Data Types
APIResource
API resource.
Used by actions: CreateSecurityAPIResource, DescribeSecurityAPIResource, ModifySecurityAPIResource.
Name | Type | Required | Description |
---|---|---|---|
Id | String | No | Specifies the resource ID. |
Name | String | No | Specifies the resource name. |
APIServiceIds | Array of String | No | Specifies the API service ID list associated with the API resource. |
Path | String | No | Specifies the resource path. |
Methods | Array of String | No | Request method list. valid values: GET, POST, PUT, HEAD, PATCH, OPTIONS, DELETE. |
RequestConstraint | String | No | Specifies the specific content of the request content match rule, which must comply with the expression grammar. please refer to the product document for detailed requirements. |
APIService
API service configuration.
Used by actions: CreateSecurityAPIService, DescribeSecurityAPIService, ModifySecurityAPIService.
Name | Type | Required | Description |
---|---|---|---|
Id | String | No | API service ID. |
Name | String | No | Specifies the API service name. |
BasePath | String | No | Specifies the base path. |
AccelerateMainland
Cross-MLC-border acceleration.
Used by actions: CreateApplicationProxy, DescribeApplicationProxies, DescribeZoneSetting, ModifyApplicationProxy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable Cross-MLC-border acceleration. Valid values: on : Enable;off : Disable. |
AccelerateMainlandParameters
Accelerate optimization and configuration in mainland China.
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Mainland china acceleration optimization switch. valid values:.On : enable;. |
AccelerateType
Acceleration type
Used by actions: DescribeHostsSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Acceleration switch. Values:on : Enableoff : Disable |
AccelerationDomain
Accelerated domain name
Used by actions: DescribeAccelerationDomains.
Name | Type | Description |
---|---|---|
ZoneId | String | ID of the site. |
DomainName | String | Accelerated domain name |
DomainStatus | String | Status of the accelerated domain name. Values:online : Activatedprocess : Being deployedoffline : Disabledforbidden : Blockedinit : Pending activation |
OriginDetail | OriginDetail | Details of the origin. Note: This field may return null, indicating that no valid values can be obtained. |
OriginProtocol | String | Origin-pull protocol configuration. Values:FOLLOW : Follow the protocol of originHTTP : Send requests to the origin over HTTPHTTPS : Send requests to the origin over HTTPSNote: This field may return·null, indicating that no valid values can be obtained. |
HttpOriginPort | Integer | The port used for HTTP origin-pull requests Note: This field may return·null, indicating that no valid values can be obtained. |
HttpsOriginPort | Integer | The port used for HTTPS origin-pull requests Note: This field may return·null, indicating that no valid values can be obtained. |
IPv6Status | String | IPv6 status. Values:follow : Follow the IPv6 configuration of the siteon : Enableoff : DisableNote: This field may return·null, indicating that no valid values can be obtained. |
Cname | String | The CNAME address. |
IdentificationStatus | String | Ownership verification status. Values: pending : Pending verificationfinished : VerifiedNote: This field may return null, indicating that no valid values can be obtained. |
CreatedOn | Timestamp ISO8601 | Creation time of the accelerated domain name. |
ModifiedOn | Timestamp ISO8601 | Modification time of the accelerated domain name. |
OwnershipVerification | OwnershipVerification | Information required to verify the ownership of a domain name. Note: This field may return·null, indicating that no valid values can be obtained. |
Certificate | AccelerationDomainCertificate | Domain name certificate information Note: This field may return·null, indicating that no valid values can be obtained. |
AccelerationDomainCertificate
Information of the acceleration domain name certificate.
Used by actions: DescribeAccelerationDomains.
Name | Type | Required | Description |
---|---|---|---|
Mode | String | No | Certificate configuration mode. Values: disable : Do not configure the certificate;eofreecert : Use a free certificate provided by EdgeOne; sslcert : Configure an SSL certificate. |
List | Array of CertificateInfo | No | List of server certificates. The relevant certificates are deployed on the entrance side of the EO. Note: This field may return null, which indicates a failure to obtain a valid value. |
ClientCertInfo | MutualTLS | No | In the edge mutual authentication scenario, this field represents the client's CA certificate, which is deployed inside the EO node and used for EO node authentication of the client certificate. |
UpstreamCertInfo | UpstreamCertInfo | No | The certificate carried during EO node origin-pull is used when the origin server enables the mutual authentication handshake to validate the client certificate, ensuring that the request originates from a trusted EO node. |
AccessURLRedirectParameters
Access URL redirect configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
StatusCode | Integer | No | Status code. valid values: 301, 302, 303, 307, 308. |
Protocol | String | No | Target request protocol. valid values:. |
HostName | HostName | No | Target hostname. Note: this field may return null, which indicates a failure to obtain a valid value. |
URLPath | URLPath | No | Target path. Note: this field may return null, which indicates a failure to obtain a valid value. |
QueryString | AccessURLRedirectQueryString | No | Carry query parameters. Note: this field may return null, which indicates a failure to obtain a valid value. |
AccessURLRedirectQueryString
Access URL redirect configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | No | Action to be executed. values:.Full : retain allIgnore : ignore all |
AclCondition
The condition that makes up an access control rule
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
MatchFrom | String | Yes | Filters: host : Request domain name;sip : Client IP;ua : User-Agent;cookie : Cookie;cgi : CGI script;xff : XFF header;url : Request URL;accept : Request content type;method : Request method<;/li>header : Request header;app_proto : Application layer protocol;sip_proto : Network layer protocol;uabot : UA rules (only available in custom bot rules);idcid : IDC rules (only available in custom bot rules);sipbot : Search engine rules (only available in custom bot rules);portrait : Client reputation (only available in custom bot rules);header_seq : Header sequence (only available in custom bot rules);hdr : Request body (only available in custom Web protection rules). |
MatchParam | String | Yes | The parameter of the field. When MatchFrom = header , the key contained in the header can be passed. |
Operator | String | Yes | The logical operator. Values:equal : Value equalsnot_equal : Value not equalsinclude : String containsnot_include : String not containsmatch : IP matchesnot_match : IP not matchesinclude_area : Regions containis_empty : Value left emptynot_exists : Key fields not existregexp : Regex matcheslen_gt : Value greater thanlen_lt : Value smaller thanlen_eq : Value equalsmatch_prefix : Prefix matchesmatch_suffix : Suffix matcheswildcard : Wildcard |
MatchContent | String | Yes | The content to match. |
AclConfig
ACL configuration
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Switch. Values:on : Enableoff : Disable |
AclUserRules | Array of AclUserRule | Yes | The custom rule. |
Customizes | Array of AclUserRule | No | Managed custom rules. |
AclUserRule
The custom rule
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
RuleName | String | Yes | The rule name. |
Action | String | Yes | The action. Values:trans : Allowdrop : Block the requestmonitor : Observeban : Block the IPredirect : Redirect the requestpage : Return the specified pagealg : JavaScript challenge |
RuleStatus | String | Yes | The rule status. Values:on : Enabledoff : Disabled |
AclConditions | Array of AclCondition | Yes | The custom rule. |
RulePriority | Integer | Yes | The rule priority. Value range: 0-100. |
RuleID | Integer | No | Rule ID, which is only used as an output parameter. |
UpdateTime | String | No | The update time, which is only used as an output parameter. |
PunishTime | Integer | No | IP ban duration. Range: 0-2 days. It's required when Action=ban . |
PunishTimeUnit | String | No | The unit of the IP ban duration. Values:second : Secondminutes : Minutehour : Hoursecond . |
Name | String | No | Name of the custom return page. It's required when Action=page . |
PageId | Integer | No | (Disused) ID of the custom return page. The default value is 0, which means that the system default blocking page is used. |
CustomResponseId | String | No | ID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Action=page . |
ResponseCode | Integer | No | The response code to trigger the return page. It's required when Action=page . Value: 100-600. 3xx response codes are not supported. Default value: 567. |
RedirectUrl | String | No | The redirection URL. It's required when Action=redirect . |
Action
Rule engine action. Each feature supports only one of the following three action types. The RuleAction
array can be of only one of the following types. For all details, see DescribeRulesSetting.
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
NormalAction | NormalAction | No | Common feature operations. the options for this category include:.accessurlredirect ).ResponseSpeedLimit : single connection download speed limit.CachePrefresh : cache prefresh.Compression : smart compression.Note: this field may return null, which indicates a failure to obtain a valid value. |
RewriteAction | RewriteAction | No | Feature operation with a request/response header. Features of this type include:RequestHeader : HTTP request header modification.ResponseHeader : HTTP response header modification.Note: This field may return null, indicating that no valid values can be obtained. |
CodeAction | CodeAction | No | Feature operation with a status code. Features of this type include:ErrorPage : Custom error page.StatusCodeCache : Status code cache TTL.Note: This field may return null, indicating that no valid values can be obtained. |
AdaptiveFrequencyControl
Adaptive frequency control.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Enabled | String | Yes | Whether adaptive frequency control is enabled. valid values: |
Sensitivity | String | No | The restriction level of adaptive frequency control. required when Enabled is on. valid values: |
Action | SecurityAction | No | The handling method of adaptive frequency control. this field is required when Enabled is on. valid values for SecurityAction Name: |
Addresses
IP range details.
Used by actions: DescribeOriginACL.
Name | Type | Required | Description |
---|---|---|---|
IPv4 | Array of String | No | IPv4 subnet. |
IPv6 | Array of String | No | IPv6 subnet. |
AdvancedFilter
Key-value pair filters for conditional filtering queries and fuzzy queries, such as filtering ID, name, and status.
If more than one filter exists, the logical relationship between these filters is AND
.
If one filter has multiple values, the logical relationship between these values is OR
.
