Gunakan DescribeHybridCloudResources untuk kueri nama domain dalam hybrid cloud - Web Application Firewall - Alibaba Cloud - Web Application Firewall

Mengkueri Nama domain yang ditambahkan ke Web Application Firewall (WAF) dalam mode Cloud Hibrida.

Coba sekarang

Coba API ini di OpenAPI Explorer tanpa perlu penandatanganan manual. Panggilan yang berhasil akan secara otomatis menghasilkan contoh kode SDK sesuai dengan parameter Anda. Unduh kode tersebut dengan kredensial bawaan yang aman untuk penggunaan lokal.

Test

RAM authorization

Tabel berikut menjelaskan otorisasi yang diperlukan untuk memanggil API ini. Anda dapat menentukannya dalam kebijakan Resource Access Management (RAM). Kolom pada tabel dijelaskan sebagai berikut:

Action: Aksi yang dapat digunakan dalam elemen Action pada pernyataan kebijakan izin RAM untuk memberikan izin guna melakukan operasi tersebut.
API: API yang dapat Anda panggil untuk melakukan aksi tersebut.
Access level: Tingkat akses yang telah ditentukan untuk setiap API. Nilai yang valid: create, list, get, update, dan delete.
Resource type: Jenis resource yang mendukung otorisasi untuk melakukan aksi tersebut. Ini menunjukkan apakah aksi tersebut mendukung izin tingkat resource. Resource yang ditentukan harus kompatibel dengan aksi tersebut. Jika tidak, kebijakan tersebut tidak akan berlaku.
- Untuk API dengan izin tingkat resource, jenis resource yang diperlukan ditandai dengan tanda bintang (*). Tentukan Nama Sumber Daya Alibaba Cloud (ARN) yang sesuai dalam elemen Resource pada kebijakan.
- Untuk API tanpa izin tingkat resource, ditampilkan sebagai All Resources. Gunakan tanda bintang (*) dalam elemen Resource pada kebijakan.
Condition key: Kunci kondisi yang didefinisikan oleh layanan. Kunci ini memungkinkan kontrol granular, berlaku baik hanya untuk aksi maupun untuk aksi yang terkait dengan resource tertentu. Selain kunci kondisi spesifik layanan, Alibaba Cloud menyediakan serangkaian common condition keys yang berlaku di semua layanan yang didukung RAM.
Dependent action: Aksi dependen yang diperlukan untuk menjalankan aksi tersebut. Untuk menyelesaikan aksi tersebut, pengguna RAM atau role RAM harus memiliki izin untuk melakukan semua aksi dependen.

Action

Access level

Resource type

Condition key

Dependent action

yundun-waf:DescribeHybridCloudResources

get

*All Resource

*

None

Parameter permintaan

Parameter	Type	Required	Description	Example
InstanceId	string	Yes	ID Instans WAF. Catatan Anda dapat memanggil operasi DescribeInstance untuk mengkueri ID Instans WAF.	waf_v3prepaid_public_cn-***********
Domain	string	No	Nama domain yang ingin Anda kueri.	www.aliyundoc.com
Backend	string	No	Alamat IP atau Nama domain server asal untuk back-to-origin.	1.1.XX.XX
PageNumber	integer	No	Nomor halaman yang akan dikembalikan. Nilai default: 1.	1
PageSize	integer	No	Jumlah entri yang akan dikembalikan per halaman. Nilai default: 10.	10
CnameEnabled	boolean	No	Apakah pemulihan bencana public cloud diaktifkan. Nilai valid: true false.	true
RegionId	string	No	ID Wilayah Instans WAF. Nilai valid: cn-hangzhou: Tiongkok daratan. ap-southeast-1: di luar Tiongkok daratan.	cn-hangzhou
ResourceManagerResourceGroupId	string	No	ID kelompok sumber daya.	rg-acfmvtc5z52****

