DescribeInstance - Web Application Firewall - Alibaba Cloud Documentation Center

Queries the details of a Web Application Firewall (WAF) instance within the current Alibaba Cloud account.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-waf:DescribeInstance	Read	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
ResourceManagerResourceGroupId	string	No	The ID of the resource group.	rg-acfm***q
RegionId	string	No	The region where the WAF instance resides. Valid values: cn-hangzhou: the Chinese mainland ap-southeast-1: outside the Chinese mainland.	cn-hangzhou

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The ID of the request.	66A98669-CC6E-4F3E-80A6-3014697B11AE
InstanceId	string	The ID of the WAF instance.	waf-cn-xxx
RegionId	string	The region where the WAF instance resides. Valid values: cn-hangzhou: the Chinese mainland ap-southeast-1: outside the Chinese mainland.	cn-hangzhou
Edition	string	The edition of the WAF instance.	default_version
Details	object	The details of the WAF instance.
Gslb	boolean	Indicates whether global server load balancing (GSLB) is supported. Valid values: true: GSLB is supported. false: GSLB is not supported.	true
Ipv6	boolean	Indicates whether IPv6 is supported. Valid values: true: IPv6 is supported. false: IPv6 is not supported.	true
ExclusiveIp	boolean	Indicates whether exclusive IP addresses are supported. Valid values: true: Exclusive IP addresses are supported. false: Exclusive IP addresses are not supported.	true
BackendMaxCount	long	The maximum number of back-to-origin IP addresses that can be configured.	20
CnameResourceMaxCount	long	The maximum number of CNAMEs that can be added.	1000
LogService	boolean	Indicates whether the log collection feature is supported. Valid values: true: The log collection feature is supported. false: The log collection feature is not supported.	true
DefenseObjectMaxCount	long	The maximum number of protected objects that can be configured.	20,000
DefenseGroupMaxCount	long	The maximum number of protected object groups that can be configured.	100
DefenseObjectInGroupMaxCount	long	The maximum number of protected objects that can be included in a protected object group.	100
DefenseObjectInTemplateMaxCount	long	The maximum number of protected objects to which a protection rule template can be applied.	100
BaseWafGroup	boolean	Indicates whether the basic protection rule module is supported. Valid values: true: The basic protection rule module is supported. false: The basic protection rule module is not supported.	true
BaseWafGroupRuleTemplateMaxCount	long	The maximum number of basic protection rule templates that can be configured.	20
BaseWafGroupRuleInTemplateMaxCount	long	The maximum number of protection rules that can be included in a basic protection rule template.	100
Whitelist	boolean	Indicates whether the whitelist module is supported. Valid values: true: The whitelist module is supported. false: The whitelist module is not supported.	true
WhitelistTemplateMaxCount	long	The maximum number of whitelist rule templates that can be configured.	20
WhitelistRuleInTemplateMaxCount	long	The maximum number of rules that can be included in a whitelist rule template.	100
WhitelistRuleCondition	string	The match fields that can be used in a whitelist rule. For more information, see Match condition parameters in the "Parameters of whitelist rules (whitelist)" section in the CreateDefenseRule topic.	URL
WhitelistLogical	string	The logical operators that can be used in a whitelist rule. For more information, see Match condition parameters in the "Parameters of whitelist rules (whitelist)" section in the CreateDefenseRule topic.	contain
IpBlacklist	boolean	Indicates whether the IP address blacklist module is supported. Valid values: true: The IP address blacklist module is supported. false: The IP address blacklist module is not supported.	true
IpBlacklistTemplateMaxCount	long	The maximum number of IP address blacklist rule templates that can be configured.	20
IpBlacklistRuleInTemplateMaxCount	long	The maximum number of rules that can be included in an IP address blacklist rule template.	100
IpBlacklistIpInRuleMaxCount	long	The maximum number of IP addresses that can be added to an IP address blacklist rule.	200
CustomRule	boolean	Indicates whether the custom rule module is supported. Valid values: true: The custom rule module is supported. false: The custom rule module is not supported.	true
CustomRuleTemplateMaxCount	long	The maximum number of custom rule templates that can be configured.	20
CustomRuleInTemplateMaxCount	long	The maximum number of rules that can be included in a custom rule template.	100
CustomRuleCondition	string	The match conditions that can be used in a custom rule. For more information, see Match condition parameters in the "Parameters of custom rules (custom_acl)" section in the CreateDefenseRule topic.	URL
CustomRuleRatelimitor	string	The statistical object for rate limiting in a custom rule.	header
CustomRuleAction	string	The action that can be included in a custom rule.	block
AntiScan	boolean	Indicates whether the scan protection module is supported. Valid values: true: The scan protection module is supported. false: The scan protection module is not supported.	true
AntiScanTemplateMaxCount	long	The maximum number of scan protection rule templates that can be configured.	20
CustomResponse	boolean	Indicates whether the custom response module is supported. Valid values: true: The custom response module is supported. false: The custom response module is not supported.	true
CustomResponseTemplateMaxCount	long	The maximum number of custom response rule templates that can be configured.	20
CustomResponseRuleInTemplateMaxCount	long	The maximum number of rules that can be included in a custom response rule template.	100
HttpPorts	string	The HTTP port range that is supported. For more information, see View supported ports.	80
HttpsPorts	string	The HTTPS port range that is supported. For more information, see View supported ports.	443
AclRuleMaxIpCount	long	The maximum number of IP addresses that can be added to the match content of a match condition. For more information, see Match conditions.	100
MajorProtection	boolean	Indicates whether major event protection is supported. Valid values: true: Major event protection is supported. false: Major event protection is not supported.	true
MajorProtectionTemplateMaxCount	long	The maximum number of major event protection rule templates that can be configured.	20
VastIpBlacklistMaxCount	long	The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist per Alibaba Cloud account.	50,000
VastIpBlacklistInFileMaxCount	long	The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist in a batch.	2,000
VastIpBlacklistInOperationMaxCount	long	The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist on a page.	500
Bot	boolean	Indicates whether the bot management module is supported. Valid values: true: The bot management module is supported. false: The bot management module is not supported.	true
Tamperproof	boolean	Indicates whether the website tamper-proofing module is supported. Valid values: true: The website tamper-proofing module is supported. false: The website tamper-proofing module is not supported.	true
Dlp	boolean	Indicates whether the data leakage prevention module is supported. Valid values: true: The data leakage prevention module is supported. false: The data leakage prevention module is not supported.	true
BotTemplateMaxCount	long	The maximum number of bot management rule templates that can be configured.	50
TamperproofTemplateMaxCount	long	The maximum number of website tamper-proofing rule templates that can be configured.	50
TamperproofRuleInTemplateMaxCount	long	The maximum number of rules that can be included in a website tamper-proofing rule template.	50
DlpTemplateMaxCount	long	The maximum number of data leakage prevention rule templates that can be configured.	50
DlpRuleInTemplateMaxCount	long	The maximum number of rules that can be included in a data leakage prevention rule template.	50
BotApp	string	Indicates whether bot management for app protection is supported. Valid values: true: Bot management for app protection is supported. false: Bot management for app protection is not supported.	true
BotWeb	string	Indicates whether bot management for website protection is supported. Valid values: true: Bot management for website protection is supported. false: Bot management for website protection is not supported.	true
EndTime	long	The expiration time of the WAF instance.	4809859200000
Status	integer	The status of the WAF instance. Valid values: 1: The WAF instance is in a normal state. 2: The WAF instance has expired. 3: The WAF instance has been released.	1
PayType	string	The billing method of the WAF instance. Valid values: POSTPAY: The WAF instance uses the pay-as-you-go billing method. PREPAY: The WAF instance uses the subscription billing method.	POSTPAY
InDebt	string	Indicates whether the WAF instance has overdue payments. Valid values: 0: The WAF instance does not have overdue payments. 1: The WAF instance has overdue payments.	1
StartTime	long	The purchase time of the WAF instance. The time is in the UNIX timestamp format. The time is displayed in UTC. Unit: milliseconds.	1668496310000

