API standard and pre-built SDKs in multi-language
The OpenAPI specification of this product (waf-openapi/2021-10-01) follows the RPC standard. Alibaba Cloud provides pre-built SDKs for popular programming languages to abstract low-level complexities such as request signing. This enables developers to call APIs using language-specific syntax without dealing with HTTP details directly.
Custom signature
If your specific needs, such as a customized signature, are not supported by the SDK, manually sign requests using the signature mechanism. Note that manual signing requires significant effort (usually about 5 business days). For support, join our DingTalk group (ID: 147535001692).
Before you begin
An Alibaba Cloud account has full administrative privileges. A compromised AccessKey pair exposes all associated resources to unauthorized access, posing a significant security risk. Create a Resource Access Management (RAM) user with API-only access and use RAM policies to apply the principle of least privilege (PoLP). Alibaba Cloud accounts are only used when explicitly required.
To call APIs securely, configure the following:
A RAM user account
An AccessKey pair for the account
Instance information
|
API |
Title |
Description |
| CreatePostpaidInstance | CreatePostpaidInstance | Creates a pay-as-you-go Web Application Firewall (WAF) 3.0 instance. |
| DescribeInstance | DescribeInstance | Queries the details of the WAF instance in your Alibaba Cloud account. |
| ReleaseInstance | ReleaseInstance | Releases a Web Application Firewall (WAF) 3.0 instance. |
Protection Configurations
|
API |
Title |
Description |
| Protected objects | Protected objects | |
| CreateDefenseResource | CreateDefenseResource | Creates a protected object. |
| CreateDefenseResourceGroup | CreateDefenseResourceGroup | Creates a protected object group. |
| ModifyDefenseResourceGroup | ModifyDefenseResourceGroup | Modifies the configuration of a protected object group. |
| DeleteDefenseResourceGroup | DeleteDefenseResourceGroup | Deletes a protected object group. |
| DescribeDefenseResourceGroup | DescribeDefenseResourceGroup | Queries information about a protected object group. |
| DescribeDefenseResourceGroups | DescribeDefenseResourceGroups | Retrieves information about protected object groups using pagination. |
| DescribeDefenseResourceGroupNames | DescribeDefenseResourceGroupNames | Queries the names of protected object groups. |
| DescribeDefenseResource | DescribeDefenseResource | Queries the information about a protected object. |
| DescribeDefenseResources | DescribeDefenseResources | Queries protected objects by page. |
| DescribeDefenseResourceNames | DescribeDefenseResourceNames | Performs a pagination query to retrieve the names of protected objects. |
| ModifyDefenseResourceXff | ModifyDefenseResourceXff | Modifies the cookie settings of a protected object and the method to identify the originating IP addresses of clients. |
| DescribePauseProtectionStatus | DescribePauseProtectionStatus | Queries the protection status of WAF. |
| DescribeDefenseGroupValidResources | DescribeDefenseGroupValidResources | Queries a paginated list of protected objects that can be associated with a defense group. |
| Protection rules | Protection rules | |
| CreateDefenseTemplate | CreateDefenseTemplate | Creates a defense template. |
| ModifyDefenseTemplate | ModifyDefenseTemplate | Modifies a protection template. |
| ModifyDefenseTemplateStatus | ModifyDefenseTemplateStatus | Changes the status of a protection rule template. |
| CopyDefenseTemplate | CopyDefenseTemplate | Copies an existing protection template to create a new one. |
| DeleteDefenseTemplate | DeleteDefenseTemplate | Deletes a protection rule template. |
| DescribeDefenseTemplate | DescribeDefenseTemplate | Queries the details of a specified protection template. |
| DescribeDefenseTemplates | DescribeDefenseTemplates | Queries a paginated list of protection templates. |
| ModifyTemplateResources | ModifyTemplateResources | Attaches protected resources to or detaches protected resources from a protection template. |
| DescribeTemplateResources | DescribeTemplateResources | Queries the resources attached to a protection template. |