Elemen respons

Element	Type	Description	Example
	object
Domains	array<object>	The list of domain names.
	array<object>	The details of the domain name configuration.
Status	integer	The status of the domain name. Valid values: 1: The domain name is in a normal state. 2: The domain name is being created. 3: The domain name is being modified. 4: The domain name is being released. 5: Forwarding is disabled for the domain name.	1
ResourceManagerResourceGroupId	string	The ID of the resource group.	rg-acfmvtc5z52****
Uid	string	The ID of the Alibaba Cloud account.	130715431409****
Listen	object	The listener configuration.
HttpsPorts	array	The list of HTTPS ports.
	integer	The HTTPS port.	443
ProtectionResource	string	The type of the protection resource to be used. Valid values: share: indicates that a shared cluster is used. gslb: indicates that intelligent load balancing for a shared cluster is used.	share
CustomCiphers	array	The custom cipher suites to be added. Catatan This parameter is returned only when CipherSuite is set to 99.
	string	The custom cipher suite.	ECDHE-ECDSA-AES128-GCM-SHA256
TLSVersion	string	The TLS version. Valid values: tlsv1 tlsv1.1 tlsv1.2	tlsv1.2
Http2Enabled	boolean	Specifies whether to enable HTTP/2. Valid values: true: enables HTTP/2. false: does not enable HTTP/2.	false
CertId	string	The certificate ID.	72***76-cn-hangzhou
CipherSuite	integer	The type of the cipher suite. Valid values: 1: indicates that all cipher suites are added. 2: indicates that strong cipher suites are added. 99: indicates that custom cipher suites are added.	1
EnableTLSv3	boolean	Specifies whether TLS 1.3 is supported. Valid values: true: TLS 1.3 is supported. false: TLS 1.3 is not supported.	true
IPv6Enabled	boolean	Specifies whether to enable IPv6. Valid values: true: enables IPv6. false: does not enable IPv6.	false
FocusHttps	boolean	Specifies whether to enable force redirect to HTTPS. Valid values: true: enables force redirect to HTTPS. false: does not enable force redirect to HTTPS.	false
XffHeaders	array	The list of custom header fields that are used to obtain the client IP address. The value is in the `["header1","header2",...]` format. Catatan This parameter is returned only when XffHeaderMode is set to 2. A value of 2 indicates that WAF reads the value of a custom header field as the client IP address.
	string	The list of custom header fields that are used to obtain the client IP address.	Client-ip
XffHeaderMode	integer	The method that WAF uses to obtain the real IP address of a client. Valid values: 0: No Layer 7 proxies are deployed before WAF. 1: WAF reads the first value of the X-Forwarded-For (XFF) header field as the client IP address. 2: WAF reads the value of a custom header field as the client IP address.	0
ExclusiveIp	boolean	Specifies whether to use an exclusive IP address. Valid values: true: An exclusive IP address is used. false: An exclusive IP address is not used.	true
HttpPorts	array	The list of HTTP listener ports.
	integer	The HTTP listener port.	80
Id	integer	The ID of the domain name configuration.	12345
Redirect	object	The forwarding configuration.
ConnectTimeout	integer	The connection timeout period. Unit: seconds. Valid values: 5 to 120.	120
Keepalive	boolean	Specifies whether to enable persistent connections. Valid values: true: enables persistent connections. false: does not enable persistent connections.	true
SniEnabled	boolean	Specifies whether to enable back-to-origin SNI. Valid values: true: enables back-to-origin SNI. false: does not enable back-to-origin SNI.	true
CnameEnabled	boolean	Specifies whether to enable public cloud disaster recovery. Valid values: true: enables public cloud disaster recovery. false: does not enable public cloud disaster recovery.	true
KeepaliveTimeout	integer	The timeout period for an idle persistent connection. Valid values: 1 to 60. Default value: 15. Unit: seconds. Catatan An idle persistent connection is released after the timeout period expires.	15
ReadTimeout	integer	The read timeout period. Unit: seconds. Valid values: 5 to 1800.	200
Backends	array	The back-to-origin IP addresses or domain names of the origin server.
	string	The back-to-origin IP address or domain name of the origin server.	1.1.XX.XX
SniHost	string	The custom value of the SNI extension field. If this parameter is not specified, the value of the Host field in the request header is used as the value of the SNI extension field. Catatan This parameter is returned only when SniEnabled is set to true. A value of true indicates that back-to-origin SNI is enabled.	www.aliyundoc.com
FocusHttpBackend	boolean	Specifies whether to enable force back-to-origin over HTTP. Valid values: true: enables force back-to-origin over HTTP. false: does not enable force back-to-origin over HTTP.	true
WriteTimeout	integer	The write timeout period. Unit: seconds. Valid values: 5 to 1800.	200
RoutingRules	string	The forwarding rules for the hybrid cloud. The value is a string that consists of a JSON array. Each element in the array is a struct that contains the following fields: rs: The back-to-origin IP addresses or CNAMEs. This field is of the Array type. location: The name of the protection node. This field is of the String type. locationId: The ID of the protection node. This field is of the Long type.	[ { "rs": [ "1.1.XX.XX" ], "locationId": 535, "location": "test1111" } ]
Retry	boolean	Specifies whether to retry when a back-to-origin request fails. Valid values: true: retries when a back-to-origin request fails. false: does not retry when a back-to-origin request fails.	true
RequestHeaders	array<object>	The custom header field and value that are used to mark the traffic that is processed by WAF.
	object	The custom header field and value that are used to mark the traffic that is processed by WAF.
Value	string	The value of the custom request header field.	bbb
Key	string	The custom request header field.	aaa
KeepaliveRequests	integer	The number of requests that can be reused in a persistent connection. Valid values: 60 to 1000. Catatan The number of requests that are reused after a persistent connection is established.	1000
Loadbalance	string	The load balancing algorithm for back-to-origin requests. Valid values: iphash: the IP hash algorithm. roundRobin: the round-robin algorithm. leastTime: the least time algorithm.	iphash
Domain	string	The domain name.	www.aliyundoc.com
Cname	string	The CNAME that is assigned by WAF to the domain name. Catatan This parameter is returned only when CnameEnabled is set to true.	50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com
TotalCount	integer	The total number of entries returned.	24
RequestId	string	The ID of the request.	98D2AA9A-5959-5CCD-83E3-B6606232A2BE

