\"ProductCertName\\": \\"test-cert-name\\",\\n \\"ProductDomainExtension\\": \\"www.test.com\\",\\n \\"AppliedType\\": \\"default\\",\\n \\"CommonName\\": \\"www.test.com\\\\n\\",\\n \\"ExpireTime\\": 1735009193\\n }\\n ],\\n \\"CloudResourceId\\": \\"lb-***-80-clb7\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeAccountDelegatedStatus' => [
'summary' => 'Queries whether the current user is a delegated administrator of WAF in the multi-account management feature.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '213360',
'abilityTreeNodes' => ['FEATUREwaf4WHEC3'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'AccountId' => ['description' => 'The Alibaba Cloud account ID.', 'type' => 'string', 'example' => '10***********34', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8161375D-5958-5627-BFDE-DF1458A73E87', 'title' => ''],
'DelegatedStatus' => ['description' => 'Indicates whether the user is a delegated administrator of WAF. Valid values:'."\n"
."\n"
.'- **true**: The user is a delegated administrator of WAF.'."\n"
."\n"
.'- **false**: The user is not a delegated administrator of WAF.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'AccountName' => ['description' => 'The Alibaba Cloud account name. This parameter is returned only when the account is a delegated administrator.', 'type' => 'string', 'example' => 'account_test', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query whether a user is a WAF delegated administrator',
'changeSet' => [
['createdAt' => '2024-08-27T07:27:28.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeAccountDelegatedStatus'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeAccountDelegatedStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AccountId\\": \\"10***********34\\",\\n \\"RequestId\\": \\"8161375D-5958-5627-BFDE-DF1458A73E87\\",\\n \\"DelegatedStatus\\": true,\\n \\"AccountName\\": \\"account_test\\"\\n}","type":"json"}]',
],
'DescribeAddresses' => [
'summary' => 'Queries addresses in an address book by paging.',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwaf4TDPM4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the address book to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '12345678', 'title' => ''],
],
[
'name' => 'AddressLike',
'in' => 'query',
'schema' => ['description' => 'The address to query. You can set this parameter to perform a fuzzy match on added addresses.', 'type' => 'string', 'required' => false, 'example' => '1.2.3.3', 'title' => ''],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The pagination token for the next page. Set this parameter to the value of **NextToken** returned in the previous API call. Leave this parameter empty for the first page.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page for paging. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4gh****wela', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8D8EBFB7-E1EB-5236-952A-092EDC72***', 'title' => ''],
'AddressList' => [
'description' => 'The list of addresses.',
'type' => 'array',
'items' => [
'description' => 'The address information.',
'type' => 'object',
'properties' => [
'Address' => ['description' => 'The address.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''],
'RuleId' => ['description' => 'The address book ID.', 'type' => 'integer', 'format' => 'int64', 'example' => '12345678', 'title' => ''],
'GmtModified' => ['description' => 'The most recent modification time of the address. The value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1760408233000', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'NextToken' => ['description' => 'The pagination token for the next page. If a next page exists, this field contains a value.'."\n"
.'> If this parameter has a return value, a next page exists. You can pass the returned **NextToken** as a request parameter to retrieve the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
'MaxResults' => ['description' => 'The number of entries per page for paging. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query address book addresses by page',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeAddresses',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"8D8EBFB7-E1EB-5236-952A-092EDC72***\\",\\n \\"AddressList\\": [\\n {\\n \\"Address\\": \\"1.1.1.1\\",\\n \\"RuleId\\": 12345678,\\n \\"GmtModified\\": 1760408233000\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]',
],
'DescribeAlarmBanner' => [
'summary' => 'Queries the alert banner information of a Web Application Firewall (WAF) instance.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-kf74****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2zerdgm****', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5555DC36-0CF2-5AA3-B1C7-D6BD8****', 'title' => ''],
'BannerStatus' => [
'type' => 'object',
'properties' => [
'Status' => ['description' => 'Indicates whether an alert is triggered. Valid values:'."\n"
."\n"
.'- **true**: An alert is triggered. If **Type** is set to **sandbox**, the instance is in the sandbox.'."\n"
."\n"
.'- **false**: No alert is triggered. If **Type** is set to **sandbox**, the instance is not in the sandbox.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'Type' => ['description' => 'The alert type. Valid value:'."\n"
."\n"
.'- **sandbox**: a sandbox alert.', 'type' => 'string', 'example' => 'sandbox', 'title' => ''],
'Cause' => ['description' => 'The cause of the alert. If **Type** is set to **sandbox**, valid values:'."\n"
."\n"
.'- **fivefold**: The queries per second (QPS) of your service exceeds five times the upper limit of your plan.'."\n"
."\n"
.'- **4count**: The QPS of your service has exceeded the upper limit of your plan for four or more days.'."\n"
."\n"
.'- **exceed10w**: The peak QPS of your service exceeds 100,000.'."\n"
."\n"
.'- **costProtection**: Billing protection is triggered.', 'type' => 'string', 'example' => '4count', 'title' => ''],
'Count' => ['description' => 'The count associated with the alert at the time it was triggered.'."\n"
."\n"
.'- If **Type** is set to **sandbox**, this parameter indicates the number of days that the QPS has exceeded the upper limit of your plan.', 'type' => 'integer', 'format' => 'int32', 'example' => '9008', 'title' => ''],
],
'description' => 'The status information of the alert banner.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeAlarmBanner',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeAlarmBanner',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5555DC36-0CF2-5AA3-B1C7-D6BD8****\\",\\n \\"BannerStatus\\": {\\n \\"Status\\": true,\\n \\"Type\\": \\"sandbox\\",\\n \\"Cause\\": \\"4count\\",\\n \\"Count\\": 9008\\n }\\n}","type":"json"}]',
],
'DescribeAlarmList' => [
'summary' => 'Queries a list of alerts.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-pe33e****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2ipnu***', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8D8EBFB7-E1EB-5236-952A-092EDC72***', 'title' => ''],
'Alarms' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The current status of the alert. Valid values:'."\n"
."\n"
.'- **1**: The queries per second (QPS) limit is exceeded.'."\n"
."\n"
.'- **2**: The WAF instance enters the sandbox.'."\n"
."\n"
.'- **3**: The WAF instance is removed from the sandbox.'."\n"
."\n"
.'- **4**: The QPS no longer exceeds the limit.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'Type' => ['description' => 'The type of the alert. Valid value:'."\n"
."\n"
.'- **qps**: a QPS alert.', 'type' => 'string', 'example' => 'qps', 'title' => ''],
'MaxQps' => ['description' => 'The peak QPS during the alert period.', 'type' => 'integer', 'format' => 'int64', 'example' => '12000', 'title' => ''],
'EndTime' => ['description' => 'The end time of the alert. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1605600798', 'title' => ''],
'Cause' => ['description' => 'The cause of the alert. Valid values:'."\n"
."\n"
.'- **fivefold**: The QPS exceeds the limit of the current WAF instance specifications.'."\n"
."\n"
.'- **4count**: The actual QPS has cumulatively exceeded the limit of the current WAF instance specifications.'."\n"
."\n"
.'- **exceed10w**: The peak QPS exceeds 100,000.'."\n"
."\n"
.'- **costProtection**: Billing protection is triggered.', 'type' => 'string', 'example' => '4count', 'title' => ''],
'StartTime' => ['description' => 'The start time of the alert. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1605600767', 'title' => ''],
'Spec' => ['description' => 'The QPS limit of the current WAF instance specifications.', 'type' => 'integer', 'format' => 'int64', 'example' => '10000', 'title' => ''],
],
'description' => 'The details of the alert.',
'title' => '',
'example' => '',
],
'description' => 'The alerts.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeAlarmList',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeAlarmList',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8D8EBFB7-E1EB-5236-952A-092EDC72***\\",\\n \\"Alarms\\": [\\n {\\n \\"Status\\": 1,\\n \\"Type\\": \\"qps\\",\\n \\"MaxQps\\": 12000,\\n \\"EndTime\\": 1605600798,\\n \\"Cause\\": \\"4count\\",\\n \\"StartTime\\": 1605600767,\\n \\"Spec\\": 10000\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApiExports' => [
'summary' => 'Queries the list of API security export tasks.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156331',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'Lang',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The language type. Valid values:'."\n"
."\n"
.'- **zh**: Chinese.'."\n"
.'- **en**: English.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'zh'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'maximum' => '200', 'minimum' => '1', 'default' => '10', 'example' => '10', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-p****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D9532525-E885-54E7-A178-D5554D563AFB', 'title' => ''],
'ApiExports' => [
'description' => 'The list of export tasks.',
'type' => 'array',
'items' => [
'description' => 'The export task information.',
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The status of the export task. Valid values:'."\n"
."\n"
.'- **expired**: The file has expired.'."\n"
."\n"
.'- **exporting**: The export is in progress.'."\n"
."\n"
.'- **completed**: The export is complete.', 'type' => 'string', 'example' => 'completed', 'title' => ''],
'FileUrl' => ['description' => 'The download URL of the file.', 'type' => 'string', 'example' => 'https://waf-api-sec-cn.***.aliyuncs.com/file_1610954145***.csv', 'title' => ''],
'Type' => ['description' => 'The type of the export task. Valid values:'."\n"
."\n"
.'- **apisec_api**: API asset task.'."\n"
."\n"
.'- **apisec_abnormal**: API risk task.'."\n"
."\n"
.'- **apisec_event**: API security event task.', 'type' => 'string', 'example' => 'apisec_api', 'title' => ''],
'Format' => ['description' => 'The format of the exported file.', 'type' => 'string', 'example' => 'CSV', 'title' => ''],
'FileName' => ['description' => 'The file name.', 'type' => 'string', 'example' => 'file_16109541456445334c0f01d9a7444e0e908***.csv', 'title' => ''],
'CreateTime' => ['description' => 'The time when the export task was created. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1725604852', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'Total' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '7', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security export tasks',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApiExports',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D9532525-E885-54E7-A178-D5554D563AFB\\",\\n \\"ApiExports\\": [\\n {\\n \\"Status\\": \\"completed\\",\\n \\"FileUrl\\": \\"https://waf-api-sec-cn.***.aliyuncs.com/file_1610954145***.csv\\",\\n \\"Type\\": \\"apisec_api\\",\\n \\"Format\\": \\"CSV\\",\\n \\"FileName\\": \\"file_16109541456445334c0f01d9a7444e0e908***.csv\\",\\n \\"CreateTime\\": 1725604852\\n }\\n ],\\n \\"Total\\": 7\\n}","type":"json"}]',
],
'DescribeApisecAbnormalDomainStatistic' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '215781',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-45919n***', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter is applicable only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC) in seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1682571600', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC) in seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1687313820', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number when using paging. Sets the current page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'OrderWay',
'in' => 'query',
'schema' => ['description' => 'The sort order of the list. Valid values:'."\n"
."\n"
.'- **asc**: ascending order.'."\n"
."\n"
.'- **desc**: descending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of records returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014***B11AE'],
'Data' => [
'description' => 'The data list.',
'type' => 'array',
'items' => [
'description' => 'The response data.',
'type' => 'object',
'properties' => [
'High' => ['description' => 'The number of high-risk vulnerabilities.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''],
'ApiCount' => ['description' => 'The number of APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'Low' => ['description' => 'The number of low-risk vulnerabilities.', 'type' => 'integer', 'format' => 'int64', 'example' => '4', 'title' => ''],
'Medium' => ['description' => 'The number of medium-risk vulnerabilities.', 'type' => 'integer', 'format' => 'int64', 'example' => '9', 'title' => ''],
'Domain' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'ba.aliyun.com', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security risk domain name statistics',
'summary' => 'Queries statistics on API security risk domain names.',
'changeSet' => [
['createdAt' => '2024-11-12T12:56:47.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-29T00:40:40.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormalDomainStatistic'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecAbnormalDomainStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014***B11AE\\",\\n \\"Data\\": [\\n {\\n \\"High\\": 12,\\n \\"ApiCount\\": 10,\\n \\"Low\\": 4,\\n \\"Medium\\": 9,\\n \\"Domain\\": \\"ba.aliyun.com\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecAbnormals' => [
'summary' => 'Queries the list of API security risks.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '168999',
'abilityTreeNodes' => ['FEATUREwafWE25G7'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-z***9g301', 'title' => ''],
],
[
'name' => 'ApiId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API associated with the risk.', 'type' => 'string', 'required' => false, 'example' => 'bd9efb8ad******d9ca6', 'title' => ''],
],
[
'name' => 'ApiFormat',
'in' => 'query',
'schema' => ['description' => 'The API operation associated with the risk.', 'type' => 'string', 'required' => false, 'example' => '/api/users/login', 'title' => ''],
],
[
'name' => 'MatchedHost',
'in' => 'query',
'schema' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'required' => false, 'example' => 'a.aliyun.com', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The start time of the query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'string', 'required' => false, 'example' => '1684252800', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end time of the query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'string', 'required' => false, 'example' => '1684382100', 'title' => ''],
],
[
'name' => 'OrderKey',
'in' => 'query',
'schema' => ['description' => 'The name of the field used for sorting. Valid values:'."\n"
.'- **discoverTime**: the time when the risk was first detected. This is the default value.'."\n"
.'- **abnormalLevel**: the risk level.'."\n"
.'- **latestDiscoverTime**: the time when the risk was most recently detected.', 'type' => 'string', 'required' => false, 'example' => 'firstTime', 'title' => ''],
],
[
'name' => 'OrderWay',
'in' => 'query',
'schema' => ['description' => 'The sort order. Valid values:'."\n"
.'- **desc**: descending order. This is the default value.'."\n"
.'- **asc**: ascending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''],
],
[
'name' => 'AbnormalLevel',
'in' => 'query',
'schema' => ['description' => 'The risk level. Valid values:'."\n"
.'- **high**: high risk.'."\n"
.'- **medium**: medium risk.'."\n"
.'- **low**: low risk.', 'type' => 'string', 'required' => false, 'example' => 'medium', 'title' => ''],
],
[
'name' => 'AbnormalTag',
'in' => 'query',
'schema' => ['description' => 'The risk type.'."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported risk types.', 'type' => 'string', 'required' => false, 'example' => 'LackOfSpeedLimit', 'title' => ''],
],
[
'name' => 'AbnormalId',
'in' => 'query',
'schema' => ['description' => 'The risk ID.', 'type' => 'string', 'required' => false, 'example' => '29c6401****99a2bad3943e26d8', 'title' => ''],
],
[
'name' => 'UserStatus',
'in' => 'query',
'schema' => ['description' => 'The risk status. Valid values:'."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
.'- **confirmed**: confirmed.'."\n"
.'- **toBeFixed**: to be fixed.'."\n"
.'- **fixed**: fixed (manually verified).'."\n"
.'- **ignored**: ignored.'."\n"
.'- **toBeVerified**: to be verified by the system.'."\n"
.'- **notFixed**: not fixed after verification.'."\n"
.'- **systemFixed**: fixed (verified by the system).', 'type' => 'string', 'required' => false, 'example' => 'Confirmed', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '2', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '200', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'Origin',
'in' => 'query',
'schema' => ['description' => 'The source of the risk type. Valid values:'."\n"
.'- **custom**: custom.'."\n"
.'- **default**: built-in.', 'type' => 'string', 'required' => false, 'example' => 'custom', 'title' => ''],
],
[
'name' => 'ApiTag',
'in' => 'query',
'schema' => ['description' => 'The business purpose of the API.'."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'required' => false, 'example' => 'RegisterAPI', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '546', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '5', 'title' => ''],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '9469646C-F2CC-5F0F-8401-C53***4F46'],
'Data' => [
'description' => 'The list of risks.',
'type' => 'array',
'items' => [
'description' => 'The risk information.',
'type' => 'object',
'properties' => [
'AbnormalId' => ['description' => 'The risk ID.', 'type' => 'string', 'example' => '7c1431f27ae7e9c8cc64095***68e', 'title' => ''],
'Origin' => ['description' => 'The source of the risk type. Valid values:'."\n"
.'- **custom**: custom.'."\n"
.'- **default**: built-in.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'LastestTime' => ['description' => 'The most recent access time of the API asset. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''],
'FirstTime' => ['description' => 'The time when the API asset was first discovered. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1701138088', 'title' => ''],
'AbnromalStatus' => ['description' => 'The risk status.', 'type' => 'string', 'example' => 'unresolved', 'title' => ''],
'ApiFormat' => ['description' => 'The API operation associated with the risk.', 'type' => 'string', 'example' => '/api/login', 'title' => ''],
'ApiTag' => ['description' => 'The business purpose of the API.'."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'title' => ''],
'DiscoverTime' => ['description' => 'The time when the risk was first detected. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''],
'UserStatus' => ['description' => 'The risk status. Valid values:'."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
.'- **confirmed**: confirmed.'."\n"
.'- **toBeFixed**: to be fixed.'."\n"
.'- **fixed**: fixed (manually verified).'."\n"
.'- **ignored**: ignored.'."\n"
.'- ** toBeVerified**: to be verified by the system.'."\n"
.'- ** notFixed**: not fixed after verification.'."\n"
.'- ** systemFixed**: fixed (verified by the system).', 'type' => 'string', 'example' => 'Confirmed', 'title' => ''],
'IgnoreTime' => ['description' => 'The time when the user marked the risk as ignored. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''],
'Follow' => ['description' => 'Indicates whether the risk is followed. Valid values:'."\n"
.'- **1**: followed.'."\n"
.'- **0**: not followed. This is the default value.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'MatchedHost' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com', 'title' => ''],
'Note' => ['description' => 'The remarks.', 'type' => 'string', 'example' => 'Strict', 'title' => ''],
'AbnormalEventNumber' => ['description' => 'The number of events associated with the risk.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''],
'AbnormalTag' => ['description' => 'The risk type.'."\n"
."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported risk types.', 'type' => 'string', 'example' => 'LackOfSpeedLimit', 'title' => ''],
'AbnormalInfo' => ['description' => 'The detailed risk information, which is a JSON string constructed from a series of parameters. The parameters include:'."\n"
.'- **rule**: the rule associated with the risk.'."\n"
.'- **data_type**: the sensitive data type.'."\n"
.'- **custom_rule_name**: the custom rule name.'."\n"
.'- **rule_name**: the built-in rule name.', 'type' => 'string', 'example' => '{'."\n"
.' "data_type": ["1005","1004"],'."\n"
.' "rule": {'."\n"
.' "parent": "RiskType_Permission",'."\n"
.' "code": "Risk_UnauthSensitive",'."\n"
.' "level": "high",'."\n"
.' "origin": "default",'."\n"
.' "name": "Risk_UnauthSensitive"'."\n"
.' }'."\n"
.'}', 'title' => ''],
'ApiId' => ['description' => 'The ID of the API associated with the risk.', 'type' => 'string', 'example' => '09559c0d71ca2ffc996b81***836d8', 'title' => ''],
'AbnormalLevel' => ['description' => 'The risk level. Valid values:'."\n"
.'- **high**: high risk.'."\n"
.'- **medium**: medium risk.'."\n"
.'- **low**: low risk.', 'type' => 'string', 'example' => 'high', 'title' => ''],
'LatestDiscoverTime' => ['description' => 'The time when the risk was most recently detected. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1684252800', 'title' => ''],
'Examples' => [
'title' => '',
'description' => 'The list of examples associated with the risk.',
'type' => 'array',
'items' => ['description' => 'The example information, which is a JSON string constructed from a series of parameters. The parameters include:'."\n"
.'- **param_num**: the number of API parameters.'."\n"
.'- **request_method**: the request method.'."\n"
.'- **protocol**: the request protocol.'."\n"
.'- **api_url**: the request URL.'."\n"
.'- **poc_payload**: the request payload.'."\n"
.'- **request**: the request example.'."\n"
.'- **response**: the response example.'."\n"
.'- **param**: the request parameters.', 'type' => 'string', 'example' => '{'."\n"
.' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n"
.' "protocol": "https",'."\n"
.' "api_url": "https://test.cn:443/index.php",'."\n"
.' "param": [],'."\n"
.' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n"
.' "request_method": "GET",'."\n"
.' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n"
.' "param_num": 0'."\n"
.'}', 'title' => ''],
'deprecated' => true,
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security risks',
'changeSet' => [
['createdAt' => '2025-01-16T13:23:42.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormals'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecAbnormals',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"9469646C-F2CC-5F0F-8401-C53***4F46\\",\\n \\"Data\\": [\\n {\\n \\"AbnormalId\\": \\"7c1431f27ae7e9c8cc64095***68e\\",\\n \\"Origin\\": \\"custom\\",\\n \\"LastestTime\\": 1684252800,\\n \\"FirstTime\\": 1701138088,\\n \\"AbnromalStatus\\": \\"unresolved\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"DiscoverTime\\": 1684252800,\\n \\"UserStatus\\": \\"Confirmed\\",\\n \\"IgnoreTime\\": 1684252800,\\n \\"Follow\\": 0,\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"Note\\": \\"Strict\\",\\n \\"AbnormalEventNumber\\": 2,\\n \\"AbnormalTag\\": \\"LackOfSpeedLimit\\",\\n \\"AbnormalInfo\\": \\"{\\\\n \\\\\\"data_type\\\\\\": [\\\\\\"1005\\\\\\",\\\\\\"1004\\\\\\"],\\\\n \\\\\\"rule\\\\\\": {\\\\n \\\\\\"parent\\\\\\": \\\\\\"RiskType_Permission\\\\\\",\\\\n \\\\\\"code\\\\\\": \\\\\\"Risk_UnauthSensitive\\\\\\",\\\\n \\\\\\"level\\\\\\": \\\\\\"high\\\\\\",\\\\n \\\\\\"origin\\\\\\": \\\\\\"default\\\\\\",\\\\n \\\\\\"name\\\\\\": \\\\\\"Risk_UnauthSensitive\\\\\\"\\\\n }\\\\n}\\",\\n \\"ApiId\\": \\"09559c0d71ca2ffc996b81***836d8\\",\\n \\"AbnormalLevel\\": \\"high\\",\\n \\"LatestDiscoverTime\\": 1684252800,\\n \\"Examples\\": [\\n \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\"\\n ]\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecApiResources' => [
'summary' => 'Queries the list of API security assets.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '168967',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-u***gr20j'],
],
[
'name' => 'ApiId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The ID of the API.', 'type' => 'string', 'example' => '867ade***24ee6e205b8da82b8f84', 'required' => false],
],
[
'name' => 'ApiFormat',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/auth/login', 'required' => false],
],
[
'name' => 'MatchedHost',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com', 'required' => false],
],
[
'name' => 'SensitiveType',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The type of sensitive data in the response.'."\n"
.'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'string', 'example' => '1004', 'required' => false],
],
[
'name' => 'ApiStatus',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The status of the API. Valid values:'."\n"
.'- **NewbornInterface**: newly added.'."\n"
.'- **OfflineInterface**: inactive.'."\n"
.'- **normal**: normal.', 'type' => 'string', 'example' => 'OfflineInterface', 'required' => false],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The start time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'string', 'example' => '1681833600', 'required' => false],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The end time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'string', 'example' => '1683388800', 'required' => false],
],
[
'name' => 'OrderKey',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The name of the field used for sorting. Valid values:'."\n"
.'- **allCnt**: total access volume in the last 30 days.'."\n"
.'- **botCnt**: bot access volume in the last 30 days.'."\n"
.'- **crossBorderCnt**: cross-border access volume in the last 30 days.'."\n"
.'- **abnormalNum**: number of risks associated with the API.'."\n"
.'- **eventNum**: number of events associated with the API.'."\n"
.'- **farthestTs**: first discovery time.'."\n"
.'- **lastestTs**: most recent access time.', 'type' => 'string', 'example' => 'allCnt', 'required' => false],
],
[
'name' => 'OrderWay',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The sort order. Valid values:'."\n"
.'- **desc**: descending order (default).'."\n"
.'- **asc**: ascending order.', 'type' => 'string', 'example' => 'desc', 'required' => false],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The page number to return in a paging query. Default value: **1**, which indicates that the first page is returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'default' => '1', 'required' => false],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The number of entries to return on each page in a paging query. Default value: **10**, which indicates that each page contains 10 entries.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '200', 'minimum' => '1', 'example' => '10', 'default' => '10', 'required' => false],
],
[
'name' => 'Follow',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'Specifies whether the API is followed. Valid values:'."\n"
.'- **1**: followed.'."\n"
.'- **0**: not followed.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'required' => false],
],
[
'name' => 'ApiType',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The service object. Valid values:'."\n"
.'- **PublicAPI**: public service.'."\n"
.'- **ThirdpartAPI**: third-party collaboration.'."\n"
.'- **InternalAPI**: internal office.', 'type' => 'string', 'example' => 'innerAPI', 'required' => false],
],
[
'name' => 'ApiTag',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The business purpose of the API.'."\n"
."\n"
.'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'required' => false],
],
[
'name' => 'SensitiveLevel',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The sensitivity level of the API. Valid values:'."\n"
.'- **L1**: high sensitivity.'."\n"
.'- **L2**: medium sensitivity.'."\n"
.'- **L3**: low sensitivity.'."\n"
.'- **N**: not sensitive.', 'type' => 'string', 'example' => 'L3', 'required' => false],
],
[
'name' => 'ApiMethod',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The request method of the API. Valid values:'."\n"
.'- **GET**: GET request.'."\n"
.'- **POST**: POST request.'."\n"
.'- **HEAD**: HEAD request.'."\n"
.'- **PUT**: PUT request.'."\n"
.'- **DELETE**: DELETE request.'."\n"
.'- **CONNECT**: CONNECT request.'."\n"
.'- **PATCH**: PATCH request.'."\n"
.'- **OPTIONS**: OPTIONS request.', 'type' => 'string', 'example' => 'POST', 'required' => false],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'example' => '740', 'required' => false],
],
[
'name' => 'Note',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The remarks.', 'type' => 'string', 'example' => 'loginApi', 'required' => false],
],
[
'name' => 'RequestSensitiveType',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The type of sensitive information in the request.'."\n"
."\n"
.'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive information types.', 'type' => 'string', 'example' => '1004,1005', 'required' => false],
],
[
'name' => 'AuthFlag',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'Specifies whether the API has an authentication field. Valid values:'."\n"
.'- **0**: has authentication.'."\n"
.'- **1**: does not have authentication.', 'type' => 'string', 'example' => '0', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'required' => false],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['title' => '', 'description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '5'],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B'],
'Data' => [
'title' => '',
'description' => 'The list of API assets.',
'type' => 'array',
'items' => [
'title' => '',
'description' => 'The asset details.',
'type' => 'object',
'properties' => [
'EventNum' => ['title' => '', 'description' => 'The number of security events associated with the API.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'],
'FarthestTs' => ['title' => '', 'description' => 'The time when the API asset was first discovered, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683388800'],
'ApiSensitive' => ['title' => '', 'description' => 'The sensitive information involved in the API, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n"
.'- **request_sensitive_list**: the list of sensitive data types in the request.'."\n"
.'- **response_sensitive_list**: the list of sensitive data types in the response.'."\n"
.'- **sensitive_list**: the list of sensitive data types.'."\n"
.'- **sensitive_level**: the sensitivity level.', 'type' => 'string', 'example' => '{'."\n"
.' "sensitive_list": ["1003","1005"],'."\n"
.' "sensitive_level": "L2",'."\n"
.' "request_sensitive_list": ["1003"],'."\n"
.' "response_sensitive_list": ["1005"]'."\n"
.'}'],
'ApiFormat' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/v1/etl/finddatabyvid'],
'ApiTag' => ['title' => '', 'description' => 'The business purpose of the API.'."\n"
.'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported business purposes.', 'type' => 'string', 'example' => 'SendMail'],
'CrossBorderCnt' => ['title' => '', 'description' => 'The cross-border access volume in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'],
'AuthFlag' => ['title' => '', 'description' => 'Specifies whether the API has an authentication field. Valid values:'."\n"
.'- **0**: has authentication.'."\n"
.'- **1**: does not have authentication.', 'type' => 'string', 'example' => '1'],
'AllCnt' => ['title' => '', 'description' => 'The total access volume in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683388800'],
'ApiMethod' => ['title' => '', 'description' => 'The request method of the API. Valid values:'."\n"
.'- **GET**: GET request.'."\n"
.'- **POST**: POST request.'."\n"
.'- **HEAD**: HEAD request.'."\n"
.'- **PUT**: PUT request.'."\n"
.'- **DELETE**: DELETE request.'."\n"
.'- **CONNECT**: CONNECT request.'."\n"
.'- **PATCH**: PATCH request.'."\n"
.'- **OPTIONS**: OPTIONS request.', 'type' => 'string', 'example' => 'POST'],
'LastestTs' => ['title' => '', 'description' => 'The most recent access time of the API asset, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683388800'],
'ApiStatus' => ['title' => '', 'description' => 'The status of the API. Valid values:'."\n"
.'- **NewbornInterface**: newly added.'."\n"
.'- **OfflineInterface**: inactive.'."\n"
.'- **normal**: normal.', 'type' => 'string', 'example' => 'NewbornInterface'],
'ApiSensitiveResponse' => ['title' => '', 'description' => 'The sensitive data in the API response.', 'type' => 'string', 'example' => '["1002","1005"]'],
'BotCnt' => ['title' => '', 'description' => 'The bot access volume in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'],
'Follow' => ['title' => '', 'description' => 'Specifies whether the API is followed. Valid values:'."\n"
.'- **1**: followed.'."\n"
.'- **0**: not followed.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'],
'MatchedHost' => ['title' => '', 'description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com'],
'ApiInfo' => ['title' => '', 'description' => 'The API information, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n"
.'- **param_num**: the number of API parameters.'."\n"
.'- **request_method**: the request method.'."\n"
.'- **protocol**: the request protocol.'."\n"
.'- **api_url**: the request URL.'."\n"
.'- **poc_payload**: the request.'."\n"
.'- **request**: the request sample.'."\n"
.'- **response**: the response sample.'."\n"
.'- **param**: the request parameters.'."\n"
.'> This field is returned only when the **ApiId** parameter is specified.', 'type' => 'string', 'example' => '{'."\n"
.' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n"
.' "protocol": "https",'."\n"
.' "api_url": "https://test.cn:443/index.php",'."\n"
.' "param": [],'."\n"
.' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n"
.' "request_method": "GET",'."\n"
.' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n"
.' "param_num": 0'."\n"
.'}'],
'AbnormalNum' => ['title' => '', 'description' => 'The number of risks associated with the API.', 'type' => 'integer', 'format' => 'int64', 'example' => '2'],
'ApiType' => ['title' => '', 'description' => 'The service object. Valid values:'."\n"
.'- **PublicAPI**: public service.'."\n"
.'- **ThirdpartAPI**: third-party collaboration.'."\n"
.'- **InternalAPI**: internal office.', 'type' => 'string', 'example' => 'PublicAPI'],
'Note' => ['title' => '', 'description' => 'The remarks.', 'type' => 'string', 'example' => 'loginApi'],
'ApiId' => ['title' => '', 'description' => 'The ID of the API.', 'type' => 'string', 'example' => '197b52abcd81d6a8bd4***e477'],
'Examples' => [
'title' => '',
'description' => 'The list of API samples.',
'type' => 'array',
'items' => ['title' => '', 'description' => 'The sample information, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n"
.'- **param_num**: the number of API parameters.'."\n"
.'- **request_method**: the request method.'."\n"
.'- **protocol**: the request protocol.'."\n"
.'- **api_url**: the request URL.'."\n"
.'- **poc_payload**: the request.'."\n"
.'- **request**: the request sample.'."\n"
.'- **response**: the response sample.'."\n"
.'- **param**: the request parameters.'."\n"
."\n"
.'> This field is returned only when the **ApiId** parameter is specified.', 'type' => 'string', 'example' => '{'."\n"
.' "request": {"referer": "-","content_type": "-","cookie": "-","method": "GET","param": [],"host": "test.cn"},'."\n"
.' "protocol": "https",'."\n"
.' "api_url": "https://test.cn:443/index.php",'."\n"
.' "param": [],'."\n"
.' "response": {"param": [], "sensitive_type": {}, "header": {},"body": "", "status": 405 },'."\n"
.' "request_method": "GET",'."\n"
.' "poc_payload": "curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'",'."\n"
.' "param_num": 0'."\n"
.'}'],
'deprecated' => true,
'example' => '',
],
'ApiSensitiveRequest' => ['title' => '', 'description' => 'The sensitive data in the API request.', 'type' => 'string', 'example' => '["1002","1005"]'],
'Resources' => [
'title' => '',
'description' => 'The list of protected objects corresponding to the asset.',
'type' => 'array',
'items' => ['title' => '', 'description' => 'The protected object corresponding to the asset.', 'type' => 'string', 'example' => '***.top-waf'],
'example' => '',
],
'AccountEventNum' => ['title' => '', 'description' => 'The number of account security events associated with the asset.', 'type' => 'integer', 'format' => 'int64', 'example' => '1'],
],
'example' => '',
],
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security assets',
'changeSet' => [
['createdAt' => '2025-02-24T13:16:00.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecApiResources'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecApiResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"EventNum\\": 2,\\n \\"FarthestTs\\": 1683388800,\\n \\"ApiSensitive\\": \\"{\\\\n \\\\\\"sensitive_list\\\\\\": [\\\\\\"1003\\\\\\",\\\\\\"1005\\\\\\"],\\\\n \\\\\\"sensitive_level\\\\\\": \\\\\\"L2\\\\\\",\\\\n \\\\\\"request_sensitive_list\\\\\\": [\\\\\\"1003\\\\\\"],\\\\n \\\\\\"response_sensitive_list\\\\\\": [\\\\\\"1005\\\\\\"]\\\\n}\\",\\n \\"ApiFormat\\": \\"/v1/etl/finddatabyvid\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"CrossBorderCnt\\": 2,\\n \\"AuthFlag\\": \\"1\\",\\n \\"AllCnt\\": 1683388800,\\n \\"ApiMethod\\": \\"POST\\",\\n \\"LastestTs\\": 1683388800,\\n \\"ApiStatus\\": \\"NewbornInterface\\",\\n \\"ApiSensitiveResponse\\": \\"[\\\\\\"1002\\\\\\",\\\\\\"1005\\\\\\"]\\",\\n \\"BotCnt\\": 2,\\n \\"Follow\\": 1,\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"ApiInfo\\": \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\",\\n \\"AbnormalNum\\": 2,\\n \\"ApiType\\": \\"PublicAPI\\",\\n \\"Note\\": \\"loginApi\\",\\n \\"ApiId\\": \\"197b52abcd81d6a8bd4***e477\\",\\n \\"Examples\\": [\\n \\"{\\\\n \\\\\\"request\\\\\\": {\\\\\\"referer\\\\\\": \\\\\\"-\\\\\\",\\\\\\"content_type\\\\\\": \\\\\\"-\\\\\\",\\\\\\"cookie\\\\\\": \\\\\\"-\\\\\\",\\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\\\"param\\\\\\": [],\\\\\\"host\\\\\\": \\\\\\"test.cn\\\\\\"},\\\\n \\\\\\"protocol\\\\\\": \\\\\\"https\\\\\\",\\\\n \\\\\\"api_url\\\\\\": \\\\\\"https://test.cn:443/index.php\\\\\\",\\\\n \\\\\\"param\\\\\\": [],\\\\n \\\\\\"response\\\\\\": {\\\\\\"param\\\\\\": [], \\\\\\"sensitive_type\\\\\\": {}, \\\\\\"header\\\\\\": {},\\\\\\"body\\\\\\": \\\\\\"\\\\\\", \\\\\\"status\\\\\\": 405 },\\\\n \\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"poc_payload\\\\\\": \\\\\\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: python-requests/2.32.3\' -H \'X-forwarded-for: {{IPv6 Address}}\' -H \'Host: test.cn\' -H \'Accept-encoding: gzip, deflate\' \'https://test.cn:443/index.php\'\\\\\\",\\\\n \\\\\\"param_num\\\\\\": 0\\\\n}\\"\\n ],\\n \\"ApiSensitiveRequest\\": \\"[\\\\\\"1002\\\\\\",\\\\\\"1005\\\\\\"]\\",\\n \\"Resources\\": [\\n \\"***.top-waf\\"\\n ],\\n \\"AccountEventNum\\": 1\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecAssetTrend' => [
'summary' => 'Queries the trend of API security API assets.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '215756',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-ww**b06', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter is available only in hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '590', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310000', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310000', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek**7uq', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'],
'Data' => [
'description' => 'The list of API asset information.',
'type' => 'array',
'items' => [
'description' => 'The API asset information.',
'type' => 'object',
'properties' => [
'AssetOffline' => ['description' => 'The number of inactive APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '20', 'title' => ''],
'AssetCount' => ['description' => 'The total number of API assets.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''],
'Timestamp' => ['description' => 'The time of the statistics. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683600042', 'title' => ''],
'AssetActive' => ['description' => 'The number of active APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '60', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security API asset trends',
'changeSet' => [
['createdAt' => '2024-11-12T12:56:41.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-29T00:40:39.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAssetTrend'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecAssetTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Data\\": [\\n {\\n \\"AssetOffline\\": 20,\\n \\"AssetCount\\": 80,\\n \\"Timestamp\\": 1683600042,\\n \\"AssetActive\\": 60\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecEventDetail' => [
'summary' => 'Retrieves the details of an API security event.',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '255326',
'abilityTreeNodes' => ['FEATUREwafDX9EQ6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm005', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'EventId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API security event.', 'type' => 'string', 'required' => true, 'example' => '18ba94fea9***e66ba0557b7b91', 'title' => ''],
],
[
'name' => 'EventScope',
'in' => 'query',
'schema' => [
'description' => 'The dimension of the security event. Valid values:'."\n"
."\n"
.'- **ip** (default): IP security event.'."\n"
."\n"
.'- **account**: account security event.',
'type' => 'string',
'required' => false,
'example' => 'ip',
'default' => 'ip',
'enum' => ['ip', 'account'],
'title' => '',
],
],
[
'name' => 'DetailType',
'in' => 'query',
'schema' => [
'description' => 'The type of the detailed information about the security event. Valid values:'."\n"
."\n"
.'- **event\\_info** (default): attack details.'."\n"
."\n"
.'- **api\\_info**: API information.'."\n"
."\n"
.'- **cnt\\_info**: attack trend.'."\n"
."\n"
.'- **ip\\_info**: attacker IP information.'."\n"
."\n"
.'- **sensitive\\_info**: information about access to sensitive data.'."\n"
."\n"
.'- **request\\_data**: request information.'."\n"
."\n"
.'- **response\\_data**: response information.',
'type' => 'string',
'required' => false,
'example' => 'event_info',
'default' => 'event_info',
'enum' => ['event_info', 'api_info', 'cnt_info', 'ip_info', 'sensitive_info', 'request_data', 'response_data'],
'title' => '',
],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n"
."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about hybrid cloud WAF clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'EventId' => ['description' => 'The ID of the API security event.', 'type' => 'string', 'example' => '18ba94fea9***e66ba0557b7b91', 'title' => ''],
'EventTag' => ['description' => 'The type of the security event.'."\n"
."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.', 'type' => 'string', 'example' => 'ObtainSensitiveUnauthorized', 'title' => ''],
'AttackerList' => [
'type' => 'array',
'items' => ['description' => 'The attacker identifier.'."\n"
."\n"
.'> If the EventScope parameter is set to **ip**, this parameter indicates the attacker IP address. If the **EventScope** parameter is set to **account**, this parameter indicates the attacker account.', 'type' => 'string', 'example' => '104.234.140.**', 'title' => ''],
'title' => '',
'description' => 'The list of attackers associated with the security event.',
'example' => '',
],
'AttackCnt' => ['description' => 'The total number of attacks in the security event.', 'type' => 'string', 'example' => '345', 'title' => ''],
'StartTs' => ['description' => 'The beginning of the time range during which the security event occurred. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'example' => '1683648000', 'title' => ''],
'EndTs' => ['description' => 'The end of the time range during which the security event occurred. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'example' => '1683703260', 'title' => ''],
'Origin' => ['description' => 'The source of the event type rule. Valid values:'."\n"
."\n"
.'- **custom**: a user-defined rule.'."\n"
."\n"
.'- **default**: a built-in rule.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'EventLevel' => ['description' => 'The severity level of the security event. Valid values:'."\n"
."\n"
.'- **high**: high severity.'."\n"
."\n"
.'- **medium**: medium severity.'."\n"
."\n"
.'- **low**: low severity.', 'type' => 'string', 'example' => 'low', 'title' => ''],
'UserStatus' => ['description' => 'The event status. Valid values:'."\n"
."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
."\n"
.'- **confirmed**: confirmed.'."\n"
."\n"
.'- **actioned**: handled.'."\n"
."\n"
.'- **ignored**: ignored.', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => ''],
'Note' => ['description' => 'The remarks added to the security event.', 'type' => 'string', 'example' => 'already confirmed.', 'title' => ''],
'EventScope' => ['description' => 'The dimension of the security event. Valid values:'."\n"
."\n"
.'- **ip** (default): IP security event.'."\n"
."\n"
.'- **account**: account security event.', 'type' => 'string', 'example' => 'ip', 'title' => ''],
'DetailValue' => ['description' => 'The details of the security event.', 'type' => 'string', 'example' => '{\\"location\\":[\\"FR\\",\\"CN\\"],\\"location_type\\":\\"country\\"}', 'title' => ''],
],
'description' => 'The response parameters.',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeApisecEventDetail',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecEventDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"EventId\\": \\"18ba94fea9***e66ba0557b7b91\\",\\n \\"EventTag\\": \\"ObtainSensitiveUnauthorized\\",\\n \\"AttackerList\\": [\\n \\"104.234.140.**\\"\\n ],\\n \\"AttackCnt\\": \\"345\\",\\n \\"StartTs\\": \\"1683648000\\",\\n \\"EndTs\\": \\"1683703260\\",\\n \\"Origin\\": \\"custom\\",\\n \\"EventLevel\\": \\"low\\",\\n \\"UserStatus\\": \\"toBeConfirmed\\",\\n \\"Note\\": \\"already confirmed.\\",\\n \\"EventScope\\": \\"ip\\",\\n \\"DetailValue\\": \\"{\\\\\\\\\\\\\\"location\\\\\\\\\\\\\\":[\\\\\\\\\\\\\\"FR\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"CN\\\\\\\\\\\\\\"],\\\\\\\\\\\\\\"location_type\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"country\\\\\\\\\\\\\\"}\\"\\n}","type":"json"}]',
],
'DescribeApisecEventDomainStatistic' => [
'summary' => 'Queries the domain name statistics of API security events.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '215784',
'abilityTreeNodes' => ['FEATUREwafDX9EQ6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n"
.'>For hybrid cloud scenarios only, you can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The start time, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end time, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1686895256', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the page to return in a paged query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **5**, which indicates **5** entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'OrderWay',
'in' => 'query',
'schema' => ['description' => 'The sort order of the list. Valid values:'."\n"
."\n"
.'- **asc**: ascending order.'."\n"
.'- **desc**: descending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmvyknl****fa', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-*******-80A6-3014697B11AE'],
'Data' => [
'description' => 'The returned data.',
'type' => 'array',
'items' => [
'description' => 'The returned data.',
'type' => 'object',
'properties' => [
'High' => ['description' => 'The number of high-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'ApiCount' => ['description' => 'The number of APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'Low' => ['description' => 'The number of low-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''],
'Medium' => ['description' => 'The number of medium-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''],
'Domain' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'a.aliyun.com', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security event domain name statistics',
'changeSet' => [
['createdAt' => '2024-11-12T12:56:41.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-29T00:40:40.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecEventDomainStatistic'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecEventDomainStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"66A98669-*******-80A6-3014697B11AE\\",\\n \\"Data\\": [\\n {\\n \\"High\\": 10,\\n \\"ApiCount\\": 10,\\n \\"Low\\": 2,\\n \\"Medium\\": 6,\\n \\"Domain\\": \\"a.aliyun.com\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecEvents' => [
'summary' => 'Queries a list of API security events.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '169015',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-5y***d31', 'title' => ''],
],
[
'name' => 'EventId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API security event.', 'type' => 'string', 'example' => '18ba94fea9***e66ba0557b7b91', 'title' => '', 'required' => false],
],
[
'name' => 'ApiFormat',
'in' => 'query',
'schema' => ['description' => 'The path of the API that is associated with the security event.', 'type' => 'string', 'example' => '/apisec/v1/***.php', 'title' => '', 'required' => false],
],
[
'name' => 'MatchedHost',
'in' => 'query',
'schema' => ['description' => 'The domain name or IP address that is protected by WAF.', 'type' => 'string', 'example' => 'a.***.com', 'title' => '', 'required' => false],
],
[
'name' => 'EventTag',
'in' => 'query',
'schema' => ['description' => 'The event type.'."\n"
."\n"
.'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.', 'type' => 'string', 'example' => 'ObtainSensitiveUnauthorized', 'title' => '', 'required' => false],
],
[
'name' => 'StartTs',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683648000', 'title' => '', 'required' => false],
],
[
'name' => 'EndTs',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683703260', 'title' => '', 'required' => false],
],
[
'name' => 'OrderKey',
'in' => 'query',
'schema' => ['description' => 'The field that is used to sort the query results. Valid values:'."\n"
."\n"
.'- **allCnt**: the number of attacks.'."\n"
."\n"
.'- **startTs**: the start time of the event.'."\n"
."\n"
.'- **endTs**: the end time of the event.', 'type' => 'string', 'example' => 'startTs', 'title' => '', 'required' => false],
],
[
'name' => 'OrderWay',
'in' => 'query',
'schema' => ['description' => 'The order in which the query results are sorted. Valid values:'."\n"
."\n"
.'- **desc**: descending order. This is the default value.'."\n"
."\n"
.'- **asc**: ascending order.', 'type' => 'string', 'example' => 'desc', 'title' => '', 'required' => false],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'default' => '1', 'title' => '', 'required' => false],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '200', 'minimum' => '1', 'example' => '10', 'default' => '10', 'title' => '', 'required' => false],
],
[
'name' => 'ApiTag',
'in' => 'query',
'schema' => ['description' => 'The business purpose of the API.'."\n"
."\n"
.'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'title' => '', 'required' => false],
],
[
'name' => 'Origin',
'in' => 'query',
'schema' => ['description' => 'The source of the event type. Valid values:'."\n"
."\n"
.'- **custom**: a user-defined event type.'."\n"
."\n"
.'- **default**: a built-in event type.', 'type' => 'string', 'example' => 'default', 'title' => '', 'required' => false],
],
[
'name' => 'EventLevel',
'in' => 'query',
'schema' => ['description' => 'The severity level of the event. Valid values:'."\n"
."\n"
.'- **high**: high severity.'."\n"
."\n"
.'- **medium**: medium severity.'."\n"
."\n"
.'- **low**: low severity.', 'type' => 'string', 'example' => 'low', 'title' => '', 'required' => false],
],
[
'name' => 'UserStatus',
'in' => 'query',
'schema' => ['description' => 'The handling status of the event. Valid values:'."\n"
."\n"
.'- **toBeConfirmed**: pending confirmation.'."\n"
."\n"
.'- **confirmed**: confirmed but not yet handled.'."\n"
."\n"
.'- **actioned**: handled.'."\n"
."\n"
.'- **ignored**: ignored.', 'type' => 'string', 'example' => 'ignored', 'title' => '', 'required' => false],
],
[
'name' => 'AttackIp',
'in' => 'query',
'schema' => ['description' => 'The IP address of the attacker that you want to use to filter events.', 'type' => 'string', 'example' => '42.224.*.*', 'title' => '', 'required' => false],
],
[
'name' => 'ApiId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'example' => '820b860***6205da93b935b28', 'title' => '', 'required' => false],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud WAF cluster.'."\n"
."\n"
.'> This parameter is required only in hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the IDs of hybrid cloud WAF clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'EventScope',
'in' => 'query',
'schema' => [
'description' => 'The dimension by which security events are categorized. Valid values:'."\n"
."\n"
.'- **ip**: IP security event. This is the default value.'."\n"
."\n"
.'- **account**: account security event.',
'type' => 'string',
'example' => 'ip',
'default' => 'ip',
'enum' => ['ip', 'account'],
'title' => '',
'required' => false,
],
],
[
'name' => 'Account',
'in' => 'query',
'schema' => ['description' => 'The account that you want to use to filter events.', 'type' => 'string', 'example' => '1818743389962696', 'title' => '', 'required' => false],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '12F4CC8F-7E9F-5E4D-BF7C-BD1EDDE0C282'],
'Data' => [
'description' => 'The list of security events.',
'type' => 'array',
'items' => [
'description' => 'The details of the security event.',
'type' => 'object',
'properties' => [
'Origin' => ['description' => 'The source of the event type. Valid values:'."\n"
."\n"
.'- **custom**: a user-defined event type.'."\n"
."\n"
.'- **default**: a built-in event type.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'EventLevel' => ['description' => 'The severity level of the event. Valid values:'."\n"
."\n"
.'- **high**: high severity.'."\n"
."\n"
.'- **medium**: medium severity.'."\n"
."\n"
.'- **low**: low severity.', 'type' => 'string', 'example' => 'medium', 'title' => ''],
'StartTs' => ['description' => 'The start time of the event. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683648000', 'title' => ''],
'EventInfo' => ['description' => 'The details of the security event. The value is a JSON string that contains the following fields:'."\n"
."\n"
.'- **ip\\_info**: the information about the attacker IP address. For more information, see the **AttackIpInfo** response parameter.'."\n"
."\n"
.'- **rule\\_id**: the ID of the rule that corresponds to the event.'."\n"
."\n"
.'- **rule\\_tag**: the information about the rule that corresponds to the event.', 'type' => 'string', 'deprecated' => true, 'example' => '{'."\n"
.' "ip_info": ['."\n"
.' {'."\n"
.' "ip": "112.224.143.**",'."\n"
.' "country_id": "CN",'."\n"
.' "region_id": "-",'."\n"
.' "cnt": "4"'."\n"
.' }'."\n"
.' ],'."\n"
.' "rule_id": "837**",'."\n"
.' "rule_tag": "interface returns a large amount of sensitive information"'."\n"
.'}'."\n", 'title' => ''],
'ApiFormat' => ['description' => 'The path of the API that is associated with the security event.', 'type' => 'string', 'example' => '/apisec/v1/register.php', 'title' => ''],
'ApiTag' => ['description' => 'The business purpose of the API.'."\n"
."\n"
.'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported business purposes.', 'type' => 'string', 'example' => 'SendMail', 'title' => ''],
'UserStatus' => ['description' => 'The handling status of the event. Valid values:'."\n"
."\n"
.'- **toBeConfirmed**: pending confirmation.'."\n"
."\n"
.'- **confirmed**: confirmed but not yet handled.'."\n"
."\n"
.'- **actioned**: handled.'."\n"
."\n"
.'- **ignored**: ignored.', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => ''],
'Follow' => ['description' => 'Indicates whether the event is followed. Valid values:'."\n"
."\n"
.'- **1**: The event is followed.'."\n"
."\n"
.'- **0**: The event is not followed.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'RequestData' => ['description' => 'A sample of the API request data. The value is a JSON string.', 'type' => 'string', 'deprecated' => true, 'example' => '{}', 'title' => ''],
'EventId' => ['description' => 'The ID of the security event.', 'type' => 'string', 'example' => 'c82cb276847e9c96f9597d9f4b0cdcff', 'title' => ''],
'AttackIp' => ['description' => 'The IP address of the attacker. >This parameter is deprecated. Use the AttackIps parameter instead.>', 'type' => 'string', 'deprecated' => true, 'example' => '104.234.140.**', 'title' => ''],
'AttackIpInfo' => ['description' => 'The information about the attacker IP address. The value is a JSON string that contains the following fields:'."\n"
."\n"
.'- **ip**: the IP address.'."\n"
."\n"
.'- **country\\_id**: the country.'."\n"
."\n"
.'- **region\\_id**: the region.'."\n"
."\n"
.'- **cnt**: the number of attacks.', 'type' => 'string', 'deprecated' => true, 'example' => '['."\n"
.' {'."\n"
.' "ip": "72.*.*.119",'."\n"
.' "country_id": "US",'."\n"
.' "region_id": "",'."\n"
.' "cnt": "2100"'."\n"
.' }'."\n"
.']', 'title' => ''],
'EndTs' => ['description' => 'The end time of the event. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683703260', 'title' => ''],
'AttackCntInfo' => ['description' => 'The attack count over time. The value is a JSON string in which each key is a UNIX timestamp in seconds and each value is the number of attacks at that time.', 'type' => 'string', 'deprecated' => true, 'example' => '{'."\n"
.' "1717498320": 500,'."\n"
.' "1717498380": 529,'."\n"
.' "1717498440": 20'."\n"
.'}', 'title' => ''],
'AllCnt' => ['description' => 'The total number of attacks in the security event.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RemoteRegion' => ['description' => 'The region where the attacker IP address is located.', 'type' => 'string', 'example' => '110000', 'title' => ''],
'ResponseData' => ['description' => 'A sample of the API response data. The value is a JSON string.', 'type' => 'string', 'deprecated' => true, 'example' => '{}', 'title' => ''],
'AttackClient' => ['description' => 'The type of client that initiated the attack, such as a browser or automation tool.', 'type' => 'string', 'example' => 'Chrome', 'title' => ''],
'EventTag' => ['description' => 'The event type.'."\n"
."\n"
.'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported event types.', 'type' => 'string', 'example' => 'ObtainSensitiveUnauthorized', 'title' => ''],
'MatchedHost' => ['description' => 'The domain name or IP address that is protected by WAF.', 'type' => 'string', 'example' => 'a.***.com', 'title' => ''],
'Note' => ['description' => 'The remarks that are added to the security event.', 'type' => 'string', 'example' => 'Notify', 'title' => ''],
'ApiId' => ['description' => 'The ID of the API that is associated with the security event.', 'type' => 'string', 'example' => '2ecc1cf67b91853bc55545052ccf06a8', 'title' => ''],
'RemoteCountry' => ['description' => 'The country where the attacker IP address is located.', 'type' => 'string', 'example' => 'US', 'title' => ''],
'AttackIps' => [
'description' => 'The list of attacker IP addresses.',
'type' => 'array',
'items' => ['description' => 'The IP address of the attacker.', 'type' => 'string', 'example' => '104.234.140.**'."\n", 'title' => ''],
'title' => '',
'example' => '',
'deprecated' => true,
],
'AttackerList' => [
'type' => 'array',
'items' => ['description' => 'The attacker that is associated with the security event.'."\n"
."\n"
.'> If the value of EventScope is ip, this parameter indicates the attacker IP address. If the value of EventScope is account, this parameter indicates the attacker account.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''],
'description' => 'The list of attackers that are associated with the security event.',
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'title' => 'DescribeApisecEvents',
'changeSet' => [
['createdAt' => '2025-02-24T13:16:00.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 3,\\n \\"RequestId\\": \\"12F4CC8F-7E9F-5E4D-BF7C-BD1EDDE0C282\\",\\n \\"Data\\": [\\n {\\n \\"Origin\\": \\"custom\\",\\n \\"EventLevel\\": \\"medium\\",\\n \\"StartTs\\": 1683648000,\\n \\"EventInfo\\": \\"{\\\\n \\\\\\"ip_info\\\\\\": [\\\\n {\\\\n \\\\\\"ip\\\\\\": \\\\\\"112.224.143.**\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"CN\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"cnt\\\\\\": \\\\\\"4\\\\\\"\\\\n }\\\\n ],\\\\n \\\\\\"rule_id\\\\\\": \\\\\\"837**\\\\\\",\\\\n \\\\\\"rule_tag\\\\\\": \\\\\\"interface returns a large amount of sensitive information\\\\\\"\\\\n}\\\\n\\",\\n \\"ApiFormat\\": \\"/apisec/v1/register.php\\",\\n \\"ApiTag\\": \\"SendMail\\",\\n \\"UserStatus\\": \\"toBeConfirmed\\",\\n \\"Follow\\": 0,\\n \\"RequestData\\": \\"{}\\",\\n \\"EventId\\": \\"c82cb276847e9c96f9597d9f4b0cdcff\\",\\n \\"AttackIp\\": \\"104.234.140.**\\",\\n \\"AttackIpInfo\\": \\"[\\\\n {\\\\n \\\\\\"ip\\\\\\": \\\\\\"72.*.*.119\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"US\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"\\\\\\",\\\\n \\\\\\"cnt\\\\\\": \\\\\\"2100\\\\\\"\\\\n }\\\\n]\\",\\n \\"EndTs\\": 1683703260,\\n \\"AttackCntInfo\\": \\"{\\\\n \\\\\\"1717498320\\\\\\": 500,\\\\n \\\\\\"1717498380\\\\\\": 529,\\\\n \\\\\\"1717498440\\\\\\": 20\\\\n}\\",\\n \\"AllCnt\\": 10,\\n \\"RemoteRegion\\": \\"110000\\",\\n \\"ResponseData\\": \\"{}\\",\\n \\"AttackClient\\": \\"Chrome\\",\\n \\"EventTag\\": \\"ObtainSensitiveUnauthorized\\",\\n \\"MatchedHost\\": \\"a.***.com\\",\\n \\"Note\\": \\"Notify\\",\\n \\"ApiId\\": \\"2ecc1cf67b91853bc55545052ccf06a8\\",\\n \\"RemoteCountry\\": \\"US\\",\\n \\"AttackIps\\": [\\n \\"104.234.140.**\\\\n\\"\\n ],\\n \\"AttackerList\\": [\\n \\"1.1.1.1\\"\\n ]\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeApisecExamples' => [
'summary' => 'Queries the API security examples that are detected by Web Application Firewall (WAF).',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '255326',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm005', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'ApiId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'required' => true, 'example' => '867ade***24ee6e205b8da82b8f84', 'title' => ''],
],
[
'name' => 'ExampleType',
'in' => 'query',
'schema' => [
'description' => 'The type of the example. Valid values:'."\n"
."\n"
.'- **sensitive**: sensitive data.'."\n"
."\n"
.'- **risk**: threat.',
'type' => 'string',
'required' => false,
'example' => 'sensitive',
'enum' => ['risk', 'sensitive'],
'title' => '',
],
],
[
'name' => 'RequestSensitiveTypeList',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The type of sensitive data in requests.', 'type' => 'string', 'example' => '1001', 'title' => '', 'required' => false],
'maxItems' => 100,
'title' => '',
'description' => 'The list of sensitive data types in requests.',
'required' => false,
'example' => '',
],
],
[
'name' => 'ResponseSensitiveTypeList',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The type of sensitive data in responses.', 'type' => 'string', 'example' => '1001', 'title' => '', 'required' => false],
'maxItems' => 100,
'title' => '',
'description' => 'The list of sensitive data types in responses.',
'required' => false,
'example' => '',
],
],
[
'name' => 'AbnormalTag',
'in' => 'query',
'schema' => ['description' => 'The type of API security threat.', 'type' => 'string', 'example' => 'LackOfSpeedLimit', 'title' => '', 'required' => false],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The token that is used to retrieve the next page of results.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => '', 'required' => false],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Valid values: 1 to 5. Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '5', 'minimum' => '1', 'example' => '5', 'default' => '5', 'title' => '', 'required' => false],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n"
."\n"
.'> This parameter is available only in hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about Hybrid Cloud WAF clusters.', 'type' => 'string', 'example' => '176', 'title' => '', 'required' => false],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Examples' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Protocol' => ['description' => 'The protocol type of the API request. Valid values:'."\n"
."\n"
.'- **http**: HTTP'."\n"
."\n"
.'- **https**: HTTPS', 'type' => 'string', 'example' => 'http', 'title' => ''],
'ApiUrl' => ['description' => 'The complete URL of the API request.', 'type' => 'string', 'example' => 'http://www.test.com/api/v1/hello.php?token=TkJGQw', 'title' => ''],
'PocPayload' => ['description' => 'The proof-of-concept (PoC) request.', 'type' => 'string', 'example' => 'curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64)\' -H \'Host: www.test.com\' -H \'Accept-encoding: gzip, deflate\' -H \'Eagleeye-rpcid: 0.1\' \'http://www.test.com/api/v1/hello.php?token=TkJGQw\'', 'title' => ''],
'RequestSensitiveData' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'SensitiveCode' => ['description' => 'The code that indicates the type of sensitive data in the request.', 'type' => 'string', 'example' => '1000', 'title' => ''],
'SensitiveDataList' => [
'type' => 'array',
'items' => ['description' => 'The sensitive data entry.', 'type' => 'string', 'example' => '90.88.49.19', 'title' => ''],
'title' => '',
'description' => 'The list of sensitive data.',
'example' => '',
],
],
'title' => '',
'description' => 'The information about the sensitive data in the request.',
'example' => '',
],
'title' => '',
'description' => 'The list of sensitive data in the request.',
'example' => '',
],
'ResponseSensitiveData' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'SensitiveCode' => ['description' => 'The code that indicates the type of sensitive data in the response.', 'type' => 'string', 'example' => '1000', 'title' => ''],
'SensitiveDataList' => [
'type' => 'array',
'items' => ['description' => 'The sensitive data entry.', 'type' => 'string', 'example' => '90.88.49.19', 'title' => ''],
'title' => '',
'description' => 'The list of sensitive data.',
'example' => '',
],
],
'title' => '',
'description' => 'The information about the sensitive data in the response.',
'example' => '',
],
'title' => '',
'description' => 'The list of sensitive data in the response.',
'example' => '',
],
'Request' => ['description' => 'The content of the sample request. This is a string converted from a JSON object that consists of a series of parameters. The JSON object contains the following fields:'."\n"
."\n"
.'- **method**: the request method.'."\n"
."\n"
.'- **host**: the requested domain name.'."\n"
."\n"
.'- **header**: the request header.'."\n"
."\n"
.'- **server\\_port**: the service port.'."\n"
."\n"
.'- **body**: the request body.'."\n"
."\n"
.'- **url**: the URI of the request.'."\n"
."\n"
.'- **server\\_protocol**: the server-side protocol.'."\n"
."\n"
.'> If the **body** content exceeds 16 KB, only a portion of the content is returned.', 'type' => 'string', 'example' => '{'."\n"
.' "method": "GET",'."\n"
.' "host": "www.test.com",'."\n"
.' "header": {'."\n"
.' "Accept": "*/*",'."\n"
.' "Connection": "keep-alive"'."\n"
.' },'."\n"
.' "server_port": "80",'."\n"
.' "body": "-",'."\n"
.' "url": "/api/v1/hello.php?token=TkJGQw",'."\n"
.' "server_protocol": "HTTP/1.1"'."\n"
.'}', 'title' => ''],
'Response' => ['description' => 'The content of the sample response. This is a string converted from a JSON object that consists of a series of parameters. The JSON object contains the following fields:'."\n"
."\n"
.'- **status**: the status code.'."\n"
."\n"
.'- **header**: the response header.'."\n"
."\n"
.'- **body**: the response body.'."\n"
."\n"
.'> If the **body** content exceeds 16 KB, only a portion of the content is returned.', 'type' => 'string', 'example' => '{'."\n"
.' "header": {'."\n"
.' "Connection": "keep-alive",'."\n"
.' "Content-Encoding": "gzip",'."\n"
.' "Content-Type": "text/html; charset=UTF-8"'."\n"
.' },'."\n"
.' "body": "xxxx",'."\n"
.' "status": 200'."\n"
.'}', 'title' => ''],
],
'title' => '',
'description' => 'The details of the API security example.',
'example' => '',
],
'title' => '',
'description' => 'The list of API security examples.',
'example' => '',
],
'NextToken' => ['description' => 'The token that is used to retrieve the next page of results.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
'MaxResults' => ['description' => 'The number of entries returned on each page. Valid values: 1 to 5. Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''],
],
'title' => '',
'description' => 'The response parameters.',
'example' => '',
],
],
],
'title' => 'DescribeApisecExamples',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecExamples',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Examples\\": [\\n {\\n \\"Protocol\\": \\"http\\",\\n \\"ApiUrl\\": \\"http://www.test.com/api/v1/hello.php?token=TkJGQw\\",\\n \\"PocPayload\\": \\"curl -X GET -H \'Accept: */*\' -H \'Connection: keep-alive\' -H \'User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64)\' -H \'Host: www.test.com\' -H \'Accept-encoding: gzip, deflate\' -H \'Eagleeye-rpcid: 0.1\' \'http://www.test.com/api/v1/hello.php?token=TkJGQw\'\\",\\n \\"RequestSensitiveData\\": [\\n {\\n \\"SensitiveCode\\": \\"1000\\",\\n \\"SensitiveDataList\\": [\\n \\"90.88.49.19\\"\\n ]\\n }\\n ],\\n \\"ResponseSensitiveData\\": [\\n {\\n \\"SensitiveCode\\": \\"1000\\",\\n \\"SensitiveDataList\\": [\\n \\"90.88.49.19\\"\\n ]\\n }\\n ],\\n \\"Request\\": \\"{\\\\n \\\\\\"method\\\\\\": \\\\\\"GET\\\\\\",\\\\n \\\\\\"host\\\\\\": \\\\\\"www.test.com\\\\\\",\\\\n \\\\\\"header\\\\\\": {\\\\n \\\\\\"Accept\\\\\\": \\\\\\"*/*\\\\\\",\\\\n \\\\\\"Connection\\\\\\": \\\\\\"keep-alive\\\\\\"\\\\n },\\\\n \\\\\\"server_port\\\\\\": \\\\\\"80\\\\\\",\\\\n \\\\\\"body\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"url\\\\\\": \\\\\\"/api/v1/hello.php?token=TkJGQw\\\\\\",\\\\n \\\\\\"server_protocol\\\\\\": \\\\\\"HTTP/1.1\\\\\\"\\\\n}\\",\\n \\"Response\\": \\"{\\\\n \\\\\\"header\\\\\\": {\\\\n \\\\\\"Connection\\\\\\": \\\\\\"keep-alive\\\\\\",\\\\n \\\\\\"Content-Encoding\\\\\\": \\\\\\"gzip\\\\\\",\\\\n \\\\\\"Content-Type\\\\\\": \\\\\\"text/html; charset=UTF-8\\\\\\"\\\\n },\\\\n \\\\\\"body\\\\\\": \\\\\\"xxxx\\\\\\",\\\\n \\\\\\"status\\\\\\": 200\\\\n}\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 5,\\n \\"TotalCount\\": 5\\n}","type":"json"}]',
],
'DescribeApisecLogDeliveries' => [
'summary' => 'Queries the configurations of API security log subscription.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '224407',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a'."\n", 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''],
'DeliveryConfigs' => [
'description' => 'The configurations of API security log subscription.',
'type' => 'array',
'items' => [
'description' => 'The configurations.',
'type' => 'object',
'properties' => [
'AssertKey' => ['description' => 'The type of the log subscription. Valid values:'."\n"
."\n"
.'- **risk**: risk information.'."\n"
."\n"
.'- **event**: attack event information.'."\n"
."\n"
.'- **asset**: asset information.', 'type' => 'string', 'example' => 'risk', 'title' => ''],
'Status' => ['description' => 'The status of API security log subscription. Valid values:'."\n"
."\n"
.'- **true**: enabled.'."\n"
."\n"
.'- **false**: disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'LogStoreName' => ['description' => 'The name of the Logstore in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-logstore***'."\n", 'title' => ''],
'ProjectName' => ['description' => 'The name of the project in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-project-14316572********', 'title' => ''],
'LogRegionId' => ['description' => 'The ID of the region where logs are stored.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeApisecLogDeliveries',
'changeSet' => [
['createdAt' => '2024-11-12T11:54:56.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecLogDeliveries'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecLogDeliveries',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"DeliveryConfigs\\": [\\n {\\n \\"AssertKey\\": \\"risk\\",\\n \\"Status\\": true,\\n \\"LogStoreName\\": \\"apisec-logstore***\\\\n\\",\\n \\"ProjectName\\": \\"apisec-project-14316572********\\",\\n \\"LogRegionId\\": \\"cn-hangzhou\\"\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeApisecMatchedHosts' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '168988',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-x0r37plpl0g', 'title' => ''],
],
[
'name' => 'MatchedHost',
'in' => 'query',
'schema' => ['description' => 'The domain name or IP address.', 'type' => 'string', 'required' => false, 'example' => 'bc.aliyun.com', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates the first page.', 'type' => 'string', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'string', 'default' => '10', 'required' => false, 'example' => '8', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The detection type. Valid values:'."\n"
.'- **api**: the domain name list of API assets.'."\n"
.'- **abnormal**: the domain name list of risks.'."\n"
.'- **event**: the domain name list of security events.', 'type' => 'string', 'default' => 'api', 'required' => false, 'example' => 'event', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '433', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekz5qqo7jthcsa', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'string', 'example' => '2', 'title' => ''],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '8D4CA088-F72B-5658-BD5B-ECE8B8F0C7BB'],
'Data' => [
'description' => 'The list of domain names.',
'type' => 'array',
'items' => [
'description' => 'The domain name information.',
'type' => 'object',
'properties' => [
'MatchedHost' => ['description' => 'The domain name or IP address.', 'type' => 'string', 'example' => 'bc.aliyun.com', 'title' => ''],
'Count' => ['description' => 'The number of queries.', 'type' => 'integer', 'format' => 'int64', 'example' => '31', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query the domain name list for API security detection',
'summary' => 'Queries the list of domain names for API security detection.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecMatchedHosts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": \\"2\\",\\n \\"RequestId\\": \\"8D4CA088-F72B-5658-BD5B-ECE8B8F0C7BB\\",\\n \\"Data\\": [\\n {\\n \\"MatchedHost\\": \\"bc.aliyun.com\\",\\n \\"Count\\": 31\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecProtectionGroups' => [
'summary' => 'Retrieves a list of active API security protection object groups.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '189024',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'ResourceGroup',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'required' => false, 'example' => 'group1'."\n", 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '60', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ApisecStatus',
'in' => 'query',
'schema' => ['description' => 'The API security detection switch.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of protected object groups.', 'type' => 'integer', 'format' => 'int64', 'example' => '8', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
'Data' => [
'description' => 'The list of protected object groups.',
'type' => 'array',
'items' => [
'description' => 'The information about the protected object group.',
'type' => 'object',
'properties' => [
'ApisecStatus' => ['description' => 'The master switch for API security.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '1', 'title' => ''],
'ReportStatus' => ['description' => 'The compliance check switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '0', 'title' => ''],
'ResourceGroup' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'group1', 'title' => ''],
'TraceStatus' => ['description' => 'The traceability audit switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '0', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeApisecProtectionGroups',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionGroups'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecProtectionGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 8,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Data\\": [\\n {\\n \\"ApisecStatus\\": 1,\\n \\"ReportStatus\\": 0,\\n \\"ResourceGroup\\": \\"group1\\",\\n \\"TraceStatus\\": 0\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeApisecProtectionResources' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '188983',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => false, 'example' => 'cwaf-***-waf', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return when you perform a paged query. Default value: **1**, which indicates the first page. For more information about paging, see the API reference.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page when you perform a paged query. Default value: **10**, which indicates 10 entries per page. For more information about paging, see the API reference.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '100', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ApisecStatus',
'in' => 'query',
'schema' => ['description' => 'The global switch for API security.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '5', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''],
'Data' => [
'description' => 'The list of protected objects.',
'type' => 'array',
'items' => [
'description' => 'The information about the protected object.',
'type' => 'object',
'properties' => [
'ApisecStatus' => ['description' => 'The global switch for API security.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '1', 'title' => ''],
'Resource' => ['description' => 'The protected object.', 'type' => 'string', 'example' => 'cwaf-***-waf', 'title' => ''],
'ReportStatus' => ['description' => 'The status of the compliance review switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '1', 'title' => ''],
'TraceStatus' => ['description' => 'The status of the tracing audit switch.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'example' => '0', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query the list of API security protected objects',
'summary' => 'Queries the list of protected objects for which API security protection is enabled.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionResources'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecProtectionResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"ApisecStatus\\": 1,\\n \\"Resource\\": \\"cwaf-***-waf\\",\\n \\"ReportStatus\\": 1,\\n \\"TraceStatus\\": 0\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecRules' => [
'summary' => 'Queries the rules of an API security policy.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '167015',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0x***', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of the rule. Valid values:'."\n"
."\n"
.'- **risk**: threat detection'."\n"
."\n"
.'- **event**: security event'."\n"
."\n"
.'- **sensitive\\_word**: sensitive data'."\n"
."\n"
.'- **auth\\_flag**: authentication credential'."\n"
."\n"
.'- **api\\_tag**: business purpose'."\n"
."\n"
.'- **desensitization**: data masking'."\n"
."\n"
.'- **whitelist**: whitelist'."\n"
."\n"
.'- **recognition**: API'."\n"
."\n"
.'- **offline\\_api**: lifecycle management', 'type' => 'string', 'required' => true, 'example' => 'risk', 'title' => ''],
],
[
'name' => 'Level',
'in' => 'query',
'schema' => ['description' => 'The level of the rule.'."\n"
."\n"
.'For threat detection (risk) and security events (event), valid values are:'."\n"
."\n"
.'- **high**: important'."\n"
."\n"
.'- **medium**: medium'."\n"
."\n"
.'- **low**: low'."\n"
."\n"
.'For sensitive data (sensitive\\_word), valid values are:'."\n"
."\n"
.'- **S1**: S1'."\n"
."\n"
.'- **S2**: S2'."\n"
."\n"
.'- **S3**: S3'."\n"
."\n"
.'- **S4**: S4', 'type' => 'string', 'required' => false, 'example' => 'high', 'title' => ''],
],
[
'name' => 'Name',
'in' => 'query',
'schema' => ['description' => 'The name of the rule.', 'type' => 'string', 'required' => false, 'example' => 'information leakage', 'title' => ''],
],
[
'name' => 'Origin',
'in' => 'query',
'schema' => ['description' => 'The source of the rule. Valid values:'."\n"
."\n"
.'- **custom**: custom'."\n"
."\n"
.'- **default**: built-in', 'type' => 'string', 'required' => false, 'example' => 'custom', 'title' => ''],
],
[
'name' => 'Status',
'in' => 'query',
'schema' => ['description' => 'The enabling status of the rule. Valid values:'."\n"
."\n"
.'- **1**: enabled'."\n"
."\n"
.'- **0**: disabled', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Lang',
'in' => 'query',
'schema' => ['description' => 'The language of the response. Valid values:'."\n"
."\n"
.'- **zh** (default): Chinese'."\n"
."\n"
.'- **en**: English', 'type' => 'string', 'default' => 'zh', 'required' => false, 'example' => 'zh', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''],
'RequestId' => ['title' => '', 'description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0'],
'Data' => [
'description' => 'The list of rules.',
'type' => 'array',
'items' => [
'description' => 'The information about the rule.',
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The status of the rule. Valid values:'."\n"
."\n"
.'- **1**: enabled'."\n"
."\n"
.'- **0**: disabled', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'Type' => ['description' => 'The type of the rule. Valid values:'."\n"
."\n"
.'- **risk**: threat detection'."\n"
."\n"
.'- **event**: security event'."\n"
."\n"
.'- **sensitive\\_word**: sensitive data'."\n"
."\n"
.'- **auth\\_flag**: authentication credential'."\n"
."\n"
.'- **api\\_tag**: business purpose'."\n"
."\n"
.'- **desensitization**: data masking'."\n"
."\n"
.'- **whitelist**: whitelist'."\n"
."\n"
.'- **recognition**: API.'."\n"
."\n"
.'- **offline\\_api**: lifecycle management', 'type' => 'string', 'example' => 'risk', 'title' => ''],
'UpdateTime' => ['description' => 'The time when the rule was updated. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1721095301', 'title' => ''],
'Id' => ['description' => 'The ID of the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '34933', 'title' => ''],
'Rule' => ['description' => 'The details of the rule. The value is a string that is converted from a JSON object.', 'type' => 'string', 'example' => '{'."\n"
.' "ext": "Date",'."\n"
.' "regex": "-",'."\n"
.' "code": "2009",'."\n"
.' "level": "S1",'."\n"
.' "origin": "default",'."\n"
.' "name": "2009"'."\n"
.'}'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeApisecRules',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 6,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"Status\\": 1,\\n \\"Type\\": \\"risk\\",\\n \\"UpdateTime\\": 1721095301,\\n \\"Id\\": 34933,\\n \\"Rule\\": \\"{\\\\n \\\\\\"ext\\\\\\": \\\\\\"Date\\\\\\",\\\\n \\\\\\"regex\\\\\\": \\\\\\"-\\\\\\",\\\\n \\\\\\"code\\\\\\": \\\\\\"2009\\\\\\",\\\\n \\\\\\"level\\\\\\": \\\\\\"S1\\\\\\",\\\\n \\\\\\"origin\\\\\\": \\\\\\"default\\\\\\",\\\\n \\\\\\"name\\\\\\": \\\\\\"2009\\\\\\"\\\\n}\\\\n\\"\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeApisecSensitiveDomainStatistic' => [
'summary' => 'Queries statistics on data endpoints associated with API security sensitive data domains.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '215787',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The start time. This value is a UNIX timestamp (UTC) in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1668496310', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end time. This value is a UNIX timestamp (UTC) in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1686895256', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the page to return in a paged query. Default value: **1**, which indicates the first page. For more information about paging, see the paging parameters.', 'type' => 'integer', 'format' => 'int64', 'minimum' => '1', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **5**, which indicates 5 entries per page. For more information about paging, see the paging parameters.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of sensitive data. Valid values:'."\n"
."\n"
.'- request: request sensitive data.'."\n"
."\n"
.'- response: response sensitive data.', 'type' => 'string', 'required' => false, 'example' => 'request', 'title' => ''],
],
[
'name' => 'OrderWay',
'in' => 'query',
'schema' => ['description' => 'The sort order of the list. Valid values:'."\n"
."\n"
.'- asc: ascending order.'."\n"
."\n"
.'- desc: descending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '56B40D30-4960-4F19-B7D5-2B1F***6CB70'],
'Data' => [
'description' => 'The returned data.',
'type' => 'array',
'items' => [
'description' => 'The returned data.',
'type' => 'object',
'properties' => [
'SensitiveLevel' => ['description' => 'The sensitivity level of the API. Valid values:'."\n"
.'- **S1**: low sensitivity.'."\n"
.'- **S2**: medium sensitivity.'."\n"
.'- **S3**: high sensitivity.', 'type' => 'string', 'example' => 'S3', 'title' => ''],
'ApiCount' => ['description' => 'The number of involved APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'SensitiveCode' => ['description' => 'The code of the sensitive data type.'."\n"
.'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'string', 'example' => '10', 'title' => ''],
'SensitiveName' => ['description' => 'The name of the sensitive data type.', 'type' => 'string', 'example' => '自定义敏感类型。', 'title' => ''],
'DomainCount' => ['description' => 'The number of involved domain names.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security sensitive data domain name statistics',
'changeSet' => [
['createdAt' => '2024-11-12T12:56:44.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-27T09:34:21.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '35', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSensitiveDomainStatistic'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSensitiveDomainStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 27,\\n \\"RequestId\\": \\"56B40D30-4960-4F19-B7D5-2B1F***6CB70\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveLevel\\": \\"S3\\",\\n \\"ApiCount\\": 10,\\n \\"SensitiveCode\\": \\"10\\",\\n \\"SensitiveName\\": \\"自定义敏感类型。\\",\\n \\"DomainCount\\": 10\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecSlsLogStores' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '224413',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''],
],
[
'name' => 'LogRegionId',
'in' => 'query',
'schema' => ['description' => 'The ID of the region where logs are stored.'."\n"
."\n"
.'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ProjectName',
'in' => 'query',
'schema' => ['description' => 'The name of the project in Simple Log Service.', 'type' => 'string', 'required' => true, 'example' => 'apisec-project-14316572********', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'."\n", 'title' => ''],
'LogStores' => [
'description' => 'The names of the Logstores in Simple Log Service.',
'type' => 'array',
'items' => ['description' => 'The name of the Logstore in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-logstore***', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeApisecSlsLogStores',
'summary' => 'Queries the Logstores whose names start with apisec- in Simple Log Service.',
'changeSet' => [
['createdAt' => '2024-11-12T11:54:57.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsLogStores'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSlsLogStores',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\\\n\\",\\n \\"LogStores\\": [\\n \\"apisec-logstore***\\"\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeApisecSlsProjects' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '224410',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''],
],
[
'name' => 'LogRegionId',
'in' => 'query',
'schema' => ['description' => 'The ID of the region where logs are stored.'."\n"
."\n"
.'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
'Projects' => [
'description' => 'The names of the projects in Simple Log Service.',
'type' => 'array',
'items' => ['description' => 'The name of the project in Simple Log Service.', 'type' => 'string', 'example' => 'apisec-project-14316572********'."\n", 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeApisecSlsProjects',
'summary' => 'Queries the projects whose names start with apisec- in Simple Log Service.',
'changeSet' => [
['createdAt' => '2024-11-12T11:54:56.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsProjects'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSlsProjects',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"Projects\\": [\\n \\"apisec-project-14316572********\\\\n\\"\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeApisecStatistics' => [
'summary' => 'Queries statistics for API security risks or security events.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '169803',
'abilityTreeNodes' => ['FEATUREwafWE25G7'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uax***b09', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of detection statistics. Valid values:'."\n"
."\n"
.'- **risk**: statistics on security risks.'."\n"
."\n"
.'- **event**: statistics on attacks.', 'type' => 'string', 'example' => 'risk', 'default' => 'risk', 'title' => '', 'required' => false],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n"
."\n"
.'> This parameter is available only in hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query Hybrid Cloud WAF clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aek2***uwbs5q', 'title' => '', 'required' => false],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1668496310', 'title' => '', 'required' => false],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1726113600', 'title' => '', 'required' => false],
],
[
'name' => 'UserStatusList',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The status of the security risk or security event.'."\n"
."\n"
.'> For the supported status values of risks and security events, see the **UserStatus** request parameter of [DescribeApisecAbnormals](~~2859134~~) and [DescribeApisecEvents](~~2858948~~).', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => '', 'required' => false],
'description' => 'The list of statuses used to filter the detection statistics.',
'required' => false,
'title' => '',
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '221F0F14-54C6-59A1-9967-72***81B61A'],
'Data' => [
'description' => 'The statistical results of API security risks or events.',
'type' => 'object',
'properties' => [
'High' => ['description' => 'The number of high-risk items.', 'type' => 'integer', 'format' => 'int64', 'example' => '135', 'title' => ''],
'ToBeFixed' => ['description' => 'The number of items to be fixed.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''],
'Ignore' => ['description' => 'The number of ignored items.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''],
'TodayTotal' => ['description' => 'The total number of new items detected today.', 'type' => 'string', 'example' => '3', 'title' => ''],
'TodayMedium' => ['description' => 'The number of new medium-risk items detected today.', 'type' => 'string', 'example' => '0', 'title' => ''],
'TodayHigh' => ['description' => 'The number of new high-risk items detected today.', 'type' => 'string', 'example' => '3', 'title' => ''],
'Low' => ['description' => 'The number of low-risk items.', 'type' => 'integer', 'format' => 'int64', 'example' => '160', 'title' => ''],
'Medium' => ['description' => 'The number of medium-risk items.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''],
'Total' => ['description' => 'The total number of items.'."\n"
."\n"
.'> This is the sum of the values of the **High**, **Medium**, and **Low** response parameters.', 'type' => 'integer', 'format' => 'int64', 'example' => '322', 'title' => ''],
'TodayLow' => ['description' => 'The number of new low-risk items detected today.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'ToBeConfirmed' => ['description' => 'The number of items to be confirmed.', 'type' => 'integer', 'format' => 'int64', 'example' => '295', 'title' => ''],
'Api' => ['description' => 'The number of APIs that are monitored by the API security module.', 'type' => 'integer', 'format' => 'int64', 'example' => '202', 'title' => ''],
'Confirmed' => ['description' => 'The number of confirmed items.', 'type' => 'integer', 'format' => 'int64', 'example' => '11', 'title' => ''],
'Domain' => ['description' => 'The number of domain names that are monitored by the API security module.', 'type' => 'integer', 'format' => 'int64', 'example' => '22', 'title' => ''],
'Fixed' => ['description' => 'The number of items that are manually verified as fixed.', 'type' => 'integer', 'format' => 'int64', 'example' => '13', 'title' => ''],
'Actioned' => ['description' => 'The number of handled items.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'ToBeVerified' => ['description' => 'The number of items to be verified by the system.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''],
'NotFixed' => ['description' => 'The number of items that are verified as not fixed.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'SystemFixed' => ['description' => 'The number of items that are verified as fixed by the system.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'Account' => ['description' => 'The number of accounts associated with the monitored APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'title' => 'DescribeApisecStatistics',
'changeSet' => [
['createdAt' => '2025-02-24T13:16:00.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecStatistics',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"221F0F14-54C6-59A1-9967-72***81B61A\\",\\n \\"Data\\": {\\n \\"High\\": 135,\\n \\"ToBeFixed\\": 3,\\n \\"Ignore\\": 3,\\n \\"TodayTotal\\": \\"3\\",\\n \\"TodayMedium\\": \\"0\\",\\n \\"TodayHigh\\": \\"3\\",\\n \\"Low\\": 160,\\n \\"Medium\\": 27,\\n \\"Total\\": 322,\\n \\"TodayLow\\": 0,\\n \\"ToBeConfirmed\\": 295,\\n \\"Api\\": 202,\\n \\"Confirmed\\": 11,\\n \\"Domain\\": 22,\\n \\"Fixed\\": 13,\\n \\"Actioned\\": 1,\\n \\"ToBeVerified\\": 2,\\n \\"NotFixed\\": 0,\\n \\"SystemFixed\\": 1,\\n \\"Account\\": 1\\n }\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeApisecSuggestions' => [
'summary' => 'Queries protection suggestions for API assets.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '169804',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-pe336n43m04', 'title' => ''],
],
[
'name' => 'ApiId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'required' => true, 'example' => 'a60fd7e3021fe371c06dc1dcb883def0', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0'],
'Data' => [
'description' => 'The list of protection suggestions.',
'type' => 'array',
'items' => [
'description' => 'The protection suggestion information.',
'type' => 'object',
'properties' => [
'SuggestRule' => ['description' => 'The content of the protection suggestion rule, which is a string converted from a JSON object constructed with a series of parameters. The parameters include:'."\n"
.'- **event_tags**: the event type.'."\n"
.'- **black_iplist**: the IP blacklist.'."\n"
.'- **ip_baseline**: the IP list.'."\n"
.'- **freq_baseline**: the throttling frequency information.'."\n"
.'- **client_id_baseline**: the client information.'."\n"
.'- **country_baseline**: the country information.'."\n"
.'- **province_baseline**: the region information.'."\n"
.'- **sensitive_type**: the sensitive information type.', 'type' => 'string', 'example' => '{'."\n"
.' "rule": "ClientRule",'."\n"
.' "client_id_baseline": ["Edge"]'."\n"
.'}', 'title' => ''],
'MatchedHost' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'example' => 'a.aliyun.com', 'title' => ''],
'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/apisec/v1/saveinfo', 'title' => ''],
'SuggestType' => ['description' => 'The type of the protection suggestion. Valid values: '."\n"
.'- **BotRule**: bot rule.'."\n"
.'- **BlackIPRule**: IP blacklist rule.'."\n"
.'- **WhiteIPRule**: IP whitelist rule.'."\n"
.'- **RateLimitRule**: throttling rule.'."\n"
.'- **ClientRule**: client rule.'."\n"
.'- **GeoRule**: geo-blocking rule.'."\n"
.'- **SensitiveRule**: sensitive information rule.'."\n"
.'- **UnauthRule**: authentication rule.', 'type' => 'string', 'example' => 'WhiteIPRule', 'title' => ''],
'SuggestId' => ['description' => 'The ID of the protection suggestion.', 'type' => 'string', 'example' => '15060a1f8fed40130b7c4a7bf8d8733b', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query protection suggestions for API assets',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSuggestions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SuggestRule\\": \\"{\\\\n \\\\\\"rule\\\\\\": \\\\\\"ClientRule\\\\\\",\\\\n \\\\\\"client_id_baseline\\\\\\": [\\\\\\"Edge\\\\\\"]\\\\n}\\",\\n \\"MatchedHost\\": \\"a.aliyun.com\\",\\n \\"ApiFormat\\": \\"/apisec/v1/saveinfo\\",\\n \\"SuggestType\\": \\"WhiteIPRule\\",\\n \\"SuggestId\\": \\"15060a1f8fed40130b7c4a7bf8d8733b\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeApisecUserOperations' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '169805',
'abilityTreeNodes' => ['FEATUREwafWE25G7'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo36ksck1e', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of the operation record. Valid values:'."\n"
."\n"
.'- **abnormal**: threat detection.'."\n"
."\n"
.'- **event**: security event.', 'type' => 'string', 'default' => 'abnormal', 'required' => false, 'example' => 'event', 'title' => ''],
],
[
'name' => 'ObjectId',
'in' => 'query',
'schema' => ['description' => 'The ID of the threat detection or security event for which you want to query operation records.', 'type' => 'string', 'required' => true, 'example' => 'fe8723e92e2037245014ab62161bbec8', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Hybrid Cloud WAF cluster.'."\n"
."\n"
.'> This parameter is required only when WAF is deployed in hybrid cloud mode. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the IDs of Hybrid Cloud WAF clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2ax2y5****pi', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response body.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The ID of the request.', 'type' => 'string', 'example' => 'C9825654-327B-5156-A570-847054B4CF10'],
'Data' => [
'description' => 'The user operation records for API security.',
'type' => 'array',
'items' => [
'description' => 'The details of the operation record.',
'type' => 'object',
'properties' => [
'Type' => ['description' => 'The type of the operation record. Valid values:'."\n"
."\n"
.'- **abnormal**: threat detection.'."\n"
."\n"
.'- **event**: security event.', 'type' => 'string', 'example' => 'abnormal', 'title' => ''],
'ToStatus' => ['description' => 'The status of the threat detection or security event after the operation was performed.'."\n"
."\n"
.'Valid values for threat detection:'."\n"
."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
."\n"
.'- **confirmed**: confirmed.'."\n"
."\n"
.'- **toBeFixed**: to be fixed.'."\n"
."\n"
.'- **fixed**: fixed.'."\n"
."\n"
.'- **ignored**: ignored.'."\n"
."\n"
.'Valid values for a security event:'."\n"
."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
."\n"
.'- **confirmed**: confirmed.'."\n"
."\n"
.'- **ignored**: ignored.', 'type' => 'string', 'example' => 'Confirmed', 'title' => ''],
'ObjectId' => ['description' => 'The ID of the threat detection or security event associated with the operation record.', 'type' => 'string', 'example' => '24d997acc48a67a01e09b9c5ad861287', 'title' => ''],
'FromStatus' => ['description' => 'The status of the threat detection or security event before the operation was performed.'."\n"
."\n"
.'Valid values for threat detection:'."\n"
."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
."\n"
.'- **confirmed**: confirmed.'."\n"
."\n"
.'- **toBeFixed**: to be fixed.'."\n"
."\n"
.'- **fixed**: fixed.'."\n"
."\n"
.'- **ignored**: ignored.'."\n"
."\n"
.'Valid values for a security event:'."\n"
."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
."\n"
.'- **confirmed**: confirmed.'."\n"
."\n"
.'- **ignored**: ignored.', 'type' => 'string', 'example' => 'ignored', 'title' => ''],
'UserId' => ['description' => 'The ID of the user who performed the operation.', 'type' => 'string', 'example' => '1610954****', 'title' => ''],
'Note' => ['description' => 'The remarks that the user added to the operation record.', 'type' => 'string', 'example' => 'Procesed', 'title' => ''],
'Time' => ['description' => 'The time when the operation was performed. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1685072214', 'title' => ''],
'OperationSource' => ['description' => 'The source of the operation. Valid values:'."\n"
."\n"
.'- **system**: the operation was automatically performed by the system.'."\n"
."\n"
.'- **custom**: the operation was manually performed by a user.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeApisecUserOperations',
'summary' => 'Queries user operation records for API security of Web Application Firewall (WAF).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecUserOperations'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecUserOperations',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C9825654-327B-5156-A570-847054B4CF10\\",\\n \\"Data\\": [\\n {\\n \\"Type\\": \\"abnormal\\",\\n \\"ToStatus\\": \\"Confirmed\\",\\n \\"ObjectId\\": \\"24d997acc48a67a01e09b9c5ad861287\\",\\n \\"FromStatus\\": \\"ignored\\",\\n \\"UserId\\": \\"1610954****\\",\\n \\"Note\\": \\"Procesed\\",\\n \\"Time\\": 1685072214,\\n \\"OperationSource\\": \\"custom\\"\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeBaseRuleChangeLog' => [
'summary' => 'Queries protection rule change logs on a paginated basis.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226805',
'abilityTreeNodes' => ['FEATUREwaf1LM6V0'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Pages start from page 1. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'Lang',
'in' => 'query',
'schema' => ['description' => 'The language of the rule names in the response. Valid values:'."\n"
."\n"
.'- **zh**: Chinese.'."\n"
."\n"
.'- **en**: English.', 'type' => 'string', 'required' => false, 'example' => 'zh', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6FBF08CB-8691-5B65-BBF8-***'."\n", 'title' => ''],
'Rules' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'RuleId' => ['description' => 'The rule ID.', 'type' => 'integer', 'format' => 'int64', 'example' => '42755', 'title' => ''],
'UpdateTime' => ['description' => 'The time when the rule was updated, in UNIX timestamp format. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665460629000', 'title' => ''],
'RuleName' => ['description' => 'The rule name.', 'type' => 'string', 'example' => 'Header XSS Scanner Behavior', 'title' => ''],
'Operation' => ['description' => 'The type of change. Valid values:'."\n"
."\n"
.'- **add**: The rule was added.'."\n"
."\n"
.'- **modify**: The rule was modified.', 'type' => 'string', 'example' => 'add', 'title' => ''],
'CveId' => ['description' => 'The CVE ID of the vulnerability associated with the system rule.', 'type' => 'string', 'example' => 'CVE-2021-34538', 'title' => ''],
],
'description' => 'A rule change record.',
'title' => '',
'example' => '',
],
'description' => 'The list of rule change records.',
'title' => '',
'example' => '',
],
'TotalCount' => ['description' => 'The total number of rule change records.', 'type' => 'integer', 'format' => 'int64', 'example' => '63', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeBaseRuleChangeLog',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeBaseRuleChangeLog',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6FBF08CB-8691-5B65-BBF8-***\\\\n\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 42755,\\n \\"UpdateTime\\": 1665460629000,\\n \\"RuleName\\": \\"Header XSS Scanner Behavior\\",\\n \\"Operation\\": \\"add\\",\\n \\"CveId\\": \\"CVE-2021-34538\\"\\n }\\n ],\\n \\"TotalCount\\": 63\\n}","type":"json"}]',
],
'DescribeBaseSystemRules' => [
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '245621',
'abilityTreeNodes' => ['FEATUREwaf1LM6V0', 'FEATUREwafOVI09M', 'FEATUREwafF105ZO'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: 100.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '100', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the system protection rule to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '113089', 'title' => ''],
],
[
'name' => 'RuleStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the system protection rule. Valid values:'."\n"
."\n"
.'- **1**: disabled.'."\n"
."\n"
.'- **0**: enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'RuleAction',
'in' => 'query',
'schema' => ['description' => 'The action of the system protection rule. Valid values:'."\n"
."\n"
.'- **block**: Block.'."\n"
."\n"
.'- **monitor**: Monitor.', 'type' => 'string', 'required' => false, 'example' => 'block', 'title' => ''],
],
[
'name' => 'Lang',
'in' => 'query',
'schema' => ['description' => 'The language of the response. Valid values:'."\n"
."\n"
.'- **zh** (default): Chinese.'."\n"
."\n"
.'- **en**: English.', 'type' => 'string', 'required' => false, 'example' => 'zh', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'DetectType',
'in' => 'query',
'schema' => ['description' => 'The type of attack that the system protection rule detects. Valid values:'."\n"
."\n"
.'- **sqli**: SQL injection.'."\n"
."\n"
.'- **xss**: cross-site scripting (XSS).'."\n"
."\n"
.'- **cmdi**: OS command injection.'."\n"
."\n"
.'- **expression\\_injection**: expression injection.'."\n"
."\n"
.'- **java\\_deserialization**: Java deserialization.'."\n"
."\n"
.'- **dot\\_net\\_deserialization**: .NET deserialization.'."\n"
."\n"
.'- **php\\_deserialization**: PHP deserialization.'."\n"
."\n"
.'- **code\\_exec**: code execution.'."\n"
."\n"
.'- **ssrf**: server-side request forgery (SSRF).'."\n"
."\n"
.'- **path\\_traversal**: path traversal.'."\n"
."\n"
.'- **arbitrary\\_file\\_uploading**: arbitrary file upload.'."\n"
."\n"
.'- **webshell**: webshell.'."\n"
."\n"
.'- **rfilei**: remote file inclusion (RFI).'."\n"
."\n"
.'- **lfilei**: local file inclusion (LFI).'."\n"
."\n"
.'- **protocol\\_violation**: protocol violation.'."\n"
."\n"
.'- **scanner\\_behavior**: scanner behavior.'."\n"
."\n"
.'- **logic\\_flaw**: logic flaw.'."\n"
."\n"
.'- **arbitrary\\_file\\_reading**: arbitrary file read.'."\n"
."\n"
.'- **arbitrary\\_file\\_download**: arbitrary file download.'."\n"
."\n"
.'- **xxe**: external entity injection.'."\n"
."\n"
.'- **csrf**: cross-site request forgery (CSRF).'."\n"
."\n"
.'- **crlf**: CRLF injection.'."\n"
."\n"
.'- **other**: other.', 'type' => 'string', 'required' => false, 'example' => 'sqli', 'title' => ''],
],
[
'name' => 'RiskLevel',
'in' => 'query',
'schema' => ['description' => 'The risk level of the system protection rule. Valid values:'."\n"
."\n"
.'- **super\\_strict**: Very Strict.'."\n"
."\n"
.'- **strict**: Strict.'."\n"
."\n"
.'- **medium**: Medium.'."\n"
."\n"
.'- **loose**: Loose.', 'type' => 'string', 'required' => false, 'example' => 'loose', 'title' => ''],
],
[
'name' => 'RuleName',
'in' => 'query',
'schema' => ['description' => 'The name of the system protection rule.', 'type' => 'string', 'required' => false, 'example' => 'systemRuleTest', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.'."\n"
."\n"
.'> - Specify this parameter to query the system protection rules in a specific WAF protection template.'."\n"
.'>'."\n"
.'> - If you leave this parameter empty, the default configurations of the system protection rules are queried.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '24354', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RuleIds',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['type' => 'integer', 'format' => 'int64', 'description' => '', 'required' => false, 'example' => '113090', 'title' => ''],
'description' => '',
'required' => false,
'title' => '',
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '80736FA5-FA87-55F6-AA69-C5477C6FE6D0', 'title' => ''],
'Rules' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'RuleId' => ['description' => 'The ID of the system protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '113089', 'title' => ''],
'UpdateTime' => ['description' => 'The time when the system protection rule was last updated. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665460629000', 'title' => ''],
'RuleName' => ['description' => 'The name of the system protection rule.', 'type' => 'string', 'example' => 'systemRuleTest', 'title' => ''],
'RuleStatus' => ['description' => 'The status of the system protection rule. Valid values:'."\n"
