DescribeHybridCloudResources - Web Application Firewall - Alibaba Cloud Documentation Center

Queries the domain names that are added to a Web Application Firewall (WAF) instance in hybrid cloud mode.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-waf:DescribeHybridCloudResources	Read	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
InstanceId	string	Yes	The ID of the WAF instance. Note You can call the DescribeInstance operation to obtain the ID of the WAF instance.	waf_v3prepaid_public_cn-***********
Domain	string	No	The domain name that you want to query.	www.aliyundoc.com
Backend	string	No	The back-to-origin IP address or domain name.	1.1.XX.XX
PageNumber	long	No	The page number. Default value: 1.	1
PageSize	long	No	The number of entries per page. Default value: 10.	10
CnameEnabled	boolean	No	Specifies whether the public cloud disaster recovery feature is enabled for the domain name. Valid values: true false	true
ResourceManagerResourceGroupId	string	No	The ID of the resource group.	rg-acfmvtc5z52****
RegionId	string	No	The region ID of the WAF instance. Valid values: cn-hangzhou: the Chinese mainland. ap-southeast-1: outside the Chinese mainland.	cn-hangzhou

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The ID of the request.	98D2AA9A-5959-5CCD-83E3-B6606232A2BE
TotalCount	long	The total number of entries that are returned.	24
Domains	object []	The domain names.
Id	long	The access ID.	1
Uid	string	The user ID.	130715431409****
Domain	string	The domain name.	www.aliyundoc.com
Status	integer	The status of the domain name. Valid values: 1: The domain name is in a normal state. 2: The domain name is being created. 3: The domain name is being modified. 4: The domain name is being released. 5: WAF no longer forwards the traffic of the domain name.	1
Cname	string	The CNAME assigned by WAF. Note This parameter is returned only if the value of CnameEnabled is true.	50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com
Listen	object	The listeners.
HttpPorts	array	The HTTP listener ports.
	long	The HTTP listener port.	80
HttpsPorts	array	The HTTPS listener ports.
	long	The HTTPS listener port.	443
Http2Enabled	boolean	Indicates whether HTTP/2 is enabled. Valid values: true false	false
CertId	string	The ID of the certificate.	72***76-cn-hangzhou
TLSVersion	string	The version of the Transport Layer Security (TLS) protocol. Valid values: tlsv1 tlsv1.1 tlsv1.2	tlsv1.2
EnableTLSv3	boolean	Indicates whether TLS 1.3 is supported. Valid values: true false	true
CipherSuite	integer	The types of cipher suites that are added. Valid values: 1: all cipher suites. 2: strong cipher suites. 99: custom cipher suites.	1
CustomCiphers	array	The custom cipher suites. Note This parameter is returned only if the value of CipherSuite is 99.
	string	The custom cipher suite.	ECDHE-ECDSA-AES128-GCM-SHA256
FocusHttps	boolean	Indicates whether the HTTP to HTTPS redirection feature is enabled for the domain name. Valid values: true false	false
XffHeaderMode	integer	The method that is used to obtain the actual IP address of a client. Valid values: 0: No Layer 7 proxies are deployed in front of WAF. 1: WAF reads the first value of the X-Forwarded-For (XFF) header field as the actual IP address of the client. 2: WAF reads the value of a custom header field as the actual IP address of the client.	0
XffHeaders	array	The custom header fields that are used to obtain the actual IP addresses of clients. The value is in the ["header1","header2",...] format. Note This parameter is returned only if the value of XffHeaderMode is 2.
	string	The custom header field that is used to obtain the actual IP address of a client.	Client-ip
IPv6Enabled	boolean	Specifies whether to enable IPv6. Valid values: true false	false
ProtectionResource	string	The type of the protection resource. Valid values: share: shared cluster. gslb: shared cluster-based intelligent load balancing.	share
ExclusiveIp	boolean	Indicates whether exclusive IP addresses are supported. Valid values: true false	true
Redirect	object	The configurations of the forwarding rule.
Backends	array	The IP addresses or domain names of the origin server.
	string	The IP address or domain name of the origin server.	1.1.XX.XX
FocusHttpBackend	boolean	Indicates whether the HTTPS to HTTP redirection feature is enabled for back-to-origin requests. Valid values: true false	true
Loadbalance	string	The load balancing algorithm that is used to forward requests to the origin server. Valid values: iphash roundRobin leastTime	iphash
SniEnabled	boolean	Indicates whether the origin Server Name Indication (SNI) feature is enabled. Valid values: true false	true
SniHost	string	The value of the custom SNI field. If the parameter is left empty, the value of the Host field in the request header is automatically used as the value of the SNI field. Note This parameter is returned only if the value of SniEnabled is true.	www.aliyundoc.com
RequestHeaders	object []	The key-value pair that is used to label requests that pass through WAF.
Key	string	The key of the custom header field.	aaa
Value	string	The value of the custom header field.	bbb
ConnectTimeout	long	The timeout period for connections. Unit: seconds. Valid values: 5 to 120.	120
CnameEnabled	boolean	Indicates whether the public cloud disaster recovery feature is enabled. Valid values: true false	true
RoutingRules	string	The forwarding rules that are configured for the domain name. This parameter is a string that consists of JSON arrays. Each element in a JSON array is a JSON struct that contains the following fields: rs: the back-to-origin IP addresses or CNAMEs. The value is of the ARRAY type. location: the name of the protection node. The value is of the STRING type. locationId: the ID of the protection node. The value is of the LONG type.	[ { "rs": [ "1.1.XX.XX" ], "locationId": 535, "location": "test1111" } ]
Keepalive	boolean	Indicates whether the persistent connection feature is enabled. Valid values: true false	true
KeepaliveRequests	long	The number of reused persistent connections. Valid values: 60 to 1000. Note This parameter indicates the number of reused persistent connections after the persistent connection feature is enabled.	1000
KeepaliveTimeout	long	The timeout period for persistent connections that are in the Idle state. Unit: seconds. Valid values: 1 to 60. Default value: 15. Note This parameter indicates the period of time during which a reused persistent connection can remain in the Idle state before the persistent connection is released.	15
ReadTimeout	long	The timeout period for read connections. Unit: seconds. Valid values: 5 to 1800.	200
Retry	boolean	Indicates whether WAF retries forwarding requests if requests fail to be forwarded to the origin server. Valid values: true false	true
WriteTimeout	long	The timeout period for write connections. Unit: seconds. Valid values: 5 to 1800.	200
ResourceManagerResourceGroupId	string	The ID of the Alibaba Cloud resource group.	rg-acfmvtc5z52****