Used by actions: DescribeAccelerationDomains, DescribeAliasDomains, DescribeConfigGroupVersions, DescribeContentIdentifiers, DescribeCustomErrorPages, DescribeDeployHistory, DescribeDnsRecords, DescribeOriginGroup, DescribePrefetchTasks, DescribePurgeTasks, DescribeRealtimeLogDeliveryTasks, DescribeZones.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Field to be filtered. |
Values | Array of String | Yes | Value of the filtered field. |
Fuzzy | Boolean | No | Whether to enable fuzzy query. |
AiRule
AI rule engine
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Mode | String | Yes | The status of the AI rule engine. Values:smart_status_close : Disabledsmart_status_open : Blocksmart_status_observe : Observe |
AlgDetectJS
Validate client behavior.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Name | String | No | Method to validate client behavior. |
WorkLevel | String | No | Proof-of-work strength. Values:low (default): Lowmiddle : Mediumhigh : High |
ExecuteMode | Integer | No | Implement a delay before executing JS in milliseconds. Value range: 0-1000. Default value: 500. |
InvalidStatTime | Integer | No | The period threshold for validating the result "Client JS disabled" in seconds. Value range: 5-3600. Default value: 10. |
InvalidThreshold | Integer | No | The number of times for the result "Client JS disabled" occurred in the specified period. Value range: 1-100000000. Default value: 30. |
AlgDetectResults | Array of AlgDetectResult | No | Client behavior validation results. |
AlgDetectResult
Active bot detection results.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Result | String | No | The validation result. Values:invalid : Invalid Cookiecookie_empty : No Cookie/Cookie expiredjs_empty : Client JS disabledlow : Low-risk sessionmiddle : Medium-risk sessionhigh : High-risk sessiontimeout : JS validation timed outnot_browser : Invalid browseris_bot : Bot client |
Action | String | No | The action. Values:drop : Blockmonitor : Observesilence : Drop w/o responseshortdelay : Add short latencylongdelay : Add long latency |
AlgDetectRule
Active bot detection rule.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
RuleID | Integer | No | ID of the rule. |
RuleName | String | No | Name of the rule. |
Switch | String | No | Whether to enable the rule. |
AlgConditions | Array of AclCondition | No | Condition specified for the rule. |
AlgDetectSession | AlgDetectSession | No | Checksum of the Cookie and behavior analysis of the session. |
AlgDetectJS | Array of AlgDetectJS | No | Validate client behavior when the condition is satisfied. |
UpdateTime | String | No | The update time, which is only used as an output parameter. |
AlgDetectSession
Validate Cookie.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Name | String | No | Method to validate Cookie. |
DetectMode | String | No | The validation mode. Values:detect : Validate onlyupdate_detect (default): Update Cookie and validate |
SessionAnalyzeSwitch | String | No | Whether to enable Cookie-based session check. The default value is off . Values:off : Disableon : Enable |
InvalidStatTime | Integer | No | The period threshold for validating the result "No Cookie/Cookie expired" in seconds. Value range: 5-3600. Default value: 10. |
InvalidThreshold | Integer | No | The number of times for the result "No Cookie/Cookie expired" occurred in the specified period. Value range: 1-100000000. Default value: 300. |
AlgDetectResults | Array of AlgDetectResult | No | Cookie validation results. |
SessionBehaviors | Array of AlgDetectResult | No | Cookie-based session check results. |
AliasDomain
Information of the alias domain name
Used by actions: DescribeAliasDomains.
Name | Type | Description |
---|---|---|
AliasName | String | The alias domain name. |
ZoneId | String | The site ID. |
TargetName | String | The target domain name. |
Status | String | Status of the alias domain name. Values:active : Activatedpending : Deployingconflict : Reclaimedstop : Stopped |
ForbidMode | Integer | The blocking mode. Values:0 : Not blocked11 : Blocked due to regulatory compliance14 : Blocked due to ICP filing not obtained |
CreatedOn | Timestamp ISO8601 | Creation time of the alias domain name. |
ModifiedOn | Timestamp ISO8601 | Modification time of the alias domain name. |
AllowActionParameters
Additional parameter for Web security Allow.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
MinDelayTime | String | No | Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: |
MaxDelayTime | String | No | Maximum delayed response time. supported units: |
ApplicationProxy
Application proxy instance
Used by actions: DescribeApplicationProxies.
Name | Type | Description |
---|---|---|
ZoneId | String | The site ID. |
ZoneName | String | The site name. |
ProxyId | String | The proxy ID. |
ProxyName | String | The domain name or subdomain name when ProxyType=hostname .The instance name when ProxyType=instance . |
ProxyType | String | The proxy type. Values:hostname : The proxy is created by subdomain name.instance : The proxy is created by instance. |
PlatType | String | The scheduling mode. Values:ip : Schedule via Anycast IP.domain : Schedule via CNAME. |
Area | String | Acceleration region. Values:mainland : Chinese mainland.overseas : Global (outside the Chinese mainland);Default value: overseas. |
SecurityType | Integer | Whether to enable security protection. Values:0 : Disable security protection.1 : Enable security protection. |
AccelerateType | Integer | Whether to enable acceleration. Values:0 : Disable acceleration.1 : Enable acceleration. |
SessionPersistTime | Integer | The session persistence duration. |
Status | String | The rule status. Values:online : Enabledoffline : Disabledprogress : Deployingstopping : Disablingfail : Failed to deploy or disable |
BanStatus | String | The blocking status of the proxy. Values:banned : Blockedbanning : Blockingrecover : Unblockedrecovering : Unblocking |
ScheduleValue | Array of String | Scheduling information. |
HostId | String | When ProxyType=hostname :This field indicates the unique ID of the subdomain name. |
Ipv6 | Ipv6 | The IPv6 access configuration. |
UpdateTime | Timestamp ISO8601 | The update time. |
ApplicationProxyRules | Array of ApplicationProxyRule | List of rules. |
AccelerateMainland | AccelerateMainland | Cross-MLC-border acceleration. |
ApplicationProxyRule
Application proxy rule
Used by actions: CreateApplicationProxy, DescribeApplicationProxies.
Name | Type | Required | Description |
---|---|---|---|
Proto | String | Yes | Protocol. Valid values: |
Port | Array of String | Yes | Port. Supported formats: Note: Up to 20 ports can be input for each rule. |
OriginType | String | Yes | Origin server type. Valid values: |
OriginValue | Array of String | Yes | Origin server information.["8.8.8.8","9.9.9.9"] or OriginValue=["test.com"] ; |
RuleId | String | No | Rule ID. |
Status | String | No | Status. Valid values: |
ForwardClientIp | String | No | Passing the client IP address. Valid values: |
SessionPersist | Boolean | No | Whether to enable session persistence. Valid values: |
SessionPersistTime | Integer | No | Duration for session persistence. the value takes effect only when SessionPersist is true. |
OriginPort | String | No | Origin server port. Supported formats: |
RuleTag | String | No | Tag of the rule. |
AscriptionInfo
The site ownership information
Used by actions: DescribeIdentifications, IdentifyZone.
Name | Type | Description |
---|---|---|
Subdomain | String | |
RecordType | String | The record type. |
RecordValue | String | The record value. |
AudioTemplateInfo
Audio stream configuration parameters.
Used by actions: CreateJustInTimeTranscodeTemplate, DescribeJustInTimeTranscodeTemplates.
Name | Type | Required | Description |
---|---|---|---|
Codec | String | Yes | Encoding format for audio streams. optional values:. |
AudioChannel | Integer | No | Audio channel quantity. valid values: |
AuthenticationParameters
Token authentication configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
AuthType | String | No | Authentication type. valid values:. |
SecretKey | String | No | The primary authentication key consists of 6–40 uppercase and lowercase english letters or digits, and cannot contain " and $. |
Timeout | Integer | No | Validity period of the authentication url, in seconds, value range: 1–630720000. used to determine if the client access request has expired:. |
BackupSecretKey | String | No | The backup authentication key consists of 6–40 uppercase and lowercase english letters or digits, and cannot contain " and $. |
AuthParam | String | No | Authentication parameters name. the node will validate the value corresponding to this parameter name. consists of 1-100 uppercase and lowercase letters, numbers, or underscores. note: this field is required when authtype is either typea or typed. |
TimeParam | String | No | Authentication timestamp. it cannot be the same as the value of the authparam field. note: this field is required when authtype is typed. |
TimeFormat | String | No | Authentication time format. values:. |
BandwidthAbuseDefense
Bandwidth abuse protection configuration (chinese mainland only).
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Enabled | String | Yes | Whether bandwidth abuse protection (applicable to chinese mainland only) is enabled. valid values: |
Action | SecurityAction | No | Bandwidth abuse protection (applicable to chinese mainland) handling method. required when Enabled is on. valid values for SecurityAction Name: |
BillingData
Billing data item.
Used by actions: DescribeBillingData.
Name | Type | Description |
---|---|---|
Time | Timestamp ISO8601 | Specifies the data timestamp. |
Value | Integer | Value. |
ZoneId | String | Site ID of the associated data point. if the content identifier feature is enabled, this item is the content identifier. |
Host | String | Specifies the domain name of the data point. |
ProxyId | String | Specifies the layer-4 proxy instance ID the data point belongs to. |
RegionId | String | Specifies the billing region ID the data point belongs to. the billing region is determined by the EdgeOne node region where the actual service user client is located. valid values: |
BillingDataFilter
Billing data filter criteria.
Used by actions: DescribeBillingData.
Name | Type | Required | Description |
---|---|---|---|
Type | String | Yes | Parameter name. |
Value | String | Yes | Parameter value. |
BindDomainInfo
Describes the domain names bound to the policy template.
Used by actions: DescribeWebSecurityTemplates.
Name | Type | Description |
---|---|---|
Domain | String | Domain name. |
ZoneId | String | Zone ID to which the domain belongs. |
Status | String | Binding status. valid values:. process : binding in progressonline : binding succeeded.fail : binding failed. |
BindSharedCNAMEMap
Bindings between a shared CNAME and connected domain names
Used by actions: BindSharedCNAME.
