Creates a firewall rule for a simple application server.
Description
Firewalls can be used to implement access control on simple application servers and define security domains in the cloud. By default, the firewall of each simple application server allows traffic on Secure Shell (SSH) port 22, HTTP port 80, and HTTPS port 443 and denies traffic on the other ports. You can add firewall rules to allow traffic on more ports.
QPS limits
The queries per second (QPS) limit for a single user for the API operation is 10 calls per minute. If the number of calls to the API operation per minute exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation. For more information, see QPS limit.
Request parameters
| Parameter | Type | Required | Example | Description |
|---|---|---|---|---|
| InstanceId | String | Yes | ace0706b2ac4454d984295a94213**** |
The ID of the simple application server. |
| RegionId | String | Yes | cn-hangzhou |
The region ID of the simple application server. |
| RuleProtocol | String | Yes | TCP |
The transport layer protocol. Valid values:
|
| Port | String | Yes | 3306 |
The port range. Valid values of port numbers: 1 to 65535. Specify a port range in
the format of <start port number>/<end port number>. Example: |
| ClientToken | String | No | 123e4567-e89b-12d3-a456-426655440000 |
The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must ensure that it is unique among different requests. The token can only contain ASCII characters and cannot exceed 64 characters in length. For more information, see How to ensure idempotence. |
| Action | String | Yes | CreateFirewallRule |
The operation that you want to perform. Set the value to CreateFirewallRule. |
| Remark | String | No | The default port of the test-MySQL server |
The remarks of the firewall rule. |
Response parameters
| Parameter | Type | Example | Description |
|---|---|---|---|
| RequestId | String | 20758A-585D-4A41-A9B2-28DA8F4F534F |
The ID of the request. |
| FirewallId | String | 8007e18c61024aafbd776d52d0**** |
The ID of the firewall rule. |
Examples
Sample requests
https://swas.cn-hangzhou.aliyuncs.com/?Action=CreateFirewallRule
&InstanceId=ace0706b2ac4454d984295a94213****
&Port=3306
&RuleProtocol=Tcp
&Remark = The default port of the test-MySQL server
&<Common request parameters>Sample success responses
XML format
HTTP/1.1 200 OK
Content-Type:application/xml
<CreateFirewallRuleResponse>
<RequestId>20758A-585D-4A41-A9B2-28DA8F4F534F </RequestId>
<FirewallId>8007e18c61024aafbd776d52d0****</FirewallId>
</CreateFirewallRuleResponse>JSON format
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "20758A-585D-4A41-A9B2-28DA8F4F534F\t",
"FirewallId" : "8007e18c61024aafbd776d52d0****"
}Error codes
| HTTP status code | Error code | Error message | Description |
|---|---|---|---|
| 400 | InvalidProtocol.ValueNotSupported | The specified parameter Protocol is invalid. | The error message returned because the specified RuleProtocol parameter is invalid. |
| 400 | InvalidPort.ValueNotSupported | The specified parameter Port is invalid. | The error message returned because the specified Port parameter is invalid. |
| 400 | RegionIdNotMatchHost | The parameter regionId does not match the endpoint host. | The error message returned because the specified RegionId parameter does not match the service address that you selected. |
| 403 | FirewallRuleLimitExceed | The maximum number of firewall rules in an instance is exceeded. | The error message returned because the maximum number of firewall rules that can be created for the simple application server is reached. |
| 403 | FirewallRuleAlreadyExist | The specified Rule already exist | The error message returned because the firewall rule already exists. |
| 404 | InvalidInstanceId.NotFound | The specified InstanceId does not exist. | The error message returned because the specified InstanceId parameter is invalid. |
| 500 | InternalError | An error occurred while processing your request. | The error message returned because an internal error has occurred. Try again later. If the problem persists, submit a ticket. |
For a list of error codes, visit the API Error Center.