Examples

Sample success responses

JSONformat

{
  "RequestId": "98D2AA9A-5959-5CCD-83E3-B6606232A2BE",
  "TotalCount": 24,
  "Domains": [
    {
      "Id": 1,
      "Uid": "130715431409****",
      "Domain": "www.aliyundoc.com",
      "Status": 1,
      "Cname": "50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com",
      "Listen": {
        "HttpPorts": [
          80
        ],
        "HttpsPorts": [
          443
        ],
        "Http2Enabled": false,
        "CertId": "72***76-cn-hangzhou",
        "TLSVersion": "tlsv1.2",
        "EnableTLSv3": true,
        "CipherSuite": 1,
        "CustomCiphers": [
          "ECDHE-ECDSA-AES128-GCM-SHA256"
        ],
        "FocusHttps": false,
        "XffHeaderMode": 0,
        "XffHeaders": [
          "Client-ip"
        ],
        "IPv6Enabled": false,
        "ProtectionResource": "share",
        "ExclusiveIp": true
      },
      "Redirect": {
        "Backends": [
          "1.1.XX.XX"
        ],
        "FocusHttpBackend": true,
        "Loadbalance": "iphash",
        "SniEnabled": true,
        "SniHost": "www.aliyundoc.com",
        "RequestHeaders": [
          {
            "Key": "aaa",
            "Value": "bbb"
          }
        ],
        "ConnectTimeout": 120,
        "CnameEnabled": true,
        "RoutingRules": "[\n      {\n            \"rs\": [\n                  \"1.1.XX.XX\"\n            ],\n            \"locationId\": 535,\n            \"location\": \"test1111\"\n      }\n]",
        "Keepalive": true,
        "KeepaliveRequests": 1000,
        "KeepaliveTimeout": 15,
        "ReadTimeout": 200,
        "Retry": true,
        "WriteTimeout": 200
      },
      "ResourceManagerResourceGroupId": "rg-acfmvtc5z52****"
    }
  ]
}