Name | Type | Required | Description |
---|---|---|---|
SharedCNAME | String | Yes | The shared CNAME to be bound with or unbound from. |
DomainNames | Array of String | Yes | Acceleration domains (up to 20). |
BlockIPActionParameters
Additional parameter for SecurityAction BlockIP
.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Duration | String | Yes | Penalty duration for BlockIP . Units: s : second, value range 1-120;m : minute, value range 1-120;h : hour, value range 1-48. |
BotConfig
Bot security configuration
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable bot security. Values:on : Enableoff : Disable |
BotManagedRule | BotManagedRule | No | The settings of the bot managed rule. If it is null, the settings that were last configured will be used. |
BotPortraitRule | BotPortraitRule | No | The settings of the client reputation rule. If it is null, the settings that were last configured will be used. |
IntelligenceRule | IntelligenceRule | No | Bot intelligent analysis. if null, use the last set configuration by default. |
BotUserRules | Array of BotUserRule | No | Settings of the custom bot rule. If it is null, the settings that were last configured will be used. |
AlgDetectRule | Array of AlgDetectRule | No | Active bot detection rule. |
Customizes | Array of BotUserRule | No | Bot managed custom policy. optional input. output usage only. |
BotExtendAction
Bot extended actions
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | Action. Valid values: monitor : Observe;alg : JavaScript challenge;captcha : Managed challenge;random : Actions are executed based on the percentage specified in ExtendActions ;silence : Silence;shortdelay : Add short latency;longdelay : Add long latency. |
Percent | Integer | No | The probability for triggering the action. value range: 0-100. |
BotManagedRule
Bot managed rules. The rule IDs can be obtained from the output of DescribeBotManagedRules.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | The rule action. Values:drop : Blocktrans : Allowalg : JavaScript challengemonitor : Observe |
RuleID | Integer | No | The rule ID, which is only used as an output parameter. |
TransManagedIds | Array of Integer | No | Rule ID to allow. defaults to no rules configured for allowance. |
AlgManagedIds | Array of Integer | No | Rule ID of the JS challenge. default is all rules without configuring the JS challenge. |
CapManagedIds | Array of Integer | No | The rule ID for digit verification code. by default, all rules do not configure digit verification code. |
MonManagedIds | Array of Integer | No | Rule ID for observation. by default, observation is not configured for all rules. |
DropManagedIds | Array of Integer | No | Rule ID for interception. by default, all rules have no configuration interception. |
BotManagement
Web security BOT managed rules architecture.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
ClientAttestationRules | ClientAttestationRules | No | Definition list of client authentication rules. feature in beta test. submit a ticket or contact smart customer service if needed. |
BotPortraitRule
Bot user portrait rules
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Switch. Values:on : Enableoff : Disable |
RuleID | Integer | No | The rule ID, which is only used as an output parameter. |
AlgManagedIds | Array of Integer | No | The rule ID of JS challenge. default all rules without configuring JS challenge. |
CapManagedIds | Array of Integer | No | Rule ID for digit captcha-intl. default is all rules without configuring digit captcha-intl. |
MonManagedIds | Array of Integer | No | Rule ID for observation. by default, observation is not configured for all rules. |
DropManagedIds | Array of Integer | No | Rule ID for interception. default to all rules with no configuration interception. |
BotUserRule
Custom bot rules
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
RuleName | String | Yes | |
Action | String | Yes | The action. Values:drop : Block the requestmonitor : Observetrans : Allowredirect : Redirect the requestpage : Return the specified pagealg : JavaScript challengecaptcha : Managed challengerandom : Handle the request randomly by the weightsilence : Keep the connection but do not response to the clientshortdelay : Add a short latency periodlongdelay : Add a long latency period |
RuleStatus | String | Yes | The rule status. Values:on : Enabledoff : Disabledon |
AclConditions | Array of AclCondition | Yes | Details of the rule. |
RulePriority | Integer | Yes | The rule weight. Value range: 0-100. |
RuleID | Integer | No | Rule ID, which is only used as an output parameter. |
ExtendActions | Array of BotExtendAction | No | [Currently unavailable] Specify the random action and percentage. |
FreqFields | Array of String | No | The filter. Values:sip : Client IPThis parameter is left empty by default. |
UpdateTime | String | No | The update time, which is only used as an output parameter. |
FreqScope | Array of String | No | Query scope. Values:source_to_eo : (Response) Traffic going from the origin to EdgeOne.client_to_eo : (Request) Traffic going from the client to EdgeOne.Default: source_to_eo . |
Name | String | No | Name of the custom return page. It's required when Action=page . |
CustomResponseId | String | No | ID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Action=page . |
ResponseCode | Integer | No | The response code to trigger the return page. It's required when Action=page . Value: 100-600. 3xx response codes are not supported. Default value: 567. |
RedirectUrl | String | No | The redirection URL. It's required when Action=redirect . |
CC
CC configuration item.
Used by actions: DescribeHostsSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | WAF switch. Values:on : Enableoff : Disable |
PolicyId | Integer | No | ID of the policy |
CLSTopic
The configuration information of real-time log delivery to Tencent Cloud CLS
Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks.
Name | Type | Required | Description |
---|---|---|---|
LogSetId | String | Yes | The ID of the Tencent Cloud CLS log set. |
TopicId | String | Yes | The ID of the Tencent Cloud CLS log topic. |
LogSetRegion | String | Yes | The region of the Tencent Cloud CLS log set. |
Cache
Cache time settings
Used by actions: DescribeHostsSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable cache configuration. Values:on : Enableoff : Disable |
CacheTime | Integer | No | Specifies the cache expiration time settings. Unit: seconds. the maximum settable value is 365 days. |
CacheConfig
Cache rule configuration.
Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Cache | Cache | No | Cache configuration Note: This field may return null, indicating that no valid values can be obtained. |
NoCache | NoCache | No | No-cache configuration Note: This field may return null, indicating that no valid values can be obtained. |
FollowOrigin | FollowOrigin | No | Follows the origin server configuration Note: This field may return null, indicating that no valid values can be obtained. |
CacheConfigCustomTime
Node cache TTL custom cache time configuration parameters
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Custom cache time switch. values:.On : enable;. |
CacheTime | Integer | No | Custom cache time value, unit: seconds. value range: 0-315360000. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled. |
CacheConfigParameters
Node Cache TTL configuration parameters
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
FollowOrigin | FollowOrigin | No | Follow origin server cache configuration. only one of followorigin, nocache, customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value. |
NoCache | NoCache | No | No cache configuration. only one of followorigin, nocache, customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value. |
CustomTime | CacheConfigCustomTime | No | Custom cache time configuration. only one of followorigin, nocache, customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value. |
CacheKey
The cache key configuration.
Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
FullUrlCache | String | No | Whether to enable full path cache. valid values:.on : enable full-path cache (i.e., disable ignore query string).off : disable full-path cache (i.e., enable parameter ignore). |
IgnoreCase | String | No | Specifies whether to use case-insensitive cache. valid values:.on : ignoreoff : not ignore |
QueryString | QueryString | No | Request parameter contained in CacheKey . Note: This field may return null , indicating that no valid values can be obtained. |
CacheKeyConfigParameters
The cache key configuration.
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
FullURLCache | String | No | Whether to enable full-path cache. values:.On : enable full-path cache (i.e., disable ignore query string).Off : disable full-path cache (i.e., enable ignore query string). |
IgnoreCase | String | No | Whether to ignore case in the cache key. values:.On : ignore;Off : not ignore. |
QueryString | CacheKeyQueryString | No | Query string retention configuration parameter. this field and fullurlcache must be set simultaneously, but cannot both be on . |
CacheKeyCookie
Custom Cache Key Cookie configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable feature. values:.On : enable;. |
Action | String | No | Cache action. values:.Full : retain allignore : ignore all;includecustom : retain specified parameters;excludecustom : ignore specified parameters.switch is on, this field is required. when switch is off, this field is not required and will not take effect if filled. |
Values | Array of String | No | Custom cache key cookie name list. note: this field is required when action is includecustom or excludecustom; when action is full or ignore, this field is not required and will not take effect if filled. |
CacheKeyHeader
Custom Cache Key HTTP request header configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable feature. values:.On : enable;. |
Values | Array of String | No | Custom cache key http request header list. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled. |
CacheKeyParameters
Custom Cache Key configuration parameters. The FullURLCache and QueryString parameters are combined. For specific examples, refer to:
- Retain all query strings. Enable ignore case.
{
"CacheKey": {
"FullURLCache": "on",
"QueryString": {
"Switch": "off"
},
"IgnoreCase": "on"
}
}
- Ignore all query strings. Enable ignore case.
{
"CacheKey": {
"FullURLCache": "off",
"QueryString": {
"Switch": "off"
},
"IgnoreCase": "on"
}
}
- Retain specified query string parameters. Disable ignore case.
{
"CacheKey": {
"FullURLCache": "off",
"QueryString": {
"Switch": "on",
"Action": "includeCustom",
"Values": ["name1","name2","name3"]
},
"IgnoreCase": "off"
}
}
-Query string ignore specified parameters. Disable ignore case.
{
"CacheKey": {
"FullURLCache": "off",
"QueryString": {
"Switch": "on",
"Action": "excludeCustom",
"Values": ["name1","name2","name3"]
},
"IgnoreCase": "off"
}
}
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
FullURLCache | String | No | Switch for retaining the complete query string. values:.On : enable;. |
QueryString | CacheKeyQueryString | No | Configuration parameter for retaining the query string. this field and fullurlcache must be set simultaneously, but cannot both be on. Note: this field may return null, which indicates a failure to obtain a valid value. |
IgnoreCase | String | No | Switch for ignoring case. values:.On : enable;. |
Header | CacheKeyHeader | No | HTTP request header configuration parameters. at least one of the following configurations must be set: fullurlcache, ignorecase, header, scheme, cookie. Note: this field may return null, which indicates a failure to obtain a valid value. |
Scheme | String | No | Request protocol switch. valid values:.On : enable;. |
Cookie | CacheKeyCookie | No | Cookie configuration parameters. at least one of the following configurations must be set: fullurlcache, ignorecase, header, scheme, cookie. Note: this field may return null, which indicates a failure to obtain a valid value. |
CacheKeyQueryString
Custom Cache Key query string configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Query string retain/ignore specified parameter switch. valid values are:.On : enable;. |
Action | String | No | Actions to retain/ignore specified parameters in the query string. values:.IncludeCustom : retain partial parameters.ExcludeCustom : ignore partial parameters.switch is on. when switch is off, this field is not required and will not take effect if filled. |
Values | Array of String | No | List of parameter names to be retained/ignored in the query string. note: this field is required when switch is on. when switch is off, this field is not required and will not take effect if filled. |
CacheParameters
Node Cache TTL configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
FollowOrigin | FollowOrigin | No | Cache follows origin server. if not specified, this configuration is not set. only one of followorigin, nocache, or customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value. |
NoCache | NoCache | No | No cache. if not specified, this configuration is not set. only one of followorigin, nocache, or customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value. |
CustomTime | CustomTime | No | Custom cache time. if not specified, this configuration is not set. only one of followorigin, nocache, or customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value. |
CachePrefresh
Cache prefresh
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable cache prefresh. Values:on : Enableoff : Disable |
Percent | Integer | No | Cache pre-refresh percentage. value range: 1-99. |
CachePrefreshParameters
Cache prefresh configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable cache prefresh. values:.On : enable;. |
CacheTimePercent | Integer | No | Prefresh interval set as a percentage of the node cache time. value range: 1-99. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled. |
CacheTag
The information attached when the node cache purge type is set to purge_cache_tag.