."\n"
.'- **1**: disabled.'."\n"
."\n"
.'- **0**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'Description' => ['description' => 'The description of the system protection rule.', 'type' => 'string', 'example' => 'rule description', 'title' => ''],
'RuleAction' => ['description' => 'The action of the system protection rule. Valid values:'."\n"
."\n"
.'- **block**: Block.'."\n"
."\n"
.'- **monitor**: Monitor.', 'type' => 'string', 'example' => 'block', 'title' => ''],
'CveId' => ['description' => 'The CVE ID of the vulnerability that is associated with the system protection rule.', 'type' => 'string', 'example' => 'CVE-2021-34538', 'title' => ''],
'RiskLevel' => ['description' => 'The risk level of the system protection rule. Valid values:'."\n"
."\n"
.'- **super\\_strict**: Very Strict.'."\n"
."\n"
.'- **strict**: Strict.'."\n"
."\n"
.'- **medium**: Medium.'."\n"
."\n"
.'- **loose**: Loose.', 'type' => 'string', 'example' => 'super_strict', 'title' => ''],
'DetectType' => ['description' => 'The type of attack that the system protection rule detects. Valid values:'."\n"
."\n"
.'- **sqli**: SQL injection.'."\n"
."\n"
.'- **xss**: cross-site scripting (XSS).'."\n"
."\n"
.'- **cmdi**: OS command injection.'."\n"
."\n"
.'- **expression\\_injection**: expression injection.'."\n"
."\n"
.'- **java\\_deserialization**: Java deserialization.'."\n"
."\n"
.'- **dot\\_net\\_deserialization**: .NET deserialization.'."\n"
."\n"
.'- **php\\_deserialization**: PHP deserialization.'."\n"
."\n"
.'- **code\\_exec**: code execution.'."\n"
."\n"
.'- **ssrf**: server-side request forgery (SSRF).'."\n"
."\n"
.'- **path\\_traversal**: path traversal.'."\n"
."\n"
.'- **arbitrary\\_file\\_uploading**: arbitrary file upload.'."\n"
."\n"
.'- **webshell**: webshell.'."\n"
."\n"
.'- **rfilei**: remote file inclusion (RFI).'."\n"
."\n"
.'- **lfilei**: local file inclusion (LFI).'."\n"
."\n"
.'- **protocol\\_violation**: protocol violation.'."\n"
."\n"
.'- **scanner\\_behavior**: scanner behavior.'."\n"
."\n"
.'- **logic\\_flaw**: logic flaw.'."\n"
."\n"
.'- **arbitrary\\_file\\_reading**: arbitrary file read.'."\n"
."\n"
.'- **arbitrary\\_file\\_download**: arbitrary file download.'."\n"
."\n"
.'- **xxe**: external entity injection.'."\n"
."\n"
.'- **csrf**: cross-site request forgery (CSRF).'."\n"
."\n"
.'- **crlf**: CRLF injection.'."\n"
."\n"
.'- **other**: other.', 'type' => 'string', 'example' => 'sqli', 'title' => ''],
],
'description' => 'The system protection rule.',
'title' => '',
'example' => '',
],
'description' => 'The list of system protection rules.',
'title' => '',
'example' => '',
],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''],
],
'description' => 'The response parameters.',
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeBaseSystemRules',
'summary' => 'Queries the system rules for Web Application Firewall (WAF) protection.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeBaseSystemRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"80736FA5-FA87-55F6-AA69-C5477C6FE6D0\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 113089,\\n \\"UpdateTime\\": 1665460629000,\\n \\"RuleName\\": \\"systemRuleTest\\",\\n \\"RuleStatus\\": 1,\\n \\"Description\\": \\"rule description\\",\\n \\"RuleAction\\": \\"block\\",\\n \\"CveId\\": \\"CVE-2021-34538\\",\\n \\"RiskLevel\\": \\"super_strict\\",\\n \\"DetectType\\": \\"sqli\\"\\n }\\n ],\\n \\"TotalCount\\": 2\\n}","type":"json"}]',
],
'DescribeBotAppKey' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVZXFDE'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5v23u******', 'title' => ''],
],
[
'name' => 'KeyVersion',
'in' => 'query',
'schema' => ['description' => 'The version of the AppKey. Set the value to 1.', 'type' => 'string', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2uo27badl***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0C4ADFD4-5B7D-591D-A607-A45C*****', 'title' => ''],
'AppKey' => ['description' => 'The AppKey for bot management.', 'type' => 'string', 'example' => 'N1Kiv3AGZm******', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeBotAppKey',
'summary' => 'Queries the AppKey for bot management.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeBotAppKey',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0C4ADFD4-5B7D-591D-A607-A45C*****\\",\\n \\"AppKey\\": \\"N1Kiv3AGZm******\\"\\n}","type":"json"}]',
],
'DescribeBotRuleLabels' => [
'summary' => 'Queries the labels of bot management rules.',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106302',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-53y4******', 'title' => ''],
],
[
'name' => 'SubScene',
'in' => 'query',
'schema' => [
'description' => 'The type of bot management scenario. Valid values:'."\n"
."\n"
.'- **web**: web protection.'."\n"
."\n"
.'- **app**: app protection.',
'type' => 'string',
'required' => false,
'enum' => ['web', 'app'],
'example' => 'app',
'title' => '',
],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'LabelType',
'in' => 'query',
'schema' => ['description' => 'The type of bot rule label to query.', 'type' => 'string', 'required' => false, 'example' => 'human_machine_challenge', 'title' => ''],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The token to retrieve the next page of results. This parameter is returned if a next page exists.'."\n"
."\n"
.'> If a value is returned for this parameter, it indicates that more results are available. Use the returned **NextToken** value in the next request to retrieve the next page of results. Repeat this process until no value is returned for this parameter. This indicates that all results have been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Valid values: 1 to 200. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '200', 'minimum' => '0', 'exclusiveMinimum' => true, 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
'RuleLabels' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'LabelKey' => ['description' => 'The key of the bot management rule label.', 'type' => 'string', 'example' => 'malicious_crawler_python', 'title' => ''],
'SubScene' => ['description' => 'The bot management scenarios to which the rule belongs. Multiple scenarios are separated by commas (,). Valid values:'."\n"
."\n"
.'- **web**: web protection.'."\n"
."\n"
.'- **app**: app protection.', 'type' => 'string', 'example' => 'Web,app', 'title' => ''],
'BotBehavior' => ['description' => 'The bot behavior that corresponds to the rule label. Valid values:'."\n"
."\n"
.'- **malicious**: malicious bot.'."\n"
."\n"
.'- **suspicious**: suspected bot.'."\n"
."\n"
.'- **normal**: normal bot.', 'type' => 'string', 'example' => 'malicious', 'title' => ''],
'LabelType' => ['description' => 'The type of the bot rule label.', 'type' => 'string', 'example' => 'human_machine_challenge', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
'description' => 'The list of bot management rule labels.',
'title' => '',
'example' => '',
],
'NextToken' => ['description' => 'The token to retrieve the next page of results. This parameter is returned if a next page exists.'."\n"
."\n"
.'> If a value is returned for this parameter, it indicates that more results are available. Use the returned **NextToken** value in the next request to retrieve the next page of results. Repeat this process until no value is returned for this parameter. This indicates that all results have been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
'MaxResults' => ['description' => 'The maximum number of entries returned per page. Valid values: 1 to 200. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '8', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [],
'title' => 'DescribeBotRuleLabels',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeBotRuleLabels',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"RuleLabels\\": [\\n {\\n \\"LabelKey\\": \\"malicious_crawler_python\\",\\n \\"SubScene\\": \\"Web,app\\",\\n \\"BotBehavior\\": \\"malicious\\",\\n \\"LabelType\\": \\"human_machine_challenge\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20,\\n \\"TotalCount\\": 8\\n}","type":"json"}]',
],
'DescribeCertDetail' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '167806',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-uax****3k0e', 'title' => ''],
],
[
'name' => 'CertIdentifier',
'in' => 'query',
'schema' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '3C115DBE-8E53-5A12-9CAF-FD3F****CDF6', 'title' => ''],
'CertDetail' => [
'description' => 'The SSL certificate details.',
'type' => 'object',
'properties' => [
'Domain' => ['description' => 'The domain name associated with the certificate.', 'type' => 'string', 'example' => 'demo.xxxaliyun.com', 'title' => ''],
'CertName' => ['description' => 'The certificate name.', 'type' => 'string', 'example' => 'testCertName', 'title' => ''],
'CertIdentifier' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'CommonName' => ['description' => 'The common name of the certificate.', 'type' => 'string', 'example' => '*.xxxaliyun.com'."\n", 'title' => ''],
'AfterDate' => ['description' => 'The expiration date of the CA certificate. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256736582', 'title' => ''],
'BeforeDate' => ['description' => 'The issuance time of the certificate. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256736582', 'title' => ''],
'Sans' => [
'description' => 'The list of other domain names associated with the certificate.',
'type' => 'array',
'items' => ['description' => 'The other domain name associated with the certificate.', 'type' => 'string', 'example' => 'demo.yyyaliyun.com', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.InvalidCertIdentifier', 'errorMessage' => 'Invalid certificate ID, certificate ID:%s.', 'description' => 'Invalid certificate ID, certificate ID:%s.'],
],
],
'title' => 'Query certificate details',
'summary' => 'Queries the details of a certificate, such as the certificate name, expiration time, issuance time, and associated domain name.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertDetail'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCertDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3C115DBE-8E53-5A12-9CAF-FD3F****CDF6\\",\\n \\"CertDetail\\": {\\n \\"Domain\\": \\"demo.xxxaliyun.com\\",\\n \\"CertName\\": \\"testCertName\\",\\n \\"CertIdentifier\\": \\"123-cn-hangzhou\\",\\n \\"CommonName\\": \\"*.xxxaliyun.com\\\\n\\",\\n \\"AfterDate\\": 1976256736582,\\n \\"BeforeDate\\": 1976256736582,\\n \\"Sans\\": [\\n \\"demo.yyyaliyun.com\\"\\n ]\\n }\\n}","type":"json"}]',
],
'DescribeCerts' => [
'summary' => 'Retrieves the list of certificates for a user.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'example.aliyun.com'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**. Maximum value: 100.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '1000', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5yd****tb02', 'title' => ''],
],
[
'name' => 'Algorithm',
'in' => 'query',
'schema' => ['description' => 'The type of the encryption algorithm. Valid values:'."\n"
."\n"
.'- **NotSM2 (default)**: Specifies a non-ShangMi (SM) cryptographic algorithm.'."\n"
."\n"
.'- **SM2**: Specifies an SM cryptographic algorithm.', 'type' => 'string', 'required' => false, 'example' => 'SM2', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmoiy****p2oq', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '19511B0D-5AE0-5600-BB8A-DC2C8345****', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '8', 'title' => ''],
'Certs' => [
'description' => 'The list of certificates.',
'type' => 'array',
'items' => [
'description' => 'Information about the certificate.',
'type' => 'object',
'properties' => [
'Domain' => ['description' => 'The domain name for which the certificate is issued.', 'type' => 'string', 'example' => 'www.example.com '."\n", 'title' => ''],
'CertName' => ['description' => 'The name of the certificate.', 'type' => 'string', 'example' => 'waf1234', 'title' => ''],
'CertIdentifier' => ['description' => 'The globally unique ID of the certificate. The value follows a "\\-cn-hangzhou" format. For example, if the ID of the certificate is 123, the value of CertIdentifier is 123-cn-hangzhou.', 'type' => 'string', 'example' => '12345-cn-hangzhou', 'title' => ''],
'CommonName' => ['description' => 'The common name.', 'type' => 'string', 'example' => '*.example.com ', 'title' => ''],
'IsChainCompleted' => ['description' => 'Indicates whether the certificate chain is complete. Valid values:'."\n"
."\n"
.'- **true**: The certificate chain is complete.'."\n"
."\n"
.'- **false**: The certificate chain is incomplete.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'AfterDate' => ['description' => 'The time when the certificate expires.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256736582', 'title' => ''],
'BeforeDate' => ['description' => 'The time when the certificate takes effect.', 'type' => 'integer', 'format' => 'int64', 'example' => '1976256836582', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeCerts',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCerts'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCerts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"19511B0D-5AE0-5600-BB8A-DC2C8345****\\",\\n \\"TotalCount\\": 8,\\n \\"Certs\\": [\\n {\\n \\"Domain\\": \\"www.example.com\\\\t\\\\n\\",\\n \\"CertName\\": \\"waf1234\\",\\n \\"CertIdentifier\\": \\"12345-cn-hangzhou\\",\\n \\"CommonName\\": \\"*.example.com\\\\t\\",\\n \\"IsChainCompleted\\": true,\\n \\"AfterDate\\": 1976256736582,\\n \\"BeforeDate\\": 1976256836582\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeChargeModule' => [
'summary' => 'Retrieves the billing module information of Web Application Firewall (WAF).',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '255326',
'abilityTreeNodes' => ['FEATUREwafA15E7F'],
'tenantRelevance' => 'publicInformation',
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'PayType',
'in' => 'query',
'schema' => ['description' => 'The billing method of the instance. Valid values:'."\n"
."\n"
.'- **POSTPAY**: a pay-as-you-go WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'POSTPAY', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'ChargeModules' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'ModuleCode' => ['description' => 'The code of the billing module. Valid values:'."\n"
."\n"
.'- **domainCount**: the number of domain names added to WAF in CNAME record mode.'."\n"
."\n"
.'- **qps**: the peak queries per second (QPS).'."\n"
."\n"
.'- **request**: the basic traffic fee.'."\n"
."\n"
.'- **ipBlacklistRuleCount**: the number of IP blacklist rules.'."\n"
."\n"
.'- **customAclBaseRuleCount**: the number of basic rules in custom protection rules.'."\n"
."\n"
.'- **customAclAdvanceRuleCount**: the number of advanced rules in custom protection rules.'."\n"
."\n"
.'- **antiScanRuleCount**: the number of scan protection rules.'."\n"
."\n"
.'- **customResponseRuleCount**: the number of custom response rules.'."\n"
."\n"
.'- **ipv6**: IPv6 protection.'."\n"
."\n"
.'- **gslb**: intelligent load balancing.'."\n"
."\n"
.'- **exclusiveIpCount**: the number of exclusive IP addresses.'."\n"
."\n"
.'- **ccRuleCount**: the number of HTTP flood protection rules.'."\n"
."\n"
.'- **regionBlockRuleCount**: the number of rules in the region blacklist.'."\n"
."\n"
.'- **tamperproofRuleCount**: the number of web tamper-proofing rules.'."\n"
."\n"
.'- **dlpRuleCount**: the number of data leakage prevention rules.'."\n"
."\n"
.'- **botTraffic**: the traffic fee for bot management.'."\n"
."\n"
.'- **aiWhiteListTemplateCount**: the number of intelligent whitelist templates.'."\n"
."\n"
.'- **apisecResourceCount**: the number of protected objects for which API security is enabled.'."\n"
."\n"
.'- **apisecTraffic**: the traffic fee for API security.'."\n"
."\n"
.'- **compliance**: the number of protocol compliance templates.'."\n"
."\n"
.'- **riskTraffic**: the number of times that risk identification in bot management is matched.'."\n"
."\n"
.'- **assetStatus**: asset center.'."\n"
."\n"
.'- **nonPort**: custom ports protection.'."\n"
."\n"
.'- **customAclCaptcha**: the number of times that sliders are used for custom protection rules.'."\n"
."\n"
.'- **wafBaseTemplateCount**: the number of core web protection rules.'."\n"
."\n"
.'- **instanceFee**: the WAF instance fee.'."\n"
."\n"
.'- **spikeThrottleRuleCount**: the number of peak traffic throttling rules.'."\n"
."\n"
.'- **botWebTemplateCount**: the number of web protection templates in bot management.'."\n"
."\n"
.'- **botAppTemplateCount**: the number of app protection templates in bot management.'."\n"
."\n"
.'- **customAclBotRuleCount**: the number of advanced custom rules in bot management.', 'type' => 'string', 'example' => 'domainCount', 'title' => ''],
'PeriodType' => ['description' => 'The billing cycle of the billing module. Valid values:'."\n"
."\n"
.'- **Hour**: hourly billing.', 'type' => 'string', 'title' => '', 'example' => 'Hour'],
'UsageType' => ['description' => 'The usage type of the billing module. Valid values:'."\n"
."\n"
.'- **template**: template.'."\n"
."\n"
.'- **qps**: QPS.'."\n"
."\n"
.'- **domain**: domain name.'."\n"
."\n"
.'- **rule**: rule.'."\n"
."\n"
.'- **ip**: IP address.'."\n"
."\n"
.'- **resource**: protected object.'."\n"
."\n"
.'- **request**: request.'."\n"
."\n"
.'- **function**: feature enablement.'."\n"
."\n"
.'- **time**: number of times.', 'type' => 'string', 'example' => 'domain', 'title' => ''],
'UsageUnitFactor' => ['description' => 'The billing unit coefficient of the billing module.'."\n"
."\n"
.'> The usage unit for the module is determined by multiplying the **UsageUnitFactor** by the **UsageType**.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '1'],
'ChargeMode' => ['description' => 'The pricing model of the billing module. Valid values:'."\n"
."\n"
.'- **NORMAL\\_PRICE**: tiered pricing.'."\n"
."\n"
.'- **STEP\\_ACCUMULATION**: tiered pricing.', 'type' => 'string', 'example' => 'NORMAL_PRICE', 'title' => ''],
'ChargeModeDetails' => [
'type' => 'array',
'items' => ['description' => 'The detailed pricing information for the billing module. The information is a string converted from a JSON object.'."\n"
."\n"
.'> If **ChargeMode** is set to **NORMAL\\_PRICE**, the JSON object contains only the number of CUs for the billing module.'."\n"
.'>'."\n"
.'> - When the **ChargeMode** pricing model is **STEP\\_ACCUMULATION**, the `range` field in the JSON represents the tiered pricing information.', 'type' => 'string', 'example' => '{'."\n"
.'"cu": 5.0,'."\n"
.'"range": {'."\n"
.'"type": "lcrc", '."\n"
.' "min": "2",'."\n"
.' "max": "10"'."\n"
.' }'."\n"
.'}', 'title' => ''],
'title' => '',
'description' => 'The detailed pricing information for the billing module.',
'example' => '',
],
],
'description' => 'The information about a billing module for WAF.',
'title' => '',
'example' => '',
],
'description' => 'A list of billing modules for WAF.',
'title' => '',
'example' => '',
],
],
'description' => 'The result of the request.',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeChargeModule',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeChargeModule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"ChargeModules\\": [\\n {\\n \\"ModuleCode\\": \\"domainCount\\",\\n \\"PeriodType\\": \\"Hour\\",\\n \\"UsageType\\": \\"domain\\",\\n \\"UsageUnitFactor\\": 1,\\n \\"ChargeMode\\": \\"NORMAL_PRICE\\",\\n \\"ChargeModeDetails\\": [\\n \\"{\\\\n\\\\\\"cu\\\\\\": 5.0,\\\\n\\\\\\"range\\\\\\": {\\\\n\\\\\\"type\\\\\\": \\\\\\"lcrc\\\\\\", \\\\n \\\\\\"min\\\\\\": \\\\\\"2\\\\\\",\\\\n \\\\\\"max\\\\\\": \\\\\\"10\\\\\\"\\\\n }\\\\n}\\"\\n ]\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeChargeResult' => [
'summary' => 'Queries the billing results for Web Application Firewall (WAF).',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '255326',
'abilityTreeNodes' => ['FEATUREwafA15E7F'],
'tenantRelevance' => 'publicInformation',
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'PayType',
'in' => 'query',
'schema' => ['description' => 'The billing method of the WAF instance. Valid value:'."\n"
."\n"
.'- **POSTPAY**: pay-as-you-go.', 'type' => 'string', 'required' => true, 'example' => 'POSTPAY', 'title' => ''],
],
[
'name' => 'ChargeCycle',
'in' => 'query',
'schema' => ['description' => 'The billing cycle for the WAF instance. Valid values:'."\n"
."\n"
.'- **Year**: yearly billing cycle.'."\n"
."\n"
.'- **Month**: monthly billing cycle.'."\n"
."\n"
.'- **Day**: daily billing cycle.', 'type' => 'string', 'example' => 'Day', 'default' => 'Day', 'title' => '', 'required' => false],
],
[
'name' => 'ChargeModules',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'ModuleCode' => ['description' => 'The ID of the billing module.', 'type' => 'string', 'example' => 'domainCount', 'title' => '', 'required' => false],
'Usage' => ['description' => 'The usage amount of the billing module.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => '', 'required' => false],
],
'description' => 'A billing module to calculate.',
'required' => false,
'title' => '',
'example' => '',
],
'required' => true,
'title' => '',
'description' => 'The billing modules to calculate.',
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'TotalSeCu' => ['description' => 'The total number of calculated Security Capacity Units (SeCUs).', 'type' => 'number', 'format' => 'double', 'example' => '1080', 'title' => ''],
'ModuleDetails' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'ModuleCode' => ['description' => 'The ID of the billing module.', 'type' => 'string', 'example' => 'domainCount', 'title' => ''],
'SeCu' => ['description' => 'The number of SeCUs for the billing module.', 'type' => 'number', 'format' => 'double', 'example' => '1080', 'title' => ''],
],
'title' => '',
'description' => 'The calculation result for a billing module.',
'example' => '',
],
'title' => '',
'description' => 'The billing calculation results for each module.',
'example' => '',
],
],
'description' => 'The response data.',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeChargeResult',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeChargeResult',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"TotalSeCu\\": 1080,\\n \\"ModuleDetails\\": [\\n {\\n \\"ModuleCode\\": \\"domainCount\\",\\n \\"SeCu\\": 1080\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeCloudResourceAccessPortDetails' => [
'summary' => 'Retrieves port details of cloud service instances onboarded to Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226583',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource instance.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'lb-2zeugkfj81jvo****4tqm'],
],
[
'name' => 'Port',
'in' => 'query',
'schema' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => '443', 'title' => ''],
],
[
'name' => 'Protocol',
'in' => 'query',
'schema' => [
'description' => 'The protocol. Valid values:'."\n"
."\n"
.'- **http**: HTTP.'."\n"
."\n"
.'- **https**: HTTPS.',
'type' => 'string',
'enum' => ['http', 'https'],
'required' => false,
'example' => 'https',
'title' => '',
],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => ['description' => 'The type of the cloud service. Valid values:'."\n"
."\n"
.'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **ecs**: Elastic Compute Service (ECS).'."\n"
."\n"
.'- **nlb**: Network Load Balancer (NLB).', 'type' => 'string', 'required' => false, 'example' => 'clb7', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => ''],
'AccessPortDetails' => [
'description' => 'The details of the ports for the cloud service instance that is added to WAF.',
'type' => 'array',
'items' => [
'description' => 'The details of the ports for the cloud service instance that is added to WAF.',
'type' => 'object',
'properties' => [
'Protocol' => ['description' => 'The protocol. Valid values:'."\n"
."\n"
.'- **http**: HTTP.'."\n"
."\n"
.'- **https**: HTTPS.', 'type' => 'string', 'example' => 'https', 'title' => ''],
'Port' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''],
'Certificates' => [
'description' => 'The list of certificates for the port of the cloud service instance.',
'type' => 'array',
'items' => [
'description' => 'The information about the certificate for the port of the cloud service instance.',
'type' => 'object',
'properties' => [
'CertificateName' => ['description' => 'The name of the certificate.', 'type' => 'string', 'example' => 'cert-name1', 'title' => ''],
'CertificateId' => ['description' => 'The ID of the added certificate.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'AppliedType' => ['description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n"
."\n"
.'- **default**: the default certificate.'."\n"
."\n"
.'- **extension**: the additional certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'XffHeaderMode' => ['description' => 'The mode that WAF uses to obtain the real IP address of a client. Valid values:'."\n"
."\n"
.'- **0**: WAF is the first Layer 7 proxy before client traffic is forwarded to the origin server.'."\n"
."\n"
.'- **1**: WAF reads the first IP address from the X-Forwarded-For (XFF) header as the client IP address.'."\n"
."\n"
.'- **2**: WAF reads the value of a custom header as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'XffHeaders' => [
'description' => 'The custom header fields that are used to obtain the client IP address. The value is a string in the `["header1","header2",...]` format.'."\n"
."\n"
.'> This parameter is returned only when **XffHeaderMode** is set to 2.',
'type' => 'array',
'items' => ['description' => 'The custom header fields that are used to obtain the client IP address. The value is a string in the `["header1","header2",...]` format.'."\n"
."\n"
.'> This parameter is returned only when **XffHeaderMode** is set to 2.', 'type' => 'string', 'example' => 'header1', 'title' => ''],
'title' => '',
'example' => '',
],
'LogHeaders' => [
'description' => 'The key-value pair that is used to tag the traffic that is processed by WAF.'."\n"
."\n"
.'> This parameter is returned only when the traffic tagging feature is enabled for the domain name.',
'type' => 'array',
'items' => [
'description' => 'The key-value pair that is used to tag the traffic that is processed by WAF.'."\n"
."\n"
.'> This parameter is returned only when the traffic tagging feature is enabled for the domain name.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'example' => 'key1', 'title' => ''],
'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'example' => 'value1', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'Status' => ['description' => 'The status of the domain name. Valid values:'."\n"
."\n"
.'- **1**: The port is in the Normal state.'."\n"
."\n"
.'- **2**: The port is being created.'."\n"
."\n"
.'- **3**: The port is being modified.'."\n"
."\n"
.'- **4**: The port is being released.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'TLSVersion' => ['description' => 'The version of the Transport Layer Security (TLS) protocol. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1', 'title' => ''],
'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'CipherSuite' => ['description' => 'The type of the cipher suite. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites.'."\n"
."\n"
.'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'CustomCiphers' => [
'description' => 'The custom cipher suites. This parameter is returned only when **CipherSuite** is set to **99**.',
'type' => 'array',
'items' => ['description' => 'The custom cipher suite.', 'type' => 'string', 'example' => 'ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384', 'title' => ''],
'title' => '',
'example' => '',
],
'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds. Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds. Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'Keepalive' => ['description' => 'Indicates whether to enable persistent connections. Valid values:'."\n"
."\n"
.'- **true**: Enables persistent connections. This is the default value.'."\n"
."\n"
.'- **false**: Disables persistent connections.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'KeepaliveRequests' => ['description' => 'The number of requests that can be reused in a persistent connection. Valid values: 60 to 1000.'."\n"
."\n"
.'> This parameter specifies the number of requests that can be reused after a persistent connection is established.', 'type' => 'integer', 'format' => 'int32', 'example' => '1000', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The timeout period for an idle persistent connection. Valid values: 10 to 3600. Default value: 15. Unit: seconds.'."\n"
."\n"
.'> This parameter specifies the period of time after which an idle persistent connection is released.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => ''],
'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled.'."\n"
."\n"
.'- **false**: HTTP/2 is not enabled.', 'type' => 'boolean', 'example' => 'True', 'title' => ''],
'XffProto' => ['description' => 'Indicates whether to use the X-Forwarded-For-Proto header to identify the protocol used by WAF. Valid values:'."\n"
."\n"
.'- **true**: Identifies the protocol used by WAF. This is the default value.'."\n"
."\n"
.'- **false**: Does not identify the protocol used by WAF.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'OwnerUserId' => ['description' => 'The ID of the Alibaba Cloud account to which the cloud service belongs.', 'type' => 'string', 'example' => '123', 'title' => ''],
'SubStatus' => ['description' => 'The abnormal protection status. Valid values:'."\n"
."\n"
.'- **InvalidCert**: The certificate is invalid.'."\n"
."\n"
.'- **ClientCertOpend**: Mutual authentication is enabled.'."\n"
."\n"
.'- **NetworkConfigLost**: The network configuration of the cloud service is abnormal.', 'type' => 'string', 'example' => 'InvalidCert', 'title' => ''],
'SubStatusDetails' => [
'description' => 'The details of the abnormal protection status. This parameter is returned only when **SubStatus** is set to InvalidCert.',
'type' => 'array',
'items' => [
'description' => 'The details of the abnormal protection status. This parameter is returned only when **SubStatus** is set to InvalidCert.',
'type' => 'object',
'properties' => [
'CertName' => ['description' => 'The name of the certificate in Certificates Management Service.', 'type' => 'string', 'example' => 'test-name', 'title' => ''],
'Domain' => ['description' => 'The domain name that is bound to the certificate.', 'type' => 'string', 'example' => 'test.aliyun.com', 'title' => ''],
'CertId' => ['description' => 'The ID of the certificate in Certificates Management Service.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'AppliedType' => ['description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n"
."\n"
.'- **default**: the default certificate.'."\n"
."\n"
.'- **extension**: the additional certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''],
'ProductCertName' => ['description' => 'The name of the certificate that is saved for the cloud service.', 'type' => 'string', 'example' => 'test-name', 'title' => ''],
'ProductCertId' => ['description' => 'The ID of the certificate that is saved for the cloud service.', 'type' => 'string', 'example' => '123', 'title' => ''],
'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'test.aliyun.com', 'title' => ''],
'ReasonCode' => ['description' => 'The reason for the abnormal protection status. Valid values:'."\n"
."\n"
.'- **UserUploadCert**: The certificate is manually uploaded.'."\n"
."\n"
.'- **CertNotExistInCertCenter**: The certificate does not exist in Certificates Management Service.'."\n"
."\n"
.'- **CertExpired**: The certificate has expired.'."\n"
."\n"
.'- **EmptyCertCN**: The CN of the certificate is empty.', 'type' => 'string', 'example' => 'CertNotExistInCertCenter', 'title' => ''],
'ExpireTime' => ['description' => 'The expiration time of the certificate. The value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1746328456000', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'CloudResourceId' => ['description' => 'The ID of the resource that is added to WAF. The ID is automatically generated by WAF.', 'type' => 'string', 'example' => 'i-bp1**************7ey-80-ecs', 'title' => ''],
'MaxBodySize' => ['description' => 'The maximum size of a request body. Valid values: 2 to 10. Default value: 2. Unit: GB.', 'type' => 'integer', 'format' => 'int32', 'example' => '2', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Instance.ValidFaild', 'errorMessage' => 'WAF instance check failed. Check whether the instance ID is correct.', 'description' => 'WAF instance check failed. Check whether the instance ID is correct.'],
['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'],
['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"TotalCount\\": 10,\\n \\"AccessPortDetails\\": [\\n {\\n \\"Protocol\\": \\"https\\",\\n \\"Port\\": 443,\\n \\"Certificates\\": [\\n {\\n \\"CertificateName\\": \\"cert-name1\\",\\n \\"CertificateId\\": \\"123-cn-hangzhou\\",\\n \\"AppliedType\\": \\"default\\"\\n }\\n ],\\n \\"XffHeaderMode\\": 0,\\n \\"XffHeaders\\": [\\n \\"header1\\"\\n ],\\n \\"LogHeaders\\": [\\n {\\n \\"Key\\": \\"key1\\",\\n \\"Value\\": \\"value1\\"\\n }\\n ],\\n \\"Status\\": 1,\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"EnableTLSv3\\": true,\\n \\"CipherSuite\\": 1,\\n \\"CustomCiphers\\": [\\n \\"ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384\\"\\n ],\\n \\"ReadTimeout\\": 5,\\n \\"WriteTimeout\\": 1,\\n \\"Keepalive\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 10,\\n \\"Http2Enabled\\": true,\\n \\"XffProto\\": true,\\n \\"OwnerUserId\\": \\"123\\",\\n \\"SubStatus\\": \\"InvalidCert\\",\\n \\"SubStatusDetails\\": [\\n {\\n \\"CertName\\": \\"test-name\\",\\n \\"Domain\\": \\"test.aliyun.com\\",\\n \\"CertId\\": \\"123-cn-hangzhou\\",\\n \\"AppliedType\\": \\"default\\",\\n \\"ProductCertName\\": \\"test-name\\",\\n \\"ProductCertId\\": \\"123\\",\\n \\"CommonName\\": \\"test.aliyun.com\\",\\n \\"ReasonCode\\": \\"CertNotExistInCertCenter\\",\\n \\"ExpireTime\\": 1746328456000\\n }\\n ],\\n \\"CloudResourceId\\": \\"i-bp1**************7ey-80-ecs\\",\\n \\"MaxBodySize\\": 2\\n }\\n ]\\n}","type":"json"}]',
'title' => 'Query the details of cloud service instance ports that are added to WAF',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '150', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResourceAccessPortDetails'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResourceAccessPortDetails',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeCloudResourceAccessedPorts' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226564',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The instance ID of the resource.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'lb-bp1*****jqnnqk5uj2p'],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwkpn****5i', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''],
'Http' => [
'description' => 'The HTTP port.',
'type' => 'array',
'items' => ['description' => 'The HTTP port.', 'type' => 'integer', 'format' => 'int32', 'example' => '[80]', 'title' => ''],
'title' => '',
'example' => '',
],
'Https' => [
'description' => 'The HTTPS port.',
'type' => 'array',
'items' => ['description' => 'The HTTPS port.', 'type' => 'integer', 'format' => 'int32', 'example' => '[443]', 'title' => ''],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeCloudResourceAccessedPorts',
'summary' => 'Queries the ports of cloud services added to Web Application Firewall (WAF). This operation is supported only for Elastic Compute Service (ECS) and Classic Load Balancer (CLB).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResourceAccessedPorts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Http\\": [\\n 0\\n ],\\n \\"Https\\": [\\n 0\\n ]\\n}","type":"json"}]',
],
'DescribeCloudResourceList' => [
'summary' => 'Queries the list of resources connected to WAF in cloud native mode.',
'path' => '',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'deprecated' => false,
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226583',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'OwnerUserId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The UID of the resource ownership user.', 'type' => 'string', 'required' => false, 'example' => '1111111111'],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The instance ID of the resource.', 'type' => 'string', 'required' => false, 'example' => 'i-8vbdlsd********81e22'],
],
[
'name' => 'Port',
'in' => 'query',
'schema' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'string', 'required' => false, 'example' => '80', 'title' => ''],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => ['description' => 'The cloud service to which the resource belongs. Valid values:'."\n"
."\n"
.'- **alb**: Application Load Balancer (ALB).'."\n"
."\n"
.'- **mse**: Microservices Engine (MSE).'."\n"
."\n"
.'- **fc**: Function Compute (FC).'."\n"
."\n"
.'- **sae**: Serverless App Engine (SAE).'."\n"
."\n"
.'- **ecs**: Elastic Compute Service (ECS).'."\n"
.'- **clb4**: Classic Load Balancer (CLB) (TCP).'."\n"
.'- **clb7**: Classic Load Balancer (CLB) (HTTP/HTTPS).'."\n"
.'- **apig**: API Gateway (APIG).'."\n"
.'- **nlb**: Network Load Balancer (NLB).'."\n"
.'- **ddos**: Anti-DDoS.'."\n"
."\n"
.'> Different products are supported in different regions. If you specify a value for this parameter, make sure that the product is supported in the specified region. Otherwise, the query may fail.', 'type' => 'string', 'required' => false, 'example' => 'ecs', 'title' => ''],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF in cloud native mode.'."\n"
."\n"
.'> You can call [CreateCloudResource](~~2839876~~) to connect a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'i-8vbdlsd********81e22-80-ecs', 'title' => ''],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The pagination token for the next page. If a value is returned for this parameter, the next page exists.'."\n"
.'> If this parameter has a return value, the next page exists. You can use the returned **NextToken** value as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paged query. Valid values: 1 to 100. Default value: 10.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '100', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceDomain',
'in' => 'query',
'schema' => ['description' => 'The domain name connected to WAF.'."\n"
.'> This parameter is supported only when the cloud service type is ddos.', 'type' => 'string', 'required' => false, 'example' => 'www.c**sw.net', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''],
'NextToken' => ['description' => 'The pagination token for the next page. If a value is returned for this parameter, the next page exists.'."\n"
.'> If this parameter has a return value, the next page exists. You can use the returned **NextToken** value as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '118', 'title' => ''],
'MaxResults' => ['description' => 'The number of entries per page in a paged query.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''],
'CloudResourceList' => [
'description' => 'The list of resources connected to WAF in cloud native mode.',
'type' => 'array',
'items' => [
'description' => 'The resource connected to WAF in cloud native mode.',
'type' => 'object',
'properties' => [
'Protocol' => ['description' => 'The protocol type. Valid values:'."\n"
.'- **http**: HTTP.'."\n"
.'- **https**: HTTPS.', 'type' => 'string', 'example' => 'http', 'title' => ''],
'Port' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'ResourceRegionId' => ['description' => 'The resource ownership region ID. For valid values, see the supplementary description of response parameters.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
'ResourceInstanceId' => ['description' => 'The instance ID of the resource connected to WAF.', 'type' => 'string', 'example' => 'i-8vbdlsd********81e22', 'title' => ''],
'ResourceProduct' => ['description' => 'The cloud service to which the resource belongs. Valid values:'."\n"
."\n"
.'- **alb**: Application Load Balancer (ALB).'."\n"
."\n"
.'- **mse**: Microservices Engine (MSE).'."\n"
."\n"
.'- **fc**: Function Compute (FC).'."\n"
."\n"
.'- **sae**: Serverless App Engine (SAE).'."\n"
.'- **ecs**: Elastic Compute Service (ECS).'."\n"
.'- **clb4**: Classic Load Balancer (CLB) (TCP).'."\n"
.'- **clb7**: Classic Load Balancer (CLB) (HTTP/HTTPS).'."\n"
.'- **nlb**: Network Load Balancer (NLB).', 'type' => 'string', 'example' => 'ecs', 'title' => ''],
'CloudResourceId' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF.', 'type' => 'string', 'example' => 'i-8vbdlsd********81e22-80-ecs', 'title' => ''],
'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aek2uo2****lbka', 'title' => ''],
'ResourceDomain' => ['description' => 'The domain name connected to WAF.', 'type' => 'string', 'example' => 'www.c**sw.net', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Instance.ValidFaild', 'errorMessage' => 'WAF instance check failed. Check whether the instance ID is correct.', 'description' => 'WAF instance check failed. Check whether the instance ID is correct.'],
['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'],
['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'Query cloud native mode WAF configuration list',
'requestParamsDescription' => '| Region ID | Region | Supported products |'."\n"
.'| ------------- | ------------- | ------------- |'."\n"
.'|cn-hangzhou| China (Hangzhou)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n"
.'|cn-shanghai| China (Shanghai)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n"
.'|cn-shenzhen| China (Shenzhen)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n"
.'|cn-beijing| China (Beijing)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n"
.'|cn-zhangjiakou| China (Zhangjiakou)| SAE,ALB,FC,MSE,ECS,CLB,NLB|'."\n"
.'|cn-chengdu| China (Chengdu)| ALB,ECS,CLB,NLB|'."\n"
.'|cn-qingdao| China (Qingdao)| ALB,ECS,CLB,NLB|'."\n"
.'|cn-guangzhou| China (Guangzhou)| ALB|'."\n"
.'|cn-wulanchabu| China (Ulanqab)| ALB|'."\n"
.'|cn-hongkong| Hong Kong (China)| ALB,MSE,ECS,CLB,NLB|'."\n"
.'|cn-fuzhou| China (Fuzhou - Local Region - Discontinuing)| ALB|'."\n"
.'|ap-southeast-6| Philippines (Manila)| ALB|'."\n"
.'|ap-southeast-5| Indonesia (Jakarta)| ALB,ECS,CLB,NLB|'."\n"
.'|ap-northeast-1| Japan (Tokyo)| ALB|'."\n"
.'|ap-southeast-3| Malaysia (Kuala Lumpur)| ALB,MSE,ECS,CLB,NLB|'."\n"
.'|ap-southeast-1| Singapore| ALB,MSE|'."\n"
.'|eu-central-1| Germany (Frankfurt)| ALB|'."\n"
.'|us-west-1| US (Silicon Valley)| ALB|'."\n"
.'|us-east-1| US (Virginia)| ALB|',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResourceList',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
'additionalActions' => [
['action' => 'yundun-waf:DescribeCloudResourceList', 'validationType' => 'conditional'],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"TotalCount\\": 118,\\n \\"MaxResults\\": 20,\\n \\"CloudResourceList\\": [\\n {\\n \\"Protocol\\": \\"http\\",\\n \\"Port\\": 80,\\n \\"ResourceRegionId\\": \\"cn-hangzhou\\",\\n \\"ResourceInstanceId\\": \\"i-8vbdlsd********81e22\\",\\n \\"ResourceProduct\\": \\"ecs\\",\\n \\"CloudResourceId\\": \\"i-8vbdlsd********81e22-80-ecs\\",\\n \\"ResourceManagerResourceGroupId\\": \\"rg-aek2uo2****lbka\\",\\n \\"ResourceDomain\\": \\"www.c**sw.net\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeCloudResources' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '112176',
'abilityTreeNodes' => ['FEATUREwafJ7PT1V', 'FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafM61JTL', 'FEATUREwafFJZ9SV', 'FEATUREwafL6Q7OZ'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => 'waf_v3prepaid_public_cn-lbj****cn0c', 'title' => ''],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource instance.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'alb-43glijk0fr****gths'],
],
[
'name' => 'ResourceName',
'in' => 'query',
'schema' => ['description' => 'The name of the resource instance.', 'type' => 'string', 'deprecated' => true, 'title' => '', 'required' => false, 'example' => 'alb-name'],
],
[
'name' => 'ResourceRegionId',
'in' => 'query',
'schema' => ['description' => 'The ID of the region where the resource resides. For more information, see the "Regions and supported products" section in this topic.'."\n"
."\n"
.'> Each cloud service supports different regions. If you specify the ResourceProduct parameter, make sure the region you specify for this parameter supports that service. Otherwise, the query may fail.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'cn-beijing'],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => ['description' => 'The cloud service to which the resource belongs. By default, instances of Application Load Balancer (ALB), Microservices Engine (MSE), Function Compute (FC), and Serverless App Engine (SAE) are returned. Valid values:'."\n"
."\n"
.'- **alb**: ALB'."\n"
."\n"
.'- **mse**: MSE'."\n"
."\n"
.'- **fc**: FC'."\n"
."\n"
.'- **sae**: SAE'."\n"
."\n"
.'- **ecs**: Elastic Compute Service (ECS)'."\n"
."\n"
.'- **clb4**: Classic Load Balancer (CLB) that uses TCP'."\n"
."\n"
.'- **clb7**: CLB that uses HTTP or HTTPS'."\n"
."\n"
.'- **nlb**: Network Load Balancer (NLB)'."\n"
."\n"
.'> Each cloud service supports different regions. If you specify this parameter, make sure the region you specify for the ResourceRegionId parameter supports this service. Otherwise, the query may fail.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'alb'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '100', 'minimum' => '10', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ResourceRouteName',
'in' => 'query',
'schema' => ['description' => 'The name of the route. This parameter is available when you query MSE resources.', 'type' => 'string', 'required' => false, 'example' => 'mse-default-traffic', 'title' => ''],
],
[
'name' => 'ResourceDomain',
'in' => 'query',
'schema' => ['description' => 'The domain name of the resource. This parameter is available when you query FC or SAE resources.', 'type' => 'string', 'required' => false, 'example' => 'fc-domain-test', 'title' => ''],
],
[
'name' => 'ResourceFunction',
'in' => 'query',
'schema' => ['description' => 'The name of the function. This parameter is available when you query FC resources.', 'type' => 'string', 'required' => false, 'example' => 'fc-test', 'title' => ''],
],
[
'name' => 'OwnerUserId',
'in' => 'query',
'schema' => ['description' => 'The UID of the account to which the resource belongs.', 'type' => 'string', 'required' => false, 'example' => '11769793******', 'title' => ''],
],
[
'name' => 'ResourceInstanceName',
'in' => 'query',
'schema' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'test-name', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4gh****wela', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response object.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of cloud services found.', 'type' => 'integer', 'format' => 'int64', 'example' => '121', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C327F81A-CCE2-5B21-817C-F93E29C5****', 'title' => ''],
'CloudResources' => [
'description' => 'A list of cloud services.',
'type' => 'array',
'items' => [
'description' => 'Details about the cloud service.',
'type' => 'object',
'properties' => [
'ResourceRouteName' => ['description' => 'The name of the route. This parameter is returned for MSE instances.', 'type' => 'string', 'example' => 'test-route-name', 'title' => ''],
'ResourceRegionId' => ['title' => '', 'description' => 'The region where the resource resides.', 'type' => 'string', 'example' => 'cn-hangzhou'],
'ResourceFunction' => ['description' => 'The name of the function. This parameter is returned for FC instances.', 'type' => 'string', 'example' => 'test-resource-function', 'title' => ''],
'ResourceName' => ['description' => 'The name of the instance.', 'type' => 'string', 'deprecated' => true, 'title' => '', 'example' => 'test-resource-name'],
'ResourceInstance' => ['description' => 'The ID of the resource instance.', 'type' => 'string', 'deprecated' => true, 'example' => 'alb-ffff****', 'title' => ''],
'ResourceProduct' => ['description' => 'The cloud service to which the resource belongs. Valid values:'."\n"
."\n"
.'- **alb**: ALB'."\n"
."\n"
.'- **mse**: MSE'."\n"
."\n"
.'- **fc**: FC'."\n"
."\n"
.'- **sae**: SAE'."\n"
."\n"
.'- **ecs**: ECS'."\n"
."\n"
.'- **clb4**: CLB that uses TCP'."\n"
."\n"
.'- **clb7**: CLB that uses HTTP or HTTPS'."\n"
."\n"
.'- **nlb**: NLB', 'type' => 'string', 'example' => 'alb', 'title' => ''],
'ResourceService' => ['description' => 'The name of the service. This parameter is returned for FC instances.', 'type' => 'string', 'example' => 'test-resource-service', 'title' => ''],
'ResourceDomain' => ['description' => 'The domain name of the resource. This parameter is returned for FC or SAE instances.', 'type' => 'string', 'example' => 'test-resource-domain', 'title' => ''],
'OwnerUserId' => ['description' => 'The UID of the account to which the resource belongs.', 'type' => 'string', 'example' => '11769793******', 'title' => ''],
'HttpPortCount' => ['description' => 'The number of HTTP ports that are added to WAF.'."\n"
."\n"
.'> This parameter is returned only for ECS and CLB instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'HttpsPortCount' => ['description' => 'The number of HTTPS ports that are added to WAF.'."\n"
."\n"
.'> This parameter is returned only for ECS and CLB instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'ResourceInstanceIp' => ['description' => 'The IP address of the instance that is added to WAF.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''],
'ResourceInstanceId' => ['description' => 'The ID of the instance that is added to WAF.', 'type' => 'string', 'example' => 'lb-uf60ub45fr9b***', 'title' => ''],
'ResourceInstanceName' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'example' => 'test-name', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeCloudResources',
'summary' => 'Queries the list of cloud services added to Web Application Firewall (WAF).',
'requestParamsDescription' => '| Region ID | Region name | Supported products |'."\n"
.'| -------------- | ---------------------------------------------------- | -------------------------- |'."\n"
.'| cn-hangzhou | China (Hangzhou) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n"
.'| cn-shanghai | China (Shanghai) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n"
.'| cn-shenzhen | China (Shenzhen) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n"
.'| cn-beijing | China (Beijing) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n"
.'| cn-zhangjiakou | China (Zhangjiakou) | SAE,ALB,FC,MSE,ECS,CLB,NLB |'."\n"
.'| cn-chengdu | China (Chengdu) | ALB,ECS,CLB,NLB |'."\n"
.'| cn-qingdao | China (Qingdao) | ALB,ECS,CLB,NLB |'."\n"
.'| cn-guangzhou | China (Guangzhou) | ALB |'."\n"
.'| cn-wulanchabu | China (Ulanqab) | ALB |'."\n"
.'| cn-hongkong | China (Hong Kong) | ALB,MSE,ECS,CLB,NLB |'."\n"
.'| cn-fuzhou | China (Fuzhou - local region - being decommissioned) | ALB |'."\n"
.'| ap-southeast-6 | Philippines (Manila) | ALB |'."\n"
.'| ap-southeast-5 | Indonesia (Jakarta) | ALB,ECS,CLB,NLB |'."\n"
.'| ap-northeast-1 | Japan (Tokyo) | ALB |'."\n"
.'| ap-southeast-3 | Malaysia (Kuala Lumpur) | ALB,MSE,ECS,CLB,NLB |'."\n"
.'| ap-southeast-1 | Singapore | ALB,MSE |'."\n"
.'| eu-central-1 | Germany (Frankfurt) | ALB |'."\n"
.'| us-west-1 | US (Silicon Valley) | ALB |'."\n"
.'| us-east-1 | US (Virginia) | ALB |',
'changeSet' => [
['createdAt' => '2024-07-09T07:10:02.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResources'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 121,\\n \\"RequestId\\": \\"C327F81A-CCE2-5B21-817C-F93E29C5****\\",\\n \\"CloudResources\\": [\\n {\\n \\"ResourceRouteName\\": \\"test-route-name\\",\\n \\"ResourceRegionId\\": \\"cn-hangzhou\\",\\n \\"ResourceFunction\\": \\"test-resource-function\\",\\n \\"ResourceName\\": \\"test-resource-name\\",\\n \\"ResourceInstance\\": \\"alb-ffff****\\",\\n \\"ResourceProduct\\": \\"alb\\",\\n \\"ResourceService\\": \\"test-resource-service\\",\\n \\"ResourceDomain\\": \\"test-resource-domain\\",\\n \\"OwnerUserId\\": \\"11769793******\\",\\n \\"HttpPortCount\\": 1,\\n \\"HttpsPortCount\\": 1,\\n \\"ResourceInstanceIp\\": \\"1.1.1.1\\",\\n \\"ResourceInstanceId\\": \\"lb-uf60ub45fr9b***\\",\\n \\"ResourceInstanceName\\": \\"test-name\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeCnameCount' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''],
'CnameCount' => [
'description' => 'The number of CNAME access entries.',
'type' => 'object',
'properties' => [
'Total' => ['description' => 'The total number of results returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'HybridCloudCname' => ['description' => 'The number of domain names added through hybrid cloud access.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'Cname' => ['description' => 'The number of domain names added through public cloud CNAME access.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query the total number of added domain names',
'summary' => 'Queries the total number of domain names that are added to WAF, including domain names added through CNAME and hybrid cloud access.',
'changeSet' => [
['createdAt' => '2024-11-12T13:24:08.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-15T07:34:14.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCnameCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"CnameCount\\": {\\n \\"Total\\": 1,\\n \\"HybridCloudCname\\": 1,\\n \\"Cname\\": 1\\n }\\n}","type":"json"}]',
],
'DescribeCommonLogFields' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '111390',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-l*****', 'title' => ''],
],
[
'name' => 'IsRequired',
'in' => 'query',
'allowEmptyValue' => true,
'schema' => ['description' => 'Specifies whether to query for required log fields.'."\n"
."\n"
.'- **true**: Queries for required log fields.'."\n"
."\n"
.'- **false**: Queries for non-required log fields.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''],
],
[
'name' => 'IsDefault',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to query for default log fields.'."\n"
."\n"
.'- **true**: Queries for default log fields.'."\n"
."\n"
.'- **false**: Queries for non-default log fields.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
],
[
'name' => 'LogKeyList',
'in' => 'query',
'style' => 'json',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The log field to query.', 'type' => 'string', 'required' => false, 'example' => 'final_action', 'title' => ''],
'description' => 'The list of log fields to query.',
'required' => false,
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2sxgs*****', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of log fields returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'AB0775EB-2594-598A-97E1-51B1*******', 'title' => ''],
'LogFieldList' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The status of the log field. Valid values:'."\n"
."\n"
.'- **0**: offline.'."\n"
."\n"
.'- **1**: online or in use.'."\n"
."\n"
.'- **2**: about to be unpublished.'."\n"
."\n"
.'- **3**: about to be published.', 'type' => 'boolean', 'example' => '1', 'title' => ''],
'IsDefault' => ['description' => 'Indicates whether the log field is a default field.'."\n"
."\n"
.'- **true**: The log field is a default field.'."\n"
."\n"
.'- **false**: The log field is not a default field.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'IsRequired' => ['description' => 'Indicates whether the log field is required.'."\n"
."\n"
.'- **true**: The log field is required.'."\n"
."\n"
.'- **false**: The log field is not required.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'LogKey' => ['description' => 'The name of the log field.'."\n"
."\n"
.'> For more information about the log fields, see [**Log field descriptions**](https://help.aliyun.com/zh/waf/web-application-firewall-3-0/user-guide/fields-in-logs?spm=openapi-amp.newDocPublishment.0.0.ccef281fNAb0XR).', 'type' => 'string', 'example' => 'final_action', 'title' => ''],
],
'description' => 'The information about a log field.',
'title' => '',
'example' => '',
],
'description' => 'The list of log fields returned.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeCommonLogFields',
'summary' => 'Queries all log fields supported by Simple Log Service for Web Application Firewall (WAF).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeCommonLogFields',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 6,\\n \\"RequestId\\": \\"AB0775EB-2594-598A-97E1-51B1*******\\",\\n \\"LogFieldList\\": [\\n {\\n \\"Status\\": true,\\n \\"IsDefault\\": true,\\n \\"IsRequired\\": true,\\n \\"LogKey\\": \\"final_action\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeCustomBaseRuleCompileResult' => [
'summary' => 'Describes the compilation result of a custom regular expression rule.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '228452',
'abilityTreeNodes' => ['FEATUREwaf1LM6V0'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '58FDF266-3D56-5DE8-91E0-96A26BAB****', 'title' => ''],
'Result' => ['description' => 'The compilation result. Valid values:'."\n"
."\n"
.'- **success**: The rule is successfully compiled.'."\n"
."\n"
.'- **compiling**: The rule is being compiled.'."\n"
."\n"
.'- **failed**: The rule failed to be compiled.', 'type' => 'string', 'example' => 'success', 'title' => ''],
],
'description' => 'The compilation result of the custom regular expression rule.',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeCustomBaseRuleCompileResult',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCustomBaseRuleCompileResult',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"58FDF266-3D56-5DE8-91E0-96A26BAB****\\",\\n \\"Result\\": \\"success\\"\\n}","type":"json"}]',
],
'DescribeDDoSStatus' => [
'summary' => 'Queries whether the current WAF instance is under a DDoS attack.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '194498',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''],
'DDoSStatus' => [
'description' => 'The current DDoS status.',
'type' => 'array',
'items' => [
'description' => 'The current DDoS status.',
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The DDoS status. Valid values:'."\n"
.'- **doing**: under DDoS attack.', 'type' => 'string', 'example' => 'doing', 'title' => ''],
'EventType' => ['description' => 'The event type. Valid values:'."\n"
.'- defense: DDoS scrubbing events.'."\n"
.'- blackhole: DDoS blackhole filtering events.', 'type' => 'string', 'example' => 'blackhole', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query current DDoS attack status',
'changeSet' => [
['createdAt' => '2024-08-15T06:51:16.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDDoSStatus'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDDoSStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"DDoSStatus\\": [\\n {\\n \\"Status\\": \\"doing\\",\\n \\"EventType\\": \\"blackhole\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeDefaultHttps' => [
'summary' => 'Queries the default SSL/TLS settings.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226995',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****'],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''],
'DefaultHttps' => [
'description' => 'The default SSL/TLS settings.',
'type' => 'object',
'properties' => [
'CustomCiphers' => ['description' => 'The custom cipher suites.', 'type' => 'string', 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', 'title' => ''],
'TLSVersion' => ['description' => 'The TLS version. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1', 'title' => ''],
'CertId' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'CipherSuite' => ['description' => 'The type of the cipher suite. Valid values:'."\n"
."\n"
.'- **1**: All cipher suites are added.'."\n"
."\n"
.'- **2**: Strong cipher suites are added.'."\n"
."\n"
.'- **99**: Custom cipher suites are added.', 'type' => 'string', 'example' => '1', 'title' => ''],
'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query default SSL/TLS settings',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefaultHttps',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"DefaultHttps\\": {\\n \\"CustomCiphers\\": \\"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384\\",\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"CertId\\": \\"123-cn-hangzhou\\",\\n \\"CipherSuite\\": \\"1\\",\\n \\"EnableTLSv3\\": true\\n }\\n}","type":"json"}]',
],
'DescribeDefenseGroupValidResources' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHQWDCC'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zxu****jc01', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object that you want to use as a filter for the query results.', 'type' => 'string', 'required' => false, 'example' => 'example.aliyun-waf', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the defense group to query.'."\n"
."\n"
.'> Leave this parameter empty to query for protected objects that can be associated with a new defense group.', 'type' => 'string', 'required' => false, 'example' => 'group221', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2lrm****6pnq', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'A57BA089-3B28-5C82-8331-7B94****4978', 'title' => ''],
'Resources' => [
'type' => 'array',
'items' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'example.aliyun-waf'."\n", 'title' => ''],
'description' => 'The names of the protected objects.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseGroupValidResources',
'summary' => 'Queries a paginated list of protected objects that can be associated with a defense group.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseGroupValidResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 12,\\n \\"RequestId\\": \\"A57BA089-3B28-5C82-8331-7B94****4978\\",\\n \\"Resources\\": [\\n \\"example.aliyun-waf\\\\n\\"\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseResource' => [
'summary' => 'Query a single protected object.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106335',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) API operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => false, 'example' => 'waf_v3prepaid_public_cn-4xl****i60i', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The name of the protected object to query. You can set this parameter to precisely query a protected object that has been added to WAF.', 'type' => 'string', 'required' => true, 'example' => 'example.aliyundoc.com-waf '],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response structure.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '439AADF2-368C-5E98-B14E-3086****0573', 'title' => ''],
'Resource' => [
'description' => 'The information about the protected object.',
'type' => 'object',
'properties' => [
'GmtCreate' => ['description' => 'The time when the protected object was created. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1607493144000', 'title' => ''],
'GmtModified' => ['description' => 'The time when the protected object was modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1691720010000', 'title' => ''],
'Product' => ['description' => 'The name of the cloud service.', 'type' => 'string', 'example' => 'alb', 'title' => ''],
'Resource' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'alb-rencs***'."\n", 'title' => ''],
'ResourceGroup' => ['description' => 'The name of the protected object group to which the protected object is added.', 'type' => 'string', 'example' => 'example_resource_group', 'title' => ''],
'Detail' => ['description' => 'The detailed description of the protected object. Different key-value pairs in the Map represent different attributes of the protected object.', 'type' => 'object', 'example' => '{'."\n"
.'"product": "waf",'."\n"
.' "domain": "demo.aliyundoc****.com"'."\n"
.'}', 'title' => ''],
'Pattern' => ['description' => 'The protection form of the protected object.', 'type' => 'string', 'example' => 'domain', 'title' => ''],
'XffStatus' => ['description' => 'Indicates whether a Layer 7 proxy (Anti-DDoS/CDN, etc.) is deployed in front of WAF. Valid values:'."\n"
."\n"
.'- **0**: not enabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'CustomHeaders' => [
'description' => 'The list of specified header fields.'."\n"
.'> When XffStatus is set to 1, the first IP address in the specified header field is used as the client source IP address to prevent XFF forgery. If multiple header fields are specified, they are tried in order to obtain the source IP address. If the source IP address cannot be obtained from the first header field, the second header field is tried, and so on. If the source IP address cannot be obtained from any of the specified header fields, the first IP address in X-Forwarded-For is used. When XffStatus is set to 1, it indicates that the source IP address is obtained from the first header field.',
'type' => 'array',
'items' => ['description' => 'The specified header field.', 'type' => 'string', 'example' => 'x-forwarded-for', 'title' => ''],
'title' => '',
'example' => '',
],
'ResourceOrigin' => ['description' => 'The origin of the protected object. Valid values:'."\n"
."\n"
.'- **custom**: the protected object created from Access Management.'."\n"
."\n"
.'- **access**: the protected object created by the user.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'Description' => ['description' => 'The description.', 'type' => 'string', 'example' => 'This is Description', 'title' => ''],
'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfmoiy****p2oq', 'title' => ''],
'AcwCookieStatus' => ['description' => 'The status of the tracking cookie. Valid values:'."\n"
."\n"
.'- **0**: disabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'AcwSecureStatus' => ['description' => 'The status of the secure attribute of the tracking cookie. Valid values:'."\n"
."\n"
.'- **0**: disabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'AcwV3SecureStatus' => ['description' => 'The status of the secure attribute of the slider cookie. Valid values:'."\n"
."\n"
.'- **0**: disabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'OwnerUserId' => ['description' => 'The UID of the owner of the protected object.', 'type' => 'string', 'example' => '170457******9107', 'title' => ''],
'ResponseHeaders' => [
'description' => 'The response header parameters.',
'type' => 'array',
'items' => [
'description' => 'The response header parameter.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The key of the specified custom response header.', 'type' => 'string', 'example' => 'Header-Key'."\n", 'title' => ''],
'Value' => ['description' => 'The value of the specified custom response header.', 'type' => 'string', 'example' => 'Header-Value'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'InstanceId' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'example' => 'waf_v2_public_cn-wwo****', 'title' => ''],
'ResourceStatus' => ['description' => 'The status of the protected object. Valid values:'."\n"
."\n"
.'- **initializing**: default protection is being initialized.'."\n"
."\n"
.'- **active**: running normally.'."\n"
."\n"
.'- **init_failed**: default protection initialization failed.', 'type' => 'string', 'example' => 'active', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query a single protected object',
'changeSet' => [
['createdAt' => '2025-02-24T08:09:13.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResource'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"439AADF2-368C-5E98-B14E-3086****0573\\",\\n \\"Resource\\": {\\n \\"GmtCreate\\": 1607493144000,\\n \\"GmtModified\\": 1691720010000,\\n \\"Product\\": \\"alb\\",\\n \\"Resource\\": \\"alb-rencs***\\\\n\\",\\n \\"ResourceGroup\\": \\"example_resource_group\\",\\n \\"Detail\\": {\\n \\"product\\": \\"waf\\",\\n \\"domain\\": \\"demo.aliyundoc****.com\\"\\n },\\n \\"Pattern\\": \\"domain\\",\\n \\"XffStatus\\": 0,\\n \\"CustomHeaders\\": [\\n \\"x-forwarded-for\\"\\n ],\\n \\"ResourceOrigin\\": \\"custom\\",\\n \\"Description\\": \\"This is Description\\",\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmoiy****p2oq\\",\\n \\"AcwCookieStatus\\": 0,\\n \\"AcwSecureStatus\\": 0,\\n \\"AcwV3SecureStatus\\": 0,\\n \\"OwnerUserId\\": \\"170457******9107\\",\\n \\"ResponseHeaders\\": [\\n {\\n \\"Key\\": \\"Header-Key\\\\n\\",\\n \\"Value\\": \\"Header-Value\\\\n\\"\\n }\\n ],\\n \\"InstanceId\\": \\"waf_v2_public_cn-wwo****\\",\\n \\"ResourceStatus\\": \\"active\\"\\n }\\n}","type":"json"}]',
],
'DescribeDefenseResourceGroup' => [
'summary' => 'Retrieves the details of a protected object group.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHQWDCC'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group that you want to query.', 'type' => 'string', 'required' => true, 'example' => 'group221', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. The following fields are configured:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'Group' => [
'description' => 'The information about the protected object group.',
'type' => 'object',
'properties' => [
'GroupName' => ['description' => 'The name of the protected object group that you want to query.', 'type' => 'string', 'example' => 'group1', 'title' => ''],
'GmtCreate' => ['description' => 'The timestamp when the protected object group was created.', 'type' => 'integer', 'format' => 'int64', 'example' => '23242312312', 'title' => ''],
'ResourceList' => ['description' => 'All the protected objects that are added to the protected object group. Separate the protected objects with commas (,).', 'type' => 'string', 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com', 'title' => ''],
'Description' => ['description' => 'The description of the protected object group.', 'type' => 'string', 'example' => 'test', 'title' => ''],
'GmtModified' => ['description' => 'The timestamp when the protected object group was modified.', 'type' => 'integer', 'format' => 'int64', 'example' => '23242312312', 'title' => ''],
],
'title' => '',
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'E67D21C6-5376-5F94-B745-70E08D03E3CB', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseResourceGroup',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroup'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Group\\": {\\n \\"GroupName\\": \\"group1\\",\\n \\"GmtCreate\\": 23242312312,\\n \\"ResourceList\\": \\"test1.aliyundoc.com,test2.aliyundoc.com\\",\\n \\"Description\\": \\"test\\",\\n \\"GmtModified\\": 23242312312\\n },\\n \\"RequestId\\": \\"E67D21C6-5376-5F94-B745-70E08D03E3CB\\"\\n}","type":"json"}]',
],
'DescribeDefenseResourceGroupNames' => [
'summary' => 'Queries the names of protected object groups.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHQWDCC'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-lbj****cc03', 'title' => ''],
],
[
'name' => 'GroupNameLike',
'in' => 'query',
'schema' => [
'description' => 'The name of the protected object group that you want to query. Fuzzy query is supported.',
'enumValueTitles' => [],
'type' => 'string',
'required' => false,
'example' => 'example-group',
'title' => '',
],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the paginated results. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **20**, which indicates 20 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwk****cv5i', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '8', 'title' => ''],
'GroupNames' => [
'description' => 'The names of the protected object groups.',
'type' => 'array',
'items' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'example-group-name', 'title' => ''],
'title' => '',
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '59DA4258-2F32-5095-B283-57AC****70B3', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseResourceGroupNames',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroupNames'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceGroupNames',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 8,\\n \\"GroupNames\\": [\\n \\"example-group-name\\"\\n ],\\n \\"RequestId\\": \\"59DA4258-2F32-5095-B283-57AC****70B3\\"\\n}","type":"json"}]',
],
'DescribeDefenseResourceGroups' => [
'summary' => 'Retrieves information about protected object groups using pagination.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHQWDCC'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo36****0i', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmxc7lf****eq', 'title' => ''],
],
[
'name' => 'GroupNameLike',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group that you want to query. Fuzzy query is supported.', 'type' => 'string', 'required' => false, 'example' => 'demoGroupName', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **20**, which indicates 20 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''],
],
[
'name' => 'GroupNames',
'in' => 'query',
'schema' => ['description' => 'The names of the protected object groups that you want to query. Separate multiple names with commas (,).', 'type' => 'string', 'required' => false, 'example' => 'groupName1,groupName2', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BFEC5C77-049B-5E88-A5B6-CB0C****B66E', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'Groups' => [
'description' => 'The list of protected object groups.',
'type' => 'array',
'items' => [
'description' => 'The protected object group.',
'type' => 'object',
'properties' => [
'Description' => ['description' => 'The description of the protected object group.', 'type' => 'string', 'example' => 'This is test description', 'title' => ''],
'GmtCreate' => ['description' => 'The time when the protected object group was created. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1624343180000', 'title' => ''],
'GmtModified' => ['description' => 'The most recent time when the protected object group was modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1701656305000', 'title' => ''],
'GroupName' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'apptest', 'title' => ''],
'ResourceList' => ['description' => 'The names of the protected objects that are added to the protected object group. Separate multiple protected objects with commas (,).', 'type' => 'string', 'example' => 'example02.aliyun-waf,example01.aliyun-waf', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseResourceGroups',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroups'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BFEC5C77-049B-5E88-A5B6-CB0C****B66E\\",\\n \\"TotalCount\\": 10,\\n \\"Groups\\": [\\n {\\n \\"Description\\": \\"This is test description\\",\\n \\"GmtCreate\\": 1624343180000,\\n \\"GmtModified\\": 1701656305000,\\n \\"GroupName\\": \\"apptest\\",\\n \\"ResourceList\\": \\"example02.aliyun-waf,example01.aliyun-waf\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseResourceNames' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-9lb****5s03', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzd4c****pdwy', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'example.xxxxaliyundoc.com', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the paginated results. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **20**, which indicates 20 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '75', 'title' => ''],
'Resources' => [
'description' => 'The names of the protected objects.',
'type' => 'array',
'items' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'example.aliyundoc.com-waf', 'title' => ''],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseResourceNames',
'summary' => 'Performs a pagination query to retrieve the names of protected objects.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceNames'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceNames',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"TotalCount\\": 75,\\n \\"Resources\\": [\\n \\"example.aliyundoc.com-waf\\"\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseResourceOwnerUid' => [
'summary' => 'Queries the asset owner account of protected objects in multi-account management scenarios.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '213063',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn********60f', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'ResourceNames',
'in' => 'query',
'schema' => ['description' => 'The protected objects to query. Separate multiple protected objects with commas (,). You can query a maximum of 100 protected objects at a time.', 'type' => 'string', 'required' => true, 'example' => 'a.com-waf,b.com-waf', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside tthe Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7326952B-B83B-5B7C-84FA-77F3E17310A2', 'title' => ''],
'OwnerInfos' => [
'description' => 'The owner account information of the protected objects.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'ResourceName' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'a.com-waf', 'title' => ''],
'OwnerUserId' => ['description' => 'The owner account ID of the protected object.', 'type' => 'string', 'example' => '125************21', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseResourceOwnerUid',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceOwnerUid',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7326952B-B83B-5B7C-84FA-77F3E17310A2\\",\\n \\"OwnerInfos\\": [\\n {\\n \\"ResourceName\\": \\"a.com-waf\\",\\n \\"OwnerUserId\\": \\"125************21\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseResourceTemplates' => [
'summary' => 'Queries the protection templates associated with a protected object or protected object group.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106375',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-9lb36****0e', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object or protected object group, or the ID of the protected asset to query.', 'type' => 'string', 'required' => true, 'example' => 'mitsuichemicals.cn-waf', 'title' => ''],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => [
'description' => 'The type of protected resource. Valid values:'."\n"
."\n"
.'- **single** (default): A protected object.'."\n"
."\n"
.'- **group**: A protected object group.'."\n"
."\n"
.'- **asset**: A protected asset.',
'type' => 'string',
'required' => false,
'enum' => ['single', 'group', 'asset'],
'example' => 'single',
'title' => '',
],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The type of protection rule. Valid values:'."\n"
."\n"
.'- **defense** (default): A protection rule.'."\n"
."\n"
.'- **whitelist**: A whitelist rule.', 'type' => 'string', 'required' => false, 'example' => 'whitelist', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '20111098', 'title' => ''],
],
[
'name' => 'RuleName',
'in' => 'query',
'schema' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'required' => false, 'example' => 'demoRuleName', 'title' => ''],
],
[
'name' => 'TemplateName',
'in' => 'query',
'schema' => ['description' => 'The name of the protection template to query.', 'type' => 'string', 'required' => false, 'example' => 'test221', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2ax2y5****pi', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2305CEB0-BA5A-5543-A1D3-3F1D08911B1C', 'title' => ''],
'Templates' => [
'description' => 'The protection templates.',
'type' => 'array',
'items' => [
'description' => 'The protection template.',
'type' => 'object',
'properties' => [
'Description' => ['description' => 'The description of the template.', 'type' => 'string', 'example' => 'testTemplate', 'title' => ''],
'TemplateOrigin' => ['description' => 'The origin of the protection template. The value custom indicates a user-created template.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'DefenseSubScene' => ['description' => 'The sub-scenario of the template. Valid values:'."\n"
."\n"
.'- **web**: The bot management template for web protection.'."\n"
."\n"
.'- **app**: The bot management template for app protection.'."\n"
."\n"
.'- **basic**: The basic bot management template.', 'type' => 'string', 'example' => 'basic', 'title' => ''],
'DefenseScene' => ['description' => 'The protection scenario. For more information, see the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'example' => 'whitelist', 'title' => ''],
'GmtModified' => ['description' => 'The time when the protection template was created, in UNIX timestamp format. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1692930539000', 'title' => ''],
'TemplateName' => ['description' => 'The name of the protection template.', 'type' => 'string', 'example' => 'antiscanTemplate', 'title' => ''],
'TemplateType' => ['description' => 'The type of the template. Valid values:'."\n"
."\n"
.'- **user\\_default**: The default template for the user.'."\n"
."\n"
.'- **user\\_custom**: A custom template created by the user.', 'type' => 'string', 'example' => 'user_custom', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '34328', 'title' => ''],
'TemplateStatus' => ['description' => 'The status of the protection template. Valid values:'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2305CEB0-BA5A-5543-A1D3-3F1D08911B1C\\",\\n \\"Templates\\": [\\n {\\n \\"Description\\": \\"testTemplate\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"DefenseSubScene\\": \\"basic\\",\\n \\"DefenseScene\\": \\"whitelist\\",\\n \\"GmtModified\\": 1692930539000,\\n \\"TemplateName\\": \\"antiscanTemplate\\",\\n \\"TemplateType\\": \\"user_custom\\",\\n \\"TemplateId\\": 34328,\\n \\"TemplateStatus\\": 1\\n }\\n ]\\n}","type":"json"}]',
'title' => 'DescribeDefenseResourceTemplates',
'changeSet' => [
['createdAt' => '2024-12-30T06:37:21.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceTemplates'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceTemplates',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeDefenseResources' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106336',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => false, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return when paging is used. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page when paging is used. Default value: **10**, which indicates that 10 entries are returned on each page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'Query',
'in' => 'query',
'schema' => ['description' => 'The query conditions. The value is a JSON string.'."\n"
."\n"
.'> The query results vary based on the query conditions. For more information, see **Query parameter description**.', 'type' => 'string', 'required' => false, 'example' => '{\\"product\\":\\"waf\\"}', 'title' => ''],
],
[
'name' => 'Tag',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The list of resource tags. A maximum of 20 tags can be specified.',
'type' => 'array',
'items' => [
'description' => 'The resource tag, which consists of a tag key and a tag value.',
'type' => 'object',
'properties' => [
'Value' => ['description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1', 'title' => ''],
'Key' => ['description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'Tagkey1', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 21,
'title' => '',
'example' => '',
],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response struct.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '73', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '618F2626-DB27-5187-8C6C-4E61A491****', 'title' => ''],
'Resources' => [
'description' => 'The list of protected objects.',
'type' => 'array',
'items' => [
'description' => 'The protected object information.',
'type' => 'object',
'properties' => [
'Pattern' => ['description' => 'The protection mode of the protected object.', 'type' => 'string', 'example' => 'domain', 'title' => ''],
'Description' => ['description' => 'The description.', 'type' => 'string', 'example' => 'test', 'title' => ''],
'XffStatus' => ['description' => 'Indicates whether XFF proxy is enabled for the protected object.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'GmtModified' => ['description' => 'The time when the protected object was last modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665633032000', 'title' => ''],
'Resource' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'alb-rencs***', 'title' => ''],
'AcwV3SecureStatus' => ['description' => 'The status of the secure attribute for the slider cookie.'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'Product' => ['description' => 'The name of the cloud service.', 'type' => 'string', 'example' => 'alb', 'title' => ''],
'AcwCookieStatus' => ['description' => 'The status of the tracking cookie.'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'AcwSecureStatus' => ['description' => 'The status of the secure attribute for the tracking cookie.'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => ''],
'GmtCreate' => ['description' => 'The time when the protected object was created. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1652149203187', 'title' => ''],
'OwnerUserId' => ['description' => 'The Alibaba Cloud account to which the protected object asset belongs in a multi-account management feature scenario.', 'type' => 'string', 'example' => '135*********46', 'title' => ''],
'ResourceOrigin' => ['description' => 'The origin of the protected object.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'ResourceGroup' => ['description' => 'The name of the protection group to which the protected object is added.', 'type' => 'string', 'example' => 'test', 'title' => ''],
'Detail' => ['description' => 'The detailed description of the protected object. Different key-value pairs in the map represent different attributes of the protected object.', 'type' => 'object', 'example' => '{"domain":"eou.eleme.cn","uri":"/"}', 'title' => ''],
'CustomHeaders' => [
'description' => 'The custom XFF headers used to obtain the originating IP address of the client. If XFF is set to 1 and this field is empty, the first IP address in the XFF header is used as the originating IP address of the client.',
'type' => 'array',
'items' => ['description' => 'The custom header field information.', 'type' => 'string', 'example' => 'afbfbajf', 'title' => ''],
'title' => '',
'example' => '',
],
'ResponseHeaders' => [
'description' => 'The response header parameters.',
'type' => 'array',
'items' => [
'description' => 'The response header parameters.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The key of the custom response header.', 'type' => 'string', 'example' => 'Header-Key', 'title' => ''],
'Value' => ['description' => 'The value of the custom response header.', 'type' => 'string', 'example' => 'Header-Value', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'InstanceId' => ['description' => 'The instance ID of the WAF instance.', 'type' => 'string', 'example' => 'waf_v2_public_cn-k*****', 'title' => ''],
'ResourceStatus' => ['description' => 'The status of the protected object. Valid values:'."\n"
."\n"
.'- **initializing**: Default protection is being initialized.'."\n"
."\n"
.'- **active**: Running normally.'."\n"
."\n"
.'- **init_failed**: Default protection initialization failed.', 'type' => 'string', 'example' => 'active', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query protected objects by paging',
'summary' => 'Queries protected objects by paging.',
'requestParamsDescription' => '### Query parameter description'."\n"
.'##### Parameter description'."\n"
."\n"
.'|Name|Type|Required|Example|Description|'."\n"
.'| ----------| ------------| ------------ | ---------- | -----------|'."\n"
.'|product | String|No|waf|The asset type. Valid values:
- **waf**: connected to WAF through CNAME or other methods.
- **alb**: connected through Application Load Balancer (ALB).
- **clb**: connected through Classic Load Balancer (CLB).
- **ecs**: connected through ECS.
- **mse**: connected through Microservices Engine (MSE).
- **fc**: connected through Function Compute (FC).|'."\n"
.'|resourceLike | String|No|example.aliyundoc.c|The name of the protected object. You can set this parameter to perform a fuzzy query on protected objects that are connected to WAF.'."\n"
.'|resource|String|No|example.aliyundoc.com-waf|The name of the protected object. You can set this parameter to perform an exact query on protected objects that are connected to WAF.'."\n"
.'|resourceIn|String|No|example1.aliyundoc.com,example2.aliyundoc.com|The names of multiple protected objects. You can set this parameter to query multiple protected objects that are connected to WAF. Separate multiple protected objects with commas (,).'."\n"
.'|instanceId|String|No|alb-nifa24****|The instance ID of the protected object. You can set this parameter to perform an exact query on the instance ID of a protected object that is connected to WAF.'."\n"
.'|domain|String|No|example.aliyundoc.com|The domain name of the protected object. You can set this parameter to perform an exact query on the domain name of a protected object that is connected to WAF.'."\n"
.'|resourceGroup|String|No|group1|The protection group to query.'."\n"
.'|inGroup|Boolean|No|true|Specifies whether the protected object has been added to the protection group.'."\n"
.'|ownerUserId|String|No|135********23|The ID of the Alibaba Cloud account to which the protected object belongs. You can set this parameter to perform an exact query on WAF protected objects that belong to a specific account in a multi-account scenario.'."\n"
.'|orderBy|String|No|resource|The sorting method for protected objects. Valid values:
- **resource**: sorted by protected object name.
- **gmtModified**: sorted by modification time.'."\n"
.'|desc|Boolean|No|true|The sorting order. Valid values:
- **false**: ascending order.
- **true**: descending order.'."\n"
."\n"
.'##### Example'."\n"
.'``` json'."\n"
.'{'."\n"
.' "product ": "waf",'."\n"
.' "resource": "example.aliyundoc.com-waf",'."\n"
.' "domain": "example.aliyundoc.com",'."\n"
.' "resourceLike ": "example.aliyundoc.c",'."\n"
.' "InstaneId": "waf_cn****",'."\n"
.' "resourceIn": "example1.aliyundoc.com,example2.aliyundoc.com",'."\n"
.' "ownerUserId": "135**********41"'."\n"
.'}'."\n"
.'```.',
'changeSet' => [
['createdAt' => '2025-02-24T08:09:13.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2024-09-02T03:44:32.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-03-21T12:30:17.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2023-08-24T09:07:44.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResources'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 73,\\n \\"RequestId\\": \\"618F2626-DB27-5187-8C6C-4E61A491****\\",\\n \\"Resources\\": [\\n {\\n \\"Pattern\\": \\"domain\\",\\n \\"Description\\": \\"test\\",\\n \\"XffStatus\\": 1,\\n \\"GmtModified\\": 1665633032000,\\n \\"Resource\\": \\"alb-rencs***\\",\\n \\"AcwV3SecureStatus\\": 0,\\n \\"Product\\": \\"alb\\",\\n \\"AcwCookieStatus\\": 1,\\n \\"AcwSecureStatus\\": 0,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfm***q\\",\\n \\"GmtCreate\\": 1652149203187,\\n \\"OwnerUserId\\": \\"135*********46\\",\\n \\"ResourceOrigin\\": \\"custom\\",\\n \\"ResourceGroup\\": \\"test\\",\\n \\"Detail\\": {\\n \\"domain\\": \\"eou.eleme.cn\\",\\n \\"uri\\": \\"/\\"\\n },\\n \\"CustomHeaders\\": [\\n \\"afbfbajf\\"\\n ],\\n \\"ResponseHeaders\\": [\\n {\\n \\"Key\\": \\"Header-Key\\",\\n \\"Value\\": \\"Header-Value\\"\\n }\\n ],\\n \\"InstanceId\\": \\"waf_v2_public_cn-k*****\\",\\n \\"ResourceStatus\\": \\"active\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseRule' => [
'summary' => 'Retrieves the details of a specified protection rule.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106382',
'abilityTreeNodes' => ['FEATUREwaf9JXZCD'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection rule template.'."\n"
."\n"
.'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '10318', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20026192', 'title' => ''],
],
[
'name' => 'DefenseType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): a protection rule template.'."\n"
."\n"
.'- **resource**: a rule for a protected object.'."\n"
."\n"
.'- **global**: a global rule.',
'enumValueTitles' => ['template' => 'template', 'resource' => 'resource'],
'type' => 'string',
'default' => 'template',
'enum' => ['global', 'resource', 'template'],
'required' => false,
'example' => 'template',
'title' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object to which the protection rule applies.'."\n"
."\n"
.'> This parameter is required only when **DefenseType** is set to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'rencs***-waf', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Rule' => [
'description' => 'The details of the protection rule.',
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The status of the protection rule. Valid values:'."\n"
."\n"
.'- **0**: disabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'DefenseOrigin' => ['description' => 'The origin of the protection rule. This parameter indicates whether the rule was created by the user or by the system. Valid values:'."\n"
."\n"
.'- **custom**: a custom rule.'."\n"
."\n"
.'- **system**: a system-generated rule.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'Config' => ['description' => 'The configuration of the protection rule, returned as a JSON string. For more information, see the **Protection rule parameters** section in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'example' => '{\\"status\\":1,\\"policyId\\":1012,\\"action\\":\\"block\\"}', 'title' => ''],
'RuleId' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '2732975', 'title' => ''],
'DefenseScene' => ['description' => 'The scenario to which the protection rule applies.'."\n"
."\n"
.'If the **DefenseType** parameter is set to **template**, the valid values are:'."\n"
."\n"
.'- **waf\\_group**: basic protection with regular expression rules.'."\n"
."\n"
.'- **waf\\_base**: web core protection.'."\n"
."\n"
.'- **waf\\_base\\_compliance**: basic protection with protocol compliance rules.'."\n"
."\n"
.'- **waf\\_base\\_sema**: basic protection with semantic analysis rules.'."\n"
."\n"
.'- **cc**: HTTP flood protection.'."\n"
."\n"
.'- **antiscan\\_dirscan**: directory traversal blocking in scan protection.'."\n"
."\n"
.'- **antiscan\\_highfreq**: high-frequency scan blocking in scan protection.'."\n"
."\n"
.'- **antiscan\\_scantools**: scanning tool blocking in scan protection.'."\n"
."\n"
.'- **ip\\_blacklist**: an IP address blacklist.'."\n"
."\n"
.'- **custom\\_acl**: a custom rule.'."\n"
."\n"
.'- **region\\_block**: a location blacklist.'."\n"
."\n"
.'- **tamperproof**: webpage tamper protection.'."\n"
."\n"
.'- **dlp**: data leakage prevention.'."\n"
."\n"
.'- **custom\\_response\\_block**: a custom response.'."\n"
."\n"
.'- **spike\\_throttle**: peak traffic throttling.'."\n"
."\n"
.'If the **DefenseType** parameter is set to **resource**, the valid values are:'."\n"
."\n"
.'- **account\\_identifier**: account identification.'."\n"
."\n"
.'- **custom\\_response**: a custom response.'."\n"
."\n"
.'- **waf\\_codec**: data decoding settings.'."\n"
."\n"
.'If the **DefenseType** parameter is set to **global**, the valid values are:'."\n"
."\n"
.'- **regular\\_custom**: a custom regular expression.'."\n"
."\n"
.'- **address\\_book**: an IP address book.'."\n"
."\n"
.'- **custom\\_response**: a custom response.', 'type' => 'string', 'example' => 'waf_group', 'title' => ''],
'GmtModified' => ['description' => 'The time when the protection rule was modified. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665196746000', 'title' => ''],
'RuleName' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'example' => 'test1', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection rule template.'."\n"
."\n"
.'> This parameter is returned only if the **DefenseType** parameter is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'example' => '9114', 'title' => ''],
'Resource' => ['description' => 'The protected object to which the protection rule applies.'."\n"
."\n"
.'> This parameter is returned only if the **DefenseType** parameter is set to **resource**.', 'type' => 'string', 'example' => 'rencs***-waf', 'title' => ''],
'DefenseType' => ['description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): a protection rule template.'."\n"
."\n"
.'- **resource**: a rule for a protected object.'."\n"
."\n"
.'- **global**: a global rule.', 'type' => 'string', 'example' => 'template', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Rule\\": {\\n \\"Status\\": 1,\\n \\"DefenseOrigin\\": \\"custom\\",\\n \\"Config\\": \\"{\\\\\\\\\\\\\\"status\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"policyId\\\\\\\\\\\\\\":1012,\\\\\\\\\\\\\\"action\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"block\\\\\\\\\\\\\\"}\\",\\n \\"RuleId\\": 2732975,\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665196746000,\\n \\"RuleName\\": \\"test1\\",\\n \\"TemplateId\\": 9114,\\n \\"Resource\\": \\"rencs***-waf\\",\\n \\"DefenseType\\": \\"template\\"\\n }\\n}","type":"json"}]',
'title' => 'DescribeDefenseRule',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRule'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeDefenseRuleStatistics' => [
'summary' => 'Queries statistics of rules under a specified WAF protection module.',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '248038',
'abilityTreeNodes' => ['FEATUREwafVZXFDE', 'FEATUREwafCU29M8', 'FEATUREwafWUANSU'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'default' => 'cn-hangzhou', 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template to query.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '239136', 'title' => ''],
],
[
'name' => 'PrimaryKey',
'in' => 'query',
'schema' => [
'description' => 'The primary query condition.',
'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'],
'type' => 'string',
'required' => true,
'enum' => ['action', 'scene', 'status', 'type', 'riskLevel', 'detectType'],
'example' => 'scene',
'title' => '',
],
],
[
'name' => 'SecondaryKey',
'in' => 'query',
'schema' => [
'description' => 'The secondary query condition. The value cannot be the same as the primary query condition.',
'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'type' => 'Rule type.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'],
'type' => 'string',
'enum' => ['action', 'scene', 'status', 'riskLevel', 'detectType'],
'required' => false,
'example' => 'action',
'title' => '',
],
],
[
'name' => 'ThirdKey',
'in' => 'query',
'schema' => [
'description' => 'The tertiary query condition. The value cannot be the same as the primary or secondary query condition.',
'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'],
'type' => 'string',
'enum' => ['action', 'scene', 'status', 'riskLevel', 'detectType'],
'required' => false,
'example' => 'status',
'title' => '',
],
],
[
'name' => 'FourthKey',
'in' => 'query',
'schema' => [
'description' => 'The quaternary query condition. The value cannot be the same as the primary, secondary, or tertiary query condition.',
'enumValueTitles' => ['riskLevel' => 'Risk level.', 'detectType' => 'Detection type.', 'action' => 'Rule action.', 'scene' => 'Protection scenario.', 'status' => 'Rule status.'],
'type' => 'string',
'enum' => ['action', 'scene', 'status', 'riskLevel', 'detectType'],
'required' => false,
'example' => 'riskLevel',
'title' => '',
],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'StatisticsInfos' => [
'description' => 'The statistics results.',
'type' => 'array',
'items' => [
'description' => 'The statistics results.',
'type' => 'object',
'properties' => [
'PrimaryValue' => ['description' => 'The value corresponding to the primary query condition.', 'type' => 'string', 'example' => 'sytem', 'title' => ''],
'SecondaryValue' => ['description' => 'The value corresponding to the secondary query condition.', 'type' => 'string', 'example' => 'block', 'title' => ''],
'ThirdValue' => ['description' => 'The value corresponding to the tertiary query condition.', 'type' => 'string', 'example' => '1', 'title' => ''],
'FourthValue' => ['description' => 'The value corresponding to the quaternary query condition.', 'type' => 'string', 'example' => 'action', 'title' => ''],
'Count' => ['description' => 'The number of rules that meet all the query conditions.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query protection rule statistics',
'requestParamsDescription' => '## Query condition details'."\n"
.'The protection scenarios (scene) supported by this query API are new bot management (**bot_manager**) and new web core protection (**waf_base**).'."\n"
.'### New bot management (**bot_manager**)'."\n"
.'The parameters supported for statistics at each query condition level are as follows.'."\n"
.'#### Parameter description'."\n"
.'|Name|Type|Description|'."\n"
.'| ------------ | ---------- | -----------|'."\n"
.'|scene|String|Counts rules by protection scenario.|'."\n"
.'|status|Integer|Counts rules by rule status.|'."\n"
.'|action|String|Counts rules by rule action.|'."\n"
."\n"
.'### New web core protection (**waf_base**)'."\n"
.'The parameters supported for statistics at each query condition level are as follows.'."\n"
.'#### Parameter description'."\n"
.'|Name|Type|Description|'."\n"
.'| ------------ | ---------- | -----------|'."\n"
.'|type|String|Counts rules by rule type.|'."\n"
.'|detectType|String|Counts rules by detection type.|'."\n"
.'|riskLevel|String|Counts rules by risk level.|'."\n"
.'|status|Integer|Counts rules by rule status.|'."\n"
.'|action|String|Counts rules by rule action.|'."\n"
."\n"
.'> '."\n"
.'>type can only be used as the primary query condition parameter. It counts the number of system protection rules (system) and custom regex rules (custom) separately.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseRuleStatistics',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"StatisticsInfos\\": [\\n {\\n \\"PrimaryValue\\": \\"sytem\\",\\n \\"SecondaryValue\\": \\"block\\",\\n \\"ThirdValue\\": \\"1\\",\\n \\"FourthValue\\": \\"action\\",\\n \\"Count\\": 27\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseRules' => [
'summary' => 'Queries a paginated list of protection rules.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106383',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **whitelist**: a whitelist rule'."\n"
."\n"
.'- **defense** (default): a protection rule'."\n"
."\n"
.'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'string', 'required' => false, 'example' => 'whitelist', 'title' => ''],
],
[
'name' => 'Query',
'in' => 'query',
'schema' => ['description' => 'The query conditions. Specify this parameter as a JSON string.'."\n"
."\n"
.'> The query results for protection rules vary based on the query conditions. For more information, see **Query parameter details**.', 'type' => 'string', 'required' => false, 'example' => '{\\"name\\":\\"IPblock_20220822_10\\",\\"scene\\":\\"custom_acl\\",\\"templateId\\":5327}', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'DefenseType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): template protection rules.'."\n"
."\n"
.'- **resource**: rules for protected objects.'."\n"
."\n"
.'- **global**: global rules.',
'enumValueTitles' => ['template' => 'template', 'resource' => 'resource', 'global' => 'global'],
'type' => 'string',
'default' => 'template',
'enum' => ['template', 'resource', 'global'],
'required' => false,
'example' => 'template',
'title' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of returned entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '80736FA5-FA87-55F6-AA69-C5477C6FE6D0', 'title' => ''],
'Rules' => [
'description' => 'The list of protection rules.',
'type' => 'array',
'items' => [
'description' => 'The protection rule.',
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The status of the protection rule. Valid values:'."\n"
."\n"
.'- **0**: disabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'DefenseOrigin' => ['description' => 'The source of the protection rule. Valid values:'."\n"
."\n"
.'- **custom**: The rule is created by the user.'."\n"
."\n"
.'- **system**: The rule is automatically generated by the system.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'Config' => ['description' => 'The details of the protection rule. The value is a JSON string. For more information, see the **description of the Rule parameter** in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'example' => '{\\"policyId\\":1012,\\"action\\":\\"block\\"}', 'title' => ''],
'RuleId' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '42755', 'title' => ''],
'DefenseScene' => ['description' => 'The protection scenario.'."\n"
."\n"
.'If the **DefenseType** request parameter is set to **template**, the valid values are:'."\n"
."\n"
.'- **waf\\_group**: regular expression rules for basic protection.'."\n"
."\n"
.'- **waf\\_base**: rules for the new web core protection feature.'."\n"
."\n"
.'- **waf\\_base\\_compliance**: protocol compliance rules for basic protection.'."\n"
."\n"
.'- **waf\\_base\\_sema**: semantic rules for basic protection.'."\n"
."\n"
.'- **cc**: HTTP flood protection.'."\n"
."\n"
.'- **antiscan\\_dirscan**: directory traversal blocking for scan protection.'."\n"
."\n"
.'- **antiscan\\_highfreq**: high-frequency scan blocking for scan protection.'."\n"
."\n"
.'- **antiscan\\_scantools**: scanner blocking for scan protection.'."\n"
."\n"
.'- **ip\\_blacklist**: IP address blacklist.'."\n"
."\n"
.'- **custom\\_acl**: custom rules.'."\n"
."\n"
.'- **region\\_block**: Geo-blocking.'."\n"
."\n"
.'- **tamperproof**: webpage tamper protection.'."\n"
."\n"
.'- **dlp**: data leakage prevention.'."\n"
."\n"
.'- **custom\\_response\\_block**: custom response.'."\n"
."\n"
.'- **spike\\_throttle**: peak traffic throttling.'."\n"
."\n"
.'If the **DefenseType** request parameter is set to **resource**, the valid values are:'."\n"
."\n"
.'- **account\\_identifier**: account fetch.'."\n"
."\n"
.'- **custom\\_response**: new custom response.'."\n"
."\n"
.'- **waf\\_codec**: decoding.'."\n"
."\n"
.'If the **DefenseType** request parameter is set to **global**, the valid values are:'."\n"
."\n"
.'- **regular\\_custom**: custom regular expression.'."\n"
."\n"
.'- **address\\_book**: address book.'."\n"
."\n"
.'- **custom\\_response**: new custom response.', 'type' => 'string', 'example' => 'waf_group', 'title' => ''],
'GmtModified' => ['description' => 'The time when the protection rule was last modified. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665460629000', 'title' => ''],
'RuleName' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'example' => 'rules_41', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '5673', 'title' => ''],
'GmtCreate' => ['description' => 'The time when the protection rule was created. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'deprecated' => false, 'example' => '1665460629000', 'title' => ''],
'Resource' => ['description' => 'The protected object to which the rule is applied.'."\n"
."\n"
.'> This parameter is returned only when the **DefenseType** request parameter is set to **resource**.', 'type' => 'string', 'example' => 'rencs***-waf', 'title' => ''],
'DefenseType' => ['description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): template protection rules.'."\n"
."\n"
.'- **resource**: rules for protected objects.'."\n"
."\n"
.'- **global**: global rules.', 'type' => 'string', 'example' => 'template', 'title' => ''],
'Description' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => 'rule description', 'title' => ''],
'RuleType' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => 'custom_cc', 'title' => ''],
'ActionExternal' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => '42755', 'title' => ''],
'DetailRuleIds' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => '42755', 'title' => ''],
'ExternalInfo' => ['description' => 'This parameter is deprecated.', 'type' => 'string', 'deprecated' => true, 'example' => '{\\"DetectType\\":\\"sqli\\"}', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 2,\\n \\"RequestId\\": \\"80736FA5-FA87-55F6-AA69-C5477C6FE6D0\\",\\n \\"Rules\\": [\\n {\\n \\"Status\\": 1,\\n \\"DefenseOrigin\\": \\"custom\\",\\n \\"Config\\": \\"{\\\\\\\\\\\\\\"policyId\\\\\\\\\\\\\\":1012,\\\\\\\\\\\\\\"action\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"block\\\\\\\\\\\\\\"}\\",\\n \\"RuleId\\": 42755,\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665460629000,\\n \\"RuleName\\": \\"rules_41\\",\\n \\"TemplateId\\": 5673,\\n \\"GmtCreate\\": 1665460629000,\\n \\"Resource\\": \\"rencs***-waf\\",\\n \\"DefenseType\\": \\"template\\",\\n \\"Description\\": \\"rule description\\",\\n \\"RuleType\\": \\"custom_cc\\",\\n \\"ActionExternal\\": \\"42755\\",\\n \\"DetailRuleIds\\": \\"42755\\",\\n \\"ExternalInfo\\": \\"{\\\\\\\\\\\\\\"DetectType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"sqli\\\\\\\\\\\\\\"}\\"\\n }\\n ]\\n}","type":"json"}]',
'title' => 'DescribeDefenseRules',
'requestParamsDescription' => '# Query parameter details'."\n"
."\n"
.'## Template protection rules (**template**)'."\n"
."\n"
.'If you set **DefenseType** to **template**, the following parameters are available.'."\n"
."\n"
.'#### Parameter descriptions'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ---------- | ------- | -------- | -------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| name | String | No | test | The name of the protection rule to query. You can set this parameter to perform a term query for a protection rule. |'."\n"
.'| nameId | String | No | test1 | The ID or name of the protection rule to query. You can set this parameter to perform a fuzzy query for a protection rule. |'."\n"
.'| nameLike | String | No | test.aliyundoc.c | The name of the protection rule to query. You can set this parameter to perform a fuzzy query for a protection rule. |'."\n"
.'| scene | String | No | waf_group | The protection scenario that you want to query. You can set this parameter to perform a term query for the protection rules in a specific scenario. Valid values:
\\- **waf_group**: regular expression rules for basic protection.