| DescribeTemplateResourceCount | DescribeTemplateResourceCount | Queries the number of protected resources that are associated with a protection template. |
| DescribeDefenseTemplateValidResources | DescribeDefenseTemplateValidResources | Queries a paginated list of protected objects that are available for a defense template. |
| DescribeDefenseTemplateValidGroups | DescribeDefenseTemplateValidGroups | Queries the names of protected object groups that are eligible for a protection template. |
| DescribeDefenseResourceTemplates | DescribeDefenseResourceTemplates | Queries the protection templates associated with a protected object or protected object group. |
| CreateDefenseRule | CreateDefenseRule | Creates a web core protection rule. |
| ModifyDefenseRule | ModifyDefenseRule | Modifies the configuration of a protection rule. |
| ModifyDefenseRuleStatus | ModifyDefenseRuleStatus | Changes the status of a protection rule. |
| DeleteDefenseRule | DeleteDefenseRule | Deletes the specified protection rules. |
| DescribeDefenseRules | DescribeDefenseRules | Queries a paginated list of protection rules. |
| DescribeDefenseRule | DescribeDefenseRule | Retrieves the details of a single protection rule. |
| ModifyDefenseRuleCache | ModifyDefenseRuleCache | Updates the cache of a web tamper-proofing rule. |
| DeleteDefenseRuleBlockIp | DeleteDefenseRuleBlockIp | Unblocks an IP address that is blocked by the scan protection feature. |
| DescribeIpAbroadCountryInfos | DescribeIpAbroadCountryInfos | Retrieves supported countries and regions outside China for IP-based region blacklist. |
| DescribeRuleGroups | DescribeRuleGroups | Queries a paginated list of regular expression rule groups. |
| ModifyDefenseSceneConfig | ModifyDefenseSceneConfig | Modifies the mitigation settings for a protection scenario. |
| DescribeDefenseSceneConfig | DescribeDefenseSceneConfig | Queries the mitigation settings for a protection scenario. |
| DescribeDefenseRuleStatistics | DescribeDefenseRuleStatistics | Queries statistics about the rules for a specified WAF protection feature. |
| DescribeBaseSystemRules | DescribeBaseSystemRules | Queries the system rules for basic web protection. |
API security
|
API |
Title |
Description |
| DeleteApisecAbnormals | DeleteApisecAbnormals | Deletes API security risks in a batch. |
| ModifyApisecAbnormals | ModifyApisecAbnormals | Modifies the status of API security risks in a batch operation. |
| DescribeApisecAssetTrend | DescribeApisecAssetTrend | Queries API asset trends. |
| DescribeApisecAbnormalDomainStatistic | DescribeApisecAbnormalDomainStatistic | Queries statistics for domain names with API security risks. |
| DescribeApisecEventDomainStatistic | DescribeApisecEventDomainStatistic | Queries statistics about API security events for domain names. |
| DescribeApisecSensitiveDomainStatistic | DescribeApisecSensitiveDomainStatistic | Queries statistics on domain names where sensitive data is detected by the API security module. |
| ModifyApisecEvents | ModifyApisecEvents | Modifies the status of a batch of API security events. |
| DeleteApisecEvents | DeleteApisecEvents | Deletes API security events in batches. |
| ModifyApisecLogDeliveryStatus | ModifyApisecLogDeliveryStatus | Modifies the delivery status of API security logs. |
| CreateApiExport | CreateApiExport | Creates a task to export API security data. |
| DescribeApiExports | DescribeApiExports | Queries the list of export tasks for API security. |
| DescribeApisecAbnormals | DescribeApisecAbnormals | Queries API security risks. |
| DescribeApisecApiResources | DescribeApisecApiResources | Queries a list of API security assets. |
| ModifyApisecStatus | ModifyApisecStatus | Modifies the API security status for a protected object or a protected object group. |
| ModifyApisecModuleStatus | ModifyApisecModuleStatus | Modifies the status of the API security module for a protected object or a group of protected objects. |
| ModifyApisecApiResource | ModifyApisecApiResource | Modifies the annotations of APIs in the API security module. |
| DescribeUserEventType | DescribeUserEventType | Queries the types and statistics of security events for API Security. |