Used by actions: CreatePurgeTask.
Name | Type | Required | Description |
---|---|---|---|
Domains | Array of String | Yes | List of domain names to purge cache for. |
CertificateInfo
HTTPS server certificate configuration
Used by actions: DescribeAccelerationDomains, ModifyHostsCertificate.
Name | Type | Required | Description |
---|---|---|---|
CertId | String | Yes | Certificate ID, which originates from the SSL side. You can check the CertId from the SSL Certificate List. |
Alias | String | No | Alias of the certificate. |
Type | String | No | Type of the certificate. Values:default : Default certificateupload : Specified certificatemanaged : Tencent Cloud-managed certificate |
ExpireTime | Timestamp ISO8601 | No | The certificate expiration time. |
DeployTime | Timestamp ISO8601 | No | Time when the certificate is deployed. |
SignAlgo | String | No | Signature algorithm. |
Status | String | No | Status of the certificate. Values: u200c deployed : The deployment has completedu200c processing : Deployment in progressu200c applying : Application in progressu200c failed : Application rejectedissued : Binding failed. |
ChallengeActionParameters
Web security Challenge additional parameter.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
ChallengeOption | String | Yes | Safe execution challenge actions. valid values: |
Interval | String | No | Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: |
AttesterId | String | No | Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge. |
CheckRegionHealthStatus
Health status of origin servers in each health check region.
Used by actions: DescribeOriginGroupHealthStatus.
Name | Type | Description |
---|---|---|
Region | String | Health check region, which is a two-letter code according to ISO-3166-1. |
Healthy | String | Health status of origin servers in a single health check region. Valid values: |
OriginHealthStatus | Array of OriginHealthStatus | Origin server health status. |
ClientAttestationRule
Client authentication rule.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Id | String | No | Client authentication rule ID. supported rule configuration operations by rule ID: |
Name | String | No | Specifies the name of the client authentication rule. |
Enabled | String | No | Whether the rule is enabled. valid values: on : enableoff : disable |
Priority | Integer | No | Priority of rules. a smaller value indicates higher priority execution. value range: 0-100. default value: 0. |
Condition | String | No | The rule content must comply with expression grammar. for details, see the product document. |
AttesterId | String | No | Specifies the client authentication option ID. |
DeviceProfiles | Array of DeviceProfile | No | Client device configuration. if the DeviceProfiles parameter value is not specified in the ClientAttestationRules parameter, keep the existing client device configuration and do not modify it. |
InvalidAttestationAction | SecurityAction | No | Handling method for failed client authentication. valid values for SecurityAction Name: |
ClientAttestationRules
Describes the client authentication configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Rules | Array of ClientAttestationRule | No | List of client authentication. when using ModifySecurityPolicy to modify Web protection configuration: |
ClientAttester
Specifies the authentication option configuration.
Used by actions: CreateSecurityClientAttester, DescribeSecurityClientAttester, ModifySecurityClientAttester.
Name | Type | Required | Description |
---|---|---|---|
Id | String | No | Authentication option ID. |
Name | String | No | Specifies the authentication option name. |
Type | String | No | Authentication rule type. only returned in the response. valid values:. |
AttesterSource | String | No | Authentication method. valid values:. |
AttesterDuration | String | No | Validity time of the authentication. defaults to 60s. supported measurement units:. |
TCRCEOption | TCRCEOption | No | TC-RCE authentication configuration message. |
TCCaptchaOption | TCCaptchaOption | No | Specifies the configuration message for TC-CAPTCHA certification. |
ClientFiltering
Intelligent client filtering.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Enabled | String | Yes | Whether intelligent client filtering is enabled. valid values: |
Action | SecurityAction | No | The handling method of intelligent client filtering. when Enabled is on, this field is required. the Name parameter of SecurityAction supports: |
ClientIPCountryParameters
Location information of the Client IP carried in origin-pull. It is formatted as a two-letter ISO-3166-1 country/region code.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable configuration. values:.On : enable;. |
HeaderName | String | No | Name of the request header that contains the client ip region. it is valid when switch=on . the default value eo-client-ipcountry is used when it is not specified. |
ClientIPHeaderParameters
The header configuration for storing client request IP.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable configuration. values:.On : enable;. |
HeaderName | String | No | Name of the request header containing the client ip address for origin-pull. when switch is on, this parameter is required. x-forwarded-for is not allowed for this parameter. |
ClientIpCountry
Location information of the client IP carried in origin-pull. It is formatted as a two-letter ISO-3166-1 country/region code.
Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable configuration. Values:on : Enableoff : Disable |
HeaderName | String | No | Name of the request header that contains the client IP region. It is valid when Switch=on . The default value EO-Client-IPCountry is used when it is not specified. |
ClientIpHeader
The client IP header configuration
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable the configuration. Values:on : Enableoff : Disable |
HeaderName | String | No | Specifies the request header name containing the client IP For origin-pull. this parameter is required when Switch is on. X-Forwarded-For is not allowed For this parameter. |
CnameStatus
CNAME status
Used by actions: CheckCnameStatus.
Name | Type | Description |
---|---|---|
RecordName | String | The domain name. |
Cname | String | The CNAME address. Note: This field may return null, indicating that no valid values can be obtained. |
Status | String | CNAME status. valid values:.active : activatedmoved : not effective; |
CodeAction
Rule engine action with a status code
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | Feature name. For details, see DescribeRulesSetting API |
Parameters | Array of RuleCodeActionParams | Yes | Operation parameter. |
Compression
Smart compression configuration.
Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable smart compression. Values:on : Enableoff : Disable |
Algorithms | Array of String | No | Supported compression algorithm list. valid values:. |
CompressionParameters
Smart compression configuration.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable smart compression. values:.On : enable;. |
Algorithms | Array of String | No | Supported compression algorithm list. this field is required when switch is on; otherwise, it is not effective. valid values:.Brotli : brotli algorithm;Gzip : gzip algorithm. |
ConfigGroupVersionInfo
Version information about the configuration group.
Used by actions: DeployConfigGroupVersion, DescribeConfigGroupVersionDetail, DescribeConfigGroupVersions, DescribeDeployHistory, DescribeEnvironments.
Name | Type | Required | Description |
---|---|---|---|
VersionId | String | Yes | Version ID. |
VersionNumber | String | No | Version No. |
GroupId | String | No | Configuraration group ID. |
GroupType | String | No | Configuration group type. Valid values: |
Description | String | No | Version description. |
Status | String | No | Version status. Valid values: |
CreateTime | Timestamp ISO8601 | No | Version creation time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC). |
ContentIdentifier
Content identifier. This feature is only available to the allowlist.
Used by actions: DescribeContentIdentifiers.
Name | Type | Description |
---|---|---|
ContentId | String | Content identifier id. |
Description | String | Content identifier description. |
ReferenceCount | Integer | Count of citations by the rule engine. |
PlanId | String | Bound package id. |
Tags | Array of Tag | Bound tags. |
Status | String | Content identifier status. valid values:.Active : activatedDeleted : deleted |
CreatedOn | Timestamp ISO8601 | Creation time, which adopts coordinated universal time (utc) and follows the date and time format of the iso 8601 standard. |
ModifiedOn | Timestamp ISO8601 | Latest update time, which adopts coordinated universal time (utc) and follows the date and time format of the iso 8601 standard. |
DeletedOn | Timestamp ISO8601 | Deletion time, which is empty when the status is not deleted . the time format follows the iso 8601 standard and is represented in coordinated universal time (utc).Note: this field may return null, which indicates a failure to obtain a valid value. |
CurrentOriginACL
Currently effective origin ACLs.
Used by actions: DescribeOriginACL.
Name | Type | Required | Description |
---|---|---|---|
EntireAddresses | Addresses | No | IP range details. Note: This field may return null, which indicates a failure to obtain a valid value. |
Version | String | No | Version number. Note: This field may return null, which indicates a failure to obtain a valid value. |
ActiveTime | String | No | Version effective time in UTC+8, following the date and time format of the ISO 8601 standard. Note: This field may return null, which indicates a failure to obtain a valid value. |
IsPlaned | String | No | This parameter is used to record whether "I've upgraded to the lastest verison" is completed before the origin ACLs version is effective. valid values:. - true: specifies that the version is effective and the update to the latest version is confirmed. - false: when the version takes effect, the confirmation of updating to the latest origin ACLs are not completed. The IP range is forcibly updated to the latest version in the backend. When this parameter returns false, please confirm in time whether your origin server firewall configuration has been updated to the latest version to avoid origin-pull failure. Note: This field may return null, which indicates a failure to obtain a valid value. |
CustomEndpoint
The configuration information of real-time log delivery to a custom HTTP(S) interface
Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.