\\- **waf_base**: rules for the new web core protection feature.
\\- **waf_base_compliance**: protocol compliance rules for basic protection.
\\- **waf_base_sema**: semantic rules for basic protection.
\\- **cc**: HTTP flood protection.
\\- **antiscan_dirscan**: directory traversal blocking for scan protection.
\\- **antiscan_highfreq**: high-frequency scan blocking for scan protection.
\\- **antiscan_scantools**: scanner blocking for scan protection.
\\- **ip_blacklist**: IP address blacklist.
\\- **custom_acl**: custom rules.
\\- **region_block**: Geo-blocking.
\\- **tamperproof**: webpage tamper protection.
\\- **dlp**: data leakage prevention.
\\- **custom_response_block**: custom response. |'."\n"
.'| ruleId | Long | No | 33444 | The ID of the protection rule to query. You can set this parameter to perform a term query for a protection rule. |'."\n"
.'| ruleIdIn | Array | No | \\[3334455643,345555] | The range of protection rule IDs to query. You can set this parameter to query multiple protection rules. Separate multiple rule IDs with commas (,). |'."\n"
.'| templateId | Long | No | 24354 | The ID of the protection template to query. You can set this parameter to query the protection rules in a protection template. |'."\n"
.'| orderBy | String | No | name | The sorting method for protection rules. Valid values:
\\- **name**: sorts the rules by name.
\\- **gmtModified**: sorts the rules by modification time.
\\- **id**: sorts the rules by ID.
\\- **templateId**: sorts the rules by template ID. |'."\n"
.'| desc | Boolean | No | true | The sorting order. Valid values:
\\- **false**: ascending order.
\\- **true**: descending order. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "name": "test",'."\n"
.' "nameId ": "test1,'."\n"
.' "nameLike": "test.aliyundoc.c",'."\n"
.' "nameIn": "test.aliyundoc.c",'."\n"
.' "InstaneId": "test1.aliyundoc.com,test2.aliyundoc.com",'."\n"
.' "templateId": 24354'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'## Rules for protected objects (**resource**)'."\n"
."\n"
.'If you set **DefenseType** to **resource**, the following parameters are available.'."\n"
."\n"
.'#### Parameter descriptions'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| -------- | ------ | -------- | ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| resource | String | No | sec****-waf | The protected object to which the rule is applied. |'."\n"
.'| scene | String | No | waf_group | The protection scenario that you want to query. You can set this parameter to perform a term query for the protection rules in a specific scenario. Valid values:
\\- **account_identifier**: account fetch rules.
\\- **custom_response**: new custom response. |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "resource": "sec****-waf",'."\n"
.' "scene ": "account_identifier"'."\n"
.'}'."\n"
.'```'."\n"
."\n"
.'## Global rules (**global**)'."\n"
."\n"
.'If you set **DefenseType** to **global**, the following parameters are available.'."\n"
."\n"
.'#### Parameter descriptions'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ---------- | ------ | -------- | -------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| scene | String | No | regular_custom | The protection scenario that you want to query. You can set this parameter to perform a term query for the protection rules in a specific scenario. Valid values:
\\- **regular_custom**: custom regular expression rules.
\\- **custom_response**: new custom response. |'."\n"
.'| detectType | String | No | sqli | The detection module to query. Valid values:
\\- sqli: SQL injection.
\\- xss: cross-site scripting (XSS).
\\- cmdi: OS command injection.
\\- expression_injection: expression injection.
\\- java_deserialization: Java deserialization.
\\- dot_net_deserialization: .NET deserialization.
\\- php_deserialization: PHP deserialization.
\\- code_exec: code execution.
\\- ssrf: server-side request forgery (SSRF).
\\- path_traversal: path traversal.
\\- arbitrary_file_uploading: arbitrary file upload.
\\- webshell: webshell.
\\- rfilei: remote file inclusion (RFI).
\\- lfilei: local file inclusion (LFI).
\\- protocol_violation: protocol violation.
\\- scanner_behavior: scanner behavior.
\\- logic_flaw: business logic bug.
\\- arbitrary_file_reading: arbitrary file read.
\\- arbitrary_file_download: arbitrary file download.
\\- xxe: external entity injection.
\\- csrf: cross-site request forgery.
\\- crlf: CRLF.
\\- other: other. >This parameter is supported only when scene is set to **regular_custom**.> |'."\n"
.'| riskLevel | String | No | strict | The threat level to query. Valid values:
\\- **super_strict**: Super Strict.
\\- **strict**: Strict.
\\- **medium**: Medium.
\\- **loose**: Loose.> This parameter is supported only when scene is set to **regular_custom**.> |'."\n"
.'| templateId | Long | No | 24354 | The ID of the protection template to query. You can set this parameter to query the protection rules in a protection template.> This parameter is supported only when scene is set to **regular_custom**.> |'."\n"
."\n"
.'#### Example'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "detectType": "sqli",'."\n"
.' "riskLevel ": "strict",'."\n"
.' "templateId": 24354'."\n"
.'}'."\n"
.'```',
'changeSet' => [
['createdAt' => '2025-03-27T04:34:29.000Z', 'description' => 'Response parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRules'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeDefenseSceneConfig' => [
'summary' => 'Queries the protection configurations for a specific defense scenario.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '255326',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm005', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The defense scenario whose configuration you want to query. For more information, see the **DefenseScene** parameter in [ModifyDefenseSceneConfig](~~2968435~~).', 'type' => 'string', 'required' => true, 'example' => 'apisec', 'title' => ''],
],
[
'name' => 'ConfigKey',
'in' => 'query',
'schema' => ['description' => 'The name of the configuration item that you want to query. For more information, see the **ConfigKey** parameter in [ModifyDefenseSceneConfig](~~2968435~~).', 'type' => 'string', 'required' => true, 'example' => 'autoEnableStatus', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'ConfigValue' => ['description' => 'The value of the configuration item. For more information, see the **ConfigValue** parameter in [ModifyDefenseSceneConfig](~~2968435~~).', 'type' => 'string', 'example' => 'true', 'title' => ''],
],
'description' => 'The returned data.',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseSceneConfig',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseSceneConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"ConfigValue\\": \\"true\\"\\n}","type":"json"}]',
],
'DescribeDefenseTemplate' => [
'summary' => 'Retrieves the details of a specific protection template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106373',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template that you want to query.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1333', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The data returned.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Template' => [
'description' => 'The details of the protection template.',
'type' => 'object',
'properties' => [
'Description' => ['description' => 'The description of the protection template.', 'type' => 'string', 'example' => 'test', 'title' => ''],
'TemplateOrigin' => ['description' => 'The origin of the protection template. A value of **custom** indicates that the template is user-defined.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'DefenseSubScene' => ['description' => 'The sub-scenario of the protection template. Valid values:'."\n"
."\n"
.'- **web**: the bot management template for website protection.'."\n"
."\n"
.'- **app**: the bot management template for app protection.'."\n"
."\n"
.'- **basic**: the basic bot management template.'."\n"
."\n"
.'- **bot\\_custom\\_acl**: the bot management template for custom protection rules.', 'type' => 'string', 'example' => 'app', 'title' => ''],
'DefenseScene' => ['description' => 'The scenario in which the protection template is used. For more information, see the description of the **DefenseScene** parameter in the [CreateDefenseRule](~~CreateDefenseRule~~) operation.', 'type' => 'string', 'example' => 'waf_group', 'title' => ''],
'GmtModified' => ['description' => 'The most recent time the protection template was modified. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665283642000', 'title' => ''],
'TemplateName' => ['description' => 'The name of the protection template.', 'type' => 'string', 'example' => 'test0621', 'title' => ''],
'TemplateType' => ['description' => 'The type of the protection template. Valid values:'."\n"
."\n"
.'- **user\\_default**: the default template.'."\n"
."\n"
.'- **user\\_custom**: a custom template.', 'type' => 'string', 'example' => 'user_default', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '10097', 'title' => ''],
'TemplateStatus' => ['description' => 'The status of the protection template. Valid values:'."\n"
."\n"
.'- **0**: disabled.'."\n"
."\n"
.'- **1**: enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Template\\": {\\n \\"Description\\": \\"test\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"DefenseSubScene\\": \\"app\\",\\n \\"DefenseScene\\": \\"waf_group\\",\\n \\"GmtModified\\": 1665283642000,\\n \\"TemplateName\\": \\"test0621\\",\\n \\"TemplateType\\": \\"user_default\\",\\n \\"TemplateId\\": 10097,\\n \\"TemplateStatus\\": 1\\n }\\n}","type":"json"}]',
'title' => 'DescribeDefenseTemplate',
'changeSet' => [
['createdAt' => '2023-07-26T09:08:01.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplate'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeDefenseTemplateValidGroups' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy****pf0e', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group. Use this parameter to filter results by group name.', 'type' => 'string', 'required' => false, 'example' => 'group221', 'title' => ''],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The protection scenario. For more information, see the valid values for the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~) when **DefenseType** is set to **template**.', 'type' => 'string', 'required' => true, 'example' => 'region_block', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '12345', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2th****v6ay', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '27', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6EA4B39A-9C0C-5E57-993E-30B6****3AD0', 'title' => ''],
'Groups' => [
'description' => 'A list of protected object group names.',
'type' => 'array',
'items' => ['description' => 'The name of the protected object group.', 'type' => 'string', 'example' => 'group_example', 'title' => ''],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseTemplateValidGroups',
'summary' => 'Queries the names of protected object groups that can be associated with a specific protection template.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplateValidGroups'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplateValidGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 27,\\n \\"RequestId\\": \\"6EA4B39A-9C0C-5E57-993E-30B6****3AD0\\",\\n \\"Groups\\": [\\n \\"group_example\\"\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseTemplateValidResources' => [
'summary' => 'Queries a paginated list of protected objects that are valid for a specified protection template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106347',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-27a3jyw0v04', 'title' => ''],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The protection scenario of the protection template. For more information, see the valid values for the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~) when **DefenseType** is set to **template**.', 'type' => 'string', 'required' => true, 'example' => 'whitelist', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object that you want to query. You can specify this parameter to filter the results.', 'type' => 'string', 'required' => false, 'example' => 'mgw.realperson.antdigital.com', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '2', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.'."\n"
."\n"
.'> If you do not specify this parameter, the protected objects that can be associated with a new protection template for the specified protection scenario (**DefenseScene**) are returned.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '21202', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2thcppfv6ay', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of protected objects that match the query criteria.', 'type' => 'integer', 'format' => 'int64', 'example' => '34', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C54DD36B-6380-57E5-89BA-2642757C4DB8', 'title' => ''],
'Resources' => [
'type' => 'array',
'items' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'showerroom.taikooliqiantan.com-waf', 'title' => ''],
'description' => 'The names of the protected objects that are valid for the protection template.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeDefenseTemplateValidResources',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplateValidResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 34,\\n \\"RequestId\\": \\"C54DD36B-6380-57E5-89BA-2642757C4DB8\\",\\n \\"Resources\\": [\\n \\"showerroom.taikooliqiantan.com-waf\\"\\n ]\\n}","type":"json"}]',
],
'DescribeDefenseTemplates' => [
'summary' => 'Retrieves a paginated list of protection templates.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106374',
'abilityTreeNodes' => ['FEATUREwaf1LM6V0'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'TemplateIds',
'in' => 'query',
'schema' => ['description' => 'The IDs of the protection templates that you want to query. You can specify this parameter to query the protected objects for which multiple protection templates take effect. Separate multiple template IDs with commas (,).', 'type' => 'string', 'required' => false, 'example' => '189731,189539,189538,189531,189540,189542,189541', 'title' => ''],
],
[
'name' => 'TemplateName',
'in' => 'query',
'schema' => ['description' => 'The name of the protection template to query.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-pe33b****03', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '39395', 'title' => ''],
],
[
'name' => 'TemplateType',
'in' => 'query',
'schema' => ['description' => 'The type of the protection template that you want to create. Valid values:'."\n"
."\n"
.'- **user\\_default**: default protection template.'."\n"
."\n"
.'- **user\\_custom**: custom protection template.', 'type' => 'string', 'required' => false, 'example' => 'user_default', 'title' => ''],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The protection scenario. For more information, see the description of the **DefenseScene** parameter in the [CreateDefenseRule](~~461421~~) topic.', 'type' => 'string', 'required' => false, 'example' => 'region_block', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object or protected object group, or the ID of the protected asset.'."\n"
."\n"
.'> You must specify the Resource and ResourceType parameters to filter query results.', 'type' => 'string', 'required' => false, 'example' => 'ruiqiu.cc-ecs', 'title' => ''],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protected resource. Valid values:'."\n"
."\n"
.'- **single** (default): a protected object.'."\n"
."\n"
.'- **group**: a protected object group.'."\n"
."\n"
.'- **asset**: a protected asset.'."\n"
."\n"
.'> You must specify the Resource and ResourceType parameters to filter query results.',
'type' => 'string',
'enum' => ['single', 'group', 'asset'],
'required' => false,
'example' => 'single',
'title' => '',
],
],
[
'name' => 'DefenseSubScene',
'in' => 'query',
'schema' => ['description' => 'The sub-scenario of the protection template. Valid values:'."\n"
."\n"
.'- **web**: the web protection template for bot management.'."\n"
."\n"
.'- **app**: the app protection template for bot management.'."\n"
."\n"
.'- **basic**: the basic protection template for bot management.'."\n"
."\n"
.'- **bot\\_custom\\_acl**: the advanced custom protection rule template for bot management.', 'type' => 'string', 'required' => false, 'example' => 'basic', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **20**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmvyknl****fa', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '4F26D2F1-E288-5104-8518-05E240E337A4', 'title' => ''],
'TotalCount' => ['description' => 'The total number of protection templates returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''],
'Templates' => [
'description' => 'An array of protection templates.',
'type' => 'array',
'items' => [
'description' => 'A protection template.',
'type' => 'object',
'properties' => [
'DefenseScene' => ['description' => 'The protection scenario. Valid values:'."\n"
."\n"
.'- **waf\\_group**: Basic Protection.'."\n"
."\n"
.'- **antiscan**: Scan Protection.'."\n"
."\n"
.'- **ip\\_blacklist**: IP Blocklist.'."\n"
."\n"
.'- **custom\\_acl**: Custom Rule.'."\n"
."\n"
.'- **whitelist**: Allowlist.'."\n"
."\n"
.'- **region\\_block**: Geographic Blocking.'."\n"
."\n"
.'- **custom\\_response**: Custom Response.'."\n"
."\n"
.'- **cc**: HTTP Flood Protection.'."\n"
."\n"
.'- **tamperproof**: Webpage Tamper Protection.'."\n"
."\n"
.'- **dlp**: Data Loss Prevention.'."\n"
."\n"
.'- **bot\\_manager**: Bot Management.', 'type' => 'string', 'example' => 'whitelist', 'title' => ''],
'GmtModified' => ['description' => 'The last modification time of the protection template. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683776070000', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '56477', 'title' => ''],
'TemplateName' => ['description' => 'The name of the protection template.', 'type' => 'string', 'example' => 'template-blockarea1', 'title' => ''],
'TemplateOrigin' => ['description' => 'The origin of the protection template to be created. The value is custom, which indicates a user-defined template.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
'TemplateStatus' => ['description' => 'The status of the protection template. Valid values:'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'TemplateType' => ['description' => 'The type of the protection template. Valid values:'."\n"
."\n"
.'- **user\\_default**: The user\'s default protection template.'."\n"
."\n"
.'- **user\\_custom**: A custom protection template defined by the user.', 'type' => 'string', 'example' => 'user_custom', 'title' => ''],
'DefenseSubScene' => ['description' => 'The sub-scenario for the Bot Management template. This parameter is returned only when `DefenseScene` is set to `bot_manager`. Valid values:'."\n"
."\n"
.'- **web**: web protection'."\n"
."\n"
.'- **app**: app protection'."\n"
."\n"
.'- **basic**: basic protection'."\n"
."\n"
.'- **bot\\_custom\\_acl**: The protection template for advanced Custom Rules in Bot Management.', 'type' => 'string', 'example' => 'basic', 'title' => ''],
'Description' => ['description' => 'The description of the template.', 'type' => 'string', 'example' => 'testTemplate', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4F26D2F1-E288-5104-8518-05E240E337A4\\",\\n \\"TotalCount\\": 100,\\n \\"Templates\\": [\\n {\\n \\"DefenseScene\\": \\"whitelist\\",\\n \\"GmtModified\\": 1683776070000,\\n \\"TemplateId\\": 56477,\\n \\"TemplateName\\": \\"template-blockarea1\\",\\n \\"TemplateOrigin\\": \\"custom\\",\\n \\"TemplateStatus\\": 1,\\n \\"TemplateType\\": \\"user_custom\\",\\n \\"DefenseSubScene\\": \\"basic\\",\\n \\"Description\\": \\"testTemplate\\"\\n }\\n ]\\n}","type":"json"}]',
'title' => 'DescribeDefenseTemplates',
'changeSet' => [
['createdAt' => '2025-01-03T06:43:17.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-12-30T06:37:21.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplates'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplates',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeDomainDNSRecord' => [
'summary' => 'Queries whether the DNS settings of a domain name are correct.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '179230',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy****is02', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name to query.', 'type' => 'string', 'required' => true, 'example' => 'xxx.aliyundoc.com', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4C****', 'title' => ''],
'DNSStatus' => ['description' => 'The DNS status. Valid values:'."\n"
."\n"
.'- **cnameMatched**: Normal.'."\n"
."\n"
.'- **vipMatched**: A record.'."\n"
."\n"
.'- **wafVip**: The VIP of another WAF is used.'."\n"
."\n"
.'- **unRecord**: No DNS resolution is configured.'."\n"
."\n"
.'- **unUsed**: Traffic does not pass through WAF.'."\n"
."\n"
.'- **checkTimeout**: The detection timed out.', 'type' => 'string', 'example' => 'cnameMatched', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query CNAME DNS resolution status',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDNSRecord'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDomainDNSRecord',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4C****\\",\\n \\"DNSStatus\\": \\"cnameMatched\\"\\n}","type":"json"}]',
],
'DescribeDomainDetail' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '113957',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'DomainId',
'in' => 'query',
'schema' => ['description' => 'The domain name ID.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The domain name to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com'],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The CNAME details.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BAEF9CA9-66A0-533E-BD09-5D5D7AA8****', 'title' => ''],
'Domain' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com'],
'DomainId' => ['title' => '', 'description' => 'The domain name ID.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf'],
'Status' => ['title' => '', 'description' => 'The status of the domain name. Valid values:'."\n"
."\n"
.'- **1**: The domain name is in a normal state.'."\n"
."\n"
.'- **2**: The domain name is being created.'."\n"
."\n"
.'- **3**: The domain name is being modified.'."\n"
."\n"
.'- **4**: The domain name is being released.'."\n"
."\n"
.'- **5**: The domain name has stopped forwarding traffic.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'],
'Cname' => ['description' => 'The CNAME assigned by WAF to the domain name.', 'type' => 'string', 'example' => 'xxxxxcvdaf.****.com', 'title' => ''],
'Listen' => [
'title' => '',
'description' => 'The listener configuration.',
'type' => 'object',
'properties' => [
'HttpPorts' => [
'title' => '',
'description' => 'The listening ports for the HTTP protocol.',
'type' => 'array',
'items' => ['description' => 'The listening ports for the HTTP protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''],
'example' => '',
],
'HttpsPorts' => [
'title' => '',
'description' => 'The listening ports for the HTTPS protocol.',
'type' => 'array',
'items' => ['description' => 'The listening ports for the HTTPS protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '443'."\n", 'title' => ''],
'example' => '',
],
'Http2Enabled' => ['title' => '', 'description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled.'."\n"
."\n"
.'- **false**: HTTP/2 is not enabled.', 'type' => 'boolean', 'example' => 'true'],
'CertId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '123', 'title' => ''],
'TLSVersion' => ['title' => '', 'description' => 'The TLS version. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1.2'],
'EnableTLSv3' => ['title' => '', 'description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true'],
'CipherSuite' => ['description' => 'The type of the cipher suite. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites are added.'."\n"
."\n"
.'- **2**: strong cipher suites are added.'."\n"
."\n"
.'- **99**: custom cipher suites are added.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''],
'CustomCiphers' => [
'description' => 'The custom cipher suites.',
'type' => 'array',
'items' => ['description' => 'The custom cipher suites.', 'type' => 'string', 'example' => 'xxx', 'title' => ''],
'title' => '',
'example' => '',
],
'FocusHttps' => ['description' => 'Indicates whether HTTPS forced redirect is enabled. Valid values:'."\n"
."\n"
.'- **true**: HTTPS forced redirect is enabled.'."\n"
."\n"
.'- **false**: HTTPS forced redirect is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'SM2Enabled' => ['description' => 'Indicates whether the China Encryption Standard (SM) certificate is enabled. Valid values:'."\n"
."\n"
.'- **true**: The SM certificate is enabled.'."\n"
."\n"
.'- **false**: The SM certificate is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'SM2CertId' => ['description' => 'The ID of the SM certificate to add. This parameter is used only when SM2Enable is set to true.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'SM2AccessOnly' => ['description' => 'Indicates whether only SM-compliant clients can access the domain name. This parameter is used only when SM2Enable is set to true.'."\n"
."\n"
.'- true: Only SM-compliant clients can access the domain name.'."\n"
."\n"
.'- false: Both SM-compliant and non-SM-compliant clients can access the domain name.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n"
."\n"
.'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n"
."\n"
.'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n"
."\n"
.'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int64', 'example' => '2', 'title' => ''],
'XffHeaders' => [
'description' => 'The list of custom header fields used to obtain the client IP address.',
'type' => 'array',
'items' => ['description' => 'The list of custom header fields used to obtain the client IP address.', 'type' => 'string', 'example' => 'Client-ip', 'title' => ''],
'title' => '',
'example' => '',
],
'IPv6Enabled' => ['title' => '', 'description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n"
."\n"
.'- **true**: IPv6 is enabled.'."\n"
."\n"
.'- **false**: IPv6 is not enabled.', 'type' => 'boolean', 'example' => 'true'],
'ProtectionResource' => ['title' => '', 'description' => 'The type of protection resource to use. Valid values:'."\n"
."\n"
.'- **share**: shared cluster.'."\n"
."\n"
.'- **gslb**: shared cluster with intelligent load balancing.', 'type' => 'string', 'example' => 'share'],
'ExclusiveIp' => ['title' => '', 'description' => 'Indicates whether an exclusive IP address is enabled. Valid values:'."\n"
."\n"
.'- **true**: An exclusive IP address is enabled.'."\n"
."\n"
.'- **false**: An exclusive IP address is not enabled.', 'type' => 'boolean', 'example' => 'true'],
'HstsIncludeSubDomain' => ['description' => 'Indicates whether HSTS includes subdomains. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Not enabled.', 'type' => 'boolean', 'title' => '', 'example' => ''],
'HstsPreload' => ['description' => 'Indicates whether HSTS preloading is enabled. This feature is disabled by default. Valid values:'."\n"
.'- true: Enabled.'."\n"
.'- false: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''],
'HstsMaxAge' => ['description' => 'The HSTS expiration time. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '365000', 'title' => ''],
],
'example' => '',
],
'Redirect' => [
'title' => '',
'description' => 'The forwarding configuration.',
'type' => 'object',
'properties' => [
'Backends' => [
'description' => 'The back-to-origin addresses of the domain name.'."\n"
."\n"
.'> This parameter will be deprecated. Use **BackendList** instead.',
'type' => 'array',
'items' => [
'description' => 'The IP address or domain name of the origin server.',
'type' => 'object',
'properties' => [
'Backend' => ['description' => 'The IP address or domain name of the origin server for the domain name.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''],
],
'title' => '',
'example' => '',
],
'deprecated' => true,
'title' => '',
'example' => '',
],
'Loadbalance' => ['title' => '', 'description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n"
."\n"
.'- **iphash**: IP hash algorithm.'."\n"
."\n"
.'- **roundRobin**: round-robin algorithm.'."\n"
."\n"
.'- **leastTime**: least-time back-to-origin algorithm.', 'type' => 'string', 'example' => 'iphash'],
'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. Valid values:'."\n"
."\n"
.'- **true**: Forced HTTP back-to-origin is enabled.'."\n"
."\n"
.'- **false**: Forced HTTP back-to-origin is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'SniEnabled' => ['title' => '', 'description' => 'Indicates whether back-to-origin SNI is enabled. Valid values:'."\n"
."\n"
.'- **true**: Back-to-origin SNI is enabled.'."\n"
."\n"
.'- **false** (default): Back-to-origin SNI is not enabled.', 'type' => 'boolean', 'example' => 'true'],
'SniHost' => ['description' => 'The value of the custom SNI extension field.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'RequestHeaders' => [
'description' => 'The traffic tag fields and values of the domain name, which are used to mark traffic processed by WAF.',
'type' => 'array',
'items' => [
'description' => 'The traffic tag fields and values of the domain name, which are used to mark traffic processed by WAF.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'example' => 'aaa', 'title' => ''],
'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'example' => 'bbb', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds.'."\n"
.'Valid values: 5 to 120.', 'type' => 'integer', 'format' => 'int32', 'example' => '120', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n"
.'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int32', 'example' => '200', 'title' => ''],
'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n"
.'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int32', 'example' => '200', 'title' => ''],
'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n"
."\n"
.'- **true** (default): Persistent connections are enabled.'."\n"
."\n"
.'- **false**: Persistent connections are not enabled.', 'type' => 'boolean', 'default' => 'true', 'example' => 'true', 'title' => ''],
'Retry' => ['description' => 'Indicates whether WAF retries when back-to-origin fails. Valid values:'."\n"
."\n"
.'- **true** (default): WAF retries.'."\n"
."\n"
.'- **false**: WAF does not retry.', 'type' => 'boolean', 'default' => 'true', 'example' => 'true', 'title' => ''],
'KeepaliveRequests' => ['description' => 'The number of requests that can reuse a persistent connection. Valid values: 60 to 1000.'."\n"
."\n"
.'> After persistent connections are enabled, this parameter specifies how many persistent connections can be reused.', 'type' => 'integer', 'format' => 'int32', 'default' => '100', 'example' => '1000', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n"
."\n"
.'> Specifies how long an idle persistent connection can remain open before it is released.', 'type' => 'integer', 'format' => 'int32', 'default' => '15', 'example' => '15', 'title' => ''],
'XffProto' => ['description' => 'Indicates whether the X-Forward-For-Proto header is used to pass the protocol used by WAF. Valid values:'."\n"
."\n"
.'- **true** (default): The protocol used by WAF is passed.'."\n"
."\n"
.'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'BackupBackends' => [
'description' => 'The secondary back-to-origin addresses of the domain name.'."\n"
."\n"
.'> This parameter will be deprecated. Use **BackUpBackendList** instead.',
'type' => 'array',
'items' => [
'description' => 'The IP address or domain name of the origin server.',
'type' => 'object',
'properties' => [
'Backend' => ['description' => 'The IP address or domain name of the secondary origin server for the domain name.', 'type' => 'string', 'example' => '['."\n"
.' "1.1.XX.XX",'."\n"
.' "2.2.XX.XX"'."\n"
.']'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
'deprecated' => true,
'title' => '',
'example' => '',
],
'XClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-Client-IP header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''],
'XTrueIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-True-IP header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''],
'WebServerType' => ['description' => 'Indicates whether WAF is allowed to overwrite the Web-Server-Type header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''],
'WLProxyClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the WL-Proxy-Client-IP header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'default' => 'false', 'example' => 'true', 'title' => ''],
'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.'."\n"
.'> Only Ultimate Edition supports this feature.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2'],
'Http2Origin' => ['title' => '', 'description' => 'The HTTP/2 back-to-origin setting.', 'type' => 'boolean', 'example' => 'true'],
'Http2OriginMaxConcurrency' => ['title' => '', 'description' => 'The maximum number of concurrent connections for HTTP/2 back-to-origin.', 'type' => 'integer', 'format' => 'int32', 'example' => '128'],
'ProxyProtocol' => ['description' => 'Indicates whether the client source IP preservation feature is enabled.'."\n"
.'- **true**: The client source IP preservation feature is enabled. After this feature is enabled, the backend service can view the originating IP address of the client.'."\n"
.'- **false**: The client source IP preservation feature is not enabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''],
'BackendList' => [
'description' => 'The list of origin server IP addresses or back-to-origin domain names for the domain name.',
'type' => 'array',
'items' => ['description' => 'The IP address or domain name of the origin server for the domain name.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''],
'title' => '',
'example' => '',
],
'BackUpBackendList' => [
'description' => 'The list of secondary origin server IP addresses or back-to-origin domain names for the domain name.',
'type' => 'array',
'items' => ['description' => 'The IP address or domain name of the secondary origin server for the domain name.', 'type' => 'string', 'example' => '2.2.XX.XX', 'title' => ''],
'title' => '',
'example' => '',
],
'BackendPorts' => [
'description' => 'The custom port configuration. By default, this is the same as the listening port.',
'type' => 'array',
'items' => [
'description' => 'The custom port configuration. By default, this is the same as the listening port.',
'type' => 'object',
'properties' => [
'ListenPort' => ['description' => 'The listening port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'BackendPort' => ['description' => 'The back-to-origin port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'Protocol' => ['description' => 'The protocol type of the listening port. Valid values:'."\n"
.'- **http**: HTTP protocol.'."\n"
.'- **https**: HTTPS protocol.', 'type' => 'string', 'example' => 'http', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
'ResourceManagerResourceGroupId' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => ''],
'CertDetail' => [
'description' => 'The SSL certificate details.',
'type' => 'object',
'properties' => [
'Name' => ['description' => 'The certificate name.', 'type' => 'string', 'example' => 'test-cert-name', 'title' => ''],
'Id' => ['description' => 'The SSL certificate ID.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'StartTime' => ['description' => 'The effective period of the certificate. The value is in the format of a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1677772800000', 'title' => ''],
'EndTime' => ['description' => 'The time when the certificate expires. The value is a UNIX timestamp in UTC. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1685590400000', 'title' => ''],
'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'test.aliyundoc.com', 'title' => ''],
'Sans' => [
'description' => 'All domain names bound to the certificate.',
'type' => 'array',
'items' => ['description' => 'All domain names bound to the certificate.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'SM2CertDetail' => [
'description' => 'The SM certificate information.',
'type' => 'object',
'properties' => [
'Name' => ['description' => 'The certificate name.', 'type' => 'string', 'example' => 'test-sm2-cert-name', 'title' => ''],
'Id' => ['description' => 'The SSL certificate ID.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'StartTime' => ['description' => 'The effective period of the certificate. The value is in the format of a UNIX timestamp (UTC). Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1657551525000', 'title' => ''],
'EndTime' => ['description' => 'The time when the certificate expires. The value is a UNIX timestamp in UTC. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665590400000', 'title' => ''],
'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'test.aliyundoc.com'."\n", 'title' => ''],
'Sans' => [
'description' => 'All domain names bound to the certificate.',
'type' => 'array',
'items' => ['description' => 'All domain names bound to the certificate.', 'type' => 'string', 'example' => 'www.aliyundoc.com'."\n", 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'],
['errorCode' => 'Waf.Pullin.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match.'],
['errorCode' => 'Waf.Pullin.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'],
],
],
'title' => 'Query CNAME access details',
'summary' => 'Queries the Website Config details.',
'changeSet' => [
['createdAt' => '2024-11-28T15:04:53.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2024-06-06T09:49:31.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2024-01-30T12:16:58.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2023-04-27T06:05:43.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2023-04-18T11:16:21.000Z', 'description' => 'Response parameters changed, Response parameters changed'],
['createdAt' => '2022-11-28T08:16:57.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDetail'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDomainDetail',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}-waf'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BAEF9CA9-66A0-533E-BD09-5D5D7AA8****\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\",\\n \\"Status\\": 1,\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"Listen\\": {\\n \\"HttpPorts\\": [\\n 80\\n ],\\n \\"HttpsPorts\\": [\\n 443\\n ],\\n \\"Http2Enabled\\": true,\\n \\"CertId\\": \\"123\\",\\n \\"TLSVersion\\": \\"tlsv1.2\\",\\n \\"EnableTLSv3\\": true,\\n \\"CipherSuite\\": 2,\\n \\"CustomCiphers\\": [\\n \\"xxx\\"\\n ],\\n \\"FocusHttps\\": true,\\n \\"SM2Enabled\\": true,\\n \\"SM2CertId\\": \\"123-cn-hangzhou\\",\\n \\"SM2AccessOnly\\": true,\\n \\"XffHeaderMode\\": 2,\\n \\"XffHeaders\\": [\\n \\"Client-ip\\"\\n ],\\n \\"IPv6Enabled\\": true,\\n \\"ProtectionResource\\": \\"share\\",\\n \\"ExclusiveIp\\": true,\\n \\"HstsIncludeSubDomain\\": false,\\n \\"HstsPreload\\": false,\\n \\"HstsMaxAge\\": 365000\\n },\\n \\"Redirect\\": {\\n \\"Backends\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ],\\n \\"Loadbalance\\": \\"iphash\\",\\n \\"FocusHttpBackend\\": true,\\n \\"SniEnabled\\": true,\\n \\"SniHost\\": \\"www.aliyundoc.com\\",\\n \\"RequestHeaders\\": [\\n {\\n \\"Key\\": \\"aaa\\",\\n \\"Value\\": \\"bbb\\"\\n }\\n ],\\n \\"ConnectTimeout\\": 120,\\n \\"WriteTimeout\\": 200,\\n \\"ReadTimeout\\": 200,\\n \\"Keepalive\\": true,\\n \\"Retry\\": true,\\n \\"KeepaliveRequests\\": 1000,\\n \\"KeepaliveTimeout\\": 15,\\n \\"XffProto\\": true,\\n \\"BackupBackends\\": [\\n {\\n \\"Backend\\": \\"[\\\\n \\\\\\"1.1.XX.XX\\\\\\",\\\\n \\\\\\"2.2.XX.XX\\\\\\"\\\\n]\\\\n\\"\\n }\\n ],\\n \\"XClientIp\\": true,\\n \\"XTrueIp\\": true,\\n \\"WebServerType\\": true,\\n \\"WLProxyClientIp\\": true,\\n \\"MaxBodySize\\": 2,\\n \\"Http2Origin\\": true,\\n \\"Http2OriginMaxConcurrency\\": 128,\\n \\"ProxyProtocol\\": false,\\n \\"BackendList\\": [\\n \\"1.1.XX.XX\\"\\n ],\\n \\"BackUpBackendList\\": [\\n \\"2.2.XX.XX\\"\\n ],\\n \\"BackendPorts\\": [\\n {\\n \\"ListenPort\\": 80,\\n \\"BackendPort\\": 80,\\n \\"Protocol\\": \\"http\\"\\n }\\n ]\\n },\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfm***q\\",\\n \\"CertDetail\\": {\\n \\"Name\\": \\"test-cert-name\\",\\n \\"Id\\": \\"123-cn-hangzhou\\",\\n \\"StartTime\\": 1677772800000,\\n \\"EndTime\\": 1685590400000,\\n \\"CommonName\\": \\"test.aliyundoc.com\\",\\n \\"Sans\\": [\\n \\"www.aliyundoc.com\\"\\n ]\\n },\\n \\"SM2CertDetail\\": {\\n \\"Name\\": \\"test-sm2-cert-name\\",\\n \\"Id\\": \\"123-cn-hangzhou\\",\\n \\"StartTime\\": 1657551525000,\\n \\"EndTime\\": 1665590400000,\\n \\"CommonName\\": \\"test.aliyundoc.com\\\\n\\",\\n \\"Sans\\": [\\n \\"www.aliyundoc.com\\\\n\\"\\n ]\\n }\\n}","type":"json"}]',
],
'DescribeDomainUsedPorts' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '217316',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-*-A47C-*', 'title' => ''],
'UsedPorts' => [
'description' => 'The list of used ports.',
'type' => 'array',
'items' => ['description' => 'The used port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query all ports used by user domain names',
'summary' => 'Queries all ports used by domain names of the current user. Only domain names with CNAME access and hybrid cloud CNAME domain names with public network disaster recovery enabled are included.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDomainUsedPorts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-*-A47C-*\\",\\n \\"UsedPorts\\": [\\n 80\\n ]\\n}","type":"json"}]',
],
'DescribeDomains' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '112189',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to view the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name added to WAF.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'www.aliyundoc.com'],
],
[
'name' => 'Backend',
'in' => 'query',
'schema' => ['description' => 'The IP address of the origin server or the back-to-origin domain name. You can specify only one of these options.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => '1.1.XX.XX'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: 1.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: 10.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'DomainId',
'in' => 'query',
'schema' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'Tag',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The tags of the resource. A maximum of 20 tags are supported.',
'type' => 'array',
'items' => [
'description' => 'The tags of the resource.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'TagKey1', 'title' => ''],
'Value' => ['description' => 'The tag value.', 'type' => 'string', 'required' => false, 'example' => 'TagValue1', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 21,
'title' => '',
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The list of added domain names.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'ABF68BB3-2C48-5FA4-9750-D5FE55700E36', 'title' => ''],
'TotalCount' => ['description' => 'The total number of domain name configurations returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '146', 'title' => ''],
'Domains' => [
'description' => 'The list of domain names.',
'type' => 'array',
'items' => [
'description' => 'The CNAME connection details.',
'type' => 'object',
'properties' => [
'Domain' => ['description' => 'The domain name that is added to WAF.', 'type' => 'string', 'title' => '', 'example' => 'www.aliyundoc.com'],
'Status' => ['description' => 'The status of the domain name. Valid values:'."\n"
."\n"
.'- **1**: The domain name is in a normal state.'."\n"
."\n"
.'- **2**: The domain name is being created.'."\n"
."\n"
.'- **3**: The domain name is being modified.'."\n"
."\n"
.'- **4**: The domain name is being released.'."\n"
."\n"
.'- **5**: Forwarding is disabled for the domain name.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '1'],
'Cname' => ['title' => '', 'description' => 'The canonical name (CNAME) that is assigned to the domain name by WAF.', 'type' => 'string', 'example' => 'xxxxxcvdaf.****.com'],
'ListenPorts' => [
'description' => 'The listener configuration.',
'type' => 'object',
'properties' => [
'Http' => [
'description' => 'The list of listening ports for the HTTP protocol.',
'type' => 'array',
'items' => ['description' => 'The listening port for the HTTP protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''],
'title' => '',
'example' => '',
],
'Https' => [
'description' => 'The list of listening ports for the HTTPS protocol.',
'type' => 'array',
'items' => ['description' => 'The listening port for the HTTPS protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '443', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'Backeds' => [
'description' => 'The back-to-origin configuration.',
'type' => 'object',
'properties' => [
'Http' => [
'description' => 'The list of origin addresses for the HTTP protocol.',
'type' => 'array',
'items' => [
'description' => 'The origin address for the HTTP protocol.',
'type' => 'object',
'properties' => [
'Backend' => ['description' => 'The origin address for the HTTP protocol.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'Https' => [
'description' => 'The list of origin addresses for the HTTPS protocol.',
'type' => 'array',
'items' => [
'description' => 'The origin address for the HTTPS protocol.',
'type' => 'object',
'properties' => [
'Backend' => ['description' => 'The origin address for the HTTPS protocol.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfmvtc5z52****', 'title' => ''],
'DomainId' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'],
['errorCode' => 'Waf.Pullin.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match.'],
['errorCode' => 'Waf.Pullin.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'],
],
],
'title' => 'DescribeDomains',
'summary' => 'Queries the domain names that are added to Web Application Firewall (WAF).',
'changeSet' => [
['createdAt' => '2023-04-18T02:11:02.000Z', 'description' => 'Request parameters changed, Response parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomains'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDomains',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
'additionalActions' => [
['action' => 'yundun-waf:DescribeDomains', 'validationType' => 'conditional'],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"ABF68BB3-2C48-5FA4-9750-D5FE55700E36\\",\\n \\"TotalCount\\": 146,\\n \\"Domains\\": [\\n {\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Status\\": 1,\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"ListenPorts\\": {\\n \\"Http\\": [\\n 80\\n ],\\n \\"Https\\": [\\n 443\\n ]\\n },\\n \\"Backeds\\": {\\n \\"Http\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ],\\n \\"Https\\": [\\n {\\n \\"Backend\\": \\"1.1.XX.XX\\"\\n }\\n ]\\n },\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmvtc5z52****\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeElasticBills' => [
'summary' => 'Queries the daily bills for WAF pay-as-you-go instances for the last 7 days.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '114251',
'abilityTreeNodes' => ['FEATUREwafW12QEG'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Pages start from page 1. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6FBF08CB-8691-5B65-BBF8-***', 'title' => ''],
'Bills' => [
'description' => 'The bills for the pay-as-you-go WAF instance.',
'type' => 'array',
'items' => [
'description' => 'A bill for the pay-as-you-go WAF instance.',
'type' => 'object',
'properties' => [
'EndTime' => ['description' => 'The end time of the billing period. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1717084800000', 'title' => ''],
'StartTime' => ['description' => 'The start time of the billing period. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665484616000', 'title' => ''],
'TrafficCu' => ['description' => 'The number of security capacity units (SCUs) consumed by traffic processing.', 'type' => 'number', 'format' => 'double', 'example' => '20', 'title' => ''],
'FunctionCu' => ['description' => 'The number of SCUs consumed by WAF features.', 'type' => 'number', 'format' => 'double', 'example' => '30', 'title' => ''],
'Cu' => ['description' => 'The total number of SCUs.', 'type' => 'number', 'format' => 'double', 'example' => '50', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeElasticBills',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeElasticBills',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 1,\\n \\"RequestId\\": \\"6FBF08CB-8691-5B65-BBF8-***\\",\\n \\"Bills\\": [\\n {\\n \\"EndTime\\": 1717084800000,\\n \\"StartTime\\": 1665484616000,\\n \\"TrafficCu\\": 20,\\n \\"FunctionCu\\": 30,\\n \\"Cu\\": 50\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeFlowChart' => [
'summary' => 'Queries the traffic statistics.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Interval',
'in' => 'query',
'schema' => ['description' => 'The time interval. Unit: seconds. The value must be a multiple of 60.', 'type' => 'string', 'required' => true, 'example' => '300', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BFA71416-670E-585D-AAE6-E7BBEE248FAB', 'title' => ''],
'FlowChart' => [
'description' => 'The traffic statistics.',
'type' => 'array',
'items' => [
'description' => 'The traffic statistics for a specific time interval.',
'type' => 'object',
'properties' => [
'MaxPv' => ['description' => 'The peak number of requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '2932', 'title' => ''],
'AntibotBlockSum' => ['description' => 'The number of requests that are blocked by bot management rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'CcCustomReportsSum' => ['description' => 'The number of requests that are monitored by custom HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'RatelimitBlockSum' => ['description' => 'The number of requests that are blocked by peak traffic throttling rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'BlacklistBlockSum' => ['description' => 'The number of requests that are blocked by the IP address blacklist.', 'type' => 'string', 'example' => '0', 'title' => ''],
'CcSystemBlocksSum' => ['description' => 'The number of requests that are blocked by system HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'BlacklistReportsSum' => ['description' => 'The number of requests that are monitored by the IP address blacklist.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'Index' => ['description' => 'The time sequence number, sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RobotCount' => ['description' => 'The total number of requests from bots.', 'type' => 'integer', 'format' => 'int64', 'example' => '1110', 'title' => ''],
'Count' => ['description' => 'The total number of requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '2932', 'title' => ''],
'RegionBlockReportsSum' => ['description' => 'The number of requests that are monitored by Location Blacklist rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'AntiScanBlockSum' => ['description' => 'The number of requests that are blocked by scan protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'CcSystemReportsSum' => ['description' => 'The number of requests that are monitored by system HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'AntibotReportSum' => ['description' => 'The number of requests that are monitored by bot management rules.', 'type' => 'string', 'example' => '0', 'title' => ''],
'InBytes' => ['description' => 'The total volume of inbound traffic. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '121645464', 'title' => ''],
'WafBlockSum' => ['description' => 'The number of requests that are blocked by basic protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'CcCustomBlockSum' => ['description' => 'The number of requests that are blocked by custom HTTP flood protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'AntiscanReportsSum' => ['description' => 'The number of requests that are monitored by scan protection rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'AclCustomBlockSum' => ['description' => 'The number of requests that are blocked by custom access control list (ACL) rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'RatelimitReportSum' => ['description' => 'The number of requests that are monitored by peak traffic throttling rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'WafReportSum' => ['description' => 'The number of requests that are monitored by basic protection rules.', 'type' => 'string', 'example' => '0', 'title' => ''],
'AclCustomReportsSum' => ['description' => 'The number of requests that are monitored by custom ACL rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'OutBytes' => ['description' => 'The total volume of outbound traffic. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '1200540464', 'title' => ''],
'RegionBlockBlocksSum' => ['description' => 'The number of requests that are blocked by Location Blacklist rules.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeFlowChart',
'changeSet' => [
['createdAt' => '2024-08-27T07:23:05.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-07-27T11:05:47.000Z', 'description' => 'Response parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowChart'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFlowChart',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BFA71416-670E-585D-AAE6-E7BBEE248FAB\\",\\n \\"FlowChart\\": [\\n {\\n \\"MaxPv\\": 2932,\\n \\"AntibotBlockSum\\": 0,\\n \\"CcCustomReportsSum\\": 0,\\n \\"RatelimitBlockSum\\": 0,\\n \\"BlacklistBlockSum\\": \\"0\\",\\n \\"CcSystemBlocksSum\\": 0,\\n \\"BlacklistReportsSum\\": 0,\\n \\"Index\\": 10,\\n \\"RobotCount\\": 1110,\\n \\"Count\\": 2932,\\n \\"RegionBlockReportsSum\\": 0,\\n \\"AntiScanBlockSum\\": 0,\\n \\"CcSystemReportsSum\\": 0,\\n \\"AntibotReportSum\\": \\"0\\",\\n \\"InBytes\\": 121645464,\\n \\"WafBlockSum\\": 0,\\n \\"CcCustomBlockSum\\": 0,\\n \\"AntiscanReportsSum\\": 0,\\n \\"AclCustomBlockSum\\": 0,\\n \\"RatelimitReportSum\\": 0,\\n \\"WafReportSum\\": \\"0\\",\\n \\"AclCustomReportsSum\\": 0,\\n \\"OutBytes\\": 1200540464,\\n \\"RegionBlockBlocksSum\\": 0\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeFlowTopResource' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '8F0E0B9A-B518-5C6D-BEFC-A373DDE4F652', 'title' => ''],
'RuleHitsTopResource' => [
'description' => 'The top 10 protected objects that received the most requests.',
'type' => 'array',
'items' => [
'description' => 'The statistics about requests to the protected object.',
'type' => 'object',
'properties' => [
'Resource' => ['description' => 'The protected object.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'Count' => ['description' => 'The total number of requests for the protected object during the specified time period.', 'type' => 'integer', 'format' => 'int64', 'example' => '181174784', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeFlowTopResource',
'summary' => 'Queries the top 10 protected objects by request count.',
'changeSet' => [
['createdAt' => '2024-08-27T07:23:04.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopResource'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFlowTopResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8F0E0B9A-B518-5C6D-BEFC-A373DDE4F652\\",\\n \\"RuleHitsTopResource\\": [\\n {\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 181174784\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeFlowTopUrl' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object, such as a domain name or IP address added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '520D4E4C-B8EC-5602-ACB6-4D378ACBA28D', 'title' => ''],
'RuleHitsTopUrl' => [
'description' => 'The top 10 URLs that are most frequently accessed.',
'type' => 'array',
'items' => [
'description' => 'The statistics of requests for a URL.',
'type' => 'object',
'properties' => [
'Count' => ['description' => 'The total number of requests for the URL.', 'type' => 'integer', 'format' => 'int64', 'example' => '181174784', 'title' => ''],
'Url' => ['description' => 'The requested URL.', 'type' => 'string', 'example' => 'www.aliyundoc.com/path1', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeFlowTopUrl',
'summary' => 'Queries the top 10 most requested URLs.',
'changeSet' => [
['createdAt' => '2024-08-27T06:51:23.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopUrl'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFlowTopUrl',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"520D4E4C-B8EC-5602-ACB6-4D378ACBA28D\\",\\n \\"RuleHitsTopUrl\\": [\\n {\\n \\"Count\\": 181174784,\\n \\"Url\\": \\"www.aliyundoc.com/path1\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeFreeUserAssetCount' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156224',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-cs0*****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '30488BF0-FD58-52DD-B396-D014549F43A3', 'title' => ''],
'Asset' => [
'description' => 'The statistics information about assets detected by the basic API security feature.',
'type' => 'object',
'properties' => [
'AssetCount' => ['description' => 'The total number of API assets.', 'type' => 'integer', 'format' => 'int64', 'example' => '15', 'title' => ''],
'AssetActive' => ['description' => 'The number of active APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '34', 'title' => ''],
'AssetOffline' => ['description' => 'The number of inactive APIs.', 'type' => 'integer', 'format' => 'int64', 'example' => '13', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeFreeUserAssetCount',
'summary' => 'Queries statistics information about assets detected by the basic API security feature.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserAssetCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"30488BF0-FD58-52DD-B396-D014549F43A3\\",\\n \\"Asset\\": {\\n \\"AssetCount\\": 15,\\n \\"AssetActive\\": 34,\\n \\"AssetOffline\\": 13\\n }\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeFreeUserEventCount' => [
'summary' => 'Queries the security event statistics of API security basic detection.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156223',
'abilityTreeNodes' => ['FEATUREwafDX9EQ6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepay_public_intl-sg-vf***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0D9FB3BC-0DE9-58A8-9663-ACE56F24F405', 'title' => ''],
'Event' => [
'description' => 'The security event information of basic detection.',
'type' => 'object',
'properties' => [
'EventTotal' => ['description' => 'The total number of API security events.', 'type' => 'integer', 'format' => 'int64', 'example' => '16', 'title' => ''],
'EventLow' => ['description' => 'The number of low-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''],
'EventHigh' => ['description' => 'The number of high-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'EventMedium' => ['description' => 'The number of medium-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '3', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query security event statistics of API security basic detection',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserEventCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0D9FB3BC-0DE9-58A8-9663-ACE56F24F405\\",\\n \\"Event\\": {\\n \\"EventTotal\\": 16,\\n \\"EventLow\\": 12,\\n \\"EventHigh\\": 1,\\n \\"EventMedium\\": 3\\n }\\n}","type":"json"}]',
],
'DescribeFreeUserEventTypes' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '188825',
'abilityTreeNodes' => ['FEATUREwafDX9EQ6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-bl0****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'B9D6AD11-DD3D-5A27-B1D9-8A37F7777196', 'title' => ''],
'Data' => [
'description' => 'The list of security event types detected by the basic detection feature.',
'type' => 'array',
'items' => [
'description' => 'The information about the security event type detected by the basic detection feature.',
'type' => 'object',
'properties' => [
'EventNum' => ['description' => 'The number of security events.', 'type' => 'string', 'example' => '4', 'title' => ''],
'EventType' => ['description' => 'The security event type.', 'type' => 'string', 'example' => 'SMSInterfaceAbuse', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeFreeUserEventTypes',
'summary' => 'Queries the types of security events for basic API security detection.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserEventTypes',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B9D6AD11-DD3D-5A27-B1D9-8A37F7777196\\",\\n \\"Data\\": [\\n {\\n \\"EventNum\\": \\"4\\",\\n \\"EventType\\": \\"SMSInterfaceAbuse\\"\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeFreeUserEvents' => [
'summary' => 'Queries the list of security events detected by API security basic detection.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156225',
'abilityTreeNodes' => ['FEATUREwafDX9EQ6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-27a3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8A2DF88D-90C2-56E9-B8D5-36BB9646791C', 'title' => ''],
'Event' => [
'description' => 'The list of security events detected by basic detection.',
'type' => 'array',
'items' => [
'description' => 'The security event information detected by basic detection.',
'type' => 'object',
'properties' => [
'EventTag' => ['description' => 'The event type.'."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to obtain the supported event types.', 'type' => 'string', 'example' => 'Event_DataTraverse', 'title' => ''],
'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/login', 'title' => ''],
'Domain' => ['description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'www.***.cn', 'title' => ''],
'AttackIP' => ['description' => 'The attack IP address.', 'type' => 'string', 'example' => '104.234.140.**', 'title' => ''],
'AttackTime' => ['description' => 'The attack time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683703260', 'title' => ''],
'EventLevel' => ['description' => 'The event level. Valid values:'."\n"
.'- **high**: high risk.'."\n"
.'- **medium**: medium risk.'."\n"
.'- **low**: low risk.', 'type' => 'string', 'example' => 'high', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security basic detection events',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8A2DF88D-90C2-56E9-B8D5-36BB9646791C\\",\\n \\"Event\\": [\\n {\\n \\"EventTag\\": \\"Event_DataTraverse\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"Domain\\": \\"www.***.cn\\",\\n \\"AttackIP\\": \\"104.234.140.**\\",\\n \\"AttackTime\\": 1683703260,\\n \\"EventLevel\\": \\"high\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeHybridCloudBasicMonitor' => [
'summary' => 'Queries the system status of a node in a hybrid cloud cluster.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz****hw0u', 'title' => ''],
],
[
'name' => 'Mid',
'in' => 'query',
'schema' => ['description' => 'The node ID.', 'type' => 'string', 'required' => true, 'example' => 'f451e90fcb068905ab379468****db42', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0B8AF42B-16A9-5762-AEF3-D148****FE5D', 'title' => ''],
'BasicMonitors' => [
'description' => 'The list of basic monitoring metrics.',
'type' => 'array',
'items' => [
'description' => 'The basic monitoring metric.',
'type' => 'object',
'properties' => [
'MonitorName' => ['description' => 'The metric. Valid values:'."\n"
."\n"
.'- **basic\\_monitor\\_cpu\\_usage**: CPU.'."\n"
."\n"
.'- **basic\\_monitor\\_memory\\_usage**: memory.'."\n"
."\n"
.'- **basic\\_monitor\\_disk\\_usage**: disk.', 'type' => 'string', 'example' => 'basic_monitor_cpu_usage', 'title' => ''],
'UseRatio' => ['description' => 'The usage percentage.', 'type' => 'integer', 'format' => 'int64', 'example' => '5.905694', 'title' => ''],
'Levle' => ['description' => 'The status. Valid values:'."\n"
."\n"
.'- **normal**: Normal.'."\n"
."\n"
.'- \\*\\*\\*\\*: Abnormal.', 'type' => 'string', 'example' => 'normal', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'TotalCount' => ['description' => '> This parameter is deprecated. No meaningful data is returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '3', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0B8AF42B-16A9-5762-AEF3-D148****FE5D\\",\\n \\"BasicMonitors\\": [\\n {\\n \\"MonitorName\\": \\"basic_monitor_cpu_usage\\",\\n \\"UseRatio\\": 5.905694,\\n \\"Levle\\": \\"normal\\"\\n }\\n ],\\n \\"TotalCount\\": 3\\n}","type":"json"}]',
'title' => 'DescribeHybridCloudBasicMonitor',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudBasicMonitor',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeHybridCloudClusterRule' => [
'methods' => ['get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'deprecated' => false,
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafSBJ1DO'],
'autoTest' => true,
'tenantRelevance' => 'tenant',
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-uqm33n***02', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => '\\[Deprecated] The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => '\\[Deprecated] The type of the rule. Valid value:'."\n"
."\n"
.'- **pullin**: Traffic routing.', 'type' => 'string', 'required' => false, 'example' => 'pullin', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'ClusterRuleResourceId',
'in' => 'query',
'schema' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'required' => false, 'example' => 'hdbc-clusterrule-*******m0w', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The returned result.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '1F29A6D2-9EB6-526D-A997-36888**99CB'],
'ClusterRule' => [
'description' => 'The information about the rule.',
'type' => 'object',
'properties' => [
'RuleType' => ['description' => 'The type of the rule.'."\n"
."\n"
.'- pullin: The traffic routing rule.', 'type' => 'string', 'example' => 'pullin', 'title' => ''],
'RuleConfig' => ['description' => 'The configuration of the traffic routing rule.'."\n"
."\n"
.'- **check\\_mode**: Defines the traffic scope for the routing rule. Valid values:'."\n"
."\n"
.' - **all**: Routes all traffic.'."\n"
."\n"
.' - **part**: Routes a portion of the traffic.'."\n"
."\n"
.'- **type**: The rule\'s match type. Valid values:'."\n"
."\n"
.' - **exact**: Exact match.'."\n"
."\n"
.' - **regex**: Regular expression match.'."\n"
."\n"
.'- **substance**: The value of the rule.', 'type' => 'string', 'example' => '{\\"check_mode\\":\\"all\\",\\"exclude\\":{\\"exact\\":[],\\"regex\\":[]}}', 'title' => ''],
'RuleStatus' => ['description' => 'The status of the rule. Valid values:'."\n"
."\n"
.'- **on**: Enabled.'."\n"
."\n"
.'- **off**: Disabled.', 'type' => 'string', 'example' => 'on', 'title' => ''],
'ClusterRuleResourceId' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'example' => 'hdbc-clusterrule-2m*****m0w', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'DescribeHybridCloudClusterRule',
'summary' => 'Retrieves a hybrid cloud cluster rule.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1F29A6D2-9EB6-526D-A997-36888**99CB\\",\\n \\"ClusterRule\\": {\\n \\"RuleType\\": \\"pullin\\",\\n \\"RuleConfig\\": \\"{\\\\\\\\\\\\\\"check_mode\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"all\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"exclude\\\\\\\\\\\\\\":{\\\\\\\\\\\\\\"exact\\\\\\\\\\\\\\":[],\\\\\\\\\\\\\\"regex\\\\\\\\\\\\\\":[]}}\\",\\n \\"RuleStatus\\": \\"on\\",\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-2m*****m0w\\"\\n }\\n}","type":"json"}]',
],
'DescribeHybridCloudClusterRules' => [
'summary' => 'Cluster rules',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-****', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'allowEmptyValue' => true,
'schema' => ['description' => 'The type of the rule. Valid value:'."\n"
."\n"
.'- **pullin**: traffic redirection', 'type' => 'string', 'required' => true, 'example' => 'pullin', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter is available only for hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about hybrid cloud clusters.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '428', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => '', 'required' => false],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => '', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'RuleContent',
'in' => 'query',
'schema' => ['description' => 'The prefix of the rule value to match.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => '1.1.1.1'],
],
[
'name' => 'RuleMatchType',
'in' => 'query',
'schema' => ['description' => 'The matching logic. Valid values:'."\n"
."\n"
.'- exact: exact match'."\n"
."\n"
.'- regex: regular expression match', 'type' => 'string', 'required' => false, 'example' => 'exact', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response data.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of cloud native mode entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Data' => [
'title' => '',
'description' => 'The response data.',
'type' => 'array',
'items' => [
'title' => '',
'description' => 'The compliance detection result.',
'type' => 'object',
'properties' => [
'ClusterId' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'example' => '1099', 'title' => ''],
'ClusterRuleResourceId' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'example' => 'hdbc-clusterrule-*****khzre0ym0w', 'title' => ''],
'RuleConfig' => ['description' => 'The configuration of the traffic redirection rule:'."\n"
."\n"
.'- **check\\_mode**'."\n"
."\n"
.' : the mode. Valid values:'."\n"
."\n"
.' - **all**: redirects all traffic.'."\n"
."\n"
.' - **part**: redirects a portion of traffic.'."\n"
."\n"
.'- **type**'."\n"
."\n"
.' : the match type of the rule. Valid values:'."\n"
."\n"
.' - **exact**: exact match.'."\n"
."\n"
.' - **regex**: regular expression match.'."\n"
."\n"
.'- **substance**: the value of the rule.', 'type' => 'string', 'example' => '{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}', 'title' => ''],
'RuleType' => ['description' => 'The type of the rule. Valid value:'."\n"
."\n"
.'- **pullin**: traffic redirection', 'type' => 'string', 'example' => 'pullin', 'title' => ''],
'Status' => ['description' => 'The status of the rule. Valid values:'."\n"
."\n"
.'- **1**: enabled.'."\n"
."\n"
.'- **0**: disabled.', 'type' => 'string', 'example' => '1', 'title' => ''],
'Version' => ['description' => 'The version number.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
],
'example' => '',
],
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudClusterRules',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusterRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"ClusterId\\": 1099,\\n \\"ClusterRuleResourceId\\": \\"hdbc-clusterrule-*****khzre0ym0w\\",\\n \\"RuleConfig\\": \\"{\\\\\\\\\\\\\\"check_mode\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"all\\\\\\\\\\\\\\", \\\\\\\\\\\\\\"type\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"exact\\\\\\\\\\\\\\", \\\\\\\\\\\\\\"substance\\\\\\\\\\\\\\": \\\\\\\\\\\\\\"122\\\\\\\\\\\\\\"}\\",\\n \\"RuleType\\": \\"pullin\\",\\n \\"Status\\": \\"1\\",\\n \\"Version\\": 1\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeHybridCloudClusterServers' => [
'summary' => 'Queries the servers in a hybrid cloud Web Application Firewall (WAF) cluster.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-******nd07', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'Ip',
'in' => 'query',
'allowEmptyValue' => true,
'schema' => ['description' => 'The IP address of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => '1.X.X.1', 'title' => ''],
],
[
'name' => 'HostName',
'in' => 'query',
'schema' => ['description' => 'The hostname of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'online-***wwq', 'title' => ''],
],
[
'name' => 'GroupType',
'in' => 'query',
'schema' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n"
."\n"
.'- **protect**: protection.'."\n"
."\n"
.'- **control**: control.'."\n"
."\n"
.'- **storage**: storage.'."\n"
."\n"
.'- **controlStorage**: control and storage.', 'type' => 'string', 'required' => false, 'example' => 'protect', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the node group.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '3', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C3B0FDD2-11CE-59A5-BEB5-*****1A969', 'title' => ''],
'ClusterServers' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'GroupName' => ['description' => 'The name of the node group.', 'type' => 'string', 'example' => '测试组。', 'title' => ''],
'Operator' => ['description' => 'The cloud service provider where the server resides.', 'type' => 'string', 'example' => 'aliyun。', 'title' => ''],
'Status' => ['description' => 'The health status of the server in the hybrid cloud cluster.', 'type' => 'string', 'example' => 'ok', 'title' => ''],
'RegionCodeValue' => ['description' => 'The numeric code of the region where the server resides.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'RegionCode' => ['description' => 'The region identifier of the server, such as `beijing`.', 'type' => 'string', 'example' => 'beijing', 'title' => ''],
'Memory' => ['description' => 'The memory size of the server. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '33547386880', 'title' => ''],
'Ip' => ['description' => 'The IP address of the server.', 'type' => 'string', 'example' => '1.*.*1。', 'title' => ''],
'Cpu' => ['description' => 'The number of CPU cores of the server.', 'type' => 'integer', 'format' => 'int32', 'example' => '4', 'title' => ''],
'Mid' => ['description' => 'The machine ID (MID) of the server.', 'type' => 'string', 'example' => '28ab688cd403563e8e173*****79600', 'title' => ''],
'ContinentsValue' => ['description' => 'The continent code of the protection cluster.'."\n"
."\n"
.'> For a list of valid codes, see the supplementary description of response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '410', 'title' => ''],
'Mac' => ['description' => 'The MAC address of the server.', 'type' => 'string', 'example' => '**:**:00:02:eb:c7', 'title' => ''],
'GroupId' => ['description' => 'The ID of the node group.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'JobStatus' => ['description' => 'The running status of the server.', 'type' => 'string', 'example' => 'running', 'title' => ''],
'GroupType' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n"
."\n"
.'- **protect**: protection.'."\n"
."\n"
.'- **control**: control.'."\n"
."\n"
.'- **storage**: storage.'."\n"
."\n"
.'- **controlStorage**: control and storage.', 'type' => 'string', 'example' => 'protect', 'title' => ''],
'CustomName' => ['description' => 'The custom name of the server.', 'type' => 'string', 'example' => '测试组', 'title' => ''],
'UpdateTimestamp' => ['description' => 'The time when the server was last updated. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1711953897000', 'title' => ''],
'Continents' => ['description' => 'The continent identifier of the server, such as `asiapacific`.', 'type' => 'string', 'example' => 'asiapacific', 'title' => ''],
'CreateTimestamp' => ['description' => 'The time when the server was created. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665987186000', 'title' => ''],
'HostName' => ['description' => 'The hostname of the server.', 'type' => 'string', 'example' => 'qsh5-sec-waf-*****-6', 'title' => ''],
'OperatorValue' => ['description' => 'The carrier code of the server.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
'description' => 'The servers in the hybrid cloud cluster.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudClusterServers',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusterServers',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 3,\\n \\"RequestId\\": \\"C3B0FDD2-11CE-59A5-BEB5-*****1A969\\",\\n \\"ClusterServers\\": [\\n {\\n \\"GroupName\\": \\"测试组。\\",\\n \\"Operator\\": \\"aliyun。\\",\\n \\"Status\\": \\"ok\\",\\n \\"RegionCodeValue\\": 0,\\n \\"RegionCode\\": \\"beijing\\",\\n \\"Memory\\": 33547386880,\\n \\"Ip\\": \\"1.*.*1。\\",\\n \\"Cpu\\": 4,\\n \\"Mid\\": \\"28ab688cd403563e8e173*****79600\\",\\n \\"ContinentsValue\\": 410,\\n \\"Mac\\": \\"**:**:00:02:eb:c7\\",\\n \\"GroupId\\": 1,\\n \\"JobStatus\\": \\"running\\",\\n \\"GroupType\\": \\"protect\\",\\n \\"CustomName\\": \\"测试组\\",\\n \\"UpdateTimestamp\\": 1711953897000,\\n \\"Continents\\": \\"asiapacific\\",\\n \\"CreateTimestamp\\": 1665987186000,\\n \\"HostName\\": \\"qsh5-sec-waf-*****-6\\",\\n \\"OperatorValue\\": 0\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeHybridCloudClusters' => [
'summary' => 'Queries a list of hybrid cloud clusters.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '227268',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstanceInfo](~~140857~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm35****02', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-ER12-WE34-23PO-301469*****E', 'title' => ''],
'ClusterInfos' => [
'description' => 'The list of clusters.',
'type' => 'array',
'items' => [
'description' => 'The cluster information.',
'type' => 'object',
'properties' => [
'HttpsPorts' => ['description' => 'The ports that use the HTTPS protocol. The value is a string. If multiple ports are returned, they are separated by commas in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '443,8443', 'title' => ''],
'ProtectionServerCount' => ['description' => 'The number of protection nodes that you can add to the cluster.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'ProxyStatus' => ['description' => 'The status of the proxy. Valid values:'."\n"
."\n"
.'- **on**: enabled'."\n"
."\n"
.'- **off**: disabled', 'type' => 'string', 'example' => 'off', 'title' => ''],
'RuleType' => ['description' => 'The type of the rule. Valid values:'."\n"
."\n"
.'- **bypass**: WAF does not perform security checks and allows traffic to pass through.', 'type' => 'string', 'example' => 'bypass', 'title' => ''],
'AccessRegion' => ['description' => 'The region where the leased line is connected. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Hangzhou'."\n"
."\n"
.'- **cn-beijing**: Beijing'."\n"
."\n"
.'- **cn-shanghai**: Shanghai', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
'Remark' => ['description' => 'The remarks.', 'type' => 'string', 'example' => 'test', 'title' => ''],
'ClusterResourceId' => ['description' => 'The resource ID of the hybrid cloud cluster.', 'type' => 'string', 'example' => 'hdbc-cluster-t1****a', 'title' => ''],
'ClusterName' => ['description' => 'The name of the cluster.', 'type' => 'string', 'example' => 'testcluster', 'title' => ''],
'RuleStatus' => ['description' => 'The status of the manual bypass setting. Valid values:'."\n"
."\n"
.'- **on**: enabled.'."\n"
."\n"
.'- **off**: disabled.', 'type' => 'string', 'example' => 'off', 'title' => ''],
'Id' => ['description' => 'The cluster ID.', 'type' => 'integer', 'format' => 'int64', 'example' => '524**8', 'title' => ''],
'AccessMode' => ['description' => 'The network access mode. Valid values:'."\n"
."\n"
.'- **internet**: Internet access.'."\n"
."\n"
.'- **vpc**: leased line-based private network access.', 'type' => 'string', 'example' => 'internet', 'title' => ''],
'ProxyType' => ['description' => 'The type of the cluster. Valid values:'."\n"
."\n"
.'- **cname**: reverse proxy cluster'."\n"
."\n"
.'- **service**: service cluster', 'type' => 'string', 'example' => 'cname', 'title' => ''],
'RuleConfig' => ['description' => 'The rule configuration.', 'type' => 'string', 'example' => '{"enable":true,"param":{"breaker":{"duration":1,"failed":1,"recent_failed":1},"disable_protect":false,"max_request_body_len":1,"timeout":1}}', 'title' => ''],
'HttpPorts' => ['description' => 'The ports that use the HTTP protocol. The value is a string. If multiple ports are returned, they are separated by commas in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '80,8080', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-ER12-WE34-23PO-301469*****E\\",\\n \\"ClusterInfos\\": [\\n {\\n \\"HttpsPorts\\": \\"443,8443\\",\\n \\"ProtectionServerCount\\": 1,\\n \\"ProxyStatus\\": \\"off\\",\\n \\"RuleType\\": \\"bypass\\",\\n \\"AccessRegion\\": \\"cn-hangzhou\\",\\n \\"Remark\\": \\"test\\",\\n \\"ClusterResourceId\\": \\"hdbc-cluster-t1****a\\",\\n \\"ClusterName\\": \\"testcluster\\",\\n \\"RuleStatus\\": \\"off\\",\\n \\"Id\\": 0,\\n \\"AccessMode\\": \\"internet\\",\\n \\"ProxyType\\": \\"cname\\",\\n \\"RuleConfig\\": \\"{\\\\\\"enable\\\\\\":true,\\\\\\"param\\\\\\":{\\\\\\"breaker\\\\\\":{\\\\\\"duration\\\\\\":1,\\\\\\"failed\\\\\\":1,\\\\\\"recent_failed\\\\\\":1},\\\\\\"disable_protect\\\\\\":false,\\\\\\"max_request_body_len\\\\\\":1,\\\\\\"timeout\\\\\\":1}}\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n }\\n ]\\n}","type":"json"}]',
'title' => 'DescribeHybridCloudClusters',
'changeSet' => [
['createdAt' => '2024-08-29T01:19:23.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusters',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeHybridCloudGroups' => [
'summary' => 'Queries the Hybrid Cloud WAF node groups that are added to Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '136062',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-********w0b', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the hybrid cloud node group that you want to query.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => 'groupName1', 'title' => ''],
],
[
'name' => 'GroupType',
'in' => 'query',
'schema' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n"
."\n"
.'- **protect**: protection node group.'."\n"
."\n"
.'- **control**: control node group.'."\n"
."\n"
.'- **storage**: storage node group.'."\n"
."\n"
.'- **controlStorage**: control and storage node group.', 'type' => 'string', 'required' => false, 'example' => 'protect', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ClusterProxyType',
'in' => 'query',
'schema' => ['description' => 'The proxy type of the hybrid cloud cluster. Valid values:'."\n"
."\n"
.'- **service**: SDK-based integration.'."\n"
."\n"
.'- **cname**: CNAME-based reverse proxy.', 'type' => 'string', 'required' => false, 'example' => 'cname', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of hybrid cloud node groups returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '146', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '045660E7-C4C6-5CD7-8182-7B337D95ADF4', 'title' => ''],
'Groups' => [
'description' => 'The list of hybrid cloud node groups.',
'type' => 'array',
'items' => [
'description' => 'The details of a hybrid cloud node group.',
'type' => 'object',
'properties' => [
'GroupName' => ['description' => 'The name of the hybrid cloud node group.', 'type' => 'string', 'example' => 'StorageGroup', 'title' => ''],
'RegionCodeValue' => ['description' => 'The city code of the protection cluster.'."\n"
."\n"
.'> For a list of valid codes, see Additional information about response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'LoadBalanceIp' => ['description' => 'The IP address of the load balancer that is associated with the hybrid cloud node group.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''],
'BackSourceMark' => ['description' => 'The back-to-origin mark of the protection cluster. The value is in the **{CarrierTag}-{ContinentTag}-{CityTag}-{Identifier}** format. The identifier is optional.'."\n"
."\n"
.'> For a list of valid values, see Additional information about response parameters.', 'type' => 'string', 'example' => 'aliyun-asiapacific-beijing-56477821', 'title' => ''],
'GroupType' => ['description' => 'The type of the hybrid cloud node group. Valid values:'."\n"
."\n"
.'- **protect**: protection node group.'."\n"
."\n"
.'- **control**: control node group.'."\n"
."\n"
.'- **storage**: storage node group.'."\n"
."\n"
.'- **controlStorage**: control and storage node group.', 'type' => 'string', 'example' => 'protect', 'title' => ''],
'LocationId' => ['description' => 'The ID of the protection node.', 'type' => 'integer', 'format' => 'int64', 'example' => '1312', 'title' => ''],
'Ports' => ['description' => 'The ports that are used by the hybrid cloud cluster. Multiple ports are separated by commas (,).', 'type' => 'string', 'example' => '80,9200,20018', 'title' => ''],
'ContinentsValue' => ['description' => 'The continent code of the protection cluster.'."\n"
."\n"
.'> For a list of valid codes, see Additional information about response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '410', 'title' => ''],
'GroupId' => ['description' => 'The ID of the hybrid cloud node group.', 'type' => 'integer', 'format' => 'int32', 'example' => '123', 'title' => ''],
'Remark' => ['description' => 'The description of the hybrid cloud node group.', 'type' => 'string', 'example' => 'test', 'title' => ''],
'OperatorValue' => ['description' => 'The carrier code of the protection cluster.'."\n"
."\n"
.'> For a list of valid codes, see Additional information about response parameters.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 146,\\n \\"RequestId\\": \\"045660E7-C4C6-5CD7-8182-7B337D95ADF4\\",\\n \\"Groups\\": [\\n {\\n \\"GroupName\\": \\"StorageGroup\\",\\n \\"RegionCodeValue\\": 0,\\n \\"LoadBalanceIp\\": \\"1.1.XX.XX\\",\\n \\"BackSourceMark\\": \\"aliyun-asiapacific-beijing-56477821\\",\\n \\"GroupType\\": \\"protect\\",\\n \\"LocationId\\": 1312,\\n \\"Ports\\": \\"80,9200,20018\\",\\n \\"ContinentsValue\\": 410,\\n \\"GroupId\\": 123,\\n \\"Remark\\": \\"test\\",\\n \\"OperatorValue\\": 0\\n }\\n ]\\n}","type":"json"}]',
'title' => 'DescribeHybridCloudGroups',
'responseParamsDescription' => '### Carrier codes for protection clusters'."\n"
."\n"
.'| Carrier Code | Carrier Tag | Carrier Description |'."\n"
.'| ------------ | ----------- | ------------------- |'."\n"
.'| 0 | aliyun | Alibaba Cloud |'."\n"
.'| 3 | tencent | Tencent |'."\n"
.'| 100 | google | Google |'."\n"
.'| 200 | IDC | IDC |'."\n"
."\n"
.'### Continent codes for protection clusters'."\n"
."\n"
.'| Continent Code | Continent Tag | Continent Description |'."\n"
.'| -------------- | ------------- | --------------------- |'."\n"
.'| 410 | asiapacific | Asia Pacific |'."\n"
.'| 411 | euro | Europe |'."\n"
."\n"
.'### City codes for protection clusters'."\n"
."\n"
.'| Continent Code | City Code | City Tag | City Description |'."\n"
.'| -------------- | --------- | -------------- | ------------------- |'."\n"
.'| 411 | 0 | frankfurt | Frankfurt |'."\n"
.'| 411 | 1 | siliconvallery | Silicon Valley |'."\n"
.'| 411 | 2 | Virginia | Virginia |'."\n"
.'| 410 | 0 | beijing | Beijing |'."\n"
.'| 410 | 1 | shanghai | Shanghai |'."\n"
.'| 410 | 2 | hongkong | Hong Kong (China) |'."\n"
.'| 410 | 3 | Jakarta | Indonesia (Jakarta) |'."\n"
.'| 410 | 4 | hangzhou | Hangzhou |'."\n"
.'| 410 | 5 | zhangjiakou | Zhangjiakou |'."\n"
.'| 410 | 6 | shenzhen | Shenzhen |'."\n"
.'| 410 | 7 | singapore | Singapore |'."\n"
.'| 410 | 8 | Tokyo | Tokyo |'."\n"
.'| 410 | 9 | changsha | Changsha |'."\n"
.'| 410 | 10 | public_cloud | Public cloud |'."\n"
.'| 410 | 11 | nanjing | Nanjing |',
'changeSet' => [
['createdAt' => '2024-08-29T01:19:23.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-10-18T12:20:39.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudGroups'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeHybridCloudProcessMonitor' => [
'summary' => 'Queries the status of applications on nodes in a hybrid cloud Web Application Firewall (WAF) cluster.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz****hw0u', 'title' => ''],
],
[
'name' => 'Mid',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster node.', 'type' => 'string', 'required' => true, 'example' => '2fdb63fea03b173bc9e65c24****d7d5', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'DBF79169-B6A0-5C8E-86B2-CFE3****496E', 'title' => ''],
'ProcessMonitors' => [
'description' => 'The list of application statuses.',
'type' => 'array',
'items' => [
'description' => 'The application status.',
'type' => 'object',
'properties' => [
'ProcessName' => ['description' => 'The name of the application running on the cluster node. Valid values:'."\n"
."\n"
.'- **tianqingproxy**: the central management service'."\n"
."\n"
.'- **redis**: the storage service'."\n"
."\n"
.'- **scc**: the traffic metering service'."\n"
."\n"
.'- **keeper**: the threat intelligence service'."\n"
."\n"
.'- **node\\_exporter**: the application log upload service'."\n"
."\n"
.'- **xagent**: the traffic detection service'."\n"
."\n"
.'- **noproxy**: the traffic forwarding service'."\n"
."\n"
.'- **xloge**: the attack log upload service'."\n"
."\n"
.'- **ilogtail**: the log collection service'."\n"
."\n"
.'- **xlogd**: the log analysis service', 'type' => 'string', 'example' => 'keeper', 'title' => ''],
'ProcessStatus' => ['description' => 'The running status of the application. Valid values:'."\n"
."\n"
.'- **0**: abnormal.'."\n"
."\n"
.'- **1**: normal.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'Levle' => ['description' => 'The severity level of the application status. Valid values:'."\n"
."\n"
.'- **normal**: normal.'."\n"
."\n"
.'- **critical**: abnormal.', 'type' => 'string', 'example' => 'normal', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'TotalCount' => ['description' => '> This parameter is deprecated and no longer returns a valid value.', 'type' => 'integer', 'format' => 'int32', 'example' => '3', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"DBF79169-B6A0-5C8E-86B2-CFE3****496E\\",\\n \\"ProcessMonitors\\": [\\n {\\n \\"ProcessName\\": \\"keeper\\",\\n \\"ProcessStatus\\": 1,\\n \\"Levle\\": \\"normal\\"\\n }\\n ],\\n \\"TotalCount\\": 3\\n}","type":"json"}]',
'title' => 'DescribeHybridCloudProcessMonitor',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudProcessMonitor',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeHybridCloudProtectableCount' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-4xl3fdi4u01**fe23', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6087EA47-C10F-5A0A-A405-DB5B241**B1', 'title' => ''],
'ProtectableCount' => ['description' => 'The number of protectable nodes that can be added to the cluster.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudProtectableCount',
'summary' => 'Queries the count of protectable nodes that can be added to a hybrid cloud cluster.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudProtectableCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6087EA47-C10F-5A0A-A405-DB5B241**B1\\",\\n \\"ProtectableCount\\": 1\\n}","type":"json"}]',
],
'DescribeHybridCloudResourceDetail' => [
'summary' => 'Queries the details of a hybrid cloud domain name.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'required' => true, 'example' => 'www.*****.com'],
],
[
'name' => 'Backend',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The back-to-origin address.', 'type' => 'string', 'required' => false, 'example' => '1.1.XX.XX'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: 1.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'CnameEnabled',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n"
."\n"
.'- **true**: Public cloud disaster recovery is enabled.'."\n"
."\n"
.'- **false**: Public cloud disaster recovery is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''],
'Domain' => [
'description' => 'The domain name information.',
'type' => 'object',
'properties' => [
'Status' => ['title' => '', 'description' => 'The resource status.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'],
'ResourceManagerResourceGroupId' => ['description' => 'The resource group ID.', 'type' => 'string', 'example' => 'rg-***aby', 'title' => ''],
'Uid' => ['description' => 'The user ID.', 'type' => 'string', 'example' => '1046011128270720', 'title' => ''],
'Listen' => [
'description' => 'The listening information.',
'type' => 'object',
'properties' => [
'HttpsPorts' => [
'description' => 'The ports for the HTTPS protocol.',
'type' => 'array',
'items' => ['description' => 'The ports for the HTTPS protocol.', 'type' => 'integer', 'format' => 'int64', 'example' => '443,8443,7443,6443', 'title' => ''],
'title' => '',
'example' => '',
],
'ProtectionResource' => ['description' => 'The type of protection resource to use. Valid values:'."\n"
."\n"
.'- **share**: shared cluster.'."\n"
."\n"
.'- **gslb**: shared cluster with intelligent load balancing.', 'type' => 'string', 'example' => 'share', 'title' => ''],
'CustomCiphers' => [
'description' => 'The custom cipher suites.',
'type' => 'array',
'items' => ['description' => 'The custom cipher suites.', 'type' => 'string', 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384', 'title' => ''],
'title' => '',
'example' => '',
],
'TLSVersion' => ['description' => 'The TLS version. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1', 'title' => ''],
'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled.'."\n"
."\n"
.'- **false**: HTTP/2 is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'CertId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '19312542-cn-hangzhou', 'title' => ''],
'CipherSuite' => ['description' => 'The type of cipher suite. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites.'."\n"
."\n"
.'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'IPv6Enabled' => ['description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n"
."\n"
.'- **true**: IPv6 is enabled.'."\n"
."\n"
.'- **false**: IPv6 is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'FocusHttps' => ['description' => 'Indicates whether HTTPS forced redirect is enabled. Valid values:'."\n"
."\n"
.'- **true**: HTTPS forced redirect is enabled.'."\n"
."\n"
.'- **false**: HTTPS forced redirect is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'XffHeaders' => [
'description' => 'The custom header fields used to obtain the client IP address, in the format of [**"header1","header2",……**].'."\n"
."\n"
.'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify in the request header as the client IP address.',
'type' => 'array',
'items' => ['description' => 'The custom header fields used to obtain the client IP address, in the format of **["header1","header2",……]**.'."\n"
."\n"
.'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify in the request header as the client IP address.', 'type' => 'string', 'example' => '["test"]', 'title' => ''],
'title' => '',
'example' => '',
],
'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the actual client IP address. Valid values:'."\n"
."\n"
.'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n"
."\n"
.'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n"
."\n"
.'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'ExclusiveIp' => ['description' => 'Indicates whether an exclusive IP address is supported. Valid values:'."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'HttpPorts' => [
'description' => 'The list of available ports for the HTTP protocol. The value is a string. When multiple ports are available, they are returned in the format of **port1,port2,port3**.',
'type' => 'array',
'items' => ['description' => 'The list of available ports for the HTTP protocol. The value is a string. When multiple ports are available, they are returned in the format of **port1,port2,port3**.', 'type' => 'integer', 'format' => 'int64', 'example' => '80,8080,9080,9081,9082,8182', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'Id' => ['description' => 'id', 'type' => 'integer', 'format' => 'int64', 'example' => '31323', 'title' => ''],
'Redirect' => [
'description' => 'The rules for returning response header values.',
'type' => 'object',
'properties' => [
'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n"
."\n"
.'- **true** (default): Persistent connections are enabled.'."\n"
."\n"
.'- **false**: Persistent connections are disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'SniEnabled' => ['description' => 'Indicates whether back-to-origin Server Name Indication (SNI) is enabled. Valid values:'."\n"
."\n"
.'- **true**: Back-to-origin SNI is enabled.'."\n"
."\n"
.'- **false**: Back-to-origin SNI is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'CnameEnabled' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n"
."\n"
.'- **true**: Public cloud disaster recovery is enabled.'."\n"
."\n"
.'- **false**: Public cloud disaster recovery is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The idle timeout period of persistent connections.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'ReadTimeout' => ['description' => 'The read timeout period of the request.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'Backends' => [
'description' => 'The IP address of the origin server or the domain name used for back-to-origin.',
'type' => 'array',
'items' => ['description' => 'The IP address of the origin server or the domain name used for back-to-origin.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''],
'title' => '',
'example' => '',
],
'SniHost' => ['description' => 'The custom value of the SNI extension field. If the value is empty, the SNI value is not customized, and the value of the **Host** field in the request header is used as the value of the SNI extension field by default.'."\n"
."\n"
.'> This parameter is returned only when **SniStatus** is set to **1**, which indicates that back-to-origin SNI is enabled.', 'type' => 'string', 'example' => 'eew111', 'title' => ''],
'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. Valid values:'."\n"
."\n"
.'- **true**: Forced HTTP back-to-origin is enabled.'."\n"
."\n"
.'- **false**: Forced HTTP back-to-origin is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'RoutingRules' => ['description' => 'The hybrid cloud forwarding rules, expressed as a string converted from a JSON array. Each element in the JSON array is a structure that contains the following field:'."\n"
.'- **rs**: Array type.', 'type' => 'string', 'example' => '[{\\"backupRs\\":[],\\"location\\":\\"v3-test\\",\\"locationId\\":1148,\\"rs\\":[\\"39.98.217.197\\",\\"2.2.2.2\\"]}]', 'title' => ''],
'Retry' => ['description' => 'Indicates whether WAF retries when back-to-origin fails. Valid values:'."\n"
."\n"
.'- **true**: WAF retries.'."\n"
."\n"
.'- **false**: WAF does not retry.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'RequestHeaders' => [
'description' => 'The HTTP request headers.',
'type' => 'array',
'items' => [
'description' => 'The specified custom request header field.',
'type' => 'object',
'properties' => [
'Value' => ['description' => 'The value.', 'type' => 'string', 'example' => '9506360478730', 'title' => ''],
'Key' => ['description' => 'The key of the tag.', 'type' => 'string', 'example' => 'L2x1ZmZ5L2NvcmUvYXBwcy9tLnl1bmR1bi53YWYuMS9wbHVnaW5z', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'KeepaliveRequests' => ['description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000.'."\n"
."\n"
.'> This specifies how many persistent connections are reused after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''],
'Loadbalance' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n"
."\n"
.'- **iphash**: IP hash algorithm.'."\n"
."\n"
.'- **roundRobin**: round-robin algorithm.'."\n"
."\n"
.'- **leastTime**: least-time back-to-origin algorithm.', 'type' => 'string', 'example' => 'iphash', 'title' => ''],
'ProxyProtocol' => ['description' => 'Indicates whether the client source IP preservation feature is enabled.'."\n"
."\n"
.'- true: The client source IP preservation feature is enabled. After this feature is enabled, the backend service can view the originating IP address of the client.'."\n"
.'- false: The client source IP preservation feature is disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''],
'BackendPorts' => [
'description' => 'The custom port configuration. By default, this is the same as the listening port.',
'type' => 'array',
'items' => [
'description' => 'The custom port configuration. By default, this is the same as the listening port.',
'type' => 'object',
'properties' => [
'ListenPort' => ['description' => 'The listening port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'BackendPort' => ['description' => 'The back-to-origin port.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'Protocol' => ['description' => 'The protocol type of the listening port. Valid values:'."\n"
."\n"
.'- http: HTTP protocol.'."\n"
.'- https: HTTPS protocol.', 'type' => 'string', 'example' => 'http', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'Domain' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'example' => 'www.*****.com'],
'Cname' => ['title' => '', 'description' => 'CNAME', 'type' => 'string', 'example' => 'kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com'],
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query hybrid cloud domain name details',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudResourceDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"Domain\\": {\\n \\"Status\\": 1,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-***aby\\",\\n \\"Uid\\": \\"1046011128270720\\",\\n \\"Listen\\": {\\n \\"HttpsPorts\\": [\\n 0\\n ],\\n \\"ProtectionResource\\": \\"share\\",\\n \\"CustomCiphers\\": [\\n \\"ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384\\"\\n ],\\n \\"TLSVersion\\": \\"tlsv1\\",\\n \\"Http2Enabled\\": true,\\n \\"CertId\\": \\"19312542-cn-hangzhou\\",\\n \\"CipherSuite\\": 0,\\n \\"EnableTLSv3\\": true,\\n \\"IPv6Enabled\\": true,\\n \\"FocusHttps\\": true,\\n \\"XffHeaders\\": [\\n \\"[\\\\\\"test\\\\\\"]\\"\\n ],\\n \\"XffHeaderMode\\": 1,\\n \\"ExclusiveIp\\": true,\\n \\"HttpPorts\\": [\\n 0\\n ]\\n },\\n \\"Id\\": 31323,\\n \\"Redirect\\": {\\n \\"ConnectTimeout\\": 1,\\n \\"Keepalive\\": true,\\n \\"SniEnabled\\": true,\\n \\"CnameEnabled\\": true,\\n \\"KeepaliveTimeout\\": 1,\\n \\"ReadTimeout\\": 1,\\n \\"Backends\\": [\\n \\"1.1.1.1\\"\\n ],\\n \\"SniHost\\": \\"eew111\\",\\n \\"FocusHttpBackend\\": true,\\n \\"WriteTimeout\\": 1,\\n \\"RoutingRules\\": \\"[{\\\\\\\\\\\\\\"backupRs\\\\\\\\\\\\\\":[],\\\\\\\\\\\\\\"location\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"v3-test\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"locationId\\\\\\\\\\\\\\":1148,\\\\\\\\\\\\\\"rs\\\\\\\\\\\\\\":[\\\\\\\\\\\\\\"39.98.217.197\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"2.2.2.2\\\\\\\\\\\\\\"]}]\\",\\n \\"Retry\\": true,\\n \\"RequestHeaders\\": [\\n {\\n \\"Value\\": \\"9506360478730\\",\\n \\"Key\\": \\"L2x1ZmZ5L2NvcmUvYXBwcy9tLnl1bmR1bi53YWYuMS9wbHVnaW5z\\"\\n }\\n ],\\n \\"KeepaliveRequests\\": 1000,\\n \\"Loadbalance\\": \\"iphash\\",\\n \\"ProxyProtocol\\": false,\\n \\"BackendPorts\\": [\\n {\\n \\"ListenPort\\": 80,\\n \\"BackendPort\\": 80,\\n \\"Protocol\\": \\"http\\"\\n }\\n ]\\n },\\n \\"Domain\\": \\"www.*****.com\\",\\n \\"Cname\\": \\"kdmqyi3ck7xogegxpiyfpb0fj21mgkxn.****.com\\"\\n }\\n}","type":"json"}]',
],
'DescribeHybridCloudResources' => [
'summary' => 'Queries the list of hybrid cloud domain names.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156993',
'abilityTreeNodes' => ['FEATUREwafSBJ1DO'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***********', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The domain name to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com'],
],
[
'name' => 'Backend',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The IP address or domain name of the origin server that corresponds to the domain name.', 'type' => 'string', 'required' => false, 'example' => '1.1.XX.XX'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return when paging is used. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page when paging is used. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '50', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'CnameEnabled',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmvtc5z52****', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'Domains' => [
'description' => 'The list of domain names returned.',
'type' => 'array',
'items' => [
'description' => 'The Website Config details.',
'type' => 'object',
'properties' => [
'Status' => ['title' => '', 'description' => 'The status of the domain name. Valid values:'."\n"
."\n"
.'- **1**: normal.'."\n"
."\n"
.'- **2**: being created.'."\n"
."\n"
.'- **3**: being modified.'."\n"
."\n"
.'- **4**: being released.'."\n"
."\n"
.'- **5**: forwarding stopped.', 'type' => 'integer', 'format' => 'int32', 'example' => '1'],
'ResourceManagerResourceGroupId' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfmvtc5z52****', 'title' => ''],
'Uid' => ['description' => 'The user ID.', 'type' => 'string', 'example' => '130715431409****', 'title' => ''],
'Listen' => [
'description' => 'The listening configuration.',
'type' => 'object',
'properties' => [
'HttpsPorts' => [
'description' => 'The list of HTTPS ports.',
'type' => 'array',
'items' => ['description' => 'The HTTPS port.', 'type' => 'integer', 'format' => 'int64', 'example' => '443', 'title' => ''],
'title' => '',
'example' => '',
],
'ProtectionResource' => ['description' => 'The type of protection resource to use. Valid values:'."\n"
."\n"
.'- **share**: shared cluster.'."\n"
."\n"
.'- **gslb**: intelligent load balancing of the shared cluster.', 'type' => 'string', 'example' => 'share', 'title' => ''],
'CustomCiphers' => [
'description' => 'The specific custom cipher suites to add.'."\n"
."\n"
.'> This parameter is returned only when **CipherSuite** is set to **99**.',
'type' => 'array',
'items' => ['description' => 'The custom cipher suite.', 'type' => 'string', 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256', 'title' => ''],
'title' => '',
'example' => '',
],
'TLSVersion' => ['description' => 'The TLS version. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**', 'type' => 'string', 'example' => 'tlsv1.2', 'title' => ''],
'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''],
'CertId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '72***76-cn-hangzhou', 'title' => ''],
'CipherSuite' => ['description' => 'The type of cipher suite. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites.'."\n"
."\n"
.'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'IPv6Enabled' => ['description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''],
'FocusHttps' => ['description' => 'Indicates whether HTTPS forced redirect is enabled. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'false', 'title' => ''],
'XffHeaders' => [
'description' => 'The list of custom header fields used to obtain the client IP address, in the format of **["header1","header2",...]**.'."\n"
."\n"
.'> This parameter is returned only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field that you specify in the request header as the client IP address.',
'type' => 'array',
'items' => ['description' => 'The custom header field used to obtain the client IP address.', 'type' => 'string', 'example' => 'Client-ip', 'title' => ''],
'title' => '',
'example' => '',
],
'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n"
."\n"
.'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n"
."\n"
.'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n"
."\n"
.'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'ExclusiveIp' => ['description' => 'Indicates whether an exclusive IP address is supported. Valid values:'."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'HttpPorts' => [
'description' => 'The list of HTTP listening ports.',
'type' => 'array',
'items' => ['description' => 'The HTTP listening port.', 'type' => 'integer', 'format' => 'int64', 'example' => '80', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'Id' => [
'description' => 'The access ID.',
'enumValueTitles' => [],
'type' => 'integer',
'format' => 'int64',
'example' => '12345',
'title' => '',
],
'Redirect' => [
'description' => 'The forwarding configuration.',
'type' => 'object',
'properties' => [
'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds.'."\n"
.'Valid values: 5 to 120.', 'type' => 'integer', 'format' => 'int64', 'example' => '120', 'title' => ''],
'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'SniEnabled' => ['description' => 'Indicates whether back-to-origin Server Name Indication (SNI) is enabled. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'CnameEnabled' => ['description' => 'Specifies whether to enable public cloud disaster recovery. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The idle timeout period for persistent connections. Valid values: 1 to 60. Default value: 15. Unit: seconds.'."\n"
."\n"
.'> Specifies how long an idle reused persistent connection is kept before it is released.', 'type' => 'integer', 'format' => 'int64', 'example' => '15', 'title' => ''],
'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n"
.'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int64', 'example' => '200', 'title' => ''],
'Backends' => [
'description' => 'The IP address or domain name of the origin server that corresponds to the domain name.',
'type' => 'array',
'items' => ['description' => 'The IP address or domain name of the origin server that corresponds to the domain name.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''],
'title' => '',
'example' => '',
],
'SniHost' => ['description' => 'The custom value of the SNI extension field. An empty value indicates that no custom SNI value is set. By default, the value of the **Host** field in the request header is used as the value of the SNI extension field.'."\n"
."\n"
.'> This parameter is returned only when **SniEnabled** is set to **true**, which indicates that back-to-origin SNI is enabled.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: Disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n"
.'Valid values: 5 to 1800.', 'type' => 'integer', 'format' => 'int64', 'example' => '200', 'title' => ''],
'RoutingRules' => ['description' => 'The hybrid cloud forwarding rules, represented as a string converted from a JSON array. Each element in the JSON array is a struct that contains the following fields:'."\n"
.'- **rs**: Array type. The list of back-to-origin IP addresses or back-to-origin CNAMEs.'."\n"
."\n"
.'- **location**: String type. The name of the protection node.'."\n"
."\n"
.'- **locationId**: Long type. The ID of the protection node.', 'type' => 'string', 'example' => '['."\n"
.' {'."\n"
.' "rs": ['."\n"
.' "1.1.XX.XX"'."\n"
.' ],'."\n"
.' "locationId": 535,'."\n"
.' "location": "test1111"'."\n"
.' }'."\n"
.']', 'title' => ''],
'Retry' => ['description' => 'Indicates whether WAF retries when back-to-origin fails. Valid values:'."\n"
."\n"
.'- **true**: Retries.'."\n"
."\n"
.'- **false**: Does not retry.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'RequestHeaders' => [
'description' => 'The traffic tag fields and values of the domain name, used to tag traffic processed by WAF.',
'type' => 'array',
'items' => [
'description' => 'The traffic tag fields and values of the domain name, used to tag traffic processed by WAF.',
'type' => 'object',
'properties' => [
'Value' => ['description' => 'The value of the specified custom request header field.', 'type' => 'string', 'example' => 'bbb', 'title' => ''],
'Key' => ['description' => 'The specified custom request header field.', 'type' => 'string', 'example' => 'aaa', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'KeepaliveRequests' => ['description' => 'The number of requests that reuse persistent connections. Valid values: 60 to 1000.'."\n"
."\n"
.'> The number of persistent connections to reuse after persistent connections are enabled.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''],
'Loadbalance' => ['description' => 'The load balancing algorithm used for back-to-origin. Valid values:'."\n"
."\n"
.'- **iphash**: IP Hash algorithm.'."\n"
."\n"
.'- **roundRobin**: round-robin algorithm.'."\n"
."\n"
.'- **leastTime**: Least Time algorithm.', 'type' => 'string', 'example' => 'iphash', 'title' => ''],
],
'title' => '',
'example' => '',
],
'Domain' => ['title' => '', 'description' => 'The domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com'],
'Cname' => ['title' => '', 'description' => 'The CNAME assigned by WAF to the domain name.'."\n"
.'> This parameter is returned only when **CnameEnabled** is set to true, which indicates that public cloud disaster recovery is enabled.', 'type' => 'string', 'example' => '50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com'],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '24', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '98D2AA9A-5959-5CCD-83E3-B6606232A2BE', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query hybrid cloud CNAME access list',
'changeSet' => [
['createdAt' => '2024-08-29T01:19:23.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-02-22T02:47:25.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2024-02-20T09:22:57.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2023-10-19T12:17:11.000Z', 'description' => 'Response parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudResources'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Domains\\": [\\n {\\n \\"Status\\": 1,\\n \\"ResourceManagerResourceGroupId\\": \\"rg-acfmvtc5z52****\\",\\n \\"Uid\\": \\"130715431409****\\",\\n \\"Listen\\": {\\n \\"HttpsPorts\\": [\\n 443\\n ],\\n \\"ProtectionResource\\": \\"share\\",\\n \\"CustomCiphers\\": [\\n \\"ECDHE-ECDSA-AES128-GCM-SHA256\\"\\n ],\\n \\"TLSVersion\\": \\"tlsv1.2\\",\\n \\"Http2Enabled\\": false,\\n \\"CertId\\": \\"72***76-cn-hangzhou\\",\\n \\"CipherSuite\\": 1,\\n \\"EnableTLSv3\\": true,\\n \\"IPv6Enabled\\": false,\\n \\"FocusHttps\\": false,\\n \\"XffHeaders\\": [\\n \\"Client-ip\\"\\n ],\\n \\"XffHeaderMode\\": 0,\\n \\"ExclusiveIp\\": true,\\n \\"HttpPorts\\": [\\n 80\\n ]\\n },\\n \\"Id\\": 12345,\\n \\"Redirect\\": {\\n \\"ConnectTimeout\\": 120,\\n \\"Keepalive\\": true,\\n \\"SniEnabled\\": true,\\n \\"CnameEnabled\\": true,\\n \\"KeepaliveTimeout\\": 15,\\n \\"ReadTimeout\\": 200,\\n \\"Backends\\": [\\n \\"1.1.XX.XX\\"\\n ],\\n \\"SniHost\\": \\"www.aliyundoc.com\\",\\n \\"FocusHttpBackend\\": true,\\n \\"WriteTimeout\\": 200,\\n \\"RoutingRules\\": \\"[\\\\n {\\\\n \\\\\\"rs\\\\\\": [\\\\n \\\\\\"1.1.XX.XX\\\\\\"\\\\n ],\\\\n \\\\\\"locationId\\\\\\": 535,\\\\n \\\\\\"location\\\\\\": \\\\\\"test1111\\\\\\"\\\\n }\\\\n]\\",\\n \\"Retry\\": true,\\n \\"RequestHeaders\\": [\\n {\\n \\"Value\\": \\"bbb\\",\\n \\"Key\\": \\"aaa\\"\\n }\\n ],\\n \\"KeepaliveRequests\\": 1000,\\n \\"Loadbalance\\": \\"iphash\\"\\n },\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"Cname\\": \\"50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com\\"\\n }\\n ],\\n \\"TotalCount\\": 24,\\n \\"RequestId\\": \\"98D2AA9A-5959-5CCD-83E3-B6606232A2BE\\"\\n}","type":"json"}]',
],
'DescribeHybridCloudSdkServers' => [
'summary' => 'Queries the hybrid cloud SDK servers that are managed by a Web Application Firewall (WAF) instance.',
'methods' => ['get', 'post'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'deprecated' => false,
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-i7m2***0b', 'title' => ''],
],
[
'name' => 'Ip',
'in' => 'query',
'allowEmptyValue' => true,
'schema' => ['description' => 'The IP address of the hybrid cloud SDK server that you want to query.', 'type' => 'string', 'required' => false, 'example' => '1.*.*1。', 'title' => ''],
],
[
'name' => 'HostName',
'in' => 'query',
'schema' => ['description' => 'The hostname of the hybrid cloud SDK server that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'online-***wwq', 'title' => ''],
],
[
'name' => 'ClusterName',
'in' => 'query',
'schema' => ['description' => 'The name of the hybrid cloud cluster that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'testcluster', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: 10.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: 1.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of hybrid cloud SDK servers returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''],
'SdkServers' => [
'description' => 'The information about the hybrid cloud SDK servers.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The status of the hybrid cloud SDK server.', 'type' => 'string', 'example' => '1', 'title' => ''],
'PullinStatus' => ['description' => 'Indicates whether traffic redirection is enabled. Valid values:'."\n"
."\n"
.'- **on**: Traffic redirection is enabled.'."\n"
."\n"
.'- **off**: Traffic redirection is disabled.', 'type' => 'string', 'example' => 'on', 'title' => ''],
'ResourceId' => ['description' => 'The ID of the resource.', 'type' => 'string', 'example' => 'test-antifaud-2.jqt.wafqax.top-waf', 'title' => ''],
'Ip' => ['description' => 'The IP address of the hybrid cloud SDK server.', 'type' => 'string', 'example' => '127.0.0.1', 'title' => ''],
'CreateTime' => ['description' => 'The time when the hybrid cloud SDK server was created. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1621428205000', 'title' => ''],
'UpdateTime' => ['description' => 'The time when the hybrid cloud SDK server was last updated. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1719489906000', 'title' => ''],
'ClusterName' => ['description' => 'The name of the hybrid cloud cluster to which the SDK server belongs.', 'type' => 'string', 'example' => 'testcluster', 'title' => ''],
'Mid' => ['description' => 'The ID of the SDK server.', 'type' => 'string', 'example' => 'b11327c21790846374051d5d**83c', 'title' => ''],
'ProtectionGroupAddress' => ['description' => 'The address of the protection group associated with the SDK server.', 'type' => 'string', 'example' => '1.1.1.1', 'title' => ''],
'HostName' => ['description' => 'The hostname of the hybrid cloud SDK server.', 'type' => 'string', 'example' => 'qsh5-sec-8-fedd**005', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'RequestId' => ['title' => '', 'description' => 'The ID of the request.', 'type' => 'string', 'example' => '3600F008-2E76-5D0B-BC76-EFBD****6D'],
],
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"SdkServers\\": [\\n {\\n \\"Status\\": \\"1\\",\\n \\"PullinStatus\\": \\"on\\",\\n \\"ResourceId\\": \\"test-antifaud-2.jqt.wafqax.top-waf\\",\\n \\"Ip\\": \\"127.0.0.1\\",\\n \\"CreateTime\\": 1621428205000,\\n \\"UpdateTime\\": 1719489906000,\\n \\"ClusterName\\": \\"testcluster\\",\\n \\"Mid\\": \\"b11327c21790846374051d5d**83c\\",\\n \\"ProtectionGroupAddress\\": \\"1.1.1.1\\",\\n \\"HostName\\": \\"qsh5-sec-8-fedd**005\\"\\n }\\n ],\\n \\"RequestId\\": \\"3600F008-2E76-5D0B-BC76-EFBD****6D\\"\\n}","type":"json"}]',