| DescribeUserEventTrend | DescribeUserEventTrend | Queries API security attack trends. |
| DescribeUserAsset | DescribeUserAsset | Queries user asset statistics for API Security. |
| DescribeUserApiRequest | DescribeUserApiRequest | Queries traffic statistics for an API operation. |
| DescribeUserAbnormalType | DescribeUserAbnormalType | Queries the types of user threats and their statistics in API Security. |
| DescribeUserAbnormalTrend | DescribeUserAbnormalTrend | Queries the trend of API security risks. |
| DescribeSensitiveStatistic | DescribeSensitiveStatistic | Queries statistics on sensitive data for data leakage prevention. |
| DescribeSensitiveRequests | DescribeSensitiveRequests | Queries the results of sensitive data tracing. |
| DescribeSensitiveRequestLog | DescribeSensitiveRequestLog | Queries the access logs of sensitive data. |
| DescribeSensitiveOutboundTrend | DescribeSensitiveOutboundTrend | Queries the trend of outbound sensitive data. |
| DescribeSensitiveOutboundStatistic | DescribeSensitiveOutboundStatistic | Queries statistics on sensitive personal information in outbound traffic. |
| DescribeSensitiveOutboundDistribution | DescribeSensitiveOutboundDistribution | Queries the distribution of outbound traffic containing personal information. |
| DescribeSensitiveDetectionResult | DescribeSensitiveDetectionResult | Queries the results of API security compliance checks. |
| DescribeSensitiveApiStatistic | DescribeSensitiveApiStatistic | Queries statistics for domain names and APIs that handle personal information. |
| DescribeFreeUserEvents | DescribeFreeUserEvents | Queries security events detected by the basic API security scan. |
| DescribeFreeUserEventTypes | DescribeFreeUserEventTypes | Queries the types of security events detected by the basic API security feature. |
| DescribeFreeUserEventCount | DescribeFreeUserEventCount | Queries statistics about security events detected by basic API security checks. |
| DescribeFreeUserAssetCount | DescribeFreeUserAssetCount | Queries statistics information about assets detected by the basic API security feature. |
| DescribeApisecUserOperations | DescribeApisecUserOperations | Queries the user operation records for API Security. |
| DescribeApisecSuggestions | DescribeApisecSuggestions | Queries protection suggestions for your API assets. |
| DescribeApisecStatistics | DescribeApisecStatistics | Queries statistics on detected API security risks or security events. |
| DescribeApisecRules | DescribeApisecRules | Queries the rules of an API security policy. |
| DescribeApisecProtectionResources | DescribeApisecProtectionResources | Retrieves a list of protected objects that have API security enabled. |
| DescribeApisecProtectionGroups | DescribeApisecProtectionGroups | Queries active API security protection object groups. |
| DescribeApisecMatchedHosts | DescribeApisecMatchedHosts | Queries the list of domain names that are protected by API security. |
| DescribeApisecEvents | DescribeApisecEvents | Queries a list of API security events. |
Report information
|
API |
Title |
Description |
| DescribeNetworkFlowTimeSeriesMetric | DescribeNetworkFlowTimeSeriesMetric | Queries the time series statistics for all traffic. This includes malicious and normal business requests. |
| DescribeSecurityEventTopNMetric | DescribeSecurityEventTopNMetric | Queries the top N statistics for attack traffic. Attack traffic is aggregated by a specified dimension, sorted, and the top N results are returned. |
| DescribeSecurityEventTimeSeriesMetric | DescribeSecurityEventTimeSeriesMetric | Queries the time series data of attack traffic. Attack requests are requests that hit a rule and are identified as a threat. |
| DescribeSecurityEventLogs | DescribeSecurityEventLogs | Queries the detailed logs of attack traffic. Each log contains the details of a matched request. |
| DescribeNetworkFlowTopNMetric | DescribeNetworkFlowTopNMetric | Queries the top N statistics for all traffic, including malicious and normal service requests. The results are aggregated by different dimensions and sorted in descending order. |