Name | Type | Required | Description |
---|---|---|---|
Url | String | Yes | Address of the custom HTTP API for real-time log shipping. Currently, only HTTP and HTTPS protocols are supported. |
AccessId | String | No | Custom SecretId used for generating an encrypted signature. This parameter is required if the origin server needs authentication. |
AccessKey | String | No | Custom SecretKey used for generating an encrypted signature. This parameter is required if the origin server needs authentication. |
CompressType | String | No | Type of data compression. Valid values: |
Protocol | String | No | Type of the application layer protocol used in POST requests for log shipping. Valid values: |
Headers | Array of Header | No | Custom request header carried in log shipping. For a header carried by default in EdgeOne log pushing, such as Content-Type, the header value you input will overwrite the default value. The header value references a single variable ${batchSize} to obtain the number of log entries included in each POST request. |
CustomErrorPage
Custom error code page structure.
Used by actions: DescribeCustomErrorPages.
Name | Type | Description |
---|---|---|
PageId | String | Custom error page ID. |
ZoneId | String | Zone ID. |
Name | String | Custom error page name. |
ContentType | String | Custom error page type. |
Description | String | Custom error page description. |
Content | String | Custom error page content. |
References | Array of ErrorPageReference | Custom error page reference. |
CustomField
The custom log field in a real-time log delivery task.
Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Type of the custom log field, which indicates extracting data from specified positions in HTTP requests and responses. valid values:. |
Value | String | Yes | Enter the field value definition based on the field type (Name). this parameter is case-sensitive. |
Enabled | Boolean | No | Whether to deliver this field. leave blank to skip delivery. |
CustomRule
Custom rule configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | The custom rule name. |
Condition | String | Yes | The specifics of the custom rule, must comply with the expression grammar, please refer to product documentation for details. |
Action | SecurityAction | Yes | Action for custom rules. The Name parameter of SecurityAction supports: Deny : block;Monitor : observe;ReturnCustomPage : block with customized page;Redirect : Redirect to URL;BlockIP : IP blocking;JSChallenge : JavaScript challenge;ManagedChallenge : managed challenge;Allow : Allow. |
Enabled | String | Yes | The custom rule status. Values: on : enabledoff : disabled |
Id | String | No | Custom rule ID. Different rule configuration operations are supported by rule ID : - Add a new rule: ID is empty or the ID parameter is not specified; - Modify an existing rule: specify the rule ID that needs to be updated/modified; - Delete an existing rule: existing rules not included in the Rules parameter will be deleted. |
RuleType | String | No | Type of custom rule. Values: BasicAccessRule : basic access control;PreciseMatchRule : exact custom rule, default;ManagedAccessRule : expert customized rule, output parameter only. |
Priority | Integer | No | Customize the priority of custom rule. Range: 0-100, the default value is 0, this parameter only supports PreciseMatchRule. |
CustomRules
Custom rules configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Rules | Array of CustomRule | No | The custom rule. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the Rules parameter is not specified: keep the existing custom rule configuration without modification. |
CustomTime
Node cache TTL custom cache time parameter configuration.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Custom cache time switch. values:.On : enable;. |
IgnoreCacheControl | String | No | Ignore origin server cachecontrol switch. values:.On : enable;. switch is on. when switch is off, this field is not required and will not take effect if filled. |
CacheTime | Integer | No | Custom cache time value, unit: seconds. value range: 0-315360000. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled. |
CustomizedHeader
Custom header that can be configured for HTTP/HTTPS health check policies under a LoadBalancer.
Used by actions: CreateLoadBalancer, ModifyLoadBalancer.
Name | Type | Required | Description |
---|---|---|---|
Key | String | Yes | Specifies the custom header Key. |
Value | String | Yes | Set custom headers Value. |
DDoS
DDoS mitigation configuration
Used by actions: DescribeHostsSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Switch. Values:on : Enableoff : Disable |
DDoSAttackEvent
Information of the DDoS attacker
Used by actions: DescribeDDoSAttackEvent.
Name | Type | Description |
---|---|---|
EventId | String | The event ID. |
AttackType | String | The attack type. |
AttackStatus | Integer | The attack status. |
AttackMaxBandWidth | Integer | The maximum attack bandwidth. |
AttackPacketMaxRate | Integer | The peak attack packet rate. |
AttackStartTime | Integer | The attack start time recorded in seconds. |
AttackEndTime | Integer | The attack end time recorded in seconds. |
PolicyId | Integer | The DDoS policy ID. Note: This field may return null , indicating that no valid value was found. |
ZoneId | String | The site ID. Note: This field may return null , indicating that no valid value was found. |
Area | String | Geolocation scope. Values: overseas : Regions outside the Chinese mainlandmainland : Chinese mainlandNote: This field may return null , indicating that no valid value was found. |
DDoSBlockData | Array of DDoSBlockData | The blocking time of a DDoS attack. Note: This field may return null , indicating that no valid value was found. |
DDoSBlockData
DDoS blocking details
Used by actions: DescribeDDoSAttackEvent.
Name | Type | Description |
---|---|---|
StartTime | Integer | The start time recorded in UNIX timestamp. |
EndTime | Integer | The end time recorded in UNIX timestamp. 0 indicates the blocking is ongoing. |
BlockArea | String | The regions blocked. |
DDoSProtection
Exclusive Anti-DDoS protection configuration.
Used by actions: DescribeDDoSProtection, ModifyDDoSProtection.
Name | Type | Required | Description |
---|---|---|---|
ProtectionOption | String | Yes | Specifies the protection scope of standalone DDoS. valid values:. |
DomainDDoSProtections | Array of DomainDDoSProtection | No | Anti-DDoS configuration of the domain. specifies the exclusive ddos protection settings for the domain in request parameters. |
SharedCNAMEDDoSProtections | Array of DomainDDoSProtection | No | Specifies the exclusive DDoS protection configuration of a shared CNAME. used as an output parameter. |
DDosProtectionConfig
Exclusive DDoS protection specifications configuration applicable to Layer 4 proxy or web site service.
Used by actions: CreateL4Proxy, DescribeL4Proxy.
Name | Type | Required | Description |
---|---|---|---|
LevelMainland | String | No | Dedicated anti-DDoS specifications in the Chinese mainland. For details, refer to Dedicated Anti-DDoS Related Fees. |
MaxBandwidthMainland | Integer | No | Configuration of elastic protection bandwidth for exclusive DDoS protection in the Chinese mainland.Valid only when exclusive DDoS protection in the Chinese mainland is enabled (refer to the LevelMainland parameter configuration), and the value has the following limitations: |
LevelOverseas | String | No | Dedicated anti-DDoS specifications in global regions (excluding the Chinese mainland). |
DefaultServerCertInfo
HTTPS server certificate configuration
Used by actions: DescribeDefaultCertificates.
Name | Type | Required | Description |
---|---|---|---|
CertId | String | Yes | Specifies the server certificate ID. |
Alias | String | No | Certificate remark name. |
Type | String | No | Certificate type. valid values:.default : Default certificate;upload : External certificate;managed : Tencent Cloud managed certificate. |
ExpireTime | Timestamp ISO8601 | No | Certificate expiration time. |
EffectiveTime | Timestamp ISO8601 | No | Certificate Validation Time. |
CommonName | String | No | Common name of the cert. |
SubjectAltName | Array of String | No | Specifies the SAN domain of the certificate. |
Status | String | No | Deployment state. valid values:.Failed : deployment failed |
Message | String | No | Indicates the failure reason when the Status is failed. |
SignAlgo | String | No | Certificate algorithm. |
DeliveryCondition
Real-time log delivery conditions used to define the scope of log delivery. The relationship between items in a DeliveryCondition array is "or", whereas the relationship between items in an inner Conditions array is "and".
Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.
Name | Type | Required | Description |
---|---|---|---|
Conditions | Array of QueryCondition | No | Log filter criteria. The detailed filter criteria are as follows: ?? Supported operators: equal, great, less, great_equal, less_equal ?? Valid values: any integer greater than or equal to 0 ?? Supported operators: equal, great, less, great_equal, less_equal. ?? Valid values: any integer greater than or equal to -1 ?? Supported operator: equal ?? Options: ?? -: unknown/not matched ?? Monitor: observation ?? JSChallenge: JavaScript challenge ?? Deny: blocking ?? Allow: allowing ?? BlockIP: IP blocking ?? Redirect: redirection ?? ReturnCustomPage: returning to a custom page ?? ManagedChallenge: managed challenge ?? Silence: silence ?? LongDelay: response after a long delay ?? ShortDelay: response after a short delay ??Supported operator: equal ??Options: ?? -: unknown/not matched ?? CustomRule: Custom Rules in Web Protection ?? RateLimitingCustomRule: Rate Limiting Rules in Web Protection ?? ManagedRule: Managed Rules in Web Protection ?? L7DDoS: CC Attack Defense in Web Protection ?? BotManagement: Bot Basic Management in Bot Management ?? BotClientReputation: Client Reputation Analysis in Bot Management ?? BotBehaviorAnalysis: Bot Intelligent Analysis in Bot Management ?? BotCustomRule: Custom Bot Rules in Bot Management ?? BotActiveDetection: Active Detection in Bot Management |
DenyActionParameters
Safe execution action specifies additional parameters for the ban.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
BlockIp | String | No | Specifies whether to extend the ban on the source IP. valid values.on : Enable;After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated. Note: this option cannot intersect with ReturnCustomPage or Stall. |
BlockIpDuration | String | No | The ban duration when BlockIP is on. |
ReturnCustomPage | String | No | Specifies whether to use a custom page. valid values:.on : Enable;Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously. Note: this option cannot intersect with the BlockIp or Stall option. |
ResponseCode | String | No | Status code of the custom page. |
ErrorPageId | String | No | Specifies the page id of the custom page. |
Stall | String | No | Specifies whether to suspend the request source without processing. valid values:.on : Enable;Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources. Note: this option cannot intersect with BlockIp or ReturnCustomPage options. |
DeployRecord
Version release record details for the configuration group.
Used by actions: DescribeDeployHistory.
