huawei-cloud-api-definitions-WAF 0.1.20250117

Huawei Cloud API definitions, generated from OpenAPI spec
Documentation 
1

{"base_path":"/","components":null,"consumes":"","definitions":{"Access_progress":{"description":"冗余参数,仅用于新版console(前端)使用","properties":{"status":{"description":"状态,0:未完成这个步骤;1:已完成这个状态”","format":"int32","type":"integer"},"step":{"description":"步骤 \n - 1: 指回源IP加白 \n - 2: 指本地验证 \n - 3:指修改DNS解析","format":"int32","type":"integer"}}},"BlockPage":{"description":"告警页面配置参数,用于配置“自定义”或者“重定向”页面","properties":{"custom_page":{"$ref":"#/definitions/CustomPage","description":"自定义告警页面"},"redirect_url":{"description":"“重定向”页面URL","type":"string"},"template":{"description":"模板名称,默认页面请输入default,自定义告警页面时请输入custom,重定向请输入redirect","type":"string"}},"required":["template"]},"CircuitBreaker":{"description":"熔断配置,当502/504请求数量或读等待URL请求数量以及占比阈值达到您设置的值时,将触发WAF熔断功能开关,实现宕机保护和读等待URL请求保护","properties":{"block_time":{"description":"初次触发宕机的保护时间,即WAF将停止转发用户请求的时间。","format":"int32","type":"integer"},"dead_num":{"description":"502/504数量阈值,每30s累加的502/504数量阈值","format":"int32","type":"integer"},"dead_ratio":{"description":"502/504数量占比(%),总请求数量中502/504数量占比达到所设定值,并且与数量阈值同时满足时触发宕机保护","type":"number"},"superposition_num":{"description":"连续触发时,保护时间延长最大倍数,叠加周期为3600s。例如,“初次保护时间”设置为180s,“连续触发叠加系数”设置为3。 \n - 当触发次数为2(即小于3)时,保护时间为360s。 \n - 当次数大于等于3时,保护时间为540s。 \n - 当累计保护时间超过1小时(3600s),叠加次数会从头计数。","format":"int32","type":"integer"},"sus_block_time":{"description":"读等待URL请求数量超过阈值后的熔断时间,达到数量阈值所触发的保护时间,即WAF将停止转发用户请求的时间。","format":"int32","type":"integer"},"suspend_num":{"description":"读等待URL请求数量阈值,读等待URL请求数量到达设定值即触发连接保护","format":"int32","type":"integer"},"switch":{"description":"熔断开关,是否开启连接保护 \n - true:开启连接保护 \n - false: 关闭连接保护","type":"boolean"}}},"CloudWafServer":{"description":"防护域名的源站服务器配置信息","properties":{"address":{"description":"客户端访问的源站服务器的IP地址","type":"string"},"back_protocol":{"description":"WAF转发客户端请求到防护域名源站服务器的协议","enum":["HTTP","HTTPS"],"type":"string"},"front_protocol":{"description":"客户端请求访问防护域名源站服务器的协议","enum":["HTTP","HTTPS"],"type":"string"},"port":{"description":"WAF转发客户端请求到源站服务的业务端口","type":"integer"},"type":{"description":"源站地址为ipv4或ipv6","enum":["ipv4","ipv6"],"type":"string"},"weight":{"description":"源站权重,负载均衡算法将按该权重将请求分配给源站,默认值是1,云模式的冗余字段","type":"integer"}},"required":["front_protocol","back_protocol","address","port","type"]},"CustomPage":{"description":"自定义告警页面","properties":{"content":{"description":"根据选择的“页面类型”配置对应的页面内容,具体示例可以参考“Web应用防火墙 WAF”用户手册","type":"string"},"content_type":{"description":"“自定义”告警页面内容类型,可选择text/html、text/xml和application/json三种类型","type":"string"},"status_code":{"description":"返回状态码","type":"string"}},"required":["status_code","content_type","content"]},"Flag":{"description":"特殊标识,用于前端使用","properties":{"cname":{"description":"old:代表域名使用的老的cname,new:代表域名使用新的cname","enum":["old","new"],"type":"string"},"ipv6":{"description":"域名是否开启ipv6 \n - true:支持 \n - false:不支持","enum":["true","false"],"type":"string"},"is_dual_az":{"description":"域名是否开启ipv6 \n - true:支持 \n - false:不支持","enum":["true","false"],"type":"string"},"pci_3ds":{"description":"是否开启pci_3ds合规认证 \n - true:开启 \n - false:不开启","enum":["true","false"],"type":"string"},"pci_dss":{"description":"是否开启pci_dss合规认证 \n - true:开启 \n - false:不开启","enum":["true","false"],"type":"string"}}},"IAM5ErrorDetails":{"description":"调用下游服务的报错信息集合,IAM5鉴权错误时才会返回此信息0。","properties":{"error_code":{"description":"下游服务错误码","type":"string"},"error_msg":{"description":"下游服务报错信息","type":"string"}}},"RestErrorResponse":{"properties":{"details":{"description":"调用下游服务的报错信息集合,IAM5鉴权错误时才会返回此字段。","items":{"$ref":"#/definitions/IAM5ErrorDetails"},"type":"array"},"encoded_authorization_message":{"description":"编码 (加密) 后的详细拒绝原因,用户可以自行调用 STS 服务的decode-authorization-message接口进行解码,可参考STS5联调自验证。