'title' => 'DescribeHybridCloudSdkServers',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudSdkServers',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeHybridCloudServerRegions' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5yd****7009', 'title' => ''],
],
[
'name' => 'RegionCode',
'in' => 'query',
'schema' => ['description' => 'The region code. Use this parameter to filter results by a specific continent or area.>This parameter is required when `RegionType` is set to `region`. Set the value to the code of the continent that you want to query.>', 'type' => 'string', 'required' => false, 'example' => '410', 'title' => ''],
],
[
'name' => 'RegionType',
'in' => 'query',
'schema' => [
'description' => 'The type of the region. Valid values:'."\n"
."\n"
.'- **operator**: queries carriers.'."\n"
."\n"
.'- **continents**: queries continents.'."\n"
."\n"
.'- **region**: queries cities.',
'type' => 'string',
'required' => true,
'enum' => ['operator', 'continents', 'region'],
'example' => 'region',
'title' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '0FBBDE11-C35F-531B-96BA-64CA****C875', 'title' => ''],
'Regions' => [
'description' => 'The regions.',
'type' => 'array',
'items' => [
'description' => 'The information about the region.',
'type' => 'object',
'properties' => [
'Code' => ['description' => 'The code of the region.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'Name' => ['description' => 'The name of the region.', 'type' => 'string', 'example' => 'aliyun', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudServerRegions',
'summary' => 'Queries hybrid cloud server regions, including carriers, continents, and cities.',
'changeSet' => [
['createdAt' => '2024-08-29T01:28:34.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudServerRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0FBBDE11-C35F-531B-96BA-64CA****C875\\",\\n \\"Regions\\": [\\n {\\n \\"Code\\": 1,\\n \\"Name\\": \\"aliyun\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeHybridCloudSupportRegions' => [
'summary' => 'Queries the regions that are supported for hybrid cloud access in Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-uqm3e3s6x03', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'SupportRegions' => [
'type' => 'array',
'items' => ['description' => 'The region ID. Valid values:'."\n"
."\n"
.'- **cn-chengdu**: China (Chengdu).'."\n"
."\n"
.'- **cn-beijing**: China (Beijing).'."\n"
."\n"
.'- **cn-zhangjiakou**: China (Zhangjiakou).'."\n"
."\n"
.'- **cn-hangzhou**: China (Hangzhou).'."\n"
."\n"
.'- **cn-shanghai**: China (Shanghai).'."\n"
."\n"
.'- **cn-shenzhen**: China (Shenzhen).'."\n"
."\n"
.'- **cn-qingdao**: China (Qingdao).'."\n"
."\n"
.'- **cn-hongkong**: China (Hong Kong).'."\n"
."\n"
.'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n"
."\n"
.'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'example' => '[\'cn-hangzhou\', \'cn-shanghai\', \'cn-beijing\']', 'title' => ''],
'description' => 'The list of regions that are supported for hybrid cloud access.',
'title' => '',
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '256959D5-3B45-54CD-A66D-F75F11E8E754', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudSupportRegions',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudSupportRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SupportRegions\\": [\\n \\"[\'cn-hangzhou\', \'cn-shanghai\', \'cn-beijing\']\\"\\n ],\\n \\"RequestId\\": \\"256959D5-3B45-54CD-A66D-F75F11E8E754\\"\\n}","type":"json"}]',
],
'DescribeHybridCloudUnassignedMachines' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-5yd****7009', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '123', 'title' => ''],
],
[
'name' => 'Ip',
'in' => 'query',
'schema' => ['description' => 'The IP address of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => '1.X.X.1', 'title' => ''],
],
[
'name' => 'HostName',
'in' => 'query',
'schema' => ['description' => 'The hostname of the server that you want to query.', 'type' => 'string', 'required' => false, 'example' => 'online-xagent1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of unassigned servers returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '28', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '3EBCFCE9-4A3C-5E01-915D-691B****510A', 'title' => ''],
'UnassignedMachines' => [
'description' => 'The unassigned servers in the hybrid cloud cluster.',
'type' => 'array',
'items' => [
'description' => 'The details of the unassigned server.',
'type' => 'object',
'properties' => [
'CustomName' => ['description' => 'The custom name of the server.', 'type' => 'string', 'example' => 'exampleName', 'title' => ''],
'Memory' => ['description' => 'The memory size of the server. Unit: KB.', 'type' => 'integer', 'format' => 'int64', 'example' => '31580872', 'title' => ''],
'Ip' => ['description' => 'The IP address of the server.', 'type' => 'string', 'example' => '1.X.X.1'."\n", 'title' => ''],
'Cpu' => ['description' => 'The number of CPU cores of the server.', 'type' => 'integer', 'format' => 'int64', 'example' => '16', 'title' => ''],
'Mid' => ['description' => 'The ID of the server.', 'type' => 'string', 'example' => '78db009ab6cf055a9085f9f4****ae3a', 'title' => ''],
'HostName' => ['description' => 'The hostname of the server.', 'type' => 'string', 'example' => 'online-xagent1'."\n", 'title' => ''],
'Mac' => ['description' => 'The MAC address of the server.', 'type' => 'string', 'example' => '00163e2686ac', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudUnassignedMachines',
'summary' => 'Queries the list of unassigned servers in a hybrid cloud cluster.',
'changeSet' => [
['createdAt' => '2024-08-29T01:28:35.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudUnassignedMachines',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 28,\\n \\"RequestId\\": \\"3EBCFCE9-4A3C-5E01-915D-691B****510A\\",\\n \\"UnassignedMachines\\": [\\n {\\n \\"CustomName\\": \\"exampleName\\",\\n \\"Memory\\": 31580872,\\n \\"Ip\\": \\"1.X.X.1\\\\n\\",\\n \\"Cpu\\": 16,\\n \\"Mid\\": \\"78db009ab6cf055a9085f9f4****ae3a\\",\\n \\"HostName\\": \\"online-xagent1\\\\n\\",\\n \\"Mac\\": \\"00163e2686ac\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeHybridCloudUnsupportPorts' => [
'summary' => 'Queries the list of unsupported ports for a hybrid cloud.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '178409',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstanceInfo](~~140857~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'HttpsPorts' => ['description' => 'The list of ports for the HTTPS protocol. The value is a string. Multiple ports are returned in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '443,8443,8021,3443,2443,9011', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'C2E97B3F-1623-4CDF-A7E2-FD9D****027A', 'title' => ''],
'HttpPorts' => ['description' => 'The list of ports for the HTTP protocol. The value is a string. Multiple ports are returned in the **port1,port2,port3** format.', 'type' => 'string', 'example' => '80,8080', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudUnsupportPorts',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudUnsupportPorts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"HttpsPorts\\": \\"443,8443,8021,3443,2443,9011\\",\\n \\"RequestId\\": \\"C2E97B3F-1623-4CDF-A7E2-FD9D****027A\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n}","type":"json"}]',
],
'DescribeHybridCloudUser' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***********', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9178CB86-285F-5679-A30A-3B3F007E4206', 'title' => ''],
'UserInfo' => [
'description' => 'The information about the available HTTP and HTTPS port ranges for hybrid cloud access.',
'type' => 'object',
'properties' => [
'HttpsPorts' => ['description' => 'The available HTTPS ports. The value is a string. If multiple ports are returned, they are separated by commas (,). Example: **port1,port2,port3**.', 'type' => 'string', 'example' => '8443,443', 'title' => ''],
'HttpPorts' => ['description' => 'The available HTTP ports. The value is a string. If multiple ports are returned, they are separated by commas (,). Example: **port1,port2,port3**.', 'type' => 'string', 'example' => '80,8080', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeHybridCloudUser',
'summary' => 'Queries the available HTTP and HTTPS port ranges for hybrid cloud access.',
'changeSet' => [
['createdAt' => '2024-08-29T01:19:24.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudUser'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudUser',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9178CB86-285F-5679-A30A-3B3F007E4206\\",\\n \\"UserInfo\\": {\\n \\"HttpsPorts\\": \\"8443,443\\",\\n \\"HttpPorts\\": \\"80,8080\\"\\n }\\n}","type":"json"}]',
],
'DescribeInstance' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '107334',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The current status of the instance. Valid values:'."\n"
."\n"
.'- **1**: Normal.'."\n"
."\n"
.'- **2**: The instance has expired.'."\n"
."\n"
.'- **3**: The instance is released.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'Details' => [
'title' => '',
'description' => 'The details of the instance.',
'type' => 'object',
'properties' => [
'DefenseObjectInGroupMaxCount' => ['description' => 'The maximum number of protected objects that can be included in a protection group.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'Tamperproof' => ['description' => 'Indicates whether webpage tamper protection is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'BotApp' => ['description' => 'Indicates whether scenario-specific bot protection for apps is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'string', 'example' => 'true', 'title' => ''],
'IpBlacklistRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single blacklist template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'WhitelistRuleCondition' => ['description' => 'The match field for the whitelist rule. For more information, see the description of the **conditions** parameter for **whitelist** rules in CreateDefenseRule.', 'type' => 'string', 'title' => '', 'example' => 'URL'],
'CustomRuleCondition' => ['description' => 'The match condition for the custom rule. For more information, see the description of the **conditions** parameter for **custom\\_acl** rules in CreateDefenseRule.', 'type' => 'string', 'title' => '', 'example' => 'URL'],
'CustomResponse' => ['description' => 'Indicates whether custom responses are supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'HttpPorts' => ['description' => 'The available HTTP ports. For more information, see [Port numbers supported by WAF]().', 'type' => 'string', 'title' => '', 'example' => '80'],
'Gslb' => ['title' => '', 'description' => 'Indicates whether Global Server Load Balancing (GSLB) is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true'],
'Ipv6' => ['title' => '', 'description' => 'Indicates whether IPv6 is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true'],
'Bot' => ['description' => 'Indicates whether bot management is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'CustomRule' => ['description' => 'Indicates whether custom rules are supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'IpBlacklist' => ['description' => 'Indicates whether the IP address blacklist is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'CnameResourceMaxCount' => ['description' => 'The maximum number of CNAMEs that can be added.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '1000'],
'BackendMaxCount' => ['description' => 'The maximum number of back-to-origin IP addresses that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'ExclusiveIp' => ['description' => 'Indicates whether exclusive IP addresses are supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'CustomResponseRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single custom response template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'IpBlacklistIpInRuleMaxCount' => ['description' => 'The maximum number of IP addresses that can be added to a blacklist rule.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '200'],
'AclRuleMaxIpCount' => ['description' => 'The maximum number of IP addresses that can be added to the match content. For more information about match content, see [Match conditions](~~374354~~).', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''],
'BotTemplateMaxCount' => ['description' => 'The maximum number of bot management protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''],
'DefenseGroupMaxCount' => ['description' => 'The maximum number of protection groups that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'VastIpBlacklistInFileMaxCount' => ['description' => 'The maximum number of IP addresses that can be imported to the IP address blacklist in a single batch.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '2,000'],
'AntiScanTemplateMaxCount' => ['description' => 'The maximum number of scan protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'WhitelistLogical' => ['description' => 'The logical operator for the whitelist rule. For more information, see the description of the **conditions** parameter for **whitelist** rules in CreateDefenseRule.', 'type' => 'string', 'title' => '', 'example' => 'contain'],
'CustomRuleTemplateMaxCount' => ['description' => 'The maximum number of custom rule templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'TamperproofTemplateMaxCount' => ['description' => 'The maximum number of webpage tamper protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''],
'IpBlacklistTemplateMaxCount' => ['description' => 'The maximum number of blacklist templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'HttpsPorts' => ['description' => 'The available HTTPS ports. For more information, see [Port numbers supported by WAF]().', 'type' => 'string', 'title' => '', 'example' => '443'],
'DlpTemplateMaxCount' => ['description' => 'The maximum number of data leak prevention templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''],
'CustomRuleRatelimitor' => ['description' => 'The rate limiting object for the custom rule.', 'type' => 'string', 'title' => '', 'example' => 'header'],
'DefenseObjectMaxCount' => ['description' => 'The maximum number of protected objects that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20,000'],
'Dlp' => ['description' => 'Indicates whether data leak prevention is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'DefenseObjectInTemplateMaxCount' => ['description' => 'The maximum number of protected objects that can be associated with a template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'CustomRuleAction' => ['description' => 'The action string for the custom rule.', 'type' => 'string', 'title' => '', 'example' => 'block'],
'TamperproofRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single webpage tamper protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''],
'DlpRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single data leak prevention template.', 'type' => 'integer', 'format' => 'int64', 'example' => '50', 'title' => ''],
'WhitelistTemplateMaxCount' => ['description' => 'The maximum number of whitelist templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'MajorProtection' => ['description' => 'Indicates whether critical event protection is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'BaseWafGroupRuleTemplateMaxCount' => ['description' => 'The maximum number of basic protection rule templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'BotWeb' => ['description' => 'Indicates whether scenario-specific bot protection for websites is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'string', 'example' => 'true', 'title' => ''],
'CustomRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single custom rule template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'VastIpBlacklistInOperationMaxCount' => ['description' => 'The maximum number of IP addresses that can be added to the IP address blacklist from the console in a single operation.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '500'],
'WhitelistRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single whitelist template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'AntiScan' => ['description' => 'Indicates whether scan protection is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'CustomResponseTemplateMaxCount' => ['description' => 'The maximum number of custom response templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'BaseWafGroupRuleInTemplateMaxCount' => ['description' => 'The maximum number of protection rules that can be included in a single basic protection rule template.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '100'],
'MajorProtectionTemplateMaxCount' => ['description' => 'The maximum number of critical event protection templates that can be configured.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '20'],
'BaseWafGroup' => ['description' => 'Indicates whether basic protection rules are supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'Whitelist' => ['description' => 'Indicates whether the IP address whitelist is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'LogService' => ['description' => 'Indicates whether Simple Log Service is supported. Valid values:'."\n"
."\n"
.'- **true**: Supported.'."\n"
."\n"
.'- **false**: Not supported.', 'type' => 'boolean', 'title' => '', 'example' => 'true'],
'VastIpBlacklistMaxCount' => ['description' => 'The maximum number of IP addresses that can be added to the IP address blacklist for a single user.', 'type' => 'integer', 'format' => 'int64', 'title' => '', 'example' => '50,000'],
'FreeQps' => ['description' => 'The free queries per second (QPS) of the subscription instance. For more information, see [WAF 3.0 subscription plans](~~441231~~).'."\n"
."\n"
.'> This parameter has no meaning for pay-as-you-go instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '1000', 'title' => ''],
'ExtendQps' => ['description' => 'The extra QPS of the subscription instance. For more information, see [WAF 3.0 subscription plans](~~441231~~).'."\n"
."\n"
.'> This parameter has no meaning for pay-as-you-go instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '10000', 'title' => ''],
'ElasticQps' => ['description' => 'The pay-as-you-go QPS of the subscription instance. For more information, see [WAF 3.0 subscription plans](~~441231~~).'."\n"
."\n"
.'> This parameter has no meaning for pay-as-you-go instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '2000', 'title' => ''],
'QpsBillingCap' => ['description' => 'The traffic billing protection threshold for the pay-as-you-go instance. For more information, see [Traffic billing protection](~~2249021~~) for pay-as-you-go instances.'."\n"
."\n"
.'> This parameter has no meaning for subscription instances.', 'type' => 'integer', 'format' => 'int32', 'example' => '2000', 'title' => ''],
],
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''],
'EndTime' => ['description' => 'The expiration time of the instance. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '4809859200000', 'title' => ''],
'InstanceId' => ['description' => 'The ID of the WAF instance.', 'type' => 'string', 'title' => '', 'example' => 'waf-cn-xxx'],
'InDebt' => ['description' => 'Indicates whether the instance has an overdue payment:'."\n"
."\n"
.'- **0**: No.'."\n"
."\n"
.'- **1**: Yes.', 'type' => 'string', 'example' => '1', 'title' => ''],
'StartTime' => ['description' => 'The time when the instance was purchased. The value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1668496310000', 'title' => ''],
'RegionId' => ['title' => '', 'description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou'],
'PayType' => ['description' => 'The billing method of the instance. Valid values:'."\n"
."\n"
.'- **POSTPAY**: The instance is a pay-as-you-go instance.'."\n"
."\n"
.'- **PREPAY**: The instance is a subscription instance.', 'type' => 'string', 'example' => 'POSTPAY', 'title' => ''],
'Edition' => ['description' => 'The edition of the WAF instance.', 'type' => 'string', 'title' => '', 'example' => 'default_version'],
'ProcessStatus' => ['description' => 'The processing status of the instance. Valid values:'."\n"
."\n"
.'- **commodity\\_converting**: The instance is being upgraded or downgraded.'."\n"
."\n"
.'- **commodity\\_convert\\_check\\_failed**: The check for the instance upgrade or downgrade fails.'."\n"
."\n"
.'- **commodity\\_convert\\_process\\_failed**: The instance upgrade or downgrade fails.'."\n"
."\n"
.'- **order\\_create\\_failed**: The order fails to be created.'."\n"
."\n"
.'- **order\\_pending\\_payment**: The order is pending payment.', 'type' => 'string', 'example' => 'order_pending_payment', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeInstance',
'summary' => 'Retrieves the details of the Web Application Firewall (WAF) instance in your Alibaba Cloud account.',
'changeSet' => [
['createdAt' => '2022-11-02T05:56:16.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2022-07-04T11:03:08.000Z', 'description' => 'Response parameters changed'],
['createdAt' => '2021-12-27T11:36:11.000Z', 'description' => 'OpenAPI offline'],
['createdAt' => '2021-12-27T11:36:11.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeInstance'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": 1,\\n \\"Details\\": {\\n \\"DefenseObjectInGroupMaxCount\\": 100,\\n \\"Tamperproof\\": true,\\n \\"BotApp\\": \\"true\\",\\n \\"IpBlacklistRuleInTemplateMaxCount\\": 100,\\n \\"WhitelistRuleCondition\\": \\"URL\\",\\n \\"CustomRuleCondition\\": \\"URL\\",\\n \\"CustomResponse\\": true,\\n \\"HttpPorts\\": \\"80\\",\\n \\"Gslb\\": true,\\n \\"Ipv6\\": true,\\n \\"Bot\\": true,\\n \\"CustomRule\\": true,\\n \\"IpBlacklist\\": true,\\n \\"CnameResourceMaxCount\\": 1000,\\n \\"BackendMaxCount\\": 20,\\n \\"ExclusiveIp\\": true,\\n \\"CustomResponseRuleInTemplateMaxCount\\": 100,\\n \\"IpBlacklistIpInRuleMaxCount\\": 200,\\n \\"AclRuleMaxIpCount\\": 100,\\n \\"BotTemplateMaxCount\\": 50,\\n \\"DefenseGroupMaxCount\\": 100,\\n \\"VastIpBlacklistInFileMaxCount\\": 0,\\n \\"AntiScanTemplateMaxCount\\": 20,\\n \\"WhitelistLogical\\": \\"contain\\",\\n \\"CustomRuleTemplateMaxCount\\": 20,\\n \\"TamperproofTemplateMaxCount\\": 50,\\n \\"IpBlacklistTemplateMaxCount\\": 20,\\n \\"HttpsPorts\\": \\"443\\",\\n \\"DlpTemplateMaxCount\\": 50,\\n \\"CustomRuleRatelimitor\\": \\"header\\",\\n \\"DefenseObjectMaxCount\\": 0,\\n \\"Dlp\\": true,\\n \\"DefenseObjectInTemplateMaxCount\\": 100,\\n \\"CustomRuleAction\\": \\"block\\",\\n \\"TamperproofRuleInTemplateMaxCount\\": 50,\\n \\"DlpRuleInTemplateMaxCount\\": 50,\\n \\"WhitelistTemplateMaxCount\\": 20,\\n \\"MajorProtection\\": true,\\n \\"BaseWafGroupRuleTemplateMaxCount\\": 20,\\n \\"BotWeb\\": \\"true\\",\\n \\"CustomRuleInTemplateMaxCount\\": 100,\\n \\"VastIpBlacklistInOperationMaxCount\\": 500,\\n \\"WhitelistRuleInTemplateMaxCount\\": 100,\\n \\"AntiScan\\": true,\\n \\"CustomResponseTemplateMaxCount\\": 20,\\n \\"BaseWafGroupRuleInTemplateMaxCount\\": 100,\\n \\"MajorProtectionTemplateMaxCount\\": 20,\\n \\"BaseWafGroup\\": true,\\n \\"Whitelist\\": true,\\n \\"LogService\\": true,\\n \\"VastIpBlacklistMaxCount\\": 0,\\n \\"FreeQps\\": 1000,\\n \\"ExtendQps\\": 10000,\\n \\"ElasticQps\\": 2000,\\n \\"QpsBillingCap\\": 2000\\n },\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"EndTime\\": 4809859200000,\\n \\"InstanceId\\": \\"waf-cn-xxx\\",\\n \\"InDebt\\": \\"1\\",\\n \\"StartTime\\": 1668496310000,\\n \\"RegionId\\": \\"cn-hangzhou\\",\\n \\"PayType\\": \\"POSTPAY\\",\\n \\"Edition\\": \\"default_version\\",\\n \\"ProcessStatus\\": \\"order_pending_payment\\"\\n}","type":"json"}]',
],
'DescribeIpAbroadCountryInfos' => [
'summary' => 'Retrieves supported countries and regions outside China for IP-based region blacklist.',
'path' => '/',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'deprecated' => false,
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafBWO4L0'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xl*******005', 'title' => ''],
],
[
'name' => 'Country',
'in' => 'query',
'schema' => ['description' => 'The country outside China to query. Supports fuzzy query by country ID or country name in Chinese or English.', 'type' => 'string', 'example' => 'US', 'title' => '', 'required' => false],
],
[
'name' => 'AbroadRegion',
'in' => 'query',
'schema' => ['description' => 'The region outside China to query. Supports fuzzy query by region ID or region name in Chinese or English.', 'type' => 'string', 'required' => false, 'example' => 'US-CA', 'title' => ''],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The token for the next page. Set this parameter to the value of the **NextToken** parameter returned from the previous API call. You do not need to specify this parameter for the first page query.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****', 'title' => '', 'required' => false],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paged query. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '500', 'minimum' => '1', 'example' => '20', 'default' => '20', 'title' => '', 'required' => false],
],
[
'name' => 'Language',
'in' => 'query',
'schema' => ['description' => 'The language used for country and region names in the response. Valid values:'."\n"
."\n"
.'- **en** (**default**): English.'."\n"
."\n"
.'- **cn**: Simplified Chinese.', 'type' => 'string', 'example' => 'en', 'default' => 'en', 'title' => '', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aekzwwk****cv5i', 'title' => '', 'required' => false],
],
],
'responses' => [
200 => [
'description' => '查询成功',
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '2', 'title' => ''],
'AbroadInfos' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Country' => ['description' => 'The ID of the country.', 'type' => 'string', 'example' => 'US', 'title' => ''],
'CountryName' => ['description' => 'The name of the country.', 'type' => 'string', 'example' => 'United States', 'title' => ''],
'Regions' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'AbroadRegionId' => ['description' => 'The ID of the region.', 'type' => 'string', 'example' => 'US-CA', 'title' => ''],
'AbroadRegionName' => ['description' => 'The name of the region.', 'type' => 'string', 'example' => 'California', 'title' => ''],
],
'description' => 'The region information outside China.',
'title' => '',
'example' => '',
],
'description' => 'The list of region information outside China.',
'title' => '',
'example' => '',
],
'Continent' => ['description' => 'The continent to which the country belongs.', 'type' => 'string', 'example' => 'North America', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
'description' => 'The list of country information outside China.',
'title' => '',
'example' => '',
],
'NextToken' => ['description' => 'The token for the next page.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****', 'title' => ''],
'MaxResults' => ['description' => 'The number of entries per page in a paged query. Valid values: 1 to 500. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''],
],
'description' => 'Response body structure',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'DescribeIpAbroadCountryInfos',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeIpAbroadCountryInfos',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"TotalCount\\": 2,\\n \\"AbroadInfos\\": [\\n {\\n \\"Country\\": \\"US\\",\\n \\"CountryName\\": \\"United States\\",\\n \\"Regions\\": [\\n {\\n \\"AbroadRegionId\\": \\"US-CA\\",\\n \\"AbroadRegionName\\": \\"California\\"\\n }\\n ],\\n \\"Continent\\": \\"North America\\"\\n }\\n ],\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]',
],
'DescribeLogDeliveryConfig' => [
'summary' => 'Queries a single log delivery configuration for a hybrid cloud.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-*****', 'title' => ''],
],
[
'name' => 'DeliveryName',
'in' => 'query',
'schema' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-******', 'title' => ''],
'DeliveryConfig' => [
'description' => 'The log delivery configuration.',
'type' => 'object',
'properties' => [
'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''],
'DeliveryType' => ['description' => 'The type of the log delivery configuration. Valid values:'."\n"
."\n"
.'- **syslog**: The logs are delivered to a syslog service.'."\n"
."\n"
.'- **kafka**: The logs are delivered to a Kafka service.', 'type' => 'string', 'example' => 'syslog', 'title' => ''],
'DeliveryDetail' => ['description' => 'The details of the log delivery configuration, in JSON format.'."\n"
."\n"
.'> This parameter is the same as the **DeliveryDetail** parameter of the **CreateLogDeliveryConfig** operation. For more information, see [CreateLogDeliveryConfig](~~CreateLogDeliveryConfig~~).', 'type' => 'string', 'example' => '{'."\n"
.' "rfcVersion": "rfc3164",'."\n"
.' "protocol": "tcp",'."\n"
.' "servers": ['."\n"
.' {'."\n"
.' "address": "1.1.1.1",'."\n"
.' "port": 20'."\n"
.' }'."\n"
.' ]'."\n"
.'}', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-******\\",\\n \\"DeliveryConfig\\": {\\n \\"DeliveryName\\": \\"test1\\",\\n \\"DeliveryType\\": \\"syslog\\",\\n \\"DeliveryDetail\\": \\"{\\\\n \\\\\\"rfcVersion\\\\\\": \\\\\\"rfc3164\\\\\\",\\\\n \\\\\\"protocol\\\\\\": \\\\\\"tcp\\\\\\",\\\\n \\\\\\"servers\\\\\\": [\\\\n {\\\\n \\\\\\"address\\\\\\": \\\\\\"1.1.1.1\\\\\\",\\\\n \\\\\\"port\\\\\\": 20\\\\n }\\\\n ]\\\\n}\\"\\n }\\n}","type":"json"}]',
'title' => 'DescribeLogDeliveryConfig',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeLogDeliveryConfigs' => [
'summary' => 'Queries all log delivery configurations of a Web Application Firewall (WAF) instance for hybrid cloud.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''],
],
[
'name' => 'DeliveryNameLike',
'in' => 'query',
'schema' => ['description' => 'The name of the log delivery configuration that you want to query. Fuzzy match is supported.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'DeliveryType',
'in' => 'query',
'schema' => ['description' => 'The type of the log delivery configuration that you want to query. Valid values:'."\n"
."\n"
.'- **syslog**: Log delivery to a syslog server.'."\n"
."\n"
.'- **kafka**: Log delivery to a Kafka cluster.', 'type' => 'string', 'required' => false, 'example' => 'kafka', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The pagination token that is used in the next request to retrieve a new page of results. Set this parameter to the value of **NextToken** returned in the previous call. You do not need to specify this parameter for the first request.', 'type' => 'string', 'required' => false, 'example' => 'AAAAAINZ+8pH1oQnusEu1tGAc8is', 'title' => ''],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The maximum number of entries per page. Valid values: 1 to 50. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''],
'DeliveryConfigs' => [
'description' => 'The log delivery configurations.',
'type' => 'array',
'items' => [
'description' => 'The details of a log delivery configuration.',
'type' => 'object',
'properties' => [
'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''],
'DeliveryDetail' => ['description' => 'The details of the log delivery configuration, returned as a JSON string.'."\n"
."\n"
.'> The structure of this parameter is the same as the **DeliveryDetail** request parameter of the [CreateLogDeliveryConfig](~~CreateLogDeliveryConfig~~) operation.', 'type' => 'string', 'example' => '{'."\n"
.' "rfcVersion": "rfc3164",'."\n"
.' "protocol": "tcp",'."\n"
.' "servers": ['."\n"
.' {'."\n"
.' "address": "1.1.1.1",'."\n"
.' "port": 20'."\n"
.' }'."\n"
.' ]'."\n"
.'}', 'title' => ''],
'DeliveryType' => ['description' => 'The type of the log delivery configuration. Valid values:'."\n"
."\n"
.'- **syslog**: Log delivery to a syslog server.'."\n"
."\n"
.'- **kafka**: Log delivery to a Kafka cluster.', 'type' => 'string', 'example' => 'syslog', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'NextToken' => ['description' => 'The pagination token that is used in the next request to retrieve a new page of results.'."\n"
."\n"
.'> If this parameter is not empty, more results are available. Use the value of **NextToken** in the next request to retrieve the next page of results. If the value is empty, all results have been returned.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
'MaxResults' => ['description' => 'The maximum number of entries returned per page.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''],
'TotalCount' => ['description' => 'The total number of log delivery configurations returned.', 'type' => 'integer', 'format' => 'int32', 'example' => '5', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"DeliveryConfigs\\": [\\n {\\n \\"DeliveryName\\": \\"test1\\",\\n \\"DeliveryDetail\\": \\"{\\\\n \\\\\\"rfcVersion\\\\\\": \\\\\\"rfc3164\\\\\\",\\\\n \\\\\\"protocol\\\\\\": \\\\\\"tcp\\\\\\",\\\\n \\\\\\"servers\\\\\\": [\\\\n {\\\\n \\\\\\"address\\\\\\": \\\\\\"1.1.1.1\\\\\\",\\\\n \\\\\\"port\\\\\\": 20\\\\n }\\\\n ]\\\\n}\\",\\n \\"DeliveryType\\": \\"syslog\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20,\\n \\"TotalCount\\": 5\\n}","type":"json"}]',
'title' => 'DescribeLogDeliveryConfigs',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeLogDeliveryConfigs',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeMajorProtectionBlackIps' => [
'summary' => 'Queries the IP address blacklist for critical event protection in a paginated format.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwaf2KYU04'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '5673', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '20013199', 'title' => ''],
],
[
'name' => 'IpLike',
'in' => 'query',
'schema' => ['description' => 'The IP address to query. You can set this parameter to perform a fuzzy query on the added IP address blacklist.', 'type' => 'string', 'required' => false, 'example' => '192.0.XX.XX', 'title' => ''],
],
[
'name' => 'OrderBy',
'in' => 'query',
'schema' => ['description' => 'The property by which to sort the results in **descending order**. Valid values:'."\n"
."\n"
.'- **gmtModified**: sorts by modification time.'."\n"
."\n"
.'- **ip**: sorts by IP address.'."\n"
."\n"
.'- **templateId**: sorts by template ID.'."\n"
."\n"
.'- **id**: sorts by primary key.', 'type' => 'string', 'required' => false, 'example' => 'gmtModified', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of IP addresses in the blacklist.', 'type' => 'integer', 'format' => 'int64', 'example' => '63', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '41631674-EEB0-5B02-BEB4-40A758E9B841', 'title' => ''],
'IpList' => [
'description' => 'The list of IP addresses in the blacklist.',
'type' => 'array',
'items' => [
'description' => 'The list of IP addresses in the blacklist.',
'type' => 'object',
'properties' => [
'Description' => ['description' => 'The description of the template.', 'type' => 'string', 'example' => 'test0003asdffas', 'title' => ''],
'Ip' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '192.0.XX.XX', 'title' => ''],
'RuleId' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'example' => '8508970', 'title' => ''],
'ExpiredTime' => ['description' => 'The timestamp after which the IP address blacklist becomes invalid. Unit: seconds.'."\n"
."\n"
.'> If the value is **0**, the IP address blacklist is permanently valid.', 'type' => 'integer', 'format' => 'int64', 'example' => '1662603328', 'title' => ''],
'GmtModified' => ['description' => 'The time when the IP address in the blacklist was modified.', 'type' => 'integer', 'format' => 'int64', 'example' => '1665456202000', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '9684', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeMajorProtectionBlackIps',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMajorProtectionBlackIps'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeMajorProtectionBlackIps',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 63,\\n \\"RequestId\\": \\"41631674-EEB0-5B02-BEB4-40A758E9B841\\",\\n \\"IpList\\": [\\n {\\n \\"Description\\": \\"test0003asdffas\\",\\n \\"Ip\\": \\"192.0.XX.XX\\",\\n \\"RuleId\\": 8508970,\\n \\"ExpiredTime\\": 1662603328,\\n \\"GmtModified\\": 1665456202000,\\n \\"TemplateId\\": 9684\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeMemberAccounts' => [
'summary' => 'Retrieves all member accounts managed by the WAF multi-account management feature.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '213364',
'abilityTreeNodes' => ['FEATUREwaf4WHEC3'],
],
'parameters' => [
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'SourceIp',
'in' => 'query',
'schema' => ['description' => 'The source IP address. You do not need to specify this parameter. It is automatically obtained by the system.', 'type' => 'string', 'required' => false, 'example' => '0.0.XX.XX', 'title' => ''],
],
[
'name' => 'AccountStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the member accounts that you want to query. Valid values:'."\n"
."\n"
.'- **enabled**: The member account is being managed.'."\n"
."\n"
.'- **disabled**: The member account is not being managed.'."\n"
."\n"
.'- **disabling**: The member account is being removed from management.', 'type' => 'string', 'required' => false, 'example' => 'enabled', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '50C4A80D-D46C-57E0-9A7D-03C078474852', 'title' => ''],
'AccountInfos' => [
'description' => 'The information about the member accounts.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'AccountId' => ['description' => 'The ID of the member account.', 'type' => 'string', 'example' => '169************21', 'title' => ''],
'AccountName' => ['description' => 'The name of the member account.', 'type' => 'string', 'example' => 'ipflgmqqnbjg', 'title' => ''],
'AccountStatus' => ['description' => 'The status of the member account. Valid values:'."\n"
."\n"
.'- **enabled**: The member account is being managed.'."\n"
."\n"
.'- **disabled**: The member account is not being managed.'."\n"
."\n"
.'- **disabling**: The member account is being removed from management.', 'type' => 'string', 'example' => 'enabled', 'title' => ''],
'Description' => ['description' => 'The description of the member account.', 'type' => 'string', 'example' => 'test', 'title' => ''],
'GmtCreate' => ['description' => 'The time when the member account was added. This value is a UNIX timestamp representing the number of milliseconds that have elapsed since January 1, 1970, 00:00:00 UTC.', 'type' => 'integer', 'format' => 'int64', 'example' => '1683367751000', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeMemberAccounts',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMemberAccounts'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeMemberAccounts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"50C4A80D-D46C-57E0-9A7D-03C078474852\\",\\n \\"AccountInfos\\": [\\n {\\n \\"AccountId\\": \\"169************21\\",\\n \\"AccountName\\": \\"ipflgmqqnbjg\\",\\n \\"AccountStatus\\": \\"enabled\\",\\n \\"Description\\": \\"test\\",\\n \\"GmtCreate\\": 1683367751000\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeNetworkFlowTimeSeriesMetric' => [
'summary' => 'Queries the time series statistics of all traffic, including malicious requests and normal service requests.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '258611',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'Filter',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The filter conditions for the query. Multiple filter conditions have a logical AND relationship.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range to query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The start of the time range to query, in UNIX timestamp format. Unit: seconds. The query time range cannot exceed the last 30 days.'."\n"
."\n"
.'> ## The start time must be within the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000', 'title' => ''],
'EndDate' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600', 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
'Conditions' => [
'description' => 'A list of filter conditions. Each item describes a filter condition.',
'type' => 'array',
'items' => [
'description' => 'The configuration of a single filter condition. A filter condition consists of a **field name**, an **operator**, and a **filter value**. For more information about the supported field names and operators, see **Additional information about request parameters**.',
'type' => 'object',
'properties' => [
'Key' => [
'description' => 'The field to use for filtering. This parameter supports the following fields:'."\n"
."\n"
.'- matched\\_host: The protected object.'."\n"
."\n"
.'- cluster: The protection cluster.',
'enumValueTitles' => [],
'type' => 'string',
'required' => false,
'example' => 'matched_host'."\n",
'title' => '',
],
'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''],
'Values' => ['description' => 'The filter value.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Metric',
'in' => 'query',
'schema' => ['description' => 'The metric to query. Different metrics return different data. Valid values:'."\n"
."\n"
.'- qps: The number of requests that WAF processes per second. This is a peak value. WAF calculates a queries per second (QPS) value every 10 seconds and uses the peak value within the specified time granularity as the QPS.'."\n"
."\n"
.'- total\\_requests: The total number of requests that WAF processes.'."\n"
."\n"
.'- top5\\_status: The top five response codes that WAF returns to the client and the corresponding time series statistics.'."\n"
."\n"
.'- top5\\_upstream\\_status: The top five response codes that the origin server returns to the client and the corresponding time series statistics.', 'type' => 'string', 'required' => true, 'example' => 'total_requests', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The returned data. For a sample format, see the **Examples** section.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-D33C8B4*****', 'title' => ''],
'NetworkFlowTimeSeries' => [
'description' => 'The time series data. Multiple data series can be returned.',
'type' => 'array',
'items' => [
'description' => 'A single time series. The time series data consists of two arrays: Timestamps and Values. The Timestamps array contains a sequence of timestamps at fixed intervals. The Values array contains the statistical count for each interval. The two arrays have the same number of data points, and the data points correspond to each other.',
'type' => 'object',
'properties' => [
'Metric' => ['description' => 'The metric name. This value is the same as the Metric request parameter.', 'type' => 'string', 'example' => 'total_requests', 'title' => ''],
'Timestamps' => [
'description' => 'The timestamps. Each value represents the start of a time interval.',
'type' => 'array',
'items' => ['description' => 'The start time of each data point. This value is a UNIX timestamp string.', 'type' => 'string', 'example' => '[]', 'title' => ''],
'title' => '',
'example' => '',
],
'Values' => [
'description' => 'The metric values. Each value represents the count within the corresponding time interval.',
'type' => 'array',
'items' => ['description' => 'The statistical count for the current time range.', 'type' => 'integer', 'format' => 'int64', 'example' => '[]', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'TimeSeriesMetaData' => [
'description' => 'The metadata of the returned data.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range that was queried.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The start of the time range that was queried. This value is a UNIX timestamp. Unit: seconds. This value is the same as the StartDate request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000', 'title' => ''],
'EndDate' => ['description' => 'The end of the time range that was queried. This value is a UNIX timestamp. Unit: seconds. This value is the same as the EndDate request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600', 'title' => ''],
],
'title' => '',
'example' => '',
],
'AggregateInterval' => ['description' => 'The time granularity of each data point in the returned time series. For example, "15m" indicates that each data point represents statistics for a 15-minute interval. For more information about the time granularity, see the **Time granularity of data points** section.', 'type' => 'string', 'example' => '1m', 'title' => ''],
'Units' => ['description' => 'The unit of the returned data. Default value: requests.', 'type' => 'string', 'example' => 'requests', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'],
['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-D33C8B4*****\\",\\n \\"NetworkFlowTimeSeries\\": [\\n {\\n \\"Metric\\": \\"total_requests\\",\\n \\"Timestamps\\": [\\n \\"[]\\"\\n ],\\n \\"Values\\": [\\n 0\\n ]\\n }\\n ],\\n \\"TimeSeriesMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"AggregateInterval\\": \\"1m\\",\\n \\"Units\\": \\"requests\\"\\n }\\n}","type":"json"}]',
'title' => 'DescribeNetworkFlowTimeSeriesMetric',
'requestParamsDescription' => '**Operator descriptions**'."\n"
."\n"
.'| Operator | Meaning | Description |'."\n"
.'| ------------- | ------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| all-not-match | Not equal to any of the values | The field value is not equal to any value in the collection. For example, to filter requests where real_client_ip is not equal to any value in the collection:
`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n"
.'| eq | Equal to | The field value is equal to a string. For example, to filter statistics for requests where the URL is equal to "/testcase":
`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n"
.'| match-one | Equal to one of the values | The field value is equal to any value in the collection. For example, to filter requests where real_client_ip is equal to any value in the collection:
`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n"
.'| ne | Not equal to | The field value is not equal to a string. For example, to filter statistics for requests where the URL is not equal to "/testcase":
`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n"
."\n"
.'**Supported keys for filter conditions**'."\n"
."\n"
.'| Field name | Description | Supported operators |'."\n"
.'| ------------ | ----------------------- | -------------------------------------- |'."\n"
.'| cluster | The protection cluster. | ne, eq,
match-one,
all-not-match |'."\n"
.'| matched_host | The protected object. | ne, eq,
match-one,
all-not-match |',
'responseParamsDescription' => '**Time granularity of data points**'."\n"
."\n"
.'The time granularity of the returned data varies based on the specified time range.'."\n"
."\n"
.'- If the time range is less than 3 hours, the time granularity is 1m (1 minute).'."\n"
."\n"
.'- If the time range is 3 hours or more and less than 6 hours, the time granularity is 5m (5 minutes).'."\n"
."\n"
.'- If the time range is 6 hours or more and less than 24 hours, the time granularity is 15m (15 minutes).'."\n"
."\n"
.'- If the time range is 24 hours or more and less than 7 days, the time granularity is 1h (1 hour).'."\n"
."\n"
.'- If the time range is 7 days or more and less than 30 days, the time granularity is 1d (1 day).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeNetworkFlowTimeSeriesMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeNetworkFlowTopNMetric' => [
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '258808',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****'."\n", 'title' => ''],
],
[
'name' => 'Filter',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The filter conditions for the query. If you specify multiple filter conditions, all conditions must be met (logical AND).',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range to query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds. The time range cannot exceed the last 30 days.'."\n"
."\n"
.'> The start time must be later than 30 days before the current time.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
'Conditions' => [
'description' => 'The list of filter conditions.',
'type' => 'array',
'items' => [
'description' => 'A single filter condition. A filter condition consists of a field name (Key), an operator (OpValue), and a filter value (Values). For more information about supported field names and operators, see the **Additional information about request parameters** section.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The field name to use for filtering. Valid values:'."\n"
."\n"
.'- matched\\_host'."\n"
."\n"
.'- cluster', 'type' => 'string', 'required' => false, 'example' => 'matched_host'."\n", 'title' => ''],
'OpValue' => ['description' => 'The operator that is used for the filter condition. For more information about supported operators, see the **Additional information about request parameters** section.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''],
'Values' => ['description' => 'The value to use for the filter condition. The value format depends on the Key and OpValue that you specify.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top'."\n", 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Limit',
'in' => 'query',
'schema' => ['description' => 'The maximum number of entries to return. Results are sorted in descending order. Maximum value: 10.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '10', 'title' => ''],
],
[
'name' => 'Metric',
'in' => 'query',
'schema' => ['description' => 'The metric by which to query and rank data. Valid values:'."\n"
."\n"
.'- real\\_client\\_ip: Returns the top N source IP addresses of requests that are sent to WAF. The data is aggregated by source IP address and sorted in descending order.'."\n"
."\n"
.'- http\\_user\\_agent: Returns the top N user agents of requests that are sent to WAF. The data is aggregated by user agent and sorted in descending order.'."\n"
."\n"
.'- request\\_path: Returns the top N request URLs. The data is aggregated by URL and sorted in descending order.'."\n"
."\n"
.'- matched\\_host\\_by\\_total\\_requests: Returns the top N protected objects by total number of requests received.'."\n"
."\n"
.'- matched\\_host\\_by\\_qps: Returns the top N protected objects by queries per second (QPS).'."\n"
."\n"
.'- matched\\_host\\_by\\_status: Returns the top N protected objects based on a specific WAF-returned HTTP status code. The data is aggregated by protected object and sorted in descending order. If you set Metric to this value, you must specify the status field in the Conditions parameter of Filter. The format is as follows:
{"Key":"status","OpValue":"eq","Values":"200"}
'."\n"
."\n"
.'- matched\\_host\\_by\\_upstream\\_status: Returns the top N protected objects based on a specific origin server-returned HTTP status code. The data is aggregated by protected object and sorted in descending order. If you set Metric to this value, you must specify the upstream\\_status field in the Conditions parameter of Filter. The format is as follows:
{"Key":"upstream\\_status","OpValue":"eq","Values":"200"}
', 'type' => 'string', 'required' => true, 'example' => 'matched_host_by_upstream_status', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response body. For more information about the format, see the **Examples** section.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-******4C7726', 'title' => ''],
'NetworkFlowTopNValues' => [
'description' => 'An array of the top N statistics.',
'type' => 'array',
'items' => [
'description' => 'A single entry in the top N ranking results.',
'type' => 'object',
'properties' => [
'Name' => ['description' => 'The dimension value that corresponds to the specified Metric request parameter. For example, if the Metric is set to real\\_client\\_ip, this parameter indicates the source IP address.', 'type' => 'string', 'example' => '127.0.0.1', 'title' => ''],
'Attribute' => ['description' => 'The additional attribute associated with the entry. For example, when the Metric is set to real\\_client\\_ip, this parameter indicates the country or region to which the IP address belongs.', 'type' => 'string', 'example' => ' CN', 'title' => ''],
'Value' => ['description' => 'The total number of requests or the QPS value, depending on the specified Metric. This value is used for top N ranking.', 'type' => 'integer', 'format' => 'int64', 'example' => '1123', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'TopNMetaData' => [
'description' => 'The metadata of the returned data.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range used for the query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The beginning of the time range. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end of the time range. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
'Units' => ['description' => 'The unit of the returned statistical data.', 'type' => 'string', 'example' => 'requests'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'],
['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'DescribeNetworkFlowTopNMetric',
'summary' => 'Queries the top N statistics for all traffic that passes through Web Application Firewall (WAF), including malicious and normal service requests. The results are aggregated by different dimensions and sorted in descending order.',
'requestParamsDescription' => '**Description of operators**'."\n"
."\n"
.'| Operator | Meaning | Description |'."\n"
.'| ------------- | -------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| all-not-match | Does not equal any of the values | The field value is not equal to any of the specified values. For example, to exclude requests from specific source IP addresses:
`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` |'."\n"
.'| eq | Equals | The field value equals the specified string. For example, to query statistics for requests with the URL path "/testcase":
`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n"
.'| match-one | Equals one of the values | The field value equals one of the specified values. For example, to query statistics for requests from specific source IP addresses:
`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.XX.XX.1","2.XX.XX.2","3.XX.XX.3"]}` |'."\n"
.'| ne | Does not equal | The field value does not equal the specified string. For example, to exclude requests with the URL path "/testcase":
`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n"
."\n"
.'**Supported keys for filter conditions**'."\n"
."\n"
.'| Field name | Field description | Supported operators |'."\n"
.'| ------------ | ----------------------- | -------------------------------------- |'."\n"
.'| cluster | The protection cluster. | ne, eq,
match-one,
all-not-match |'."\n"
.'| matched_host | The protected object. | ne, eq,
match-one,
all-not-match |',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeNetworkFlowTopNMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-******4C7726\\",\\n \\"NetworkFlowTopNValues\\": [\\n {\\n \\"Name\\": \\"127.0.0.1\\",\\n \\"Attribute\\": \\" CN\\",\\n \\"Value\\": 1123\\n }\\n ],\\n \\"TopNMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]',
],
'DescribePauseProtectionStatus' => [
'summary' => 'Queries the protection pause status of a Web Application Firewall (WAF) instance.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '222987',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-****-46CE-A47C-6B19****5EB0', 'title' => ''],
'PauseStatus' => ['description' => 'Indicates whether WAF protection is paused for the instance. Valid values:'."\n"
."\n"
.'- **0** (default): Protection is not paused.'."\n"
."\n"
.'- **1**: Protection is paused.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribePauseProtectionStatus',
'changeSet' => [
['createdAt' => '2024-08-27T07:27:28.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePauseProtectionStatus'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePauseProtectionStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-****-46CE-A47C-6B19****5EB0\\",\\n \\"PauseStatus\\": 0\\n}","type":"json"}]',
],
'DescribePeakTrend' => [
'summary' => 'Queries the trend of queries per second (QPS).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''],
],
[
'name' => 'Interval',
'in' => 'query',
'schema' => ['description' => 'The time interval. Unit: seconds. The value must be an integer multiple of 60.', 'type' => 'string', 'required' => true, 'example' => '300', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object for which you want to query the QPS trend, such as a domain name.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', 'title' => ''],
'FlowChart' => [
'description' => 'The QPS statistics of WAF.',
'type' => 'array',
'items' => [
'description' => 'The QPS statistics of WAF.',
'type' => 'object',
'properties' => [
'AntiScanSum' => ['description' => 'The number of requests protected by the scan protection module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'AclSum' => ['description' => 'The number of requests protected by the ACL module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'WafSum' => ['description' => 'The number of requests protected by the web attack protection module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'CcSum' => ['description' => 'The number of requests protected by the CC protection module. This includes requests that are monitored and blocked.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'Index' => ['description' => 'The ordinal number for the time point, sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'Count' => ['description' => 'The total number of requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '2622', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\",\\n \\"FlowChart\\": [\\n {\\n \\"AntiScanSum\\": 0,\\n \\"AclSum\\": 0,\\n \\"WafSum\\": 0,\\n \\"CcSum\\": 0,\\n \\"Index\\": 10,\\n \\"Count\\": 2622\\n }\\n ]\\n}","type":"json"}]',
'title' => 'DescribePeakTrend',
'changeSet' => [
['createdAt' => '2024-08-27T07:23:05.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePeakTrend'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePeakTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribePocFunctions' => [
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '231693',
'abilityTreeNodes' => ['FEATUREwafH82E50'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****'."\n", 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '1557B42F-B889-460A-B17F-1DE5C5AD7FF2', 'title' => ''],
'Functions' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Type' => ['description' => 'The type of the POC feature trial. Valid values:'."\n"
."\n"
.'- **apisec**: API security.'."\n"
."\n"
.'- **botWeb**: bot management for websites.'."\n"
."\n"
.'- **botApp**: bot management for apps.'."\n"
."\n"
.'- **largeLanguageModel**: AI-powered application protection.', 'type' => 'string', 'example' => 'botWeb', 'title' => ''],
'ExpireTime' => ['description' => 'The expiration time of the POC feature trial. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1760581677000', 'title' => ''],
],
'description' => 'The details of the POC feature.',
'title' => '',
'example' => '',
],
'description' => 'A list of the POC feature details.',
'title' => '',
'example' => '',
],
],
'description' => 'The response parameters.',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribePocFunctions',
'summary' => 'Retrieves the enabled proof of concept (POC) feature trials.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePocFunctions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1557B42F-B889-460A-B17F-1DE5C5AD7FF2\\",\\n \\"Functions\\": [\\n {\\n \\"Type\\": \\"botWeb\\",\\n \\"ExpireTime\\": 1760581677000\\n }\\n ]\\n}","type":"json"}]',
],
'DescribePostpayBills' => [
'summary' => 'Queries the list of pay-as-you-go bills.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '114236',
'abilityTreeNodes' => ['FEATUREwafW12QEG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The start time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1779120000', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1779195599', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page for a paged query.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '24', 'title' => ''],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The pagination token for the next page. If a next page exists, this field has a return value.'."\n"
."\n"
.'> If this parameter has a return value, a next page exists. You can use the returned **NextToken** as a request parameter to obtain the data on the next page. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n", 'title' => ''],
],
[
'name' => 'PeriodType',
'in' => 'query',
'schema' => [
'title' => '',
'description' => 'The epoch type for billing information. Valid values:'."\n"
."\n"
.'- **hour**: Billing information is calculated on an hourly basis.',
'type' => 'string',
'default' => 'Hour',
'enum' => ['hour'],
'required' => false,
'example' => 'hour',
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The bill query result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '0FBBDE11-C35F-531B-96BA-64CA****C875', 'title' => ''],
'BillDetail' => [
'description' => 'The list of bill details.',
'type' => 'array',
'items' => [
'description' => 'The bill details.',
'type' => 'object',
'properties' => [
'Cu' => ['description' => 'The total number of SeCUs.', 'type' => 'string', 'example' => '51', 'title' => ''],
'EndTime' => ['description' => 'The end time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1779123599', 'title' => ''],
'StartTime' => ['description' => 'The start time. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1779120000', 'title' => ''],
'FunctionCu' => ['description' => 'The number of feature SeCUs.', 'type' => 'string', 'example' => '30', 'title' => ''],
'TrafficCu' => ['description' => 'The number of SeCUs generated by traffic processing.', 'type' => 'string', 'example' => '21', 'title' => ''],
'ChargeData' => ['description' => 'The bill usage details. The value is a string converted from a JSON object constructed by a series of parameters. For more information, see **Supplementary description of response parameters**.', 'type' => 'string', 'example' => '{\\"aiWhiteListTemplateCount\\":4,\\"apisecResourceCount\\":2,\\"botAppTemplateCount\\":1,\\"botWebTemplateCount\\":4,\\"ccRuleCount\\":1,\\"customAclAdvanceRuleCount\\":4,\\"customResponseRuleCount\\":5,\\"dlpRuleCount\\":1,\\"gslb\\":1,\\"instanceFee\\":1,\\"ipv6\\":1,\\"nonPort\\":1,\\"qps\\":0,\\"regionBlockRuleCount\\":1,\\"threatIntelligenceTemplateCount\\":1,\\"wafBaseTemplateCount\\":4}', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'MaxResults' => ['description' => 'The number of entries per page for a paged query.', 'type' => 'integer', 'format' => 'int32', 'example' => '24', 'title' => ''],
'NextToken' => ['description' => 'The pagination token for the next page. If a next page exists, this field has a return value.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query pay-as-you-go bills',
'responseParamsDescription' => '#### **Bill usage detail parameter description**'."\n"
."\n"
.'**Feature usage - access-related**'."\n"
.'|Parameter|Type|Description|'."\n"
.'| ----------| ------------| -----------|'."\n"
.'|domainCount |Integer |The number of CNAME-based domain names. |'."\n"
.'|exclusiveIpCount |Integer |The number of exclusive IP addresses. |'."\n"
.'|ipv6 |Integer |IPv6. |'."\n"
.'|gslb |Integer |Intelligent load balancing. |'."\n"
.'|nonPort |Integer |Non-standard ports.|'."\n"
."\n\n"
.'**Feature usage - protection-related**'."\n"
.'|Parameter|Type|Description|'."\n"
.'| ----------| ------------| -----------|'."\n"
.'| ipBlacklistRuleCount | Integer | The number of IP address blacklist rules. |'."\n"
.'| customAclBaseRuleCount | Integer | The number of custom rules - basic rules. |'."\n"
.'| customAclAdvanceRuleCount | Integer | The number of custom rules - advanced rules. |'."\n"
.'| antiScanRuleCount | Integer | The number of scan protection rules. |'."\n"
.'| customResponseRuleCount | Integer | The number of custom response rules. |'."\n"
.'| ccRuleCount | Integer | The number of HTTP flood protection rules. |'."\n"
.'| regionBlockRuleCount | Integer | The number of geo-blocking rules. |'."\n"
.'| tamperproofRuleCount | Integer | The number of web page anti-tampering rules. |'."\n"
.'| dlpRuleCount | Integer | The number of information leak prevention rules. |'."\n"
.'| botTemplateCount | Integer | The number of legacy bot templates. |'."\n"
.'| botWebTemplateCount | Integer | The number of new bot - web protection templates. |'."\n"
.'| botAppTemplateCount | Integer | The number of new bot - app protection templates. |'."\n"
.'| customAclBotRuleCount | Integer | The number of new bot advanced custom rules. |'."\n"
.'| aiWhiteListTemplateCount | Integer | The number of intelligent whitelist templates. |'."\n"
.'| apisecResourceCount | Integer | The number of protected objects with API security enabled. |'."\n"
.'| assetStatus | Integer | Asset center. |'."\n"
.'| wafBaseTemplateCount | Integer | The number of web core protection templates. |'."\n"
.'| spikeThrottleRuleCount | Integer | The number of spike throttling templates. |'."\n"
.'| threatIntelligenceTemplateCount | Integer | The number of threat intelligence templates. |'."\n"
.'| aiAssetCount | Integer | The number of AI assets. |'."\n"
."\n"
.'**Feature usage - instance-related**'."\n"
.'|Parameter|Type|Description|'."\n"
.'| ----------| ------------| -----------|'."\n"
.'|instanceFee |Integer |The instance fee. |'."\n"
."\n\n"
.'**Traffic processing usage - instance-related**'."\n"
.'|Parameter|Type|Description|'."\n"
.'| ----------| ------------| -----------|'."\n"
.'| qps | Long | The peak QPS. |'."\n"
.'| request | Long | The basic traffic. |'."\n"
.'| apisecTraffic | Long | The API security traffic. |'."\n"
.'| riskTraffic | Long | The number of risk identification requests. |'."\n"
.'| customAclCaptcha | Long | The custom rule slider verification. |'."\n"
.'| botTraffic | Long | The bot protection traffic. |',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribePostpayBills',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0FBBDE11-C35F-531B-96BA-64CA****C875\\",\\n \\"BillDetail\\": [\\n {\\n \\"Cu\\": \\"51\\",\\n \\"EndTime\\": 1779123599,\\n \\"StartTime\\": 1779120000,\\n \\"FunctionCu\\": \\"30\\",\\n \\"TrafficCu\\": \\"21\\",\\n \\"ChargeData\\": \\"{\\\\\\\\\\\\\\"aiWhiteListTemplateCount\\\\\\\\\\\\\\":4,\\\\\\\\\\\\\\"apisecResourceCount\\\\\\\\\\\\\\":2,\\\\\\\\\\\\\\"botAppTemplateCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"botWebTemplateCount\\\\\\\\\\\\\\":4,\\\\\\\\\\\\\\"ccRuleCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"customAclAdvanceRuleCount\\\\\\\\\\\\\\":4,\\\\\\\\\\\\\\"customResponseRuleCount\\\\\\\\\\\\\\":5,\\\\\\\\\\\\\\"dlpRuleCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"gslb\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"instanceFee\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"ipv6\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"nonPort\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"qps\\\\\\\\\\\\\\":0,\\\\\\\\\\\\\\"regionBlockRuleCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"threatIntelligenceTemplateCount\\\\\\\\\\\\\\":1,\\\\\\\\\\\\\\"wafBaseTemplateCount\\\\\\\\\\\\\\":4}\\"\\n }\\n ],\\n \\"MaxResults\\": 24,\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\\\n\\"\\n}","type":"json"}]',
],
'DescribePrepayDailyBills' => [
'summary' => 'Queries the burstable pay-as-you-go billing details of a subscription WAF instance, such as burstable QPS.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '152241',
'abilityTreeNodes' => ['FEATUREwafH82E50'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '10', 'example' => '10', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The WAF instance ID.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'EC10C9EA-A367-52D5-***-***', 'title' => ''],
'Bills' => [
'description' => 'The list of WAF burstable billing records.',
'type' => 'array',
'items' => [
'description' => 'The WAF burstable billing record.',
'type' => 'object',
'properties' => [
'Type' => [
'description' => 'The burstable billing type.',
'type' => 'array',
'items' => ['description' => 'The burstable billing type. Valid values:'."\n"
.'- **base**: basic traffic.'."\n"
.'- **bot**: Bot Management.'."\n"
.'- **apisec**: API Security.', 'type' => 'string', 'example' => 'base', 'title' => ''],
'title' => '',
'example' => '',
],
'ExceedStatus' => ['description' => 'The overuse status of the current period. Valid values:'."\n"
.'- **0**: Normal.'."\n"
.'- **1**: overused.'."\n"
.'- **2**: sandboxed.', 'type' => 'integer', 'format' => 'int32', 'example' => '0', 'title' => ''],
'RiskControl' => ['description' => 'Indicates whether risk identification is enabled. Valid values:'."\n"
.'- **true**: Risk identification is enabled.'."\n"
.'- **false**: Risk identification is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'MaxQps' => ['description' => 'The maximum QPS during the current period.', 'type' => 'integer', 'format' => 'int64', 'example' => '600', 'title' => ''],
'EndTime' => ['description' => 'The end time of the billing record. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1687591200', 'title' => ''],
'Price' => ['description' => 'The unit price for burstable billing. Unit: CNY for the China site and USD for the international site.', 'type' => 'number', 'format' => 'float', 'example' => '0.25', 'title' => ''],
'Qps' => ['description' => 'The QPS extension specification of the WAF instance.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'QpsVersion' => ['description' => 'The QPS specification included in the WAF instance edition.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'Total' => ['description' => 'The total QPS that is billed.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'StartTime' => ['description' => 'The start time of the billing record. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1687822980', 'title' => ''],
'RiskTraffic' => ['description' => 'The number of times risk identification is used.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''],
'ElasticQpsSetValue' => ['description' => 'The burstable QPS specification of the WAF instance.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''],
'ExtensionPlugin' => ['description' => 'Indicates whether the extension plug-in is enabled. Valid values:'."\n"
.'- **true**: The extension plug-in is enabled.'."\n"
.'- **false**: The extension plug-in is not enabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'ExtensionPluginRequest' => ['description' => 'The number of requests processed by the plug-in.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"EC10C9EA-A367-52D5-***-***\\",\\n \\"Bills\\": [\\n {\\n \\"Type\\": [\\n \\"base\\"\\n ],\\n \\"ExceedStatus\\": 0,\\n \\"RiskControl\\": true,\\n \\"MaxQps\\": 600,\\n \\"EndTime\\": 1687591200,\\n \\"Price\\": 0.25,\\n \\"Qps\\": 10,\\n \\"QpsVersion\\": 10,\\n \\"Total\\": 0,\\n \\"StartTime\\": 1687822980,\\n \\"RiskTraffic\\": 100,\\n \\"ElasticQpsSetValue\\": 100,\\n \\"ExtensionPlugin\\": true,\\n \\"ExtensionPluginRequest\\": 100\\n }\\n ]\\n}","type":"json"}]',
'title' => 'Query burstable billing details of a subscription WAF instance',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePrepayDailyBills',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeProductInstances' => [
'summary' => 'Queries the list of synchronized cloud service assets.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '144614',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zxu****9d02', 'title' => ''],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The instance ID of the cloud service.', 'type' => 'string', 'required' => false, 'example' => 'lb-2zeugkfj81jvo****4tqm'],
],
[
'name' => 'ResourceName',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The instance name of the cloud service.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'exampleResourceName'],
],
[
'name' => 'ResourceRegionId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The region ID of the cloud service. Valid values:'."\n"
.'- **cn-chengdu**: China Southwest 1 (Chengdu).'."\n"
."\n"
.'- **cn-beijing**: China North 2 (Beijing).'."\n"
."\n"
.'- **cn-zhangjiakou**: China North 3 (Zhangjiakou).'."\n"
."\n"
.'- **cn-hangzhou**: China East 1 (Hangzhou).'."\n"
."\n"
.'- **cn-shanghai**: China East 2 (Shanghai).'."\n"
."\n"
.'- **cn-shenzhen**: China South 1 (Shenzhen).'."\n"
."\n"
.'- **cn-qingdao**: China North 1 (Qingdao).'."\n"
."\n"
.'- **cn-hongkong**: Hong Kong (China).'."\n"
."\n"
.'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n"
."\n"
.'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou'],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The type of the cloud service. Valid values:'."\n"
."\n"
.'- **clb4**: Layer 4 CLB.'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **ecs**: ECS.'."\n"
.'- **nlb**: NLB.'."\n"
.'- **ddos**: Anti-DDoS.', 'type' => 'string', 'required' => false, 'example' => 'clb7'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page when using paging. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '100', 'minimum' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ResourceIp',
'in' => 'query',
'schema' => ['description' => 'The public IP address of the cloud service.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => '1.X.X.1', 'title' => ''],
],
[
'name' => 'OwnerUserId',
'in' => 'query',
'schema' => ['description' => 'The UID of the resource ownership user.', 'type' => 'string', 'required' => false, 'example' => '1704********9107', 'title' => ''],
],
[
'name' => 'ResourceInstanceIp',
'in' => 'query',
'schema' => ['description' => 'The IP address of the instance that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => '1.X.X.1', 'title' => ''],
],
[
'name' => 'ResourceInstanceName',
'in' => 'query',
'schema' => ['description' => 'The name of the instance that is added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'demoInstanceName', 'title' => ''],
],
[
'name' => 'ResourceInstanceAccessStatus',
'in' => 'query',
'schema' => [
'description' => 'The WAF protection status. Valid values:'."\n"
."\n"
.'- **all**: All protected.'."\n"
.'- **any**: Protected.'."\n"
.'- **part**: Partially protected.'."\n"
."\n"
.'- **non**: Not protected.',
'type' => 'string',
'enum' => ['all', 'part', 'non', 'any'],
'required' => false,
'example' => 'all',
'title' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekz6ql****5uzi', 'title' => ''],
],
[
'name' => 'ResourceDomain',
'in' => 'query',
'schema' => ['description' => 'The domain name that is added to WAF.'."\n"
.'> This parameter is supported only when the cloud service type is ddos.', 'type' => 'string', 'required' => false, 'example' => 'www.c**sw.net', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'FDCBAE1E-2B3F-5C13-AD20-844B9473****', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '100', 'title' => ''],
'ProductInstances' => [
'description' => 'The list of cloud service information.',
'type' => 'array',
'items' => [
'description' => 'The cloud service information.',
'type' => 'object',
'properties' => [
'ResourceInstanceId' => ['title' => '', 'description' => 'The instance ID of the cloud service.', 'type' => 'string', 'example' => 'i-2ze1tm4pvghp****cluv'],
'ResourceName' => ['title' => '', 'description' => 'The instance name of the cloud service.', 'type' => 'string', 'deprecated' => true, 'example' => 'ecs-test'],
'ResourceRegionId' => ['title' => '', 'description' => 'The region ID of the cloud service. Valid values:'."\n"
.'- **cn-chengdu**: China Southwest 1 (Chengdu).'."\n"
."\n"
.'- **cn-beijing**: China North 2 (Beijing).'."\n"
."\n"
.'- **cn-zhangjiakou**: China North 3 (Zhangjiakou).'."\n"
."\n"
.'- **cn-hangzhou**: China East 1 (Hangzhou).'."\n"
."\n"
.'- **cn-shanghai**: China East 2 (Shanghai).'."\n"
."\n"
.'- **cn-shenzhen**: China South 1 (Shenzhen).'."\n"
."\n"
.'- **cn-qingdao**: China North 1 (Qingdao).'."\n"
."\n"
.'- **cn-hongkong**: Hong Kong (China).'."\n"
."\n"
.'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n"
."\n"
.'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'example' => 'cn-beijing'],
'ResourceProduct' => ['description' => 'The type of the cloud service. Valid values:'."\n"
."\n"
.'- **clb4**: Layer 4 CLB.'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **ecs**: ECS.'."\n"
.'- **nlb**: NLB.', 'type' => 'string', 'example' => 'clb4', 'title' => ''],
'ResourcePorts' => [
'description' => 'The list of port information.',
'type' => 'array',
'items' => [
'description' => 'The port information.',
'type' => 'object',
'properties' => [
'Port' => ['description' => 'The port.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''],
'Protocol' => ['description' => 'The network protocol type. Valid values:'."\n"
.'- **http**: HTTP.'."\n"
.'- **https**: HTTPS.', 'type' => 'string', 'example' => 'https', 'title' => ''],
'Certificates' => [
'description' => 'The list of certificate information.',
'type' => 'array',
'items' => [
'description' => 'The certificate information.',
'type' => 'object',
'properties' => [
'CertificateName' => ['description' => 'The SSL certificate name.', 'type' => 'string', 'example' => 'demoCertName', 'title' => ''],
'CertificateId' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '1234567', 'title' => ''],
'Domain' => ['description' => 'The domain name bound to the certificate.', 'type' => 'string', 'example' => 'www.test.com', 'title' => ''],
'AppliedType' => ['description' => 'The certificate type for the HTTPS protocol. Valid values:'."\n"
."\n"
.'- **default**: Default certificate.'."\n"
."\n"
.'- **extension**: Extension certificate.', 'type' => 'string', 'example' => 'default', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'ResourceIp' => ['description' => 'The public IP address of the cloud service.', 'type' => 'string', 'deprecated' => true, 'example' => '1.X.X.1', 'title' => ''],
'OwnerUserId' => ['description' => 'The UID of the resource ownership user.', 'type' => 'string', 'example' => '1704********9107', 'title' => ''],
'ResourceInstanceIp' => ['description' => 'The IP address of the cloud service instance.', 'type' => 'string', 'example' => '1.X.X.1', 'title' => ''],
'ResourceInstanceName' => ['description' => 'The instance name of the cloud service.', 'type' => 'string', 'example' => 'demoInstanceName', 'title' => ''],
'AccessPorts' => [
'description' => 'The list of ports that are added to WAF.',
'type' => 'array',
'items' => ['description' => 'The port that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '80', 'title' => ''],
'title' => '',
'example' => '',
],
'ResourceInstanceAccessStatus' => ['description' => 'The WAF protection status. Valid values:'."\n"
."\n"
.'- **all**: All protected.'."\n"
.'- **any**: Protected.'."\n"
.'- **part**: Partially protected.'."\n"
."\n"
.'- **non**: Not protected.', 'type' => 'string', 'example' => 'all', 'title' => ''],
'AccessPortAndProtocols' => [
'description' => 'The port and protocol information of the cloud service that is added to WAF.',
'type' => 'array',
'items' => [
'description' => 'The port and protocol information of the cloud service that is added to WAF.',
'type' => 'object',
'properties' => [
'Port' => ['description' => 'The port of the cloud service that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'example' => '443', 'title' => ''],
'Protocol' => ['description' => 'The protocol type. Valid values:'."\n"
.'- **http**: HTTP.'."\n"
.'- **https**: HTTPS.', 'type' => 'string', 'example' => 'http', 'title' => ''],
'CertificateIds' => [
'description' => 'The list of certificate IDs.',
'type' => 'array',
'items' => ['description' => 'The certificate ID.', 'type' => 'string', 'example' => '5379758', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'AccessInstanceId' => ['description' => 'The instance ID of the instance that is added to WAF.', 'type' => 'string', 'example' => 'i-2ze1tm4pvghp****cluv'."\n", 'title' => ''],
'ResourceInstanceEdition' => ['description' => 'The edition of the cloud service instance.', 'type' => 'string', 'example' => 'ecs.e-c1m1.large', 'title' => ''],
'ResourceDomain' => ['description' => 'The domain name that is added to WAF.', 'type' => 'string', 'example' => 'www.c**sw.net', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"FDCBAE1E-2B3F-5C13-AD20-844B9473****\\",\\n \\"TotalCount\\": 100,\\n \\"ProductInstances\\": [\\n {\\n \\"ResourceInstanceId\\": \\"i-2ze1tm4pvghp****cluv\\",\\n \\"ResourceName\\": \\"ecs-test\\",\\n \\"ResourceRegionId\\": \\"cn-beijing\\",\\n \\"ResourceProduct\\": \\"clb4\\",\\n \\"ResourcePorts\\": [\\n {\\n \\"Port\\": 443,\\n \\"Protocol\\": \\"https\\",\\n \\"Certificates\\": [\\n {\\n \\"CertificateName\\": \\"demoCertName\\",\\n \\"CertificateId\\": \\"1234567\\",\\n \\"Domain\\": \\"www.test.com\\",\\n \\"AppliedType\\": \\"default\\"\\n }\\n ]\\n }\\n ],\\n \\"ResourceIp\\": \\"1.X.X.1\\",\\n \\"OwnerUserId\\": \\"1704********9107\\",\\n \\"ResourceInstanceIp\\": \\"1.X.X.1\\",\\n \\"ResourceInstanceName\\": \\"demoInstanceName\\",\\n \\"AccessPorts\\": [\\n 80\\n ],\\n \\"ResourceInstanceAccessStatus\\": \\"all\\",\\n \\"AccessPortAndProtocols\\": [\\n {\\n \\"Port\\": 443,\\n \\"Protocol\\": \\"http\\",\\n \\"CertificateIds\\": [\\n \\"5379758\\"\\n ]\\n }\\n ],\\n \\"AccessInstanceId\\": \\"i-2ze1tm4pvghp****cluv\\\\n\\",\\n \\"ResourceInstanceEdition\\": \\"ecs.e-c1m1.large\\",\\n \\"ResourceDomain\\": \\"www.c**sw.net\\"\\n }\\n ]\\n}","type":"json"}]',
'title' => 'Query synchronized cloud service assets',
'changeSet' => [
['createdAt' => '2024-07-09T07:10:02.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2024-04-02T13:43:56.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProductInstances'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeProductInstances',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribePunishedDomains' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124498',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-uqm****qa07', 'title' => ''],
],
[
'name' => 'Domains',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The list of domain names added to WAF.',
'type' => 'array',
'items' => ['description' => 'A domain name added to WAF.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxaliyundoc.com', 'title' => ''],
'required' => false,
'maxItems' => 100,
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'PunishType',
'in' => 'query',
'schema' => ['description' => 'The penalty type. Valid values:'."\n"
."\n"
.'- **beian** (default): ICP filing center.'."\n"
."\n"
.'- **punishCenter**: penalty center.', 'type' => 'string', 'default' => 'beian', 'required' => false, 'example' => 'beian', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekz7nc****aata', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'B1F4D802-55A1-5D53-A247-7E79****85E7', 'title' => ''],
'PunishedDomains' => [
'description' => 'The list of domain names penalized for not having an ICP filing.',
'type' => 'array',
'items' => ['description' => 'A domain name penalized for not having an ICP filing.', 'type' => 'string', 'example' => 'demo.xxxaliyundoc.com'."\n", 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribePunishedDomains',
'summary' => 'Queries penalties for domain names added to Web Application Firewall (WAF) without an Internet Content Provider (ICP) filing.',
'changeSet' => [
['createdAt' => '2025-01-15T12:33:17.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePunishedDomains'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePunishedDomains',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B1F4D802-55A1-5D53-A247-7E79****85E7\\",\\n \\"PunishedDomains\\": [\\n \\"demo.xxxaliyundoc.com\\\\n\\"\\n ]\\n}","type":"json"}]',
],
'DescribeRelatedDefenseRules' => [
'summary' => 'Queries associated protection rules by using paging.',
'methods' => ['get', 'post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwaf4TDPM4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11sr5****', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the rule to query.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''],
],
[
'name' => 'DefenseType',
'in' => 'query',
'schema' => ['description' => 'The type of the protection rule. Only the following value is supported:'."\n"
.'- **global**: a global-level rule.', 'type' => 'string', 'required' => true, 'example' => 'global', 'title' => ''],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The pagination token (**Token**) for the next page. If a next page exists, this field has a return value.'."\n"
."\n"
.'> If this parameter has a return value, a next page exists. Use the returned **NextToken** as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****', 'title' => ''],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page when using paging. Valid values: 1 to 100. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '100', 'minimum' => '1', 'default' => '20', 'required' => false, 'example' => '20', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => [
'description' => 'The WAF protection scenario. Only the following value is supported:'."\n"
."\n"
.'- **address_book**: address book.',
'enumValueTitles' => ['address_book' => 'address_book'],
'type' => 'string',
'required' => true,
'enum' => ['custom_response', 'address_book', 'extension_plugin'],
'example' => 'address_book',
'title' => '',
],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''],
'Rules' => [
'description' => 'The list of associated rules.',
'type' => 'array',
'items' => [
'description' => 'The information about the associated rule.',
'type' => 'object',
'properties' => [
'RuleId' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '2456789', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection rule template.', 'type' => 'integer', 'format' => 'int64', 'example' => '81501', 'title' => ''],
'DefenseScene' => ['description' => 'The protection scenario of the protection rule. For more information, see the **DefenseScene** parameter in [DescribeDefenseRules](~~461426~~).', 'type' => 'string', 'example' => 'custom_acl', 'title' => ''],
'DefenseType' => ['description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): a template-based protection rule.'."\n"
."\n"
.'- **resource**: a protection object-level rule.'."\n"
."\n"
.'- **global**: a global-level rule.', 'type' => 'string', 'example' => 'template', 'title' => ''],
'RuleName' => ['description' => 'The name of the protection rule.', 'type' => 'string', 'example' => 'ruleTest', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'NextToken' => ['description' => 'The pagination token (**Token**) for the next page. If a next page exists, this field has a return value.'."\n"
."\n"
.'> If this parameter has a return value, a next page exists. Use the returned **NextToken** as a request parameter to obtain the next page of data. Repeat this process until no value is returned, which indicates that all data has been retrieved.', 'type' => 'string', 'example' => 'AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS', 'title' => ''],
'MaxResults' => ['description' => 'The number of entries per page when using paging. Valid values: 1 to 100. Default value: 20.', 'type' => 'integer', 'format' => 'int32', 'example' => '20', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query associated protection rules by page',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeRelatedDefenseRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"Rules\\": [\\n {\\n \\"RuleId\\": 2456789,\\n \\"TemplateId\\": 81501,\\n \\"DefenseScene\\": \\"custom_acl\\",\\n \\"DefenseType\\": \\"template\\",\\n \\"RuleName\\": \\"ruleTest\\"\\n }\\n ],\\n \\"NextToken\\": \\"AAAAAGBgV9tolsLfijC4wam2htS*****D/46H3X2wIS\\",\\n \\"MaxResults\\": 20\\n}","type":"json"}]',
],
'DescribeResourceInstanceCerts' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '212899',
'abilityTreeNodes' => ['FEATUREwafOV749M'],
],
'parameters' => [
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the cloud resource.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'lb-bp1*****jqnnqk5uj2p'],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '1000', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the Web Application Firewall (WAF) instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-*', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-***-6B19160D5EB0', 'title' => ''],
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'Certs' => [
'description' => 'The details of the certificates.',
'type' => 'array',
'items' => [
'description' => 'The details of the certificates.',
'type' => 'object',
'properties' => [
'Domain' => ['description' => 'The domain name associated with the certificate.', 'type' => 'string', 'example' => 'waf.aliyundemo.com', 'title' => ''],
'CertName' => ['description' => 'The name of the certificate.', 'type' => 'string', 'example' => 'waf-cert-name', 'title' => ''],
'CertIdentifier' => ['description' => 'The global ID of the certificate. The ID is generated by appending -cn-hangzhou to the certificate ID. For example, if the certificate ID is 123, the value of CertIdentifier is 123-cn-hangzhou.', 'type' => 'string', 'example' => '123-cn-hangzhou', 'title' => ''],
'CommonName' => ['description' => 'The common name (CN).', 'type' => 'string', 'example' => 'www.aliyundemo.com', 'title' => ''],
'IsChainCompleted' => ['description' => 'Indicates whether the certificate chain is complete.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'AfterDate' => ['description' => 'The time when the certificate expires. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1708415521211', 'title' => ''],
'BeforeDate' => ['description' => 'The time when the certificate was issued. This is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1708415521211', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeResourceInstanceCerts',
'summary' => 'Queries the certificates of a cloud product instance. This operation is available only in multi-account scenarios and returns the certificates of both the delegated administrator and the member that owns the instance. For example, if user A is a delegated administrator with cert1 and the instance lb-xx-1 belongs to member B who has cert2, a query for the instance lb-xx-1 returns both cert1 and cert2.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceInstanceCerts'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceInstanceCerts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-***-6B19160D5EB0\\",\\n \\"TotalCount\\": 1,\\n \\"Certs\\": [\\n {\\n \\"Domain\\": \\"waf.aliyundemo.com\\",\\n \\"CertName\\": \\"waf-cert-name\\",\\n \\"CertIdentifier\\": \\"123-cn-hangzhou\\",\\n \\"CommonName\\": \\"www.aliyundemo.com\\",\\n \\"IsChainCompleted\\": true,\\n \\"AfterDate\\": 1708415521211,\\n \\"BeforeDate\\": 1708415521211\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeResourceLogDeliveryStatus' => [
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '235288',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-g6z3z*****', 'title' => ''],
],
[
'name' => 'Resources',
'in' => 'query',
'schema' => ['description' => 'The protected objects that you want to query. Separate multiple protected objects with commas (,).', 'type' => 'string', 'required' => true, 'example' => 'alb-wewbb23dfsetetcic1242-0****,test.waf.com-waf', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
'LogConfigs' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Resource' => ['description' => 'The name of the protected object, such as a domain name or Application Load Balancer (ALB) instance.', 'type' => 'string', 'example' => 'test.waf.com-waf', 'title' => ''],
'Status' => ['description' => 'Indicates whether log delivery is enabled for the protected object. Valid values:'."\n"
."\n"
.'- **true**: Log delivery is enabled.'."\n"
."\n"
.'- **false**: Log delivery is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'export-kafka', 'title' => ''],
'DeliveryType' => ['description' => 'The type of log delivery for the protected object. Valid values:'."\n"
."\n"
.'- **syslog**: Logs are delivered to a syslog service.'."\n"
."\n"
.'- **kafka**: Logs are delivered to a Kafka service.', 'type' => 'string', 'example' => 'kafka', 'title' => ''],
],
'description' => 'The log delivery configuration for the protected object.',
'title' => '',
'example' => '',
],
'description' => 'A list of log delivery configurations for the protected objects.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeResourceLogDeliveryStatus',
'summary' => 'Queries the log delivery status for protected objects.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceLogDeliveryStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\",\\n \\"LogConfigs\\": [\\n {\\n \\"Resource\\": \\"test.waf.com-waf\\",\\n \\"Status\\": true,\\n \\"DeliveryName\\": \\"export-kafka\\",\\n \\"DeliveryType\\": \\"kafka\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeResourceLogFieldConfig' => [
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '235277',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
'autoTest' => true,
'tenantRelevance' => 'tenant',
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zpr3*******', 'title' => ''],
],
[
'name' => 'DeliveryType',
'in' => 'query',
'schema' => ['description' => 'The log delivery type. Valid values:'."\n"
."\n"
.'- **sls**: Simple Log Service.'."\n"
."\n"
.'- **kafka**: Kafka.'."\n"
."\n"
.'- **syslog**: Syslog.', 'type' => 'string', 'required' => true, 'example' => 'sls', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object whose log field configuration you want to query.', 'type' => 'string', 'required' => true, 'example' => 'test.waf.com-waf', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'AddList' => ['description' => 'The extra log fields that are configured in addition to the default log fields. The fields are specified as a string of comma-separated values.', 'type' => 'string', 'example' => 'acl_test,acl_action,acl_rule_id,waf_test,acl_rule_type', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7B53B47C-D368-5344-BB5E-79******', 'title' => ''],
'LogDeliveryStrategy' => ['description' => 'The log delivery policies. Multiple policies are supported. The value is a string that is converted from a JSON array of parameters.'."\n"
."\n"
.'> For more information about the parameters, see the description of the **LogDeliveryStrategy** parameter in [ModifyResourceLogFieldConfig](~~ModifyResourceLogFieldConfig~~).', 'type' => 'string', 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', 'title' => ''],
'ExtendConfig' => ['description' => 'The extended configuration for log delivery. The value is a string that is converted from a JSON object of parameters.'."\n"
."\n"
.'> For more information about the parameters, see the description of the **ExtendConfig** parameter in [ModifyResourceLogFieldConfig](~~ModifyResourceLogFieldConfig~~).', 'type' => 'string', 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}', 'title' => ''],
'DelList' => ['description' => 'The log fields that are removed from the default log fields. The fields are specified as a string of comma-separated values.', 'type' => 'string', 'example' => 'waf_rule_id,waf_rule_type', 'title' => ''],
'FieldList' => ['description' => 'The list of delivered log fields. The fields are specified as a string of comma-separated values.', 'type' => 'string', 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids', 'title' => ''],
'DeliveryType' => ['description' => 'The log delivery type. Valid values:'."\n"
."\n"
.'- **sls**: Simple Log Service.'."\n"
."\n"
.'- **kafka**: Kafka.'."\n"
."\n"
.'- **syslog**: Syslog.', 'type' => 'string', 'example' => 'sls', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'DescribeResourceLogFieldConfig',
'summary' => 'Queries the log field configuration for a protected object.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AddList\\": \\"acl_test,acl_action,acl_rule_id,waf_test,acl_rule_type\\",\\n \\"RequestId\\": \\"7B53B47C-D368-5344-BB5E-79******\\",\\n \\"LogDeliveryStrategy\\": \\"[{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"blockLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"normalRequestLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"checkLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100}]\\",\\n \\"ExtendConfig\\": \\"{\\\\\\\\\\\\\\"request_header\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"Ali-Cdn-Real-Ip\\\\\\\\\\\\\\"}\\",\\n \\"DelList\\": \\"waf_rule_id,waf_rule_type\\",\\n \\"FieldList\\": \\"account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids\\",\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]',
],
'DescribeResourceLogStatus' => [
'summary' => 'Queries the log collection status of protected objects in a Web Application Firewall (WAF) instance.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '111392',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11zcl****', 'title' => ''],
],
[
'name' => 'Resources',
'in' => 'query',
'allowEmptyValue' => true,
'schema' => ['description' => 'The protected objects whose log collection status you want to query. Separate multiple protected objects with commas (,).', 'type' => 'string', 'required' => true, 'example' => 'alb-wewbb23dfsetetcic1242-0****,alb-wewbb23dfsetetcic1242-1****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '0DABF8AB-2321-5F8D-A8D7-922D757FBFFE', 'title' => ''],
'Result' => [
'description' => 'The log status information of protected objects.',
'type' => 'array',
'items' => [
'description' => 'The log status information of the protected object.',
'type' => 'object',
'properties' => [
'Status' => ['description' => 'Indicates whether log collection is enabled for the protected object. Valid values:'."\n"
."\n"
.'- **true**: Log collection is enabled.'."\n"
."\n"
.'- **false**: Log collection is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'Resource' => ['description' => 'The name of the protected object.', 'type' => 'string', 'example' => 'alb-wewbb23dfsetetcic****', 'title' => ''],
'TraceStatus' => ['type' => 'boolean', 'description' => '', 'title' => '', 'example' => ''],
'TraceConfig' => [
'type' => 'object',
'properties' => [
'Workspace' => ['type' => 'string', 'description' => '', 'title' => '', 'example' => ''],
'RatePerMille' => ['type' => 'integer', 'format' => 'int32', 'description' => '', 'title' => '', 'example' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeResourceLogStatus',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceLogStatus'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"0DABF8AB-2321-5F8D-A8D7-922D757FBFFE\\",\\n \\"Result\\": [\\n {\\n \\"Status\\": true,\\n \\"Resource\\": \\"alb-wewbb23dfsetetcic****\\",\\n \\"TraceStatus\\": false,\\n \\"TraceConfig\\": {\\n \\"Workspace\\": \\"\\",\\n \\"RatePerMille\\": 0\\n }\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeResourcePort' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '8vb40vj87znu3ai7l5lv4-80****'."\n"],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region ID of WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The query results.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''],
'ResourcePorts' => [
'description' => 'All HTTP and HTTPS listener ports that are added to WAF.',
'type' => 'array',
'items' => ['description' => 'The HTTP and HTTPS listener ports.', 'type' => 'string', 'example' => '80', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeResourcePort',
'summary' => 'Queries the ports of a cloud service instance that are added to Web Application Firewall (WAF).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourcePort'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourcePort',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\",\\n \\"ResourcePorts\\": [\\n \\"80\\"\\n ]\\n}","type":"json"}]',
],
'DescribeResourceRegionId' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '112185',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2lrm****6pnq', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'F5905D3F-F674-5177-9E48-466DD3B8****', 'title' => ''],
'ResourceRegionIds' => [
'description' => 'The region IDs of cloud service resources that can be added to WAF by using the SDK.',
'type' => 'array',
'items' => ['description' => 'The ID of the region where the cloud service resource resides.'."\n"
."\n"
.''."\n"
."\n"
.'For more information, see [Regions and zones](https://www.alibabacloud.com/help/zh/egs/regions-and-zones?spm=a3c0i.23458820.2359477120.9.6f4f6e9b9NShFZ).'."\n"
."\n"
.'', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeResourceRegionId',
'summary' => 'Queries the region IDs of cloud service resources that can be added to Web Application Firewall (WAF) by using the SDK.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceRegionId'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceRegionId',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F5905D3F-F674-5177-9E48-466DD3B8****\\",\\n \\"ResourceRegionIds\\": [\\n \\"cn-hangzhou\\"\\n ]\\n}","type":"json"}]',
],
'DescribeResourceSupportRegions' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '144618',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => ['description' => 'The cloud product to which the resource belongs. By default, instances of ALB, MSE, FC, and SAE products are returned. Valid values:'."\n"
."\n"
.'- **alb**: ALB.'."\n"
."\n"
.'- **mse**: MSE.'."\n"
."\n"
.'- **fc**: FC.'."\n"
."\n"
.'- **sae**: SAE.'."\n"
."\n"
.'- **ecs**: ECS.'."\n"
.'- **clb4**: CLB (TCP).'."\n"
.'- **clb7**: CLB (HTTP/HTTPS).'."\n"
.'- **apig**: APIG.'."\n"
.'- **nlb**: NLB.'."\n"
."\n"
.'> Each product supports different regions. If you specify a product filter, refer to the regions supported by the product. Otherwise, the filtering may fail.', 'type' => 'string', 'required' => false, 'example' => 'clb7', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzpks****kdjq', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The query result.',
'type' => 'object',
'properties' => [
'SupportRegions' => [
'description' => 'The list of region IDs supported by WAF in transparent proxy mode.',
'type' => 'array',
'items' => ['description' => 'The region ID. Valid values:'."\n"
.'- **cn-chengdu**: China (Chengdu).'."\n"
."\n"
.'- **cn-beijing**: China (Beijing).'."\n"
."\n"
.'- **cn-zhangjiakou**: China (Zhangjiakou).'."\n"
."\n"
.'- **cn-hangzhou**: China (Hangzhou).'."\n"
."\n"
.'- **cn-shanghai**: China (Shanghai).'."\n"
."\n"
.'- **cn-shenzhen**: China (Shenzhen).'."\n"
."\n"
.'- **cn-qingdao**: China (Qingdao).'."\n"
."\n"
.'- **cn-hongkong**: Hong Kong (China).'."\n"
."\n"
.'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n"
."\n"
.'- **ap-southeast-5**: Indonesia (Jakarta).', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
'title' => '',
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '58FDF266-3D56-5DE8-91E0-96A26BAB****', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query supported regions for cloud native mode',
'summary' => 'Queries the list of supported regions for cloud native mode, mainly for CLB and ECS products.',
'changeSet' => [
['createdAt' => '2024-11-06T13:26:13.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceSupportRegions'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceSupportRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"SupportRegions\\": [\\n \\"cn-hangzhou\\"\\n ],\\n \\"RequestId\\": \\"58FDF266-3D56-5DE8-91E0-96A26BAB****\\"\\n}","type":"json"}]',
],
'DescribeResponseCodeTrendGraph' => [
'summary' => 'Queries the trends of abnormal response codes, such as 5XX, 405, 499, 302, and 444, returned by WAF to clients and by origin servers to WAF.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106569',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Interval',
'in' => 'query',
'schema' => ['description' => 'The time interval. Unit: seconds. The value must be an integer multiple of 60.', 'type' => 'string', 'required' => true, 'example' => '300', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of response codes. Valid values:'."\n"
.'- **waf**: response codes returned by WAF to clients.'."\n"
.'- **upstream**: response codes returned by origin servers to WAF.', 'type' => 'string', 'required' => true, 'example' => 'waf', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object to query.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7D46493E-84DD-58CE-80A7-8643F2B09ECC', 'title' => ''],
'ResponseCodes' => [
'description' => 'The response code statistics information.',
'type' => 'array',
'items' => [
'description' => 'The response code statistics information.',
'type' => 'object',
'properties' => [
'5xxPv' => ['description' => 'The count of 5xx response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '2932', 'title' => ''],
'Index' => ['description' => 'The time sequence number, sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'405Pv' => ['description' => 'The count of 405 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '121645464', 'title' => ''],
'499Pv' => ['description' => 'The count of 499 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'302Pv' => ['description' => 'The count of 302 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'444Pv' => ['description' => 'The count of 444 response codes.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'View response code trends',
'changeSet' => [
['createdAt' => '2024-08-27T07:23:05.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-04-16T02:37:41.000Z', 'description' => 'Response parameters changed, Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResponseCodeTrendGraph'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResponseCodeTrendGraph',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7D46493E-84DD-58CE-80A7-8643F2B09ECC\\",\\n \\"ResponseCodes\\": [\\n {\\n \\"5xxPv\\": 2932,\\n \\"Index\\": 10,\\n \\"405Pv\\": 121645464,\\n \\"499Pv\\": 0,\\n \\"302Pv\\": 0,\\n \\"444Pv\\": 0\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeRoleAuthStatus' => [
'summary' => 'Queries the authorization status of the service-linked role for Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzhalsanv***', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '79ECBB08-079C-57C5-A676-***', 'title' => ''],
'AuthStatus' => ['description' => 'Indicates whether the service-linked role for WAF is authorized.'."\n"
."\n"
.'- **true**: The service-linked role is authorized.'."\n"
."\n"
.'- **false**: The service-linked role is not authorized.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeRoleAuthStatus',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRoleAuthStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"79ECBB08-079C-57C5-A676-***\\",\\n \\"AuthStatus\\": true\\n}","type":"json"}]',
],
'DescribeRuleGroups' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'SearchType',
'in' => 'query',
'schema' => ['description' => 'The query type. Valid values:'."\n"
."\n"
.'- **id**: Queries by rule group ID.'."\n"
."\n"
.'- **name**: Queries by rule group name. Both Chinese and English names are supported.', 'type' => 'string', 'required' => false, 'example' => 'name', 'title' => ''],
],
[
'name' => 'SearchValue',
'in' => 'query',
'schema' => ['description' => 'The content to query.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the results to return. The default value is **1**, which returns the first page of results.', 'type' => 'integer', 'format' => 'int32', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. The default value is **10**.', 'type' => 'integer', 'format' => 'int32', 'default' => '20', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '24', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '02E9A4B8-90FB-5F41-A049-C82277EB82FB', 'title' => ''],
'RuleGroups' => [
'description' => 'The list of regular expression rule groups.',
'type' => 'array',
'items' => [
'description' => 'The list of regular expression rule groups.',
'type' => 'object',
'properties' => [
'RuleGroupId' => ['description' => 'The ID of the rule group.', 'type' => 'integer', 'format' => 'int64', 'example' => '115361', 'title' => ''],
'RuleTotalCount' => ['description' => 'The number of built-in rules.', 'type' => 'integer', 'format' => 'int32', 'example' => '4444', 'title' => ''],
'RuleGroupName' => ['description' => 'The name of the rule group.', 'type' => 'string', 'example' => 'ssssss', 'title' => ''],
'IsSubscribe' => ['description' => 'The automatic update status of the rule group.'."\n"
."\n"
.'- 1: Automatic updates are enabled.'."\n"
."\n"
.'- 2: Automatic updates are disabled.', 'type' => 'integer', 'format' => 'int32', 'example' => '1', 'title' => ''],
'GmtModified' => ['description' => 'The time when the rule group was last updated.', 'type' => 'integer', 'format' => 'int64', 'example' => '1664336364000', 'title' => ''],
'ParentRuleGroupId' => ['description' => 'The ID of the rule group that the current rule group inherits.'."\n"
."\n"
.'- 0: The rule group is created from scratch and does not inherit from another rule group.'."\n"
."\n"
.'- 1011: The Strict rule group.'."\n"
."\n"
.'- 1012: The Medium rule group.'."\n"
."\n"
.'- 1013: The Loose rule group.', 'type' => 'integer', 'format' => 'int64', 'example' => '1012', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeRuleGroups',
'summary' => 'Queries a paginated list of regular expression rule groups.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleGroups'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 24,\\n \\"RequestId\\": \\"02E9A4B8-90FB-5F41-A049-C82277EB82FB\\",\\n \\"RuleGroups\\": [\\n {\\n \\"RuleGroupId\\": 115361,\\n \\"RuleTotalCount\\": 4444,\\n \\"RuleGroupName\\": \\"ssssss\\",\\n \\"IsSubscribe\\": 1,\\n \\"GmtModified\\": 1664336364000,\\n \\"ParentRuleGroupId\\": 1012\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeRuleHitsTopClientIp' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp. Unit: seconds. If you do not set this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The type of rule that the protected object hits. If you do not set this parameter, data for all rule types is returned.'."\n"
."\n"
.'- **blacklist**: The IP address blacklist is hit.'."\n"
."\n"
.'- **custom**: A custom rule is hit.'."\n"
."\n"
.'- **antiscan**: A scan protection rule is hit.'."\n"
."\n"
.'- **cc\\_system**: An HTTP flood protection rule is hit.'."\n"
."\n"
.'- **region\\_block**: The Location Blacklist is hit.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9F0F9AD6-62E2-50BB-A3E5-30FFB9410262', 'title' => ''],
'RuleHitsTopClientIp' => [
'description' => 'The top 10 source IP addresses that initiated the most attacks.',
'type' => 'array',
'items' => [
'description' => 'The attack details for a source IP address.',
'type' => 'object',
'properties' => [
'Count' => ['description' => 'The number of attack requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '531', 'title' => ''],
'ClientIp' => ['description' => 'The IP address of the client.', 'type' => 'string', 'example' => '3.3.XX.XX', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeRuleHitsTopClientIp',
'summary' => 'Queries the top 10 source IP addresses from which the most attacks originated.',
'changeSet' => [
['createdAt' => '2024-08-27T07:12:46.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopClientIp'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopClientIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9F0F9AD6-62E2-50BB-A3E5-30FFB9410262\\",\\n \\"RuleHitsTopClientIp\\": [\\n {\\n \\"Count\\": 531,\\n \\"ClientIp\\": \\"3.3.XX.XX\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeRuleHitsTopResource' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386340', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The type of rule that was triggered. If you do not specify this parameter, data for all rule types is returned.'."\n"
."\n"
.'- **blacklist**: The IP address blacklist.'."\n"
."\n"
.'- **custom**: A custom rule.'."\n"
."\n"
.'- **antiscan**: A scan protection rule.'."\n"
."\n"
.'- **cc\\_system**: An HTTP flood protection rule.'."\n"
."\n"
.'- **region\\_block**: The Location Blacklist feature.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'ADA11BC7-AA95-5C31-9095-5802C02ED1DC', 'title' => ''],
'RuleHitsTopResource' => [
'description' => 'The top 10 protected objects that triggered protection rules.',
'type' => 'array',
'items' => [
'description' => 'The details of a protected object that triggered a protection rule.',
'type' => 'object',
'properties' => [
'Resource' => ['description' => 'The protected object.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'Count' => ['description' => 'The number of requests that triggered the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '14219', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeRuleHitsTopResource',
'summary' => 'Queries the top 10 protected objects that triggered protection rules most frequently.',
'changeSet' => [
['createdAt' => '2024-08-27T07:15:26.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopResource'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"ADA11BC7-AA95-5C31-9095-5802C02ED1DC\\",\\n \\"RuleHitsTopResource\\": [\\n {\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 14219\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeRuleHitsTopRuleId' => [
'summary' => 'Queries the top 10 rule IDs that have triggered mitigation policies the most times.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the current time is used.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The type of rule hit by the protected object. By default, this parameter is not specified, which indicates that all rules are displayed.'."\n"
."\n"
.'- **blacklist**: IP blacklist.'."\n"
."\n"
.'- **custom**: Custom rule.'."\n"
."\n"
.'- **antiscan**: Scan protection rule.'."\n"
."\n"
.'- **cc_system**: HTTP flood mitigation rule.'."\n"
."\n"
.'- **region_block**: Location blacklist.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'IsGroupResource',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to aggregate rule hits by protected object.'."\n"
."\n"
.'- **true (default)**: Aggregates rule hits by protected object. In this case, rule hits are counted based on individual rules only, and the Resource value in the response is empty.'."\n"
.'- **false**: Does not aggregate rule hits by protected object. In this case, rule hits are counted based on both protected objects and rules.', 'type' => 'string', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F6334274-8870-5D2F-A1AD-D6EF885AC1ED', 'title' => ''],
'RuleHitsTopRuleId' => [
'description' => 'The top 10 rule IDs by rule hits.',
'type' => 'array',
'items' => [
'description' => 'The rule hit details.',
'type' => 'object',
'properties' => [
'RuleId' => ['description' => 'The rule ID.', 'type' => 'string', 'example' => '5465465', 'title' => ''],
'Resource' => ['description' => 'The protected object. This parameter is returned when the IsGroupResource request parameter is set to false.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'Count' => ['description' => 'The number of requests that hit the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '181174784', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query top 10 rule iDs by rule hits',
'changeSet' => [
['createdAt' => '2024-08-27T07:15:26.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-10-18T06:19:28.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopRuleId'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopRuleId',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F6334274-8870-5D2F-A1AD-D6EF885AC1ED\\",\\n \\"RuleHitsTopRuleId\\": [\\n {\\n \\"RuleId\\": \\"5465465\\",\\n \\"Resource\\": \\"www.aliyundoc.com\\",\\n \\"Count\\": 181174784\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeRuleHitsTopTuleType' => [
'summary' => 'Queries the top 10 most frequently triggered protection rule types.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the current time is used as the end time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '45E377CE-0B04-578E-B653-EEA63CFE****', 'title' => ''],
'RuleHitsTopTuleType' => [
'description' => 'The top 10 protection rule types that were hit.',
'type' => 'array',
'items' => [
'description' => 'The details about the hits on a protection rule type.',
'type' => 'object',
'properties' => [
'RuleType' => ['description' => 'The type of rule that was hit. This parameter is not returned by default, which indicates that data for all rule types is returned.'."\n"
."\n"
.'- **waf**: basic protection rules.'."\n"
."\n"
.'- **blacklist**: IP address blacklist.'."\n"
."\n"
.'- **custom**: custom rules.'."\n"
."\n"
.'- **antiscan**: scan protection rules.'."\n"
."\n"
.'- **cc\\_system**: HTTP flood protection rules.'."\n"
."\n"
.'- **region\\_block**: location blacklist.'."\n"
."\n"
.'- **scene**: bot management.'."\n"
."\n"
.'- **dlp**: data leak prevention.', 'type' => 'string', 'example' => 'blacklist', 'title' => ''],
'Count' => ['description' => 'The number of requests that hit the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '698455', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeRuleHitsTopTuleType',
'changeSet' => [
['createdAt' => '2024-08-27T07:15:26.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopTuleType'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopTuleType',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"45E377CE-0B04-578E-B653-EEA63CFE****\\",\\n \\"RuleHitsTopTuleType\\": [\\n {\\n \\"RuleType\\": \\"blacklist\\",\\n \\"Count\\": 698455\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeRuleHitsTopUa' => [
'summary' => 'Queries the top 10 User-Agents that initiated the most attacks.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not set this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '8E5C7ED7-503A-5986-A005-36F2511EB89F', 'title' => ''],
'RuleHitsTopUa' => [
'description' => 'The top 10 User-Agents ranked by attack count.',
'type' => 'array',
'items' => [
'description' => 'The attack information of a User-Agent.',