Examples

Sample success responses

JSONformat

{
  "RequestId": "66A98669-CC6E-4F3E-80A6-3014697B11AE",
  "InstanceId": "waf-cn-xxx",
  "RegionId": "cn-hangzhou",
  "Edition": "default_version",
  "Details": {
    "Gslb": true,
    "Ipv6": true,
    "ExclusiveIp": true,
    "BackendMaxCount": 20,
    "CnameResourceMaxCount": 1000,
    "LogService": true,
    "DefenseObjectMaxCount": 0,
    "DefenseGroupMaxCount": 100,
    "DefenseObjectInGroupMaxCount": 100,
    "DefenseObjectInTemplateMaxCount": 100,
    "BaseWafGroup": true,
    "BaseWafGroupRuleTemplateMaxCount": 20,
    "BaseWafGroupRuleInTemplateMaxCount": 100,
    "Whitelist": true,
    "WhitelistTemplateMaxCount": 20,
    "WhitelistRuleInTemplateMaxCount": 100,
    "WhitelistRuleCondition": "URL",
    "WhitelistLogical": "contain",
    "IpBlacklist": true,
    "IpBlacklistTemplateMaxCount": 20,
    "IpBlacklistRuleInTemplateMaxCount": 100,
    "IpBlacklistIpInRuleMaxCount": 200,
    "CustomRule": true,
    "CustomRuleTemplateMaxCount": 20,
    "CustomRuleInTemplateMaxCount": 100,
    "CustomRuleCondition": "URL",
    "CustomRuleRatelimitor": "header",
    "CustomRuleAction": "block",
    "AntiScan": true,
    "AntiScanTemplateMaxCount": 20,
    "CustomResponse": true,
    "CustomResponseTemplateMaxCount": 20,
    "CustomResponseRuleInTemplateMaxCount": 100,
    "HttpPorts": "80",
    "HttpsPorts": "443",
    "AclRuleMaxIpCount": 100,
    "MajorProtection": true,
    "MajorProtectionTemplateMaxCount": 20,
    "VastIpBlacklistMaxCount": 0,
    "VastIpBlacklistInFileMaxCount": 0,
    "VastIpBlacklistInOperationMaxCount": 500,
    "Bot": true,
    "Tamperproof": true,
    "Dlp": true,
    "BotTemplateMaxCount": 50,
    "TamperproofTemplateMaxCount": 50,
    "TamperproofRuleInTemplateMaxCount": 50,
    "DlpTemplateMaxCount": 50,
    "DlpRuleInTemplateMaxCount": 50,
    "BotApp": "true",
    "BotWeb": "true"
  },
  "EndTime": 4809859200000,
  "Status": 1,
  "PayType": "POSTPAY",
  "InDebt": "1",
  "StartTime": 1668496310000
}

Error codes

For a list of error codes, visit the Service error codes.