This topic provides an example to show how to call an API operation of Cloud Firewall.
View API documentation
You can view the supported API operations in List of operations by function. In this topic, the DescribeAssetList operation is used as an example to show how to call an API operation by using an Alibaba Cloud SDK. For more information, see DescribeAssetList - Queries the assets that are protected by Cloud Firewall.
Create a RAM user and grant permissions to the RAM user
Identity
You can call an operation by using an Alibaba Cloud account, a Resource Access Management (RAM) user, or a RAM role. For more information about the differences among the identities, see Identity, credential, and authorization. In this example, a RAM user is used.
Log on to the RAM console, create a RAM user that is authorized only to call API operations, and then record the AccessKey pair of the RAM user. For more information, see Create a RAM user.
Authorization
Go to the Users page of the RAM console, find the RAM user, and click Add Permissions in the Actions column.
In the Select Policy section, enter CloudFirewall in the search box to search for and select the AliyunYundunCloudFirewallFullAccess policy.
NoteThe following list describes the system policies of Cloud Firewall:
AliyunYundunCloudFirewallFullAccess: management permissions on Cloud Firewall.
AliyunYundunCloudFirewallReadOnlyAccess: read-only permissions on Cloud Firewall.
For more information about how to create custom policies, see RAM authorization.
Click OK.
Credential
By default, an AccessKey pair is generated when you create a RAM user. You can directly use the AccessKey pair. You can also perform the following operations to create an AccessKey pair: Go to the details page of a RAM user. On the Authentication tab, click Create AccessKey. For more information, see Create an AccessKey pair.
Call an API operation
The following example shows how to call an API operation in Python.
Prepare a Python environment
Download and install Python.
For more information about how to download Python 3, visit Python 3.
Check the version of Python.
Linux and macOS
Open the terminal and run the
python --versioncommand.Windows
In the Python installation directory, double-click python.exe.
Start the Command Prompt.
Press Win+R to open the Run dialog box, enter python, and then click OK.
Configure environment variables
In this example, environment variables are configured to manage the AccessKey pair. This helps prevent security risks that are caused by hard coding the AccessKey pair into your business code.
Linux and macOS
Replace
<access_key_id>and<access_key_secret>in the following commands with the actual AccessKey ID and AccessKey secret.
export ALIBABA_CLOUD_ACCESS_KEY_ID=<access_key_id>
export ALIBABA_CLOUD_ACCESS_KEY_SECRET=<access_key_secret>Windows
Create an environment variable file, add the ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET environment variables to the file, and then specify your AccessKey ID for ALIBABA_CLOUD_ACCESS_KEY_ID and your AccessKey secret for ALIBABA_CLOUD_ACCESS_KEY_SECRET. Then, restart the Windows operating system.
Install dependencies
pip install alibabacloud_credentials
pip install alibabacloud_cloudfw20171207==1.3.2
pip install alibabacloud_tea_consoleDownload sample code
In OpenAPI Explorer, access the URL of the DescribeAssetList operation.
On the Parameters tab, specify the required parameters CurrentPage and PageSize, and click Initiate Call.
On the SDK Sample Code tab, click the Python tab to obtain the Python sample code of the operation.
Click Download Project to download the sample code package.
Decompress the sample code package on your computer and access the alibabacloud_sample directory.
Run sample code
Run the following command:
python sample.pyThe following output is returned:
{
"headers": {
"date": "Thu, 10 Aug 2023 10:18:48 GMT",
"content-type": "application/json;charset=utf-8",
"content-length": "1194",
"connection": "keep-alive",
"keep-alive": "timeout=25",
"vary": "Accept-Encoding",
"access-control-allow-origin": "*",
"access-control-expose-headers": "*",
"x-acs-request-id": "B49120FC-5A22-5500-A005-060F487E****",
"x-acs-trace-id": "e04deb393afe188190485401aa41****",
"etag": "1SZicxaXw+FjDwnyteba****"
},
"statusCode": 200,
"body": {
"Assets": [{
"AliUid": 163710033944****,
"BindInstanceId": "i-bp14vt99zpj899eq****",
"BindInstanceName": "launch-****-20210409",
"CreateTimeStamp": "2023-07-05 15:05:01",
"InternetAddress": "118.31.XX.XX",
"IntranetAddress": "192.168.XX.XX",
"MemberUid": 163710033944****,
"Name": "launch-****-20210409",
"NewResourceTag": "",
"Note": "",
"ProtectStatus": "closed",
"RegionID": "cn-hangzhou",
"RegionStatus": "enable",
"ResourceInstanceId": "i-bp14vt99zpj899eq****",
"ResourceType": "EcsPublicIP",
"RiskLevel": "",
"SgStatus": "block",
"SgStatusTime": 1691350656,
"SyncStatus": "enable",
"Type": "ecs"
}, {
"AliUid": 163710033944****,
"BindInstanceId": "i-bp1ic3k18jrurbxd****",
"BindInstanceName": "launch-****-20230712",
"CreateTimeStamp": "2023-07-12 17:49:46",
"InternetAddress": "47.111.XX.XX",
"IntranetAddress": "10.0.XX.XX",
"MemberUid": 163710033944****,
"Name": "launch-****-20230712",
"NewResourceTag": "",
"Note": "",
"ProtectStatus": "closed",
"RegionID": "cn-hangzhou",
"RegionStatus": "enable",
"ResourceInstanceId": "i-bp1ic3k18jrurbxd****",
"ResourceType": "EcsPublicIP",
"RiskLevel": "",
"SgStatus": "block",
"SgStatusTime": 1691350656,
"SyncStatus": "enable",
"Type": "ecs"
}],
"RequestId": "B49120FC-5A22-5500-A005-060F487EF211",
"TotalCount": 16
}
}