IAM5鉴权错误时才会返回此字段。","type":"string"},"error_code":{"description":"错误码","type":"string"},"error_msg":{"description":"错误信息","type":"string"}},"title":"RestErrorResponse","type":"object"},"ShowHostResponseBody":{"properties":{"access_code":{"description":"cname前缀","type":"string"},"access_progress":{"description":"接入进度,仅用于新版console(前端)使用","items":{"$ref":"#/definitions/Access_progress"},"type":"array"},"access_status":{"description":"域名接入状态,0表示未接入,1表示已接入","type":"integer"},"block_page":{"$ref":"#/definitions/BlockPage","description":"告警页面配置"},"certificateid":{"description":"https证书id","type":"string"},"certificatename":{"description":"证书名称","type":"string"},"cipher":{"description":"加密套件(cipher_1,cipher_2,cipher_3,cipher_4,cipher_default):\n - cipher_1: 加密算法为ECDHE-ECDSA-AES256-GCM-SHA384:HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:!DES:!MD5:!PSK:!RC4:!kRSA:!SRP:!3DES:!DSS:!EXP:!CAMELLIA:@STRENGTH \n - cipher_2:加密算法为EECDH+AESGCM:EDH+AESGCM \n - cipher_3:加密算法为ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH \n - cipher_4:加密算法为ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!EDH \n  cipher_5:加密算法为AES128-SHA:AES256-SHA:AES128-SHA256:AES256-SHA256:HIGH:!MEDIUM:!LOW:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4:!DHE:@STRENGTH \n  cipher_6:加密算法为ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256 \n - cipher_default: 加密算法为ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!AESGCM","enum":["cipher_1","cipher_2","cipher_3","cipher_4","cipher_5","cipher_6","cipher_default"],"type":"string"},"circuit_breaker":{"$ref":"#/definitions/CircuitBreaker","description":"熔断配置"},"description":{"description":"网站备注","type":"string"},"domainid":{"description":"账号ID,对应华为云控制台用户名->我的凭证->账号ID","type":"string"},"enterprise_project_id":{"description":"企业项目ID,对应华为云控制台用户名->企业->项目管理->点击项目名称->ID","type":"string"},"exclusive_ip":{"description":"是否使用独享ip \n - true:使用独享ip \n - false:不实用独享ip","type":"boolean"},"extend":{"additionalProperties":{"type":"string"},"description":"扩展字段,用于存放Web基础防护中一些开关配置等信息","type":"object"},"flag":{"$ref":"#/definitions/Flag","description":"特殊标识,用于前端使用"},"forward_header_map":{"additionalProperties":{"type":"string"},"description":"字段转发配置,WAF会将添加的字段插到header中,转给源站;Key不能跟nginx原生字段重复。Value支持的值包括: \n - $time_local \n - $request_id \n - $connection_requests \n - $tenant_id \n - $project_id \n - $remote_addr \n - $remote_port \n - $scheme \n - $request_method \n - $http_host \n -$origin_uri \n - $request_length \n - $ssl_server_name \n - $ssl_protocol \n - $ssl_curves \n - $ssl_session_reused","type":"object"},"hostname":{"description":"创建的云模式防护域名","type":"string"},"http2_enable":{"description":"是否支持http2 \n - true:表示支持http2 \n - false:表示不支持http2","type":"boolean"},"id":{"description":"域名id","type":"string"},"lb_algorithm":{"description":"LB负载均衡,仅专业版(原企业版)和铂金版(原旗舰版)支持配置负载均衡算法 \n - 源IP Hash:将某个IP的请求定向到同一个服务器 \n - 加权轮询:所有请求将按权重轮流分配给源站服务器 \n - Session Hash:将某个Session标识的请求定向到同一个源站服务器,请确保在域名添加完毕后配置攻击惩罚的流量标识,否则Session Hash配置不生效","enum":["ip_hash","round_robin","session_hash"],"type":"string"},"locked":{"description":"预留参数,用于后期设计冻结域名,解锁域名功能,目前暂不支持","type":"integer"},"policyid":{"description":"防护域名的防护策略id","type":"string"},"projectid":{"description":"项目ID,对应华为云控制台用户名->我的凭证->项目列表->项目ID","type":"string"},"protect_status":{"description":"域名防护状态:\n - -1:bypass,该域名的请求直接到达其后端服务器,不再经过WAF\n - 0:暂停防护,WAF只转发该域名的请求,不做攻击检测\n - 1:开启防护,WAF根据您配置的策略进行攻击检测","type":"integer"},"protocol":{"description":"后端包含的协议类型:HTTPS、HTTP、HTTP&HTTPS","type":"string"},"proxy":{"description":"防护域名是否使用代理 \n - false:不使用代理 \n - true:使用代理","type":"boolean"},"server":{"description":"防护域名的源站服务器配置信息","items":{"$ref":"#/definitions/CloudWafServer"},"type":"array"},"timeout_config":{"$ref":"#/definitions/TimeoutConfig","description":"超时配置"},"timestamp":{"description":"创建防护域名的时间戳(毫秒)","format":"int64","type":"integer"},"tls":{"description":"配置的最低TLS版本(TLS