All Products
Search
Document Center

Web Application Firewall:DescribeInstance

Last Updated:Jun 11, 2024

Queries the details of a Web Application Firewall (WAF) instance within the current Alibaba Cloud account.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
yundun-waf:DescribeInstanceRead
  • All Resources
    *
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
ResourceManagerResourceGroupIdstringNo

The ID of the resource group.

rg-acfm***q
RegionIdstringNo

The region where the WAF instance resides. Valid values:

  • cn-hangzhou: the Chinese mainland
  • ap-southeast-1: outside the Chinese mainland.
cn-hangzhou

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The ID of the request.

66A98669-CC6E-4F3E-80A6-3014697B11AE
InstanceIdstring

The ID of the WAF instance.

waf-cn-xxx
RegionIdstring

The region where the WAF instance resides. Valid values:

  • cn-hangzhou: the Chinese mainland
  • ap-southeast-1: outside the Chinese mainland.
cn-hangzhou
Editionstring

The edition of the WAF instance.

default_version
Detailsobject

The details of the WAF instance.

Gslbboolean

Indicates whether global server load balancing (GSLB) is supported. Valid values:

  • true: GSLB is supported.
  • false: GSLB is not supported.
true
Ipv6boolean

Indicates whether IPv6 is supported. Valid values:

  • true: IPv6 is supported.
  • false: IPv6 is not supported.
true
ExclusiveIpboolean

Indicates whether exclusive IP addresses are supported. Valid values:

  • true: Exclusive IP addresses are supported.
  • false: Exclusive IP addresses are not supported.
true
BackendMaxCountlong

The maximum number of back-to-origin IP addresses that can be configured.

20
CnameResourceMaxCountlong

The maximum number of CNAMEs that can be added.

1000
LogServiceboolean

Indicates whether the log collection feature is supported. Valid values:

  • true: The log collection feature is supported.
  • false: The log collection feature is not supported.
true
DefenseObjectMaxCountlong

The maximum number of protected objects that can be configured.

20,000
DefenseGroupMaxCountlong

The maximum number of protected object groups that can be configured.

100
DefenseObjectInGroupMaxCountlong

The maximum number of protected objects that can be included in a protected object group.

100
DefenseObjectInTemplateMaxCountlong

The maximum number of protected objects to which a protection rule template can be applied.

100
BaseWafGroupboolean

Indicates whether the basic protection rule module is supported. Valid values:

  • true: The basic protection rule module is supported.
  • false: The basic protection rule module is not supported.
true
BaseWafGroupRuleTemplateMaxCountlong

The maximum number of basic protection rule templates that can be configured.

20
BaseWafGroupRuleInTemplateMaxCountlong

The maximum number of protection rules that can be included in a basic protection rule template.

100
Whitelistboolean

Indicates whether the whitelist module is supported. Valid values:

  • true: The whitelist module is supported.
  • false: The whitelist module is not supported.
true
WhitelistTemplateMaxCountlong

The maximum number of whitelist rule templates that can be configured.

20
WhitelistRuleInTemplateMaxCountlong

The maximum number of rules that can be included in a whitelist rule template.

100
WhitelistRuleConditionstring

The match fields that can be used in a whitelist rule. For more information, see Match condition parameters in the "Parameters of whitelist rules (whitelist)" section in the CreateDefenseRule topic.

URL
WhitelistLogicalstring

The logical operators that can be used in a whitelist rule. For more information, see Match condition parameters in the "Parameters of whitelist rules (whitelist)" section in the CreateDefenseRule topic.

contain
IpBlacklistboolean

Indicates whether the IP address blacklist module is supported. Valid values:

  • true: The IP address blacklist module is supported.
  • false: The IP address blacklist module is not supported.
true
IpBlacklistTemplateMaxCountlong

The maximum number of IP address blacklist rule templates that can be configured.

20
IpBlacklistRuleInTemplateMaxCountlong

The maximum number of rules that can be included in an IP address blacklist rule template.

100
IpBlacklistIpInRuleMaxCountlong

The maximum number of IP addresses that can be added to an IP address blacklist rule.

200
CustomRuleboolean

Indicates whether the custom rule module is supported. Valid values:

  • true: The custom rule module is supported.
  • false: The custom rule module is not supported.
true
CustomRuleTemplateMaxCountlong

The maximum number of custom rule templates that can be configured.

20
CustomRuleInTemplateMaxCountlong

The maximum number of rules that can be included in a custom rule template.

100
CustomRuleConditionstring

The match conditions that can be used in a custom rule. For more information, see Match condition parameters in the "Parameters of custom rules (custom_acl)" section in the CreateDefenseRule topic.

URL
CustomRuleRatelimitorstring

The statistical object for rate limiting in a custom rule.

header
CustomRuleActionstring

The action that can be included in a custom rule.

block
AntiScanboolean

Indicates whether the scan protection module is supported. Valid values:

  • true: The scan protection module is supported.
  • false: The scan protection module is not supported.
true
AntiScanTemplateMaxCountlong

The maximum number of scan protection rule templates that can be configured.

20
CustomResponseboolean

Indicates whether the custom response module is supported. Valid values:

  • true: The custom response module is supported.
  • false: The custom response module is not supported.
true
CustomResponseTemplateMaxCountlong

The maximum number of custom response rule templates that can be configured.

20
CustomResponseRuleInTemplateMaxCountlong

The maximum number of rules that can be included in a custom response rule template.

100
HttpPortsstring

The HTTP port range that is supported. For more information, see View supported ports.

80
HttpsPortsstring

The HTTPS port range that is supported. For more information, see View supported ports.

443
AclRuleMaxIpCountlong

The maximum number of IP addresses that can be added to the match content of a match condition. For more information, see Match conditions.