Contoh

Respons sukses

JSONformat

{
  "Domains": [
    {
      "Status": 1,
      "ResourceManagerResourceGroupId": "rg-acfmvtc5z52****",
      "Uid": "130715431409****",
      "Listen": {
        "HttpsPorts": [
          443
        ],
        "ProtectionResource": "share",
        "CustomCiphers": [
          "ECDHE-ECDSA-AES128-GCM-SHA256"
        ],
        "TLSVersion": "tlsv1.2",
        "Http2Enabled": false,
        "CertId": "72***76-cn-hangzhou",
        "CipherSuite": 1,
        "EnableTLSv3": true,
        "IPv6Enabled": false,
        "FocusHttps": false,
        "XffHeaders": [
          "Client-ip"
        ],
        "XffHeaderMode": 0,
        "ExclusiveIp": true,
        "HttpPorts": [
          80
        ]
      },
      "Id": 12345,
      "Redirect": {
        "ConnectTimeout": 120,
        "Keepalive": true,
        "SniEnabled": true,
        "CnameEnabled": true,
        "KeepaliveTimeout": 15,
        "ReadTimeout": 200,
        "Backends": [
          "1.1.XX.XX"
        ],
        "SniHost": "www.aliyundoc.com",
        "FocusHttpBackend": true,
        "WriteTimeout": 200,
        "RoutingRules": "[\n      {\n            \"rs\": [\n                  \"1.1.XX.XX\"\n            ],\n            \"locationId\": 535,\n            \"location\": \"test1111\"\n      }\n]",
        "Retry": true,
        "RequestHeaders": [
          {
            "Value": "bbb",
            "Key": "aaa"
          }
        ],
        "KeepaliveRequests": 1000,
        "Loadbalance": "iphash"
      },
      "Domain": "www.aliyundoc.com",
      "Cname": "50fqmu1ci7g0xtiyxnrhgx6qdhmn****.yundunwaf5.com"
    }
  ],
  "TotalCount": 24,
  "RequestId": "98D2AA9A-5959-5CCD-83E3-B6606232A2BE"
}

Kode kesalahan

Lihat Error Codes untuk daftar lengkap.

Catatan rilis

Lihat Release Notes untuk daftar lengkap.