v1.0/TLS v1.1/TLS v1.2),默认为TLS v1.0版本,对于低于最低TLS版本的请求,将无法正常访问网站","enum":["TLS v1.0","TLS v1.1","TLS v1.2"],"type":"string"},"traffic_mark":{"$ref":"#/definitions/TrafficMark","description":"流量标识"},"web_tag":{"description":"网站名称,对应WAF控制台域名详情中的网站名称","type":"string"}}},"TimeoutConfig":{"description":"超时配置,开启后不支持关闭","properties":{"connect_timeout":{"description":"WAF连接源站超时配置","format":"int32","type":"integer"},"read_timeout":{"description":"WAF接收源站响应超时配置","format":"int32","type":"integer"},"send_timeout":{"description":"WAF发送请求到源站超时配置","format":"int32","type":"integer"}}},"TrafficMark":{"description":"流量标识(用于攻击惩罚),WAF根据这些配置判断如何在Header中识别客户端IP(代理模式)、如何在Cookie中识别Session、如何在参数中识别User。","properties":{"cookie":{"description":"Session标记,用于Cookie恶意请求的攻击惩罚功能。在选择Cookie拦截的攻击惩罚功能前,必须配置该标识","type":"string"},"params":{"description":"User标记,用于Params恶意请求的攻击惩罚功能。在选择Params拦截的攻击惩罚功能前,必须配置该标识。","type":"string"},"sip":{"description":"IP标记,客户端最原始的IP地址的HTTP请求头字段。","items":{"type":"string"},"type":"array"}}}},"description":null,"group_id":"29975c0bd7ce463ca70ad5c074e3974b","host":"waf.cn-north-4.myhuaweicloud.com","id":"5ccaa4d594f04e0ca8034f0e8fa443d8","info_version":"v1","method":"get","name":"ShowHost","parameters":{},"paths":{"/v1/{project_id}/waf/instance/{instance_id}":{"get":{"description":"根据防护域名Id查询云模式防护域名详细信息","operationId":"ShowHost","parameters":[{"description":"用户Token,通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值)。","in":"header","name":"X-Auth-Token","required":true,"type":"string"},{"default":"application/json;charset=utf8","description":"内容类型","in":"header","name":"Content-Type","required":true,"type":"string"},{"description":"项目ID,对应华为云控制台用户名->我的凭证->项目列表->项目ID","in":"path","name":"project_id","required":true,"type":"string"},{"description":"您可以通过调用企业项目管理服务(EPS)的查询企业项目列表接口(ListEnterpriseProject)查询企业项目id","in":"query","name":"enterprise_project_id","required":false,"type":"string"},{"description":"域名id,您可以通过调用查询云模式防护域名列表(ListHost)获取域名id","in":"path","name":"instance_id","required":true,"type":"string"}],"produces":["application/json"],"responses":{"200":{"description":"OK","examples":{"application/json":{"access_code":"1b18879b9d064f8bbcbf8abce7294cac","access_status":0,"block_page":{"template":"default"},"description":"","domainid":"d4ecb00b031941ce9171b7bc3386883f","enterprise_project_id":"0","exclusive_ip":false,"flag":{"cname":"new","ipv6":"false","is_dual_az":"true","pci_3ds":"false","pci_dss":"false"},"hostname":"www.demo.com","http2_enable":false,"id":"31af669f567246c289771694f2112289","locked":0,"policyid":"41cba8aee2e94bcdbf57460874205494","projectid":"0456cf04d6f64725ab02ed5bd2efdfa4","protect_status":0,"protocol":"HTTP","proxy":false,"server":[{"address":"x.x.x.x","back_protocol":"HTTP","front_protocol":"HTTP","port":80,"type":"ipv4","weight":1}],"timestamp":1650527546420,"web_tag":""}},"schema":{"$ref":"#/definitions/ShowHostResponseBody"}},"400":{"description":"请求失败","schema":{"$ref":"#/definitions/RestErrorResponse"}},"401":{"description":"token权限不足","schema":{"$ref":"#/definitions/RestErrorResponse"}},"500":{"description":"服务器内部错误","schema":{"$ref":"#/definitions/RestErrorResponse"}}},"summary":"根据防护域名Id查询云模式防护域名详细信息","tags":["云模式防护网站管理"],"x-hybridcloud":false,"x-is-registered":"Y","x-request-examples-description-1":"获取项目id为project_id,防护域名Id为instance_id的云模式防护域名详细信息","x-request-examples-url-1":"GET https://{Endpoint}/v1/{project_id}/waf/instance/{instance_id}?enterprise_project_id=0","x-support-sdk":"Y"}}},"product_short":"WAF","region_id":"cn-north-4","schemes":["HTTPS"],"security_definitions":null,"summary":"根据防护域名Id查询云模式防护域名详细信息","tags":"云模式防护网站管理","uri":null,"version":"2.0"}