'type' => 'object',
'properties' => [
'Count' => ['description' => 'The number of attack requests.', 'type' => 'integer', 'format' => 'int64', 'example' => '531', 'title' => ''],
'Ua' => ['description' => 'The User-Agent name.', 'type' => 'string', 'example' => 'android', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query top 10 attack user-Agents',
'changeSet' => [
['createdAt' => '2024-08-27T07:18:17.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUa'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopUa',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"8E5C7ED7-503A-5986-A005-36F2511EB89F\\",\\n \\"RuleHitsTopUa\\": [\\n {\\n \\"Count\\": 531,\\n \\"Ua\\": \\"android\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeRuleHitsTopUrl' => [
'summary' => 'Queries the top 10 URLs that trigger protection rules the most.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '105175',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not specify this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => true, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The type of protection rule hit by the protected object. By default, this parameter is not specified, which indicates that all rules are displayed.'."\n"
."\n"
.'- **blacklist**: IP blacklist.'."\n"
."\n"
.'- **custom**: Custom rule.'."\n"
."\n"
.'- **antiscan**: Scan protection rule.'."\n"
."\n"
.'- **cc_system**: HTTP flood mitigation rule.'."\n"
."\n"
.'- **region_block**: Location blacklist.', 'type' => 'string', 'required' => false, 'example' => 'blacklist', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '3D8AF43B-08EB-51CE-B33A-93AA****9B0C', 'title' => ''],
'RuleHitsTopUrl' => [
'description' => 'The top 10 URLs with rule hits.',
'type' => 'array',
'items' => [
'description' => 'The rule hit information for a URL.',
'type' => 'object',
'properties' => [
'Count' => ['description' => 'The number of requests that hit the rule.', 'type' => 'integer', 'format' => 'int64', 'example' => '21862', 'title' => ''],
'Url' => ['description' => 'The request URL.'."\n"
.'> The returned value is Base64-encoded.', 'type' => 'string', 'example' => 'd3d3LmFsaXl1bmRvYy5jb20vcGF0aDM=', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query top 10 uRLs with protection rule hits',
'changeSet' => [
['createdAt' => '2024-08-15T07:03:32.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUrl'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopUrl',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3D8AF43B-08EB-51CE-B33A-93AA****9B0C\\",\\n \\"RuleHitsTopUrl\\": [\\n {\\n \\"Count\\": 21862,\\n \\"Url\\": \\"d3d3LmFsaXl1bmRvYy5jb20vcGF0aDM=\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeSecurityEventLogs' => [
'summary' => 'Queries the detailed logs of attack traffic. Each log entry contains the details of a request that matched a protection rule.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '258811',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'Filter',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The filter conditions. A logical AND relationship exists between multiple filter conditions.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range to query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The start of the time range to query. The time range cannot exceed the last 30 days. The value is a UNIX timestamp. Unit: seconds.'."\n"
."\n"
.'> The start time must be within the last 30 days from the current time.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
'Conditions' => [
'description' => 'A list of filter conditions. Each node describes a filter condition.',
'type' => 'array',
'items' => [
'description' => 'The configuration of a single query condition. A query condition consists of a **field name**, an **operator**, and a **filter value**. For more information about the supported field names and operators, see the **Additional information about request parameters** section.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The name of the field to filter. This operation supports all fields.', 'type' => 'string', 'required' => false, 'example' => 'matched_host'."\n", 'title' => ''],
'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''],
'Values' => ['description' => 'The filter value.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page for a paged query. The maximum value is **100**.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '10', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return for a paged query. The default value is **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The returned data. For an example of the format, see **Examples**.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-******4C7726'."\n", 'title' => ''],
'SecurityEventLogs' => [
'description' => 'A list of detailed attack logs.',
'type' => 'array',
'items' => [
'description' => 'Each node is an attack log that corresponds to a request. For more information, see the **Log field descriptions** and **Response example** sections.',
'enumValueTitles' => [],
'type' => 'any',
'example' => '{'."\n"
.' "remote_region_id": "11***0",'."\n"
.' "plugin_matched_detail_waf_group": "****",'."\n"
.' "plugin_matched_block_rule_detail": "****",'."\n"
.' "querystring": "-",'."\n"
.' "matched_host": "i-8vbaazr2tboqsq******-443-ecs",'."\n"
.' "remote_country_id": "CN",'."\n"
.' "remote_isp_id": "100**8",'."\n"
.' "request_method": "GET",'."\n"
.' "plugin_matched_test_rule_detail": "[]",'."\n"
.' "request_traceid": "0b6261221742197109309484******",'."\n"
.' "dst_port": "0",'."\n"
.' "host": "39.99.***.109",'."\n"
.' "real_client_ip": "47.92.***.14",'."\n"
.' "request_path": "/.git/HEAD",'."\n"
.' "server_protocol": "HTTP/1.1",'."\n"
.' "timestamp": "1742197109"'."\n"
.'}',
'title' => '',
],
'title' => '',
'example' => '',
],
'SecurityEventMetaData' => [
'description' => 'The metadata of the returned data.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range used for the query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The start of the time range used for the query. The value is a UNIX timestamp. Unit: seconds. This value is the same as the \\`StartDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end of the time range used for the query. The value is a UNIX timestamp. Unit: seconds. This value is the same as the \\`EndDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
'Units' => ['description' => 'The unit of the returned statistical data.', 'type' => 'string', 'example' => 'requests', 'title' => ''],
],
'title' => '',
'example' => '',
],
'SecurityEventLogsTotalCount' => ['description' => 'The total number of attack logs found.', 'type' => 'integer', 'format' => 'int64', 'example' => '1000', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'],
['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-******4C7726\\\\n\\",\\n \\"SecurityEventLogs\\": [\\n \\"{\\\\n\\\\t\\\\\\"remote_region_id\\\\\\": \\\\\\"11***0\\\\\\",\\\\n\\\\t\\\\\\"plugin_matched_detail_waf_group\\\\\\": \\\\\\"****\\\\\\",\\\\n\\\\t\\\\\\"plugin_matched_block_rule_detail\\\\\\": \\\\\\"****\\\\\\",\\\\n\\\\t\\\\\\"querystring\\\\\\": \\\\\\"-\\\\\\",\\\\n\\\\t\\\\\\"matched_host\\\\\\": \\\\\\"i-8vbaazr2tboqsq******-443-ecs\\\\\\",\\\\n\\\\t\\\\\\"remote_country_id\\\\\\": \\\\\\"CN\\\\\\",\\\\n\\\\t\\\\\\"remote_isp_id\\\\\\": \\\\\\"100**8\\\\\\",\\\\n\\\\t\\\\\\"request_method\\\\\\": \\\\\\"GET\\\\\\",\\\\n\\\\t\\\\\\"plugin_matched_test_rule_detail\\\\\\": \\\\\\"[]\\\\\\",\\\\n\\\\t\\\\\\"request_traceid\\\\\\": \\\\\\"0b6261221742197109309484******\\\\\\",\\\\n\\\\t\\\\\\"dst_port\\\\\\": \\\\\\"0\\\\\\",\\\\n\\\\t\\\\\\"host\\\\\\": \\\\\\"39.99.***.109\\\\\\",\\\\n\\\\t\\\\\\"real_client_ip\\\\\\": \\\\\\"47.92.***.14\\\\\\",\\\\n\\\\t\\\\\\"request_path\\\\\\": \\\\\\"/.git/HEAD\\\\\\",\\\\n\\\\t\\\\\\"server_protocol\\\\\\": \\\\\\"HTTP/1.1\\\\\\",\\\\n\\\\t\\\\\\"timestamp\\\\\\": \\\\\\"1742197109\\\\\\"\\\\n}\\"\\n ],\\n \\"SecurityEventMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\"\\n },\\n \\"SecurityEventLogsTotalCount\\": 1000\\n}","type":"json"}]',
'title' => 'DescribeSecurityEventLogs',
'description' => 'Attack traffic refers to requests that hit a rule and are identified as threats. The following three types of requests are not included:'."\n"
."\n"
.'- Requests that hit a whitelist rule.'."\n"
."\n"
.'- Requests that hit a bot rule whose action is set to Mark for Origin Fetch.'."\n"
."\n"
.'- Requests that hit a rule whose action is set to Dynamic Token, Slider, Strict Slider, or JS Challenge, but are allowed because the user passed the verification.',
'requestParamsDescription' => '**Operator descriptions**'."\n"
."\n"
.'| Operator | Meaning | Description |'."\n"
.'| ------------- | ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n"
.'| all-not-match | Not equal to any value | The field value is not equal to any value in the dataset. Filter data where `real_client_ip` is not equal to any value in the collection:
`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n"
.'| contain | Contains | The field value contains a specific string. Filter data where the URL contains "test":
`{"Key":"request_path","OpValue":"contain","Values":"test"}` |'."\n"
.'| eq | Equals | The field value equals a specific string. Filter data where the URL is "/testcase":
`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n"
.'| match-one | Equals one of multiple values | The field value is equal to any value in the dataset. Filter data where `real_client_ip` is equal to any value in the collection:
`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n"
.'| ne | Not equal to | The field value does not equal a specific string. Filter data where the URL is not "/testcase":
`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n"
.'| not-contain | Does not contain | The field value does not contain a specific string. Filter data where the URL does not contain "test":
`{"Key":"request_path","OpValue":"not-contain","Values":"test"}` |'."\n"
.'| prefix-match | Prefix match | The field value starts with a specific string. Filter data where the URL prefix is "/testcase":
`{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}` |'."\n"
.'| suffix-match | Suffix match | The field value ends with a specific string. Filter data where the URL suffix is "/testcase":
`{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}` |'."\n"
."\n"
.'**Supported keys for filter conditions**'."\n"
."\n"
.'| Field name | Description | Supported operators |'."\n"
.'| ----------------- | --------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------- |'."\n"
.'| action | The protection action. This is the final action taken on the request. | ne, eq |'."\n"
.'| cluster | The protection cluster. | ne, eq,
match-one,
all-not-match |'."\n"
.'| defense_scene | The protection module. A request may hit multiple protection modules. Requests filtered by this field may also hit other modules. | ne, eq |'."\n"
.'| host | The `host` field in the HTTP header. | contain,
not-contain, ne, eq, match-one, all-not-match, prefix-match, suffix-match |'."\n"
.'| http_cookie | The `cookie` field in the HTTP header. | contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match |'."\n"
.'| http_user_agent | The `User-Agent` field in the HTTP header. | contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match |'."\n"
.'| matched_host | The protected object. | ne, eq,
match-one,
all-not-match |'."\n"
.'| real_client_ip | The source IP address of the request. Only IP address strings are supported as filter values. CIDR blocks are not supported. | ne, eq,
match-one,
all-not-match |'."\n"
.'| remote_country_id | The country to which the source IP address of the HTTP request belongs. | ne, eq,
match-one,
all-not-match |'."\n"
.'| remote_region_id | The province or city to which the source IP address of the HTTP request belongs. | ne, eq,
match-one,
all-not-match |'."\n"
.'| request_method | The HTTP request method. | ne, eq,
match-one,
all-not-match |'."\n"
.'| request_path | The HTTP request URL, excluding the query string. | contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match |'."\n"
.'| request_traceid | The unique ID that identifies the request. | ne, eq,
match-one,
all-not-match |'."\n"
.'| rule_id | The rule ID. A request may hit multiple rules. Requests filtered by this field may also hit other rules. | ne, eq |',
'responseParamsDescription' => '**Log field descriptions**'."\n"
."\n"
.'| Field name | Description | Example value |'."\n"
.'| -------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------- |'."\n"
.'| dst_port | The requested destination port. | 443 |'."\n"
.'| host | The `Host` field in the client request header. This value indicates the accessed domain name or IP address. | api.example.com |'."\n"
.'| matched_host | The WAF protected object (cloud product instance or domain name) that the client request matched. | *.aliyun***.com |'."\n"
.'| plugin_matched_detail_waf_group | The details of the basic protection rule that the request matched, including the matched URI pattern and the raw request URI. | |'."\n"
.'| plugin_matched_block_rule_detail | The details of the protection rule in block mode that the request matched, including the rule ID, action, and protection module. | |'."\n"
.'| plugin_matched_test_rule_detail | The details of the protection rule in monitor mode that the request matched, including the rule ID, action, and protection module. | |'."\n"
.'| querystring | The query string of the client request, which is the part of the URL after the question mark (?). | title=tm_content%3Darticle&pid=123 |'."\n"
.'| remote_region_id | The ID of the province to which the IP address belongs. | 410000 |'."\n"
.'| remote_country_id | The ID of the country to which the source IP address belongs. | CN |'."\n"
.'| remote_isp_id | The ID of the Internet service provider (ISP) to which the source IP address belongs. | 100098 |'."\n"
.'| request_method | The client request method. | GET |'."\n"
.'| request_traceid | The unique ID that WAF generates for the client request. | 7837b11715410386943437009***** |'."\n"
.'| real_client_ip | The actual IP address of the client, as determined by WAF from the request headers. | 192.0.XX.XX |'."\n"
.'| request_path | The request path, which is the part of the URL after the domain name and before the question mark (?). This value does not include the query string. | /news/search.php |'."\n"
.'| server_protocol | The protocol between the client and WAF. | HTTP/1.1 |'."\n"
.'| timestamp | The time when the request was processed by the DPI engine. The value is a UNIX timestamp. Unit: seconds. | 1742197109 |'."\n"
."\n"
.'**Response example**'."\n"
."\n"
.'```'."\n"
.'{'."\n"
.' "SecurityEventLogsTotalCount": 1,'."\n"
.' "SecurityEventLogs": ['."\n"
.' {'."\n"
.' "remote_region_id": "110000",'."\n"
.' "plugin_matched_detail_waf_group": "{\\"uri\\":{\\"hit\\":[\\"/.git/\\"],\\"raw\\":\\"/.git/\\"}}",'."\n"
.' "plugin_matched_block_rule_detail": "[{\\"RuleId\\":\\"12***5\\",\\"Action\\":\\"block\\",\\"DefenseScene\\":\\"waf_base\\",\\"RuleType\\":\\"other\\"}]",'."\n"
.' "querystring": "-",'."\n"
.' "matched_host": "i-8vbaazr2tboqsq******-443-ecs",'."\n"
.' "remote_country_id": "CN",'."\n"
.' "remote_isp_id": "100098",'."\n"
.' "request_method": "GET",'."\n"
.' "plugin_matched_test_rule_detail": "[]",'."\n"
.' "request_traceid": "0b6261221742197109309484******",'."\n"
.' "dst_port": "0",'."\n"
.' "host": "39.99.***.109",'."\n"
.' "real_client_ip": "47.92.***.14",'."\n"
.' "request_path": "/.git/HEAD",'."\n"
.' "server_protocol": "HTTP/1.1",'."\n"
.' "timestamp": "1742197109"'."\n"
.' }'."\n"
.' ],'."\n"
.' "SecurityEventMetaData": {'."\n"
.' "DateRange": {'."\n"
.' "StartDate": 1742196600,'."\n"
.' "EndDate": 1742197500'."\n"
.' }'."\n"
.' }'."\n"
.'}'."\n"
.'```',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSecurityEventLogs',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'DescribeSecurityEventTimeSeriesMetric' => [
'summary' => 'Queries the time series data of attack traffic. Attack requests are requests that hit a rule and are identified as a threat.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '258794',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'Filter',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The filter conditions for the query. Multiple filter conditions have a logical AND relationship.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range to query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'You can query data from the last 30 days. The start time of the query. This is a UNIX timestamp. Unit: seconds.'."\n"
."\n"
.'> ## The start time must be within the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end time of the query. This is a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
'Conditions' => [
'description' => 'A list of filter conditions. Each node describes one filter condition.',
'type' => 'array',
'items' => [
'description' => 'A single query condition, which consists of a field name, an operator, and a filter value. For information about the supported field names and operators, see Additional information about request parameters.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The name of the field to filter. This operation supports all fields.', 'type' => 'string', 'required' => false, 'example' => 'matched_host', 'title' => ''],
'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''],
'Values' => ['description' => 'The filter value.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top'."\n", 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Metric',
'in' => 'query',
'schema' => ['description' => 'Specifies the content of the returned data. Different metrics correspond to different data content. This operation supports the following metrics:'."\n"
."\n"
.'- mitigated\\_requests: Returns the time series statistics of blocked requests.'."\n"
."\n"
.'- monitored\\_requests: Returns the time series statistics of requests that hit only observation-type rules.'."\n"
."\n"
.'- mitigated\\_requests\\_group\\_by\\_defense\\_scene: Returns data grouped by module. It records a time series graph of the hit count for each module. A single request may hit multiple modules. Therefore, the hit count returned by this metric may not be consistent with the number of requests.'."\n"
."\n"
.'- mitigated\\_requests\\_group\\_by\\_block\\_defense\\_scene: Returns data grouped by module. It records a time series graph of the number of blocked requests for each module. A single request is blocked by only one module. Therefore, the count returned by this metric is consistent with the number of requests.', 'type' => 'string', 'required' => true, 'example' => 'mitigated_requests', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The returned data. For a sample format, see the Examples section.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-*****4C7726'."\n", 'title' => ''],
'SecurityEventTimeSeries' => [
'description' => 'The returned time series data. The operation can return time series data for multiple values.',
'type' => 'array',
'items' => [
'description' => 'A single set of time series data. The time series data consists of two arrays: \\`Timestamps\\` and \\`Values\\`. The \\`Timestamps\\` array contains a time series with fixed intervals. The \\`Values\\` array contains the statistical count for each interval. The two arrays have the same number of nodes, and their data points have a one-to-one correspondence.',
'type' => 'object',
'properties' => [
'Metric' => ['description' => 'The content of the returned data. This is consistent with the \\`Metric\\` request parameter.', 'type' => 'string', 'example' => 'monitored_requests', 'title' => ''],
'Timestamps' => [
'description' => 'The time series. Each point represents the start time of a time range.',
'type' => 'array',
'items' => ['description' => 'The start time for each data point. This is a UNIX timestamp string.', 'type' => 'string', 'example' => '[]', 'title' => ''],
'title' => '',
'example' => '',
],
'Values' => [
'description' => 'The data series. Each point represents the statistical count within a specific time range.',
'type' => 'array',
'items' => ['description' => 'The statistical count for the current time range.', 'type' => 'integer', 'format' => 'int64', 'example' => '[]'."\n", 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'TimeSeriesMetaData' => [
'description' => 'The metadata of the returned data.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range used for the query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The start time of the query. This is a UNIX timestamp. Unit: seconds. This value is the same as the \\`StartDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end time of the query. This is a UNIX timestamp. Unit: seconds. This value is the same as the \\`EndDate\\` request parameter.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
'AggregateInterval' => ['description' => 'The time granularity of each data point in the returned time series data. For example, "15m" indicates that each returned data point represents statistics for a 15-minute interval. For more information about the time granularity of the returned data, see the Time granularity of time series data points section.', 'type' => 'string', 'example' => '1m', 'title' => ''],
'Units' => ['description' => 'The unit of the returned statistical data.', 'type' => 'string', 'example' => 'requests'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'],
['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'],
],
],
'title' => 'DescribeSecurityEventTimeSeriesMetric',
'description' => 'Attack traffic refers to requests that hit a rule and are identified as a threat. The following data is excluded:'."\n"
."\n"
.'- Requests that hit a whitelist rule.'."\n"
."\n"
.'- Requests that hit a bot rule where the rule action is "Mark for origin fetch".'."\n"
."\n"
.'- Requests that hit a rule with the action "Dynamic Token", "Slider", "Strict Slider", or "JS Challenge", but are allowed because the user passed the verification.',
'requestParamsDescription' => '**Operator descriptions**'."\n"
."\n"
.'| Operator | Meaning | Description |'."\n"
.'| ------------- | ----------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |'."\n"
.'| all-not-match | Not equal to any value | The field value is not equal to any value in the dataset. For example, to filter requests where real_client_ip is not equal to any value in the collection:
`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n"
.'| contain | Contains | The field value contains a specific string. For example, to filter data where the URL contains "test":
`{"Key":"request_path","OpValue":"contain","Values":"test"}` |'."\n"
.'| eq | Equals | The field value equals a specific string. For example, to filter data where the URL equals "/testcase":
`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}` |'."\n"
.'| match-one | Equals one of multiple values | The field value is equal to any value in the dataset. For example, to filter requests where real_client_ip is equal to any value in the collection:
`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}` |'."\n"
.'| ne | Not equal to | The field value does not equal a specific string. For example, to filter statistics where the URL does not equal "/testcase":
`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n"
.'| not-contain | Does not contain | The field value does not contain a specific string. For example, to filter data where the URL does not contain "test":
`{"Key":"request_path","OpValue":"not-contain","Values":"test"}` |'."\n"
.'| prefix-match | Prefix match | The field value starts with a specific string. For example, to filter data where the URL prefix is "/testcase":
`{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}` |'."\n"
.'| suffix-match | Suffix match | The field value ends with a specific string. For example, to filter data where the URL suffix is "/testcase":
`{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}` |'."\n"
."\n"
.'**Supported keys for filter conditions**'."\n"
."\n"
.'| Field name | Description | Supported operators |'."\n"
.'| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ---------------------------------------------------------------------------------------- |'."\n"
.'| action | The protection action. This is the final action taken on the request. | ne, eq |'."\n"
.'| cluster | The protection cluster. | ne, eq,
match-one,
all-not-match |'."\n"
.'| defense_scene | The protection module. A request may hit multiple protection modules. Requests filtered by this field may also hit other modules. | ne, eq |'."\n"
.'| host | The host from the HTTP header. | contain,
not-contain, ne, eq, match-one, all-not-match, prefix-match, suffix-match |'."\n"
.'| http_cookie | The cookie from the HTTP header. | contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match |'."\n"
.'| http_user_agent | The User-Agent from the HTTP header. | contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match |'."\n"
.'| matched_host | The protected object. | ne, eq,
match-one,
all-not-match |'."\n"
.'| real_client_ip | The source IP address of the request. The parameter that follows the operator must be an IP address string or a list of IP address strings. Queries by CIDR block are not supported. | ne, eq,
match-one,
all-not-match |'."\n"
.'| remote_country_id | The country to which the source IP address of the HTTP request belongs. | ne, eq,
match-one,
all-not-match |'."\n"
.'| remote_region_id | The province or city to which the source IP address of the HTTP request belongs. | ne, eq,
match-one,
all-not-match |'."\n"
.'| request_method | The HTTP request method. | ne, eq,
match-one,
all-not-match |'."\n"
.'| request_path | The HTTP request URL, excluding the query string. | contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match |'."\n"
.'| request_traceid | The unique ID that identifies the request. | ne, eq,
match-one,
all-not-match |'."\n"
.'| rule_id | The rule ID. A request may hit multiple rules. Requests filtered by this field may also hit other rules. | ne, eq |',
'responseParamsDescription' => '**Time granularity of time series data points**'."\n"
."\n"
.'The statistical time granularity of the returned data varies based on the selected time range.'."\n"
."\n"
.'- If the time range is less than 3 hours, the time granularity of the data points is 1m (1 minute).'."\n"
."\n"
.'- If the time range is 3 hours or more but less than 6 hours, the time granularity of the data points is 5m (5 minutes).'."\n"
."\n"
.'- If the time range is 6 hours or more but less than 24 hours, the time granularity of the data points is 15m (15 minutes).'."\n"
."\n"
.'- If the time range is 24 hours or more but less than 7 days, the time granularity of the data points is 1h (1 hour).'."\n"
."\n"
.'- If the time range is 7 days or more but less than 30 days, the time granularity of the data points is 1d (1 day).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTimeSeriesMetric'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSecurityEventTimeSeriesMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-*****4C7726\\\\n\\",\\n \\"SecurityEventTimeSeries\\": [\\n {\\n \\"Metric\\": \\"monitored_requests\\",\\n \\"Timestamps\\": [\\n \\"[]\\"\\n ],\\n \\"Values\\": [\\n 0\\n ]\\n }\\n ],\\n \\"TimeSeriesMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"AggregateInterval\\": \\"1m\\",\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]',
],
'DescribeSecurityEventTopNMetric' => [
'summary' => 'Queries the top N statistics of attack traffic, which is aggregated by a specified dimension, sorted, and returned.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '258810',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'Filter',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The query filter conditions. Multiple filter conditions are evaluated using a logical AND.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The query time range.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The query data range cannot exceed the past 30 days. The start time used for querying data, expressed as a UNIX timestamp. Unit: seconds.'."\n"
."\n\n"
.'> The start time must be later than the current time minus 30 days.'."\n"
.'> -', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end time used for querying data, expressed as a UNIX timestamp. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1713888600'."\n", 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
'Conditions' => [
'description' => 'The list of filter conditions. Each node describes a filter condition.',
'type' => 'array',
'items' => [
'description' => 'The configuration of a single query condition. A query condition consists of a **field name**, an **operator**, and **filter values**. For the supported field names and operators in query conditions, see **Supplementary description of request parameters**.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The field name on which the filter operation is performed. This operation supports all fields.', 'type' => 'string', 'required' => false, 'example' => 'matched_host'."\n", 'title' => ''],
'OpValue' => ['description' => 'The operator.', 'type' => 'string', 'required' => false, 'example' => 'eq'."\n", 'title' => ''],
'Values' => ['description' => 'The filter values.', 'type' => 'any', 'required' => false, 'example' => 'test.waf-top'."\n", 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Limit',
'in' => 'query',
'schema' => ['description' => 'The number of data entries to return after the statistics are sorted in descending order. Maximum value: 10.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '10'."\n", 'title' => ''],
],
[
'name' => 'Metric',
'in' => 'query',
'schema' => ['description' => 'Specifies the type of data to return. Different Metric values correspond to different data content. The following Metric values are supported by this API operation:'."\n"
.'> The definition of "attack request" is described in the API operation description. The following descriptions reference this concept.'."\n"
."\n"
.'- real_client_ip: performs aggregation and sorting of the source IP addresses of attack requests in descending order, and returns the top N entries.'."\n"
.'- http_user_agent: performs aggregation and sorting of the User-Agent values of attack requests in descending order, and returns the top N entries.'."\n"
.'- matched_host: performs aggregation and sorting of the protected objects hit by attack requests in descending order, and returns the top N entries.'."\n"
.'- remote_region_id: performs aggregation and sorting of the countries to which the source IP addresses of attack requests belong in descending order, and returns the top N entries.'."\n"
.'- request_path: performs aggregation and sorting of the URLs (excluding query strings) of attack requests in descending order, and returns the top N entries.'."\n"
.'- block_defense_scene: performs aggregation and sorting of the final action modules of blocked requests (whose action is not "monitor") in descending order, and returns the top N entries.'."\n"
.'- defense_scene: performs aggregation and sorting of all protection modules hit by attack requests in descending order, and returns the top N entries.'."\n"
.'- defense_scene_rule_id: queries the top rule IDs of hit non-monitor rules and the protection modules to which the rules belong. This query returns statistics only for non-monitor mode rules. The returned data format is as follows:
'."\n"
.' `{ "Attribute": "waf_base", "Value": 140, "Name": "111034" }`'."\n"
.'- defense_scene_with_rule_id: returns the top N rule IDs ranked by the number of hit requests and the protection modules to which the rules belong, connected by "-". This query does not distinguish between rule actions and includes both monitor rules and block rules. The returned format is as follows:
'."\n"
.' `{ "Attribute": "", "Value": 1, "Name": "120075-waf_base" }`'."\n"
.'- defense_scene_top_rule_id: queries the top rule hits of a specific protection module. Specify filter conditions in the Conditions field of Filter. For example, to query the top rule hits of the "custom ACL" module, set the Conditions field as follows:
'."\n"
.' `{ "Key": "defense_scene_map", "OpValue": "contain", "Values": "custom_acl" }`'."\n"
.'- defense_scene_rule_type: queries the top hit rule types of the web core protection module. Only the web core protection module supports this query because only web core protection has rule child classes. Specify filter conditions in the Conditions field of Filter. The format is as follows:
'."\n"
.'` { "Key": "defense_scene", "OpValue": "eq", "Values": "waf_base" }`', 'type' => 'string', 'required' => true, 'example' => 'real_client_ip', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou'."\n", 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q'."\n", 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The returned data result. For format examples, see **Examples**.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D827FCFE-90A7-4330-9326-*****B4C7726'."\n", 'title' => ''],
'SecurityEventTopNValues' => [
'description' => 'The array of top N statistics.',
'type' => 'array',
'items' => [
'description' => 'Each element corresponds to a top N statistics entry.',
'type' => 'object',
'properties' => [
'Name' => ['description' => 'The value of a specific field. The meaning varies depending on the queried Metric.', 'type' => 'string', 'example' => '10000', 'title' => ''],
'Attribute' => ['description' => 'The additional information, such as the protection module to which a rule ID belongs.', 'type' => 'string', 'example' => 'waf_base'."\n", 'title' => ''],
'Value' => ['description' => 'The statistical count used for top N sorting.', 'type' => 'integer', 'format' => 'int64', 'example' => '1111', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'TopNMetaData' => [
'description' => 'The metadata of the returned data.',
'type' => 'object',
'properties' => [
'DateRange' => [
'description' => 'The time range used for the query.',
'type' => 'object',
'properties' => [
'StartDate' => ['description' => 'The start time used for querying data, expressed as a UNIX timestamp. Unit: seconds. This value is the same as the StartDate in the request parameters.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888000'."\n", 'title' => ''],
'EndDate' => ['description' => 'The end time used for querying data, expressed as a UNIX timestamp. Unit: seconds. This value is the same as the EndDate in the request parameters.', 'type' => 'integer', 'format' => 'int64', 'example' => '1713888600'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
'Units' => ['description' => 'The unit of the returned statistics.', 'type' => 'string', 'example' => 'requests'."\n", 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Report.%s', 'errorMessage' => 'Invalid parameter:%s.', 'description' => 'Invalid parameter:%s'],
['errorCode' => 'Waf.Report.InternalError', 'errorMessage' => 'Server error occurred in report service.', 'description' => 'Report Service Internal Error'],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'Query top attack traffic statistics',
'description' => 'Attack traffic refers to requests that have rule hits and are identified as risky. The following three types of data are excluded:'."\n"
."\n"
.'- Requests that hit whitelist rules.'."\n"
.'- Requests that hit bot rules but whose rule action is set to "back-to-origin marking".'."\n"
.'- Requests that hit rules with actions set to "dynamic token", "slider", "strict slider", or "JS authenticate", but the user passes the verification and the requests are allowed.',
'requestParamsDescription' => '**Operator description**'."\n"
."\n"
.'|Operator|Meaning|Description|'."\n"
.'|----------|------------|------------|'."\n"
.'|all-not-match|Not equal to any value|The field value is not equal to any value in the data set. For example, to filter real_client_ip not equal to any value in the set:
`{"Key":"real_client_ip","OpValue":"all-not-match","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}`|'."\n"
.'|contain|Contains|The field value contains a specific string. For example, to filter data where the URL contains "test":
`{"Key":"request_path","OpValue":"contain","Values":"test"}` |'."\n"
.'|eq|Equal to|The field value is equal to a specific string. For example, to filter data where the URL is "/testcase":
`{"Key":"request_path","OpValue":"eq","Values":"/testcase"}`|'."\n"
.'|match-one|Equal to one of multiple values|The field value is equal to any value in the data set. For example, to filter real_client_ip equal to any value in the set:
`{"Key":"real_client_ip","OpValue":"match-one","Values":["1.1.1.1","2.2.2.2","3.3.3.3"]}`|'."\n"
.'|ne|Not equal to|The field value is not equal to a specific string. For example, to filter statistics where the URL is not "/testcase":
`{"Key":"request_path","OpValue":"ne","Values":"/testcase"}` |'."\n"
.'|not-contain|Does not contain|The field value does not contain a specific string. For example, to filter data where the URL does not contain "test":
`{"Key":"request_path","OpValue":"not-contain","Values":"test"}` |'."\n"
.'|prefix-match|Prefix match|The field value starts with a specific string. For example, to filter data where the URL starts with "/testcase":
`{"Key":"request_path","OpValue":"prefix-match","Values":"/testcase"}`|'."\n"
.'|suffix-match | Suffix match| The field value ends with a specific string. For example, to filter data where the URL ends with "/testcase":
`{"Key":"request_path","OpValue":"suffix-match","Values":"/testcase"}`|'."\n"
."\n\n"
.'**Supported keys for filter conditions**'."\n"
."\n"
.'|Field name|Field description|Supported operators|'."\n"
.'|----------|------------|------------|'."\n"
.'|action|The protection action, which is the final action taken on the request.|ne, eq|'."\n"
.'|cluster|The protection cluster.|ne, eq,
match-one,
all-not-match|'."\n"
.'|defense_scene |The protection module. A request may match multiple protection modules. Requests filtered by this field may also match other modules.|ne, eq|'."\n"
.'|host|The host in the HTTP header.|contain,
not-contain, ne, eq, match-one, all-not-match, prefix-match, suffix-match|'."\n"
.'|http_cookie|The cookie in the HTTP header.|contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match|'."\n"
.'|http_user_agent|The User-Agent obtained from the HTTP header.|contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match|'."\n"
.'|matched_host|The protected object.|ne, eq,
match-one,
all-not-match|'."\n"
.'|real_client_ip|The source IP address of the request. The parameter following the operator can only be an IP address string or a list of IP address strings. CIDR block queries are not supported.|ne, eq,
match-one,
all-not-match|'."\n"
.'|remote_country_id|The country to which the source IP address of the HTTP request belongs.|ne, eq,
match-one,
all-not-match|'."\n"
.'|remote_region_id|The province or city to which the source IP address of the HTTP request belongs.|ne, eq,
match-one,
all-not-match|'."\n"
.'|request_method|The HTTP request method.|ne, eq,
match-one,
all-not-match|'."\n"
.'|request_path|The HTTP request URL, excluding the query string.|contain,
not-contain, ne, eq, match-one,
all-not-match, prefix-match, suffix-match|'."\n"
.'|request_traceid |The unique ID that identifies the request.|ne, eq,
match-one,
all-not-match|'."\n"
.'|rule_id|The rule ID. A request may match multiple rules. Requests filtered by this field may also match other rules.|ne, eq|',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTopNMetric'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSecurityEventTopNMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D827FCFE-90A7-4330-9326-*****B4C7726\\\\n\\",\\n \\"SecurityEventTopNValues\\": [\\n {\\n \\"Name\\": \\"10000\\",\\n \\"Attribute\\": \\"waf_base\\\\n\\",\\n \\"Value\\": 1111\\n }\\n ],\\n \\"TopNMetaData\\": {\\n \\"DateRange\\": {\\n \\"StartDate\\": 1713888000,\\n \\"EndDate\\": 1713888600\\n },\\n \\"Units\\": \\"requests\\\\n\\"\\n }\\n}","type":"json"}]',
],
'DescribeSensitiveApiStatistic' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '187678',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'MatchedHost',
'in' => 'query',
'schema' => ['description' => 'The domain name or IP address to which the API operation belongs.', 'type' => 'string', 'required' => false, 'example' => 'a.***.com', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC) in seconds.'."\n"
.'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC) in seconds.'."\n"
."\n"
.'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return in a paged query. Default value: **1**, which indicates the first page.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paged query. Default value: **10**, which indicates 10 entries per page.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '25', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '269', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The dimension for statistics. Valid values:'."\n"
."\n"
.'- **matchedHost** (default): statistics by domain name.'."\n"
."\n"
.'- **apiFormat**: statistics by API operation.'."\n"
."\n"
.'> When the **apiFormat** dimension is used, specify the corresponding domain name in the **MatchedHost** parameter.', 'type' => 'string', 'default' => 'matchedHost', 'required' => false, 'example' => 'matchedHost', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Data' => [
'description' => 'The statistics list.',
'type' => 'array',
'items' => [
'description' => 'The statistics information.',
'type' => 'object',
'properties' => [
'SensitiveOutboundCount' => ['description' => 'The number of outbound sensitive personal information items at the domain name level.', 'type' => 'integer', 'format' => 'int64', 'example' => '127', 'title' => ''],
'MatchedHost' => ['description' => 'The domain name or IP address.', 'type' => 'string', 'example' => 'www.***.top', 'title' => ''],
'List' => [
'description' => 'The list of API operation statistics information under the domain name.'."\n"
."\n"
.'> This field is returned only when the **Type** parameter is set to **apiFormat**, which represents the API dimension statistics information.',
'type' => 'array',
'items' => [
'description' => 'The API operation statistics information under the domain name.',
'type' => 'object',
'properties' => [
'SensitiveCode' => [
'description' => 'The list of sensitive data types.',
'type' => 'array',
'items' => ['description' => 'The sensitive data type.', 'type' => 'string', 'example' => '1003', 'title' => ''],
'title' => '',
'example' => '',
],
'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/login', 'title' => ''],
'SensitiveCount' => ['description' => 'The number of outbound sensitive personal information items at the API level.', 'type' => 'integer', 'format' => 'int64', 'example' => '55', 'title' => ''],
'ApiId' => ['description' => 'The ID of the API operation.', 'type' => 'string', 'example' => 'd288137009c119a873d4c395****', 'title' => ''],
'InfoCount' => ['description' => 'The number of outbound personal information entries at the API level.', 'type' => 'integer', 'format' => 'int64', 'example' => '78', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'InfoOutboundCount' => ['description' => 'The number of outbound personal information entries at the domain name level.', 'type' => 'integer', 'format' => 'int64', 'example' => '213', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query statistics on sites and API operations that involve personal information',
'summary' => 'Queries statistics on sites and API operations that involve personal information.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveApiStatistic'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveApiStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 127,\\n \\"MatchedHost\\": \\"www.***.top\\",\\n \\"List\\": [\\n {\\n \\"SensitiveCode\\": [\\n \\"1003\\"\\n ],\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"SensitiveCount\\": 55,\\n \\"ApiId\\": \\"d288137009c119a873d4c395****\\",\\n \\"InfoCount\\": 78\\n }\\n ],\\n \\"InfoOutboundCount\\": 213\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeSensitiveDetectionResult' => [
'summary' => 'Queries the detection results of API security compliance requirements.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '187711',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp26f1****', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Data' => [
'description' => 'The compliance detection results.',
'type' => 'object',
'properties' => [
'Result' => [
'description' => 'The compliance detection list.',
'type' => 'array',
'items' => [
'description' => 'The compliance detection information.',
'type' => 'object',
'properties' => [
'Max' => [
'description' => 'The maximum values of sensitive data type statistics.',
'type' => 'object',
'properties' => [
'SensitiveCode' => ['description' => 'The sensitive data type with the highest count.', 'type' => 'integer', 'format' => 'int64', 'example' => '1003', 'title' => ''],
'OutboundCount' => ['description' => 'The number of cross-border personal information records corresponding to the sensitive data type with the highest count.', 'type' => 'integer', 'format' => 'int64', 'example' => '54', 'title' => ''],
'InfoCount' => ['description' => 'The number of personal information records corresponding to the sensitive data type with the highest count.', 'type' => 'integer', 'format' => 'int64', 'example' => '187', 'title' => ''],
],
'title' => '',
'example' => '',
],
'DetectionResult' => ['description' => 'The compliance detection result. Valid values: '."\n"
.'- **report**: A data cross-border transfer risk exists.'."\n"
.'- **none**: No data cross-border transfer risk exists.', 'type' => 'string', 'example' => 'report', 'title' => ''],
'List' => [
'description' => 'The detection list of sensitive data types.',
'type' => 'array',
'items' => [
'description' => 'The detection information of a sensitive data type.',
'type' => 'object',
'properties' => [
'SensitiveCode' => ['description' => 'The sensitive data type.', 'type' => 'integer', 'format' => 'int64', 'example' => '1002', 'title' => ''],
'OutboundCount' => ['description' => 'The number of cross-border personal information records.', 'type' => 'integer', 'format' => 'int64', 'example' => '6', 'title' => ''],
'InfoCount' => ['description' => 'The number of personal information records.', 'type' => 'integer', 'format' => 'int64', 'example' => '11', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security compliance detection results',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveDetectionResult'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveDetectionResult',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": {\\n \\"Result\\": [\\n {\\n \\"Max\\": {\\n \\"SensitiveCode\\": 1003,\\n \\"OutboundCount\\": 54,\\n \\"InfoCount\\": 187\\n },\\n \\"DetectionResult\\": \\"report\\",\\n \\"List\\": [\\n {\\n \\"SensitiveCode\\": 1002,\\n \\"OutboundCount\\": 6,\\n \\"InfoCount\\": 11\\n }\\n ]\\n }\\n ]\\n }\\n}","type":"json"}]',
],
'DescribeSensitiveOutboundDistribution' => [
'summary' => 'Queries the distribution of outbound traffic that contains personal information.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '187676',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp. Unit: seconds. The time is in Coordinated Universal Time (UTC).'."\n"
."\n"
.'> Compliance review supports queries for the last month, the last 3 months, the last 6 months, the last 12 months, and the period from January 1 of the previous year to the present. Make sure that the specified time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp. Unit: seconds. The time is in UTC.'."\n"
."\n"
.'> Compliance review supports queries for the last month, the last 3 months, the last 6 months, the last 12 months, and the period from January 1 of the previous year to the present. Make sure that the specified time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '443', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Data' => [
'description' => 'A list of outbound traffic distributions that contain personal information.',
'type' => 'array',
'items' => [
'description' => 'Information about outbound traffic that contains personal information.',
'type' => 'object',
'properties' => [
'SensitiveOutboundCount' => ['description' => 'The number of outbound sensitive information entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '144', 'title' => ''],
'Country' => ['description' => 'The destination country.', 'type' => 'string', 'example' => 'US', 'title' => ''],
'InfoOutboundCount' => ['description' => 'The number of outbound personal information entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '213', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeSensitiveOutboundDistribution',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveOutboundDistribution',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 144,\\n \\"Country\\": \\"US\\",\\n \\"InfoOutboundCount\\": 213\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeSensitiveOutboundStatistic' => [
'summary' => 'Queries statistics about outbound transfers of personal information.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '187677',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp that is in UTC. Unit: seconds.'."\n"
."\n"
.'> The compliance assessment feature supports querying data from the last month, the last 3 months, the last 6 months, the last 12 months, and from January 1 of the previous year to the present. Make sure that the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp that is in UTC. Unit: seconds.'."\n"
."\n"
.'> The compliance assessment feature supports querying data from the last month, the last 3 months, the last 6 months, the last 12 months, and from January 1 of the previous year to the present. Make sure that the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''],
],
[
'name' => 'SensitiveType',
'in' => 'query',
'schema' => ['description' => 'The type of information to query. Valid values:'."\n"
."\n"
.'- **info**: all personal information. This is the default value.'."\n"
."\n"
.'- **sensitive**: only sensitive personal information.', 'type' => 'string', 'required' => false, 'example' => 'info', 'title' => ''],
],
[
'name' => 'SensitiveLevel',
'in' => 'query',
'schema' => ['description' => 'The sensitivity level. Valid values:'."\n"
."\n"
.'- **high**: high.'."\n"
."\n"
.'- **medium**: medium.'."\n"
."\n"
.'- **low**: low.', 'type' => 'string', 'required' => false, 'example' => 'high', 'title' => ''],
],
[
'name' => 'SensitiveCode',
'in' => 'query',
'schema' => ['description' => 'The type of sensitive data. Separate multiple types with commas (,).'."\n"
."\n"
.'> Call the [DescribeApisecRules](~~2859155~~) operation to obtain the supported sensitive data types. This parameter supports only built-in sensitive data types.', 'type' => 'string', 'required' => false, 'example' => '1000,1001', 'title' => ''],
],
[
'name' => 'DetectionResult',
'in' => 'query',
'schema' => ['description' => 'The assessment result. Valid values:'."\n"
."\n"
.'- **report**: a data outbound transfer threat exists.'."\n"
."\n"
.'- **none**: no data outbound transfer threat exists.', 'type' => 'string', 'required' => false, 'example' => 'report', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The number of the page to return. Default value: **1**.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page. Default value: **10**.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '25', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'OrderKey',
'in' => 'query',
'schema' => ['description' => 'The field to use for sorting. Valid values:'."\n"
."\n"
.'- **total\\_count**: sorts by the total number of personal information data entries. This is the default value.'."\n"
."\n"
.'- **outbound\\_count**: sorts by the total number of outbound transfer data entries.', 'type' => 'string', 'required' => false, 'example' => 'total_count', 'title' => ''],
],
[
'name' => 'OrderWay',
'in' => 'query',
'schema' => ['description' => 'The sorting order. Valid values:'."\n"
."\n"
.'- **desc**: descending order. This is the default value.'."\n"
."\n"
.'- **asc**: ascending order.', 'type' => 'string', 'required' => false, 'example' => 'desc', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter is available only for hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned for outbound transfer statistics.', 'type' => 'integer', 'format' => 'int64', 'example' => '5', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''],
'Data' => [
'description' => 'The list of statistics on outbound transfers of personal information.',
'type' => 'array',
'items' => [
'description' => 'The statistics on outbound transfers for a specific sensitive data type.',
'type' => 'object',
'properties' => [
'SensitiveLevel' => ['description' => 'The sensitivity level. Valid values:'."\n"
."\n"
.'- **high**: high.'."\n"
."\n"
.'- **medium**: medium.'."\n"
."\n"
.'- **low**: low.', 'type' => 'string', 'example' => 'high', 'title' => ''],
'SensitiveCode' => ['description' => 'The code that represents the type of sensitive data.'."\n"
."\n"
.'> Call the [DescribeApisecRules](~~2859155~~) operation to obtain the supported sensitive data types.', 'type' => 'integer', 'format' => 'int64', 'example' => '1001', 'title' => ''],
'OutboundCount' => ['description' => 'The number of outbound transfer data entries for the sensitive data type.', 'type' => 'integer', 'format' => 'int64', 'example' => '300', 'title' => ''],
'DetectionResult' => ['description' => 'The assessment result. Valid values:'."\n"
."\n"
.'- **report**: a data outbound transfer threat exists.'."\n"
."\n"
.'- **none**: no data outbound transfer threat exists.', 'type' => 'string', 'example' => 'report', 'title' => ''],
'SensitiveType' => ['description' => 'The type of information. Valid values:'."\n"
."\n"
.'- **info**: all personal information.'."\n"
."\n"
.'- **sensitive**: only sensitive personal information.', 'type' => 'string', 'example' => 'info', 'title' => ''],
'InfoCount' => ['description' => 'The total number of personal information data entries detected.', 'type' => 'integer', 'format' => 'int64', 'example' => '546', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeSensitiveOutboundStatistic',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveOutboundStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 5,\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveLevel\\": \\"high\\",\\n \\"SensitiveCode\\": 1001,\\n \\"OutboundCount\\": 300,\\n \\"DetectionResult\\": \\"report\\",\\n \\"SensitiveType\\": \\"info\\",\\n \\"InfoCount\\": 546\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeSensitiveOutboundTrend' => [
'summary' => 'Queries the trend of cross-border transfer of personal information data.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '187670',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The start time of the query. Specify the value as a UNIX timestamp (UTC). Unit: seconds.'."\n"
.'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end time of the query. Specify the value as a UNIX timestamp (UTC). Unit: seconds.'."\n"
."\n"
.'> Compliance review currently supports querying data only for the last 1 month, last 3 months, last 6 months, last 12 months, or from January 1 of the previous year to the present. Make sure the time range is valid.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000'."\n", 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The hybrid cloud cluster ID.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '433', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '7', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''],
'Data' => [
'description' => 'The list of cross-border data transfer information.',
'type' => 'array',
'items' => [
'description' => 'The cross-border data transfer information.',
'type' => 'object',
'properties' => [
'SensitiveOutboundCount' => ['description' => 'The total number of sensitive information records transferred cross-border.', 'type' => 'integer', 'format' => 'int64', 'example' => '378', 'title' => ''],
'Timestamp' => ['description' => 'The time of the cross-border data transfer. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1672502400', 'title' => ''],
'InfoCount' => ['description' => 'The total number of personal information records.', 'type' => 'integer', 'format' => 'int64', 'example' => '672', 'title' => ''],
'InfoOutboundCount' => ['description' => 'The total number of personal information records transferred cross-border.', 'type' => 'integer', 'format' => 'int64', 'example' => '541', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query cross-border transfer trend of personal information',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveOutboundTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 7,\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveOutboundCount\\": 378,\\n \\"Timestamp\\": 1672502400,\\n \\"InfoCount\\": 672,\\n \\"InfoOutboundCount\\": 541\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeSensitiveRequestLog' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '188086',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****'],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The start time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723392000', 'required' => false],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The end time of the query, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1726057800', 'required' => false],
],
[
'name' => 'MatchedHost',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'a.***.com', 'required' => false],
],
[
'name' => 'ApiFormat',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/api/users/login'."\n", 'required' => false],
],
[
'name' => 'ClientIP',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The IP address.', 'type' => 'string', 'example' => '103.118.55.**', 'required' => false],
],
[
'name' => 'SensitiveCode',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The sensitive data type.'."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.', 'type' => 'string', 'example' => '1000,1001', 'required' => false],
],
[
'name' => 'SensitiveData',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The response sensitive data.', 'type' => 'string', 'example' => 'user', 'required' => false],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The page number of the page to return in a paged query. Default value: **1**, which indicates the first page. Paging starts from page 1.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'default' => '1', 'required' => false],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The number of entries to return on each page in a paged query. Default value: **10**, which indicates 10 entries per page. Paging starts from page 1.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '10', 'minimum' => '1', 'example' => '10', 'default' => '10', 'required' => false],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The hybrid cloud cluster ID.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query hybrid cloud cluster information.', 'type' => 'string', 'example' => '433', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'example' => 'rg-acfm***q', 'required' => false],
],
[
'name' => 'Account',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The account information.', 'type' => 'string', 'example' => 'admin', 'required' => false],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['title' => '', 'description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '7'],
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****'],
'Data' => [
'title' => '',
'description' => 'The list of access logs.',
'type' => 'array',
'items' => [
'title' => '',
'description' => 'The access log information.',
'type' => 'object',
'properties' => [
'MatchedHost' => ['title' => '', 'description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'a.****.com'],
'ApiFormat' => ['title' => '', 'description' => 'The API operation.', 'type' => 'string', 'example' => '/api/users/login'],
'TraceId' => ['title' => '', 'description' => 'The log ID.', 'type' => 'string', 'example' => '0a3d455b17027784870843933dce3d'],
'RequestTime' => ['title' => '', 'description' => 'The request time, in UNIX timestamp (UTC) format. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723392000'],
'Count' => ['title' => '', 'description' => 'The number of outbound sensitive data entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '12'],
'ClientIP' => ['title' => '', 'description' => 'The IP address.', 'type' => 'string', 'example' => '103.118.55.**'],
'ApiId' => ['title' => '', 'description' => 'The ID of the API.', 'type' => 'string', 'example' => '197b52abcd81d6a8bd4***e477'],
'SensitiveList' => ['title' => '', 'description' => 'The sensitive data information. The value is a JSON string constructed from a series of parameters. The key of the JSON object is the sensitive data type identifier, which can be built-in or custom. The value is a list of sensitive data entries.'."\n"
."\n"
.'> You can call the [DescribeApisecRules](~~2859155~~) operation to query the supported sensitive data types.', 'type' => 'string', 'example' => '{'."\n"
.' "1000":[ '."\n"
.' "90.88.49.19",'."\n"
.' "90.88.49.19"'."\n"
.' ],'."\n"
.' "835436":[ '."\n"
.' "www.abc.com"'."\n"
.' ]'."\n"
.'}'],
'RemoteCountryId' => ['title' => '', 'description' => 'The region to which the IP address belongs, in region identifier code format.', 'type' => 'string', 'example' => 'CN'],
'Account' => ['title' => '', 'description' => 'The account of the request.', 'type' => 'string', 'example' => 'admin'],
],
'example' => '',
],
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query access logs of sensitive data',
'summary' => 'Queries the access log information of sensitive data.',
'changeSet' => [
['createdAt' => '2025-01-16T13:23:42.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-11-26T09:04:16.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveRequestLog'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveRequestLog',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 7,\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"Data\\": [\\n {\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/users/login\\",\\n \\"TraceId\\": \\"0a3d455b17027784870843933dce3d\\",\\n \\"RequestTime\\": 1723392000,\\n \\"Count\\": 12,\\n \\"ClientIP\\": \\"103.118.55.**\\",\\n \\"ApiId\\": \\"197b52abcd81d6a8bd4***e477\\",\\n \\"SensitiveList\\": \\"{\\\\n \\\\\\"1000\\\\\\":[ \\\\n \\\\\\"90.88.49.19\\\\\\",\\\\n \\\\\\"90.88.49.19\\\\\\"\\\\n ],\\\\n \\\\\\"835436\\\\\\":[ \\\\n \\\\\\"www.abc.com\\\\\\"\\\\n ]\\\\n}\\",\\n \\"RemoteCountryId\\": \\"CN\\",\\n \\"Account\\": \\"admin\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeSensitiveRequests' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '187966',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'SensitiveCode',
'in' => 'query',
'schema' => ['description' => 'The type of sensitive data.'."\n"
.'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1001', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1723392000', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''],
],
[
'name' => 'SensitiveData',
'in' => 'query',
'schema' => ['description' => 'The sensitive data.', 'type' => 'string', 'required' => false, 'example' => 'card', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number when you use paged query. Default value: **1**, which indicates that the first page is returned in the paging result.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page when you use paged query. Default value: 10, which indicates that each page contains 10 entries in the paging result.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '25', 'minimum' => '1', 'default' => '10', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '269', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwkpn****5i', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '26E46541-7AAB-5565-801D-F14DBDC5****', 'title' => ''],
'Data' => [
'description' => 'The list of data tracing results.',
'type' => 'array',
'items' => [
'description' => 'The data tracing information.',
'type' => 'object',
'properties' => [
'EventCount' => ['description' => 'The number of events in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '679', 'title' => ''],
'MatchedHost' => ['description' => 'The domain name to which the API operation belongs.', 'type' => 'string', 'example' => 'a.****.com', 'title' => ''],
'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/users/login', 'title' => ''],
'DetectionResult' => ['description' => 'The assessment result. Valid values:'."\n"
.'- **leak**: a leak risk exists.'."\n"
.'- **none**: no leak risk exists.', 'type' => 'string', 'example' => 'leak', 'title' => ''],
'ClientIP' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '103.118.55.**', 'title' => ''],
'ApiId' => ['description' => 'The ID of the API.', 'type' => 'string', 'example' => '09559c0d71ca2ffc996b81***836d8', 'title' => ''],
'SensitiveList' => [
'description' => 'The list of sensitive data.',
'type' => 'array',
'items' => ['description' => 'The sensitive data.', 'type' => 'string', 'example' => 'card', 'title' => ''],
'title' => '',
'example' => '',
],
'InfoCount' => [
'description' => 'The list of sensitive data statistics.',
'type' => 'array',
'items' => [
'description' => 'The sensitive data statistics information.',
'type' => 'object',
'properties' => [
'Count' => ['description' => 'The number of sensitive data entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '23', 'title' => ''],
'Code' => ['description' => 'The type of sensitive data.', 'type' => 'string', 'example' => '1001', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'AbnormalCount' => ['description' => 'The number of risks in the last 30 days.', 'type' => 'integer', 'format' => 'int64', 'example' => '23', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query sensitive data tracing results',
'summary' => 'Queries the results of sensitive data tracing.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveRequests',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"26E46541-7AAB-5565-801D-F14DBDC5****\\",\\n \\"Data\\": [\\n {\\n \\"EventCount\\": 679,\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/users/login\\",\\n \\"DetectionResult\\": \\"leak\\",\\n \\"ClientIP\\": \\"103.118.55.**\\",\\n \\"ApiId\\": \\"09559c0d71ca2ffc996b81***836d8\\",\\n \\"SensitiveList\\": [\\n \\"card\\"\\n ],\\n \\"InfoCount\\": [\\n {\\n \\"Count\\": 23,\\n \\"Code\\": \\"1001\\"\\n }\\n ],\\n \\"AbnormalCount\\": 23\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeSensitiveStatistic' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '188100',
'abilityTreeNodes' => ['FEATUREwaf8XGRZR'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbq****', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1672502400', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. The value is a UNIX timestamp (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1725966000', 'title' => ''],
],
[
'name' => 'StatisticType',
'in' => 'query',
'schema' => ['description' => 'The type of data statistics. Valid values:'."\n"
.'- **ip**: IP address statistics.'."\n"
.'- **host**: domain name statistics.'."\n"
.'- **sensitive_code**: sensitive data type statistics.'."\n"
.'- **api**: sensitive data API operation statistics.', 'type' => 'string', 'default' => 'ip', 'required' => false, 'example' => 'ip', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number to return in a paging query. Default value: **1**, which indicates that the first page is returned.', 'type' => 'integer', 'format' => 'int64', 'default' => '1', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page in a paging query. Default value: **10**, which indicates that each page contains 10 entries.', 'type' => 'integer', 'format' => 'int64', 'maximum' => '20', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '10', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call [DescribeHybridCloudClusters](~~2849376~~) to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of entries returned.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Data' => [
'description' => 'The list of sensitive data statistics.',
'type' => 'array',
'items' => [
'description' => 'The sensitive data statistics information.',
'type' => 'object',
'properties' => [
'SensitiveCode' => ['description' => 'The sensitive data type.'."\n"
."\n"
.'> You can call [DescribeApisecRules](~~2859155~~) to obtain the supported sensitive data types.', 'type' => 'string', 'example' => '1003', 'title' => ''],
'MatchedHost' => ['description' => 'The domain name.', 'type' => 'string', 'example' => 'a.****.com', 'title' => ''],
'ApiFormat' => ['description' => 'The API operation.', 'type' => 'string', 'example' => '/api/login', 'title' => ''],
'Count' => ['description' => 'The number of data entries.', 'type' => 'integer', 'format' => 'int64', 'example' => '169', 'title' => ''],
'ClientIP' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '10.50.11.**', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query sensitive data statistics for tracing audits',
'summary' => 'Queries sensitive data statistics for tracing audits.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Data\\": [\\n {\\n \\"SensitiveCode\\": \\"1003\\",\\n \\"MatchedHost\\": \\"a.****.com\\",\\n \\"ApiFormat\\": \\"/api/login\\",\\n \\"Count\\": 169,\\n \\"ClientIP\\": \\"10.50.11.**\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeSlsAuthStatus' => [
'summary' => 'Queries the Logstore authorization status.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '111394',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-g4t3g****04', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: indicates the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2okfav****iq', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'Status' => ['description' => 'The authorization status. Valid values:'."\n"
."\n"
.'- **true**: indicates that authorization is granted.'."\n"
."\n"
.'- **false**: indicates that authorization is not granted.', 'type' => 'boolean', 'example' => 'false', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '3589D3A3-4A04-51CB-AA89-353ED20ACB10', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeSlsAuthStatus',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsAuthStatus'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSlsAuthStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": false,\\n \\"RequestId\\": \\"3589D3A3-4A04-51CB-AA89-353ED20ACB10\\"\\n}","type":"json"}]',
],
'DescribeSlsLogStore' => [
'summary' => 'Retrieves Logstore information, including total capacity, storage duration, and used capacity.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '114313',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zpr3d****0o', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: indicates the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek2wf3mn****vq', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'LogStoreName' => ['description' => 'The name of the Logstore.', 'type' => 'string', 'example' => 'wafng-logstore', 'title' => ''],
'RequestId' => ['description' => 'The request', 'type' => 'string', 'example' => 'CAC0A24B-486A-5E12-9894-BE860E5F41CC', 'title' => ''],
'Quota' => ['description' => 'The capacity of the Logstore. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '3298534883328', 'title' => ''],
'ProjectName' => ['description' => 'The name of the Simple Log Service project.', 'type' => 'string', 'example' => 'wafng-project-14316572********-cn-hangzhou', 'title' => ''],
'Used' => ['description' => 'The used capacity of the Logstore. Unit: bytes.', 'type' => 'integer', 'format' => 'int64', 'example' => '35471136', 'title' => ''],
'Ttl' => ['description' => 'The log retention period. Unit: days.', 'type' => 'integer', 'format' => 'int32', 'example' => '180', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeSlsLogStore',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStore'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSlsLogStore',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"LogStoreName\\": \\"wafng-logstore\\",\\n \\"RequestId\\": \\"CAC0A24B-486A-5E12-9894-BE860E5F41CC\\",\\n \\"Quota\\": 3298534883328,\\n \\"ProjectName\\": \\"wafng-project-14316572********-cn-hangzhou\\",\\n \\"Used\\": 35471136,\\n \\"Ttl\\": 180\\n}","type":"json"}]',
],
'DescribeSlsLogStoreStatus' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '114229',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm35****02', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: indicates the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfmzedqv****ma', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID', 'type' => 'string', 'example' => '184F538F-C115-5C89-A4EF-C79CD2E29AC7', 'title' => ''],
'ExistStatus' => ['description' => 'Indicates whether a Logstore is created for WAF. Valid values:'."\n"
."\n"
.'- **true**: A Logstore is created.'."\n"
."\n"
.'- **false**: No Logstore is created.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeSlsLogStoreStatus',
'summary' => 'Queries the status of a Simple Log Service Logstore.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStoreStatus'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSlsLogStoreStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"184F538F-C115-5C89-A4EF-C79CD2E29AC7\\",\\n \\"ExistStatus\\": true\\n}","type":"json"}]',
],
'DescribeTemplateResourceCount' => [
'summary' => 'Queries the number of protected resources that are associated with one or more protection templates.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-lbj****gx08', 'title' => ''],
],
[
'name' => 'TemplateIds',
'in' => 'query',
'schema' => ['description' => 'The IDs of protection templates. Separate multiple IDs with commas (,).', 'type' => 'string', 'required' => true, 'example' => '12345,12346', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwkpn****5i', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'B8064433-9781-5E86-806E-C1DD****1D95', 'title' => ''],
'ResourceCount' => [
'description' => 'An array of resource count objects. Each object contains the number of protected objects, protected object groups, and protected assets that are associated with a protection template.',
'type' => 'array',
'items' => [
'description' => 'The resource count details for a protection template, including the number of protected objects, protected object groups, and protected assets.',
'type' => 'object',
'properties' => [
'SingleCount' => ['description' => 'The number of protected objects that are associated with the protection template.', 'type' => 'integer', 'format' => 'int32', 'example' => '30', 'title' => ''],
'GroupCount' => ['description' => 'The number of protected object groups that are associated with the protection template.', 'type' => 'integer', 'format' => 'int32', 'example' => '30', 'title' => ''],
'TemplateId' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'example' => '12345', 'title' => ''],
'AssetCount' => ['description' => 'The number of protected assets that are associated with the protection template.', 'type' => 'integer', 'format' => 'int32', 'example' => '10', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeTemplateResourceCount',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResourceCount'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeTemplateResourceCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"B8064433-9781-5E86-806E-C1DD****1D95\\",\\n \\"ResourceCount\\": [\\n {\\n \\"SingleCount\\": 30,\\n \\"GroupCount\\": 30,\\n \\"TemplateId\\": 12345,\\n \\"AssetCount\\": 10\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeTemplateResources' => [
'summary' => 'Queries the resources attached to a protection template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'waf_cdnsdf3****'],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'title' => '', 'example' => '1020'],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protected resource. Valid values:'."\n"
."\n"
.'- **single**: a protected object.'."\n"
."\n"
.'- **group**: a protected object group.'."\n"
."\n"
.'- **asset**: a protected asset.',
'type' => 'string',
'required' => true,
'title' => '',
'enum' => ['single', 'group', 'asset'],
'example' => 'single',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'default' => 'cn-hangzhou', 'title' => '', 'example' => 'cn-hangzhou'],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'rg-acfm***q'],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'The token that is used to retrieve the next page of results. This is the value of the **NextToken** parameter returned from the last API call. You do not need to specify this parameter for the first query.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'AAAAAJ7ob7*******MhJJ1ELRE='],
],
[
'name' => 'MaxResults',
'in' => 'query',
'schema' => ['description' => 'The number of entries to return on each page for a paged query. Valid values: 1 to 500. Default value: 500.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'maximum' => '500', 'minimum' => '1', 'default' => '500', 'title' => '', 'example' => '20'],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object or protected object group for the fuzzy query.', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'abc.test.com-waf'],
],
[
'name' => 'AssetApi',
'in' => 'query',
'schema' => ['type' => 'string', 'title' => '', 'description' => 'The API of the protected asset for the fuzzy query.', 'required' => false, 'example' => 'abc.com'],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'title' => '', 'example' => 'C7BC9373-3960-53B0-8968-2B13454AE18F'],
'Resources' => [
'description' => 'A list of the names of the attached protected objects or protected object groups, or the IDs of the protected assets.',
'type' => 'array',
'items' => ['description' => 'The name of the protected object or protected object group, or the ID of the protected asset.', 'type' => 'string', 'title' => '', 'example' => 'alb-wewbb23dfset***'],
'title' => '',
'example' => '',
],
'TotalCount' => ['description' => 'The total number of returned entries.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '25'],
'NextToken' => ['description' => 'The token that is used to retrieve the next page of results. This parameter is returned if a next page exists.'."\n"
."\n"
.'> If a value is returned for this parameter, a next page exists. You can use the returned **NextToken** value as a request parameter to retrieve the data on the next page. When no value is returned, all data has been retrieved.', 'type' => 'string', 'title' => '', 'example' => 'AAAAABLQv******37sHZaHk4='],
'MaxResults' => ['description' => 'The number of entries returned on each page. Valid values: 1 to 500. Default value: 500.', 'type' => 'integer', 'format' => 'int32', 'title' => '', 'example' => '20'],
'TemplateId' => ['type' => 'integer', 'format' => 'int64', 'description' => 'The ID of the protection template.', 'title' => '', 'example' => '168465'],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Defense.Control.DefenseTemplateNotExist', 'errorMessage' => 'The protection template does not exist.', 'description' => 'The protection template does not exist.'],
],
],
'title' => 'DescribeTemplateResources',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResources'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeTemplateResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C7BC9373-3960-53B0-8968-2B13454AE18F\\",\\n \\"Resources\\": [\\n \\"alb-wewbb23dfset***\\"\\n ],\\n \\"TotalCount\\": 25,\\n \\"NextToken\\": \\"AAAAABLQv******37sHZaHk4=\\",\\n \\"MaxResults\\": 20,\\n \\"TemplateId\\": 168465\\n}","type":"json"}]',
],
'DescribeThreatEvent' => [
'summary' => 'Queries a paginated list of notable security events.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '111428',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'DomainName',
'in' => 'query',
'schema' => ['description' => 'The domain name that is protected by WAF. If you do not specify this parameter, security events for all domain names are queried.', 'type' => 'string', 'required' => false, 'default' => '', 'example' => 'www.abc.com', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1668496310000', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1749916800000', 'title' => ''],
],
[
'name' => 'PageNumber',
'in' => 'query',
'schema' => ['description' => 'The page number of the page to return. Default value: 1.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '1', 'example' => '1', 'title' => ''],
],
[
'name' => 'PageSize',
'in' => 'query',
'schema' => ['description' => 'The number of entries per page. Default value: **5**. Valid values: 1 to 200.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'default' => '5', 'example' => '10', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-2bl4****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aeky65ka*****', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TotalCount' => ['description' => 'The total number of security events that match the query conditions.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '98106632-6865-5600-A834-3D909***', 'title' => ''],
'ThreatEvents' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'EventLevel' => ['description' => 'The severity level of the security event. Valid values:'."\n"
."\n"
.'- **critical**'."\n"
."\n"
.'- **high**'."\n"
."\n"
.'- **medium**'."\n"
."\n"
.'- **low**', 'type' => 'string', 'example' => 'high', 'title' => ''],
'EndTime' => ['description' => 'The time when the last attack occurred. This value is a UNIX timestamp in milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1768406400000', 'title' => ''],
'EventSrc' => ['description' => 'The source IP address of the attack.'."\n"
."\n"
.'> A security event may have multiple source IP addresses. This operation returns only one of them.', 'type' => 'string', 'example' => '3.3.3.3', 'title' => ''],
'EventId' => ['description' => 'The ID of the security event.', 'type' => 'string', 'example' => 'f439994c8ab39f84eced33490f0c4388', 'title' => ''],
'BlockRate' => ['description' => 'The percentage of attack requests that were blocked by WAF.', 'type' => 'string', 'example' => '100%', 'title' => ''],
'EventTag' => ['description' => 'The type of the security event. Valid values:'."\n"
."\n"
.'- **MultipleDomainDirscan**: a directory and file scan against multiple domain names.'."\n"
."\n"
.'- **SingleDomainDirscan**: a directory and file scan against a single domain name.'."\n"
."\n"
.'- **MultipleDomainWebscan**: a web vulnerability scan against multiple domain names.'."\n"
."\n"
.'- **SingleDomainWebscan**: a web vulnerability scan against a single domain name.'."\n"
."\n"
.'- **MultipleDomainWebattack**: a web vulnerability attack against multiple domain names.'."\n"
."\n"
.'- **SingleDomainWebattack**: a web vulnerability attack against a single domain name.'."\n"
."\n"
.'- **SingleURLWebattack**: a web vulnerability attack against a specific URL.'."\n"
."\n"
.'- **SingleURLSqlattack**: an SQL injection attack against a specific URL.'."\n"
."\n"
.'- **SingleURLXssattack**: an XSS attack against a specific URL.'."\n"
."\n"
.'- **WebshellUpload**: an attack that attempts to upload backdoor trojans.'."\n"
."\n"
.'- **RandomVulnTest**: a random web vulnerability probe.', 'type' => 'string', 'example' => 'Event_InternalLoginWeakPasswd', 'title' => ''],
'EventTarget' => ['description' => 'The protected object that is the target of the attack.'."\n"
."\n"
.'> A security event may have multiple protected objects as targets. This operation returns only one of them.', 'type' => 'string', 'example' => 'test.aliyundemo.com-waf', 'title' => ''],
],
'description' => 'The security event.',
'title' => '',
'example' => '',
],
'description' => 'The list of notable security events.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeThreatEvent',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeThreatEvent',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TotalCount\\": 10,\\n \\"RequestId\\": \\"98106632-6865-5600-A834-3D909***\\",\\n \\"ThreatEvents\\": [\\n {\\n \\"EventLevel\\": \\"high\\",\\n \\"EndTime\\": 1768406400000,\\n \\"EventSrc\\": \\"3.3.3.3\\",\\n \\"EventId\\": \\"f439994c8ab39f84eced33490f0c4388\\",\\n \\"BlockRate\\": \\"100%\\",\\n \\"EventTag\\": \\"Event_InternalLoginWeakPasswd\\",\\n \\"EventTarget\\": \\"test.aliyundemo.com-waf\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeThreatEventDetail' => [
'summary' => 'Retrieves the details of a security event that requires attention.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '114528',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'EventId',
'in' => 'query',
'schema' => ['description' => 'The ID of the security event.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => '1661131a028f72a976703f4a4082ad87', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-lbj*****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzhks66****', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B1****', 'title' => ''],
'ThreatEventDetail' => [
'type' => 'object',
'properties' => [
'IsPersistent' => ['description' => 'Indicates whether the event is a persistent attack. Valid values:'."\n"
."\n"
.'- **0**: The event is not a persistent attack.'."\n"
."\n"
.'- **1**: The event is a persistent attack.', 'type' => 'integer', 'format' => 'int64', 'example' => '1', 'title' => ''],
'EventLevel' => ['description' => 'The severity level of the event. Valid values:'."\n"
."\n"
.'- **critical**: Critical severity.'."\n"
."\n"
.'- **high**: High severity.'."\n"
."\n"
.'- **medium**: Medium severity.'."\n"
."\n"
.'- **low**: Low severity.', 'type' => 'string', 'example' => 'high', 'title' => ''],
'EventBlock' => ['description' => 'The number of attacks that were blocked in the security event.', 'type' => 'string', 'example' => '20', 'title' => ''],
'EventCnt' => ['description' => 'The total number of attacks in the security event.', 'type' => 'string', 'example' => '20', 'title' => ''],
'EndTime' => ['description' => 'The time of the most recent attack. This value is a UNIX timestamp. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1749916800000', 'title' => ''],
'EventIntelligence' => ['description' => 'The threat intelligence associated with the event. The value is a JSON array in the string format.', 'type' => 'string', 'example' => '["CVE-2020-14882","DDoS Attack"]', 'title' => ''],
'EventSrcRegion' => ['description' => 'The region of the source IP address of the attack.', 'type' => 'string', 'example' => 'GB-ENG', 'title' => ''],
'EventSrc' => ['description' => 'The source IP address of the attack.'."\n"
."\n"
.'> A security event may have multiple source IP addresses. This operation returns only one of them.', 'type' => 'string', 'example' => 'XX.XX.XX.XX', 'title' => ''],
'EventSuggest' => ['description' => 'The security suggestion. Valid values:'."\n"
."\n"
.'- **ProtectInterface**: The attack target appears to be a backend management address. If the address has specific access patterns, configure custom rules in the access control module to restrict access.'."\n"
."\n"
.'- **BlockArea**: Monitor the attack source region. If the attack source region is different from your normal business regions, configure a location blacklist or an IP address blacklist in the access control module to restrict access.'."\n"
."\n"
.'- **SwitchBlock**: The current protection rule is in Alert mode. To ensure business security, switch to Block mode. Before you switch, check for false positives.'."\n"
."\n"
.'- **FixBug**: Check the attack target for security vulnerabilities. If any vulnerabilities exist, fix them promptly to prevent exploitation.'."\n"
."\n"
.'- **SwitchStrict**: If it does not affect your normal business, change the policies of modules, such as protection rules and scan protection, to a stricter mode. Before you change the policies, check for false positives.'."\n"
."\n"
.'- **ProtectFile**: Check the target domain name for sensitive files or paths to prevent them from being detected and exploited.'."\n"
."\n"
.'- **BlockIP**: The source IP address has a high degree of maliciousness. Keep monitoring it. If it does not affect your normal business, use an IP address blacklist to block access from the malicious IP address.'."\n"
."\n"
.'- **KeepConcerned**: No threats are found. Continue to monitor the situation.', 'type' => 'string', 'example' => 'FixBug', 'title' => ''],
'EventCondition' => ['description' => 'The filter condition for viewing logs. The value is a JSON object in the string format.', 'type' => 'string', 'example' => '{"end_ts": 1766637714, "start_ts": 1764096746, "condition": {"real_client_ip": ["78.153.140.179", "78.153.140.203", "78.153.140.177", "78.153.140.178", "78.153.140.151"]}}', 'title' => ''],
'EventTag' => ['description' => 'The name of the event. Valid values:'."\n"
."\n"
.'- **MultipleDomainDirscan**: A directory and file scan for multiple domain names.'."\n"
."\n"
.'- **SingleDomainDirscan**: A directory and file scan for a single domain name.'."\n"
."\n"
.'- **MultipleDomainWebscan**: A web vulnerability scan for multiple domain names.'."\n"
."\n"
.'- **SingleDomainWebscan**: A web vulnerability scan for a single domain name.'."\n"
."\n"
.'- **MultipleDomainWebattack**: A web vulnerability attack on multiple domain names.'."\n"
."\n"
.'- **SingleDomainWebattack**: A web vulnerability attack on a single domain name.'."\n"
."\n"
.'- **SingleURLWebattack**: A web vulnerability attack on a specific URL.'."\n"
."\n"
.'- **SingleURLSqlattack**: An SQL injection attack on a specific URL.'."\n"
."\n"
.'- **SingleURLXssattack**: A cross-site scripting (XSS) attack on a specific URL.'."\n"
."\n"
.'- **WebshellUpload**: An attempt to upload backdoor trojans.'."\n"
."\n"
.'- **RandomVulnTest**: A random web vulnerability probe.', 'type' => 'string', 'example' => 'MultipleDomainWebattack', 'title' => ''],
'EventSrcCountry' => ['description' => 'The country of the source IP address of the attack.', 'type' => 'string', 'example' => 'GB', 'title' => ''],
],
'description' => 'The details of the security event.',
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeThreatEventDetail',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeThreatEventDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B1****\\",\\n \\"ThreatEventDetail\\": {\\n \\"IsPersistent\\": 1,\\n \\"EventLevel\\": \\"high\\",\\n \\"EventBlock\\": \\"20\\",\\n \\"EventCnt\\": \\"20\\",\\n \\"EndTime\\": 1749916800000,\\n \\"EventIntelligence\\": \\"[\\\\\\"CVE-2020-14882\\\\\\",\\\\\\"DDoS Attack\\\\\\"]\\",\\n \\"EventSrcRegion\\": \\"GB-ENG\\",\\n \\"EventSrc\\": \\"XX.XX.XX.XX\\",\\n \\"EventSuggest\\": \\"FixBug\\",\\n \\"EventCondition\\": \\"{\\\\\\"end_ts\\\\\\": 1766637714, \\\\\\"start_ts\\\\\\": 1764096746, \\\\\\"condition\\\\\\": {\\\\\\"real_client_ip\\\\\\": [\\\\\\"78.153.140.179\\\\\\", \\\\\\"78.153.140.203\\\\\\", \\\\\\"78.153.140.177\\\\\\", \\\\\\"78.153.140.178\\\\\\", \\\\\\"78.153.140.151\\\\\\"]}}\\",\\n \\"EventTag\\": \\"MultipleDomainWebattack\\",\\n \\"EventSrcCountry\\": \\"GB\\"\\n }\\n}","type":"json"}]',
],
'DescribeThreatEventTopMetric' => [
'summary' => 'Queries the top 5 statistics of security events aggregated by different statistical objects and sorted in descending order.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '114535',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
'tenantRelevance' => 'tenant',
],
'parameters' => [
[
'name' => 'Metric',
'in' => 'query',
'schema' => [
'description' => 'The statistical metric. Different values of Metric correspond to different statistical objects. Valid values:'."\n"
.'- **time**: aggregates statistics by attack time, sorts them in descending order, and returns the top 5 records.'."\n"
.'- **src**: aggregates statistics by source IP address of attack requests, sorts them in descending order, and returns the top 5 records.'."\n"
.'- **target**: aggregates statistics by URL of attack requests (excluding query strings), sorts them in descending order, and returns the top 5 records.'."\n"
.'- **type**: aggregates statistics by attack type, sorts them in descending order, and returns the top 5 records.'."\n"
.'- **tools**: aggregates statistics by attack tool, sorts them in descending order, and returns the top 5 records.',
'enumValueTitles' => ['src' => 'src', 'time' => 'time', 'type' => 'type', 'tools' => 'tools', 'target' => 'target'],
'type' => 'string',
'required' => true,
'enum' => ['time', 'src', 'target', 'type', 'tools'],
'example' => 'time',
'title' => '',
],
],
[
'name' => 'EventId',
'in' => 'query',
'schema' => ['description' => 'The ID of the security event.', 'type' => 'string', 'required' => true, 'default' => '', 'example' => '0b7ab137a065aab7656986***11db', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'TopMetrics' => [
'description' => 'The list of statistics.',
'type' => 'array',
'items' => [
'description' => 'The statistics.',
'type' => 'object',
'properties' => [
'Cnt' => ['description' => 'The number of attacks.', 'type' => 'integer', 'format' => 'int64', 'example' => '20', 'title' => ''],
'Value' => ['description' => 'The attack value. The meaning of this field varies depending on the value of **Metric**.'."\n"
."\n"
.'- If **Metric** is set to **time**, this field indicates the attack time.'."\n"
.'- If **Metric** is set to **src**, this field indicates the source IP address of the attack.'."\n"
.'- If **Metric** is set to **target**, this field indicates the URL of the attack request.'."\n"
.'- If **Metric** is set to **type**, this field indicates the attack type. **dirscan** indicates directory scanning, **webscan** indicates web scanning, and other attack types are described in the **detectType** (detection type) parameter of the **custom regular rule** (**regular_custom**) in the [**CreateDefenseRule**](~~461421~~) operation.'."\n"
.'- If **Metric** is set to **tools**, this field indicates the attack tool.', 'type' => 'string', 'example' => '115.28.209.212', 'title' => ''],
'Country' => ['description' => 'The country to which the source IP address of the attack belongs.'."\n"
.'> This field returns a meaningful value only when the statistical object (**Metric**) is set to source IP address (**src**).', 'type' => 'string', 'example' => 'CN', 'title' => ''],
'Region' => ['description' => 'The region to which the source IP address of the attack belongs.'."\n"
.'> This field returns a meaningful value only when the statistical object (**Metric**) is set to source IP address (**src**).', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '12EF3845-CCEB-4B84-AE60-2B49B*****EE5', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query top statistics of security events',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeThreatEventTopMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"TopMetrics\\": [\\n {\\n \\"Cnt\\": 20,\\n \\"Value\\": \\"115.28.209.212\\",\\n \\"Country\\": \\"CN\\",\\n \\"Region\\": \\"cn-hangzhou\\"\\n }\\n ],\\n \\"RequestId\\": \\"12EF3845-CCEB-4B84-AE60-2B49B*****EE5\\"\\n}","type":"json"}]',
],
'DescribeUserAbnormalTrend' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '155225',
'abilityTreeNodes' => ['FEATUREwafWE25G7'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-uqm342yj***', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter is applicable only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain the hybrid cloud cluster ID.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'Trend' => [
'description' => 'The list of API security risk trend data points.',
'type' => 'array',
'items' => [
'description' => 'The details of a risk trend data point.',
'type' => 'object',
'properties' => [
'AbnormalHigh' => ['description' => 'The number of high-severity security risks.', 'type' => 'integer', 'format' => 'int64', 'example' => '12', 'title' => ''],
'AbnormalLow' => ['description' => 'The number of low-severity security risks.', 'type' => 'integer', 'format' => 'int64', 'example' => '23', 'title' => ''],
'AbnormalMedium' => ['description' => 'The number of medium-severity security risks.', 'type' => 'integer', 'format' => 'int64', 'example' => '14', 'title' => ''],
'Timestamp' => ['description' => 'The point in time when the statistics were collected. This value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1722268800', 'title' => ''],
'TimeStamp' => ['description' => 'The point in time when the statistics were collected. This value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'deprecated' => true, 'example' => '1722268800', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeUserAbnormalTrend',
'summary' => 'Queries the trend of API security risks for a Web Application Firewall (WAF) instance.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserAbnormalTrend'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserAbnormalTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"Trend\\": [\\n {\\n \\"AbnormalHigh\\": 12,\\n \\"AbnormalLow\\": 23,\\n \\"AbnormalMedium\\": 14,\\n \\"Timestamp\\": 1722268800,\\n \\"TimeStamp\\": 1722268800\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeUserAbnormalType' => [
'summary' => 'Queries user risk types and statistics related to API security in Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156222',
'abilityTreeNodes' => ['FEATUREwafWE25G7'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-g4***201', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the IDs of hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '993', 'title' => ''],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. Specify the time as a UNIX timestamp in seconds. The time is in UTC.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1723435200', 'title' => ''],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. Specify the time as a UNIX timestamp in seconds. The time is in UTC.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1726113600', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-ac***lani', 'title' => ''],
],
[
'name' => 'UserStatusList',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The risk state for which to collect statistics. Valid values:'."\n"
."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
."\n"
.'- **confirmed**: confirmed.'."\n"
."\n"
.'- **toBeFixed**: to be fixed.'."\n"
."\n"
.'- **fixed**: fixed (manually verified).'."\n"
."\n"
.'- **ignored**: ignored.'."\n"
."\n"
.'- **toBeVerified**: to be verified by the system.'."\n"
."\n"
.'- **notFixed**: verification failed (not fixed).'."\n"
."\n"
.'- **systemFixed**: fixed (verified by the system).', 'type' => 'string', 'required' => false, 'example' => 'toBeConfirmed', 'title' => ''],
'description' => 'The list of risk states for which to collect statistics.'."\n"
."\n"
.'> By default, statistics are collected for risks in the **toBeConfirmed**, **toBeFixed**, **toBeVerified**, and **notFixed** states.',
'required' => false,
'title' => '',
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response object.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '3E1CB966-1407-5988-9432-7***D784', 'title' => ''],
'Abnormal' => [
'description' => 'The risk types detected by API security and the number of risks for each type.',
'type' => 'array',
'items' => [
'description' => 'An object that contains the details of a risk type, including the risk code, category, and count.',
'type' => 'object',
'properties' => [
'AbnormalCode' => ['description' => 'The code that identifies the specific risk, such as `Risk_InternalWeakPasswd`.', 'type' => 'string', 'example' => 'Risk_InternalWeakPasswd', 'title' => ''],
'AbnormalParentType' => ['description' => 'The parent category of the risk, such as `RiskType_Account`.', 'type' => 'string', 'example' => 'RiskType_Account', 'title' => ''],
'AbnormalType' => ['description' => 'The type of the risk detected by API security.'."\n"
."\n"
.'> Call the [DescribeApisecRules](~~2859155~~) operation to query the supported risk types.', 'type' => 'string', 'example' => 'Risk_InternalWeakPasswd', 'title' => ''],
'AbnormalCount' => ['description' => 'The total number of risks detected for this risk type.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeUserAbnormalType',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserAbnormalType',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"3E1CB966-1407-5988-9432-7***D784\\",\\n \\"Abnormal\\": [\\n {\\n \\"AbnormalCode\\": \\"Risk_InternalWeakPasswd\\",\\n \\"AbnormalParentType\\": \\"RiskType_Account\\",\\n \\"AbnormalType\\": \\"Risk_InternalWeakPasswd\\",\\n \\"AbnormalCount\\": 10\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeUserApiRequest' => [
'summary' => 'Queries traffic statistics for an API operation.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '155227',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zxu38***', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name or IP address of the API operation.'."\n"
."\n"
.'>'."\n"
."\n"
.'This parameter is deprecated. Use the ApiId parameter instead.'."\n"
."\n"
.'>', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'c.***.com', 'title' => ''],
],
[
'name' => 'ApiFormat',
'in' => 'query',
'schema' => ['description' => 'The API operation.'."\n"
."\n"
.'>'."\n"
."\n"
.'This parameter is deprecated. Use the ApiId parameter instead.'."\n"
."\n"
.'>', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => '/api/v1/know', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of statistics. Valid values:'."\n"
."\n"
.'- **api\\_ip**: total traffic.'."\n"
."\n"
.'- **api\\_cross\\_border\\_ip**: cross-border traffic.'."\n"
."\n"
.'- **api\\_bot\\_ip**: bot traffic.'."\n"
."\n"
.'- **remote\\_region**: geographic location statistics.'."\n"
."\n"
.'- **client\\_id**: client type statistics.'."\n"
."\n"
.'- **http\\_referer**: Referer statistics.'."\n"
."\n"
.'- **api\\_cnt**: total number of calls.'."\n"
."\n"
.'- **bot\\_cnt**: number of bot requests.'."\n"
."\n"
.'- **cross\\_border\\_cnt**: number of cross-border requests.'."\n"
."\n"
.'- **api\\_freq**: call frequency.', 'type' => 'string', 'default' => 'api_ip', 'required' => false, 'example' => 'api_ip', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter applies only to hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'ApiId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API.', 'type' => 'string', 'required' => true, 'example' => '3799f0695c0d687f3295d132fe49bc14', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D13E4540-4432-5AD7-B216-6369512514F4', 'title' => ''],
'Requests' => [
'description' => 'The list of statistics.',
'type' => 'array',
'items' => [
'description' => 'The statistics information.',
'type' => 'object',
'properties' => [
'Value' => ['description' => 'The statistics information. This includes:'."\n"
."\n"
.'- **client\\_list**: the client tool.'."\n"
."\n"
.'- **ip**: the IP address information.'."\n"
."\n"
.'- **region\\_id**: the region.'."\n"
."\n"
.'- **country\\_id**: the country.', 'type' => 'string', 'example' => '{'."\n"
.' "client_list": ['."\n"
.' "Unknown"'."\n"
.' ],'."\n"
.' "ip": "47.92.113.***",'."\n"
.' "region_id": "110000",'."\n"
.' "country_id": "CN"'."\n"
.'}', 'title' => ''],
'Count' => ['description' => 'The number of statistics.', 'type' => 'integer', 'format' => 'int64', 'example' => '76', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeUserApiRequest',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserApiRequest'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserApiRequest',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D13E4540-4432-5AD7-B216-6369512514F4\\",\\n \\"Requests\\": [\\n {\\n \\"Value\\": \\"{\\\\n \\\\\\"client_list\\\\\\": [\\\\n \\\\\\"Unknown\\\\\\"\\\\n ],\\\\n \\\\\\"ip\\\\\\": \\\\\\"47.92.113.***\\\\\\",\\\\n \\\\\\"region_id\\\\\\": \\\\\\"110000\\\\\\",\\\\n \\\\\\"country_id\\\\\\": \\\\\\"CN\\\\\\"\\\\n}\\",\\n \\"Count\\": 76\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeUserAsset' => [
'summary' => 'Queries API security user asset statistics.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '155224',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-uax37ijm***', 'title' => ''],
],
[
'name' => 'DataType',
'in' => 'query',
'schema' => ['description' => 'The type of statistics. Valid values:'."\n"
.'- **asset_num**: total number of API assets.'."\n"
.'- **asset_active**: number of active APIs.'."\n"
.'- **asset_newborn**: number of APIs added today.'."\n"
.'- **asset_offline**: number of inactive APIs.'."\n"
.'- **asset_bot**: number of APIs with bot requests.'."\n"
.'- **asset_cross_border**: number of APIs with cross-border data transfer.'."\n"
.'- **sensitive_api**: number of APIs with sensitive data in responses.'."\n"
.'- **sensitive_domain**: number of sites with sensitive data in responses.', 'type' => 'string', 'required' => true, 'example' => 'asset_num', 'title' => ''],
],
[
'name' => 'Days',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The query time in UNIX timestamp format (UTC). Unit: seconds.'."\n"
.'>This parameter is deprecated.>', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => '1723435200'],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''],
'Assets' => [
'description' => 'The list of asset statistics.',
'type' => 'array',
'items' => [
'description' => 'The asset statistics information.',
'type' => 'object',
'properties' => [
'AssetNum' => ['description' => 'The number of statistics.', 'type' => 'integer', 'format' => 'int64', 'example' => '134', 'title' => ''],
'TimeStamp' => ['description' => 'The time of the statistics in UNIX timestamp format (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723435200', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security user asset statistics',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserAsset',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\",\\n \\"Assets\\": [\\n {\\n \\"AssetNum\\": 134,\\n \\"TimeStamp\\": 1723435200\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeUserEventTrend' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '155226',
'abilityTreeNodes' => ['FEATUREwafDX9EQ6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7mz2797x***'],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The ID of the hybrid cloud cluster.'."\n"
.'> This parameter applies only to hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to obtain hybrid cloud cluster information.', 'type' => 'string', 'example' => '428', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aekzwwk****cv5i', 'required' => false],
],
[
'name' => 'EventScope',
'in' => 'query',
'schema' => [
'title' => '',
'description' => 'The dimension of security events. Valid values:'."\n"
.'- **ip** (default): IP security events.'."\n"
.'- **account**: account security events.',
'type' => 'string',
'example' => 'ip',
'default' => 'ip',
'enum' => ['ip', 'account'],
'required' => false,
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'F51E6DD6-B2D2-57C9-90F1-FAFD0A19DE00'],
'Trend' => [
'title' => '',
'description' => 'The attack trend list.',
'type' => 'array',
'items' => [
'title' => '',
'description' => 'The attack details.',
'type' => 'object',
'properties' => [
'EventHigh' => ['title' => '', 'description' => 'The number of high-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '9'],
'EventLow' => ['title' => '', 'description' => 'The number of low-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '23'],
'EventMedium' => ['title' => '', 'description' => 'The number of medium-risk events.', 'type' => 'integer', 'format' => 'int64', 'example' => '17'],
'Timestamp' => ['title' => '', 'description' => 'The statistics time, in UNIX timestamp format (UTC). Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723435200'],
'TimeStamp' => ['title' => '', 'description' => 'The statistics time, in UNIX timestamp format (UTC). Unit: seconds.'."\n"
.'>This parameter is deprecated. Use the Timestamp parameter instead.>', 'type' => 'integer', 'format' => 'int64', 'deprecated' => true, 'example' => '1723435200'],
],
'example' => '',
],
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query API security attack trend',
'summary' => 'Queries the trend of API security attacks.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserEventTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F51E6DD6-B2D2-57C9-90F1-FAFD0A19DE00\\",\\n \\"Trend\\": [\\n {\\n \\"EventHigh\\": 9,\\n \\"EventLow\\": 23,\\n \\"EventMedium\\": 17,\\n \\"Timestamp\\": 1723435200,\\n \\"TimeStamp\\": 1723435200\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeUserEventType' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156221',
'abilityTreeNodes' => ['FEATUREwafDX9EQ6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-5y***h0t', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter applies only to hybrid cloud scenarios. Call [DescribeHybridCloudClusters](~~2849376~~) to obtain information about hybrid cloud clusters.', 'type' => 'string', 'example' => '976', 'title' => '', 'required' => false],
],
[
'name' => 'StartTime',
'in' => 'query',
'schema' => ['description' => 'The start time of the query. The value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1723435200', 'title' => '', 'required' => false],
],
[
'name' => 'EndTime',
'in' => 'query',
'schema' => ['description' => 'The end time of the query. The value is a UNIX timestamp in UTC. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1726113600', 'title' => '', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-aek***ktt3y', 'title' => '', 'required' => false],
],
[
'name' => 'UserStatusList',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The status of the security event. Valid values:'."\n"
."\n"
.'- **toBeConfirmed**: to be confirmed.'."\n"
."\n"
.'- **confirmed**: confirmed.'."\n"
."\n"
.'- **actioned**: handled.'."\n"
."\n"
.'- **ignored**: ignored.', 'type' => 'string', 'example' => 'toBeConfirmed', 'title' => '', 'required' => false],
'description' => 'A list of security event statuses.'."\n"
."\n"
.'> By default, statistics are collected for security events in the **toBeConfirmed**, **confirmed**, and **actioned** states.',
'required' => false,
'title' => '',
'example' => '',
],
],
[
'name' => 'EventScope',
'in' => 'query',
'schema' => [
'description' => 'The dimension of the security event. Valid values:'."\n"
."\n"
.'- **ip** (default): IP security events.'."\n"
."\n"
.'- **account**: account security events.',
'type' => 'string',
'example' => 'ip',
'default' => 'ip',
'enum' => ['ip', 'account'],
'title' => '',
'required' => false,
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response to the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '177BA739-6512-5470-98C6-E***0BAA3D', 'title' => ''],
'Event' => [
'description' => 'A list of security event types and their statistics.',
'type' => 'array',
'items' => [
'description' => 'The type and statistics of the event.',
'type' => 'object',
'properties' => [
'EventCount' => ['description' => 'The number of events.', 'type' => 'integer', 'format' => 'int64', 'example' => '0', 'title' => ''],
'EventType' => ['description' => 'The type of the event.'."\n"
."\n"
.'> Call [DescribeApisecRules](~~2859155~~) to obtain the supported event types.', 'type' => 'string', 'example' => 'Event_LoginCollision', 'title' => ''],
'EventParentType' => ['description' => 'The parent type of the event.', 'type' => 'string', 'example' => 'EventType_Account', 'title' => ''],
'EventCode' => ['description' => 'The event code.', 'type' => 'string', 'example' => 'Event_LoginCollision', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'DescribeUserEventType',
'summary' => 'Queries the types and statistics of user security events.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserEventType'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserEventType',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"177BA739-6512-5470-98C6-E***0BAA3D\\",\\n \\"Event\\": [\\n {\\n \\"EventCount\\": 0,\\n \\"EventType\\": \\"Event_LoginCollision\\",\\n \\"EventParentType\\": \\"EventType_Account\\",\\n \\"EventCode\\": \\"Event_LoginCollision\\"\\n }\\n ]\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'DescribeUserLogFieldConfig' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '111385',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
'autoTest' => true,
'tenantRelevance' => 'tenant',
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-0*****', 'title' => ''],
],
[
'name' => 'DeliveryType',
'in' => 'query',
'schema' => ['description' => 'The log delivery type. Valid values:'."\n"
."\n"
.'- **sls**: Simple Log Service.', 'type' => 'string', 'default' => 'sls', 'required' => false, 'example' => 'sls', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aek24******', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'AddList' => ['description' => 'The additional log fields that are added to the default configuration. Multiple fields are separated by commas (,) in the `a,b,c,...` format.', 'type' => 'string', 'example' => 'acl_action,acl_rule_id', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '653778B4-4D47-5223-855B-4E******', 'title' => ''],
'LogDeliveryStrategy' => ['description' => 'The log delivery policies. Multiple policies are supported. The value is a JSON-formatted string that contains an array of policy objects.'."\n"
."\n"
.'> For more information, see the **LogDeliveryStrategy** parameter description in [ModifyUserLogFieldConfig](~~ModifyUserLogFieldConfig~~).', 'type' => 'string', 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', 'title' => ''],
'ExtendConfig' => ['description' => 'The extended configuration for log delivery. The value is a JSON-formatted string that contains configuration key-value pairs, such as custom request headers.'."\n"
."\n"
.'> For more information, see the **ExtendConfig** parameter description in [ModifyUserLogFieldConfig](~~ModifyUserLogFieldConfig~~).', 'type' => 'string', 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}', 'title' => ''],
'ConfigStatus' => ['description' => 'The status of the log field configuration. Valid values:'."\n"
."\n"
.'- **initial**: The log field configuration is being initialized.'."\n"
."\n"
.'- **updating**: The log field configuration is being updated.'."\n"
."\n"
.'- **failed\\_finished**: The log field configuration update failed.'."\n"
."\n"
.'- **success\\_finished**: The log field configuration update succeeded.', 'type' => 'string', 'example' => 'success_finished', 'title' => ''],
'DelList' => ['description' => 'The default log fields that are excluded from the log delivery configuration. Multiple fields are separated by commas (,) in the `a,b,c,...` format.', 'type' => 'string', 'example' => 'waf_rule_id,waf_rule_type', 'title' => ''],
'FieldList' => ['description' => 'The complete list of log fields that are delivered. Multiple fields are separated by commas (,) in the `a,b,c,...` format.', 'type' => 'string', 'example' => 'account,acl_action,acl_rule_id,acl_rule_type', 'title' => ''],
'DeliveryType' => ['description' => 'The log delivery type. Valid values:'."\n"
."\n"
.'- **sls**: Simple Log Service.', 'type' => 'string', 'example' => 'sls', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'DescribeUserLogFieldConfig',
'summary' => 'Queries the log field configuration of a Web Application Firewall (WAF) instance, including additional fields, removed fields, delivery strategies, and extended settings.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"AddList\\": \\"acl_action,acl_rule_id\\",\\n \\"RequestId\\": \\"653778B4-4D47-5223-855B-4E******\\",\\n \\"LogDeliveryStrategy\\": \\"[{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"blockLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"normalRequestLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100},{\\\\\\\\\\\\\\"logType\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"checkLog\\\\\\\\\\\\\\",\\\\\\\\\\\\\\"rate\\\\\\\\\\\\\\":100}]\\",\\n \\"ExtendConfig\\": \\"{\\\\\\\\\\\\\\"request_header\\\\\\\\\\\\\\":\\\\\\\\\\\\\\"Ali-Cdn-Real-Ip\\\\\\\\\\\\\\"}\\",\\n \\"ConfigStatus\\": \\"success_finished\\",\\n \\"DelList\\": \\"waf_rule_id,waf_rule_type\\",\\n \\"FieldList\\": \\"account,acl_action,acl_rule_id,acl_rule_type\\",\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]',
],
'DescribeUserSlsLogRegions' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '201946',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm2z****0a', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'LogRegions' => [
'description' => 'The list of log storage region IDs.',
'type' => 'array',
'items' => ['description' => 'The log storage region ID. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: China (Hangzhou).'."\n"
.'- **cn-beijing**: China (Beijing).'."\n"
.'- **cn-hongkong**: China (Hong Kong).'."\n"
.'- **ap-southeast-1**: Singapore.'."\n"
.'- **ap-southeast-3**: Malaysia (Kuala Lumpur).'."\n"
.'- **ap-southeast-5**: Indonesia (Jakarta).'."\n"
.'- **ap-southeast-6**: Philippines (Manila).'."\n"
.'- **ap-southeast-7**: Thailand (Bangkok).'."\n"
.'- **me-east-1**: UAE (Dubai).'."\n"
.'- **eu-central-1**: Germany (Frankfurt).'."\n"
.'- **us-east-1**: US (Virginia).'."\n"
.'- **us-west-1**: US (Silicon Valley).'."\n"
.'- **ap-northeast-1**: Japan (Tokyo).'."\n"
.'- **ap-northeast-2**: South Korea (Seoul).'."\n"
.'- **ap-south-1**: India (Mumbai), deactivated.'."\n"
.'- **eu-west-1**: UK (London).'."\n"
.'- **cn-hangzhou-finance**: China East 1 Hangzhou Finance Cloud.'."\n"
.'- **cn-shanghai-finance-1**: China East 2 Shanghai Finance Cloud.'."\n"
.'- **cn-shenzhen-finance**: China South 1 Shenzhen Finance Cloud.'."\n"
."\n\n"
."\n\n"
.'> Finance Cloud regions are available only to Finance Cloud users, and Finance Cloud users can obtain only these regions.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
'title' => '',
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9D11AC3A-A10C-56E7-A342-E87EC892BAE2', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Query available log storage regions',
'summary' => 'Queries the log storage regions available to the user.',
'changeSet' => [
