Creates an access control policy.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | AddControlPolicy |
The operation that you want to perform. Set the value to AddControlPolicy. |
AclAction | String | Yes | accept |
The action that Cloud Firewall performs on the traffic. Valid values:
|
ApplicationName | String | Yes | HTTP |
The application type that the access control policy supports. Valid values:
Note The value of this parameter depends on the value of Proto. If Proto is set to TCP,
ApplicationName can be set to any valid value. If Proto is set to UDP, ICMP, or ANY,
You must set ApplicationName to ANY.
|
Description | String | Yes | Allow all TCP traffic |
The description of the access control policy. |
Destination | String | Yes | 1.2.3.4/24 |
The destination address defined in the access control policy. Valid values:
|
DestinationType | String | Yes | net |
The destination address type defined in the access control policy. Valid values:
|
Direction | String | Yes | in |
The direction of traffic to which the access control policy applies. Valid values:
|
NewOrder | String | Yes | -1 |
The priority of the access control policy. The priority value starts from 1. A small priority value indicates a high priority. Note The value of -1 indicates the lowest priority.
|
Proto | String | Yes | TCP |
The protocol type of traffic to which the access control policy applies. Valid values:
|
Source | String | Yes | 1.2.3.0/24 |
The source address defined in the access control policy. Valid values:
|
SourceType | String | Yes | net |
The type of the source address book defined in the access control policy. Valid values:
|
SourceIp | String | No | 1.2.3.5 |
The source IP address of the request. |
Lang | String | No | zh |
The natural language of the request and response. Valid values:
|
DestPort | String | No | 80 |
The destination port defined in the access control policy. Valid values:
Note If DestPortType is set to group, you do not need to specify the destination port number.
All ports that are to be controlled by the access control policy are included in the
destination port address book.
|
DestPortType | String | No | port |
The destination port type defined in the access control policy. Valid values:
|
DestPortGroup | String | No | my_port_group |
The destination port address book defined in the access control policy. Note If DestPortType is set to group, you must specify the destination port address book.
|
Release | String | No | true |
Specifies whether the access control policy is enabled. By default, an access control policy is enabled after it is created. Valid values:
|
Location codes:
- China: ZD
- Beijing: BJ11
- Tianjin: TJ12
- Hebei: HB13
- Shanxi: SX14
- Liaoning: LN21
- Jilin: JL22
- Shanghai: SH31
- Jiangsu: JS32
- Zhejiang: ZJ33
- Anhui: AH34
- Fujian: FJ35
- Jiangxi: JX36
- Shandong: SD37
- Henan: HN41
- Hubei: HB42
- Hunan: HN43
- Guangdong: GD44
- Hainan: HN46
- Chongqing: CQ50
- Sichuan: SC51
- Guizhou: GZ52
- Yunnan: YN53
- Shaanxi: SX61
- Gansu: GS62
- Qinghai: QH63
- Heilongjiang: HLJ23
- Xizang: XZ54
- Guangxi: GX45
- Nei Mongol: NMG15
- Ningxia: NX64
- Xinjiang: XJ65
- Taiwan: TW
- Hong Kong S.A.R: HK
- Macao S.A.R: MO
- Areas outside China: ZB
- Asia (except mainland China):ZC
- Europe: EU
- Africa: AF
- North America: NA
- South America: LA
- Oceania: OA
- Antarctica: AQ
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
AclUuid | String | 00281255-d220-4db1-8f4f-c4df221ad84c |
The unique ID of the access control policy. |
RequestId | String | CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D |
The ID of the request. |
Examples
Sample requests
http(s)://[Endpoint]/? Action=AddControlPolicy
&AclAction=accept
&ApplicationName=ANY
&Description=demo_rule_1
&Destination=1.2.3.4/24
&DestinationType=net
&Direction=in
&NewOrder=-1
&Proto=TCP
&Source=1.2.3.0/24
&SourceType=net
&<Common request parameters>
Sample success responses
XML
format
<AddControlPolicyResponse>
<RequestId>CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D</RequestId>
<AclUuid>00281255-d220-4db1-8f4f-c4df221ad84c</AclUuid>
</AddControlPolicyResponse>
JSON
format
{
"RequestId": "CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D",
"AclUuid": "00281255-d220-4db1-8f4f-c4df221ad84c"
}
Error codes
For a list of error codes, visit the API Error Center.