Name | Type | Description |
---|---|---|
ConfigGroupVersionInfos | Array of ConfigGroupVersionInfo | Details about the released version. |
DeployTime | Timestamp ISO8601 | Release time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC). |
Status | String | Release status. Valid values: |
Message | String | Release result information. |
RecordId | String | Release record ID. |
Description | String | Change description. |
DetailHost
Domain name configuration information
Used by actions: DescribeHostsSetting.
Name | Type | Description |
---|---|---|
ZoneId | String | The site ID. |
Status | String | The acceleration status. Values:process : In progressonline : Enabledoffline : Disabled |
Host | String | The domain name. |
ZoneName | String | Name of the site |
Cname | String | The assigned CNAME |
Id | String | The resource ID. |
InstanceId | String | The instance ID. |
Lock | Integer | The lock status. |
Mode | Integer | The domain name status. |
Area | String | The acceleration area of the domain name. Values:global : Global.mainland : Chinese mainland.overseas : Outside the Chinese mainland. |
AccelerateType | AccelerateType | The acceleration type configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
Https | Https | The HTTPS configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
CacheConfig | CacheConfig | The cache configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
Origin | Origin | The origin configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
SecurityType | SecurityType | The security type. Note: This field may return null, indicating that no valid values can be obtained. |
CacheKey | CacheKey | The cache key configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
Compression | Compression | The smart compression configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
Waf | Waf | The WAF protection configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
CC | CC | The CC protection configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
DDoS | DDoS | DDoS mitigation configuration Note: This field may return null, indicating that no valid values can be obtained. |
SmartRouting | SmartRouting | The smart routing configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
Ipv6 | Ipv6 | The IPv6 access configuration item. Note: This field may return null, indicating that no valid values can be obtained. |
ClientIpCountry | ClientIpCountry | Whether to carry the location information of the client IP during origin-pull. Note: This field may return null , indicating that no valid value can be obtained. |
DetectLengthLimitCondition
Length limit detection condition configuration.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Parameter name of the matched condition. Values:.body_depth : detection depth of the request body packet part. |
Values | Array of String | Yes | The parameter value of the match condition. the value is used in pairs with Name. When the Name value is body_depth, Values only support passing in a single value. valid Values:. |
DetectLengthLimitConfig
Length limit detection configuration.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
DetectLengthLimitRules | Array of DetectLengthLimitRule | Yes | List of rules that detect length limits. |
DetectLengthLimitRule
Length limit detection rule details configuration.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
RuleId | Integer | Yes | Rule Id, output parameter only. |
RuleName | String | Yes | Rule name, output parameter only. |
Description | String | Yes | Rule description, output parameter only. |
Conditions | Array of DetectLengthLimitCondition | Yes | Rule configuration conditions, output parameter only. |
Action | String | Yes | Handling method. Values:.skip : when request body data exceeds the detection depth set by body_depth in Conditions output parameters, skip all request body content detection.scan : detect at the detection depth set by body_depth in the Conditions output parameters only. Truncate the excess part of the request body content directly, the excess part of the request body will not go through security detection. |
DeviceProfile
Describes the client device configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
ClientType | String | Yes | Client device type. valid values: |
HighRiskMinScore | Integer | No | The minimum value to determine a request as high-risk ranges from 1–99. the larger the value, the higher the request risk, and the closer it resembles a request initiated by a Bot client. the default value is 50, corresponding to high-risk for values 51–100. |
HighRiskRequestAction | SecurityAction | No | Handling method for high-risk requests. valid values for SecurityAction Name: |
MediumRiskMinScore | Integer | No | Specifies the minimum value to determine a request as medium-risk. value range: 1–99. the larger the value, the higher the request risk, resembling requests initiated by a Bot client. default value: 15, corresponding to medium-risk for values 16–50. |
MediumRiskRequestAction | SecurityAction | No | Handling method for medium-risk requests. SecurityAction Name parameter supports: |
DiffIPWhitelist
Differences between the newest and existing intermediate IPs
Used by actions: DescribeOriginProtection.
Name | Type | Description |
---|---|---|
LatestIPWhitelist | IPWhitelist | The latest intermediate IPs. |
AddedIPWhitelist | IPWhitelist | The intermediate IPs added to the existing list. |
RemovedIPWhitelist | IPWhitelist | The intermediate IPs removed from the existing list. |
NoChangeIPWhitelist | IPWhitelist | The intermediate IPs that remain unchanged. |
DnsRecord
DNS record
Used by actions: DescribeDnsRecords, ModifyDnsRecords.
Name | Type | Required | Description |
---|---|---|---|
ZoneId | String | No | Zone id. note: zoneid is for output parameter use only and cannot be used as an input parameter in modifydnsrecords. if this parameter is passed, it will be ignored. |
RecordId | String | No | DNS record id. |
Name | String | No | DNS record name. |
Type | String | No | DNS record type. valid values are:. |
Location | String | No | DNS record resolution route, if not specified, defaults to default, indicating the default resolution route, effective in all regions. resolution route configuration only applies when type (dns record type) is a, aaaa, or cname. for valid values, refer to: resolution routes and corresponding code enumeration. |
Content | String | No | DNS record content. fill in the corresponding content based on the type value. |
TTL | Integer | No | Cache time. value range: 60–86400. the smaller the value, the faster the record modification will take effect globally. unit: seconds. |
Weight | Integer | No | DNS record weight. value range: -1–100. a value of -1 means no weight is assigned, and 0 means no parsing. weight configuration is only applicable when type (dns record type) is a, aaaa, or cname. |
Priority | Integer | No | MX record priority. value range: 0–50. the smaller the value, the higher the priority. |
Status | String | No | DNS record parsing status. valid values are: |
CreatedOn | Timestamp ISO8601 | No | Creation time. note: createdon is only used as an output parameter and cannot be used as an input parameter in modifydnsrecords. if this parameter is passed, it will be ignored. |
ModifiedOn | Timestamp ISO8601 | No | Modification time. note: modifiedon is for output parameter only and cannot be used as an input parameter in modifydnsrecords. if this parameter is passed, it will be ignored. |
DnsVerification
Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.
Name | Type | Description |
---|---|---|
Subdomain | String | The host record. |
RecordType | String | The record type. |
RecordValue | String | The record value. |
DomainDDoSProtection
Exclusive Anti-DDoS protection of the domain.
Used by actions: DescribeDDoSProtection, ModifyDDoSProtection.
Name | Type | Required | Description |
---|---|---|---|
Domain | String | Yes | Domain name. |
Switch | String | Yes | Standalone DDoS switch of the domain. valid values:. |
DropPageConfig
Block page configuration
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable configuration. Values:on : Enableoff : Disable |
WafDropPageDetail | DropPageDetail | No | Intercept page configuration for Waf(managed rules) module. if null, historical configuration is used by default. |
AclDropPageDetail | DropPageDetail | No | Interception page configuration for custom pages. if null, use the last set configuration by default. |
DropPageDetail
The configuration details of the block page
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
PageId | Integer | Yes | The ID of the block page. Specify 0 to use the default block page. (Disused) If 0 is passed, the default block page will be used. |
StatusCode | Integer | Yes | The HTTP status code to trigger the block page. Range: 100-600, excluding 3xx codes. Code 566: Requests blocked by managed rules. Code 567: Requests blocked by web security rules (except managed rules). |
Name | String | Yes | The block page file or URL. |
Type | String | Yes | Type of the block page. Values:page : Return the specified page. |
CustomResponseId | String | No | ID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Type=page . |
EntityStatus
Status of domain names bound with this template.
Used by actions: DescribeSecurityTemplateBindings.
Name | Type | Description |
---|---|---|
Entity | String | Instance name. Only subdomain names are supported. |
Status | String | Instance configuration status. Values:online : Configuration has taken effect;fail : Configuration failed;process : Configuration is being delivered. |
Message | String | Message returned after the operation completed. |
EnvInfo
Environment information.
Used by actions: DescribeEnvironments.
Name | Type | Description |
---|---|---|
EnvId | String | Environment ID. |
EnvType | String | Environment type. Valid values: |
Status | String | Environment status. Valid values: |
Scope | Array of String | Effective scope of the configuration in the current environment. Valid values: |
CurrentConfigGroupVersionInfos | Array of ConfigGroupVersionInfo | For the effective versions of each configuration group in the current environment, there are two possible scenarios based on the value of Status: |
CreateTime | Timestamp ISO8601 | Creation time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC). |
UpdateTime | Timestamp ISO8601 | Update time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC). |
ErrorPage
Custom error page.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
StatusCode | Integer | Yes | Status code. supported values are 400, 403, 404, 405, 414, 416, 451, 500, 501, 502, 503, 504. |
RedirectURL | String | Yes | Redirect url. requires a full redirect path, such as https://www.test.com/error.html. |
ErrorPageParameters
Custom error page configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
ErrorPageParams | Array of ErrorPage | No | Custom error page configuration list. Note: this field may return null, which indicates a failure to obtain a valid value. |
ErrorPageReference
Custom error page's referenced source
Used by actions: DescribeCustomErrorPages.