100
MajorProtectionboolean

Indicates whether major event protection is supported. Valid values:

  • true: Major event protection is supported.
  • false: Major event protection is not supported.
true
MajorProtectionTemplateMaxCountlong

The maximum number of major event protection rule templates that can be configured.

20
VastIpBlacklistMaxCountlong

The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist per Alibaba Cloud account.

50,000
VastIpBlacklistInFileMaxCountlong

The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist in a batch.

2,000
VastIpBlacklistInOperationMaxCountlong

The maximum number of IP addresses or CIDR blocks that can be added to an IP address blacklist on a page.

500
Botboolean

Indicates whether the bot management module is supported. Valid values:

  • true: The bot management module is supported.
  • false: The bot management module is not supported.
true
Tamperproofboolean

Indicates whether the website tamper-proofing module is supported. Valid values:

  • true: The website tamper-proofing module is supported.
  • false: The website tamper-proofing module is not supported.
true
Dlpboolean

Indicates whether the data leakage prevention module is supported. Valid values:

  • true: The data leakage prevention module is supported.
  • false: The data leakage prevention module is not supported.
true
BotTemplateMaxCountlong

The maximum number of bot management rule templates that can be configured.

50
TamperproofTemplateMaxCountlong

The maximum number of website tamper-proofing rule templates that can be configured.

50
TamperproofRuleInTemplateMaxCountlong

The maximum number of rules that can be included in a website tamper-proofing rule template.

50
DlpTemplateMaxCountlong

The maximum number of data leakage prevention rule templates that can be configured.

50
DlpRuleInTemplateMaxCountlong

The maximum number of rules that can be included in a data leakage prevention rule template.

50
BotAppstring

Indicates whether bot management for app protection is supported. Valid values:

  • true: Bot management for app protection is supported.
  • false: Bot management for app protection is not supported.
true
BotWebstring

Indicates whether bot management for website protection is supported. Valid values:

  • true: Bot management for website protection is supported.
  • false: Bot management for website protection is not supported.
true
EndTimelong

The expiration time of the WAF instance.

4809859200000
Statusinteger

The status of the WAF instance. Valid values:

  • 1: The WAF instance is in a normal state.
  • 2: The WAF instance has expired.
  • 3: The WAF instance has been released.
1
PayTypestring

The billing method of the WAF instance. Valid values:

  • POSTPAY: The WAF instance uses the pay-as-you-go billing method.
  • PREPAY: The WAF instance uses the subscription billing method.
POSTPAY
InDebtstring

Indicates whether the WAF instance has overdue payments. Valid values:

  • 0: The WAF instance does not have overdue payments.
  • 1: The WAF instance has overdue payments.
1
StartTimelong

The purchase time of the WAF instance. The time is in the UNIX timestamp format. The time is displayed in UTC. Unit: milliseconds.

1668496310000

Examples

Sample success responses

JSONformat

{
  "RequestId": "66A98669-CC6E-4F3E-80A6-3014697B11AE",
  "InstanceId": "waf-cn-xxx",
  "RegionId": "cn-hangzhou",
  "Edition": "default_version",
  "Details": {
    "Gslb": true,
    "Ipv6": true,
    "ExclusiveIp": true,
    "BackendMaxCount": 20,
    "CnameResourceMaxCount": 1000,
    "LogService": true,
    "DefenseObjectMaxCount": 0,
    "DefenseGroupMaxCount": 100,
    "DefenseObjectInGroupMaxCount": 100,
    "DefenseObjectInTemplateMaxCount": 100,
    "BaseWafGroup": true,
    "BaseWafGroupRuleTemplateMaxCount": 20,
    "BaseWafGroupRuleInTemplateMaxCount": 100,
    "Whitelist": true,
    "WhitelistTemplateMaxCount": 20,
    "WhitelistRuleInTemplateMaxCount": 100,
    "WhitelistRuleCondition": "URL",
    "WhitelistLogical": "contain",
    "IpBlacklist": true,
    "IpBlacklistTemplateMaxCount": 20,
    "IpBlacklistRuleInTemplateMaxCount": 100,
    "IpBlacklistIpInRuleMaxCount": 200,
    "CustomRule": true,
    "CustomRuleTemplateMaxCount": 20,
    "CustomRuleInTemplateMaxCount": 100,
    "CustomRuleCondition": "URL",
    "CustomRuleRatelimitor": "header",
    "CustomRuleAction": "block",
    "AntiScan": true,
    "AntiScanTemplateMaxCount": 20,
    "CustomResponse": true,
    "CustomResponseTemplateMaxCount": 20,
    "CustomResponseRuleInTemplateMaxCount": 100,
    "HttpPorts": "80",
    "HttpsPorts": "443",
    "AclRuleMaxIpCount": 100,
    "MajorProtection": true,
    "MajorProtectionTemplateMaxCount": 20,
    "VastIpBlacklistMaxCount": 0,
    "VastIpBlacklistInFileMaxCount": 0,
    "VastIpBlacklistInOperationMaxCount": 500,
    "Bot": true,
    "Tamperproof": true,
    "Dlp": true,
    "BotTemplateMaxCount": 50,
    "TamperproofTemplateMaxCount": 50,
    "TamperproofRuleInTemplateMaxCount": 50,
    "DlpTemplateMaxCount": 50,
    "DlpRuleInTemplateMaxCount": 50,
    "BotApp": "true",
    "BotWeb": "true"
  },
  "EndTime": 4809859200000,
  "Status": 1,
  "PayType": "POSTPAY",
  "InDebt": "1",
  "StartTime": 1668496310000
}

Error codes

For a list of error codes, visit the Service error codes.