| DescribeFlowChart | DescribeFlowChart | Queries the traffic statistics. |
| DescribePeakTrend | DescribePeakTrend | Queries the trend of queries per second (QPS). |
| DescribeResponseCodeTrendGraph | DescribeResponseCodeTrendGraph | Queries the trend of abnormal response codes, such as 5xx, 405, 499, 302, and 444, that are returned by Web Application Firewall (WAF) to clients or by origin servers to WAF. |
| DescribeVisitUas | DescribeVisitUas | Queries the top 10 User-Agents that sent the most requests. |
| DescribeVisitTopIp | DescribeVisitTopIp | Queries the top 10 IP addresses that have the highest number of requests. |
| DescribeRuleHitsTopResource | DescribeRuleHitsTopResource | Queries the top 10 protected objects that triggered protection rules most frequently. |
| DescribeRuleHitsTopRuleId | DescribeRuleHitsTopRuleId | Queries the top 10 rule IDs that are triggered most frequently. |
| DescribeRuleHitsTopTuleType | DescribeRuleHitsTopTuleType | Queries the top 10 most frequently triggered protection rule types. |
| DescribeRuleHitsTopUrl | DescribeRuleHitsTopUrl | Queries the top 10 URLs that trigger protection rules most frequently. |
| DescribeRuleHitsTopClientIp | DescribeRuleHitsTopClientIp | Queries the top 10 source IP addresses from which the most attacks originated. |
| DescribeFlowTopResource | DescribeFlowTopResource | Queries the top 10 protected objects by request count. |
| DescribeRuleHitsTopUa | DescribeRuleHitsTopUa | Queries the top 10 User-Agents that trigger the most rule hits. |
| DescribeFlowTopUrl | DescribeFlowTopUrl | Queries the top 10 most requested URLs. |
Log configurations
|
API |
Title |
Description |
| DescribeUserLogFieldConfig | DescribeUserLogFieldConfig | Describes the default log field configuration. |
| ModifyUserLogFieldConfig | ModifyUserLogFieldConfig | Modifies the default field configuration for Simple Log Service. |
| DescribeCommonLogFields | DescribeCommonLogFields | This operation describes all log fields supported by Simple Log Service for WAF. |
| ModifyUserWafLogStatus | ModifyUserWafLogStatus | Enables or disables Simple Log Service for WAF. |
| DescribeUserWafLogStatus | DescribeUserWafLogStatus | Queries the status, region ID, and status modification time of Web Application Firewall (WAF) logs. |
| DescribeUserSlsLogRegions | DescribeUserSlsLogRegions | Queries the available log storage regions. |
| DescribeSlsAuthStatus | DescribeSlsAuthStatus | Queries the Logstore authorization status. |
| DescribeSlsLogStoreStatus | DescribeSlsLogStoreStatus | Queries the status of a Simple Log Service Logstore. |
| DescribeSlsLogStore | DescribeSlsLogStore | Queries information about a Logstore, including total capacity, storage duration, and used capacity. |
| ModifyResourceLogStatus | ModifyResourceLogStatus | Enables or disables the log collection feature for a protected object. |
| DescribeResourceLogStatus | DescribeResourceLogStatus | Queries the log status of protected objects. |
| CreateLogDeliveryConfig | CreateLogDeliveryConfig | Creates a log delivery configuration for a hybrid cloud. |
| ModifyLogDeliveryConfig | ModifyLogDeliveryConfig | Modifies the log delivery configuration for a hybrid cloud. |
| DeleteLogDeliveryConfig | DeleteLogDeliveryConfig | Deletes a log delivery configuration for a hybrid cloud. |
| DescribeLogDeliveryConfig | DescribeLogDeliveryConfig | Queries a log delivery configuration for a hybrid cloud. |
| DescribeLogDeliveryConfigs | DescribeLogDeliveryConfigs | Queries all log delivery configurations for hybrid cloud. |
| ModifyResourceLogFieldConfig | ModifyResourceLogFieldConfig | Modifies the log field configuration of a protected object. |
| DescribeResourceLogFieldConfig | DescribeResourceLogFieldConfig | Queries the configuration of log fields for a protected object. |
| ModifyResourceLogDeliveryStatus | ModifyResourceLogDeliveryStatus | Changes the log delivery status of a protected object. |
| DescribeResourceLogDeliveryStatus | DescribeResourceLogDeliveryStatus | Queries the log delivery status for protected objects. |
Hybrid Cloud Cluster Management
|
API |
Title |
Description |
| DescribeHybridCloudClusterServers | DescribeHybridCloudClusterServers | Cluster Machines |