Name | Type | Description |
---|---|---|
BusinessId | String | Referenced business ID, such as the custom block rule ID. |
ExceptConfig
Exception rules, which are used to bypass specific rules
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable configuration. Values:on : Enableoff : Disable |
ExceptUserRules | Array of ExceptUserRule | No | The settings of the exception rule. if it is null, the settings that were last configured will be used. |
ExceptUserRule
The settings of the exception rule
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
RuleName | String | Yes | The rule name. |
Action | String | Yes | The rule action. It only supports the value skip , which indicates skipping all managed rules. |
RuleStatus | String | Yes | The rule status. Values:on : Enabledoff : Disabled |
RuleID | Integer | No | The rule ID, which is automatically created and only used as an output parameter. |
UpdateTime | Timestamp ISO8601 | No | Last update time. if null, the underlying layer generates it using the current system time by default. |
ExceptUserRuleConditions | Array of ExceptUserRuleCondition | No | The matching condition. |
ExceptUserRuleScope | ExceptUserRuleScope | No | Scope where the rule takes effect. |
RulePriority | Integer | No | The rule priority. Value range: 0-100. If it is null, it defaults to 0. |
ExceptUserRuleCondition
The condition of the exception rule
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
MatchFrom | String | No | The field to match. Values:host : Request domain namesip : Client IPua : User-Agentcookie : Cookiecgi : CGI scriptxff : XFF headerurl : Request URLaccept : Request content typemethod : Request methodheader : Request headersip_proto : Network layer protocol |
MatchParam | String | No | The parameter of the field. Only when MatchFrom = header , the key contained in the header can be passed. |
Operator | String | No | The logical operator. Values:equal : String equalsnot_equal : Value not equalsinclude : String containsnot_include : String not containsmatch : IP matchesnot_match : IP not matchesinclude_area : Regions containis_empty : Value left emptynot_exists : Key fields not existregexp : Regex matcheslen_gt : Value greater thanlen_lt : Value smaller thanlen_eq : Value equalsmatch_prefix : Prefix matchesmatch_suffix : Suffix matcheswildcard : Wildcard |
MatchContent | String | No | The value of the parameter. |
ExceptUserRuleScope
The scope to which the exception rule applies
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Type | String | No | Exception mode. Values:complete : Skip the exception rule for full requests.partial : Skip the exception rule for partial requests. |
Modules | Array of String | No | Effective module. the field value can be:.waf : tencent cloud-managed rulesRate : rate limitacl : custom ruleCc : cc attack defenseBot : bot protection |
PartialModules | Array of PartialModule | No | Skip exception rule details for some rule ids. if null, use the last set configuration by default. |
SkipConditions | Array of SkipCondition | No | Details of the exception rule for skipping specific fields. if null, use the last set configuration by default. |
ExceptionRule
Web security exception rule.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Id | String | No | The ID of the exception rule. different rule configuration operations are supported by rule ID: |
Name | String | No | The name of the exception rule. |
Condition | String | No | Describes the specific content of the exception rule, which must comply with the expression grammar. for details, please refer to the product document. |
SkipScope | String | No | Exception rule execution options, valid values: |
SkipOption | String | No | Skip the specific type of request. valid values: |
WebSecurityModulesForException | Array of String | No | Specifies the security protection module for exception rules. valid only when SkipScope is WebSecurityModules. valid values: |
ManagedRulesForException | Array of String | No | Specifies the managed rule for the exception rule. valid only when SkipScope is ManagedRules. cannot specify ManagedRuleGroupsForException at this time. |
ManagedRuleGroupsForException | Array of String | No | A managed rule group with designated exception rules is valid only when SkipScope is ManagedRules, and at this point you cannot specify ManagedRulesForException. |
RequestFieldsForException | Array of RequestFieldsForException | No | Specify exception rules to skip request fields. valid only when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields. |
Enabled | String | No | Whether the exception rule is enabled. valid values: on : enableoff : disable |
ExceptionRules
Web security exception rules.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Rules | Array of ExceptionRule | No | Definition list of exception Rules. when using ModifySecurityPolicy to modify Web protection configuration: |
FailReason
Failure reason
Used by actions: CreatePrefetchTask, CreatePurgeTask.
Name | Type | Description |
---|---|---|
Reason | String | Failure reason. |
Targets | Array of String | List of resources failed to be processed. |
FileAscriptionInfo
Verification file, used to verify site ownership
Used by actions: DescribeIdentifications, IdentifyZone.
Name | Type | Description |
---|---|---|
IdentifyPath | String | Directory of the verification file. |
IdentifyContent | String | Content of the verification file. |
FileVerification
Information required for verifying via a file. It's applicable to sites connected via CNAMEs.
Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.
Name | Type | Description |
---|---|---|
Path | String | EdgeOne obtains the file verification information in the format of "Scheme + Host + URL Path", (e.g. https://www.example.com/.well-known/teo-verification/z12h416twn.txt). This field is the URL path section of the URL you need to create. |
Content | String | Content of the verification file. The contents of this field need to be filled into the text file returned by Path . |
Filter
Key-value pair filters for conditional filtering queries, such as filtering ID, name, and status.
If more than one filter exists, the logical relationship between these filters is AND
.
If multiple values exist in one filter, the logical relationship between these values under the same filter is OR
.
Used by actions: DescribeApplicationProxies, DescribeDefaultCertificates, DescribeFunctionRules, DescribeFunctions, DescribeHostsSetting, DescribeIdentifications, DescribeJustInTimeTranscodeTemplates, DescribeL4Proxy, DescribeL4ProxyRules, DescribeL7AccRules, DescribeLoadBalancerList, DescribeMultiPathGateways, DescribeOriginProtection, DescribePlans, DescribeRules.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Fields to be filtered. |
Values | Array of String | Yes | Value of the filtered field. |
FirstPartConfig
The configuration to detect slow attacks based on the transfer period the first 8 KB of requests
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Switch. valid values:.on : Enable; |
StatTime | Integer | No | The statistical period of the first segment packet is in seconds. expect the duration to be 5 seconds by default. |
FollowOrigin
Following origin server configuration for caching.
Used by actions: CreateL7AccRules, DescribeHostsSetting, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable the configuration of following the origin server. Valid values:on : Enableoff : Disable |
DefaultCache | String | No | Whether to cache when an origin server does not return the cache-control header. this field is required when switch is on; when switch is off, this field is not required and will be ineffective if filled. valid values:. |
DefaultCacheStrategy | String | No | Whether to use the default caching policy when an origin server does not return the cache-control header. this field is required when defaultcache is set to on; otherwise, it is ineffective. when defaultcachetime is not 0, this field should be off. valid values:. |
DefaultCacheTime | Integer | No | The default cache time in seconds when an origin server does not return the cache-control header. the value ranges from 0 to 315360000. this field is required when defaultcache is set to on; otherwise, it is ineffective. when defaultcachestrategy is on, this field should be 0. |
ForceRedirect
Forced HTTPS redirect configuration for access protocols.
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable force HTTPS redirect. Values:on : Enableoff : Disable |
RedirectStatusCode | Integer | No | Redirection status code. valid values:.301 : 301 redirect302 : 302 redirect |
ForceRedirectHTTPSParameters
Forced HTTPS redirect configuration for access protocols.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable forced redirect configuration switch. values:.On : enable;. |
RedirectStatusCode | Integer | No | Redirection status code. this field is required when switch is on; otherwise, it is not effective. valid values are:.301 : 301 redirect;302 : 302 redirect. |
Function
Details of an edge function.
Used by actions: DescribeFunctions.
Name | Type | Description |
---|---|---|
FunctionId | String | Function ID. |
ZoneId | String | Zone ID. |
Name | String | Function name. |
Remark | String | Function description. |
Content | String | Function content. |
Domain | String | Default domain name of a function. |
CreateTime | String | Creation time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard. |
UpdateTime | String | Modification time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard. |
FunctionEnvironmentVariable
Environment variables of an edge function
Used by actions: DescribeFunctionRuntimeEnvironment, HandleFunctionRuntimeEnvironment.
Name | Type | Required | Description |
---|---|---|---|
Key | String | Yes | Variable name, which should be unique and can only contain uppercase and lowercase letters, digits, and special characters including at signs (@), periods (.), hyphens (-), and underscores (_). Its maximum size is 64 bytes. |
Value | String | No | Variable value. Its maximum size is 5000 bytes. The default value is empty. |
Type | String | No | Variable type. Valid values: |
FunctionRule
Trigger rules for an edge function
Used by actions: DescribeFunctionRules.
Name | Type | Description |
---|---|---|
RuleId | String | Rule ID. |
FunctionRuleConditions | Array of FunctionRuleCondition | Rule condition list. There is an OR relationship between items in the list. |
FunctionId | String | Function ID, specifying a function executed when a trigger rule condition is met. |
Remark | String | Rule description. |
FunctionName | String | Function name. |
Priority | Integer | Priority of a trigger rule for a function. The larger the value, the higher the priority. |
CreateTime | Timestamp ISO8601 | Creation time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard. |
UpdateTime | Timestamp ISO8601 | Update time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard. |
FunctionRuleCondition
Condition of a trigger rule for an edge function.
Used by actions: CreateFunctionRule, DescribeFunctionRules, ModifyFunctionRule.
Name | Type | Required | Description |
---|---|---|---|
RuleConditions | Array of RuleCondition | Yes | Condition of a trigger rule for an edge function. This condition is considered met if all items in the list are met. |
GatewayRegion
Multi-Channel security gateway available region.
Used by actions: DescribeMultiPathGatewayRegions.
Name | Type | Description |
---|---|---|
RegionId | String | Region ID. |
CNName | String | Chinese region name. |
ENName | String | English name of the region. |
Grpc
Configuration of gRPC support
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable gRPC support. Valid values: on : Enable;off : Disable. |
GrpcParameters
gRPC configuration item.
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable grpc. values:.On : enable;. |
HSTSParameters
HSTS configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable hsts. values:.On : enable;. |
Timeout | Integer | No | Cache hsts header time, unit: seconds. value range: 1-31536000. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled. |
IncludeSubDomains | String | No | Whether to allow other subdomains to inherit the same hsts header. values:. |
Preload | String | No | Whether to allow the browser to preload the hsts header. valid values:. |
HTTP2Parameters
HTTP2 integration configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable http2 access. values:.On : enable;. |
HTTPResponseParameters
HTTP response configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
StatusCode | Integer | No | Response status code. supports 2xx, 4xx, 5xx, excluding 499, 514, 101, 301, 302, 303, 509, 520-599. |
ResponsePage | String | No | Response page id. |
HTTPUpstreamTimeoutParameters
Layer-7 origin-pull timeout configuration.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
ResponseTimeout | Integer | No | HTTP response timeout in seconds. value range: 5–600. |
Header
HTTP header, used as input for the CreatePrefetchTask API
Used by actions: CreatePrefetchTask, CreateRealtimeLogDeliveryTask, ModifyRealtimeLogDeliveryTask.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | HTTP header name. |
Value | String | Yes | HTTP header value |
HeaderAction
HTTP header setting rules.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | HTTP header setting methods. valid values are:.Set : sets a value for an existing header parameter;Del : deletes a header parameter;Add : adds a header parameter. |
Name | String | Yes | HTTP header name. |
Value | String | No | HTTP header value. this parameter is required when the action is set to set or add ; it is optional when the action is set to del . |
HealthChecker
LoadBalancer health check policy.