['createdAt' => '2024-11-12T11:54:57.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserSlsLogRegions'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserSlsLogRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"LogRegions\\": [\\n \\"cn-hangzhou\\"\\n ],\\n \\"RequestId\\": \\"9D11AC3A-A10C-56E7-A342-E87EC892BAE2\\"\\n}","type":"json"}]',
],
'DescribeUserTraffic' => [
'summary' => 'Queries the real-time traffic of a user by traffic type.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '119795',
'abilityTreeNodes' => ['FEATUREwafW12QEG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***'."\n", 'title' => ''],
],
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Type',
'in' => 'query',
'schema' => ['description' => 'The type of real-time user traffic. Valid values:'."\n"
.'- bot: the number of bot management requests.'."\n"
.'- risk: the number of times risk identification is triggered.'."\n"
.'- custom_acl_captcha: the number of times the slider action of custom rules is triggered.'."\n"
.'- qps: the peak QPS.'."\n"
.'- apisec: the number of API security requests.'."\n"
.'- alb: the number of requests connected through ALB.'."\n"
.'- mse: the number of requests connected through MSE.'."\n"
.'- fc: the number of requests connected through Function Compute.'."\n"
.'- sae: the number of requests connected through Serverless App Engine.'."\n"
.'- apig: the number of requests connected through Cloud Native API Gateway.'."\n"
.'- nlb: the number of requests connected through NLB.', 'type' => 'string', 'required' => false, 'example' => 'qps', 'title' => ''],
],
[
'name' => 'Interval',
'in' => 'query',
'schema' => ['description' => 'The time interval. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '3600', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-ae*******i', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'EC10C9EA-A367-52D5-***-***'."\n", 'title' => ''],
'UserTraffic' => [
'description' => 'The list of user traffic data.',
'type' => 'array',
'items' => [
'description' => 'The user traffic data.',
'type' => 'object',
'properties' => [
'Pv' => ['description' => 'The usage.', 'type' => 'integer', 'format' => 'int64', 'example' => '1024', 'title' => ''],
'Index' => ['description' => 'The sequence number sorted in chronological order.', 'type' => 'integer', 'format' => 'int64', 'example' => '10', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'Query user traffic',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserTraffic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"EC10C9EA-A367-52D5-***-***\\\\n\\",\\n \\"UserTraffic\\": [\\n {\\n \\"Pv\\": 1024,\\n \\"Index\\": 10\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeUserWafLogStatus' => [
'summary' => 'Queries the status, region ID, and status modification time of Web Application Firewall (WAF) logs.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '201942',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-nwy34****0j', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: indicates the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID, which is used to locate and troubleshoot issues.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
'LogStatus' => ['description' => 'The status of WAF logs.'."\n"
."\n"
.'- **initializing**: The logs are being initialized.'."\n"
."\n"
.'- **initialize\\_failed**: The initialization failed.'."\n"
."\n"
.'- **normal**: The logs are running properly.'."\n"
."\n"
.'- **releasing**: The logs are being released.'."\n"
."\n"
.'- **release\\_failed**: The release failed.', 'type' => 'string', 'example' => 'normal', 'title' => ''],
'LogRegionId' => ['description' => 'The ID of the region where logs are stored. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: indicates China East 1 (Hangzhou).'."\n"
."\n"
.'- **cn-beijing**: indicates China North 2 (Beijing).'."\n"
."\n"
.'- **cn-hongkong**: indicates China (Hong Kong).'."\n"
."\n"
.'- **ap-southeast-1**: indicates Singapore.'."\n"
."\n"
.'- **ap-southeast-3**: indicates Malaysia (Kuala Lumpur).'."\n"
."\n"
.'- **ap-southeast-5**: indicates Indonesia (Jakarta).'."\n"
."\n"
.'- **ap-southeast-6**: indicates Philippines (Manila).'."\n"
."\n"
.'- **ap-southeast-7**: indicates Thailand (Bangkok).'."\n"
."\n"
.'- **me-east-1**: indicates UAE (Dubai).'."\n"
."\n"
.'- **eu-central-1**: indicates Germany (Frankfurt).'."\n"
."\n"
.'- **us-east-1**: indicates US (Virginia).'."\n"
."\n"
.'- **us-west-1**: indicates US (Silicon Valley).'."\n"
."\n"
.'- **ap-northeast-1**: indicates Japan (Tokyo).'."\n"
."\n"
.'- **ap-northeast-2**: indicates South Korea (Seoul).'."\n"
."\n"
.'- **eu-west-1**: indicates UK (London).'."\n"
."\n"
.'- **cn-hangzhou-finance**: indicates China East 1 Hangzhou Finance Cloud.'."\n"
."\n"
.'- **cn-shanghai-finance-1**: indicates China East 2 Shanghai Finance Cloud.'."\n"
."\n"
.'- **cn-shenzhen-finance**: indicates China South 1 Shenzhen Finance Cloud.'."\n"
."\n"
.'> The Finance Cloud regions are available only to Finance Cloud users, and Finance Cloud users can obtain only these regions.', 'type' => 'string', 'example' => 'cn-hangzhou', 'title' => ''],
'StatusUpdateTime' => ['description' => 'The time when the log status was modified. Unit: milliseconds.', 'type' => 'integer', 'format' => 'int64', 'example' => '1706771796859', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeUserWafLogStatus',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserWafLogStatus'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserWafLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\",\\n \\"LogStatus\\": \\"normal\\",\\n \\"LogRegionId\\": \\"cn-hangzhou\\",\\n \\"StatusUpdateTime\\": 1706771796859\\n}","type":"json"}]',
],
'DescribeVerifyContent' => [
'summary' => 'Queries the domain ownership verification content of a Web Application Firewall (WAF) instance.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '178150',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'DomainName',
'in' => 'query',
'schema' => ['description' => 'The domain name that you want to query for ownership verification content.', 'type' => 'string', 'required' => true, 'example' => 'example.com', 'title' => ''],
],
[
'name' => 'AccessOrigin',
'in' => 'query',
'schema' => ['description' => 'The source of the domain name. Valid values:'."\n"
."\n"
.'- **share**: The domain name is added to WAF in CNAME record mode.'."\n"
."\n"
.'- **asset**: The domain name is added to WAF as a custom asset.'."\n"
."\n"
.'- **hybrid\\_cloud\\_cname**: The domain name is added to WAF in hybrid cloud CNAME record mode.'."\n"
."\n"
.'- **tgw**: The domain name is added to WAF in cloud native mode.', 'type' => 'string', 'required' => true, 'example' => 'share', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'DnsContent' => [
'type' => 'object',
'properties' => [
'RR' => ['description' => 'The host record of the DNS TXT record used for domain ownership verification.', 'type' => 'string', 'example' => 'verification', 'title' => ''],
'Type' => ['description' => 'The type of the DNS record used for verification.', 'type' => 'string', 'example' => 'TXT', 'title' => ''],
'Value' => ['description' => 'The value of the DNS TXT record used for verification.', 'type' => 'string', 'example' => 'verify_0a246ca99d504ba087472d***', 'title' => ''],
],
'description' => 'The DNS-based verification content, including the TXT record details.',
'title' => '',
'example' => '',
],
'FileContent' => [
'type' => 'object',
'properties' => [
'TopDomain' => ['description' => 'The root domain of the domain name to be verified.', 'type' => 'string', 'example' => 'aliyundemo.com', 'title' => ''],
'VerifyPath' => ['description' => 'The URL that is used to access the verification file.', 'type' => 'string', 'example' => 'http://xxx.xxx.com//xxx.html', 'title' => ''],
'FileName' => ['description' => 'The name of the verification file.', 'type' => 'string', 'example' => 'xxx.html', 'title' => ''],
'Value' => ['description' => 'The content of the verification file.', 'type' => 'string', 'example' => 'verify_0a246ca99d504ba08***', 'title' => ''],
'DownloadUrl' => ['description' => 'The download URL of the verification file.', 'type' => 'string', 'example' => 'http://oss.xxx.com//xxx.html', 'title' => ''],
],
'description' => 'The file-based verification content, including the file name, path, and download URL.',
'title' => '',
'example' => '',
],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''],
'VerifyResult' => ['description' => 'Indicates whether the domain ownership verification is successful.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
],
'description' => 'The response parameters.',
'title' => '',
'example' => '',
],
],
],
'title' => 'DescribeVerifyContent',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeVerifyContent',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DnsContent\\": {\\n \\"RR\\": \\"verification\\",\\n \\"Type\\": \\"TXT\\",\\n \\"Value\\": \\"verify_0a246ca99d504ba087472d***\\"\\n },\\n \\"FileContent\\": {\\n \\"TopDomain\\": \\"aliyundemo.com\\",\\n \\"VerifyPath\\": \\"http://xxx.xxx.com//xxx.html\\",\\n \\"FileName\\": \\"xxx.html\\",\\n \\"Value\\": \\"verify_0a246ca99d504ba08***\\",\\n \\"DownloadUrl\\": \\"http://oss.xxx.com//xxx.html\\"\\n },\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"VerifyResult\\": true\\n}","type":"json"}]',
],
'DescribeVisitTopIp' => [
'summary' => 'Queries the top 10 IP addresses that initiate the most requests.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The beginning of the time range to query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end of the time range to query. Unit: seconds. If you do not set this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '5D2B8DAE-A761-58CB-A68D-74989E4831DA', 'title' => ''],
'TopIp' => [
'description' => 'The top 10 IP addresses by traffic.',
'type' => 'array',
'items' => [
'description' => 'The traffic statistics of an IP address.',
'type' => 'object',
'properties' => [
'Area' => ['description' => 'The region code.', 'type' => 'string', 'example' => '310000', 'title' => ''],
'Ip' => ['description' => 'The IP address.', 'type' => 'string', 'example' => '1.1.XX.XX', 'title' => ''],
'Isp' => ['description' => 'The Internet service provider.', 'type' => 'string', 'example' => 'AAA', 'title' => ''],
'Count' => ['description' => 'The total number of requests from the IP address.', 'type' => 'integer', 'format' => 'int64', 'example' => '2622', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query top 10 IP addresses by traffic',
'changeSet' => [
['createdAt' => '2024-08-27T07:18:17.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitTopIp'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeVisitTopIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"5D2B8DAE-A761-58CB-A68D-74989E4831DA\\",\\n \\"TopIp\\": [\\n {\\n \\"Area\\": \\"310000\\",\\n \\"Ip\\": \\"1.1.XX.XX\\",\\n \\"Isp\\": \\"AAA\\",\\n \\"Count\\": 2622\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeVisitUas' => [
'summary' => 'Queries the top 10 User-Agents that initiate the most requests.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '104799',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'StartTimestamp',
'in' => 'query',
'schema' => ['description' => 'The start time of the query. Unit: seconds.', 'type' => 'string', 'required' => true, 'example' => '1665331200', 'title' => ''],
],
[
'name' => 'EndTimestamp',
'in' => 'query',
'schema' => ['description' => 'The end time of the query. Unit: seconds. If you do not set this parameter, the end time is the current query time.', 'type' => 'string', 'required' => false, 'example' => '1665386280', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2847CE98-AFAE-5A64-B80E-60461717F9DE', 'title' => ''],
'Uas' => [
'description' => 'The top 10 User-Agents by traffic.',
'type' => 'array',
'items' => [
'description' => 'The User-Agent traffic statistics.',
'type' => 'object',
'properties' => [
'Count' => ['description' => 'The total number of requests from the User-Agent.', 'type' => 'integer', 'format' => 'int64', 'example' => '698455', 'title' => ''],
'Ua' => ['description' => 'The User-Agent name.', 'type' => 'string', 'example' => 'chrome', 'title' => ''],
],
'title' => '',
'example' => '',
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query top 10 user-Agents by traffic',
'changeSet' => [
['createdAt' => '2024-08-27T07:18:17.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-04-18T02:11:02.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitUas'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeVisitUas',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2847CE98-AFAE-5A64-B80E-60461717F9DE\\",\\n \\"Uas\\": [\\n {\\n \\"Count\\": 698455,\\n \\"Ua\\": \\"chrome\\"\\n }\\n ]\\n}","type":"json"}]',
],
'DescribeWafSourceIpSegment' => [
'summary' => 'Queries the back-to-origin CIDR blocks of WAF.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '115641',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-*****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The query result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '9087ADDC-9047-4D02-82A7-33021B58083C', 'title' => ''],
'WafSourceIp' => [
'description' => 'The list of WAF back-to-origin IP addresses CIDR blocks used by the protection cluster.',
'type' => 'object',
'properties' => [
'IPv6' => [
'description' => 'The list of IPv6 back-to-origin CIDR blocks.',
'type' => 'array',
'items' => ['description' => 'The IPv6 back-to-origin CIDR block.', 'type' => 'string', 'example' => '2408:XXXX:3c:4800::/56', 'title' => ''],
'title' => '',
'example' => '',
],
'IPv4' => [
'description' => 'The list of IPv4 back-to-origin CIDR blocks.',
'type' => 'array',
'items' => ['description' => 'The IPv4 back-to-origin CIDR block.', 'type' => 'string', 'example' => '101.200.XX.XX/24', 'title' => ''],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Query back-to-origin CIDR blocks of a WAF instance',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeWafSourceIpSegment'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeWafSourceIpSegment',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"9087ADDC-9047-4D02-82A7-33021B58083C\\",\\n \\"WafSourceIp\\": {\\n \\"IPv6\\": [\\n \\"2408:XXXX:3c:4800::/56\\"\\n ],\\n \\"IPv4\\": [\\n \\"101.200.XX.XX/24\\"\\n ]\\n }\\n}","type":"json"}]',
],
'InitializeWafOperationRole' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '113863',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '4EC9EA6C-F80A-5D25-A8F7-***', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'RoleAlreadyExists', 'errorMessage' => 'Service Linked Role Already Exists.', 'description' => 'The role already exists.'],
['errorCode' => 'NoPermissonCreatesServiceLinkedRole', 'errorMessage' => 'No Permisson Create Service Linked Role.', 'description' => 'You do not have the permissions to create the service-linked role.'],
],
],
'title' => 'InitializeWafOperationRole',
'summary' => 'Initializes a service-linked role for WAF.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:InitializeWafOperationRole',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"4EC9EA6C-F80A-5D25-A8F7-***\\"\\n}","type":"json"}]',
],
'ListTagKeys' => [
'summary' => 'Queries tag keys.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'list',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '164269',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou'],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The token that is used to start the next query.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****'],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-wwo****iw02', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'NextToken' => ['title' => '', 'description' => 'The token that is used to start the next query. If this parameter is empty, no more results are returned.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '8CB8BB88-24C7-5608-BF5E-4DCA****CF1C', 'title' => ''],
'Keys' => [
'title' => '',
'description' => 'The list of tag keys and types.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Key' => ['title' => '', 'description' => 'The tag key.', 'type' => 'string', 'example' => 'demoTagKey'],
'Category' => ['description' => 'The tag type. Valid values:'."\n"
."\n"
.'- custom: custom tag.'."\n"
.'- system: system tag.', 'type' => 'string', 'example' => 'custom', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'Query tag keys',
'changeSet' => [
['createdAt' => '2024-11-12T13:24:11.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagKeys'],
],
],
'ramActions' => [
[
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:ListTagKeys',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"RequestId\\": \\"8CB8BB88-24C7-5608-BF5E-4DCA****CF1C\\",\\n \\"Keys\\": [\\n {\\n \\"Key\\": \\"demoTagKey\\",\\n \\"Category\\": \\"custom\\"\\n }\\n ]\\n}","type":"json"}]',
],
'ListTagResources' => [
'summary' => 'Queries the tags that are added to a resource.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '164021',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: indicates the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'cn-hangzhou'],
],
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['description' => 'A pagination token for the next query', 'type' => 'string', 'required' => false, 'title' => '', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => ['description' => 'The resource type. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'],
],
[
'name' => 'ResourceId',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The resource IDs. You can specify up to 50 resource IDs.',
'type' => 'array',
'items' => ['description' => 'The resource ID.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxaliyundoc.com-waf', 'title' => ''],
'required' => false,
'maxItems' => 51,
'example' => '',
],
],
[
'name' => 'Tag',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The tags that are added to the resource.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The tag key.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'Tagkey1'],
'Value' => ['description' => 'The tag value.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'TagValue1'],
],
'required' => false,
'description' => '',
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 21,
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'NextToken' => ['description' => 'A pagination token. It can be used in the next request to retrieve a new page of results. If NextToken is empty, no next page exists.', 'type' => 'string', 'title' => '', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '716E64DA-044F-51C7-B528-2FBF****AE4F', 'title' => ''],
'TagResources' => [
'title' => '',
'description' => 'The resource list.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'ResourceType' => ['description' => 'The resource type. ALIYUN::WAF::DEFENSERESOURCE is returned.', 'type' => 'string', 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'],
'TagValue' => ['description' => 'The tag value.', 'type' => 'string', 'title' => '', 'example' => 'TayValue1'],
'ResourceId' => ['description' => 'The resource ID.', 'type' => 'string', 'title' => '', 'example' => 'c754d2a4-28f1-46df-b557-9586173a****'],
'TagKey' => ['description' => 'The tag key.', 'type' => 'string', 'title' => '', 'example' => 'TagKey1'],
],
'description' => '',
'title' => '',
'example' => '',
],
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'ListTagResources',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagResources'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:ListTagResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\",\\n \\"RequestId\\": \\"716E64DA-044F-51C7-B528-2FBF****AE4F\\",\\n \\"TagResources\\": [\\n {\\n \\"ResourceType\\": \\"ALIYUN::WAF::DEFENSERESOURCE\\",\\n \\"TagValue\\": \\"TayValue1\\",\\n \\"ResourceId\\": \\"c754d2a4-28f1-46df-b557-9586173a****\\",\\n \\"TagKey\\": \\"TagKey1\\"\\n }\\n ]\\n}","type":"json"}]',
],
'ListTagValues' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'get',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '164272',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'NextToken',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The token for the next query.', 'type' => 'string', 'required' => false, 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n"],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => ['title' => '', 'description' => 'The resource type. Fixed value: ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-lbj****x10g', 'title' => ''],
],
[
'name' => 'Key',
'in' => 'query',
'schema' => ['description' => 'The tag key.', 'type' => 'string', 'required' => true, 'example' => 'demoKey', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-aekzwwk****cv5i', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'NextToken' => ['title' => '', 'description' => 'The token for the next query. If NextToken is empty, no more results exist.', 'type' => 'string', 'example' => 'caeba0bbb2be03f84eb48b699f0*****'."\n"],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '705114BB-EAEF-5CC4-8837-F1D4****BB5B', 'title' => ''],
'Values' => [
'title' => '',
'description' => 'The list of tag values.',
'type' => 'array',
'items' => ['description' => 'The tag value.', 'type' => 'string', 'example' => 'TagValue1', 'title' => ''],
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'Query tag values of a specified tag key',
'summary' => 'Queries the tag values that correspond to a specified tag key.',
'changeSet' => [
['createdAt' => '2024-11-12T13:24:10.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagValues'],
],
],
'ramActions' => [
[
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:ListTagValues',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"NextToken\\": \\"caeba0bbb2be03f84eb48b699f0*****\\\\n\\",\\n \\"RequestId\\": \\"705114BB-EAEF-5CC4-8837-F1D4****BB5B\\",\\n \\"Values\\": [\\n \\"TagValue1\\"\\n ]\\n}","type":"json"}]',
],
'ModifyApisecAbnormals' => [
'summary' => 'Modifies the status of API security risks in batches.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '229991',
'abilityTreeNodes' => ['FEATUREwafWE25G7'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-****', 'title' => ''],
],
[
'name' => 'AbnormalIds',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'A list of API security risk IDs.',
'type' => 'array',
'items' => ['description' => 'The ID of the API security risk.', 'type' => 'string', 'required' => false, 'example' => 'a50b820efee0989df3b54b2089*****', 'title' => ''],
'required' => true,
'maxItems' => 20,
'minItems' => 1,
'title' => '',
'example' => '',
],
],
[
'name' => 'UserStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the security risk. Valid values:'."\n"
."\n"
.'- **toBeConfirmed**: The security risk is to be confirmed.'."\n"
."\n"
.'- **confirmed**: The security risk is confirmed.'."\n"
."\n"
.'- **toBeFixed**: The security risk is to be fixed.'."\n"
."\n"
.'- **fixed**: The security risk is fixed.'."\n"
."\n"
.'- **ignored**: The security risk is ignored.', 'type' => 'string', 'required' => true, 'example' => 'fixed', 'title' => ''],
],
[
'name' => 'Note',
'in' => 'query',
'schema' => ['description' => 'The remarks for the status change.', 'type' => 'string', 'required' => false, 'example' => 'already fixed.', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter is available only for hybrid cloud scenarios. Call the [DescribeHybridCloudClusters](~~2849376~~) operation to query information about hybrid cloud clusters.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: a region outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'C1823E96-EF4B-5BD2-9E02-1D18****3ED8', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'ModifyApisecAbnormals',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecAbnormals'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecAbnormals',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"C1823E96-EF4B-5BD2-9E02-1D18****3ED8\\"\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'ModifyApisecApiResource' => [
'summary' => 'Modifies the annotation of an API asset in the API security module of Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '168714',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'Follow',
'in' => 'query',
'schema' => ['description' => 'Indicates whether to follow the API asset. Valid values:'."\n"
."\n"
.'- **1**: follows the API asset.'."\n"
."\n"
.'- **0** (default): does not follow the API asset.', 'type' => 'integer', 'format' => 'int64', 'default' => '0', 'required' => false, 'example' => '0', 'title' => ''],
],
[
'name' => 'Note',
'in' => 'query',
'schema' => ['description' => 'The remarks of the API asset. You can use this parameter to add a custom annotation to the API asset for easier identification.', 'type' => 'string', 'required' => false, 'example' => 'know', 'title' => ''],
],
[
'name' => 'ApiId',
'in' => 'query',
'schema' => ['description' => 'The ID of the API asset that you want to modify.', 'type' => 'string', 'required' => true, 'example' => 'c68995b89069595c5c0399676f3ca64f', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter is required only for hybrid cloud scenarios. You can call the [DescribeHybridCloudClusters](~~2849376~~) operation to query the ID of the hybrid cloud cluster.', 'type' => 'string', 'required' => false, 'example' => '428', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'ModifyApisecApiResource',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecApiResource'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecApiResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'ModifyApisecEvents' => [
'summary' => 'Modifies the status of a batch of API security events.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '230005',
'abilityTreeNodes' => ['FEATUREwafVPSU1I'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_***', 'title' => ''],
],
[
'name' => 'EventIds',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'A list of API security event IDs.',
'type' => 'array',
'items' => ['description' => 'An API security event ID.', 'type' => 'string', 'example' => '7298c9f5b137c83****', 'title' => '', 'required' => false],
'required' => true,
'maxItems' => 20,
'minItems' => 1,
'title' => '',
'example' => '',
],
],
[
'name' => 'UserStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the event. Valid values:'."\n"
."\n"
.'- **toBeConfirmed**: The event is pending confirmation.'."\n"
."\n"
.'- **confirmed**: The event is confirmed.'."\n"
."\n"
.'- **ignored**: The event is ignored.', 'type' => 'string', 'required' => true, 'example' => 'confirmed', 'title' => ''],
],
[
'name' => 'Note',
'in' => 'query',
'schema' => ['description' => 'The remarks.', 'type' => 'string', 'required' => false, 'example' => 'already confirmed.', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.'."\n"
."\n"
.'> This parameter is available only for hybrid cloud scenarios. Call [DescribeHybridCloudClusters](~~2849376~~) to obtain information about hybrid cloud clusters.', 'type' => 'string', 'example' => '428', 'title' => '', 'required' => false],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'EventScope',
'in' => 'query',
'schema' => [
'description' => 'The dimension of the security event. Valid values:'."\n"
."\n"
.'- **ip** (default): IP security event.'."\n"
."\n"
.'- **account**: account security event.',
'type' => 'string',
'example' => 'ip',
'default' => 'ip',
'enum' => ['ip', 'account'],
'title' => '',
'required' => false,
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The request result.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-****-6B19160D5EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'ModifyApisecEvents',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-****-6B19160D5EB0\\"\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'ModifyApisecLogDelivery' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '224402',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''],
],
[
'name' => 'AssertKey',
'in' => 'query',
'schema' => ['description' => 'The type of the log subscription. Valid values:'."\n"
."\n"
.'- **risk**: risk information.'."\n"
."\n"
.'- **event**: attack event information.'."\n"
."\n"
.'- **asset**: asset information.', 'type' => 'string', 'required' => true, 'example' => 'risk', 'title' => ''],
],
[
'name' => 'LogRegionId',
'in' => 'query',
'schema' => ['description' => 'The ID of the region where logs are stored.'."\n"
."\n"
.'> You can call the [DescribeUserSlsLogRegions](~~2712598~~) operation to query available log storage regions.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ProjectName',
'in' => 'query',
'schema' => ['description' => 'The name of the project in Simple Log Service.'."\n"
."\n"
.'> API security logs can only be delivered to projects whose name starts with apisec-.', 'type' => 'string', 'required' => true, 'example' => 'apisec-project-14316572********', 'title' => ''],
],
[
'name' => 'LogStoreName',
'in' => 'query',
'schema' => ['description' => 'The name of the Logstore in Simple Log Service.'."\n"
."\n"
.'> API security logs can only be delivered to Logstores whose name starts with apisec-.', 'type' => 'string', 'required' => true, 'example' => 'apisec-logstore***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'title' => 'ModifyApisecLogDelivery',
'summary' => 'Updates the API security log subscription settings.',
'changeSet' => [
['createdAt' => '2024-11-12T11:54:57.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecLogDelivery'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecLogDelivery',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","type":"json"}]',
'gatewayOptions' => [
'gatewayProtocols' => [],
],
],
'ModifyApisecLogDeliveryStatus' => [
'summary' => 'Modifies the subscription status of API security logs.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '225244',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query instance ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3_public_cn-uqm2z****0a', 'title' => ''],
],
[
'name' => 'AssertKey',
'in' => 'query',
'schema' => ['description' => 'The log subscription type. Valid values:'."\n"
."\n"
.'- **risk**: risk information.'."\n"
.'- **event**: attack event information.'."\n"
.'- **asset**: asset information.', 'type' => 'string', 'required' => true, 'example' => 'risk', 'title' => ''],
],
[
'name' => 'Status',
'in' => 'query',
'schema' => ['description' => 'The enabling status of API security log subscribe. Valid values:'."\n"
."\n"
.'- **true**: Enabled.'."\n"
."\n"
.'- **false**: shutdown.', 'type' => 'boolean', 'required' => true, 'example' => 'true', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Modify API security log subscription status',
'changeSet' => [
['createdAt' => '2024-11-12T11:54:56.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-27T07:54:56.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecLogDeliveryStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\"\\n}","type":"json"}]',
],
'ModifyApisecModuleStatus' => [
'summary' => 'Modifies the status of protected objects or protected object groups for the API security protection module.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '189643',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqtm**', 'title' => ''],
],
[
'name' => 'Resources',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => false, 'example' => 'cwaf-***-waf', 'title' => ''],
],
[
'name' => 'ReportStatus',
'in' => 'query',
'schema' => ['description' => 'The compliance review status. Valid values: '."\n"
.'- **1**: Enabled.'."\n"
.'- **0**: Disabled.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'TraceStatus',
'in' => 'query',
'schema' => ['description' => 'The tracing audit status. Valid values: '."\n"
.'- **1**: Enabled.'."\n"
.'- **0**: Disabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
],
[
'name' => 'ResourceGroups',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group to which the protected object is added.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Modify API security protection module status',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecModuleStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
],
'ModifyApisecStatus' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '189028',
'abilityTreeNodes' => ['FEATUREwaf71G1E8'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'Resources',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => false, 'example' => 'alb-wewbb23dfset***', 'title' => ''],
],
[
'name' => 'ApisecStatus',
'in' => 'query',
'schema' => ['description' => 'The API security status. Valid values: '."\n"
.'- **1**: enabled.'."\n"
.'- **0**: disabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'ResourceGroups',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group to which the protected object is added.', 'type' => 'string', 'required' => false, 'example' => 'group', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'eventInfo' => [
'enable' => false,
'eventNames' => [],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Modify API security status',
'summary' => 'Modifies the status of protected objects or protected object groups for API security.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]',
],
'ModifyCloudResource' => [
'summary' => 'Modifies the configuration of a cloud service that is connected to Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226537',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-***', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Listen',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The listening configuration.',
'type' => 'object',
'properties' => [
'TLSVersion' => ['description' => 'The TLS version to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1.2', 'title' => ''],
'EnableTLSv3' => ['description' => 'Specifies whether TLS 1.3 is supported. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'CipherSuite' => ['description' => 'The type of cipher suite to add. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites. This value is available only when **TLSVersion** is set to **tlsv1.2**.'."\n"
."\n"
.'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '1', 'title' => ''],
'CustomCiphers' => [
'description' => 'The custom cipher suites.',
'type' => 'array',
'items' => ['description' => 'The specific custom cipher suite to add. This parameter is used only when **CipherSuite** is set to **99**.', 'type' => 'string', 'required' => false, 'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'ResourceProduct' => [
'description' => 'The type of cloud service. Valid values:'."\n"
."\n"
.'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **ecs**: Elastic Compute Service (ECS).'."\n"
.'- **nlb**: Network Load Balancer (NLB).',
'type' => 'string',
'deprecated' => true,
'required' => false,
'enum' => ['ecs', 'clb4', 'clb7', 'nlb'],
'example' => 'clb7',
'title' => '',
],
'ResourceInstanceId' => ['description' => 'The instance ID of the resource.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-***', 'title' => ''],
'Port' => ['description' => 'The port of the cloud service connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'example' => '80', 'title' => ''],
'Protocol' => [
'description' => 'The protocol type. Valid values:'."\n"
.'- **http**: HTTP.'."\n"
.'- **https**: HTTPS.',
'type' => 'string',
'required' => true,
'enum' => ['http', 'https'],
'example' => 'http',
'title' => '',
],
'Certificates' => [
'description' => 'The certificate information.',
'type' => 'array',
'items' => [
'description' => 'The certificate information.',
'type' => 'object',
'properties' => [
'CertificateId' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''],
'AppliedType' => ['description' => 'The type of certificate for HTTPS. Valid values:'."\n"
."\n"
.'- **default**: default certificate.'."\n"
."\n"
.'- **extension**: extended certificate.', 'type' => 'string', 'required' => false, 'example' => 'default', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
'Http2Enabled' => ['description' => 'Specifies whether to enable HTTP/2. This parameter is used only when **HttpsPorts** is not empty, which indicates that the domain name uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled.'."\n"
."\n"
.'- **false** (default): HTTP/2 is not enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Redirect',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The forwarding configuration.',
'type' => 'object',
'properties' => [
'RequestHeaders' => [
'description' => 'The traffic mark fields and values of the domain name, which are used to mark traffic processed by WAF.',
'type' => 'array',
'items' => [
'description' => 'The value of this parameter is in the format of [**{"k":"_key_","v":"_value_"}**]. **_key_** specifies the custom request header field, and **_value_** specifies the value of the field.'."\n"
."\n"
.'> If the custom header field already exists in the request, the system overwrites the value of the field with the specified traffic mark value.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'key1', 'title' => ''],
'Value' => ['description' => 'The value of the custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'value1', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 5,
'title' => '',
'example' => '',
],
'XffHeaderMode' => ['description' => 'The method that WAF uses to obtain the originating IP address of the client. Valid values:'."\n"
."\n"
.'- **0**: No Layer 7 proxy is deployed in front of WAF.'."\n"
."\n"
.'- **1**: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address.'."\n"
."\n"
.'- **2**: WAF reads the value of a custom header field that you specify as the client IP address.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''],
'XffHeaders' => [
'description' => 'The list of custom header fields used to obtain the client IP address, in the format of **["header1","header2",...]**.'."\n"
."\n"
.'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.',
'type' => 'array',
'items' => ['description' => 'The list of custom header fields used to obtain the client IP address, in the format of **["header1","header2",...]**.'."\n"
."\n"
.'> This parameter is required only when **XffHeaderMode** is set to 2, which indicates that WAF reads the value of a custom header field as the client IP address.', 'type' => 'string', 'pattern' => '^[^\';<>=|\\(\\)]+$', 'required' => false, 'example' => 'header1', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds.'."\n"
.'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '3600', 'minimum' => '1', 'example' => '1', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds.'."\n"
.'Valid values: 1 to 3600.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '3600', 'minimum' => '1', 'example' => '1', 'title' => ''],
'Keepalive' => ['description' => 'Specifies whether to enable persistent connections. Valid values:'."\n"
."\n"
.'- **true** (default): Persistent connections are enabled.'."\n"
."\n"
.'- **false**: Persistent connections are not enabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
'KeepaliveRequests' => ['description' => 'The number of requests that can reuse a persistent connection. Valid values: 60 to 1000.'."\n"
."\n"
.'> After persistent connections are enabled, this parameter specifies how many requests can reuse a persistent connection.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The idle timeout period of a persistent connection. Valid values: 10 to 3600. Default value: 3600. Unit: seconds.'."\n"
."\n"
.'> Specifies how long an idle persistent connection can remain open before it is released.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '3600', 'required' => false, 'example' => '15', 'title' => ''],
'XffProto' => ['description' => 'Specifies whether to use X-Forward-For-Proto to pass the protocol used by WAF. Valid values:'."\n"
."\n"
.'- **true** (default): The protocol used by WAF is passed.'."\n"
."\n"
.'- **false**: The protocol used by WAF is not passed.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'MaxBodySize' => ['title' => '', 'description' => 'The maximum request body size. Valid values: 2 to 10. Default value: 2. Unit: GB.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'required' => false],
],
'required' => false,
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF when the resource is connected in cloud native mode.'."\n"
."\n"
.'> You can call [CreateCloudResource](~~2839876~~) to connect a resource and view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-***-80-clb7', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***', 'title' => ''],
'CloudResource' => ['description' => 'The ID of the connected resource.', 'type' => 'string', 'example' => 'lb-xxx-80-clb7', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.OnlyBeOneDefaultCert', 'errorMessage' => 'There can be only one default certificate.', 'description' => 'There can be only one default certificate.'],
['errorCode' => 'Waf.Control.CloudProductInfoNotMartch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'],
['errorCode' => 'Waf.Control.CloudProductInfoEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'."\n"],
['errorCode' => 'Waf.Control.DefenseResourceEmpty', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'],
],
],
'gatewayOptions' => [
'gatewayProtocols' => [],
],
'title' => 'Modify cloud service access configuration',
'changeSet' => [
['createdAt' => '2024-10-10T12:43:20.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyCloudResource'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyCloudResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\",\\n \\"CloudResource\\": \\"lb-xxx-80-clb7\\"\\n}","type":"json"}]',
],
'ModifyCloudResourceCert' => [
'summary' => 'Modifies the certificate for a resource managed by WAF in cloud native mode.',
'path' => '',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'none',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => [
'description' => 'The type of the cloud product. Valid values:'."\n"
."\n"
.'- **ecs**: Elastic Compute Service (ECS).'."\n"
."\n"
.'- **clb4**: Layer 4 Classic Load Balancer (CLB).'."\n"
."\n"
.'- **nlb**: Network Load Balancer (NLB).',
'type' => 'string',
'deprecated' => true,
'required' => false,
'enum' => ['ecs', 'clb4', 'nlb'],
'example' => 'clb4',
'title' => '',
],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the cloud product instance.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-bp1*****jqnnqk5uj2p', 'title' => ''],
],
[
'name' => 'Port',
'in' => 'query',
'schema' => ['description' => 'The port of the cloud product that is added to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'maximum' => '65534', 'minimum' => '1', 'example' => '443', 'title' => ''],
],
[
'name' => 'Certificates',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'CertificateId' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '232***-cn-hangzhou', 'title' => ''],
'AppliedType' => [
'description' => 'The type of the certificate for the HTTPS protocol. Valid values:'."\n"
."\n"
.'- **default**: the default certificate.'."\n"
."\n"
.'- **extension**: the additional certificate.',
'type' => 'string',
'required' => true,
'enum' => ['default', 'extension'],
'example' => 'default',
'title' => '',
],
],
'required' => true,
'description' => 'The list of certificates.',
'title' => '',
'example' => '',
],
'required' => true,
'maxItems' => 100,
'description' => 'The list of certificates.'."\n"
."\n"
.'> Enter all certificate IDs. This includes the default certificate and all additional certificates. After you submit the request, WAF compares the submitted IDs with the existing ones. WAF adds new certificates and deletes certificates that are not in your list. Deleting a certificate may affect related services.',
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource that is added to WAF. WAF automatically generates this ID when you add the resource in cloud native mode.'."\n"
."\n"
.'> Call the [CreateCloudResource](~~2839876~~) operation to add a resource. Then, view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'title' => '', 'example' => 'A47D2DC0-7151-51EF-BFB7-***'],
],
'title' => '',
'description' => 'The response schema.',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.OnlyBeOneDefaultCert', 'errorMessage' => 'There can be only one default certificate.', 'description' => 'There can be only one default certificate.'],
['errorCode' => 'Waf.Pullin.MaxCertCountLimit', 'errorMessage' => 'The number of selected certificate IDs exceeds the maximum number in the system.', 'description' => 'The number of selected certificate IDs exceeds the maximum number in the system.'],
['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'],
['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'],
['errorCode' => 'Waf.Pullin.CloudProductParamNotMatch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'."\n"],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'ModifyCloudResourceCert',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:ModifyCloudResourceCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"A47D2DC0-7151-51EF-BFB7-***\\"\\n}","type":"json"}]',
],
'ModifyCloudResourceDefaultCert' => [
'path' => '',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'],
],
'parameters' => [
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-kf74****', 'title' => ''],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF during cloud native mode access.'."\n"
."\n"
.'> You can call [CreateCloudResource](~~2839876~~) to connect a resource, and then view the resource ID in the response.', 'type' => 'string', 'required' => true, 'example' => 'lb-***-80-clb7', 'title' => ''],
],
[
'name' => 'CertId',
'in' => 'query',
'schema' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'Schema of Response',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-***'],
],
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'Modify the default certificate for a cloud service',
'summary' => 'Modifies the default certificate for a cloud native mode resource.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyCloudResourceDefaultCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-***\\"\\n}","type":"json"}]',
],
'ModifyDefaultHttps' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '226996',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'CertId',
'in' => 'query',
'schema' => ['description' => 'The certificate ID.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''],
],
[
'name' => 'TLSVersion',
'in' => 'query',
'schema' => [
'description' => 'The version of the TLS protocol. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**',
'type' => 'string',
'required' => true,
'enum' => ['tlsv1', 'tlsv1.1', 'tlsv1.2', 'tlsv1.3'],
'example' => 'tlsv1',
'title' => '',
],
],
[
'name' => 'CipherSuite',
'in' => 'query',
'schema' => [
'description' => 'The type of the cipher suite. Valid values:'."\n"
."\n"
.'- **1**: adds all cipher suites.'."\n"
."\n"
.'- **2**: adds strong cipher suites.'."\n"
."\n"
.'- **99**: adds custom cipher suites.',
'type' => 'integer',
'format' => 'int32',
'default' => '1',
'enum' => ['1', '2', '99'],
'required' => false,
'example' => '0',
'title' => '',
],
],
[
'name' => 'CustomCiphers',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The custom cipher suites that you want to add. This parameter is used only when **CipherSuite** is set to **99**.',
'type' => 'array',
'items' => [
'description' => 'The custom cipher suite.',
'type' => 'string',
'enum' => [
'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-SHA256', 'ECDHE-ECDSA-AES256-SHA384', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES128-SHA256', 'ECDHE-RSA-AES256-SHA384', 'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256', 'AES256-SHA256', 'ECDHE-ECDSA-AES128-SHA', 'ECDHE-ECDSA-AES256-SHA', 'ECDHE-RSA-AES128-SHA', 'ECDHE-RSA-AES256-SHA', 'AES128-SHA', 'AES256-SHA', 'DES-CBC3-SHA', 'RSA+3DES',
'!aNULL', '!eNULL', '!LOW', '!MD5', '!EXP', '!DSS', '!PSK', '!SRP', '!kECDH', '!CAMELLIA', '!IDEA', '!SEED',
],
'required' => false,
'example' => 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384',
'title' => '',
],
'required' => false,
'maxItems' => 100,
'title' => '',
'example' => '',
],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to view the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'EnableTLSv3',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to support TLS 1.3. Valid values:'."\n"
."\n"
.'- **true**: supports TLS 1.3.'."\n"
."\n"
.'- **false**: does not support TLS 1.3.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID, which is used to locate and troubleshoot issues.', 'type' => 'string', 'example' => '276D7566-31C9-4192-9DD1-***', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.InvalidCertIdentifier', 'errorMessage' => 'Invalid certificate ID, certificate ID:%s.', 'description' => 'Invalid certificate ID, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate ID:%s.', 'description' => ''],
['errorCode' => 'Waf.Pullin.CertEmptyCN', 'errorMessage' => 'The common name of the certificate is empty, certificate ID:%s.', 'description' => ''],
['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.InvalidTLS', 'errorMessage' => 'invalid TLS,TLS:%s .', 'description' => ''],
['errorCode' => 'Waf.Pullin.InvalidEnableTLSv3', 'errorMessage' => 'invalid EnableTLSv3:%s .', 'description' => ''],
['errorCode' => 'Waf.Pullin.InvalidCipherSuit', 'errorMessage' => 'Invalid CipherSuit,CipherSuit:%s.', 'description' => ''],
['errorCode' => 'Waf.Pullin.InvalidCustomCiphers', 'errorMessage' => 'Invalid InvalidCustomCiphers, CustomCiphers:%s .', 'description' => ''],
],
],
'title' => 'ModifyDefaultHttps',
'summary' => 'Modifies the default SSL/TLS settings.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefaultHttps'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefaultHttps',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"276D7566-31C9-4192-9DD1-***\\"\\n}","type":"json"}]',
],
'ModifyDefenseResourceGroup' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106353',
'abilityTreeNodes' => ['FEATUREwafHQWDCC'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object group to modify.', 'type' => 'string', 'required' => true, 'example' => 'test01', 'title' => ''],
],
[
'name' => 'AddList',
'in' => 'query',
'schema' => ['description' => 'The protected objects to add to the protected object group. Separate multiple protected objects with commas (,). If this parameter is empty, no protected objects are added to the protected object group.', 'type' => 'string', 'required' => false, 'example' => 'test1.aliyundoc.com,test2.aliyundoc.com', 'title' => ''],
],
[
'name' => 'DeleteList',
'in' => 'query',
'schema' => ['description' => 'The protected objects to remove from the protected object group. Separate multiple protected objects with commas (,). If this parameter is empty, no protected objects are removed from the protected object group.', 'type' => 'string', 'required' => false, 'example' => 'test14.waf.com,test24.waf.com', 'title' => ''],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the protected object group. The description can be up to 512 characters long.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is located. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '2CC1AFDE-BB31-5A2F-906E-92FCBDDE6B75', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyDefenseResourceGroup',
'summary' => 'Modifies the configuration of a protected object group.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceGroup'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2CC1AFDE-BB31-5A2F-906E-92FCBDDE6B75\\"\\n}","type":"json"}]',
],
'ModifyDefenseResourceXff' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '144829',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'XffStatus',
'in' => 'query',
'schema' => ['description' => 'Specifies whether a Layer 7 proxy is deployed in front of WAF. Layer 7 proxies include Anti-DDoS Proxy and Alibaba Cloud CDN. Valid values:'."\n"
."\n"
.'- **0 (default)**: No.'."\n"
."\n"
.'- **1**: Yes.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '0', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-wwo****ek07', 'title' => ''],
],
[
'name' => 'CustomHeaders',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The custom header fields.'."\n"
."\n"
.'> The first IP address in the specified header field is used as the client source IP address to prevent X-Forwarded-For (XFF) spoofing. If multiple headers are specified, they are tried in sequence to obtain the source IP address. If the first header does not contain an IP address, the system tries the second header, and so on. If no IP address is found in any of the specified headers, the system uses the first IP address in the X-Forwarded-For header.',
'type' => 'array',
'items' => ['description' => 'The custom header field.', 'type' => 'string', 'required' => false, 'example' => 'x-forwarded-for', 'title' => ''],
'required' => false,
'maxItems' => 5,
'title' => '',
'example' => '',
],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The name of the protected object.', 'type' => 'string', 'required' => true, 'example' => 'alb-4pxu81fgagx3h6y****-alb', 'title' => ''],
],
[
'name' => 'AcwCookieStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the tracking cookie.'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1 (default)**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''],
],
[
'name' => 'AcwSecureStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the secure attribute of the tracking cookie.'."\n"
."\n"
.'- **0 (default)**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''],
],
[
'name' => 'AcwV3SecureStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the secure attribute of the slider CAPTCHA cookie.'."\n"
."\n"
.'- **0 (default)**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '0', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResponseHeaders',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'description' => 'The response header parameters.',
'type' => 'array',
'items' => [
'description' => 'The response header parameters.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'Specifies the key for a custom response header.', 'type' => 'string', 'maxLength' => 50, 'required' => false, 'example' => 'Header-Key'."\n", 'title' => ''],
'Value' => ['description' => 'Specifies the value for a custom response header.', 'type' => 'string', 'maxLength' => 50, 'required' => false, 'example' => 'Header-Value'."\n", 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'maxItems' => 5,
'title' => '',
'example' => '',
],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2ki****miwq', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '6C094583-9B3F-5BD8-8748-DC638E48****', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.AbnormalStatus', 'errorMessage' => 'The status of the access resource is abnormal. Resource:%s.', 'description' => 'The status of the access resource is abnormal. Resource:%s.'],
],
],
'title' => 'ModifyDefenseResourceXff',
'summary' => 'Modifies the cookie settings of a protected object and the method to identify the originating IP addresses of clients.',
'changeSet' => [
['createdAt' => '2025-02-24T08:09:13.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '100', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceXff'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseResourceXff',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"6C094583-9B3F-5BD8-8748-DC638E48****\\"\\n}","type":"json"}]',
],
'ModifyDefenseRule' => [
'methods' => ['post'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106380',
'abilityTreeNodes' => [
'FEATUREwaf1LM6V0', 'FEATUREwafOVI09M', 'FEATUREwafF105ZO', 'FEATUREwafCU29M8', 'FEATUREwafBWO4L0', 'FEATUREwaf9JXZCD', 'FEATUREwafIFHX6M', 'FEATUREwafI1HM4C', 'FEATUREwaf16U367', 'FEATUREwaf6XNOII', 'FEATUREwafS64FX9', 'FEATUREwafQ73SIK', 'FEATUREwafAFURH8', 'FEATUREwafRM5KJ7', 'FEATUREwaf4TDPM4', 'FEATUREwafOUMN3V', 'FEATUREwafVG3S9P', 'FEATUREwafIDKGGL', 'FEATUREwafWUANSU', 'FEATUREwafVZXFDE',
'FEATUREwaf6KFDRU',
],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.'."\n"
."\n"
.'> This parameter is required only when **DefenseType** is set to **template**.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '5325', 'title' => ''],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The protection scenario to modify. For more information, see the **DefenseScene** parameter in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'required' => false, 'example' => 'waf_group', 'title' => ''],
],
[
'name' => 'Rules',
'in' => 'formData',
'schema' => ['description' => 'The details of the protection rule, in a JSON string format. Specify the rule ID and the configuration of the protection rule to modify. The details include the following:'."\n"
."\n"
.'- **id**: The ID of the rule. This parameter is required. Data type: Long.'."\n"
."\n"
.'- Configuration of the protection rule: The parameters are the same as the **Rules** parameter of the [CreateDefenseRule](~~461421~~) operation. For more information, see the description of the protection rule parameters in [CreateDefenseRule](~~461421~~).', 'type' => 'string', 'required' => true, 'example' => '['."\n"
.' {'."\n"
.' "id": 2344,'."\n"
.' "policyId": 1012,'."\n"
.' "action": "block"'."\n"
.' }'."\n"
.']', 'title' => ''],
],
[
'name' => 'DefenseType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): a template protection rule.'."\n"
."\n"
.'- **resource**: a rule for a specific protected object.'."\n"
."\n"
.'- **global**: a global rule.',
'type' => 'string',
'default' => 'template',
'enum' => ['global', 'resource', 'template'],
'required' => false,
'example' => 'template',
'title' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object for which you want to modify the rule.'."\n"
."\n"
.'> This parameter is required only when **DefenseType** is set to **resource**.', 'type' => 'string', 'required' => false, 'example' => 'rencs***-waf', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The returned data.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '1EEA9C98-F166-54FE-ADE3-08D8****BDFA', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', 'errorMessage' => 'The whitelist protection rule does not exist.', 'description' => 'The whitelist protection rule does not exist. Rule ID:%s.'],
['errorCode' => 'Defense.Control.DefenseWhitelistConfigInvalid', 'errorMessage' => 'The whitelist rule is misconfigured.', 'description' => 'Error configuring whitelist rule: %s.'],
['errorCode' => 'Defense.Control.DefenseBookTypeInvalid', 'errorMessage' => 'The address book type is illegal.', 'description' => 'The address book type is illegal.'],
['errorCode' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', 'errorMessage' => 'Threat Intelligence Rule configuration error.', 'description' => 'Threat Intelligence Rule configuration error. %s'],
['errorCode' => 'Defense.Control.DefenseIpCountOversize', 'errorMessage' => 'The number of IPs exceeds the limit.', 'description' => 'The number of IPs exceeds the limit.'],
],
],
'title' => 'ModifyDefenseRule',
'summary' => 'Modifies the configuration of a protection rule.',
'changeSet' => [
['createdAt' => '2024-10-18T13:59:15.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-05-17T07:33:46.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRule'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1EEA9C98-F166-54FE-ADE3-08D8****BDFA\\"\\n}","type":"json"}]',
],
'ModifyDefenseRuleCache' => [
'summary' => 'Updates the cache for a web tamper-proofing rule.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '137716',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zvp****xm2r', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '123', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection rule.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '12345678', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'A0F2B994-8645-5270-A05D-9DAD8C35****', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyDefenseRuleCache',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleCache'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseRuleCache',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"A0F2B994-8645-5270-A05D-9DAD8C35****\\"\\n}","type":"json"}]',
],
'ModifyDefenseRuleStatus' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106381',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '7239', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection rule to modify.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20002615', 'title' => ''],
],
[
'name' => 'RuleStatus',
'in' => 'query',
'schema' => ['description' => 'The new status of the protection rule. Valid values:'."\n"
."\n"
.'- **0**: disabled'."\n"
."\n"
.'- **1**: enabled', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'DefenseType',
'in' => 'query',
'schema' => [
'description' => 'The type of the protection rule. Valid values:'."\n"
."\n"
.'- **template** (default): a template protection rule.'."\n"
."\n"
.'- **resource**: a rule that is configured for a protected object.',
'enumValueTitles' => ['template' => 'template', 'resource' => 'resource'],
'type' => 'string',
'default' => 'template',
'enum' => ['template', 'resource', 'global'],
'required' => false,
'example' => 'template',
'title' => '',
],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'BB305BF3-3C71-57A9-9704-E22F567689B0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyDefenseRuleStatus',
'summary' => 'Enables or disables a protection rule.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleStatus'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseRuleStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"BB305BF3-3C71-57A9-9704-E22F567689B0\\"\\n}","type":"json"}]',
],
'ModifyDefenseSceneConfig' => [
'summary' => 'Modifies the mitigation settings for a protection scenario.',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '255326',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'example' => 'cn-hangzhou', 'default' => 'cn-hangzhou', 'title' => '', 'required' => false],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'example' => 'rg-acfm***q', 'title' => '', 'required' => false],
],
[
'name' => 'DefenseScene',
'in' => 'query',
'schema' => ['description' => 'The protection scenario for which you want to modify the mitigation settings. Valid values:'."\n"
."\n"
.'- **apisec**: API security.', 'type' => 'string', 'required' => true, 'example' => 'apisec', 'title' => ''],
],
[
'name' => 'ConfigKey',
'in' => 'query',
'schema' => ['description' => 'The name of the configuration item to modify.'."\n"
."\n"
.'If **DefenseScene** is set to **apisec**, the valid value is:'."\n"
."\n"
.'- **autoEnabled**: indicates whether core API security detection is automatically enabled for new resources.', 'type' => 'string', 'required' => true, 'example' => 'autoEnableStatus', 'title' => ''],
],
[
'name' => 'ConfigValue',
'in' => 'query',
'schema' => ['description' => 'The value to set for the configuration item.'."\n"
."\n"
.'> The value of this parameter depends on the value of **ConfigKey**. For more information, see **Description of mitigation setting parameters**.', 'type' => 'string', 'required' => true, 'example' => 'true', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
],
'description' => 'The response parameters.',
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyDefenseSceneConfig',
'requestParamsDescription' => '## Mitigation setting parameters'."\n"
."\n"
.'### API security (**apisec**)'."\n"
."\n"
.'If **DefenseScene** is set to **apisec**, you can modify the configuration for API security.'."\n"
."\n"
.'If **ConfigKey** is set to **autoEnabled**, set **ConfigValue** to "**true**" or "**false**".'."\n"
."\n"
.'```json'."\n"
.'{'."\n"
.' "InstanceId": "waf_cn****",'."\n"
.' "DefenseScene": "apisec",'."\n"
.' "ConfigKey": "autoEnabled",'."\n"
.' "ConfigValue": "true"'."\n"
.'}'."\n"
.'```',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseSceneConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]',
],
'ModifyDefenseTemplate' => [
'summary' => 'Modifies a defense template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '112175',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateName',
'in' => 'query',
'schema' => ['description' => 'The name of the protection template. The name must be 1 to 255 characters long and can contain Chinese characters, letters, digits, underscores (\\_), periods (.), and hyphens (-).'."\n"
."\n"
.'> Template names must be unique for the same protection scenario (**DefenseScene**).', 'type' => 'string', 'required' => true, 'example' => 'test', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template to modify.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '7392', 'title' => ''],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the protection template.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '1A68C85D-7467-5BB1-9A7E-2E8A5D96D88A', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyDefenseTemplate',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplate'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"1A68C85D-7467-5BB1-9A7E-2E8A5D96D88A\\"\\n}","type":"json"}]',
],
'ModifyDefenseTemplateStatus' => [
'summary' => 'Changes the status of a protection rule template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106371',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2249', 'title' => ''],
],
[
'name' => 'TemplateStatus',
'in' => 'query',
'schema' => ['description' => 'The new status of the protection rule template. Valid values:'."\n"
."\n"
.'- **0**: Disabled.'."\n"
."\n"
.'- **1**: Enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region ID of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '58007AE3-65D9-57BA-ABB4-1A544015FB50', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyDefenseTemplateStatus',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplateStatus'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseTemplateStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"58007AE3-65D9-57BA-ABB4-1A544015FB50\\"\\n}","type":"json"}]',
],
'ModifyDomain' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '114036',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name whose configurations you want to modify.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
],
[
'name' => 'DomainId',
'in' => 'query',
'schema' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com-waf', 'title' => ''],
],
[
'name' => 'Listen',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The listening settings.',
'type' => 'object',
'properties' => [
'HttpsPorts' => [
'description' => 'The HTTPS listening ports. The format is \\[**port1,port2,...**].',
'type' => 'array',
'items' => ['description' => 'An HTTPS listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '443', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'HttpPorts' => [
'description' => 'The HTTP listening ports. The format is \\[**port1,port2,...**].',
'type' => 'array',
'items' => ['description' => 'An HTTP listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'Http2Enabled' => ['description' => 'Indicates whether HTTP/2 is enabled. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled.'."\n"
."\n"
.'- **false** (default): HTTP/2 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'CertId' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => false, 'example' => '123', 'title' => ''],
'SM2Enabled' => ['description' => 'Indicates whether SM certificates are enabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'SM2CertId' => ['description' => 'The ID of the SM certificate. This parameter is required only when SM2Enabled is set to true.', 'type' => 'string', 'required' => false, 'example' => '123-cn-hangzhou', 'title' => ''],
'SM2AccessOnly' => ['description' => 'Indicates whether access is allowed only from SM clients. This parameter is available only when SM2Enabled is set to true. Valid values:'."\n"
."\n"
.'- true: Only SM clients can access the website.'."\n"
."\n"
.'- false: Both SM and non-SM clients can access the website.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'TLSVersion' => ['description' => 'The TLS version. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**', 'type' => 'string', 'required' => false, 'example' => 'tlsv1', 'title' => ''],
'EnableTLSv3' => ['description' => 'Indicates whether TLS 1.3 is supported. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is supported.'."\n"
."\n"
.'- **false**: TLS 1.3 is not supported.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'CipherSuite' => ['description' => 'The type of the cipher suite. This parameter is available only when **HttpsPorts** is not empty, which indicates that the domain uses HTTPS. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites. You can select this value only when you set **TLSVersion** to **tlsv1.2**.'."\n"
."\n"
.'- **99**: custom cipher suites.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '2', 'title' => ''],
'CustomCiphers' => [
'description' => 'The custom cipher suites. This parameter is available only when you set **CipherSuite** to **99**.',
'type' => 'array',
'items' => ['description' => 'A custom cipher suite.', 'type' => 'string', 'required' => false, 'example' => '["xxx","ffas"]', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'FocusHttps' => ['description' => 'Indicates whether forced HTTPS redirection is enabled. This parameter is available only when the domain uses HTTPS but not HTTP. Valid values:'."\n"
."\n"
.'- **true**: Forced HTTPS redirection is enabled.'."\n"
."\n"
.'- **false**: Forced HTTPS redirection is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'XffHeaderMode' => [
'description' => 'The method that WAF uses to obtain the real IP address of a client. Valid values:'."\n"
."\n"
.'- **0** (default): WAF obtains the client IP address from the TCP connection. This option is suitable if no Layer 7 proxies are deployed in front of WAF.'."\n"
."\n"
.'- **1**: WAF obtains the client IP address from the first value of the X-Forwarded-For (XFF) header.'."\n"
."\n"
.'- **2**: WAF obtains the client IP address from a custom header field.',
'enumValueTitles' => [],
'type' => 'integer',
'format' => 'int32',
'enum' => ['0', '1', '2', '3'],
'required' => false,
'example' => '2',
'title' => '',
],
'XffHeaders' => [
'description' => 'The custom header fields that are used to obtain the client IP address. The format is \\[**"header1","header2",...**].'."\n"
."\n"
.'> This parameter is required only when you set **XffHeaderMode** to 2.',
'type' => 'array',
'items' => ['description' => 'A custom header field from which to retrieve the client IP.', 'type' => 'string', 'required' => false, 'example' => 'Client-ip', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'IPv6Enabled' => ['description' => 'Indicates whether IPv6 is enabled. Valid values:'."\n"
."\n"
.'- **true**: IPv6 is enabled.'."\n"
."\n"
.'- **false** (default): IPv6 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'ProtectionResource' => ['description' => 'The type of the protection resource. Valid values:'."\n"
."\n"
.'- **share** (default): a shared cluster.'."\n"
."\n"
.'- **gslb**: a shared cluster with global server load balancing.', 'type' => 'string', 'required' => false, 'default' => 'share', 'example' => 'share', 'title' => ''],
'ExclusiveIp' => ['description' => 'Indicates whether an exclusive IP address is enabled. This parameter is available only when you set **IPv6Enabled** to false and **ProtectionResource** to **share**. Valid values:'."\n"
."\n"
.'- **true**: An exclusive IP address is enabled.'."\n"
."\n"
.'- **false** (default): An exclusive IP address is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'HstsIncludeSubDomain' => ['description' => 'Indicates whether subdomains are included in the HTTP Strict Transport Security (HSTS) policy. Valid values:'."\n"
."\n"
.'- **true**: Subdomains are included.'."\n"
."\n"
.'- **false**: Subdomains are not included.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''],
'HstsPreload' => ['description' => 'Indicates whether HSTS preload is enabled. Default value: false. Valid values:'."\n"
."\n"
.'- true: HSTS preload is enabled.'."\n"
."\n"
.'- false: HSTS preload is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''],
'HstsMaxAge' => ['description' => 'The time-to-live (TTL) of the HSTS policy. Unit: seconds.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '365000', 'title' => ''],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'Redirect',
'in' => 'query',
'style' => 'json',
'schema' => [
'description' => 'The forwarding settings.',
'type' => 'object',
'properties' => [
'Backends' => [
'description' => 'The IP addresses or domain names of the origin server. You can specify only one type of address. If you specify a domain name, only IPv4 is supported. IPv6 is not supported.'."\n"
."\n"
.'- IP addresses: The format is \\[**"ip1","ip2",...**]. You can specify up to 20 IP addresses.'."\n"
."\n"
.'- Domain names: The format is \\[**"domain"**]. You can specify up to 20 domain names.',
'type' => 'array',
'items' => ['description' => 'An IP address or domain name of the origin server.', 'type' => 'string', 'required' => false, 'example' => '1.1.XX.XX', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'Loadbalance' => ['description' => 'The load balancing algorithm for back-to-origin requests. Valid values:'."\n"
."\n"
.'- **iphash**: the IP hash algorithm.'."\n"
."\n"
.'- **roundRobin**: the round-robin algorithm.'."\n"
."\n"
.'- **leastTime**: the least time algorithm. This value is available only when you set **ProtectionResource** to **gslb**.', 'type' => 'string', 'required' => true, 'default' => 'iphash', 'example' => 'iphash', 'title' => ''],
'FocusHttpBackend' => ['description' => 'Indicates whether forced HTTP back-to-origin is enabled. This parameter is available only when you specify **HttpsPorts**. Valid values:'."\n"
."\n"
.'- **true**: Forced HTTP back-to-origin is enabled.'."\n"
."\n"
.'- **false**: Forced HTTP back-to-origin is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'SniEnabled' => ['description' => 'Indicates whether back-to-origin Server Name Indication (SNI) is enabled. This parameter is available only when you specify **HttpsPorts**. Valid values:'."\n"
."\n"
.'- **true**: Back-to-origin SNI is enabled.'."\n"
."\n"
.'- **false** (default): Back-to-origin SNI is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'SniHost' => ['description' => 'The value of the custom SNI field. If you do not set this parameter, the value of the **Host** field from the request header is used by default. You typically do not need to set this parameter unless your business requires a custom SNI value for back-to-origin requests.'."\n"
."\n"
.'> This parameter is available only when you set **SniEnabled** to true.', 'type' => 'string', 'required' => false, 'example' => 'www.aliyundoc.com', 'title' => ''],
'RequestHeaders' => [
'description' => 'The custom header fields and their values for traffic marking.'."\n"
."\n"
.'WAF adds these fields and values to the request headers when traffic passes through WAF. This helps backend services identify and collect statistics on WAF-processed traffic.',
'type' => 'array',
'items' => [
'description' => 'The format is \\[**{"k":"*key*","v":"*value*"}**]. ***key*** specifies the custom header field, and ***value*** specifies the value of the field.'."\n"
."\n"
.'> If the custom header field already exists in the request, WAF overwrites its value with the specified value.',
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The custom request header field.', 'type' => 'string', 'required' => false, 'example' => 'aaa', 'title' => ''],
'Value' => ['description' => 'The value of the custom header field.', 'type' => 'string', 'required' => false, 'example' => 'bbb', 'title' => ''],
],
'required' => false,
'title' => '',
'example' => '',
],
'required' => false,
'title' => '',
'example' => '',
],
'ConnectTimeout' => ['description' => 'The connection timeout period. Unit: seconds. Valid values: 1 to 3600. Default value: 5.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '1', 'default' => '5', 'required' => false, 'example' => '120', 'title' => ''],
'ReadTimeout' => ['description' => 'The read timeout period. Unit: seconds. Valid values: 1 to 3600. Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''],
'WriteTimeout' => ['description' => 'The write timeout period. Unit: seconds. Valid values: 1 to 3600. Default value: 120.', 'type' => 'integer', 'format' => 'int32', 'default' => '120', 'required' => false, 'maximum' => '7200', 'minimum' => '1', 'example' => '200', 'title' => ''],
'CnameEnabled' => ['description' => 'Indicates whether public cloud disaster recovery is enabled. Valid values:'."\n"
."\n"
.'- **true**: Public cloud disaster recovery is enabled.'."\n"
."\n"
.'- **false** (default): Public cloud disaster recovery is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'RoutingRules' => ['description' => 'The forwarding rules for a hybrid cloud deployment. This parameter is a string that contains a JSON array. Each element in the array is a struct that contains the following fields:'."\n"
."\n"
.'- **rs**: an array of strings. The back-to-origin IP addresses or CNAMEs.'."\n"
."\n"
.'- **backupRs**: an array of strings. The backup back-to-origin IP addresses or CNAMEs. This field is required. If you do not want to specify backup addresses, set it to \\[].'."\n"
."\n"
.'- **location**: a string. The name of the protection node.'."\n"
."\n"
.'- **locationId**: a long integer. The ID of the protection node.', 'type' => 'string', 'required' => false, 'example' => '['."\n"
.' {'."\n"
.' "rs":'."\n"
.' ['."\n"
.' "1.1.XX.XX"'."\n"
.' ],'."\n"
.' "backupRs":'."\n"
.' ['."\n"
.' "2.2.XX.XX"'."\n"
.' ],'."\n"
.' "locationId": 535,'."\n"
.' "location": "test1111"'."\n"
.' }'."\n"
.']', 'title' => ''],
'Keepalive' => ['description' => 'Indicates whether persistent connections are enabled. Valid values:'."\n"
."\n"
.'- **true** (default): Persistent connections are enabled.'."\n"
."\n"
.'- **false**: Persistent connections are disabled.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
'Retry' => ['description' => 'Indicates whether forwarding requests to the origin server are retried when the requests fail. Valid values:'."\n"
."\n"
.'- **true** (default): Requests are retried.'."\n"
."\n"
.'- **false**: Requests are not retried.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
'KeepaliveRequests' => ['description' => 'The number of requests that can be reused in a persistent connection. Valid values: 60 to 1000. Default value: 1000.'."\n"
."\n"
.'> This parameter is available only when you enable persistent connections.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '60', 'default' => '1000', 'required' => false, 'example' => '1000', 'title' => ''],
'KeepaliveTimeout' => ['description' => 'The idle timeout for a persistent connection. Unit: seconds. Valid values: 1 to 60. Default value: 15.'."\n"
."\n"
.'> This parameter specifies the amount of time that an idle persistent connection can remain open.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '3600', 'minimum' => '10', 'default' => '15', 'required' => false, 'example' => '15', 'title' => ''],
'XffProto' => ['description' => 'Indicates whether the X-Forwarded-Proto header is used to pass the protocol used by WAF to the origin server. Valid values:'."\n"
."\n"
.'- **true** (default): The WAF protocol is passed.'."\n"
."\n"
.'- **false**: The WAF protocol is not passed.', 'type' => 'boolean', 'default' => 'true', 'required' => false, 'example' => 'true', 'title' => ''],
'BackupBackends' => [
'description' => 'The IP addresses or domain names of the backup origin server.',
'type' => 'array',
'items' => ['description' => 'The IP addresses or domain names of the backup origin server. You can specify only one type of address. If you specify a domain name, only IPv4 is supported. IPv6 is not supported.'."\n"
."\n"
.'- IP addresses: The format is \\[**"ip1","ip2",...**]. You can specify up to 20 IP addresses.'."\n"
."\n"
.'- Domain names: The format is \\[**"domain"**]. You can specify up to 20 domain names.', 'type' => 'string', 'required' => false, 'example' => '['."\n"
.' "1.1.XX.XX",'."\n"
.' "2.2.XX.XX"'."\n"
.']', 'title' => ''],
'required' => false,
'title' => '',
'example' => '',
],
'XClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-Client-IP header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'XTrueIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the X-True-IP header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'WebServerType' => ['description' => 'Indicates whether WAF is allowed to overwrite the Web-Server-Type header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'WLProxyClientIp' => ['description' => 'Indicates whether WAF is allowed to overwrite the WL-Proxy-Client-IP header. Valid values:'."\n"
."\n"
.'- **true** (default): WAF is allowed to overwrite the header.'."\n"
."\n"
.'- **false**: WAF is not allowed to overwrite the header.', 'type' => 'boolean', 'required' => false, 'example' => 'true', 'title' => ''],
'MaxBodySize' => ['description' => 'The maximum size of a request body. Unit: GB. Valid values: 2 to 10. Default value: 2.'."\n"
."\n"
.'> This parameter is supported only by the WAF Ultimate edition.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '10', 'minimum' => '2', 'example' => '2', 'title' => '', 'required' => false],
'Http2Origin' => ['description' => 'Indicates whether HTTP/2 is enabled for back-to-origin requests. Valid values:'."\n"
."\n"
.'- **true**: HTTP/2 is enabled for back-to-origin requests.'."\n"
."\n"
.'- **false**: HTTP/2 is disabled for back-to-origin requests.', 'type' => 'boolean', 'title' => '', 'required' => false, 'example' => 'true'],
'Http2OriginMaxConcurrency' => ['description' => 'The maximum number of concurrent HTTP/2 back-to-origin requests. Valid values: 1 to 512. Default value: 2.', 'type' => 'integer', 'format' => 'int32', 'maximum' => '512', 'minimum' => '1', 'example' => '128', 'title' => '', 'required' => false],
'ProxyProtocol' => ['description' => 'Indicates whether the Proxy Protocol is enabled to preserve client IP addresses.'."\n"
."\n"
.'- **true**: The Proxy Protocol is enabled. If you select this option, you can view the client IP address on the origin server.'."\n"
."\n"
.'- **false**: The Proxy Protocol is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''],
'BackendPorts' => [
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'ListenPort' => ['description' => 'The WAF listening port.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''],
'BackendPort' => ['description' => 'The port of the origin server.', 'type' => 'integer', 'format' => 'int32', 'required' => false, 'example' => '80', 'title' => ''],
'Protocol' => ['description' => 'The protocol of the listening port. Valid values:'."\n"
."\n"
.'- **http**: HTTP.'."\n"
."\n"
.'- **https**: HTTPS.', 'type' => 'string', 'required' => false, 'example' => 'http', 'title' => ''],
],
'description' => 'A custom port mapping for back-to-origin.',
'required' => false,
'title' => '',
'example' => '',
],
'description' => 'The custom port mappings for back-to-origin.',
'required' => false,
'title' => '',
'example' => '',
],
],
'required' => true,
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'AccessType',
'in' => 'query',
'schema' => ['description' => 'The access mode of the WAF instance. Valid values:'."\n"
."\n"
.'- **share** (default): onboarding by using a CNAME record.'."\n"
."\n"
.'- **hybrid\\_cloud\\_cname**: onboarding by using a hybrid cloud CNAME record.', 'type' => 'string', 'default' => 'share', 'required' => false, 'example' => 'share', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response structure.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D****', 'title' => ''],
'DomainInfo' => [
'description' => 'The information about the modified domain name.',
'type' => 'object',
'properties' => [
'Cname' => ['description' => 'The CNAME that is assigned by WAF to the domain name.', 'type' => 'string', 'example' => 'xxxxxcvdaf.****.com', 'title' => ''],
'Domain' => ['description' => 'The domain name whose configurations are modified.', 'type' => 'string', 'example' => 'www.aliyundoc.com', 'title' => ''],
'DomainId' => ['description' => 'The ID of the domain name.', 'type' => 'string', 'example' => 'www.aliyundoc.com-waf', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.BusinessViolation', 'errorMessage' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'description' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'],
['errorCode' => 'Waf.Control.DomainAndDomainIdBothEmpty', 'errorMessage' => 'domain and domainId cannot be empty at the same time.', 'description' => 'The domain name and domain name ID cannot be empty at the same time.'."\n"],
['errorCode' => 'Waf.Control.DomainAndDomainIdNotMatch', 'errorMessage' => 'domain and domainId do not match.', 'description' => 'The input parameters Domain and DomainId do not match'."\n"],
['errorCode' => 'Waf.Control.DomainIdIsIllegal', 'errorMessage' => 'The input parameter, the domainId is illegal.', 'description' => 'Illegal entry DomainId'],
['errorCode' => 'Waf.Pullin.BackupBackendConflict', 'errorMessage' => 'The backup backend configuration conflicts.', 'description' => 'The backup link back-to-source configuration conflicts.'],
['errorCode' => 'Waf.Pullin.BackendPortIncompatible', 'errorMessage' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.', 'description' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.'],
['errorCode' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', 'errorMessage' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', 'description' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.'],
['errorCode' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', 'errorMessage' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', 'description' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.'],
['errorCode' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'errorMessage' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'],
['errorCode' => 'Waf.Pullin.InvalidMaxAgeWithPreload', 'errorMessage' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000.', 'description' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000'],
['errorCode' => 'Waf.Pullin.InvalidIncludeSubDomainWithPreload', 'errorMessage' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'],
['errorCode' => 'Waf.Pullin.InvalidCustomCiphers', 'errorMessage' => 'Invalid custom cipher suite.', 'description' => 'Invalid custom cipher suite.'],
['errorCode' => 'Waf.Pullin.InvalidHttp2OriginWithProxyProtocol', 'errorMessage' => 'http2Origin and proxyProtocol cannot be opened at the same time.', 'description' => 'http2Origin and proxyProtocol cannot be opened at the same time.'],
],
],
'title' => 'ModifyDomain',
'summary' => 'Updates a CNAME-based domain name onboarded to Web Application Firewall (WAF).',
'changeSet' => [
['createdAt' => '2024-11-28T15:04:53.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-01-30T12:16:58.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-04-27T06:05:43.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-04-18T02:11:03.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2023-01-10T12:29:44.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2023-01-05T12:39:23.000Z', 'description' => 'Request parameters changed, Response parameters changed'],
['createdAt' => '2022-11-28T08:16:57.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2022-11-25T01:57:31.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomain'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDomain',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D****\\",\\n \\"DomainInfo\\": {\\n \\"Cname\\": \\"xxxxxcvdaf.****.com\\",\\n \\"Domain\\": \\"www.aliyundoc.com\\",\\n \\"DomainId\\": \\"www.aliyundoc.com-waf\\"\\n }\\n}","type":"json"}]',
],
'ModifyDomainCert' => [
'path' => '',
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'none',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-ww**b06', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name that is added to WAF in CNAME record mode.', 'type' => 'string', 'required' => true, 'example' => 'www.example.com', 'title' => ''],
],
[
'name' => 'CertId',
'in' => 'query',
'schema' => ['description' => 'The ID of the certificate.', 'type' => 'string', 'required' => true, 'example' => '123-cn-hangzhou', 'title' => ''],
],
[
'name' => 'TLSVersion',
'in' => 'query',
'schema' => [
'description' => 'The Transport Layer Security (TLS) version. Valid values:'."\n"
."\n"
.'- **tlsv1**'."\n"
."\n"
.'- **tlsv1.1**'."\n"
."\n"
.'- **tlsv1.2**',
'type' => 'string',
'enum' => ['tlsv1', 'tlsv1.1', 'tlsv1.2', 'tlsv1.3'],
'required' => false,
'example' => 'tlsv1',
'title' => '',
],
],
[
'name' => 'CipherSuite',
'in' => 'query',
'schema' => [
'description' => 'The type of the cipher suite. Valid values:'."\n"
."\n"
.'- **1**: all cipher suites.'."\n"
."\n"
.'- **2**: strong cipher suites.'."\n"
."\n"
.'- **99**: custom cipher suites.',
'type' => 'string',
'enum' => ['1', '2', '99'],
'required' => false,
'example' => '1',
'title' => '',
],
],
[
'name' => 'CustomCiphers',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'type' => 'array',
'items' => [
'description' => 'A custom cipher suite.',
'type' => 'string',
'enum' => ['ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES128-SHA256', 'ECDHE-ECDSA-AES256-SHA384', 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-RSA-AES128-SHA256', 'ECDHE-RSA-AES256-SHA384', 'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'AES128-SHA256', 'AES256-SHA256', 'ECDHE-ECDSA-AES128-SHA', 'ECDHE-ECDSA-AES256-SHA', 'ECDHE-RSA-AES128-SHA', 'ECDHE-RSA-AES256-SHA', 'AES128-SHA', 'AES256-SHA', 'DES-CBC3-SHA'],
'required' => false,
'example' => 'ECDHE-ECDSA-AES256-SHA384',
'title' => '',
],
'maxItems' => 100,
'description' => 'The custom cipher suites. This parameter is available only when you set **CipherSuite** to **99**.',
'required' => false,
'title' => '',
'example' => '',
],
],
[
'name' => 'EnableTLSv3',
'in' => 'query',
'schema' => ['description' => 'Indicates whether to enable TLS 1.3. Valid values:'."\n"
."\n"
.'- **true**: TLS 1.3 is enabled.'."\n"
."\n"
.'- **false**: TLS 1.3 is disabled.', 'type' => 'boolean', 'required' => false, 'example' => 'false', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'title' => '', 'example' => '03E3B4DD-2BE7-5D9D-80E8-***'],
],
'title' => '',
'description' => 'The response parameters.',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.MustListenHTTPS', 'errorMessage' => 'The domain name must listen to the HTTPS protocol. Domain:%s.', 'description' => 'The domain name must listen to the HTTPS protocol. Domain name:%s.'],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'ModifyDomainCert',
'summary' => 'Modifies the certificate that is associated with a domain name added to a Web Application Firewall (WAF) instance in CNAME record mode.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:ModifyDomainCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"03E3B4DD-2BE7-5D9D-80E8-***\\"\\n}","type":"json"}]',
],
'ModifyDomainPunishStatus' => [
'summary' => 'Re-connects a domain name that is in the ICP filing violation penalty status.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124497',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-zxu****0g02', 'title' => ''],
],
[
'name' => 'Domain',
'in' => 'query',
'schema' => ['description' => 'The domain name that is in the ICP filing violation penalty status.', 'type' => 'string', 'required' => true, 'example' => 'demo.xxxxaliyundoc.com', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '70E65A35-22B8-567C-B0A0-A2E9****20AE', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'errorMessage' => 'The domain does not have an ICP filling or has been blacklisted.', 'description' => 'The domain name is not filed or is on the blacklist.'],
],
],
'title' => 'Re-connect a domain name in ICP filing violation penalty status',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomainPunishStatus'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDomainPunishStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"70E65A35-22B8-567C-B0A0-A2E9****20AE\\"\\n}","type":"json"}]',
],
'ModifyHybridCloudCluster' => [
'summary' => 'Updates hybrid cloud cluster settings, such as the cluster name, ports, and access mode.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124727',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'Id',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''],
],
[
'name' => 'ClusterName',
'in' => 'query',
'schema' => ['description' => 'The name of the hybrid cloud cluster.', 'type' => 'string', 'required' => true, 'example' => 'waf-example-***', 'title' => ''],
],
[
'name' => 'HttpPorts',
'in' => 'query',
'schema' => ['description' => 'The list of HTTP ports supported by the hybrid cloud cluster. Separate multiple ports with commas (,). Format: **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '80,8080', 'title' => ''],
],
[
'name' => 'HttpsPorts',
'in' => 'query',
'schema' => ['description' => 'The list of HTTPS ports supported by the hybrid cloud cluster. Separate multiple ports with commas (,). Format: **port1,port2,port3**.', 'type' => 'string', 'required' => true, 'example' => '443,8443', 'title' => ''],
],
[
'name' => 'AccessMode',
'in' => 'query',
'schema' => ['description' => 'The network access mode of the hybrid cloud cluster. Valid values:'."\n"
."\n"
.'- **internet**: access over the Internet.'."\n"
."\n"
.'- **vpc**: access over a leased line through a virtual private cloud (VPC).', 'type' => 'string', 'required' => true, 'example' => 'internet', 'title' => ''],
],
[
'name' => 'AccessRegion',
'in' => 'query',
'schema' => ['description' => 'The region in which the leased line resides. This parameter is required when AccessMode is set to vpc. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Hangzhou.'."\n"
."\n"
.'- **cn-beijing**: Beijing.'."\n"
."\n"
.'- **cn-shanghai**: Shanghai.', 'type' => 'string', 'required' => false, 'example' => 'cn-beijing', 'title' => ''],
],
[
'name' => 'LogFieldsNotReturned',
'in' => 'query',
'schema' => ['description' => 'The log fields that are excluded from the response.', 'type' => 'string', 'required' => false, 'example' => 'log_example', 'title' => ''],
],
[
'name' => 'ProtectionServerCount',
'in' => 'query',
'schema' => ['description' => 'The maximum number of protection nodes that can be added to the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'Remark',
'in' => 'query',
'schema' => ['description' => 'The remarks of the hybrid cloud cluster.', 'type' => 'string', 'required' => false, 'example' => 'remarkExample', 'title' => ''],
],
[
'name' => 'ProxyType',
'in' => 'query',
'schema' => ['description' => 'The type of the hybrid cloud cluster. Valid values:'."\n"
."\n"
.'- **cname**: a reverse proxy cluster.'."\n"
."\n"
.'- **service**: a service cluster.', 'type' => 'string', 'default' => 'cname', 'required' => false, 'example' => 'service', 'title' => ''],
],
[
'name' => 'RuleStatus',
'in' => 'query',
'schema' => ['description' => 'Indicates whether the rule is enabled. Valid values:'."\n"
."\n"
.'- **on**: The rule is enabled.'."\n"
."\n"
.'- **off**: The rule is disabled.', 'type' => 'string', 'required' => false, 'example' => 'off', 'title' => ''],
],
[
'name' => 'RuleConfig',
'in' => 'query',
'schema' => ['description' => 'The rule configuration in JSON format. This includes settings such as the circuit breaker, request body length limit, and timeout.', 'type' => 'string', 'required' => false, 'example' => '{'."\n"
.' "enable": true,'."\n"
.' "param": {'."\n"
.' "breaker": {'."\n"
.' "duration": 1,'."\n"
.' "failed": 1,'."\n"
.' "recent_failed": 1'."\n"
.' },'."\n"
.' "disable_protect": false,'."\n"
.' "max_request_body_len": 1,'."\n"
.' "timeout": 1'."\n"
.' }'."\n"
.'}', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => 'The rule type. Valid values:'."\n"
."\n"
.'- **bypass**: WAF bypasses security checks.', 'type' => 'string', 'required' => false, 'example' => 'bypass', 'title' => ''],
],
[
'name' => 'ProxyStatus',
'in' => 'query',
'schema' => ['description' => 'Indicates whether the proxy gateway is enabled. Valid values:'."\n"
."\n"
.'- **on**: The proxy gateway is enabled.'."\n"
."\n"
.'- **off**: The proxy gateway is disabled.', 'type' => 'string', 'default' => 'off', 'required' => false, 'example' => 'off', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group to which the WAF instance belongs.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '2EFCFE18-78F8-5079-B312-07***48B', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"2EFCFE18-78F8-5079-B312-07***48B\\"\\n}","type":"json"}]',
'title' => 'ModifyHybridCloudCluster',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudCluster',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'ModifyHybridCloudClusterBypassStatus' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '174009',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstanceInfo](~~140857~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldbqt****', 'title' => ''],
],
[
'name' => 'ClusterResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'string', 'required' => true, 'example' => 'hdbc_cluster_****', 'title' => ''],
],
[
'name' => 'RuleStatus',
'in' => 'query',
'schema' => ['description' => 'The status of the manual bypass. Valid values:'."\n"
."\n"
.'- **on**: The manual bypass is enabled.'."\n"
."\n"
.'- **off** (default): The manual bypass is disabled.', 'type' => 'string', 'required' => true, 'example' => 'on', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyHybridCloudClusterBypassStatus',
'summary' => 'Modifies the manual bypass status for a hybrid cloud cluster that is integrated with an SDK.',
'changeSet' => [
['createdAt' => '2024-12-30T10:12:02.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudClusterBypassStatus'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudClusterBypassStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]',
],
'ModifyHybridCloudClusterRule' => [
'methods' => ['get', 'post'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '137983',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'Instance ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstanceInfo](~~140857~~) to query instance ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-n6w***x52m', 'title' => ''],
],
[
'name' => 'ClusterRuleResourceId',
'in' => 'query',
'schema' => ['description' => 'The resource ID of the cluster rule.', 'type' => 'string', 'required' => false, 'example' => 'hdbc-clusterrule-*******ym0w', 'title' => ''],
],
[
'name' => 'RuleConfig',
'in' => 'query',
'schema' => ['description' => 'The traffic redirection rule configuration.'."\n"
."\n"
.'The mode cannot be modified.'."\n"
.'- **check_mode**: The mode. Valid values:'."\n"
.' - **all**: full traffic redirection.'."\n"
.' - **part**: partial traffic redirection.'."\n"
.'- **type**: The rule matching type. Valid values:'."\n"
.' - **exact**: exact match.'."\n"
.' - **regex**: regular expression.'."\n"
.'- **substance**: The rule value.', 'type' => 'string', 'default' => '""', 'required' => false, 'example' => '{\\"check_mode\\": \\"all\\", \\"type\\": \\"exact\\", \\"substance\\": \\"122\\"}', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => '[Deprecated] The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => false, 'example' => '10*', 'title' => ''],
],
[
'name' => 'RuleType',
'in' => 'query',
'schema' => ['description' => '[Deprecated] The rule type. Valid values:'."\n"
.'- **pullin**: traffic redirection configuration.', 'type' => 'string', 'required' => false, 'example' => 'pullin', 'title' => ''],
],
[
'name' => 'RuleStatus',
'in' => 'query',
'schema' => ['description' => 'The rule status. Valid values:'."\n"
.'- **on**: enabled.'."\n"
.'- **off**: disabled.', 'type' => 'string', 'required' => false, 'example' => 'on', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'title' => '',
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'The request ID.', 'type' => 'string', 'example' => '03D73D88-57D8-5BA2-96A4-6357CE***19'],
],
'example' => '',
],
],
],
'title' => 'Modify hybrid cloud cluster rule information',
'summary' => 'Modifies the rule information of a hybrid cloud cluster.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"03D73D88-57D8-5BA2-96A4-6357CE***19\\"\\n}","type":"json"}]',
],
'ModifyHybridCloudGroup' => [
'summary' => 'Modifies the information of a cluster group.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '136071',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'GroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud group.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'GroupName',
'in' => 'query',
'schema' => ['description' => 'The name of the hybrid cloud group.', 'type' => 'string', 'required' => true, 'example' => 'test-group', 'title' => ''],
],
[
'name' => 'Remark',
'in' => 'query',
'schema' => ['description' => 'The remarks.', 'type' => 'string', 'required' => false, 'example' => 'test', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D***0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D***0\\"\\n}","type":"json"}]',
'title' => 'ModifyHybridCloudGroup',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroup'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'ModifyHybridCloudGroupExpansionServer' => [
'summary' => 'Adds a node to a node group in a hybrid cloud cluster of a Web Application Firewall (WAF) instance.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '136075',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'GroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the node group in the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'Mids',
'in' => 'query',
'schema' => ['description' => 'The ID of the node that you want to add to the node group.', 'type' => 'string', 'required' => true, 'example' => '612929b133e7ff**0d0', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Resource Manager resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '7BD7F9A1-0E72-5BC1-8248-C629B4***B6', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyHybridCloudGroupExpansionServer',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudGroupExpansionServer',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7BD7F9A1-0E72-5BC1-8248-C629B4***B6\\"\\n}","type":"json"}]',
],
'ModifyHybridCloudGroupShrinkServer' => [
'summary' => 'Deletes nodes from a cluster group.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '156785',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity-cn-0xldb****05', 'title' => ''],
],
[
'name' => 'ClusterId',
'in' => 'query',
'schema' => ['description' => 'The ID of the hybrid cloud cluster.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'GroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the node group.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'Mids',
'in' => 'query',
'schema' => ['description' => 'The node ID.', 'type' => 'string', 'required' => true, 'example' => 'b1bf3f544f30c1de0b72d91290***bbbb', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm2th****v6ay', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Delete nodes from a cluster group',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroupShrinkServer'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudGroupShrinkServer',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
],
'ModifyHybridCloudSdkPullinStatus' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafSBJ1DO'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstanceInfo](~~140857~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-7pp2le***01', 'title' => ''],
],
[
'name' => 'PullinStatus',
'in' => 'query',
'schema' => ['description' => 'The status of traffic redirection. Valid values of the parameter:'."\n"
."\n"
.'- **on**: Enable'."\n"
."\n"
.'- **off**: Disable', 'type' => 'string', 'required' => true, 'example' => 'on', 'title' => ''],
],
[
'name' => 'Mid',
'in' => 'query',
'schema' => ['description' => 'The ID of the SDK.', 'type' => 'string', 'required' => true, 'example' => 'b3dbc5153317c79d8ca9f9***ea', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B191**EB0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyHybridCloudSdkPullinStatus',
'summary' => 'Modifies the traffic redirection status of a hybrid cloud SDK.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudSdkPullinStatus'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudSdkPullinStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B191**EB0\\"\\n}","type":"json"}]',
],
'ModifyHybridCloudServer' => [
'summary' => 'Modifies hybrid cloud node information.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '136073',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstanceInfo](~~140857~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'Mid',
'in' => 'query',
'schema' => ['description' => 'The node ID.', 'type' => 'string', 'required' => true, 'example' => 'b1bf3f544f30c1de0b72d91290**ccb', 'title' => ''],
],
[
'name' => 'CustomName',
'in' => 'query',
'schema' => ['description' => 'The node name.', 'type' => 'string', 'required' => true, 'example' => '节点名称', 'title' => ''],
],
[
'name' => 'Operator',
'in' => 'query',
'schema' => ['description' => 'The cloud service provider.', 'type' => 'string', 'required' => true, 'example' => 'aliyun', 'title' => ''],
],
[
'name' => 'Continents',
'in' => 'query',
'schema' => ['description' => 'The continent.', 'type' => 'string', 'required' => true, 'example' => 'asiapacific', 'title' => ''],
],
[
'name' => 'RegionCode',
'in' => 'query',
'schema' => ['description' => 'The city.', 'type' => 'string', 'required' => true, 'example' => 'beijing', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '26DCD663-5EB8-5103-B270-E24A32***5F0', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'Modify hybrid cloud node information',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudServer'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudServer',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"26DCD663-5EB8-5103-B270-E24A32***5F0\\"\\n}","type":"json"}]',
],
'ModifyLogDeliveryConfig' => [
'summary' => 'Modifies a log delivery configuration for a hybrid cloud cluster.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeNodes' => ['FEATUREwafR5NU4G'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'DeliveryName',
'in' => 'query',
'schema' => ['description' => 'The name of the log delivery configuration that you want to modify.', 'type' => 'string', 'required' => true, 'example' => 'test1', 'title' => ''],
],
[
'name' => 'DeliveryType',
'in' => 'query',
'schema' => ['description' => 'The type of the log delivery destination. Valid values:'."\n"
."\n"
.'- **syslog**: delivers logs to a syslog server.'."\n"
."\n"
.'- **kafka**: delivers logs to a Kafka cluster.', 'type' => 'string', 'required' => true, 'example' => 'syslog', 'title' => ''],
],
[
'name' => 'DeliveryDetail',
'in' => 'query',
'schema' => ['description' => 'The details of the log delivery configuration, in JSON format.'."\n"
."\n"
.'> The value of this parameter is the same as the **DeliveryDetail** parameter of the **CreateLogDeliveryConfig** operation. For more information, see [CreateLogDeliveryConfig]().', 'type' => 'string', 'required' => true, 'example' => '{'."\n"
.' "rfcVersion": "rfc3164",'."\n"
.' "protocol": "tcp",'."\n"
.' "servers": ['."\n"
.' {'."\n"
.' "address": "1.1.1.1",'."\n"
.' "port": 20'."\n"
.' }'."\n"
.' ]'."\n"
.'}', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'DeliveryName' => ['description' => 'The name of the log delivery configuration that was modified.', 'type' => 'string', 'example' => 'test1', 'title' => ''],
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0', 'title' => ''],
],
'description' => 'The response parameters.',
'title' => '',
'example' => '',
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"DeliveryName\\": \\"test1\\",\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
'title' => 'ModifyLogDeliveryConfig',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:ModifyLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
],
'ModifyMajorProtectionBlackIp' => [
'summary' => 'Modifies an IP address blacklist for critical event protection.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '124761',
'abilityTreeNodes' => ['FEATUREwaf2KYU04'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the critical event protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '5132', 'title' => ''],
],
[
'name' => 'RuleId',
'in' => 'query',
'schema' => ['description' => 'The ID of the IP address blacklist rule for critical event protection.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '20012033', 'title' => ''],
],
[
'name' => 'IpList',
'in' => 'query',
'schema' => ['description' => 'The IP address blacklist to add. You can specify custom IP addresses or CIDR blocks. Both IPv4 and IPv6 addresses are supported. Separate multiple IP addresses with commas (,).'."\n"
.'For more information, see [Critical event protection](~~425591~~).', 'type' => 'string', 'required' => true, 'title' => '', 'example' => '12.XX.XX.2,3.XX.XX.3/24'],
],
[
'name' => 'ExpiredTime',
'in' => 'query',
'schema' => ['description' => 'The time after which the IP address blacklist becomes invalid. Unit: seconds.'."\n"
."\n"
.'> If the value is **0**, the IP address blacklist is permanently valid.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '1662603328', 'title' => ''],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the IP address blacklist.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'test'],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '66A98669-CC6E-4F3E-80A6-3014697B11AE', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyMajorProtectionBlackIp',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMajorProtectionBlackIp'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"66A98669-CC6E-4F3E-80A6-3014697B11AE\\"\\n}","type":"json"}]',
],
'ModifyMemberAccount' => [
'summary' => 'Modifies the information of a member account that is managed by the multi-account management feature of Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '213362',
'abilityTreeNodes' => ['FEATUREwaf4WHEC3'],
],
'parameters' => [
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_elasticity**-*******021', 'title' => ''],
],
[
'name' => 'SourceIp',
'in' => 'query',
'schema' => ['description' => 'The source IP address of the request.', 'type' => 'string', 'required' => false, 'example' => '0.0.XX.XX', 'title' => ''],
],
[
'name' => 'MemberAccountId',
'in' => 'query',
'schema' => ['description' => 'The ID of the member account that is managed by the WAF multi-account management feature.', 'type' => 'string', 'required' => true, 'example' => '131**********39', 'title' => ''],
],
[
'name' => 'Description',
'in' => 'query',
'schema' => ['description' => 'The description of the member account. The description must be 1 to 256 characters in length and can contain letters, digits, Chinese characters, periods (.), underscores (\\_), hyphens (-), and asterisks (\\*).', 'type' => 'string', 'required' => true, 'example' => 'account1', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19160D5EB0', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyMemberAccount',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMemberAccount'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyMemberAccount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19160D5EB0\\"\\n}","type":"json"}]',
],
'ModifyPauseProtectionStatus' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '222985',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-tl32ast****', 'title' => ''],
],
[
'name' => 'PauseStatus',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to pause WAF protection.'."\n"
."\n"
.'- **0 (default)**: WAF protection is not paused.'."\n"
."\n"
.'- **1**: WAF protection is paused.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '0', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-*****-******-D5EB0', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyPauseProtectionStatus',
'summary' => 'Modifies the protection status of Web Application Firewall (WAF).',
'changeSet' => [
['createdAt' => '2024-09-02T03:44:32.000Z', 'description' => 'Request parameters changed'],
['createdAt' => '2024-08-29T01:07:58.000Z', 'description' => 'Request parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyPauseProtectionStatus'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyPauseProtectionStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-*****-******-D5EB0\\"\\n}","type":"json"}]',
],
'ModifyResourceLogDeliveryStatus' => [
'summary' => 'Modifies the log delivery status of a protected object in Web Application Firewall (WAF).',
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '235293',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-uqm35*****', 'title' => ''],
],
[
'name' => 'DeliveryName',
'in' => 'query',
'schema' => ['description' => 'The name of the log delivery configuration.'."\n"
."\n"
.'> This parameter is required when you enable log delivery by setting **Status** to **true**.', 'type' => 'string', 'required' => false, 'example' => 'export-kafka', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['description' => 'The protected object for which you want to modify the log delivery status.', 'type' => 'string', 'required' => true, 'example' => 'test.waf.com-waf', 'title' => ''],
],
[
'name' => 'Status',
'in' => 'query',
'schema' => ['description' => 'Indicates whether to enable log delivery for the protected object. Valid values:'."\n"
."\n"
.'- **true**: enables log delivery.'."\n"
."\n"
.'- **false**: disables log delivery.', 'type' => 'boolean', 'required' => true, 'example' => 'true', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19******', 'title' => ''],
'DeliveryName' => ['description' => 'The name of the log delivery configuration.', 'type' => 'string', 'example' => 'test1', 'title' => ''],
'Status' => ['description' => 'Indicates whether log delivery is enabled for the protected object. Valid values:'."\n"
."\n"
.'- **true**: Log delivery is enabled.'."\n"
."\n"
.'- **false**: Log delivery is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'DeliveryType' => ['description' => 'The type of log delivery destination for the protected object. Valid values:'."\n"
."\n"
.'- **syslog**: logs are delivered to a syslog server.'."\n"
."\n"
.'- **kafka**: logs are delivered to a Kafka cluster.', 'type' => 'string', 'example' => 'sls', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyResourceLogDeliveryStatus',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyResourceLogDeliveryStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19******\\",\\n \\"DeliveryName\\": \\"test1\\",\\n \\"Status\\": true,\\n \\"DeliveryType\\": \\"sls\\"\\n}","type":"json"}]',
],
'ModifyResourceLogFieldConfig' => [
'methods' => ['post', 'get'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '235280',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
'autoTest' => true,
'tenantRelevance' => 'tenant',
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['type' => 'string', 'required' => true, 'description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'title' => '', 'example' => 'waf_v3prepaid_public_cn-uax****3k0e'],
],
[
'name' => 'FieldList',
'in' => 'query',
'schema' => ['type' => 'string', 'required' => true, 'description' => 'The list of log fields to deliver. Use the \\`a,b,c,...\\` format.'."\n"
."\n"
.'> - Include all required log fields. Call [DescribeCommonLogFields](~~DescribeCommonLogFields~~) to view the log fields that WAF Simple Log Service supports.'."\n"
.'>'."\n"
.'> - If the log fields include **request\\_header**, use the **ExtendConfig** parameter to specify the request headers to deliver.', 'title' => '', 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids'],
],
[
'name' => 'ExtendConfig',
'in' => 'query',
'schema' => ['type' => 'string', 'description' => 'The extension configuration for log delivery. This is a JSON object converted to a string.'."\n"
."\n"
.'> For more information, see the description of the **ExtendConfig** parameter.', 'required' => false, 'title' => '', 'example' => '{\\"request_header\\":\\"Ali-Cdn-Real-Ip\\"}'],
],
[
'name' => 'DeliveryType',
'in' => 'query',
'schema' => ['type' => 'string', 'required' => true, 'description' => 'The log delivery type. Valid values:'."\n"
."\n"
.'- **sls**: Alibaba Cloud Simple Log Service.'."\n"
."\n"
.'- **kafka**: Delivers logs to an external Kafka cluster.'."\n"
."\n"
.'- **syslog**: Delivers logs to an external syslog server.', 'title' => '', 'example' => 'sls'],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['type' => 'string', 'description' => 'The ID of the Alibaba Cloud resource group.', 'required' => false, 'title' => '', 'example' => 'rg-acfm***q'],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['type' => 'string', 'default' => 'cn-hangzhou', 'description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'required' => false, 'title' => '', 'example' => 'cn-hangzhou'],
],
[
'name' => 'Resource',
'in' => 'query',
'schema' => ['type' => 'string', 'required' => true, 'description' => 'The protected object to modify.', 'title' => '', 'example' => 'cwaf-***-waf'],
],
[
'name' => 'LogDeliveryStrategy',
'in' => 'query',
'schema' => ['type' => 'string', 'required' => false, 'description' => 'The log delivery policies. Multiple policies are supported. This is a JSON array of policy objects converted to a string.'."\n"
."\n"
.'> For more information, see the description of the **LogDeliveryStrategy** parameter.', 'title' => '', 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]'],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['type' => 'string', 'description' => 'The request ID.', 'title' => '', 'example' => 'D7861F61-5B61-46CE-A47C-6B****'],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'ModifyResourceLogFieldConfig',
'summary' => 'Modifies the log field configuration of a protected object.',
'requestParamsDescription' => '## The LogDeliveryStrategy parameter'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ------- | ------- | -------- | -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| logType | String | Yes | blockLog | The log type. Valid values:
\\- **blockLog**: Blocked request logs.