| DescribeHybridCloudBasicMonitor | DescribeHybridCloudBasicMonitor | Queries the system status of a node in a hybrid cloud cluster. |
| CreateHybridCloudCluster | CreateHybridCloudCluster | Creates a hybrid cloud cluster. |
| DescribeHybridCloudServerRegions | DescribeHybridCloudServerRegions | Queries information about hybrid cloud regions, such as carriers, continents, and cities. |
| DescribeHybridCloudUnassignedMachines | DescribeHybridCloudUnassignedMachines | Retrieves a list of unassigned servers in a hybrid cloud cluster. |
| ModifyHybridCloudClusterBypassStatus | ModifyHybridCloudClusterBypassStatus | Modifies the manual bypass status of a hybrid cloud cluster. |
| DescribeHybridCloudUser | DescribeHybridCloudUser | Queries the available HTTP and HTTPS port ranges for hybrid cloud deployments. |
| DescribeHybridCloudGroups | DescribeHybridCloudGroups | Queries the hybrid cloud node groups that are added to Web Application Firewall (WAF). |
| CreateHybridCloudGroup | CreateHybridCloudGroup | Creates a node group for a hybrid cloud cluster. |
| DescribeHybridCloudClusterRule | DescribeHybridCloudClusterRule | Queries the details of a hybrid cloud cluster rule. |
| DescribeHybridCloudClusters | DescribeHybridCloudClusters | Queries a list of hybrid cloud clusters. |
| ModifyHybridCloudClusterRule | ModifyHybridCloudClusterRule | Modifies the rule of a hybrid cloud cluster. |
| ModifyHybridCloudGroup | ModifyHybridCloudGroup | Modify the information of a cluster group. |
| ModifyHybridCloudGroupExpansionServer | ModifyHybridCloudGroupExpansionServer | Adds a node to a node group. |
| ModifyHybridCloudGroupShrinkServer | ModifyHybridCloudGroupShrinkServer | Removes a node from a group in a hybrid cloud cluster. |
| ModifyHybridCloudSdkPullinStatus | ModifyHybridCloudSdkPullinStatus | Modifies the traffic redirection status of a hybrid cloud SDK. |
| ModifyHybridCloudServer | ModifyHybridCloudServer | Modifies the information about a hybrid cloud node. |
| DeleteHybridCloudClusterRule | DeleteHybridCloudClusterRule | Deletes a cluster rule. |
| CreateHybridCloudClusterRule | CreateHybridCloudClusterRule | Creates a cluster rule. |
| DescribeHybridCloudClusterRules | DescribeHybridCloudClusterRules | Cluster rules |
| DescribeHybridCloudProcessMonitor | DescribeHybridCloudProcessMonitor | Queries the application status on nodes in a hybrid cloud cluster. |
| DescribeHybridCloudResourceDetail | DescribeHybridCloudResourceDetail | Queries the details of a domain name in a hybrid cloud. |
| DescribeHybridCloudSdkServers | DescribeHybridCloudSdkServers | Queries a list of hybrid cloud SDK servers. |
| DescribeHybridCloudSupportRegions | DescribeHybridCloudSupportRegions | Querying access regions |
| DescribeHybridCloudUnsupportPorts | DescribeHybridCloudUnsupportPorts | Queries the list of unsupported ports for a hybrid cloud. |
| DeleteHybridCloudGroup | DeleteHybridCloudGroup | Deletes a group. |
| ModifyHybridCloudCluster | ModifyHybridCloudCluster | You can call this operation to modify the information of a cluster. |
Multi-account management
|
API |
Title |
Description |
| CreateMemberAccounts | CreateMemberAccounts | Adds member accounts to use the multi-account management feature of Web Application Firewall (WAF). |
| ModifyMemberAccount | ModifyMemberAccount | Modifies the information of a member account. |
| DeleteMemberAccount | DeleteMemberAccount | Deletes a WAF member account from the multi-account management feature. |
| DescribeAccountDelegatedStatus | DescribeAccountDelegatedStatus | Queries whether an account is a delegated administrator for Web Application Firewall (WAF) using the multi-account management feature. |
| DescribeMemberAccounts | DescribeMemberAccounts | Queries the information about all member accounts in Web Application Firewall (WAF). This operation is used for the multi-account management feature. |
Resource Group Management
|
API |
Title |
Description |
| ChangeResourceGroup | ChangeResourceGroup | Changes the resource group to which a protected object belongs. |
Pricing
|
API |
Title |
Description |
