All Products
Document Center

Cloud Firewall:Example of calling an API operation

Last Updated:Sep 20, 2023

This topic provides an example to show how to call an API operation of Cloud Firewall.

View API documentation

You can view the supported API operations in List of operations by function. In this topic, the DescribeAssetList operation is used as an example to show how to call an API operation by using an Alibaba Cloud SDK. For more information, see DescribeAssetList - Queries the assets that are protected by Cloud Firewall.

Create a RAM user and grant permissions to the RAM user


You can call an operation by using an Alibaba Cloud account, a Resource Access Management (RAM) user, or a RAM role. For more information about the differences among the identities, see Identity, credential, and authorization. In this example, a RAM user is used.

Log on to the RAM console, create a RAM user that is authorized only to call API operations, and then record the AccessKey pair of the RAM user. For more information, see Create a RAM user.


  1. Go to the Users page of the RAM console, find the RAM user, and click Add Permissions in the Actions column.

  2. In the Select Policy section, enter CloudFirewall in the search box to search for and select the AliyunYundunCloudFirewallFullAccess policy.

    • The following list describes the system policies of Cloud Firewall:

      • AliyunYundunCloudFirewallFullAccess: management permissions on Cloud Firewall.

      • AliyunYundunCloudFirewallReadOnlyAccess: read-only permissions on Cloud Firewall.

    • For more information about how to create custom policies, see RAM authorization.

  3. Click OK.


By default, an AccessKey pair is generated when you create a RAM user. You can directly use the AccessKey pair. You can also perform the following operations to create an AccessKey pair: Go to the details page of a RAM user. On the Authentication tab, click Create AccessKey. For more information, see Create an AccessKey pair.

Call an API operation

The following example shows how to call an API operation in Python.

Prepare a Python environment

  1. Download and install Python.

    For more information about how to download Python 3, visit Python 3.

  2. Check the version of Python.

    • Linux and macOS

      Open the terminal and run the python --version command.

    • Windows

      • In the Python installation directory, double-click python.exe.

      • Start the Command Prompt.

        Press Win+R to open the Run dialog box, enter python, and then click OK.

Configure environment variables

In this example, environment variables are configured to manage the AccessKey pair. This helps prevent security risks that are caused by hard coding the AccessKey pair into your business code.

  • Linux and macOS

    Replace <access_key_id> and <access_key_secret> in the following commands with the actual AccessKey ID and AccessKey secret.

  • export ALIBABA_CLOUD_ACCESS_KEY_ID=<access_key_id>
    export ALIBABA_CLOUD_ACCESS_KEY_SECRET=<access_key_secret>
  • Windows

    Create an environment variable file, add the ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET environment variables to the file, and then specify your AccessKey ID for ALIBABA_CLOUD_ACCESS_KEY_ID and your AccessKey secret for ALIBABA_CLOUD_ACCESS_KEY_SECRET. Then, restart the Windows operating system.

Install dependencies

pip install alibabacloud_credentials
pip install alibabacloud_cloudfw20171207==1.3.2
pip install alibabacloud_tea_console

Download sample code

  1. In OpenAPI Explorer, access the URL of the DescribeAssetList operation.

  2. On the Parameters tab, specify the required parameters CurrentPage and PageSize, and click Initiate Call.

  3. On the SDK Sample Code tab, click the Python tab to obtain the Python sample code of the operation.

  4. Click Download Project to download the sample code package.

  5. Decompress the sample code package on your computer and access the alibabacloud_sample directory.

Run sample code

Run the following command:


The following output is returned:

	"headers": {
		"date": "Thu, 10 Aug 2023 10:18:48 GMT",
		"content-type": "application/json;charset=utf-8",
		"content-length": "1194",
		"connection": "keep-alive",
		"keep-alive": "timeout=25",
		"vary": "Accept-Encoding",
		"access-control-allow-origin": "*",
		"access-control-expose-headers": "*",
		"x-acs-request-id": "B49120FC-5A22-5500-A005-060F487E****",
		"x-acs-trace-id": "e04deb393afe188190485401aa41****",
		"etag": "1SZicxaXw+FjDwnyteba****"
	"statusCode": 200,
	"body": {
		"Assets": [{
			"AliUid": 163710033944****,
			"BindInstanceId": "i-bp14vt99zpj899eq****",
			"BindInstanceName": "launch-****-20210409",
			"CreateTimeStamp": "2023-07-05 15:05:01",
			"InternetAddress": "118.31.XX.XX",
			"IntranetAddress": "192.168.XX.XX",
			"MemberUid": 163710033944****,
			"Name": "launch-****-20210409",
			"NewResourceTag": "",
			"Note": "",
			"ProtectStatus": "closed",
			"RegionID": "cn-hangzhou",
			"RegionStatus": "enable",
			"ResourceInstanceId": "i-bp14vt99zpj899eq****",
			"ResourceType": "EcsPublicIP",
			"RiskLevel": "",
			"SgStatus": "block",
			"SgStatusTime": 1691350656,
			"SyncStatus": "enable",
			"Type": "ecs"
		}, {
			"AliUid": 163710033944****,
			"BindInstanceId": "i-bp1ic3k18jrurbxd****",
			"BindInstanceName": "launch-****-20230712",
			"CreateTimeStamp": "2023-07-12 17:49:46",
			"InternetAddress": "47.111.XX.XX",
			"IntranetAddress": "10.0.XX.XX",
			"MemberUid": 163710033944****,
			"Name": "launch-****-20230712",
			"NewResourceTag": "",
			"Note": "",
			"ProtectStatus": "closed",
			"RegionID": "cn-hangzhou",
			"RegionStatus": "enable",
			"ResourceInstanceId": "i-bp1ic3k18jrurbxd****",
			"ResourceType": "EcsPublicIP",
			"RiskLevel": "",
			"SgStatus": "block",
			"SgStatusTime": 1691350656,
			"SyncStatus": "enable",
			"Type": "ecs"
		"RequestId": "B49120FC-5A22-5500-A005-060F487EF211",
		"TotalCount": 16