\\- **normalRequestLog**: Normal request logs.
\\- **checkLog**: Detection logs. |'."\n"
.'| rate | Integer | Yes | 90 | The log sampling ratio. The value must be between 1 and 100. |'."\n"
."\n"
.'## The ExtendConfig parameter'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| -------------- | ------ | -------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| request_header | String | Yes | blockLog | The request headers for log delivery. You can specify up to five headers. Use the `a,b,c,...` format.> If the log fields to deliver include `request_header`, this parameter is required. Otherwise, the modification of the default configurations for all fields fails.> |',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyResourceLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B****\\"\\n}","type":"json"}]',
],
'ModifyResourceLogStatus' => [
'summary' => 'Enables or disables the log collection feature for a protected object.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '111393',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-zz11zcl****', 'title' => ''],
],
[
'name' => 'Resource',
'in' => 'query',
'allowEmptyValue' => true,
'schema' => ['description' => 'The protected object on which you want to manage the log collection feature.', 'type' => 'string', 'required' => true, 'example' => 'alb-wewbb23dfsetetcic1242-0****', 'title' => ''],
],
[
'name' => 'Status',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to enable the log collection feature for the protected object. Valid values:'."\n"
."\n"
.'- **true**: Enables the feature.'."\n"
."\n"
.'- **false**: Disables the feature.', 'type' => 'boolean', 'required' => true, 'example' => 'true', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region of the WAF instance. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: The Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'TraceStatus',
'in' => 'query',
'schema' => ['type' => 'boolean', 'description' => '', 'title' => '', 'example' => ''],
],
[
'name' => 'TraceConfig',
'in' => 'query',
'style' => 'json',
'schema' => [
'type' => 'object',
'properties' => [
'Workspace' => ['type' => 'string', 'example' => 'cms-test', 'description' => '', 'title' => ''],
'RatePerMille' => ['type' => 'integer', 'format' => 'int32', 'maximum' => '1000', 'minimum' => '1', 'example' => '0', 'description' => '', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'description' => 'The result of the request.',
'type' => 'object',
'properties' => [
'Status' => ['description' => 'Indicates whether the log collection feature is enabled for the protected object. Valid values:'."\n"
."\n"
.'- **true**: The feature is enabled.'."\n"
."\n"
.'- **false**: The feature is disabled.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => '7C55A3E5-638A-5D6E-9A2F-C3CE5A677EC5', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyResourceLogStatus',
'changeSet' => [
['createdAt' => '2024-09-06T03:56:05.000Z', 'description' => 'Response parameters changed'],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyResourceLogStatus'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyResourceLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"Status\\": true,\\n \\"RequestId\\": \\"7C55A3E5-638A-5D6E-9A2F-C3CE5A677EC5\\"\\n}","type":"json"}]',
],
'ModifyTemplateResources' => [
'summary' => 'Attaches protected objects to or detaches protected objects from a protection template.',
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '106377',
'abilityTreeNodes' => ['FEATUREwaf10VDFG'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Web Application Firewall (WAF) instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_cdnsdf3****', 'title' => ''],
],
[
'name' => 'TemplateId',
'in' => 'query',
'schema' => ['description' => 'The ID of the protection template.', 'type' => 'integer', 'format' => 'int64', 'required' => true, 'example' => '2291', 'title' => ''],
],
[
'name' => 'BindResources',
'in' => 'query',
'style' => 'flat',
'schema' => [
'description' => 'The protected objects to attach. The value is in the \\[**"XX1","XX2",...**] format.',
'type' => 'array',
'items' => ['description' => 'The protected object to attach.', 'type' => 'string', 'required' => false, 'example' => 'abc', 'title' => ''],
'required' => false,
'maxItems' => 200,
'title' => '',
'example' => '',
],
],
[
'name' => 'BindResourceGroups',
'in' => 'query',
'style' => 'flat',
'schema' => [
'description' => 'The protected object groups to attach. The value is in the \\[**"group1","group2",...**] format.',
'type' => 'array',
'items' => ['description' => 'The protected object group to attach.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''],
'required' => false,
'maxItems' => 200,
'title' => '',
'example' => '',
],
],
[
'name' => 'UnbindResources',
'in' => 'query',
'style' => 'flat',
'schema' => [
'description' => 'The protected objects to detach. The value is in the \\[**"XX1","XX2",...**] format.',
'type' => 'array',
'items' => ['description' => 'The protected object to detach.', 'type' => 'string', 'required' => false, 'example' => 'abc', 'title' => ''],
'required' => false,
'maxItems' => 200,
'title' => '',
'example' => '',
],
],
[
'name' => 'UnbindResourceGroups',
'in' => 'query',
'style' => 'flat',
'schema' => [
'description' => 'The protected object groups to detach. The value is in the \\[**"group1","group2",...**] format.',
'type' => 'array',
'items' => ['description' => 'The protected object group to detach.', 'type' => 'string', 'required' => false, 'example' => 'group1', 'title' => ''],
'required' => false,
'maxItems' => 200,
'title' => '',
'example' => '',
],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'BindAssets',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The ID of the protected asset to attach.', 'type' => 'string', 'example' => '6a266967ebe50041*****0438af3f3519', 'title' => '', 'required' => false],
'maxItems' => 200,
'title' => '',
'description' => 'The IDs of the protected assets to attach. The value is in the \\[**"XX1","XX2",...**] format.',
'required' => false,
'example' => '',
],
],
[
'name' => 'UnbindAssets',
'in' => 'query',
'style' => 'flat',
'schema' => [
'type' => 'array',
'items' => ['description' => 'The ID of the protected asset to detach.', 'type' => 'string', 'example' => '6a26696*****4193670438af3f3519', 'title' => '', 'required' => false],
'maxItems' => 200,
'title' => '',
'description' => 'The IDs of the protected assets to detach. The value is in the \\[**"XX1","XX2",...**] format.',
'required' => false,
'example' => '',
],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'description' => 'The response parameters.',
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'CF708F2F-FFB0-54D4-B1E0-B84A7CEB****', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyTemplateResources',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyTemplateResources'],
],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyTemplateResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"CF708F2F-FFB0-54D4-B1E0-B84A7CEB****\\"\\n}","type":"json"}]',
],
'ModifyUserLogFieldConfig' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '111386',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
'autoTest' => true,
'tenantRelevance' => 'tenant',
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call the [DescribeInstance](~~433756~~) operation to view the ID of your WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-fou****', 'title' => ''],
],
[
'name' => 'FieldList',
'in' => 'query',
'schema' => ['description' => 'The list of log fields to deliver. Use the \\`a,b,c,...\\` format.'."\n"
."\n"
.'> - You must include all required log fields. Call the [DescribeCommonLogFields](~~DescribeCommonLogFields~~) operation to view the log fields that WAF supports.'."\n"
.'>'."\n"
.'> - If the log fields include **request\\_header**, use the **ExtendConfig** parameter to specify the request headers to deliver.', 'type' => 'string', 'required' => true, 'example' => 'account,acl_action,acl_rule_id,acl_rule_type,acl_test,antiscan_action,antiscan_rule_id,antiscan_rule_type,antiscan_test,body_bytes_sent,bypass_matched_ids', 'title' => ''],
],
[
'name' => 'ExtendConfig',
'in' => 'query',
'schema' => ['description' => 'The extended configuration for log delivery, in JSON format.'."\n"
."\n"
.'> For more information, see the description of the **ExtendConfig** parameter.', 'type' => 'string', 'required' => false, 'example' => '{\\"request_header\\":\\"App-Id,channelCode\\"}', 'title' => ''],
],
[
'name' => 'DeliveryType',
'in' => 'query',
'schema' => ['description' => 'The delivery type. Valid value:'."\n"
."\n"
.'- **sls**: Simple Log Service.', 'type' => 'string', 'default' => 'sls', 'required' => false, 'example' => 'sls', 'title' => ''],
],
[
'name' => 'LogDeliveryStrategy',
'in' => 'query',
'schema' => ['description' => 'The log delivery strategy, in JSON array format. You can specify multiple strategies.'."\n"
."\n"
.'> For more information, see the description of the **LogDeliveryStrategy** parameter.', 'type' => 'string', 'required' => false, 'example' => '[{\\"logType\\":\\"blockLog\\",\\"rate\\":100},{\\"logType\\":\\"normalRequestLog\\",\\"rate\\":100},{\\"logType\\":\\"checkLog\\",\\"rate\\":100}]', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the Alibaba Cloud resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request.', 'type' => 'string', 'example' => 'E2D63742-9BAA-*****', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'ModifyUserLogFieldConfig',
'summary' => 'Modifies the default log field configuration of a Web Application Firewall (WAF) instance for log delivery to Simple Log Service.',
'requestParamsDescription' => '## LogDeliveryStrategy parameter'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| ------- | ------- | -------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| logType | String | Yes | blockLog | The log type. Valid values:
\\- **blockLog**: blocked logs.
\\- **normalRequestLog**: normal request logs.
\\- **checkLog**: detection logs. |'."\n"
.'| rate | Integer | Yes | 90 | The log sampling ratio, in percentage. Valid values: 1 to 100. |'."\n"
."\n"
.'## ExtendConfig parameter'."\n"
."\n"
.'#### Parameters'."\n"
."\n"
.'| Name | Type | Required | Example | Description |'."\n"
.'| -------------- | ------ | -------- | ------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |'."\n"
.'| request_header | String | Yes | App-Id,channelCode | The request headers for log delivery. You can specify up to 5 headers. Use the `a,b,c,...` format.> If the log fields to deliver include `request_header`, you must specify this parameter. Otherwise, the modification of the default configurations for all fields fails.> |',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyUserLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"E2D63742-9BAA-*****\\"\\n}","type":"json"}]',
],
'ModifyUserWafLogStatus' => [
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'paid',
'abilityTreeNodes' => ['FEATUREwafJYSA2F'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to query the ID of the WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf-cn-mp9153****', 'title' => ''],
],
[
'name' => 'LogStatus',
'in' => 'query',
'schema' => ['description' => 'Indicates whether Simple Log Service is enabled. Valid values:'."\n"
."\n"
.'- **0**: Simple Log Service is disabled.'."\n"
."\n"
.'- **1**: Simple Log Service is enabled.', 'type' => 'integer', 'format' => 'int32', 'required' => true, 'example' => '1', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
[
'name' => 'LogRegionId',
'in' => 'query',
'schema' => ['description' => 'The ID of the log storage region. If this parameter is not specified, Simple Log Service is enabled in the region where the WAF instance resides.'."\n"
."\n"
.'- **cn-hangzhou**: the default region where Simple Log Service is enabled for a WAF instance in the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: the default region where Simple Log Service is enabled for a WAF instance outside the Chinese mainland.'."\n"
."\n"
.'> Call [DescribeUserSlsLogRegions](~~2712598~~) to query the available log storage regions.', 'type' => 'string', 'required' => false, 'example' => 'cn-beijing', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'D7861F61-5B61-****-A47C-6B19160*****', 'title' => ''],
'LogStoreName' => ['description' => 'The name of the Logstore in Simple Log Service (SLS).', 'type' => 'string', 'example' => 'wafng-logstore', 'title' => ''],
'ProjectName' => ['description' => 'Indicates whether the Simple Log Service project is created.', 'type' => 'boolean', 'example' => 'wafng-project-14316572********-cn-hangzhou', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'ModifyUserWafLogStatus',
'summary' => 'Enables or disables Simple Log Service for Web Application Firewall (WAF).',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyUserWafLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-****-A47C-6B19160*****\\",\\n \\"LogStoreName\\": \\"wafng-logstore\\",\\n \\"ProjectName\\": true\\n}","type":"json"}]',
],
'ReCreateCloudResource' => [
'methods' => ['post'],
'schemes' => ['https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'deprecated' => false,
'systemTags' => [
'operationType' => 'none',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '264065',
'abilityTreeNodes' => ['FEATUREwafOV749M', 'FEATUREwafCMMRA4', 'FEATUREwafMF0FT6'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call [DescribeInstance](~~433756~~) to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'ResourceInstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the cloud service instance.', 'type' => 'string', 'deprecated' => true, 'required' => false, 'example' => 'lb-bp*********k5uj2p', 'title' => ''],
],
[
'name' => 'Port',
'in' => 'query',
'schema' => ['description' => 'The port of the cloud service that is connected to WAF.', 'type' => 'integer', 'format' => 'int32', 'deprecated' => true, 'required' => false, 'example' => '443', 'title' => ''],
],
[
'name' => 'ResourceProduct',
'in' => 'query',
'schema' => [
'description' => 'The type of the cloud service. Valid values:'."\n"
."\n"
.'- **clb4**: Layer 4 CLB.'."\n"
."\n"
.'- **clb7**: Layer 7 CLB.'."\n"
."\n"
.'- **ecs**: ECS.'."\n"
.'- **nlb**: NLB.',
'type' => 'string',
'deprecated' => true,
'required' => false,
'enum' => ['clb7', 'clb4', 'ecs', 'nlb'],
'example' => 'clb7',
'title' => '',
],
],
[
'name' => 'CloudResourceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the connected resource, which is automatically generated by WAF during cloud native mode registration.'."\n"
."\n"
.'> You can call [CreateCloudResource](~~2839876~~) to connect a resource and then view the resource ID in the response.', 'type' => 'string', 'required' => false, 'example' => 'lb-bp*********k5uj2p-443-clb7', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance resides. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The Alibaba Cloud resource group ID.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'schema' => [
'title' => '',
'description' => 'Schema of Response',
'type' => 'object',
'properties' => [
'RequestId' => ['title' => '', 'description' => 'Id of the request', 'type' => 'string', 'example' => 'D7861F61-5B61-46CE-A47C-6B19****5EB0'],
],
'example' => '',
],
],
],
'errorCodes' => [
400 => [
['errorCode' => 'Waf.Pullin.CertNotExist', 'errorMessage' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.ResourceNotExist', 'errorMessage' => 'The accessed resource already exists. Resource:%s.', 'description' => 'The accessed resource already exists. Resource:%s.'],
['errorCode' => 'Waf.Pullin.AlreadyAccessed', 'errorMessage' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', 'description' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.'],
['errorCode' => 'Waf.Pullin.CertExpired', 'errorMessage' => 'Certificate expired, certificate ID:%s .', 'description' => 'Certificate expired, certificate ID:%s.'],
['errorCode' => 'Waf.Pullin.CloudProductParamNotMatch', 'errorMessage' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'."\n"],
['errorCode' => 'Waf.Pullin.CloudResourceInvalid', 'errorMessage' => 'CloudResourceId parameter is illegal.', 'description' => 'CloudResourceId parameter is illegal'],
['errorCode' => 'Waf.Pullin.CloudProductParamEmpty', 'errorMessage' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'],
],
],
'title' => 'Re-register a cloud service with WAF',
'summary' => 'Re-registers a cloud service with WAF. This operation is used only when the cloud native mode status is protection exception.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:ReCreateCloudResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"D7861F61-5B61-46CE-A47C-6B19****5EB0\\"\\n}","type":"json"}]',
],
'ReleaseInstance' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '115002',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
'autoTest' => true,
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to view the current WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-***', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region to which the WAF instance belongs. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: indicates the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: indicates regions outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm***q', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '65626467-8002-5022-9F5F-***', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'ReleaseInstance',
'summary' => 'Releases a Web Application Firewall (WAF) 3.0 instance.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:ReleaseInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"65626467-8002-5022-9F5F-***\\"\\n}","type":"json"}]',
],
'SyncProductInstance' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '143827',
'abilityTreeNodes' => ['FEATUREwafHU8RSD'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> You can call the [DescribeInstance](~~433756~~) operation to query the ID of the current WAF instance.', 'type' => 'string', 'required' => true, 'example' => 'waf_v3prepaid_public_cn-zsk****fb09', 'title' => ''],
],
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region where the WAF instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: the Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: regions outside the Chinese mainland.', 'type' => 'string', 'default' => 'cn-hangzhou', 'required' => false, 'example' => 'cn-hangzhou', 'title' => ''],
],
[
'name' => 'ResourceManagerResourceGroupId',
'in' => 'query',
'schema' => ['description' => 'The ID of the resource group.', 'type' => 'string', 'required' => false, 'example' => 'rg-acfm4co****f5qa', 'title' => ''],
],
],
'responses' => [
200 => [
'headers' => [],
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The ID of the request, which is used to locate and troubleshoot issues.', 'type' => 'string', 'example' => '45BA2382-7C3F-5B29-9A83-C3BCE586****', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'SyncProductInstance',
'summary' => 'Synchronizes Elastic Compute Service (ECS), Classic Load Balancer (CLB), and Network Load Balancer (NLB) instances to Web Application Firewall (WAF).',
'description' => 'After you call this operation, the system performs the synchronization asynchronously. You can call the [DescribeProductInstances](~~2743168~~) operation to query the synchronization result.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'SyncProductInstance'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:SyncProductInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"45BA2382-7C3F-5B29-9A83-C3BCE586****\\"\\n}","type":"json"}]',
],
'TagResources' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'create',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '164018',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: Outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'cn-hangzhou'],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => ['description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'],
],
[
'name' => 'ResourceId',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The IDs of the resources. You can specify up to 50 resource IDs.',
'type' => 'array',
'items' => ['description' => 'The ID of the resource.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxaliyundoc.com-waf', 'title' => ''],
'required' => true,
'maxItems' => 51,
'example' => '',
],
],
[
'name' => 'Tag',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The tags to add to the resource.',
'type' => 'array',
'items' => [
'type' => 'object',
'properties' => [
'Key' => ['description' => 'The key of tag N to add to the resource. Valid values of N: 1 to 20.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'demoTagKey'],
'Value' => ['description' => 'The value of tag N to add to the resource. Valid values of N: 1 to 20.', 'type' => 'string', 'title' => '', 'required' => false, 'example' => 'demoTagValue'],
],
'required' => false,
'description' => '',
'title' => '',
'example' => '',
],
'required' => true,
'maxItems' => 21,
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '57F8460F-8A62-5D79-8ED5-653C****0C6B', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'TagResources',
'summary' => 'Adds tags to resources.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'TagResources'],
],
],
'ramActions' => [
[
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:TagResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"57F8460F-8A62-5D79-8ED5-653C****0C6B\\"\\n}","type":"json"}]',
],
'UntagResources' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'write',
'systemTags' => [
'operationType' => 'delete',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '164020',
'abilityTreeNodes' => ['FEATUREwafNZKQ0J'],
],
'parameters' => [
[
'name' => 'RegionId',
'in' => 'query',
'schema' => ['description' => 'The region in which the Web Application Firewall (WAF) instance is deployed. Valid values:'."\n"
."\n"
.'- **cn-hangzhou**: Chinese mainland.'."\n"
."\n"
.'- **ap-southeast-1**: outside the Chinese mainland.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'cn-hangzhou'],
],
[
'name' => 'ResourceType',
'in' => 'query',
'schema' => ['description' => 'The type of the resource. Set the value to ALIYUN::WAF::DEFENSERESOURCE.', 'type' => 'string', 'required' => true, 'title' => '', 'example' => 'ALIYUN::WAF::DEFENSERESOURCE'],
],
[
'name' => 'All',
'in' => 'query',
'schema' => ['description' => 'Specifies whether to remove all tags from the specified resource groups or members. Valid values:'."\n"
."\n"
.'- false (default)'."\n"
."\n"
.'- true', 'type' => 'boolean', 'required' => false, 'title' => '', 'example' => 'false'],
],
[
'name' => 'ResourceId',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The resource IDs. You can specify up to 50 resource IDs.',
'type' => 'array',
'items' => ['description' => 'The resource ID.', 'type' => 'string', 'required' => false, 'example' => 'demo.xxxxaliyundoc.com-waf', 'title' => ''],
'required' => true,
'maxItems' => 51,
'example' => '',
],
],
[
'name' => 'TagKey',
'in' => 'query',
'style' => 'repeatList',
'schema' => [
'title' => '',
'description' => 'The tag keys. You can specify up to 20 tag keys.',
'type' => 'array',
'items' => ['description' => 'The tag key.', 'type' => 'string', 'required' => false, 'example' => 'demoTagKey', 'title' => ''],
'required' => false,
'maxItems' => 21,
'example' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => '7A4B8DB1-A8B0-5362-A65D-6A55****07C5', 'title' => ''],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'staticInfo' => ['returnType' => 'synchronous'],
'title' => 'UntagResources',
'summary' => 'Removes tags from resources and then deletes the tags.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'UntagResources'],
],
],
'ramActions' => [
[
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:UntagResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"7A4B8DB1-A8B0-5362-A65D-6A55****07C5\\"\\n}","type":"json"}]',
],
'VerifyDomainOwner' => [
'methods' => ['post', 'get'],
'schemes' => ['http', 'https'],
'security' => [
[
'AK' => [],
],
],
'operationType' => 'read',
'systemTags' => [
'operationType' => 'update',
'riskType' => 'none',
'chargeType' => 'free',
'abilityTreeCode' => '178142',
'abilityTreeNodes' => ['FEATUREwafD36LCH'],
],
'parameters' => [
[
'name' => 'InstanceId',
'in' => 'query',
'schema' => ['description' => 'The ID of the WAF instance.'."\n"
."\n"
.'> Call [DescribeInstance](~~433756~~) to obtain the WAF instance ID.', 'type' => 'string', 'required' => true, 'example' => 'waf_v2_public_cn-*****', 'title' => ''],
],
[
'name' => 'DomainName',
'in' => 'query',
'schema' => ['description' => 'The domain name whose ownership you want to verify.', 'type' => 'string', 'required' => true, 'example' => 'example.com', 'title' => ''],
],
[
'name' => 'VerifyType',
'in' => 'query',
'schema' => [
'description' => 'The verification method. Valid values:'."\n"
."\n"
.'- **dnsCheck**: DNS verification.'."\n"
."\n"
.'- **fileCheck**: File verification.',
'enumValueTitles' => ['fileCheck' => 'File verification', 'dnsCheck' => 'DNS verification'],
'type' => 'string',
'required' => true,
'example' => 'dnsCheck',
'title' => '',
],
],
[
'name' => 'Protocol',
'in' => 'query',
'schema' => [
'description' => 'The protocol type used for file verification. This parameter is required only when you set VerifyType to fileCheck. Valid values:'."\n"
."\n"
.'- **HTTP**: the HTTP protocol.'."\n"
."\n"
.'- **HTTPS**: the HTTPS protocol.',
'enumValueTitles' => ['HTTPS' => 'HTTPS', 'HTTP' => 'HTTP'],
'type' => 'string',
'required' => false,
'example' => 'HTTP',
'title' => '',
],
],
],
'responses' => [
200 => [
'schema' => [
'type' => 'object',
'properties' => [
'RequestId' => ['description' => 'The request ID.', 'type' => 'string', 'example' => 'F35F45B0-5D6B-4238-BE02-A62D****E840', 'title' => ''],
'VerifyResult' => [
'description' => 'The verification result.',
'type' => 'object',
'properties' => [
'FailCode' => ['description' => 'The reason why the verification failed.'."\n"
."\n"
.'- DnsTxtVerifyFailed: The DNS TXT record does not match.'."\n"
."\n"
.'- DnsServerError: The DNS server is abnormal.'."\n"
."\n"
.'- VerifyFileNotExist: The verification file does not exist.'."\n"
."\n"
.'- VerifyDomainNotAccess: Failed to access the domain name.'."\n"
."\n"
.'- FileContentVerifyFailed: The file content does not match.', 'type' => 'string', 'example' => 'DnsTxtVerifyFailed', 'title' => ''],
'Result' => ['description' => 'The verification result. Valid values:'."\n"
."\n"
.'- **true**: The verification is successful.'."\n"
."\n"
.'- **false**: The verification failed.', 'type' => 'boolean', 'example' => 'true', 'title' => ''],
],
'title' => '',
'example' => '',
],
],
'description' => '',
'title' => '',
'example' => '',
],
],
],
'title' => 'VerifyDomainOwner',
'summary' => 'Verifies that you own the specified domain name. Domain ownership must be verified before you can add a domain name to Web Application Firewall (WAF) by using CNAME access.',
'changeSet' => [],
'flowControl' => [
'flowControlList' => [],
],
'ramActions' => [
[
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:VerifyDomainOwner',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'responseDemo' => '[{"errorExample":"","example":"{\\n \\"RequestId\\": \\"F35F45B0-5D6B-4238-BE02-A62D****E840\\",\\n \\"VerifyResult\\": {\\n \\"FailCode\\": \\"DnsTxtVerifyFailed\\",\\n \\"Result\\": true\\n }\\n}","type":"json"}]',
],
],
'endpoints' => [
['regionId' => 'ap-southeast-1', 'regionName' => 'Singapore', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'wafopenapi.ap-southeast-1.aliyuncs.com', 'endpoint' => 'wafopenapi.ap-southeast-1.aliyuncs.com', 'vpc' => 'wafopenapi-intl.vpc-proxy.aliyuncs.com'],
['regionId' => 'cn-hangzhou', 'regionName' => 'China (Hangzhou)', 'areaId' => 'asiaPacific', 'areaName' => 'Asia Pacific', 'public' => 'wafopenapi.cn-hangzhou.aliyuncs.com', 'endpoint' => 'wafopenapi.cn-hangzhou.aliyuncs.com', 'vpc' => 'wafopenapi.vpc-proxy.aliyuncs.com'],
],
'errorCodes' => [
['code' => '10900', 'message' => 'Invalid parameter', 'http_code' => 400, 'description' => 'Invalid parameter'],
['code' => '11001', 'message' => 'Internal server error', 'http_code' => 400, 'description' => 'System internal error'],
['code' => '500', 'message' => 'Internal server error', 'http_code' => 500, 'description' => 'Internal System Error'],
['code' => 'AccountSafeUsed', 'message' => 'The feature of account security is being used.', 'http_code' => 400, 'description' => 'The account security feature is in use.'],
['code' => 'AclIpCountOverLimit', 'message' => 'Ip count in ACL rule is over limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the custom rule (ACL) exceeds the limit.'],
['code' => 'AclParamError', 'message' => 'Acl param invalid.', 'http_code' => 400, 'description' => 'The ACL parameter is invalid.'],
['code' => 'AntifraudOrAntifriaudJsUsed', 'message' => 'The feature of data risk control is being used.', 'http_code' => 400, 'description' => 'The data risk control feature is in use.'],
['code' => 'BotAlgorithmUsed', 'message' => 'The feature of crawler behavior algorithm is being used.', 'http_code' => 400, 'description' => 'The typical bot behavior identification feature is in effect.'],
['code' => 'BusinessDomainNotRecord', 'message' => 'The specified domain name is not ICP filed.', 'http_code' => 400, 'description' => 'The specified domain name does not have an ICP filing.'],
['code' => 'BusinessInvalidArgument', 'message' => 'The specified parameters are invalid.', 'http_code' => 403, 'description' => 'The specified parameter is invalid.'],
['code' => 'BusinessInvalidDomainIpInvalid', 'message' => 'The IP address cannot be added.', 'http_code' => 403, 'description' => 'The IP address cannot be added.'],
['code' => 'BusinessInvalidIpv6', 'message' => 'Back-to-origin IPv6 addresses are not supported. To add these IP addresses, you must enable the feature of forwarding requests to origin servers over IPv6.', 'http_code' => 403, 'description' => 'Back-to-origin IPv6 addresses are not supported. To add these IP addresses, you must enable the feature of forwarding requests to origin servers over IPv6.'],
['code' => 'BusinessInvalidSourceIp', 'message' => 'The origin fetch address includes disallowed IP addresses or domains.', 'http_code' => 400, 'description' => 'The back-to-origin addresses include IP addresses and domain names that are not allowed.'],
['code' => 'BusinessIpDomain', 'message' => 'The current access domain does not support in IP format.', 'http_code' => 400, 'description' => 'The IP address format is not supported.'],
['code' => 'BusinessMainDomainNotSupport', 'message' => 'The added primary domain name is not supported.', 'http_code' => 403, 'description' => 'The added second-level domain name is not supported.'],
['code' => 'BusinessSourceIpSupportVirtuaIp', 'message' => 'You can only add wan net ip.', 'http_code' => 403, 'description' => 'Currently, it is a customized version of shared virtual host, and only the IP address of Wanwang virtual host can be added.'],
['code' => 'BusinessViolation', 'message' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.', 'http_code' => 400, 'description' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.'],
['code' => 'CertDomainNotMatch', 'message' => 'The certificate does not include this domain.', 'http_code' => 400, 'description' => 'This certificate does not contain the domain name.'],
['code' => 'CertExpiredError', 'message' => 'The certificate has expired. Do not continue using this certificate.', 'http_code' => 400, 'description' => 'The certificate is expired. You can no longer use this certificate.'],
['code' => 'CertFormatError', 'message' => 'The certificate is malformed.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'],
['code' => 'CertKeyNotMatch', 'message' => 'The certificate file and private key do not match.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key of the certificate.'],
['code' => 'CertNameDuplicateError', 'message' => 'The certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate already exists.'],
['code' => 'CertNameExisted', 'message' => 'The certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate already exists.'],
['code' => 'CertNotExist', 'message' => 'The certificate is not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'],
['code' => 'ComboError', 'message' => 'No package information is available.', 'http_code' => 400, 'description' => 'No software package information is available.'],
['code' => 'CustomAclOrCcUsed', 'message' => 'The feature of advanced conditions is being used.', 'http_code' => 400, 'description' => 'The custom rule (ACL) is in use.'],
['code' => 'CustomRulesGroupUsed', 'message' => 'The feature of custom rule group is being used.', 'http_code' => 400, 'description' => 'The custom policy group is in use.'],
['code' => 'CustomSpeedLimitUsed', 'message' => 'The feature of custom throttling is being used.', 'http_code' => 400, 'description' => 'The custom rule (throttling) is in use.'],
['code' => 'Defense.Contro.DefenseTemplateSubSceneNotExist', 'message' => 'The protection scenario template sub-scene does not exist.', 'http_code' => 400, 'description' => 'The protection scenario template sub-scene does not exist.'],
['code' => 'Defense.Control.DefenseActonExpiredTimeInvalid', 'message' => 'The expiration time of the rule action is invalid.', 'http_code' => 400, 'description' => 'The expiration time of the rule action is invalid.'],
['code' => 'Defense.Control.DefenseAddressBookInUse', 'message' => 'The address book is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'The address book is in use and cannot be deleted. Rules for using this address book: %s.'],
['code' => 'Defense.Control.DefenseAddressFileFormatError', 'message' => 'The format of the uploaded address book file is incorrect.', 'http_code' => 400, 'description' => 'The format of the uploaded address book file is incorrect.'],
['code' => 'Defense.Control.DefenseAddressInvalid', 'message' => 'The address in the address book is illegal.', 'http_code' => 400, 'description' => 'The address in the address book is illegal.'],
['code' => 'Defense.Control.DefenseAddressOperationTooFrequent', 'message' => 'Address book operations are too frequent.', 'http_code' => 400, 'description' => 'Address book operations are too frequent. Please try again later.'],
['code' => 'Defense.Control.DefenseAddressOversize', 'message' => 'The number of addresses in the address book exceeds the limit.', 'http_code' => 400, 'description' => 'The number of addresses in the address book exceeds the limit.'],
['code' => 'Defense.Control.DefenseAddressUploading', 'message' => 'The address book file is being uploaded, please try again later.', 'http_code' => 400, 'description' => 'The address book file is being uploaded, please try again later.'],
['code' => 'Defense.Control.DefenseAiAssetPositionInvalid', 'message' => 'The position parameter of the large model protection asset is incorrect.', 'http_code' => 400, 'description' => 'The position parameter of the large model protection asset is incorrect.'],
['code' => 'Defense.Control.DefenseAiWhitelistStatusInvalid', 'message' => 'The status of ai whitelist is invalid.', 'http_code' => 400, 'description' => 'The status of the intelligent whitelist is invalid.'],
['code' => 'Defense.Control.DefenseAntiscanRuleConfigInvalid', 'message' => 'The configuration of anti scanning rules in the scanning protection policy is illegal.', 'http_code' => 400, 'description' => 'The configuration of the scan protection rule is invalid.'],
['code' => 'Defense.Control.DefenseAntiscanRuleConfigInvalid', 'message' => 'The configuration of the scan protection rule is invalid.', 'http_code' => 400, 'description' => 'The configuration of the scan protection rule is invalid.'],
['code' => 'Defense.Control.DefenseApisecRuleRegexInvalid', 'message' => 'The regular expression in the API security rule is invalid. Error reason: %s.', 'http_code' => 400, 'description' => 'The regular expression in an API security rule is invalid. Error reason:%s.'],
['code' => 'Defense.Control.DefenseAssetConditionDuplicate', 'message' => 'The match conditions of the asset is duplicated with other assets.', 'http_code' => 400, 'description' => 'The match conditions of the asset is duplicated with other assets.'],
['code' => 'Defense.Control.DefenseAssetConditionInvalid', 'message' => 'The protection asset flow matching condition is incorrect.', 'http_code' => 400, 'description' => 'The protection asset flow matching condition is incorrect.'],
['code' => 'Defense.Control.DefenseAssetConfigInvalid', 'message' => 'The protection asset is configured incorrectly.', 'http_code' => 400, 'description' => 'The protection asset is configured incorrectly.'],
['code' => 'Defense.Control.DefenseAssetCountOversize', 'message' => 'The number of protected assets exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected assets exceeds the limit.'],
['code' => 'Defense.Control.DefenseAssetExist', 'message' => 'Protective asset configuration already exists.', 'http_code' => 400, 'description' => 'Protective asset configuration already exists.'],
['code' => 'Defense.Control.DefenseAssetNameComplicate', 'message' => 'The name of the asset duplicates another asset.', 'http_code' => 400, 'description' => 'The name of the asset duplicates another asset.'],
['code' => 'Defense.Control.DefenseAssetNameInvalid', 'message' => 'The asset name is illegal.', 'http_code' => 400, 'description' => 'The asset name is illegal.'],
['code' => 'Defense.Control.DefenseAssetNotExist', 'message' => 'Protective asset does not exist.', 'http_code' => 400, 'description' => 'Protective asset does not exist.'],
['code' => 'Defense.Control.DefenseAssetNotSupported', 'message' => 'The protected assets feature is not supported.', 'http_code' => 400, 'description' => 'The protected assets feature is not supported.'],
['code' => 'Defense.Control.DefenseAssetStatusInvalid', 'message' => 'The asset status is illegal.', 'http_code' => 400, 'description' => 'The asset status is illegal.'],
['code' => 'Defense.Control.DefenseBookTypeInvalid', 'message' => 'The address book type is illegal.', 'http_code' => 400, 'description' => 'The address book type is illegal.'],
['code' => 'Defense.Control.DefenseBotManagerWebSdkNotSupport', 'message' => 'Fencing object does not support automatic integration with WebSdk.', 'http_code' => 400, 'description' => 'Fencing object does not support automatic integration with WebSdk.'],
['code' => 'Defense.Control.DefenseBotResourceCrossBindError', 'message' => 'The same protection object in a Bot scene cannot be integrated and bound at the same time.', 'http_code' => 400, 'description' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.'],
['code' => 'Defense.Control.DefenseBotResourceCrossBindError', 'message' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.', 'http_code' => 400, 'description' => 'The protected object in which the SDK is integrated cannot be the same as the protected object to which protection rules are applied in the scenario-specific configuration.'],
['code' => 'Defense.Control.DefenseClientSideDetectionConfigInvalid', 'message' => 'The client-side protection detection rule is incorrectly configured.', 'http_code' => 400, 'description' => 'The client-side protection detection rule is incorrectly configured.'],
['code' => 'Defense.Control.DefenseCodecRuleAlreadyExist', 'message' => 'Duplicate anti scanning rules in the scanning protection strategy.', 'http_code' => 400, 'description' => 'The scan protection rule exists.'],
['code' => 'Defense.Control.DefenseCodecRuleAlreadyExist', 'message' => 'The scan protection rule exists.', 'http_code' => 400, 'description' => 'The scan protection rule exists.'],
['code' => 'Defense.Control.DefenseConfigNotSupported', 'message' => 'The defense configuration is not supported.', 'http_code' => 400, 'description' => 'The protection feature is not supported.'],
['code' => 'Defense.Control.DefenseCustomResponseHeadersOutOfSize', 'message' => 'The number of custom headers of custom response rules in the protection policy exceeds the limit.', 'http_code' => 400, 'description' => 'The number of custom Header fields in the custom response rule exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseCustomResponseHeadersOutOfSize', 'message' => 'The number of custom Header fields in the custom response rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of custom Header fields in the custom response rule exceeds the limit.'],
['code' => 'Defense.Control.DefenseCustomResponseRuleActionInvalid', 'message' => 'The custom response rule action does not match the rule action.', 'http_code' => 400, 'description' => 'Custom response rule action does not match rule action'],
['code' => 'Defense.Control.DefenseCustomResponseRuleConfigInvalid', 'message' => 'Illegal configuration of custom response rule in protection policy.', 'http_code' => 400, 'description' => 'The configuration of the custom response rule is invalid.'],
['code' => 'Defense.Control.DefenseCustomResponseRuleConfigInvalid', 'message' => 'The configuration of the custom response rule is invalid.', 'http_code' => 400, 'description' => 'The configuration of the custom response rule is invalid.'],
['code' => 'Defense.Control.DefenseCustomResponseRuleExist', 'message' => 'The custom response rule in the protection policy already exists.', 'http_code' => 400, 'description' => 'The custom response rule exists.'],
['code' => 'Defense.Control.DefenseCustomResponseRuleExist', 'message' => 'The custom response rule exists.', 'http_code' => 400, 'description' => 'The custom response rule exists.'],
['code' => 'Defense.Control.DefenseCustomResponseRuleInUse', 'message' => 'The custom response rule is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'Custom response rule in use, list of associated rules:%s, list of associated objects:%s'],
['code' => 'Defense.Control.DefenseCustomResponseRuleNotExist', 'message' => 'The custom response rule does not exist.', 'http_code' => 400, 'description' => 'The custom response rule does not exist.'],
['code' => 'Defense.Control.DefenseCustomResponseRuleNotPermitDelete', 'message' => 'The custom response rule in the protection policy cannot be deleted', 'http_code' => 400, 'description' => 'You cannot delete custom response rules.'],
['code' => 'Defense.Control.DefenseCustomResponseRuleNotPermitDelete', 'message' => 'You cannot delete custom response rules.', 'http_code' => 400, 'description' => 'You cannot delete custom response rules.'],
['code' => 'Defense.Control.DefenseDownloadOssFileFailed', 'message' => 'Failed to parse OSS files.', 'http_code' => 400, 'description' => 'Failed to parse OSS files.'],
['code' => 'Defense.Control.DefenseExtensionPluginContentNotEmpty', 'message' => 'Extension content cannot be empty.', 'http_code' => 400, 'description' => 'Extension content cannot be empty.'],
['code' => 'Defense.Control.DefenseExtensionPluginIdInvalid', 'message' => 'Invalid extension ID.', 'http_code' => 400, 'description' => 'Invalid extension ID.'],
['code' => 'Defense.Control.DefenseExtensionPluginIdNotEmpty', 'message' => 'Extension ID is not allowed to be empty.', 'http_code' => 400, 'description' => 'Extension ID is not allowed to be empty.'],
['code' => 'Defense.Control.DefenseExtensionPluginParamsNotEmpty', 'message' => 'Extension parameter cannot be empty.', 'http_code' => 400, 'description' => 'Extension parameter cannot be empty.'],
['code' => 'Defense.Control.DefenseExtensionPluginParamsTypeNotSupport', 'message' => 'The extension parameter type is not supported.', 'http_code' => 400, 'description' => 'The extension parameter type is not supported.'],
['code' => 'Defense.Control.DefenseExtensionPluginParamsValueTypeNotMatch', 'message' => 'Extension parameter value does not match type.', 'http_code' => 400, 'description' => 'Extension parameter value does not match type.'],
['code' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'message' => 'The Extension rule is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'Extension rule in use, association rule list:%s'],
['code' => 'Defense.Control.DefenseExtensionPluginRuleInUse', 'message' => 'Extension rule in use, list of association rules:%s.', 'http_code' => 400, 'description' => 'Extension rule in use, list of association rules:%s.'],
['code' => 'Defense.Control.DefenseInOperation', 'message' => 'Protection configuration is operating, please try again later.', 'http_code' => 400, 'description' => 'Protection configuration is operating, please try again later.'],
['code' => 'Defense.Control.DefenseIpBlacklistIpEmpty', 'message' => 'The IP in the IP blacklist cannot be empty.', 'http_code' => 400, 'description' => 'You must add IP addresses to the IP address blacklist.'],
['code' => 'Defense.Control.DefenseIpBlacklistIpEmpty', 'message' => 'You must add IP addresses to the IP address blacklist.', 'http_code' => 400, 'description' => 'You must add IP addresses to the IP address blacklist.'],
['code' => 'Defense.Control.DefenseIpBlacklistIpInvalid', 'message' => 'Illegal IP in IP blacklist.', 'http_code' => 400, 'description' => 'The IP addresses in the IP address blacklist are invalid.'],
['code' => 'Defense.Control.DefenseIpBlacklistIpInvalid', 'message' => 'The IP addresses in the IP address blacklist are invalid.', 'http_code' => 400, 'description' => 'The IP addresses in the IP address blacklist are invalid.'],
['code' => 'Defense.Control.DefenseIpBlacklistIpOutOfRange', 'message' => 'The number of IPS in the IP blacklist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist exceeds the limit.'],
['code' => 'Defense.Control.DefenseIpBlacklistIpOutOfRange', 'message' => 'The number of IP addresses in the IP address blacklist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist exceeds the limit.'],
['code' => 'Defense.Control.DefenseIpCountOversize', 'message' => 'The number of IPs exceeds the limit.', 'http_code' => 400, 'description' => 'The number of IPs exceeds the limit.'],
['code' => 'Defense.Control.DefenseLogModifyStatusFailed', 'message' => 'Failed to modify protected object state through log service.', 'http_code' => 400, 'description' => 'Failed to change the Log Service configuration for the protected object.'],
['code' => 'Defense.Control.DefenseLogModifyStatusFailed', 'message' => 'Failed to change the status of the protected object.', 'http_code' => 400, 'description' => 'Failed to change the status of the protected object.'],
['code' => 'Defense.Control.DefenseLogTimeExpired', 'message' => 'The time for querying logs has expired.', 'http_code' => 400, 'description' => 'The query log time has expired.'],
['code' => 'Defense.Control.DefenseMajorProtectionRuleConfigInvalid', 'message' => 'The rules that are configured in the protection template for major events are invalid.', 'http_code' => 400, 'description' => 'The rules that are configured in the protection template for major events are invalid.'],
['code' => 'Defense.Control.DefenseMajorProtectionRuleExist', 'message' => 'The rules that are configured in the protection template for major events already exist.', 'http_code' => 400, 'description' => 'The rules that are configured in the protection template for major events already exist.'],
['code' => 'Defense.Control.DefenseOssFileNotFound', 'message' => 'Failed to find the OSS files that are uploaded.', 'http_code' => 400, 'description' => 'Failed to find the OSS files that are uploaded.'],
['code' => 'Defense.Control.DefensePolicyInUse', 'message' => 'The custom regular rule group is referenced by the template and cannot be deleted.', 'http_code' => 400, 'description' => 'The custom regular expression rule group is referenced by the template and cannot be deleted.'],
['code' => 'Defense.Control.DefensePolicyNotFound', 'message' => 'Regular rule group does not exist.', 'http_code' => 400, 'description' => 'The regular expression rule group does not exist.'],
['code' => 'Defense.Control.DefensePolicyNotFound', 'message' => 'The regular expression rule group does not exist.', 'http_code' => 400, 'description' => 'The regular expression rule group does not exist.'],
['code' => 'Defense.Control.DefensePolicyOwnedByAnotherUser', 'message' => 'Custom regular rule group does not belong to this user.', 'http_code' => 400, 'description' => 'The regular expression rule group does not belong to the user.'],
['code' => 'Defense.Control.DefensePolicyOwnedByAnotherUser', 'message' => 'The regular expression rule group does not belong to the user.', 'http_code' => 400, 'description' => 'The regular expression rule group does not belong to the user.'],
['code' => 'Defense.Control.DefensePolicyRuleAlreadyExist', 'message' => 'Regular rule group rule in basic protection policy already exists.', 'http_code' => 400, 'description' => 'Regular expression rules exist in the basic protection rule module.'],
['code' => 'Defense.Control.DefensePolicyRuleAlreadyExist', 'message' => 'Regular expression rules exist.', 'http_code' => 400, 'description' => 'Regular expression rules exist.'],
['code' => 'Defense.Control.DefenseResourceAccessNotDelete', 'message' => 'The protection object from access cannot be deleted.', 'http_code' => 400, 'description' => 'You cannot delete the protected objects that are automatically synchronized.'],
['code' => 'Defense.Control.DefenseResourceAccessNotDelete', 'message' => 'You cannot delete the protected objects that are automatically synchronized.', 'http_code' => 400, 'description' => 'You cannot delete the protected objects that are automatically synchronized.'],
['code' => 'Defense.Control.DefenseResourceAddDeleteSameTime', 'message' => 'The protected objects in the protection group cannot be bound and unbound at the same time.', 'http_code' => 400, 'description' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.'],
['code' => 'Defense.Control.DefenseResourceAddDeleteSameTime', 'message' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.', 'http_code' => 400, 'description' => 'You cannot add a protected object to a protected object group and remove the protected object from a protected object group at the same time.'],
['code' => 'Defense.Control.DefenseResourceAlreadyInCustom', 'message' => 'The protection object has been bound with a custom protection policy.', 'http_code' => 400, 'description' => 'The protected object is bound to a custom protection rule.'],
['code' => 'Defense.Control.DefenseResourceAlreadyInCustom', 'message' => 'The protected object is bound to a custom protection template.', 'http_code' => 400, 'description' => 'The protected object is bound to a custom protection template.'],
['code' => 'Defense.Control.DefenseResourceAndGroupConflict', 'message' => 'The name of the protected object is the same as the name of the protected object group.', 'http_code' => 400, 'description' => 'The name of the protected object is the same as the name of the protected object group.'],
['code' => 'Defense.Control.DefenseResourceCountOverSize', 'message' => 'The number of protected objects exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects exceeds the limit.'],
['code' => 'Defense.Control.DefenseResourceDetailInvalid', 'message' => 'The detail field of the protected object is illegal.', 'http_code' => 400, 'description' => 'The detail field for the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourceDetailInvalid', 'message' => 'The detail field of the protected object is invalid.', 'http_code' => 400, 'description' => 'The detail field for the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourceDetailNotEmpty', 'message' => 'The details of the protected object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the detail field for the protected object.'],
['code' => 'Defense.Control.DefenseResourceDetailNotEmpty', 'message' => 'You must configure the detail field of the protected object.', 'http_code' => 400, 'description' => 'You must configure the detail field for the protected object.'],
['code' => 'Defense.Control.DefenseResourceExist', 'message' => 'Protection object already exists.', 'http_code' => 400, 'description' => 'The protected object exists.'],
['code' => 'Defense.Control.DefenseResourceExist', 'message' => 'The protected object exists.', 'http_code' => 400, 'description' => 'The protected object exists.'],
['code' => 'Defense.Control.DefenseResourceGroupCountOverSize', 'message' => 'The number of protection groups exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected object groups exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseResourceGroupCountOverSize', 'message' => 'The number of protected object groups exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected object groups exceeds the limit.'],
['code' => 'Defense.Control.DefenseResourceGroupDescriptionInvalid', 'message' => 'Illegal protection group description information.', 'http_code' => 400, 'description' => 'The description of the protected object group is invalid.'],
['code' => 'Defense.Control.DefenseResourceGroupDescriptionInvalid', 'message' => 'The description of the protected object group is invalid.', 'http_code' => 400, 'description' => 'The description of the protected object group is invalid.'],
['code' => 'Defense.Control.DefenseResourceGroupExist', 'message' => 'Protection group already exists.', 'http_code' => 400, 'description' => 'The protected object group exists.'],
['code' => 'Defense.Control.DefenseResourceGroupExist', 'message' => 'The protected object group exists.', 'http_code' => 400, 'description' => 'The protected object group exists.'],
['code' => 'Defense.Control.DefenseResourceGroupNameInvalid', 'message' => 'Illegal protection group name.', 'http_code' => 400, 'description' => 'The name of the protected object group is invalid.'],
['code' => 'Defense.Control.DefenseResourceGroupNameInvalid', 'message' => 'The name of the protected object group is invalid.', 'http_code' => 400, 'description' => 'The name of the protected object group is invalid.'],
['code' => 'Defense.Control.DefenseResourceGroupNotExist', 'message' => 'Protection group does not exist.', 'http_code' => 400, 'description' => 'The protected object group does not exist.'],
['code' => 'Defense.Control.DefenseResourceGroupNotExist', 'message' => 'The protected object group does not exist.', 'http_code' => 400, 'description' => 'The protected object group does not exist.'],
['code' => 'Defense.Control.DefenseResourceInGroupCountOverSize', 'message' => 'The number of protected objects in the protection group exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protected object group exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseResourceInGroupCountOverSize', 'message' => 'The number of protected objects in the protected object group exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protected object group exceeds the limit.'],
['code' => 'Defense.Control.DefenseResourceInTemplateCountOverSize', 'message' => 'The number of protected objects in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected objects in the protection template exceeds the limit.'],
['code' => 'Defense.Control.DefenseResourceInvalid', 'message' => 'The name of the protected object is illegal.', 'http_code' => 400, 'description' => 'The name of the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourceInvalid', 'message' => 'The name of the protected object is invalid.', 'http_code' => 400, 'description' => 'The name of the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourceModelInvalid', 'message' => 'The model of the protected object is illegal.', 'http_code' => 400, 'description' => 'The model of the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourceModelInvalid', 'message' => 'The model of the protected object is invalid.', 'http_code' => 400, 'description' => 'The model of the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourceNameAndAssetConflict', 'message' => 'The protected object or protection group name is the same as the protected asset ID.', 'http_code' => 400, 'description' => 'The protected object or protection group name is the same as the protected asset ID.'],
['code' => 'Defense.Control.DefenseResourceNotExist', 'message' => 'Protection object does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'],
['code' => 'Defense.Control.DefenseResourceNotExist', 'message' => 'The protected object does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'],
['code' => 'Defense.Control.DefenseResourcePatternNotEmpty', 'message' => 'The protection form of the protected object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the protection pattern of the protected object.'],
['code' => 'Defense.Control.DefenseResourcePatternNotEmpty', 'message' => 'You must configure the protection pattern of the protected object.', 'http_code' => 400, 'description' => 'You must configure the protection pattern of the protected object.'],
['code' => 'Defense.Control.DefenseResourcePatternNotFound', 'message' => 'The protection form of the protected object is illegal.', 'http_code' => 400, 'description' => 'The protection pattern of the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourcePatternNotFound', 'message' => 'The protection pattern of the protected object is invalid.', 'http_code' => 400, 'description' => 'The protection pattern of the protected object is invalid.'],
['code' => 'Defense.Control.DefenseResourceProductNotEmpty', 'message' => 'The product information of the protection object cannot be empty.', 'http_code' => 400, 'description' => 'You must configure the service information about the protected object.'],
['code' => 'Defense.Control.DefenseResourceProductNotEmpty', 'message' => 'You must configure the service information about the protected object.', 'http_code' => 400, 'description' => 'You must configure the service information about the protected object.'],
['code' => 'Defense.Control.DefenseResourceRelationExist', 'message' => 'The protection object has been bound.', 'http_code' => 400, 'description' => 'The protected object is added to a protected object group.'],
['code' => 'Defense.Control.DefenseResourceRelationExist', 'message' => 'The protected object is added to a protected object group.', 'http_code' => 400, 'description' => 'The protected object is added to a protected object group.'],
['code' => 'Defense.Control.DefenseResourceRelationNotExist', 'message' => 'The protected object is not added to the protected object group.', 'http_code' => 400, 'description' => 'The fencing object is not added to the fencing object group'],
['code' => 'Defense.Control.DefenseResourceRuleAccountDecodeTypeInvalid', 'message' => 'The decoding type in the account extraction rule is invalid.', 'http_code' => 400, 'description' => 'The decoding type in the account extraction rule is invalid.'],
['code' => 'Defense.Control.DefenseResourceRuleAccountOversize', 'message' => 'The number of extracted configurations in the account extraction rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of extracted configurations in the account extraction rule exceeds the limit.'],
['code' => 'Defense.Control.DefenseResourceRuleAccountPriorityInvalid', 'message' => 'The configuration priority in the account extraction rule is invalid.', 'http_code' => 400, 'description' => 'The configuration priority in the account extraction rule is invalid.'],
['code' => 'Defense.Control.DefenseResourceRuleNotPermitModify', 'message' => 'This protected resource rule cannot be modified.', 'http_code' => 400, 'description' => 'This protected resource rule cannot be modified.'],
['code' => 'Defense.Control.DefenseResourceRuleNotPermitUpdateStatus', 'message' => 'This protected resource rule does not allow update status.', 'http_code' => 400, 'description' => 'This protected resource rule does not allow update status'],
['code' => 'Defense.Control.DefenseResourceTemplateIdInvalid', 'message' => 'When querying the protection objects or protection groups that can be bound in the protection policy, the protection policy ID is invalid.', 'http_code' => 400, 'description' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.'],
['code' => 'Defense.Control.DefenseResourceTemplateIdInvalid', 'message' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.', 'http_code' => 400, 'description' => 'The ID of the protection rule is invalid when you query the protected objects or protected object groups that can be bound to the protection rule.'],
['code' => 'Defense.Control.DefenseResponseStatusInvalid', 'message' => 'Response log switch status is illegal.', 'http_code' => 400, 'description' => 'The status of the response log switch is invalid.'],
['code' => 'Defense.Control.DefenseRuleAccountProtectorConfigInvalid', 'message' => 'Account Security Rule configuration error.', 'http_code' => 400, 'description' => 'Error configuring account security rules in protection rules. %s'],
['code' => 'Defense.Control.DefenseRuleActionInvalid', 'message' => 'Illegal action of protection rules.', 'http_code' => 400, 'description' => 'The action that is defined in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleActionInvalid', 'message' => 'The action that is defined in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The action that is defined in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleAttackLevelConflict', 'message' => 'The attack level of the large model prompt word attack protection rule is repeated.', 'http_code' => 400, 'description' => 'The attack level of the large model prompt word attack protection rule is repeated.'],
['code' => 'Defense.Control.DefenseRuleAutoOriginInvalid', 'message' => 'The origin of auto rules is invalid.', 'http_code' => 400, 'description' => 'The origin of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleAutoUpdateInvalid', 'message' => 'Invalid automatic update configuration.', 'http_code' => 400, 'description' => 'Invalid automatic update configuration.'],
['code' => 'Defense.Control.DefenseRuleBotConfigInvalid', 'message' => 'Illegal Bot Scene Rule Configuration.', 'http_code' => 400, 'description' => 'The scenario-specific configuration is invalid.'],
['code' => 'Defense.Control.DefenseRuleBotTrafficInvalid', 'message' => 'Illegal traffic characteristics in Bot scene.', 'http_code' => 400, 'description' => 'The traffic characteristics in the scenario-specific configuration are invalid.'],
['code' => 'Defense.Control.DefenseRuleConditionEmpty', 'message' => 'The flow characteristic in the protection rule cannot be empty.', 'http_code' => 400, 'description' => 'You must configure traffic characteristics in the protection rule.'],
['code' => 'Defense.Control.DefenseRuleConditionEmpty', 'message' => 'You must configure the traffic characteristics in the protection rule.', 'http_code' => 400, 'description' => 'You must configure traffic characteristics in the protection rule.'],
['code' => 'Defense.Control.DefenseRuleConditionKeyInvalid', 'message' => 'Invalid flow characteristic matching field of protection rule.', 'http_code' => 400, 'description' => 'The match field in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleConditionKeyInvalid', 'message' => 'The match field in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The match field in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleConditionOpValueInvalid', 'message' => 'Invalid protection rule flow characteristic logic symbol.', 'http_code' => 400, 'description' => 'The logical operator in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleConditionOpValueInvalid', 'message' => 'The logical operator in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The logical operator in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleConditionOversize', 'message' => 'The number of flow characteristics of the protection rule exceeds the limit.', 'http_code' => 400, 'description' => 'The number of traffic features in the protection rule exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseRuleConditionValueInvalid', 'message' => 'Matching content of flow characteristics of invalid protection rules.', 'http_code' => 400, 'description' => 'The match content in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleConditionValueInvalid', 'message' => 'The match content in the protection rule is invalid.', 'http_code' => 400, 'description' => 'The match content in the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleConfigNotPermitModify', 'message' => 'The protection scenario rule cannot be modified.', 'http_code' => 400, 'description' => 'The protection scenario rule cannot be modified.'],
['code' => 'Defense.Control.DefenseRuleContentModerationConfigInvalid', 'message' => 'Large model content security scenario protection rule configuration error.', 'http_code' => 400, 'description' => 'Large model content security scenario protection rule configuration error.'],
['code' => 'Defense.Control.DefenseRuleCountOverSize', 'message' => 'The number of protection rules exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection rules exceeds the limit.'],
['code' => 'Defense.Control.DefenseRuleCreateModifyCountEmpty', 'message' => 'Number of protection rules created or modified at a time cannot be empty.', 'http_code' => 400, 'description' => 'You must specify the number of protection rules that you want to create or modify at the same time.'],
['code' => 'Defense.Control.DefenseRuleCreateModifyCountEmpty', 'message' => 'You must specify the number of protection rules that you want to create or modify at the same time.', 'http_code' => 400, 'description' => 'You must specify the number of protection rules that you want to create or modify at the same time.'],
['code' => 'Defense.Control.DefenseRuleCreateModifyCountOverSize', 'message' => 'The number of protection resources in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected resources in the protection template exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseRuleCreateModifyCountOverSize', 'message' => 'The number of protected resources in the protection template exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protected resources in the protection template exceeds the limit.'],
['code' => 'Defense.Control.DefenseRuleDetectAttackLevelConflict', 'message' => 'The detection type and attack level in the content security protection rules of the large model are the same.', 'http_code' => 400, 'description' => 'The detection type and attack level in the content security protection rules of the large model are the same.'],
['code' => 'Defense.Control.DefenseRuleDistinctConditionOpValueInvalid', 'message' => 'Invalid traffic feature logic symbol for protection deduplication statistics rule.', 'http_code' => 400, 'description' => 'Invalid traffic feature logic symbol for protection deduplication statistics rule'],
['code' => 'Defense.Control.DefenseRuleDistinctConditionValueInvalid', 'message' => 'The threshold configuration of the deduplication statistics of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The threshold configuration of the deduplication statistics of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleGrayConfigInvalid', 'message' => 'The gray-scale effective configuration of the rule is invalid.', 'http_code' => 400, 'description' => 'Invalid canary release configurations for protection rules'],
['code' => 'Defense.Control.DefenseRuleIdConflict', 'message' => 'The protection rule ID is duplicate.', 'http_code' => 400, 'description' => 'The protection rule ID is duplicate.'],
['code' => 'Defense.Control.DefenseRuleNameAlreadyInUse', 'message' => 'Protection rule duplicate name.', 'http_code' => 400, 'description' => 'The name of the protection rule exists.'],
['code' => 'Defense.Control.DefenseRuleNameAlreadyInUse', 'message' => 'The name of the protection rule exists.', 'http_code' => 400, 'description' => 'The name of the protection rule exists.'],
['code' => 'Defense.Control.DefenseRuleNameConflict', 'message' => 'Duplicate protection rule name in batch request.', 'http_code' => 400, 'description' => 'Duplicate protection rule names are specified in the batch of requests.'],
['code' => 'Defense.Control.DefenseRuleNameConflict', 'message' => 'Duplicate protection rule names are specified in the batch of requests.', 'http_code' => 400, 'description' => 'Duplicate protection rule names are specified in the batch of requests.'],
['code' => 'Defense.Control.DefenseRuleNameInvalid', 'message' => 'Illegal protection rule name.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleNameInvalid', 'message' => 'The name of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleNotExist', 'message' => 'Protection rule does not exist.', 'http_code' => 400, 'description' => 'The protection rule does not exist.'],
['code' => 'Defense.Control.DefenseRuleNotExist', 'message' => 'The protection rule does not exist.', 'http_code' => 400, 'description' => 'The protection rule does not exist.'],
['code' => 'Defense.Control.DefenseRuleNotPermitCreate', 'message' => 'This protection scenario rule is not allowed to be created.', 'http_code' => 400, 'description' => 'This protection scenario rule is not allowed to be created.'],
['code' => 'Defense.Control.DefenseRuleNotPermitDelete', 'message' => 'The protection scenario rule cannot be deleted.', 'http_code' => 400, 'description' => 'The protection scenario rule cannot be deleted.'],
['code' => 'Defense.Control.DefenseRuleOriginEmpty', 'message' => 'The source of protection rule cannot be empty.', 'http_code' => 400, 'description' => 'You must specify the source of the protection rule.'],
['code' => 'Defense.Control.DefenseRuleOriginEmpty', 'message' => 'You must specify the source of the protection rule.', 'http_code' => 400, 'description' => 'You must specify the source of the protection rule.'],
['code' => 'Defense.Control.DefenseRuleRateLimitInvalid', 'message' => 'Speed limit configuration of invalid protection rules.', 'http_code' => 400, 'description' => 'The rate-limiting configuration of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleRateLimitInvalid', 'message' => 'The rate-limiting configuration of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The rate-limiting configuration of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleRateLimitTargetInvalid', 'message' => 'Invalid protection rule speed limit target.', 'http_code' => 400, 'description' => 'The rate-limiting statistical object of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleRateLimitTargetInvalid', 'message' => 'The rate-limiting threshold of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The rate-limiting threshold of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleStatusInvalid', 'message' => 'Illegal protection rule status.', 'http_code' => 400, 'description' => 'The status of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleStatusInvalid', 'message' => 'The status of the protection rule is invalid.', 'http_code' => 400, 'description' => 'The status of the protection rule is invalid.'],
['code' => 'Defense.Control.DefenseRuleStatusNotSupported', 'message' => 'The operation is not supported in the current protection rule state.', 'http_code' => 400, 'description' => 'The operation is not supported in the current protection rule state'],
['code' => 'Defense.Control.DefenseRuleTamperProofConfigInvalid', 'message' => 'Site tamper prevention configuration error in protection rules.', 'http_code' => 400, 'description' => 'The website tamper-proofing configuration is invalid.'],
['code' => 'Defense.Control.DefenseRuleTamperProofProtocolConflict', 'message' => 'Site tamper-proof protocol conflict in protection rules.', 'http_code' => 400, 'description' => 'The protocol in the website tamper-proofing rule conflicts.'],
['code' => 'Defense.Control.DefenseRuleTimeConfigInvalid', 'message' => 'The timing configuration of the rule is invalid.', 'http_code' => 400, 'description' => 'Invalid validity period configurations for protection rules'],
['code' => 'Defense.Control.DefenseRuleUpstreamActionConfigInvalid', 'message' => 'The configuration of the upstream tagging action is invalid.', 'http_code' => 400, 'description' => 'Invalid configurations for marking back-to-origin requests'],
['code' => 'Defense.Control.DefenseRuleUrlConflict', 'message' => 'Page tamper-proof rule URL duplication.', 'http_code' => 400, 'description' => 'The protected URL in the website tamper-proofing rule already exists.'],
['code' => 'Defense.Control.DefenseSaleSpecValueInvalid', 'message' => 'Sales Rule Configuration Exception.', 'http_code' => 400, 'description' => 'The configuration of the sales rule is abnormal.'],
['code' => 'Defense.Control.DefenseSaleSpecValueInvalid', 'message' => 'The configuration of the sales rule is abnormal.', 'http_code' => 400, 'description' => 'The configuration of the sales rule is abnormal.'],
['code' => 'Defense.Control.DefenseSceneNotSupported', 'message' => 'This protection scenario is not supported.', 'http_code' => 400, 'description' => 'The protection scenario is not supported.'],
['code' => 'Defense.Control.DefenseSceneNotSupported', 'message' => 'The protection scenario is not supported.', 'http_code' => 400, 'description' => 'The protection scenario is not supported.'],
['code' => 'Defense.Control.DefenseTemplateBindUnbindNotSupportAsset', 'message' => 'The protection template does not support binding or unbinding protected assets. Only protected objects and protected groups are supported.', 'http_code' => 400, 'description' => 'The protection template does not support binding or unbinding protected assets. Only protected objects and protected groups are supported.'],
['code' => 'Defense.Control.DefenseTemplateBindUnbindOnlySupportAsset', 'message' => 'The protection template only supports binding or unbinding protected assets, but does not support binding or unbinding protected objects and protected groups.', 'http_code' => 400, 'description' => 'The protection template only supports binding or unbinding protected assets, but does not support binding or unbinding protected objects and protection groups.'],
['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceInvalid', 'message' => 'If the resource bound or unbound by the protection template is invalid, it may have been added to other user-defined templates or protection groups.', 'http_code' => 400, 'description' => 'The protected resource that is bound to or unbound from the protection template is invalid. The protected resource is bound to other custom templates or added to protected object groups.'],
['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceInvalid', 'message' => 'The protected object that is bound to or unbound from the protection template is invalid. The protected object is bound to other custom templates or added to protected object groups.', 'http_code' => 400, 'description' => 'The protected resource that is bound to or unbound from the protection template is invalid. The protected resource is bound to other custom templates or added to protected object groups.'],
['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceNotFound', 'message' => 'The resource bound or unbound by the protection template was not found.', 'http_code' => 400, 'description' => 'Failed to find the protected resource that is bound to or unbound from the protection template.'],
['code' => 'Defense.Control.DefenseTemplateBindUnbindResourceNotFound', 'message' => 'Failed to find the protected object that is bound to or unbound from the protection template.', 'http_code' => 400, 'description' => 'Failed to find the protected resource that is bound to or unbound from the protection template.'],
['code' => 'Defense.Control.DefenseTemplateCountOverSize', 'message' => 'The number of protective templates exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection templates exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseTemplateCountOverSize', 'message' => 'The number of protection templates exceeds the limit.', 'http_code' => 400, 'description' => 'The number of protection templates exceeds the limit.'],
['code' => 'Defense.Control.DefenseTemplateDescriptionInvalid', 'message' => 'Illegal protection template description.', 'http_code' => 400, 'description' => 'The description of the protection template is invalid.'],
['code' => 'Defense.Control.DefenseTemplateDetailInvalid', 'message' => 'Protection template configuration details field is invalid.', 'http_code' => 400, 'description' => 'Protection template configuration details field is invalid'],
['code' => 'Defense.Control.DefenseTemplateInGrayOperation', 'message' => 'Protection template grayscale upgrade operation, please try again later.', 'http_code' => 400, 'description' => 'Protection template grayscale upgrade operation, please try again later'],
['code' => 'Defense.Control.DefenseTemplateInOperation', 'message' => 'Protective template operation, please try again later.', 'http_code' => 400, 'description' => 'The protection template is in use. Try again later.'],
['code' => 'Defense.Control.DefenseTemplateNameInUse', 'message' => 'Protection template name has been used.', 'http_code' => 400, 'description' => 'The name of the protection template is being used.'],
['code' => 'Defense.Control.DefenseTemplateNameInUse', 'message' => 'The name of the protection template is being used.', 'http_code' => 400, 'description' => 'The name of the protection template is being used.'],
['code' => 'Defense.Control.DefenseTemplateNotExist', 'message' => 'Protective template does not exist.', 'http_code' => 400, 'description' => 'The protection template does not exist.'],
['code' => 'Defense.Control.DefenseTemplateNotExist', 'message' => 'The protection template does not exist.', 'http_code' => 400, 'description' => 'The protection template does not exist.'],
['code' => 'Defense.Control.DefenseTemplateOwnedByAnotherUser', 'message' => 'Protection template does not belong to this user.', 'http_code' => 400, 'description' => 'The protection template does not belong to the user.'],
['code' => 'Defense.Control.DefenseTemplateOwnedByAnotherUser', 'message' => 'The protection template does not belong to the user.', 'http_code' => 400, 'description' => 'The protection template does not belong to the user.'],
['code' => 'Defense.Control.DefenseTemplateRuleNotPermitCreate', 'message' => 'You cannot create protection rules.', 'http_code' => 400, 'description' => 'This protection module rule does not allow creation'],
['code' => 'Defense.Control.DefenseTemplateRuleNotPermitDelete', 'message' => 'Rules in this protection policy are not allowed to be deleted.', 'http_code' => 400, 'description' => 'You cannot delete protection rules from the protection template.'],
['code' => 'Defense.Control.DefenseTemplateRuleNotPermitDelete', 'message' => 'You cannot delete protection rules.', 'http_code' => 400, 'description' => 'You cannot delete protection rules.'],
['code' => 'Defense.Control.DefenseTemplateRuleStatusNotPermitModify', 'message' => 'The status of this protection rule cannot be modified.', 'http_code' => 400, 'description' => 'The status of the protection rule cannot be modified.'],
['code' => 'Defense.Control.DefenseTemplateStatusInvalid', 'message' => 'Illegal status of protective template.', 'http_code' => 400, 'description' => 'The status of the protection template is invalid.'],
['code' => 'Defense.Control.DefenseTemplateStatusInvalid', 'message' => 'The status of the protection template is invalid.', 'http_code' => 400, 'description' => 'The status of the protection template is invalid.'],
['code' => 'Defense.Control.DefenseTemplateTypeBindUnbindResourceInvalid', 'message' => 'Only user-defined protection templates can bind or unbind protection resources.', 'http_code' => 400, 'description' => 'Only custom protection templates can be bound to or unbound from protected resources.'],
['code' => 'Defense.Control.DefenseTemplateTypeBindUnbindResourceInvalid', 'message' => 'Only custom protection templates can be bound to or unbound from protected resources.', 'http_code' => 400, 'description' => 'Only custom protection templates can be bound to or unbound from protected resources.'],
['code' => 'Defense.Control.DefenseTemplateUserDefaultExist', 'message' => 'User default protection template already exists.', 'http_code' => 400, 'description' => 'The default protection template exists.'],
['code' => 'Defense.Control.DefenseTemplateUserDefaultExist', 'message' => 'The default protection template exists.', 'http_code' => 400, 'description' => 'The default protection template exists.'],
['code' => 'Defense.Control.DefenseTemplateUserDefaultNotSupport', 'message' => 'The default protection template is not supported.', 'http_code' => 400, 'description' => 'The default protection template is not supported.'],
['code' => 'Defense.Control.DefenseTestActionInvalid', 'message' => 'Illegal test of protective function action.', 'http_code' => 400, 'description' => 'The action that is used to test the protection feature is invalid.'],
['code' => 'Defense.Control.DefenseTestExpiredTimeInvalid', 'message' => 'Illegal timeout for testing protective functions.', 'http_code' => 400, 'description' => 'The timeout period to test the protection feature is invalid.'],
['code' => 'Defense.Control.DefenseTestUserIpInvalid', 'message' => 'Illegal user IP to test protection function.', 'http_code' => 400, 'description' => 'The IP address that is used to test the protection feature is invalid.'],
['code' => 'Defense.Control.DefenseThreatIntelligenceConfigInvalid', 'message' => 'Threat Intelligence Rule configuration error.', 'http_code' => 400, 'description' => 'Threat Intelligence Rule configuration error. %s'],
['code' => 'Defense.Control.DefenseTraceIdInvalid', 'message' => 'The format of the log request ID is incorrect.', 'http_code' => 400, 'description' => 'The log request ID format is incorrect'],
['code' => 'Defense.Control.DefenseTrafficGuideAlreadyExist', 'message' => 'Drainage strategy already exists.', 'http_code' => 400, 'description' => 'Drainage strategy already exists.'],
['code' => 'Defense.Control.DefenseTrafficGuideConfigModelInvalid', 'message' => 'Drainage strategy mode is invalid.', 'http_code' => 400, 'description' => 'Drainage strategy mode is invalid.'],
['code' => 'Defense.Control.DefenseTrafficGuideConfigProductInvalid', 'message' => 'Drainage strategy products are ineffective.', 'http_code' => 400, 'description' => 'The traffic‑generation strategy product is ineffective.'],
['code' => 'Defense.Control.DefenseTrafficGuideConfigStrategyInvalid', 'message' => 'The drainage strategy is ineffective.', 'http_code' => 400, 'description' => 'The drainage strategy is ineffective.'],
['code' => 'Defense.Control.DefenseTrafficGuideCountOverSize', 'message' => 'Only one drainage strategy is supported.', 'http_code' => 400, 'description' => 'Only one drainage strategy is supported.'],
['code' => 'Defense.Control.DefenseTrafficGuideRuleCountOverSize', 'message' => 'The number of regular or precise rules for drainage policies exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular or precise rules for drainage policies exceeds the limit.'],
['code' => 'Defense.Control.DefenseUploadOssFileFailed', 'message' => 'Failed to upload OSS files.', 'http_code' => 400, 'description' => 'Failed to upload the OSS file.'],
['code' => 'Defense.Control.DefenseVastIpDescriptionInvalid', 'message' => 'The description of the IP address blacklist is invalid.', 'http_code' => 400, 'description' => 'The description of the IP address blacklist is invalid.'],
['code' => 'Defense.Control.DefenseVastIpExpiredTimeInvalid', 'message' => 'The expiration time of the IP address blacklist for protection for major events is invalid.', 'http_code' => 400, 'description' => 'The expiration time of the IP address blacklist for protection for major events is invalid.'],
['code' => 'Defense.Control.DefenseVastIpFileEmpty', 'message' => 'The content of the IP address blacklist file for protection for major events is empty.', 'http_code' => 400, 'description' => 'The IP address blacklist file for protection for major events is empty.'],
['code' => 'Defense.Control.DefenseVastIpFileFormatError', 'message' => 'The format of the IP address blacklist file for protection for major events is invalid.', 'http_code' => 400, 'description' => 'The format of the IP address blacklist file for protection for major events is invalid.'],
['code' => 'Defense.Control.DefenseVastIpFileOversize', 'message' => 'The number of IP addresses in the IP address blacklist file for protection for major events exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of IP addresses in the IP address blacklist file for protection for major events exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseVastIpOperationCountOversize', 'message' => 'The number of IP addresses that are operated each time exceeds the upper limit. The IP addresses are the IP addresses in the IP address blacklist for protection for major events.', 'http_code' => 400, 'description' => 'The number of IP addresses that are operated each time exceeds the upper limit. The IP addresses are the IP addresses in the IP address blacklist for protection for major events.'],
['code' => 'Defense.Control.DefenseVastIpTotalCountOversize', 'message' => 'The total number of IP addresses in the IP address blacklist for protection for major events exceeds the upper limit.', 'http_code' => 400, 'description' => 'The total number of IP addresses in the IP address blacklist for protection for major events exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseVastIpUploadFormError', 'message' => 'Failed to obtain the information about the uploaded IP address blacklist file for protection for major events.', 'http_code' => 400, 'description' => 'Failed to obtain the information about the uploaded IP address blacklist file for protection for major events.'],
['code' => 'Defense.Control.DefenseWafCustomRuleCompileFailed', 'message' => 'Custom regular rule compilation failed.', 'http_code' => 400, 'description' => 'Custom regular rule compilation failed'],
['code' => 'Defense.Control.DefenseWafCustomRuleConfigInvalid', 'message' => 'Invalid custom regular rule configuration.', 'http_code' => 400, 'description' => 'Invalid custom regular rule configuration.'],
['code' => 'Defense.Control.DefenseWhitelistBypassRuleNotExist', 'message' => 'The whitelist protection rule does not exist.', 'http_code' => 400, 'description' => 'The whitelist protection rule does not exist. Rule ID:%s.'],
['code' => 'Defense.Control.DefenseWhitelistBypassTagInvalid', 'message' => 'The white mark in the white list is invalid.', 'http_code' => 400, 'description' => 'The whitelist tag is invalid.'],
['code' => 'Defense.Control.DefenseWhitelistBypassTagInvalid', 'message' => 'The whitelist parameter is invalid.', 'http_code' => 400, 'description' => 'The whitelist parameter is invalid.'],
['code' => 'Defense.Control.DefenseWhitelistCategoryInvalid', 'message' => 'Invalid whitelist whitelist policy module.', 'http_code' => 400, 'description' => 'Protection modules defined in the whitelist are invalid.'],
['code' => 'Defense.Control.DefenseWhitelistCategoryInvalid', 'message' => 'Protection modules defined in the whitelist are invalid.', 'http_code' => 400, 'description' => 'Protection modules that are defined in the whitelist are invalid.'],
['code' => 'Defense.Control.DefenseWhitelistConfigInvalid', 'message' => 'The whitelist rule is misconfigured.', 'http_code' => 400, 'description' => 'Error configuring whitelist rule: %s.'],
['code' => 'Defense.Control.DefenseWhitelistRegularRuleSize', 'message' => 'The number of white regular rule IDS in the white list exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular expression rules in the whitelist exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseWhitelistRegularRuleSize', 'message' => 'The number of regular expression rules in the whitelist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of regular expression rules in the whitelist exceeds the limit.'],
['code' => 'Defense.Control.DefenseWhitelistRegularTypeSize', 'message' => 'The number of white regular rule types in the white list exceeds the limit.', 'http_code' => 400, 'description' => 'The number of types of regular expression rules in the whitelist exceeds the upper limit.'],
['code' => 'Defense.Control.DefenseWhitelistRegularTypeSize', 'message' => 'The number of types of regular expression rules in the whitelist exceeds the limit.', 'http_code' => 400, 'description' => 'The number of types of regular expression rules in the whitelist exceeds the limit.'],
['code' => 'Defense.Control.InvalidDefenseRuleID', 'message' => 'The protection rule ID is invalid.', 'http_code' => 400, 'description' => 'The protection rule ID is invalid.'],
['code' => 'Defense.Control.InvalidParameter', 'message' => 'Invalid parameter.', 'http_code' => 400, 'description' => 'The parameter is invalid.'],
['code' => 'Defense.Control.InvalidParameter', 'message' => 'The parameter is invalid.', 'http_code' => 400, 'description' => 'The parameter is invalid.'],
['code' => 'Defense.Control.ProductNotSupportRule', 'message' => 'Access mode does not support this protection scenario rule.%s.', 'http_code' => 400, 'description' => 'Access mode does not support this protection scenario rule.%s.'],
['code' => 'DlpUsed', 'message' => 'The feature of data leakage prevention is being used.', 'http_code' => 400, 'description' => 'The data leakage prevention feature is in effect.'],
['code' => 'DomainDuplicateError', 'message' => 'The domain has been configured.', 'http_code' => 400, 'description' => 'The configuration of the domain name is complete.'],
['code' => 'DomainNotBeianOrInBlackList', 'message' => 'The domain does not have an ICP filling or has been blacklisted.', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or is added to the blacklist.'],
['code' => 'DomainNotBeianOrInBlackList', 'message' => 'Blacklist or Domain Names That Do Not Have ICP Filings', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or has committed a penalty.'],
['code' => 'DomainNotExist', 'message' => 'The specified domain does not exist.', 'http_code' => 400, 'description' => 'The specified domain name does not exist.'],
['code' => 'DomainQuotaExceed', 'message' => 'Domain Quota Exceed.', 'http_code' => 400, 'description' => 'The quota of domain names is reached.'],
['code' => 'DomainRetSourceNotSupport', 'message' => 'Your waf does not support return to domain.', 'http_code' => 400, 'description' => 'Your WAF instance does not support back-to-origin domain names.'],
['code' => 'DomainUsedByOthers', 'message' => 'The domain name is being used by another owner.', 'http_code' => 400, 'description' => 'The domain name is being used by another user.'],
['code' => 'DrainageOverrun', 'message' => 'The number of ports for which WAF protection is enabled exceeds the quota.', 'http_code' => 403, 'description' => 'The number of connected ports exceeds the system limit.'],
['code' => 'ExtensiveDomainUsedError', 'message' => 'Another user has used this wildcard domain in Waf.', 'http_code' => 400, 'description' => 'The wildcard domain is already used.'],
['code' => 'FunctionAvailableError', 'message' => 'The function is not available.', 'http_code' => 403, 'description' => 'The function is not available.'],
['code' => 'IllegalDefaultCertificate', 'message' => 'The default certificate does not exist.', 'http_code' => 403, 'description' => 'The default certificate for transparent access is invalid.'],
['code' => 'InternalError', 'message' => 'Unknown error.', 'http_code' => 500, 'description' => 'Request processing failed due to unknown error'],
['code' => 'InvalidIncludeSubDomainWithPreload', 'message' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'http_code' => 400, 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'],
['code' => 'InvalidParameter', 'message' => 'Invalid parameter.', 'http_code' => 400, 'description' => 'Invalid parameter'],
['code' => 'InvalidParameters', 'message' => 'Invalid parameters.', 'http_code' => 400, 'description' => 'The parameters are illegal.'],
['code' => 'Log.Control.ApisecSpecInfoNotFound', 'message' => 'API security service has not been activated.', 'http_code' => 400, 'description' => 'API security service has not been activated.'],
['code' => 'Log.Control.AssumeRoleFailed', 'message' => 'Insufficient permissions, please authorize.', 'http_code' => 400, 'description' => 'You do not have the required permissions. Obtain the required permissions.'],
['code' => 'Log.Control.AssumeRoleFailed', 'message' => 'You do not have the required permissions. Obtain the required permissions.', 'http_code' => 400, 'description' => 'You do not have the required permissions. Obtain the required permissions.'],
['code' => 'Log.Control.BatchDescribeSlsDispatchStatusFailed', 'message' => 'Query whether SLS service is open error.', 'http_code' => 400, 'description' => 'Failed to check whether Log Service is activated.'],
['code' => 'Log.Control.BatchDescribeSlsDispatchStatusFailed', 'message' => 'Failed to check whether Log Service is activated.', 'http_code' => 400, 'description' => 'Failed to check whether Log Service is activated.'],
['code' => 'Log.Control.BatchDescribeSlsLogStoreFailed', 'message' => 'Failed to obtain the logstore list of Log Service SLS.', 'http_code' => 400, 'description' => 'Failed to obtain the logstore list of Log Service SLS.'],
['code' => 'Log.Control.BatchDescribeSlsProjectFailed', 'message' => 'Failed to obtain the project list of Log Service SLS.', 'http_code' => 400, 'description' => 'Failed to obtain the project list of Log Service SLS.'],
['code' => 'Log.Control.ClusterDeliveryNameEmpty', 'message' => 'When you enable WAF cluster outgoing logs, the outgoing configuration name cannot be empty.', 'http_code' => 400, 'description' => 'When you enable WAF cluster outgoing logs, the outgoing configuration name cannot be empty.'],
['code' => 'Log.Control.CreateEtlMetaFailed', 'message' => 'Open Log Distribution Failed.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'],
['code' => 'Log.Control.CreateEtlMetaFailed', 'message' => 'Failed to enable the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'],
['code' => 'Log.Control.CreateProjectLogstoreFailed', 'message' => 'Failed to create Projects and Logstores.', 'http_code' => 400, 'description' => 'Failed to create a project and a Logstore.'],
['code' => 'Log.Control.CreateProjectLogstoreFailed', 'message' => 'Failed to create a project and a Logstore.', 'http_code' => 400, 'description' => 'Failed to create a project and a Logstore.'],
['code' => 'Log.Control.DeleteEtlMetaFailed', 'message' => 'Failed to close log distribution.', 'http_code' => 400, 'description' => 'Failed to disable the Log Service for WAF feature.'],
['code' => 'Log.Control.DeleteEtlMetaFailed', 'message' => 'Failed to disable the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to disable the Log Service for WAF feature.'],
['code' => 'Log.Control.DeleteLogStoreFailed', 'message' => 'Failed to delete LogStore.', 'http_code' => 400, 'description' => 'Failed to delete the Logstore.'],
['code' => 'Log.Control.DeleteLogStoreFailed', 'message' => 'Failed to delete the Logstore.', 'http_code' => 400, 'description' => 'Failed to delete the Logstore.'],
['code' => 'Log.Control.DeliveryConfigCountExceed', 'message' => 'The count of WAF outgoing configurations exceeds the limit.', 'http_code' => 400, 'description' => 'The number of WAF outgoing configurations exceeds the limit.'],
['code' => 'Log.Control.DeliveryConfigInUse', 'message' => 'WAF cluster outgoing configuration is in use and cannot be deleted.', 'http_code' => 400, 'description' => 'The delivery configuration is in use and cannot be deleted.'],
['code' => 'Log.Control.DeliveryConfigNameDuplicate', 'message' => 'WAF outgoing configuration name is duplicate.', 'http_code' => 400, 'description' => 'WAF outgoing configuration name is duplicate.'],
['code' => 'Log.Control.DeliveryConfigNotExist', 'message' => 'The WAF cluster log outgoing configuration does not exist.', 'http_code' => 400, 'description' => 'The WAF cluster log outgoing configuration does not exist.'],
['code' => 'Log.Control.DescribeLogstoreInfoFailed', 'message' => 'Failed to view LogStore information.', 'http_code' => 400, 'description' => 'Failed to view the Logstore information.'],
['code' => 'Log.Control.DescribeLogstoreInfoFailed', 'message' => 'Failed to view the Logstore information.', 'http_code' => 400, 'description' => 'Failed to view the Logstore information.'],
['code' => 'Log.Control.DescribeSlsAuthFailed', 'message' => 'Error querying user for authorization to operate SLS resource.', 'http_code' => 400, 'description' => 'Failed to check whether a user is authorized to manage Log Service resources.'],
['code' => 'Log.Control.DescribeSlsAuthFailed', 'message' => 'Failed to check whether a user is authorized to manage Log Service resources.', 'http_code' => 400, 'description' => 'Failed to check whether a user is authorized to manage Log Service resources.'],
['code' => 'Log.Control.DescribeSlsDispatchStatusFailed', 'message' => 'Query Log Distribution Status Error.', 'http_code' => 400, 'description' => 'Failed to query the status of the Log Service for WAF feature.'],
['code' => 'Log.Control.DescribeSlsDispatchStatusFailed', 'message' => 'Failed to query the status of the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to query the status of the Log Service for WAF feature.'],
['code' => 'Log.Control.EtlMetaExistError', 'message' => 'Log distribution already exists.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is enabled.'],
['code' => 'Log.Control.EtlMetaExistError', 'message' => 'The Log Service for WAF feature is enabled.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is enabled.'],
['code' => 'Log.Control.EtlMetaNotExist', 'message' => 'Log distribution configuration does not exist.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is not enabled.'],
['code' => 'Log.Control.EtlMetaNotExist', 'message' => 'The Log Service for WAF feature is not enabled.', 'http_code' => 400, 'description' => 'The Log Service for WAF feature is not enabled.'],
['code' => 'Log.Control.HybridCloudNotSupport', 'message' => 'The hybrid cloud extension node is not supported. Please purchase and try again.', 'http_code' => 400, 'description' => 'The hybrid cloud extension node is not supported. Please purchase and try again.'],
['code' => 'Log.Control.HybridClusterNotExist', 'message' => 'The hybrid cloud cluster does not exist.', 'http_code' => 400, 'description' => 'The hybrid cloud cluster does not exist.'],
['code' => 'Log.Control.InDebtError', 'message' => 'You have a bill in arrears and do not meet the requirements for automatic logging service. Please recharge your bill and settle it before trying again.', 'http_code' => 400, 'description' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.'],
['code' => 'Log.Control.InDebtError', 'message' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.', 'http_code' => 400, 'description' => 'You have overdue payments in your account. The Log Service for WAF feature cannot be automatically enabled. Top up your account, settle the payments, and try again.'],
['code' => 'Log.Control.InvalidAssertKey', 'message' => 'The AssertKey is invalid.', 'http_code' => 400, 'description' => 'Invalid AssertKey parameter'],
['code' => 'Log.Control.InvalidInstanceId', 'message' => 'The instance ID is invalid.', 'http_code' => 400, 'description' => 'The instance ID is invalid.'],
['code' => 'Log.Control.InvalidParameter', 'message' => 'The parameter is invalid.', 'http_code' => 400, 'description' => 'The request parameter is invalid. Please verify the request parameter.'],
['code' => 'Log.Control.InvalidParameter', 'message' => 'Parameter error. Check and correct the parameter and try again.', 'http_code' => 400, 'description' => 'Parameter error. Check and correct the parameter and try again.'],
['code' => 'Log.Control.InvalidSlsParam', 'message' => 'Invalid parameters for Log Service SLS.', 'http_code' => 400, 'description' => 'Invalid parameters for Log Service SLS'],
['code' => 'Log.Control.InvalidUserId', 'message' => 'Invalid user id.', 'http_code' => 400, 'description' => 'The user ID is invalid.'],
['code' => 'Log.Control.InvalidUserId', 'message' => 'The user ID is invalid.', 'http_code' => 400, 'description' => 'The user ID is invalid.'],
['code' => 'Log.Control.KafkaConfigParamError', 'message' => 'The Kafka log outgoing configuration parameter is incorrect.', 'http_code' => 400, 'description' => 'The Kafka log outgoing configuration parameter is incorrect.'],
['code' => 'Log.Control.LogServiceNotSupport', 'message' => 'Log Service is not supported. Please try again after purchasing.', 'http_code' => 400, 'description' => 'Log Service is not supported. Please try again after purchasing.'],
['code' => 'Log.Control.ModifyEtlMetaFailed', 'message' => 'Failed to modify log distribution configuration.', 'http_code' => 400, 'description' => 'Failed to modify the configuration of the Log Service for WAF feature.'],
['code' => 'Log.Control.ModifyEtlMetaFailed', 'message' => 'Failed to modify the configuration of the Log Service for WAF feature.', 'http_code' => 400, 'description' => 'Failed to modify the configuration of the Log Service for WAF feature.'],
['code' => 'Log.Control.ModifyUserLogFieldConfigError', 'message' => 'The user failed to modify the log field.', 'http_code' => 400, 'description' => 'Failed to modify the log fields.'],
['code' => 'Log.Control.ModifyUserLogFieldConfigError', 'message' => 'Failed to modify the log fields.', 'http_code' => 400, 'description' => 'Failed to modify the log fields.'],
['code' => 'Log.Control.ModifyUserLogSpecError', 'message' => 'modify user log spec code failed, please try again later.', 'http_code' => 400, 'description' => 'Failed to enable the Log Service for WAF feature.'],
['code' => 'Log.Control.OpenSlsServiceFailed', 'message' => 'Failed to open SLS.', 'http_code' => 400, 'description' => 'Failed to activate Log Service.'],
['code' => 'Log.Control.OpenSlsServiceFailed', 'message' => 'Failed to activate Log Service.', 'http_code' => 400, 'description' => 'Failed to activate Log Service.'],
['code' => 'Log.Control.ResourceCountTooMuch', 'message' => 'When querying the log delivery status of protected resources, the number of protected resources exceeds the limit.', 'http_code' => 400, 'description' => 'When querying the log delivery status of protected resources, the number of protected resources exceeds the limit.'],
['code' => 'Log.Control.ResourceDeliveryNameEmpty', 'message' => 'When you enable external log delivery for protected resources, the external delivery configuration name cannot be empty.', 'http_code' => 400, 'description' => 'When you enable external log delivery for protected resources, the external delivery configuration name cannot be empty.'],
['code' => 'Log.Control.ResourceNotExist', 'message' => 'The protected resource does not exist.', 'http_code' => 400, 'description' => 'The protected object does not exist.'],
['code' => 'Log.Control.ResourceNotSupportDelivery', 'message' => 'The protected resource does not support enabling external log delivery.', 'http_code' => 400, 'description' => 'The protected resource does not support enabling external log delivery.'],
['code' => 'Log.Control.SlsLogStoreNotExist', 'message' => 'LogStore for SLS does not exist.', 'http_code' => 400, 'description' => 'The Logstore does not exist.'],
['code' => 'Log.Control.SlsLogStoreNotExist', 'message' => 'The Logstore does not exist.', 'http_code' => 400, 'description' => 'The Logstore does not exist.'],
['code' => 'Log.Control.SlsProjectNotExist', 'message' => 'Projects for SLS do not exist.', 'http_code' => 400, 'description' => 'The project does not exist.'],
['code' => 'Log.Control.SlsProjectNotExist', 'message' => 'The project does not exist.', 'http_code' => 400, 'description' => 'The project does not exist.'],
['code' => 'Log.Control.SyslogConfigParamError', 'message' => 'Syslog outgoing configuration parameter error.', 'http_code' => 400, 'description' => 'Syslog outgoing configuration parameter error.'],
['code' => 'Log.Control.UserLogFieldIsUpdating', 'message' => 'The user log field is being configured.', 'http_code' => 400, 'description' => 'The log fields are being configured.'],
['code' => 'Log.Control.UserLogFieldIsUpdating', 'message' => 'The log field is being configured.', 'http_code' => 400, 'description' => 'The log field is being configured.'],
['code' => 'Log.Control.UserLogOpenedError', 'message' => 'Log Service activation failed.', 'http_code' => 400, 'description' => 'Log Service activation failed.'],
['code' => 'Log.Control.UserRegionNotFound', 'message' => 'User region not found.', 'http_code' => 400, 'description' => 'User region not found.'],
['code' => 'NoPermission', 'message' => 'The current operation is not authorized. Please contact the main account to perform authorization after the RAM console is authorized.', 'http_code' => 400, 'description' => 'You are not authorized to perform this operation. Contact the owner of the Alibaba Cloud account to obtain authorization in the RAM console.'],
['code' => 'NoPermissonCreatesServiceLinkedRole', 'message' => 'No Permisson Create Service Linked Role.', 'http_code' => 400, 'description' => 'You do not have the permissions to create the service-linked role.'],
['code' => 'NormalizedUsed', 'message' => 'The feature of positive security model is being used.', 'http_code' => 400, 'description' => 'The positive security model is in use'],
['code' => 'ParamError', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The requested parameter is invalid.'],
['code' => 'PropertyConvertFailed', 'message' => 'The property convert failed.', 'http_code' => 400, 'description' => 'Request processing failed due to an unknown error.'],
['code' => 'Rasp.Attach.DeleteFail', 'message' => 'The access record in the access switch ON state cannot be deleted.', 'http_code' => 200, 'description' => 'The access record in the access switch ON state cannot be deleted.'],
['code' => 'Rasp.Sale.NotExist', 'message' => 'User not purchased.', 'http_code' => 400, 'description' => 'The user has not purchased a RASP instance.'],
['code' => 'Rasp.UnexpectedError', 'message' => 'Unknown error.', 'http_code' => 500, 'description' => 'Request processing failed due to unknown error'],
['code' => 'RedirectionStarting', 'message' => 'WAF protection is being enabled for the port. Try again later.', 'http_code' => 403, 'description' => 'WAF protection is being enabled for the port. Try again later.'],
['code' => 'RequestError', 'message' => 'The system is unavailable. Please try again later.', 'http_code' => 400, 'description' => 'The system is unavailable. Try again later.'],
['code' => 'RiskyDomain', 'message' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.', 'http_code' => 400, 'description' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.'."\n"],
['code' => 'RoleAlreadyExists', 'message' => 'Service Linked Role Already Exists.', 'http_code' => 400, 'description' => 'The role already exists.'],
['code' => 'RsListenPortError', 'message' => 'The specified origin server listening port is invalid.', 'http_code' => 403, 'description' => 'The specified origin server listening port is invalid.'],
['code' => 'Rule.Service.CustomRuleGroupCountGreaterMaxCapacity', 'message' => 'The number of custom rule groups exceeds the purchase limit.', 'http_code' => 400, 'description' => 'The number of custom rule groups exceeds the upper limit.'],
['code' => 'Rule.Service.CustomRuleGroupCountGreaterMaxCapacity', 'message' => 'The number of custom rule groups exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of custom rule groups exceeds the upper limit.'],
['code' => 'Rule.Service.GenericException', 'message' => 'Internal error.', 'http_code' => 400, 'description' => 'An internal error occurred.'],
['code' => 'Rule.Service.GenericException', 'message' => 'A system error occurred.', 'http_code' => 400, 'description' => 'A system error occurred.'],
['code' => 'Rule.Service.InternalUnknownError', 'message' => 'Unknown error.', 'http_code' => 400, 'description' => 'An unknown error occurred.'],
['code' => 'Rule.Service.InternalUnknownError', 'message' => 'An unknown error occurred.', 'http_code' => 400, 'description' => 'An unknown error occurred.'],
['code' => 'Rule.Service.InvalidParameter', 'message' => 'Parameter check failed.', 'http_code' => 400, 'description' => 'Failed to verify parameters.'],
['code' => 'Rule.Service.InvalidParameter', 'message' => 'Failed to verify parameters.', 'http_code' => 400, 'description' => 'Failed to verify parameters.'],
['code' => 'Rule.Service.NotFoundObject', 'message' => 'No corresponding data found.', 'http_code' => 400, 'description' => 'Failed to find the specified data.'],
['code' => 'Rule.Service.NotFoundObject', 'message' => 'Failed to find the specified data.', 'http_code' => 400, 'description' => 'Failed to find the specified data.'],
['code' => 'Rule.Service.NotFoundPolicy', 'message' => 'Rule group not found.', 'http_code' => 400, 'description' => 'No rule groups found.'],
['code' => 'Rule.Service.NotFoundPolicy', 'message' => 'No rule groups found.', 'http_code' => 400, 'description' => 'No rule groups are found.'],