| DescribeChargeResult | DescribeChargeResult | Queries the billing results from the WAF billing module. |
| DescribeChargeModule | DescribeChargeModule | Queries information about the billing modules of Web Application Firewall (WAF). |
Other
|
API |
Title |
Description |
| DescribeApisecLogDeliveries | DescribeApisecLogDeliveries | Queries the configurations of API security log subscription. |
| DescribeApisecSlsLogStores | DescribeApisecSlsLogStores | Queries the Logstores whose names start with apisec- in Simple Log Service. |
| DescribeApisecSlsProjects | DescribeApisecSlsProjects | Queries the projects whose names start with apisec- in Simple Log Service. |
| ModifyApisecLogDelivery | ModifyApisecLogDelivery | Modifies the configurations of API security log subscription. |
| ModifyPauseProtectionStatus | ModifyPauseProtectionStatus | Modifies the protection status of Web Application Firewall (WAF). |
| DescribeCustomBaseRuleCompileResult | DescribeCustomBaseRuleCompileResult | Describes the compilation result of a custom regular expression rule. |
| CreatePocFunction | CreatePocFunction | Starts a trial of a proof of concept (POC) feature. |
| DescribePocFunctions | DescribePocFunctions | Queries the details of enabled proof of concept (POC) features. |
| DescribeRoleAuthStatus | DescribeRoleAuthStatus | Queries the authorization status. |
| InitializeWafOperationRole | InitializeWafOperationRole | Initializes a service-linked role for WAF. |
Others
|
API |
Title |
Description |
| ClearMajorProtectionBlackIp | ClearMajorProtectionBlackIp | Removes an IP address from the blacklist for major event protection. |
| CreateCerts | CreateCerts | Uploads a certificate that uses an internationally accepted algorithm for a domain name added to Web Application Firewall (WAF) in CNAME record mode. |
| CreateCloudResource | CreateCloudResource | Adds a cloud product instance to Web Application Firewall (WAF). This operation supports only Elastic Compute Service (ECS) and Classic Load Balancer (CLB) instances. |
| CreateDomain | CreateDomain | Adds a domain name to a Web Application Firewall (WAF) instance to enable protection. |
| CreateMajorProtectionBlackIp | CreateMajorProtectionBlackIp | Creates an IP address blacklist for major event protection. |
| CreateSM2Cert | CreateSM2Cert | Uploads an SM certificate for CNAME record access to Web Application Firewall (WAF). |
| DeleteCloudResource | DeleteCloudResource | Disables the cloud native mode for a cloud product. This operation is applicable only to Elastic Compute Service (ECS) and Classic Load Balancer (CLB). |
| DeleteDomain | DeleteDomain | Deletes a domain name that has been added to Web Application Firewall (WAF) in CNAME record mode. |
| DeleteMajorProtectionBlackIp | DeleteMajorProtectionBlackIp | Deletes an IP address from the blacklist for major event protection. |
| DescribeAbnormalCloudResources | DescribeAbnormalCloudResources | Queries cloud products added to WAF with abnormal access status. |
| DescribeCertDetail | DescribeCertDetail | Queries the details of a certificate, including the certificate name, expiration time, issuance time, and associated domain name. |
| DescribeCerts | DescribeCerts | Retrieves the list of certificates for a user. |
| DescribeCloudResourceAccessPortDetails | Query the details of cloud service instance ports that are added to WAF | Queries the details of ports for cloud service instances added to WAF. |
| DescribeCloudResourceAccessedPorts | DescribeCloudResourceAccessedPorts | Queries the ports of cloud services added to Web Application Firewall (WAF). This operation is supported only for Elastic Compute Service (ECS) and Classic Load Balancer (CLB). |
| DescribeCloudResources | DescribeCloudResources | Queries the list of cloud services added to Web Application Firewall (WAF). |
| DescribeCnameCount | DescribeCnameCount | Queries the total number of domain names added to WAF, including those in canonical name (CNAME) mode and hybrid cloud mode. |
| DescribeDDoSStatus | DescribeDDoSStatus | Checks whether the current WAF instance is under a Distributed Denial of Service (DDoS) attack. |
| DescribeDefaultHttps | DescribeDefaultHttps | Queries the default SSL/TLS settings. |