['code' => 'Rule.Service.NotFoundRule', 'message' => 'No rules found.', 'http_code' => 400, 'description' => 'No rules are found.'],
['code' => 'Rule.Service.NotSupportedCustomRuleGroup', 'message' => 'Custom rule group not purchased, please upgrade.', 'http_code' => 400, 'description' => 'The custom rule group is not supported. Upgrade your instance and try again.'],
['code' => 'Rule.Service.NotSupportedCustomRuleGroup', 'message' => 'The custom rule group is not supported.', 'http_code' => 400, 'description' => 'The custom rule group is not supported.'],
['code' => 'Rule.Service.NotSupportedOperation', 'message' => 'This operation is not supported.', 'http_code' => 400, 'description' => 'The operation is not supported.'],
['code' => 'Rule.Service.NotSupportedOperation', 'message' => 'The operation is not supported.', 'http_code' => 400, 'description' => 'The operation is not supported.'],
['code' => 'Rule.Service.ParameterFormatError', 'message' => 'Parameter format error.', 'http_code' => 400, 'description' => 'The parameter format is invalid.'],
['code' => 'Rule.Service.ParameterFormatError', 'message' => 'The format of the parameter is invalid.', 'http_code' => 400, 'description' => 'The format of the parameter is invalid.'],
['code' => 'Rule.Service.ParameterIsEmpty', 'message' => 'Empty parameter.', 'http_code' => 400, 'description' => 'You must configure the parameter.'],
['code' => 'Rule.Service.ParameterIsEmpty', 'message' => 'You must configure the parameter.', 'http_code' => 400, 'description' => 'You must configure the parameter.'],
['code' => 'Rule.Service.ParameterNotInRange', 'message' => 'Parameter exceeded expected range.', 'http_code' => 400, 'description' => 'The parameter value is invalid.'],
['code' => 'Rule.Service.ParameterNotInRange', 'message' => 'The parameter value is invalid.', 'http_code' => 400, 'description' => 'The parameter value is invalid.'],
['code' => 'Rule.Service.PolicyNameAlreadyExist', 'message' => 'Rule group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'],
['code' => 'Rule.Service.PolicyNameAlreadyExist', 'message' => 'The group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'],
['code' => 'Rule.Service.PolicyStatusError', 'message' => 'Rule group in use, unable to operate.', 'http_code' => 400, 'description' => 'The rule group is in use and cannot be applied.'],
['code' => 'Rule.Service.PolicyStatusError', 'message' => 'The rule group is in use and cannot be operated.', 'http_code' => 400, 'description' => 'The rule group is in use and cannot be operated.'],
['code' => 'RuleNameDuplicated', 'message' => 'Rule name already in use.', 'http_code' => 400, 'description' => 'The name of the rule is used.'],
['code' => 'RuleNameInvalidError', 'message' => 'The name of rule is invalid.', 'http_code' => 400, 'description' => 'The name of the protection rule is invalid.'],
['code' => 'RuleNotExist', 'message' => 'The specified rule does not exist.', 'http_code' => 400, 'description' => 'The specified protection rule does not exist.'],
['code' => 'RuleQueryParamError', 'message' => 'The request parameter is invalid.', 'http_code' => 403, 'description' => 'The request parameter is invalid.'],
['code' => 'SecondLevelDomainQuotaExceed', 'message' => 'Second Level Domain Quota Exceed.', 'http_code' => 403, 'description' => 'Second Level Domain Quota Exceed.'],
['code' => 'TamperproofUsed', 'message' => 'The feature of website tamper-proofing is being used.', 'http_code' => 400, 'description' => 'The website tamper-proofing feature is in use.'],
['code' => 'TestErrorCode.%s.', 'message' => 'TestErrorMsg.%s.', 'http_code' => 400, 'description' => 'Error code of the test'],
['code' => 'UnderDDoS', 'message' => 'The current WAF instance is in the defense/blackhole state, and it is not allowed to enable the Exclusive IP/GSLB configuration', 'http_code' => 400, 'description' => 'Traffic scrubbing or blackhole filtering is triggered for the WAF instance. You cannot enable Exclusive IP Address or Shared Cluster-based Intelligent Load Balancing.'],
['code' => 'UserMigrating', 'message' => 'WAF user is migrating, the operation of resource does not support.', 'http_code' => 400, 'description' => 'WAF users are being migrated and cannot access resources.'],
['code' => 'UserNotFound', 'message' => 'The specified user does not exist.', 'http_code' => 403, 'description' => 'The specified user does not exist.'],
['code' => 'VasdUsedUp', 'message' => 'The resource package has been used up. For example, all VIP addresses are used.', 'http_code' => 403, 'description' => 'The resource package has been used up. For example, all VIP addresses are used.'],
['code' => 'VerifyDomainCountExceed', 'message' => 'The number of domain names exceeds the limit. You can upgrade the domain package.', 'http_code' => 400, 'description' => 'The number of domain names exceeds the upper limit. You can upgrade the extra domain package.'],
['code' => 'VerifyHttpPortNotSupport', 'message' => 'An invalid HTTP port is specified.', 'http_code' => 400, 'description' => 'The specified HTTP port is invalid.'],
['code' => 'VerifyInfoLeakageNotSupport', 'message' => 'Information leakage prevention is not supported.', 'http_code' => 403, 'description' => 'Data leak prevention is not supported.'],
['code' => 'VerifyMainDomainCountExceed', 'message' => 'The number of primary domains exceeds the limit. You can upgrade the domain package.', 'http_code' => 400, 'description' => 'The number of second-level domain names exceeds the upper limit. You can upgrade the domain name package.'],
['code' => 'VerifyRuleCountExceed', 'message' => 'The number of rules exceeds the limit.', 'http_code' => 400, 'description' => 'The number of rules exceeds the upper limit.'],
['code' => 'VerifyScreenNotSupport', 'message' => 'Large screens are not supported.', 'http_code' => 403, 'description' => 'The data visualization feature is not supported.'],
['code' => 'VerifyTamperproofNotSupport', 'message' => 'Tamper resistance is not supported.', 'http_code' => 403, 'description' => 'Website tamper-proofing is not supported.'],
['code' => 'Waf.Control.AllAccessCnameNeedMigrate', 'message' => 'The user access configuration has not been migrated yet. Please confirm after migration.', 'http_code' => 400, 'description' => 'The migration of domain name configurations is not complete.'],
['code' => 'Waf.Control.ApisecDefaultRuleNotSupportDelete', 'message' => 'The default rules for API security do not support deletion.', 'http_code' => 400, 'description' => 'The default rules for API security do not support deletion.'],
['code' => 'Waf.Control.ApisecExportTypeExist', 'message' => 'API security export task already exists.', 'http_code' => 400, 'description' => 'API security export task already exists.'],
['code' => 'Waf.Control.ApisecInSystemUpdate', 'message' => 'API security service upgrade, expected to last 90 minutes, please try again later.', 'http_code' => 400, 'description' => 'API security service upgrade, expected to last 90 minutes, please try again later.'],
['code' => 'Waf.Control.ApisecIsInitializing', 'message' => 'API security service initialization, expected to last for 1 minute, please try again later.', 'http_code' => 400, 'description' => 'API security service initialization, expected to last for 1 minute, please try again later.'],
['code' => 'Waf.Control.ApisecNotSupport', 'message' => 'The API security module is not supported.', 'http_code' => 400, 'description' => 'The API security module is not supported.'],
['code' => 'Waf.Control.ApisecRuleHostParameterConflict', 'message' => 'The content of the domain name field in the API security rule is duplicate.', 'http_code' => 400, 'description' => 'The content of the domain name field in the API security rule is duplicate.'],
['code' => 'Waf.Control.ApisecRuleInOperation', 'message' => 'The API security policy configuration is operating, please try again later.', 'http_code' => 400, 'description' => 'The API security policy configuration is operating, please try again later.'],
['code' => 'Waf.Control.ApisecRuleNotExist', 'message' => 'API security rule does not exist.', 'http_code' => 400, 'description' => 'API security rule does not exist.'],
['code' => 'Waf.Control.CloudProductInfoEmpty', 'message' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'http_code' => 400, 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'."\n"],
['code' => 'Waf.Control.CloudProductInfoNotMartch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'],
['code' => 'Waf.Control.CnameBatchOpsFailedDomains', 'message' => 'Failed to upgrade the domain name to WAF3.0 or roll back the domain name to WAF2.0.', 'http_code' => 400, 'description' => 'Failed to upgrade the domain name to WAF3.0 or roll back the domain name to WAF2.0.'],
['code' => 'Waf.Control.Conflict', 'message' => 'Configuration Conflict', 'http_code' => 400, 'description' => 'A configuration conflict occurs. Try again later.'],
['code' => 'Waf.Control.DefenseResourceCountOverSize', 'message' => 'The maximum number of protected objects is exceeded.', 'http_code' => 400, 'description' => 'The number of protected objects exceeds the upper limit.'],
['code' => 'Waf.Control.DefenseResourceEmpty', 'message' => 'CloudResourceId parameter is illegal.', 'http_code' => 400, 'description' => 'CloudResourceId parameter is illegal'],
['code' => 'Waf.Control.DomainAndDomainIdBothEmpty', 'message' => 'domain and domainId cannot be empty at the same time.', 'http_code' => 400, 'description' => 'The domain name and domain name ID cannot be empty at the same time.'."\n"],
['code' => 'Waf.Control.DomainAndDomainIdNotMatch', 'message' => 'domain and domainId do not match.', 'http_code' => 400, 'description' => 'The input parameters Domain and DomainId do not match'."\n"],
['code' => 'Waf.Control.DomainExist', 'message' => 'The domain has been configured.', 'http_code' => 400, 'description' => 'The domain name already exists. Select an appropriate domain name again.'],
['code' => 'Waf.Control.DomainExist', 'message' => 'The domain name already exists.', 'http_code' => 400, 'description' => 'The domain name already exists.'],
['code' => 'Waf.Control.DomainFormatInvalid', 'message' => 'Incorrect domain name format.', 'http_code' => 400, 'description' => 'Incorrect domain name format.'],
['code' => 'Waf.Control.DomainIdIsIllegal', 'message' => 'The input parameter, the domainId is illegal.', 'http_code' => 400, 'description' => 'Illegal entry DomainId'],
['code' => 'Waf.Control.DomainNotEmpty', 'message' => 'The domain name must be specified.', 'http_code' => 400, 'description' => 'The domain name is not specified.'],
['code' => 'Waf.Control.DomainOwnerNotVerify', 'message' => 'The user domain ownership is not verified.', 'http_code' => 400, 'description' => 'The ownership of the domain name is not verified.'],
['code' => 'Waf.Control.DomainsNotEmpty', 'message' => 'The domain name list cannot be empty.', 'http_code' => 400, 'description' => 'You must select at least one domain name.'],
['code' => 'Waf.Control.DomainTxtRecordValidateFailed', 'message' => 'Failed to verify the ownership of the primary domain name', 'http_code' => 400, 'description' => 'Failed to verify the ownership of the second-level domain name. Enter the second-level domain name that you own.'],
['code' => 'Waf.Control.ExportDomainsExist', 'message' => 'The domain name export task is in progress. Please do not export it repeatedly.', 'http_code' => 400, 'description' => 'The task of exporting domain names is running. Do not repeat the export.'],
['code' => 'Waf.Control.ExportingTasksMoreThanFifty', 'message' => 'The number of tasks being exported cannot exceed 50', 'http_code' => 400, 'description' => 'The number of tasks being exported cannot exceed 50.'],
['code' => 'Waf.Control.FingerStatusNotEmpty', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The request parameters are invalid. Verify the request parameters.'],
['code' => 'Waf.Control.InstanceExpired', 'message' => 'The instance has expired and does not support POC.', 'http_code' => 400, 'description' => 'The instance has expired and does not support POC.'],
['code' => 'Waf.Control.InstanceStatusNotSupport', 'message' => 'Migration is not supported in the current instance state.', 'http_code' => 400, 'description' => 'Instances in this state cannot be migrated.'],
['code' => 'Waf.Control.InsufficientPocQuota', 'message' => 'Insufficient POC quota.', 'http_code' => 400, 'description' => 'Insufficient POC quota.'],
['code' => 'Waf.Control.InvalidApisecComplianceCode', 'message' => 'The information data type in the compliance check rule is invalid.', 'http_code' => 400, 'description' => 'The information data type in the compliance check rule is invalid.'],
['code' => 'Waf.Control.InvalidApisecRuleCondition', 'message' => 'The condition parameter in the API security rule is invalid.', 'http_code' => 400, 'description' => 'The condition parameter in the API security rule is invalid.'],
['code' => 'Waf.Control.InvalidApisecRuleParam', 'message' => 'The API security rule parameter is invalid.', 'http_code' => 400, 'description' => 'The API security rule parameter is invalid.'],
['code' => 'Waf.Control.InvalidApisecTrafficTime', 'message' => 'The time parameter for API security compliance check is invalid.', 'http_code' => 400, 'description' => 'The time parameter for API security compliance check is invalid.'],
['code' => 'Waf.Control.InvalidApisecWhitelistTags', 'message' => 'The tags parameter in the API security whitelist rule is invalid.', 'http_code' => 400, 'description' => 'The tags parameter in the API security whitelist rule is invalid.'],
['code' => 'Waf.Control.InvalidDelegatedUserId', 'message' => 'Invalid delegated administrator user ID.', 'http_code' => 400, 'description' => 'Invalid delegated administrator user ID.'],
['code' => 'Waf.Control.InvalidMemberUserId', 'message' => 'Invalid member account user ID.', 'http_code' => 400, 'description' => 'Invalid member account user ID.'],
['code' => 'Waf.Control.InvalidParameter', 'message' => 'The parameters of your request are invalid.', 'http_code' => 400, 'description' => 'The request parameters are invalid. Verify the request parameters.'],
['code' => 'Waf.Control.MemberHasWafInstance', 'message' => 'The member account already holds a WAF instance and cannot be managed by a delegated administrator account.', 'http_code' => 400, 'description' => 'The member account already holds a WAF instance and cannot be managed by an administrator account.'],
['code' => 'Waf.Control.MemberNotExist', 'message' => 'The member account does not exist. Please check and try again.', 'http_code' => 400, 'description' => 'The member account does not exist. Please check and try again.'],
['code' => 'Waf.Control.MemberUserInBatchTooMuch', 'message' => 'The number of member accounts for batch operations exceeds the limit.', 'http_code' => 400, 'description' => 'The number of member accounts for batch operations exceeds the limit.'],
['code' => 'Waf.Control.MemberUserOverLimit', 'message' => 'The number of managed member accounts has exceeded the WAF instance specification limit. Please upgrade and try again.', 'http_code' => 400, 'description' => 'The number of managed member accounts exceeds the WAF instance specification limit. Upgrade and try again.'],
['code' => 'Waf.Control.MigrateTaskExist', 'message' => 'The migration task already exists.', 'http_code' => 400, 'description' => 'The migration task already exists.'],
['code' => 'Waf.Control.ModuleCodeInvalid', 'message' => 'The code of the pricing module is incorrect.', 'http_code' => 400, 'description' => 'The code of the pricing module is incorrect.'],
['code' => 'Waf.Control.NotRollBack', 'message' => 'During the migration, the domain name has been modified or added to the access configuration in V3. You cannot roll back or abort the upgrade.', 'http_code' => 400, 'description' => 'During the migration, the domain name has been modified or added to the access configuration in V3. You cannot roll back or abort the upgrade.'],
['code' => 'Waf.Control.NotSupportRd', 'message' => 'The user\'s WAF instance does not support multi-account management. Please upgrade and try again.', 'http_code' => 400, 'description' => 'The user\'s WAF instance does not support multi-account management. Please upgrade and try again.'],
['code' => 'Waf.Control.PocFunctionBought', 'message' => 'The function specified to enable POC has already been purchased.', 'http_code' => 400, 'description' => 'The function specified to enable POC has already been purchased.'],
['code' => 'Waf.Control.PocIllegalType', 'message' => 'Type field value is incorrect when enabling POC.', 'http_code' => 400, 'description' => 'Type field value is incorrect when enabling POC.'],
['code' => 'Waf.Control.PocInvalidEdition', 'message' => 'The WAF version does not support the POC function.', 'http_code' => 400, 'description' => 'The WAF version does not support the POC function.'],
['code' => 'Waf.Control.PocRepeatedEnable', 'message' => 'POC has been enabled and cannot be repeated.', 'http_code' => 400, 'description' => 'POC has been enabled and cannot be repeated.'],
['code' => 'Waf.Control.ResourceDirectoryNotExist', 'message' => 'The user has not activated the resource directory. Please try again after activating.', 'http_code' => 400, 'description' => 'The user has not activated the resource directory. Please try again after activating.'],
['code' => 'Waf.Control.TopDomainNotEmpty', 'message' => 'The top-level domain must be specified.', 'http_code' => 400, 'description' => 'The second-level domain name is not specified.'],
['code' => 'Waf.Control.UserAlreadyMigrated', 'message' => 'The user configuration has been migrated to the new version of WAF.', 'http_code' => 400, 'description' => 'User configurations are migrated to WAF 3.0.'],
['code' => 'Waf.Control.UserMigrating', 'message' => 'The user is not allowed to access the configuration during the migration.', 'http_code' => 400, 'description' => 'The user is not allowed to access the configuration during the migration.'],
['code' => 'Waf.Control.VerifyRecordNotFound', 'message' => 'The verification record does not exist.', 'http_code' => 400, 'description' => 'The verification record does not exist.'],
['code' => 'Waf.HybridCloud.AccessModeInvalid', 'message' => 'The access type is invalid.', 'http_code' => 400, 'description' => 'The access type is invalid.'],
['code' => 'Waf.HybridCloud.AccessModeIsEmpty', 'message' => 'The access mode cannot be empty.', 'http_code' => 400, 'description' => 'The access mode cannot be empty.'],
['code' => 'Waf.HybridCloud.AccessRegionInvalid', 'message' => 'The access region is invalid.', 'http_code' => 400, 'description' => 'The region is invalid.'],
['code' => 'Waf.HybridCloud.ApisecRuleConfigConflict', 'message' => 'API security rule configuration conflicts.', 'http_code' => 400, 'description' => 'API security rule configuration conflicts'],
['code' => 'Waf.HybridCloud.ApisecRuleParamError', 'message' => 'API security rule parameter exception.', 'http_code' => 400, 'description' => 'API security rule parameter exception'],
['code' => 'Waf.HybridCloud.ApisecRuleServiceError', 'message' => 'API security rule service exception.', 'http_code' => 400, 'description' => 'API security rule service exception'],
['code' => 'Waf.HybridCloud.ClusterIdNotEmpty', 'message' => 'The cluster ID cannot be empty.', 'http_code' => 400, 'description' => 'The cluster ID cannot be empty.'],
['code' => 'Waf.HybridCloud.ClusterNameEmpty', 'message' => 'The cluster name cannot be empty.', 'http_code' => 400, 'description' => 'The cluster name cannot be empty.'],
['code' => 'Waf.HybridCloud.ClusterNameExist', 'message' => 'The cluster name already exists.', 'http_code' => 400, 'description' => 'The cluster name already exists.'],
['code' => 'Waf.HybridCloud.ClusterNotFound', 'message' => 'No cluster information found.', 'http_code' => 400, 'description' => 'No cluster information is found.'],
['code' => 'Waf.HybridCloud.ClusterRuleAlreadyExists', 'message' => 'Cluster rule already exists.', 'http_code' => 400, 'description' => 'Cluster rule already exists.'],
['code' => 'Waf.HybridCloud.ClusterRuleContentEmpty', 'message' => 'Cluster rule content cannot be empty.', 'http_code' => 400, 'description' => 'Cluster rule content cannot be empty.'],
['code' => 'Waf.HybridCloud.ClusterRuleDontUsed', 'message' => 'Cluster rules have been updated to a new version. For more information, see the latest API documentation.', 'http_code' => 400, 'description' => 'Cluster rules have been updated to a new version. For more information, see the latest API documentation.'],
['code' => 'Waf.HybridCloud.ClusterRuleNotFound', 'message' => 'The cluster rule resource ID does not exist.', 'http_code' => 400, 'description' => 'The cluster rule resource ID does not exist.'],
['code' => 'Waf.HybridCloud.ClusterRuleResourceIdEmpty', 'message' => 'Cluster rule resource ID cannot be empty.', 'http_code' => 400, 'description' => 'Cluster rule resource ID cannot be empty'],
['code' => 'Waf.HybridCloud.ClusterRuleStatusIsEmpty', 'message' => 'The rule status of the service-oriented cluster cannot be empty', 'http_code' => 400, 'description' => 'The rule status must be specified.'],
['code' => 'Waf.HybridCloud.ClusterRuleTypeDontUpdate', 'message' => 'The cluster rule type cannot be modified.', 'http_code' => 400, 'description' => 'The cluster rule type cannot be modified.'],
['code' => 'Waf.HybridCloud.ClusterRuleTypeIsEmpty', 'message' => 'The service-oriented cluster rule type cannot be empty', 'http_code' => 400, 'description' => 'The rule type must be specified.'],
['code' => 'Waf.HybridCloud.ClusterRuleTypeNotExist', 'message' => 'The cluster rule type is incorrect.', 'http_code' => 400, 'description' => 'The cluster rule type is incorrect.'],
['code' => 'Waf.HybridCloud.ExactRuleCountOverSize', 'message' => 'The number of precise matching rules exceeds the limit', 'http_code' => 400, 'description' => 'The number of exact match rules exceeds the limit.'],
['code' => 'Waf.HybridCloud.GroupCreationError', 'message' => 'You must create storage groups, management groups, and protection groups in sequence.', 'http_code' => 400, 'description' => 'You must create groups in sequence.'],
['code' => 'Waf.HybridCloud.GroupDeleteDomainReferError', 'message' => 'You cannot delete the group because the domain names in the group are in use. Remove the domain names from the group first.', 'http_code' => 400, 'description' => 'You cannot delete the group because the domain names in the group are in use. Remove the domain names from the group first.'],
['code' => 'Waf.HybridCloud.GroupDeleteDomainReferError', 'message' => 'A domain name is currently using this protection group. Please delete the domain name reference relationship before proceeding.', 'http_code' => 400, 'description' => 'A domain name is currently using this protection group. Delete the domain name reference relationship before performing the operation.'],
['code' => 'Waf.HybridCloud.GroupDeleteNodeInError', 'message' => 'You cannot delete the group. Remove the nodes from the group first.', 'http_code' => 400, 'description' => 'The group cannot be deleted. Remove nodes from the group first.'],
['code' => 'Waf.HybridCloud.GroupDeletionError', 'message' => 'You must delete protection groups, management groups, and storage groups in sequence.', 'http_code' => 400, 'description' => 'Delete groups in sequence.'],
['code' => 'Waf.HybridCloud.GroupIdInvalid', 'message' => 'The group ID is invalid.', 'http_code' => 400, 'description' => 'The group ID is invalid.'],
['code' => 'Waf.HybridCloud.GroupLocationNotEmpty', 'message' => 'The group region cannot be empty.', 'http_code' => 400, 'description' => 'The group region cannot be empty.'],
['code' => 'Waf.HybridCloud.GroupNameNotEmpty', 'message' => 'The group name cannot be empty.', 'http_code' => 400, 'description' => 'The group name cannot be empty.'],
['code' => 'Waf.HybridCloud.GroupProtectionNodeOverrun', 'message' => 'The number of protected nodes exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of protected nodes exceeds the upper limit.'],
['code' => 'Waf.HybridCloud.GroupVagentIdInvalid', 'message' => 'The group ID is invalid.', 'http_code' => 400, 'description' => 'The group ID is invalid.'],
['code' => 'Waf.HybridCloud.HttpPortIsEmpty', 'message' => 'The HTTP ports cannot be empty.', 'http_code' => 400, 'description' => 'The HTTP ports cannot be empty.'],
['code' => 'Waf.HybridCloud.HttpsPortIsEmpty', 'message' => 'The HTTPS ports cannot be empty.', 'http_code' => 400, 'description' => 'The HTTPS ports cannot be empty.'],
['code' => 'Waf.HybridCloud.HybridCloudApisecNotSupport', 'message' => 'WAF instances do not support hybrid cloud API security.', 'http_code' => 400, 'description' => 'WAF instances do not support hybrid cloud API security'],
['code' => 'Waf.HybridCloud.HybridCloudNotsupport', 'message' => 'Hybrid cloud is not supported.', 'http_code' => 400, 'description' => 'Hybrid clouds are not supported.'],
['code' => 'Waf.HybridCloud.InternalError', 'message' => 'Internal service error.', 'http_code' => 400, 'description' => 'Internal Service Error'],
['code' => 'Waf.HybridCloud.InvalidGroupType', 'message' => 'The group type is invalid.', 'http_code' => 400, 'description' => 'The group type is invalid.'],
['code' => 'Waf.HybridCloud.InvalidHttpPort', 'message' => 'The HTTP port is invalid.', 'http_code' => 400, 'description' => 'The HTTP port is invalid.'],
['code' => 'Waf.HybridCloud.InvalidHttpsPort', 'message' => 'The HTTPS port is invalid.', 'http_code' => 400, 'description' => 'The HTTPS port is invalid.'],
['code' => 'Waf.HybridCloud.LoadBalanceIpNotEmpty', 'message' => 'The server IP address for load balancing cannot be empty.', 'http_code' => 400, 'description' => 'The server IP address for load balancing cannot be empty.'],
['code' => 'Waf.HybridCloud.ProtectionCountOrverLoad', 'message' => 'The number of protected domains exceeds the upper limit.', 'http_code' => 400, 'description' => 'The number of protected nodes exceeds the specification.'],
['code' => 'Waf.HybridCloud.ProtectionServerCountInvalid', 'message' => 'The number of protected domains is invalid.', 'http_code' => 400, 'description' => 'The number of protected nodes is invalid.'],
['code' => 'Waf.HybridCloud.PullinRuleFormatInvalid', 'message' => 'Incorrect format of drainage rules', 'http_code' => 400, 'description' => 'The format of traffic redirection rules is invalid.'],
['code' => 'Waf.HybridCloud.RegexRuleCountOverSize', 'message' => 'The number of regular matching rules exceeds the limit', 'http_code' => 400, 'description' => 'The number of regular expression rules exceeds the limit.'],
['code' => 'Waf.HybridCloud.SdkInfoNotExist', 'message' => 'SDK info not exist.', 'http_code' => 400, 'description' => 'The traffic redirection node does not exist.'],
['code' => 'Waf.HybridCloud.SdkMidIsEmpty', 'message' => 'Machine unique identifier mid cannot be empty', 'http_code' => 400, 'description' => 'The machine ID must be specified.'],
['code' => 'Waf.HybridCloud.ServerContinentsInvalid', 'message' => 'The continent is invalid.', 'http_code' => 400, 'description' => 'The continent is invalid.'],
['code' => 'Waf.HybridCloud.ServerContinestsUnuseable', 'message' => 'The continent is not supported.', 'http_code' => 400, 'description' => 'The continent is not supported.'],
['code' => 'Waf.HybridCloud.ServerMidInvalid', 'message' => 'The machine ID is invalid.', 'http_code' => 400, 'description' => 'The machine ID is invalid.'],
['code' => 'Waf.HybridCloud.ServerMidNotExist', 'message' => 'The machine ID does not exist.', 'http_code' => 400, 'description' => 'The machine ID does not exist.'],
['code' => 'Waf.HybridCloud.ServerOperatorInvalid', 'message' => 'The operator is invalid.', 'http_code' => 400, 'description' => 'The operator is invalid.'],
['code' => 'Waf.HybridCloud.ServerOperatorUnuseable', 'message' => 'The operator is not supported.', 'http_code' => 400, 'description' => 'The operator is not supported.'],
['code' => 'Waf.HybridCloud.ServerRegionCodeInvalid', 'message' => 'The city is invalid.', 'http_code' => 400, 'description' => 'The city is invalid.'],
['code' => 'Waf.HybridCloud.ServerRegionCodeUnuseable', 'message' => 'The city is not supported.', 'http_code' => 400, 'description' => 'The city is not supported.'],
['code' => 'Waf.HybridCloud.ServerRegionTypeInvalid', 'message' => 'The region type is invalid.', 'http_code' => 400, 'description' => 'The region type is invalid.'],
['code' => 'Waf.HybridCloud.ServerUpdateFailed', 'message' => 'Failed to update the server information.', 'http_code' => 400, 'description' => 'Failed to update the server information.'],
['code' => 'Waf.HybridCloud.UniqueClusterGroupType', 'message' => 'You can create only one group of this type in a cluster.', 'http_code' => 400, 'description' => 'You can create only one group of this type in a cluster.'],
['code' => 'Waf.HybridCloud.UniqueGroupName', 'message' => 'The group name already exists.', 'http_code' => 400, 'description' => 'The group name already exists.'],
['code' => 'Waf.HybridCloud.UserNoPermission', 'message' => 'You do not have the permissions to perform this operation.', 'http_code' => 400, 'description' => 'You do not have the permissions to perform this operation.'],
['code' => 'Waf.Instance.MaxTransparentIpPortCountLimit', 'message' => 'The number of transparent access exceeds the current maximum number that can be added', 'http_code' => 400, 'description' => 'The maximum number of instances that you can add to WAF in transparent proxy mode is exceeded.'],
['code' => 'Waf.Instance.ValidFaild', 'message' => 'WAF instance check failed. Check whether the instance ID is correct.', 'http_code' => 400, 'description' => 'WAF instance check failed. Check whether the instance ID is correct.'],
['code' => 'Waf.Pullin.AbnormalStatus', 'message' => 'The status of the access resource is abnormal. Resource:%s.', 'http_code' => 400, 'description' => 'The status of the access resource is abnormal. Resource:%s.'],
['code' => 'Waf.Pullin.AlreadyAccessed', 'message' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.', 'http_code' => 400, 'description' => 'The cloud product has been accessed. Instance ID:%s, Port:%s, Product Type:%s.'],
['code' => 'Waf.Pullin.BackedInBacklist', 'message' => 'The input back-to-source IP is in the system blacklist, please update the back-to-source IP.', 'http_code' => 400, 'description' => 'The back-to-origin IP address is in the blacklist. Change the back-to-origin IP address.'],
['code' => 'Waf.Pullin.BackendPortIncompatible', 'message' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.', 'http_code' => 400, 'description' => 'The back-to-source port is incompatible with the listening port, listening protocol:%s, listening port:%s, back-to-source port:%s.'],
['code' => 'Waf.Pullin.BackendPortNotMatched', 'message' => 'The back-to-source port does not match the listening port. Listening protocol:%s, listening port:%s, back-to-source port:%s.', 'http_code' => 400, 'description' => 'The back-to-source port does not match the listening port. Listening protocol:%s, listening port:%s, back-to-source port:%s.'],
['code' => 'Waf.Pullin.BackupBackendConflict', 'message' => 'The backup backend configuration conflicts.', 'http_code' => 400, 'description' => 'The backup link back-to-source configuration conflicts.'],
['code' => 'Waf.Pullin.BatchDnsScheduleCheckFailed', 'message' => 'Batch dns scheduling is in progress, and access related operations are prohibited.', 'http_code' => 400, 'description' => 'batch dns scheduling is in progress, and access-related operations are prohibited.'],
['code' => 'Waf.Pullin.BusinessDomainNotRecord', 'message' => 'The domain name does not have an ICP filing.', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing.'],
['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'The domain-related business is suspected of violating regulations. If you have any questions, please follow the ticket process.', 'http_code' => 400, 'description' => 'Domain name business is suspected of violating regulations. If you have any questions, please go through the work order process.'],
['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'Domain services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'http_code' => 400, 'description' => 'Domain services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'],
['code' => 'Waf.Pullin.BusinessViolation', 'message' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.', 'http_code' => 400, 'description' => 'The web services are suspected of violating regulations. If you have any questions, please submit a work order. Violating resource: %s.'],
['code' => 'Waf.Pullin.CertAuthFailed', 'message' => 'Certificate authorization failed.', 'http_code' => 400, 'description' => 'Failed to perform certificate authentication.'],
['code' => 'Waf.Pullin.CertAuthFailed', 'message' => 'Failed to perform certificate authentication.', 'http_code' => 400, 'description' => 'Failed to perform certificate authentication.'],
['code' => 'Waf.Pullin.CertExist', 'message' => 'Certificate already exists.', 'http_code' => 400, 'description' => 'The certificate exists.'],
['code' => 'Waf.Pullin.CertExist', 'message' => 'The certificate exists.', 'http_code' => 400, 'description' => 'The certificate exists.'],
['code' => 'Waf.Pullin.CertExpired', 'message' => 'Certificate has expired.', 'http_code' => 400, 'description' => 'The certificate is expired.'],
['code' => 'Waf.Pullin.CertExpired', 'message' => 'The certificate has expired.', 'http_code' => 400, 'description' => 'The certificate has expired.'],
['code' => 'Waf.Pullin.CertExpired', 'message' => 'Certificate expired, certificate ID:%s .', 'http_code' => 400, 'description' => 'Certificate expired, certificate ID:%s.'],
['code' => 'Waf.Pullin.CertKeyEmpty', 'message' => 'Certificate private key is empty.', 'http_code' => 400, 'description' => 'The private key of the certificate is empty.'],
['code' => 'Waf.Pullin.CertKeyEmpty', 'message' => 'The private key of the certificate is empty.', 'http_code' => 400, 'description' => 'The private key of the certificate is empty.'],
['code' => 'Waf.Pullin.CertKeyNotMatch', 'message' => 'Certificate file does not match private key.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key.'],
['code' => 'Waf.Pullin.CertKeyNotMatch', 'message' => 'The certificate file does not match the private key.', 'http_code' => 400, 'description' => 'The certificate file does not match the private key.'],
['code' => 'Waf.Pullin.CertNameExist', 'message' => 'Certificate name already exists.', 'http_code' => 400, 'description' => 'The name of the certificate is being used.'],
['code' => 'Waf.Pullin.CertNameExist', 'message' => 'The name of the certificate is being used.', 'http_code' => 400, 'description' => 'The name of the certificate is being used.'],
['code' => 'Waf.Pullin.CertNotExist', 'message' => 'Certificate does not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'],
['code' => 'Waf.Pullin.CertNotExist', 'message' => 'The certificate does not exist.', 'http_code' => 400, 'description' => 'The certificate does not exist.'],
['code' => 'Waf.Pullin.CertNotExist', 'message' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.', 'http_code' => 400, 'description' => 'Certificate does not exist in SSL Certificate Center, certificate type:%s, certificate ID:%s.'],
['code' => 'Waf.Pullin.CertNotMatchDomain', 'message' => 'The domain name is not included in the certificate.', 'http_code' => 400, 'description' => 'The domain name is not included in the certificate.'],
['code' => 'Waf.Pullin.CertSaveFailed', 'message' => 'Certificate save failed.', 'http_code' => 400, 'description' => 'Failed to store the certificate.'],
['code' => 'Waf.Pullin.CertSaveFailed', 'message' => 'Failed to store the certificate.', 'http_code' => 400, 'description' => 'Failed to store the certificate.'],
['code' => 'Waf.Pullin.ClientCertificateOpened', 'message' => 'Clb Instance port Client Certiticate is opened.', 'http_code' => 400, 'description' => 'Mutual authentication is enabled for the ports of CLB instances. The ports cannot be added to WAF.'],
['code' => 'Waf.Pullin.CloudProductParamEmpty', 'message' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.', 'http_code' => 400, 'description' => 'The resource Id of the cloud product accessing WAF is null or null values exist in the three input parameters of the cloud product name, port, and cloud product instance.'],
['code' => 'Waf.Pullin.CloudProductParamNotMarch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'],
['code' => 'Waf.Pullin.CloudProductParamNotMatch', 'message' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.', 'http_code' => 400, 'description' => 'The value of the cloud product, port, instance, and input parameter to which the resource ID of the cloud product is connected to WAF does not match.'."\n"],
['code' => 'Waf.Pullin.CloudResourceInvalid', 'message' => 'CloudResourceId parameter is illegal.', 'http_code' => 400, 'description' => 'CloudResourceId parameter is illegal'],
['code' => 'Waf.Pullin.DomainAndDomainIdBothEmpty', 'message' => 'domain and domainId cannot be empty at the same time.', 'http_code' => 400, 'description' => 'The domain name and domain name ID cannot be empty at the same time.'],
['code' => 'Waf.Pullin.DomainAndDomainIdNotMatch', 'message' => 'domain and domainId do not match.', 'http_code' => 400, 'description' => 'The input parameters Domain and DomainId do not match.'],
['code' => 'Waf.Pullin.DomainExistInOldWaf', 'message' => 'Domain name exists in WAF 2.0.', 'http_code' => 400, 'description' => 'The domain name is added to WAF of the earlier version.'],
['code' => 'Waf.Pullin.DomainExistInOldWaf', 'message' => 'The domain name is added to WAF of the earlier version.', 'http_code' => 403, 'description' => 'The domain name is already configured in WAF 2.0.'],
['code' => 'Waf.Pullin.DomainIdIsIllegal', 'message' => 'The input parameter, the domainId is illegal.', 'http_code' => 400, 'description' => 'Illegal entry DomainId'],
['code' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'message' => 'The domain does not have an ICP filling or has been blacklisted.', 'http_code' => 400, 'description' => 'The domain name is not filed or is on the blacklist.'],
['code' => 'Waf.Pullin.DomainNotBeianOrInBlackList', 'message' => 'Blacklist or Domain Names That Do Not Have ICP Filings', 'http_code' => 400, 'description' => 'The domain name does not have an ICP filing or has committed a penalty.'],
['code' => 'Waf.Pullin.DomainOwnedByOtherUser', 'message' => 'The domain name is already in use by another user.', 'http_code' => 400, 'description' => 'The domain name is used by another user.'],
['code' => 'Waf.Pullin.DomainOwnedByOtherUser', 'message' => 'The domain name is used by other users.', 'http_code' => 400, 'description' => 'The domain name is used by another user.'],
['code' => 'Waf.Pullin.DuplicateCertificateId', 'message' => 'Duplicate certificate ID', 'http_code' => 400, 'description' => 'The ID of the certificate already exists.'],
['code' => 'Waf.Pullin.ExtensiveDomainUsedError', 'message' => 'The generic domain name is already in use by other users.', 'http_code' => 400, 'description' => 'The wildcard domain name is used by another user.'],
['code' => 'Waf.Pullin.ExtensiveDomainUsedError', 'message' => 'The wildcard domain name is used by other users.', 'http_code' => 400, 'description' => 'The wildcard domain name is used by other users.'],
['code' => 'Waf.Pullin.Http2OriginEnabledFocusHttpBackendForbidden', 'message' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.', 'http_code' => 400, 'description' => 'When HTTP2 origin is enabled, HTTP origin cannot be enabled.'],
['code' => 'Waf.Pullin.Http2OriginMustOnHttp2Enable', 'message' => 'When HTTP2 origin is enabled, HTTP2 listening must be enabled.', 'http_code' => 400, 'description' => 'When HTTP2 back-to-source is enabled, HTTP2 listening must be enabled.'],
['code' => 'Waf.Pullin.Http2OriginMustOnKeepaliveEnable', 'message' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.', 'http_code' => 400, 'description' => 'When the HTTP2 origin is turned on, the keepalive must be turned on.'],
['code' => 'Waf.Pullin.InsufficientExclusiveVip', 'message' => 'The number of exclusive IP addresses that you have purchased is insufficient. Purchase more on the upgrade page.', 'http_code' => 400, 'description' => 'The number of exclusive IP addresses that you have purchased is insufficient. Purchase more on the upgrade page.'],
['code' => 'Waf.Pullin.InvalidAttachKey', 'message' => 'Invalid parameter name.', 'http_code' => 400, 'description' => 'The name of the parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidAttachKey', 'message' => 'The name of the parameter is invalid.', 'http_code' => 400, 'description' => 'The name of the parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidAttachValue', 'message' => 'Invalid parameter value.', 'http_code' => 400, 'description' => 'The value of the parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidAttachValue', 'message' => 'The value of the parameter is invalid.', 'http_code' => 400, 'description' => 'The value of the parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidBackend', 'message' => 'Invalid return information.', 'http_code' => 400, 'description' => 'The back-to-origin information is invalid.'],
['code' => 'Waf.Pullin.InvalidBackend', 'message' => 'The back-to-origin information is invalid.', 'http_code' => 400, 'description' => 'The back-to-origin information is invalid.'],
['code' => 'Waf.Pullin.InvalidCertByHttpProtocol', 'message' => 'HTTP protocol cannot enter certificate', 'http_code' => 400, 'description' => 'You cannot enter a certificate for the HTTP protocol.'],
['code' => 'Waf.Pullin.InvalidCertByHttpsProtocol', 'message' => 'HTTPS protocol must enter a certificate', 'http_code' => 400, 'description' => 'You must enter a certificate for the HTTPS protocol.'],
['code' => 'Waf.Pullin.InvalidCertFormat', 'message' => 'Certificate format error.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'],
['code' => 'Waf.Pullin.InvalidCertFormat', 'message' => 'The format of the certificate is invalid.', 'http_code' => 400, 'description' => 'The format of the certificate is invalid.'],
['code' => 'Waf.Pullin.InvalidCertIdentifier', 'message' => 'Invalid certificate ID, certificate ID:%s.', 'http_code' => 400, 'description' => 'Invalid certificate ID, certificate ID:%s.'],
['code' => 'Waf.Pullin.InvalidCipherSuit', 'message' => 'Invalid CipherSuit', 'http_code' => 400, 'description' => 'The cipher suite is invalid.'],
['code' => 'Waf.Pullin.InvalidClusterPort', 'message' => 'The cluster port is invalid.', 'http_code' => 400, 'description' => 'HybridCloud cluster port is invalid.'],
['code' => 'Waf.Pullin.InvalidCustomCiphers', 'message' => 'Invalid custom cipher suite.', 'http_code' => 400, 'description' => 'Invalid custom cipher suite.'],
['code' => 'Waf.Pullin.InvalidDefaultCert', 'message' => 'Invalid default certificate.', 'http_code' => 400, 'description' => 'The default certificate is invalid.'],
['code' => 'Waf.Pullin.InvalidDomain', 'message' => 'Invalid domain name.', 'http_code' => 400, 'description' => 'The domain name is invalid.'],
['code' => 'Waf.Pullin.InvalidDomain', 'message' => 'The domain name is invalid.', 'http_code' => 400, 'description' => 'The domain name is invalid.'],
['code' => 'Waf.Pullin.InvalidHttp2OriginWithProxyProtocol', 'message' => 'http2Origin and proxyProtocol cannot be opened at the same time.', 'http_code' => 400, 'description' => 'http2Origin and proxyProtocol cannot be opened at the same time.'],
['code' => 'Waf.Pullin.InvalidIncludeSubDomainWithPreload', 'message' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.', 'http_code' => 400, 'description' => 'The parameter HstsIncludeSubDomain is invalid. When the parameter HstsPreload is true, the HstsIncludeSubDomain must be true.'],
['code' => 'Waf.Pullin.InvalidMaxAgeWithPreload', 'message' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000.', 'http_code' => 400, 'description' => 'HstsMaxAge the parameter is incorrect, when the HstsPreload is True, the HstsMaxAge must be greater than or equal to 31536000'],
['code' => 'Waf.Pullin.InvalidProtocolPort', 'message' => 'Protocol port not entered.', 'http_code' => 400, 'description' => 'You must specify the port.'],
['code' => 'Waf.Pullin.InvalidProtocolPort', 'message' => 'The port is not specified.', 'http_code' => 400, 'description' => 'The port is not specified.'],
['code' => 'Waf.Pullin.InvalidPunishScope', 'message' => 'The punish scope parameter is invalid.', 'http_code' => 400, 'description' => 'The penalty dimension parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidRequestHeader', 'message' => 'Invalid Enable Traffic Marker parameter.', 'http_code' => 400, 'description' => 'The Enable Traffic Mark parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidRequestHeader', 'message' => 'The Enable Traffic Mark parameter is invalid.', 'http_code' => 400, 'description' => 'The Enable Traffic Mark parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidResource', 'message' => 'Invalid resource.', 'http_code' => 400, 'description' => 'The resource is invalid.'],
['code' => 'Waf.Pullin.InvalidResource', 'message' => 'The resource is invalid.', 'http_code' => 400, 'description' => 'The resource is invalid.'],
['code' => 'Waf.Pullin.InvalidResourceProduct', 'message' => 'Invalid cloud product type.', 'http_code' => 400, 'description' => 'The cloud service type is invalid.'],
['code' => 'Waf.Pullin.InvalidResourceStatus', 'message' => 'Invalid resource state.', 'http_code' => 400, 'description' => 'The status of the resource is invalid.'],
['code' => 'Waf.Pullin.InvalidResourceStatus', 'message' => 'The status of the resource is invalid.', 'http_code' => 400, 'description' => 'The status of the resource is invalid.'],
['code' => 'Waf.Pullin.InvalidServiceAttachData', 'message' => 'Invalid cloud product parameters.', 'http_code' => 400, 'description' => 'The cloud service parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidServiceAttachData', 'message' => 'The Cloud Service parameter is invalid.', 'http_code' => 400, 'description' => 'The Cloud Service parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidTLS', 'message' => 'invalid TLS', 'http_code' => 400, 'description' => 'The TLS parameter is invalid.'],
['code' => 'Waf.Pullin.InvalidUserStatus', 'message' => 'Invalid user state.', 'http_code' => 400, 'description' => 'The status of the user is invalid.'],
['code' => 'Waf.Pullin.InvalidUserStatus', 'message' => 'The status of the user is invalid.', 'http_code' => 400, 'description' => 'The status of the user is invalid.'],
['code' => 'Waf.Pullin.MaxCertCountLimit', 'message' => 'The number of selected certificate IDs exceeds the maximum number in the system.', 'http_code' => 400, 'description' => 'The number of selected certificate IDs exceeds the maximum number in the system.'],
['code' => 'Waf.Pullin.MaxDomainCountLimit', 'message' => 'Exceeds the maximum number of domain names that can be entered', 'http_code' => 400, 'description' => 'The maximum number of domain names that you can enter is exceeded.'],
['code' => 'Waf.Pullin.MaxProductCountLimit', 'message' => '可接入的云产品数不足', 'http_code' => 400, 'description' => 'The maximum number of instances that you can add to WAF is exceeded.'],
['code' => 'Waf.Pullin.MustListenHTTPS', 'message' => 'The domain name must listen to the HTTPS protocol. Domain:%s.', 'http_code' => 400, 'description' => 'The domain name must listen to the HTTPS protocol. Domain name:%s.'],
['code' => 'Waf.Pullin.OnlyBeOneDefaultCert', 'message' => 'There can be only one default certificate.', 'http_code' => 400, 'description' => 'There can be only one default certificate.'],
['code' => 'Waf.Pullin.OpenExclusiveIpInNotShare', 'message' => 'Turn on exclusive IP, only share cluster can be selected.', 'http_code' => 400, 'description' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.'],
['code' => 'Waf.Pullin.OpenExclusiveIpInNotShare', 'message' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.', 'http_code' => 400, 'description' => 'If you turn on Exclusive IP Address, you can select only a shared cluster.'],
['code' => 'Waf.Pullin.OpenExclusiveIpIPv6', 'message' => 'Exclusive IP and Ipv6, cannot be enabled at the same time.', 'http_code' => 400, 'description' => 'Exclusive IP and Ipv6 cannot be enabled at the same time.'],
['code' => 'Waf.Pullin.OpenIPv6InNotShare', 'message' => 'Turn on IPv6, share cluster is the only option.', 'http_code' => 400, 'description' => 'If you turn on IPv6, you can select only a shared cluster.'],
['code' => 'Waf.Pullin.OpenIPv6InNotShare', 'message' => 'If you turn on IPv6, you can select only a shared cluster.', 'http_code' => 400, 'description' => 'If you turn on IPv6, you can select only a shared cluster.'],
['code' => 'Waf.Pullin.PortProcessing', 'message' => 'Port is processing', 'http_code' => 400, 'description' => 'The port is being processed. Try again later.'],
['code' => 'Waf.Pullin.PortProcessing', 'message' => 'The port is being processed, please try again later.', 'http_code' => 400, 'description' => 'The port is being processed, please try again later.'],
['code' => 'Waf.Pullin.ProtocolNotSet', 'message' => 'Protocol not entered.', 'http_code' => 400, 'description' => 'You must specify the protocol.'],
['code' => 'Waf.Pullin.ProtocolNotSet', 'message' => 'You must specify the protocol.', 'http_code' => 400, 'description' => 'You must specify the protocol.'],
['code' => 'Waf.Pullin.ResourceAllocationFailed', 'message' => 'Failed to allocate resources.', 'http_code' => 400, 'description' => 'Failed to allocate resources.'],
['code' => 'Waf.Pullin.ResourceCreating', 'message' => 'Accessed resources are being created.', 'http_code' => 400, 'description' => 'The resource is being created.'],
['code' => 'Waf.Pullin.ResourceCreating', 'message' => 'The resource is being created.', 'http_code' => 400, 'description' => 'The resource is being created.'],
['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'Accessed resource already exists.', 'http_code' => 400, 'description' => 'The resource exists.'],
['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'The resource exists.', 'http_code' => 400, 'description' => 'The resource exists.'],
['code' => 'Waf.Pullin.ResourceExsit', 'message' => 'Access resource already exists, resource:%s.', 'http_code' => 400, 'description' => 'Access resource already exists, existing resource:%s.'],
['code' => 'Waf.Pullin.ResourceInstanceIdNotExist', 'message' => 'The instance ID does not exist.', 'http_code' => 400, 'description' => 'The instance ID does not exist.'],
['code' => 'Waf.Pullin.ResourceInstanceIpNotMatched', 'message' => 'The instance does not match the Public IP, please click Synchronize and try again.', 'http_code' => 400, 'description' => 'The ID of the instance does not match the IP address of the instance. Click Synchronize Instances and retry.'],
['code' => 'Waf.Pullin.ResourceInstancePortNotExist', 'message' => 'The port of the instance does not exist.', 'http_code' => 400, 'description' => 'The port number does not exist.'],
['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'Access resource does not exist.', 'http_code' => 400, 'description' => 'The resource does not exist.'],
['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'The resource does not exist.', 'http_code' => 400, 'description' => 'The resource does not exist.'],
['code' => 'Waf.Pullin.ResourceNotExist', 'message' => 'The accessed resource already exists. Resource:%s.', 'http_code' => 400, 'description' => 'The accessed resource already exists. Resource:%s.'],
['code' => 'Waf.Pullin.ResourceOwnerError', 'message' => 'Resource attribution user is incorrect.', 'http_code' => 400, 'description' => 'The user to which the resource belongs is invalid.'],
['code' => 'Waf.Pullin.ResourceOwnerError', 'message' => 'The user to which the resource belongs is invalid.', 'http_code' => 400, 'description' => 'The user to which the resource belongs is invalid.'],
['code' => 'Waf.Pullin.ResourceProcessing', 'message' => 'The resource is in operation, please try again later.', 'http_code' => 400, 'description' => 'The resource is in operation, please try again later.'],
['code' => 'Waf.Pullin.RiskyDomain', 'message' => 'RT001, sorry, this domain name cannot be added due to security problems. You can appeal through the work order.', 'http_code' => 400, 'description' => 'The domain name you added may be at risk. If you have any questions, please submit a work order.'],
['code' => 'Waf.Pullin.UnderDDoS', 'message' => 'The current WAF instance is in the defense/blackhole state, and it is not allowed to enable the Exclusive IP/GSLB configuration', 'http_code' => 400, 'description' => 'Traffic scrubbing or blackhole filtering is triggered for the WAF instance. You cannot enable Exclusive IP Address or Shared Cluster-based Intelligent Load Balancing.'],
['code' => 'Waf.Pullin.UnSupportedPort', 'message' => 'Return port not supported.', 'http_code' => 400, 'description' => 'The port over which requests are redirected to the origin server is not supported.'],
['code' => 'Waf.Pullin.UnSupportedPort', 'message' => 'The port over which requests are redirected to the origin server is not supported.', 'http_code' => 400, 'description' => 'The port over which requests are redirected to the origin server is not supported.'],
['code' => 'Waf.Report.%s', 'message' => 'Invalid parameter:%s.', 'http_code' => 400, 'description' => 'Invalid parameter:%s'],
['code' => 'Waf.Report.InternalError', 'message' => 'Server error occurred in report service.', 'http_code' => 400, 'description' => 'Report Service Internal Error'],
['code' => 'WafMigrating', 'message' => 'WAF user is migrating, the operation of resource does not support.', 'http_code' => 400, 'description' => 'WAF users are not allowed to access related resources during migration.'],
['code' => 'WxbbOrWxbbJsUsed', 'message' => 'The feature of app protection is being used.', 'http_code' => 400, 'description' => 'The app protection feature is in use.'],
['code' => 'Defense.Control.InvalidDefenseRuleConfig', 'message' => 'Invalid protection rule configuration. %s.', 'http_code' => 400, 'description' => 'Invalid protection rule configuration.'],
],
'changeSet' => [
[
'apis' => [
['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeDefenseRules'],
],
'createdAt' => '2025-03-27T04:35:03.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeApisecApiResources'],
['description' => 'Response parameters changed', 'api' => 'DescribeApisecEvents'],
['description' => 'Response parameters changed', 'api' => 'DescribeApisecStatistics'],
],
'createdAt' => '2025-02-24T13:16:32.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResource'],
['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResources'],
['description' => 'Request parameters changed', 'api' => 'ModifyDefenseResourceXff'],
],
'createdAt' => '2025-02-24T08:09:44.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeApisecAbnormals'],
['description' => 'Request parameters changed', 'api' => 'DescribeSensitiveRequestLog'],
],
'createdAt' => '2025-01-16T13:24:13.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribePunishedDomains'],
],
'createdAt' => '2025-01-15T12:33:46.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeDefenseTemplates'],
],
'createdAt' => '2025-01-03T06:43:53.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'ModifyHybridCloudClusterBypassStatus'],
],
'createdAt' => '2024-12-30T10:12:48.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeDefenseResourceTemplates'],
['description' => 'Request parameters changed', 'api' => 'DescribeDefenseTemplates'],
],
'createdAt' => '2024-12-30T06:37:53.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateCloudResource'],
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDomain'],
],
'createdAt' => '2024-12-12T08:02:05.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateDomain'],
['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'],
['description' => 'Request parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2024-11-28T15:05:24.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeSensitiveRequestLog'],
],
'createdAt' => '2024-11-26T09:04:53.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'ChangeResourceGroup'],
],
'createdAt' => '2024-11-13T11:01:42.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateSM2Cert'],
['description' => 'Request parameters changed', 'api' => 'DescribeCnameCount'],
['description' => 'Request parameters changed', 'api' => 'ListTagKeys'],
['description' => 'Request parameters changed', 'api' => 'ListTagValues'],
],
'createdAt' => '2024-11-12T13:24:43.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeApisecAbnormalDomainStatistic'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecAssetTrend'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecEventDomainStatistic'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecSensitiveDomainStatistic'],
],
'createdAt' => '2024-11-12T12:57:21.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeApisecLogDeliveries'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsLogStores'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsProjects'],
['description' => 'Request parameters changed', 'api' => 'DescribeUserSlsLogRegions'],
['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDelivery'],
['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDeliveryStatus'],
],
'createdAt' => '2024-11-12T11:55:30.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribeResourceSupportRegions'],
],
'createdAt' => '2024-11-06T13:26:45.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'ModifyDefenseRule'],
],
'createdAt' => '2024-10-18T13:59:41.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateCloudResource'],
['description' => 'Request parameters changed', 'api' => 'ModifyCloudResource'],
],
'createdAt' => '2024-10-10T12:43:53.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'ModifyResourceLogStatus'],
],
'createdAt' => '2024-09-06T03:56:49.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDefenseRule'],
],
'createdAt' => '2024-09-02T09:45:29.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DeleteDefenseResourceGroup'],
['description' => 'Request parameters changed', 'api' => 'DescribeDefenseResources'],
['description' => 'Request parameters changed', 'api' => 'ModifyPauseProtectionStatus'],
],
'createdAt' => '2024-09-02T03:45:16.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudServerRegions'],
['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudUnassignedMachines'],
],
'createdAt' => '2024-08-29T01:28:49.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudClusters'],
['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudGroups'],
['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudResources'],
['description' => 'Request parameters changed', 'api' => 'DescribeHybridCloudUser'],
],
'createdAt' => '2024-08-29T01:20:04.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DeleteDefenseResourceGroup'],
['description' => 'Request parameters changed', 'api' => 'DescribeDefenseResources'],
['description' => 'Request parameters changed', 'api' => 'ModifyDefenseResourceXff'],
['description' => 'Request parameters changed', 'api' => 'ModifyPauseProtectionStatus'],
],
'createdAt' => '2024-08-29T01:08:27.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeApisecAbnormalDomainStatistic'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecAssetTrend'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecEventDomainStatistic'],
],
'createdAt' => '2024-08-29T00:41:11.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeApisecSensitiveDomainStatistic'],
],
'createdAt' => '2024-08-27T09:34:53.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeApisecLogDeliveries'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsLogStores'],
['description' => 'Request parameters changed', 'api' => 'DescribeApisecSlsProjects'],
['description' => 'Request parameters changed', 'api' => 'DescribeUserSlsLogRegions'],
['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDelivery'],
['description' => 'Request parameters changed', 'api' => 'ModifyApisecLogDeliveryStatus'],
],
'createdAt' => '2024-08-27T07:55:18.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeAccountDelegatedStatus'],
['description' => 'Request parameters changed', 'api' => 'DescribePauseProtectionStatus'],
],
'createdAt' => '2024-08-27T07:27:41.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeFlowChart'],
['description' => 'Request parameters changed', 'api' => 'DescribeFlowTopResource'],
['description' => 'Request parameters changed', 'api' => 'DescribePeakTrend'],
['description' => 'Request parameters changed', 'api' => 'DescribeResponseCodeTrendGraph'],
],
'createdAt' => '2024-08-27T07:23:48.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopUa'],
['description' => 'Request parameters changed', 'api' => 'DescribeVisitTopIp'],
['description' => 'Request parameters changed', 'api' => 'DescribeVisitUas'],
],
'createdAt' => '2024-08-27T07:18:30.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopResource'],
['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopRuleId'],
['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopTuleType'],
],
'createdAt' => '2024-08-27T07:15:38.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopClientIp'],
],
'createdAt' => '2024-08-27T07:13:17.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeFlowTopUrl'],
],
'createdAt' => '2024-08-27T06:52:03.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeCnameCount'],
],
'createdAt' => '2024-08-15T07:34:21.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopUrl'],
],
'createdAt' => '2024-08-15T07:04:04.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeDDoSStatus'],
],
'createdAt' => '2024-08-15T06:51:46.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribeCloudResources'],
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'DescribeProductInstances'],
],
'createdAt' => '2024-07-09T07:10:39.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'],
],
'createdAt' => '2024-06-06T09:50:01.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeResponseCodeTrendGraph'],
],
'createdAt' => '2024-04-16T02:38:05.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeProductInstances'],
],
'createdAt' => '2024-04-02T13:44:23.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResources'],
],
'createdAt' => '2024-03-21T12:30:50.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeHybridCloudResources'],
],
'createdAt' => '2024-02-22T02:47:49.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeHybridCloudResources'],
],
'createdAt' => '2024-02-20T09:23:23.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateDomain'],
['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'],
['description' => 'Request parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2024-01-30T12:17:22.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeHybridCloudResources'],
],
'createdAt' => '2023-10-19T12:17:33.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeHybridCloudGroups'],
],
'createdAt' => '2023-10-18T12:20:57.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'DescribeRuleHitsTopRuleId'],
],
'createdAt' => '2023-10-18T06:20:01.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeDefenseResources'],
],
'createdAt' => '2023-08-24T09:08:07.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeFlowChart'],
],
'createdAt' => '2023-07-27T11:08:23.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeDefenseTemplate'],
],
'createdAt' => '2023-07-26T09:09:20.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'CreateDefenseRule'],
['description' => 'Response parameters changed', 'api' => 'ModifyDefenseRule'],
],
'createdAt' => '2023-05-17T07:34:05.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateDomain'],
['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'],
['description' => 'Request parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2023-04-27T06:06:10.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Response parameters changed, Response parameters changed', 'api' => 'DescribeDomainDetail'],
],
'createdAt' => '2023-04-18T11:16:44.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateDomain'],
['description' => 'Request parameters changed, Response parameters changed, Response parameters changed', 'api' => 'DescribeDomains'],
['description' => 'Response parameters changed', 'api' => 'DescribeVisitUas'],
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2023-04-18T02:11:06.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDomain'],
],
'createdAt' => '2023-03-31T03:12:06.000Z',
'description' => '',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateDomain'],
['description' => 'Request parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2023-01-10T12:30:48.000Z',
'description' => 'CNAME接入的回源超时时间取值范围调整',
],
[
'apis' => [
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'CreateDomain'],
['description' => 'Request parameters changed, Response parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2023-01-05T12:40:09.000Z',
'description' => '混合云增加长连接超时时间等参数',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateDomain'],
['description' => 'Response parameters changed', 'api' => 'DescribeDomainDetail'],
['description' => 'Request parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2022-11-28T08:18:31.000Z',
'description' => 'WAF3.0控制台 开放长连接配置。',
],
[
'apis' => [
['description' => 'Request parameters changed', 'api' => 'CreateDomain'],
['description' => 'Request parameters changed', 'api' => 'DeleteDomain'],
['description' => 'Request parameters changed', 'api' => 'ModifyDomain'],
],
'createdAt' => '2022-11-25T01:59:49.000Z',
'description' => '新增混合云cname接入',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeInstance'],
],
'createdAt' => '2022-11-02T05:56:56.000Z',
'description' => '实例查询接口,新加创建实例字段。',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeInstance'],
],
'createdAt' => '2022-07-04T11:04:45.000Z',
'description' => '支持BOT,防篡改,防敏感信息',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeInstance'],
],
'createdAt' => '2022-03-31T13:15:05.000Z',
'description' => '重保场景化功能',
],
[
'apis' => [
['description' => 'OpenAPI offline', 'api' => 'DescribeInstanceExtend'],
],
'createdAt' => '2022-03-31T13:13:25.000Z',
'description' => '重保功能发布',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeInstanceCompatible'],
],
'createdAt' => '2022-01-20T05:53:09.000Z',
'description' => '新老版本WAF的实例查询接口,新加商品CODE字段。',
],
[
'apis' => [
['description' => 'Response parameters changed', 'api' => 'DescribeInstanceCompatible'],
],
'createdAt' => '2022-01-06T09:54:28.000Z',
'description' => '查询实例接口新加付费类型字段。',
],
[
'apis' => [
['description' => 'OpenAPI offline', 'api' => 'DescribeInstance'],
['description' => 'OpenAPI offline', 'api' => 'DescribeInstanceCompatible'],
],
'createdAt' => '2021-12-28T04:35:06.000Z',
'description' => 'WAF新版本API',
],
],
'flowControl' => [
'flowControlList' => [
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomain'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CopyDefenseTemplate'],
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'UntagResources'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplateValidGroups'],
['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormalDomainStatistic'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceGroup'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopResource'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroup'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStoreStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePunishedDomains'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMajorProtectionBlackIp'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserSlsLogRegions'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveDetectionResult'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecAbnormals'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveRequestLog'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePauseProtectionStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleGroups'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyTemplateResources'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateApiExport'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMajorProtectionBlackIps'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTopNMetric'],
['threshold' => '150', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResourceAccessPortDetails'],
['threshold' => '35', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSensitiveDomainStatistic'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleCache'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateHybridCloudGroup'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRuleStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecLogDelivery'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsLogStores'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeInstance'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudSdkPullinStatus'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteApisecEvents'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecAbnormals'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplate'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudUser'],
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagValues'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyMemberAccount'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUrl'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecSlsProjects'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudResources'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResponseCodeTrendGraph'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ClearMajorProtectionBlackIp'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseTemplate'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsAuthStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRule'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateCloudResource'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAbnormals'],
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDetail'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudClusterBypassStatus'],
['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMajorProtectionBlackIp'],
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCertDetail'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResource'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseResourceGroup'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMemberAccount'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecUserOperations'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeMemberAccounts'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'SyncProductInstance'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserApiRequest'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserAbnormalTrend'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteCloudResource'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeHybridCloudGroups'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDomain'],
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCloudResources'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseRule'],
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'TagResources'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSecurityEventTimeSeriesMetric'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSensitiveApiStatistic'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecAssetTrend'],
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResources'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeAccountDelegatedStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplate'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceNames'],
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagResources'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopTuleType'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseTemplateStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceRegionId'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateMemberAccounts'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDDoSStatus'],
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomainDNSRecord'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseRule'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyCloudResource'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyResourceLogStatus'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowChart'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeCerts'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroup'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreateDefenseTemplate'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecApiResources'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopUa'],
['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeProductInstances'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyPauseProtectionStatus'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDefenseResourceGroup'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserWafLogStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionResources'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteMajorProtectionBlackIp'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceLogStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyApisecApiResource'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefaultHttps'],
['threshold' => '1000', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ListTagKeys'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecProtectionGroups'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudServer'],
['threshold' => '15', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResources'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyHybridCloudGroupShrinkServer'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseRule'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseRules'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeUserEventType'],
['threshold' => '60', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeWafSourceIpSegment'],
['threshold' => '100', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDefenseResourceXff'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribePeakTrend'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDomains'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'CreatePostpaidInstance'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroupNames'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopUrl'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitUas'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopRuleId'],
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeTemplateResourceCount'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeFlowTopResource'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecLogDeliveries'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourcePort'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceGroups'],
['threshold' => '50', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseTemplates'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceInstanceCerts'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeSlsLogStore'],
['threshold' => '20', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeVisitTopIp'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'ModifyDomainPunishStatus'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeDefenseResourceTemplates'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeRuleHitsTopClientIp'],
['threshold' => '30', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeApisecEventDomainStatistic'],
['threshold' => '5', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DeleteDomain'],
['threshold' => '10', 'countWindow' => 1, 'regionId' => '*', 'api' => 'DescribeResourceSupportRegions'],
],
],
'ram' => [
'productCode' => 'WAFV3',
'productName' => 'Web Application Firewall',
'ramCodes' => ['yundun-waf'],
'ramLevel' => 'RESOURCE',
'ramConditions' => [
[
'name' => 'acs:ResourceGroupId',
'schema' => ['type' => 'String', 'description' => '资源组ID'],
],
],
'ramActions' => [
[
'apiName' => 'DescribeApisecAbnormalDomainStatistic',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecAbnormalDomainStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRuleHitsTopClientIp',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopClientIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyHybridCloudCluster',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudCluster',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateCerts',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateCerts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribePauseProtectionStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePauseProtectionStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseResourceGroup',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveRequestLog',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveRequestLog',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteCloudResource',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteCloudResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'],
],
],
],
[
'apiName' => 'ModifyHybridCloudGroup',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyApisecStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyApisecAbnormals',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecAbnormals',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyTemplateResources',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyTemplateResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecSlsProjects',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSlsProjects',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateDefenseRule',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateHybridCloudGroup',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateHybridCloudGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecEventDomainStatistic',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecEventDomainStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecMatchedHosts',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecMatchedHosts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateMemberAccounts',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateMemberAccounts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseResourceOwnerUid',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceOwnerUid',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteAddress',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteAddress',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteCloudResourceExtensionCert',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteCloudResourceExtensionCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeVisitTopIp',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeVisitTopIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeCommonLogFields',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeCommonLogFields',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseResourceTemplates',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceTemplates',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudUser',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudUser',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecStatistics',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecStatistics',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRuleHitsTopResource',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseSceneConfig',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseSceneConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteDefenseRule',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribePeakTrend',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePeakTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseRule',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeThreatEventTopMetric',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeThreatEventTopMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseTemplateStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseTemplateStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDomainDetail',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDomainDetail',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}-waf'],
],
],
],
[
'apiName' => 'DescribeSecurityEventTopNMetric',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSecurityEventTopNMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDomainCert',
'description' => '',
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:ModifyDomainCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseTemplateValidGroups',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplateValidGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteLogDeliveryConfig',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeNetworkFlowTimeSeriesMetric',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeNetworkFlowTimeSeriesMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserSlsLogRegions',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserSlsLogRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeVisitUas',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeVisitUas',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRuleHitsTopUrl',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopUrl',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateCloudResourceExtensionCert',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:CreateCloudResourceExtensionCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudServerRegions',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudServerRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyApisecModuleStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecModuleStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeFlowChart',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFlowChart',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseSceneConfig',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseSceneConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseRuleStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseRuleStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecLogDeliveries',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecLogDeliveries',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeLogDeliveryConfig',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeBaseSystemRules',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeBaseSystemRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResourceSupportRegions',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceSupportRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'TagResources',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:TagResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'CreateDefenseTemplate',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecEventDetail',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecEventDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateSM2Cert',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateSM2Cert',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeBaseRuleChangeLog',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeBaseRuleChangeLog',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeCustomBaseRuleCompileResult',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCustomBaseRuleCompileResult',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserEventType',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserEventType',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateCloudResource',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateCloudResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
[
'apiName' => 'DescribeDefenseResourceGroups',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteApisecEvents',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteApisecEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecRules',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyUserWafLogStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyUserWafLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserAbnormalTrend',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserAbnormalTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteApisecAbnormals',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteApisecAbnormals',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyHybridCloudSdkPullinStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudSdkPullinStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ListTagResources',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:ListTagResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DescribeApiExports',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApiExports',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyApisecEvents',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecApiResources',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecApiResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeAlarmBanner',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeAlarmBanner',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveRequests',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveRequests',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserEventTrend',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserEventTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribePocFunctions',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePocFunctions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudSupportRegions',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudSupportRegions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeTemplateResources',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeTemplateResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ReleaseInstance',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:ReleaseInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ListTagKeys',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:ListTagKeys',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeAccountDelegatedStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeAccountDelegatedStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyLogDeliveryConfig',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:ModifyLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeCloudResources',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseTemplate',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeMajorProtectionBlackIps',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeMajorProtectionBlackIps',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecSensitiveDomainStatistic',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSensitiveDomainStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeVerifyContent',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeVerifyContent',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveOutboundTrend',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveOutboundTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyCloudResourceCert',
'description' => '',
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:ModifyCloudResourceCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyUserLogFieldConfig',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyUserLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyHybridCloudClusterBypassStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudClusterBypassStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeNetworkFlowTopNMetric',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeNetworkFlowTopNMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseRule',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeTemplateResourceCount',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeTemplateResourceCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecProtectionGroups',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecProtectionGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefaultHttps',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefaultHttps',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseResources',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
[
'apiName' => 'DescribeCloudResourceList',
'description' => '',
'operationType' => 'list',
'additionalActions' => [
['action' => 'yundun-waf:DescribeCloudResourceList', 'validationType' => 'conditional'],
],
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResourceList',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DescribeLogDeliveryConfigs',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeLogDeliveryConfigs',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSecurityEventTimeSeriesMetric',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSecurityEventTimeSeriesMetric',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudProcessMonitor',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudProcessMonitor',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSecurityEventLogs',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSecurityEventLogs',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateApiExport',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateApiExport',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyMemberAccount',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyMemberAccount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRelatedDefenseRules',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeRelatedDefenseRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyCloudResource',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyCloudResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'],
],
],
],
[
'apiName' => 'DescribeSlsLogStore',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSlsLogStore',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateLogDeliveryConfig',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateLogDeliveryConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeFreeUserEventCount',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserEventCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResourceLogStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'UntagResources',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:UntagResources',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DescribeApisecAssetTrend',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecAssetTrend',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CopyDefenseTemplate',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CopyDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseRules',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeBotRuleLabels',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeBotRuleLabels',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeCloudResourceAccessPortDetails',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResourceAccessPortDetails',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'VerifyDomainOwner',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:VerifyDomainOwner',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserAbnormalType',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserAbnormalType',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateMajorProtectionBlackIp',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeChargeModule',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeChargeModule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDomain',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDomain',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'],
],
],
],
[
'apiName' => 'DescribeFreeUserEventTypes',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserEventTypes',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeFreeUserEvents',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyHybridCloudGroupShrinkServer',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudGroupShrinkServer',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResourceLogDeliveryStatus',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceLogDeliveryStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateDefenseResource',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudUnsupportPorts',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudUnsupportPorts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecAbnormals',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecAbnormals',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResourceInstanceCerts',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceInstanceCerts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribePostpayBills',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribePostpayBills',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeChargeResult',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeChargeResult',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveStatistic',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecSuggestions',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSuggestions',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateDomain',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDomain',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
],
],
],
[
'apiName' => 'DescribeCerts',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCerts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteMajorProtectionBlackIp',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeInstance',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseRuleStatistics',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseRuleStatistics',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeBotAppKey',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeBotAppKey',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserTraffic',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserTraffic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ListTagValues',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:ListTagValues',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeAbnormalCloudResources',
'description' => '',
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:DescribeAbnormalCloudResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeElasticBills',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeElasticBills',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyApisecLogDelivery',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecLogDelivery',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ChangeResourceGroup',
'description' => '',
'operationType' => 'update',
'additionalActions' => [
['action' => 'yundun-waf:ChangeResourceGroup', 'validationType' => 'always'],
],
'ramAction' => [
'action' => 'yundun-waf:ChangeResourceGroup',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DescribePunishedDomains',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePunishedDomains',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecEvents',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecEvents',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeCnameCount',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCnameCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRuleHitsTopRuleId',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopRuleId',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyResourceLogFieldConfig',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyResourceLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseTemplates',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplates',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserLogFieldConfig',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRuleHitsTopUa',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopUa',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteHybridCloudGroup',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteHybridCloudGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateHybridCloudCluster',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateHybridCloudCluster',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveDetectionResult',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveDetectionResult',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeCloudResourceAccessedPorts',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCloudResourceAccessedPorts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeAddresses',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeAddresses',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefaultHttps',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefaultHttps',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteDefenseResource',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DescribeThreatEvent',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeThreatEvent',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDomains',
'description' => '',
'operationType' => 'get',
'additionalActions' => [
['action' => 'yundun-waf:DescribeDomains', 'validationType' => 'conditional'],
],
'ramAction' => [
'action' => 'yundun-waf:DescribeDomains',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DescribeHybridCloudClusterServers',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusterServers',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseRuleCache',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseRuleCache',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserApiRequest',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserApiRequest',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecUserOperations',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecUserOperations',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateDefenseResourceGroup',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSlsLogStoreStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSlsLogStoreStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudProtectableCount',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudProtectableCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeMemberAccounts',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeMemberAccounts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreatePostpaidInstance',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreatePostpaidInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseResource',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResource',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DeleteDefenseTemplate',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudResourceDetail',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudResourceDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteDomain',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDomain',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'],
],
],
],
[
'apiName' => 'ClearAddress',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:ClearAddress',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseResourceGroup',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyResourceLogStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyResourceLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeWafSourceIpSegment',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeWafSourceIpSegment',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRuleHitsTopTuleType',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleHitsTopTuleType',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyHybridCloudClusterRule',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudBasicMonitor',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudBasicMonitor',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteMemberAccount',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteMemberAccount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDDoSStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDDoSStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyApisecLogDeliveryStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecLogDeliveryStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudUnassignedMachines',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudUnassignedMachines',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseTemplate',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplate',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeThreatEventDetail',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeThreatEventDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyHybridCloudServer',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudServer',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeFreeUserAssetCount',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFreeUserAssetCount',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'SyncProductInstance',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:SyncProductInstance',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDefenseResourceXff',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDefenseResourceXff',
'authLevel' => 'resource',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
],
],
],
[
'apiName' => 'DescribeDomainUsedPorts',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDomainUsedPorts',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserAsset',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserAsset',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecProtectionResources',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecProtectionResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecSlsLogStores',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecSlsLogStores',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseResourceGroupNames',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceGroupNames',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyHybridCloudGroupExpansionServer',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyHybridCloudGroupExpansionServer',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudClusterRule',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveOutboundStatistic',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveOutboundStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreateHybridCloudClusterRule',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreateHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ClearMajorProtectionBlackIp',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:ClearMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteHybridCloudClusterRule',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteHybridCloudClusterRule',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'InitializeWafOperationRole',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:InitializeWafOperationRole',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudSdkServers',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudSdkServers',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveApiStatistic',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveApiStatistic',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyApisecApiResource',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyApisecApiResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeProductInstances',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeProductInstances',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResponseCodeTrendGraph',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResponseCodeTrendGraph',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudClusterRules',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusterRules',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudResources',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRuleGroups',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRuleGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeUserWafLogStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeUserWafLogStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResourceRegionId',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceRegionId',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeApisecExamples',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeApisecExamples',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'CreatePocFunction',
'description' => '',
'operationType' => 'create',
'ramAction' => [
'action' => 'yundun-waf:CreatePocFunction',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeRoleAuthStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeRoleAuthStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResourcePort',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourcePort',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyCloudResourceDefaultCert',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyCloudResourceDefaultCert',
'authLevel' => 'operate',
'actionConditions' => [],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDomainDNSRecord',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeDomainDNSRecord',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ReCreateCloudResource',
'description' => '',
'operationType' => 'none',
'ramAction' => [
'action' => 'yundun-waf:ReCreateCloudResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseTemplateValidResources',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseTemplateValidResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribePrepayDailyBills',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribePrepayDailyBills',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudClusters',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudClusters',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeFlowTopUrl',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFlowTopUrl',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'AddAddress',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:AddAddress',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyPauseProtectionStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyPauseProtectionStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteDefenseRuleBlockIp',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseRuleBlockIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeIpAbroadCountryInfos',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeIpAbroadCountryInfos',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeAlarmList',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeAlarmList',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyDomainPunishStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyDomainPunishStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSensitiveOutboundDistribution',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSensitiveOutboundDistribution',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseGroupValidResources',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseGroupValidResources',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeFlowTopResource',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeFlowTopResource',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyResourceLogDeliveryStatus',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyResourceLogDeliveryStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeResourceLogFieldConfig',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeResourceLogFieldConfig',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeHybridCloudGroups',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeHybridCloudGroups',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'ModifyMajorProtectionBlackIp',
'description' => '',
'operationType' => 'update',
'ramAction' => [
'action' => 'yundun-waf:ModifyMajorProtectionBlackIp',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeCertDetail',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeCertDetail',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DeleteDefenseResourceGroup',
'description' => '',
'operationType' => 'delete',
'ramAction' => [
'action' => 'yundun-waf:DeleteDefenseResourceGroup',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeDefenseResourceNames',
'description' => '',
'operationType' => 'list',
'ramAction' => [
'action' => 'yundun-waf:DescribeDefenseResourceNames',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
[
'apiName' => 'DescribeSlsAuthStatus',
'description' => '',
'operationType' => 'get',
'ramAction' => [
'action' => 'yundun-waf:DescribeSlsAuthStatus',
'authLevel' => 'operate',
'actionConditions' => [
['conditionKey' => 'acs:ResourceGroupId', 'validationType' => 'always'],
],
'resources' => [
['validationType' => 'always', 'product' => 'WAFV3', 'resourceType' => 'All Resource', 'arn' => '*'],
],
],
],
],
'resourceTypes' => [
['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}'],
['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#ResourceInstanceId}-{#Port}-{#Product}'],
['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Resource}-waf'],
['validationType' => 'always', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/*'],
['validationType' => 'conditional', 'resourceType' => 'DefenseResource', 'arn' => 'acs:yundun-waf:{#regionId}:{#accountId}:defenseresource/{#Domain}-waf'],
],
],
];