| DescribeDomainDNSRecord | DescribeDomainDNSRecord | Verifies that the DNS record of a domain name is correct. |
| DescribeDomainDetail | DescribeDomainDetail | This operation queries the details of a website configuration. |
| DescribeDomainUsedPorts | DescribeDomainUsedPorts | Queries the ports used by all domain names that are added in CNAME record mode and hybrid cloud mode with public network disaster recovery enabled. |
| DescribeDomains | DescribeDomains | Queries the domain names that are added to Web Application Firewall (WAF). |
| DescribeHybridCloudProtectableCount | DescribeHybridCloudProtectableCount | Queries the number of protection nodes that you can add to a hybrid cloud cluster. |
| DescribeHybridCloudResources | DescribeHybridCloudResources | Queries the domain names in a hybrid cloud. |
| DescribeMajorProtectionBlackIps | DescribeMajorProtectionBlackIps | Queries the IP address blacklist for major event protection in a paginated format. |
| DescribeProductInstances | DescribeProductInstances | Queries synchronized cloud service instances. |
| DescribePunishedDomains | DescribePunishedDomains | Queries penalties for domain names added to Web Application Firewall (WAF) without an Internet Content Provider (ICP) filing. |
| DescribeResourceInstanceCerts | DescribeResourceInstanceCerts | Queries the certificates of a cloud product instance. This operation is available only in multi-account scenarios and returns the certificates of both the delegated administrator and the member that owns the instance. For example, if user A is a delegated administrator with cert1 and the instance lb-xx-1 belongs to member B who has cert2, a query for the instance lb-xx-1 returns both cert1 and cert2. |
| DescribeResourcePort | DescribeResourcePort | Queries the ports of a cloud service instance that are added to Web Application Firewall (WAF). |
| DescribeResourceRegionId | DescribeResourceRegionId | Queries the region IDs of resources that are integrated with the SDK. This operation is primarily used for ALB and MSE. |
| DescribeResourceSupportRegions | DescribeResourceSupportRegions | Queries the list of regions supported by cloud native mode, primarily for CLB and ECS products. |
| DescribeVerifyContent | DescribeVerifyContent | Queries the content required to verify domain name ownership. |
| DescribeWafSourceIpSegment | DescribeWafSourceIpSegment | Queries the back-to-origin CIDR blocks of a Web Application Firewall (WAF) instance. |
| ListTagKeys | ListTagKeys | Queries tag keys. |
| ListTagResources | ListTagResources | Queries the tags that are added to a resource. |
| ListTagValues | ListTagValues | Queries the tag values for a specific tag key. |
| ModifyCloudResource | ModifyCloudResource | Modifies the configurations of a service that is added to Web Application Firewall (WAF). |
| ModifyCloudResourceCert | ModifyCloudResourceCert | Modifies the certificate for a cloud product in cloud native mode. |
| ModifyDefaultHttps | ModifyDefaultHttps | Modifies the default SSL/TLS settings. |
| ModifyDomain | ModifyDomain | Modifies a domain name that is added to Web Application Firewall (WAF) using a CNAME record. |
| ModifyDomainCert | ModifyDomainCert | Modifies the certificate for a domain name. |
| ModifyDomainPunishStatus | ModifyDomainPunishStatus | Re-add a domain name that was penalized for not having an ICP filing to Web Application Firewall (WAF). |
| ModifyMajorProtectionBlackIp | ModifyMajorProtectionBlackIp | Modifies an IP address blacklist for major event protection. |
| ReCreateCloudResource | ReCreateCloudResource | Reconnects a cloud service to Web Application Firewall (WAF). This operation is used only when the protection status of the cloud service is abnormal. |
| SyncProductInstance | SyncProductInstance | Synchronizes Elastic Compute Service (ECS), Classic Load Balancer (CLB), and Network Load Balancer (NLB) instances to Web Application Firewall (WAF). |
| TagResources | TagResources | Adds tags to resources. |
| UntagResources | UntagResources | Removes tags from resources and then deletes the tags. |
| VerifyDomainOwner | VerifyDomainOwner | Verifies the ownership of a domain name. |