Used by actions: CreateLoadBalancer, DescribeLoadBalancerList, ModifyLoadBalancer.
Name | Type | Required | Description |
---|---|---|---|
Type | String | Yes | Health check policy. Valid values: Note: NoCheck means the health check policy is not enabled. |
Port | Integer | No | Check port, which is required when Type = HTTP, Type = HTTPS, Type = TCP, or Type = UDP. |
Interval | Integer | No | Check frequency, in seconds. It indicates how often a health check task is initiated. Valid values: 30, 60, 180, 300, 600. |
Timeout | Integer | No | Timeout for each health check, in seconds. If the health check time exceeds this value, the check result is determined as "unhealthy". The default value is 5s, and the value should be less than Interval. |
HealthThreshold | Integer | No | Healthy state threshold, in the number of times. It indicates that if the consecutive health check results are "healthy" for a certain number of times, an origin server is considered "healthy". The default value is 3 times, with the minimum value of 1 time. |
CriticalThreshold | Integer | No | Unhealthy state threshold, in the number of times. It indicates that if the consecutive health check results are "unhealthy" for a certain number of times, an origin server is considered "unhealthy". The default value is 2 times. |
Path | String | No | Probe path. This parameter is valid only when Type = HTTP or Type = HTTPS. It needs to include the complete host/path and should not contain a protocol, for example, www.example.com/test. |
Method | String | No | Request method. This parameter is valid only when Type = HTTP or Type = HTTPS. Valid values: |
ExpectedCodes | Array of String | No | The status codes used to determine that the probe result is healthy when the probe node initiates a health check to an origin server. This parameter is valid only when Type = HTTP or Type = HTTPS. |
Headers | Array of CustomizedHeader | No | The custom HTTP request header carried by a probe request, with a maximum value of 10. This parameter is valid only when Type = HTTP or Type = HTTPS. |
FollowRedirect | String | No | Whether to follow 301/302 redirect. When enabled, 301/302 is considered a "healthy" status code, redirecting 3 times by default. This parameter is valid only when Type = HTTP or Type = HTTPS. |
SendContext | String | No | The content sent by a health check. Only ASCII visible characters are allowed, with up to 500 characters. This parameter is valid only when Type = UDP. |
RecvContext | String | No | The expected return result from an origin server during health check. Only ASCII visible characters are allowed, with up to 500 characters. This parameter is valid only when Type = UDP. |
HostHeaderParameters
Host Header Rewrite configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | No | Action to be executed. values:.Custom : custom |
ServerName | String | No | Host header rewrite requires a complete domain name. note: this field is required when switch is on; when switch is off, this field is not required and any value will be ignored. |
HostName
Access URL redirect HostName configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | No | Target hostname configuration, valid values are:.Follow : follow the request;Custom : custom |
Value | String | No | Custom value for target hostname, maximum length is 1024. note: when action is custom, this field is required; when action is follow, this field is not effective. |
Hsts
HSTS configuration
Used by actions: DescribeHostsSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable the configuration. Values:on : Enableoff : Disable |
MaxAge | Integer | No | MaxAge value. expressed in seconds, maximum value is 1 day. |
IncludeSubDomains | String | No | Specifies whether the subdomain is included. valid values:.on : Enable; |
Preload | String | No | Whether to enable preloading. valid values:.on : Enable; |
HttpDDoSProtection
HTTP DDOS protection configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
AdaptiveFrequencyControl | AdaptiveFrequencyControl | No | Specifies the specific configuration of adaptive frequency control. |
ClientFiltering | ClientFiltering | No | Specifies the intelligent client filter configuration. |
BandwidthAbuseDefense | BandwidthAbuseDefense | No | Specifies the specific configuration for bandwidth abuse protection. |
SlowAttackDefense | SlowAttackDefense | No | Specifies the configuration of slow attack protection. |
Https
Domain name HTTPS acceleration configuration. This is disabled by default.
Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Http2 | String | No | http2 configuration switch. valid values:.on : Enable; |
OcspStapling | String | No | OCSP configuration switch. valid values:.on : Enable; |
TlsVersion | Array of String | No | Tls version settings, valid values:.TLSv1 : tlsv1 version;TLSV1.1 : TLSV1.1 version; |
Hsts | Hsts | No | HSTS Configuration Note: This field may return null, indicating that no valid values can be obtained. |
CertInfo | Array of ServerCertInfo | No | The certificate configuration. Note: This field may return null, indicating that no valid values can be obtained. |
ApplyType | String | No | Application type. valid values:.apply : managed by EdgeOne.none : not managed by EdgeOne.none is used. |
CipherSuite | String | No | The cipher suite, with valid values:. |
IPExpireInfo
Stores the scheduled expiration time and corresponding IP.
Used by actions: CreateSecurityIPGroup, DescribeSecurityIPGroup, DescribeSecurityIPGroupInfo, ModifySecurityIPGroup.
Name | Type | Required | Description |
---|---|---|---|
ExpireTime | Timestamp ISO8601 | No | Scheduled expiration time, following the ISO 8601 standard date and time format, such as "2022-01-01T00:00:00+08:00". |
IPList | Array of String | No | IP list. supports ip and ip range. |
IPGroup
IP range group
Used by actions: CreateSecurityIPGroup, DescribeSecurityIPGroup, DescribeSecurityIPGroupInfo, ModifySecurityIPGroup.
Name | Type | Required | Description |
---|---|---|---|
GroupId | Integer | Yes | Group ID. Enter 0 . |
Name | String | Yes | Group name. |
Content | Array of String | Yes | IP group content, supports ip and ip range. |
IPTotalCount | Integer | No | Number of ips or ranges in effect in the IP group. valid as an output parameter, no need to specify this field as an input parameter. |
IPExpireInfo | Array of IPExpireInfo | No | Specifies the scheduled expiration information of the IP. Specifies the IP address or IP range configuration with scheduled expiration time as an input parameter. As an output parameter, contains the following two categories of information. |
IPRegionInfo
IP location information query
Used by actions: DescribeIPRegion.
Name | Type | Description |
---|---|---|
IP | String | IP address, IPV4 or IPV6. |
IsEdgeOneIP | String | Whether the IP belongs to an EdgeOne node. Valid values: |
IPWhitelist
Intermediate IPs
Used by actions: DescribeOriginProtection.
Name | Type | Description |
---|---|---|
IPv4 | Array of String | List of IPv4 addresses |
IPv6 | Array of String | List of IPv6 addresses |
IPv6Parameters
IPv6 access configuration.
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable ipv6 access functionality. valid values:.On : enable ipv6 access;Off : disable ipv6 access feature. |
Identification
The site verification information
Used by actions: DescribeIdentifications.
Name | Type | Description |
---|---|---|
ZoneName | String | The site name. |
Domain | String | The subdomain name to be verified. to verify the ownership of a site, leave it blank. |
Status | String | The verification status. Values:pending : The verification is ongoing.finished : The verification completed. |
Ascription | AscriptionInfo | Details of the DNS record. |
OriginalNameServers | Array of String | Specifies the current NS record of the domain name. |
FileAscription | FileAscriptionInfo | Details of the verification file. |
ImageOptimize
Image optimization configuration.
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable configuration. Values: on : Enableoff : Disable |
IntelligenceRule
Bot intelligence rules
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Switch. valid values:.on : Enable; |
IntelligenceRuleItems | Array of IntelligenceRuleItem | No | Specifies the rule detail. |
IntelligenceRuleItem
Bot intelligence rule items
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Label | String | Yes | The tag to categorize bots. Values:evil_bot : Malicious botsuspect_bot : Suspected botgood_bot : Good botnormal : Normal request |
Action | String | Yes | The action taken on bots. Valuesdrop : Blocktrans : Allowalg : JavaScript challengecaptcha : Managed challengemonitor : Observe |
IpTableConfig
IP/Region blocklist/allowlist configuration
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Switch. valid values:.on : Enable; |
IpTableRules | Array of IpTableRule | No | Basic control rules. if null, historical configuration is used by default. |
IpTableRule
IP blocklist/allowlist rule details
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | The action. Values:drop : Blocktrans : Allowmonitor : Observe |
MatchFrom | String | Yes | The matching dimension. Values:ip : Match by IP.area : Match by IP region. |
Operator | String | No | Matching method. It defaults to equal if it’s left empty.Values: is_empty : The field is empty.not_exists : The configuration item does not exist.include : Includenot_include : Do not includeequal : Equal tonot_equal : Not equal toNote: This field may return null, indicating that no valid values can be obtained. |
RuleID | Integer | No | The rule ID, which is only used as an output parameter. |
UpdateTime | Timestamp ISO8601 | No | The update time, which is only used as an output parameter. |
Status | String | No | The rule status. A null value indicates that the rule is enabled. Values:on : Enabledoff : DisabledNote: This field may return null, indicating that no valid values can be obtained. |
RuleName | String | No | Specifies the rule name. |
MatchContent | String | No | Matching content. It’s not required when Operator is is_emty or not_exists . |
Ipv6
The IPv6 access configuration.
Used by actions: CreateApplicationProxy, DescribeApplicationProxies, DescribeHostsSetting, DescribeZoneSetting, ModifyApplicationProxy, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable IPv6 access. Valid values: on : Enable;off : Disable. |
JITVideoProcess
Just-in-time media processing configuration.
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Just-in-time media processing configuration switch. Valid values: |
JSInjectionRule
JavaScript injection rule.
Used by actions: CreateSecurityJSInjectionRule, DescribeSecurityJSInjectionRule, ModifySecurityJSInjectionRule.
Name | Type | Required | Description |
---|---|---|---|
RuleId | String | No | Rule ID. |
Name | String | No | Rule name |
Priority | Integer | No | Rule priority. a smaller value indicates higher priority execution. value range: 0-100. default value is 0. |
Condition | String | No | Specifies the match condition content, which must comply with the expression grammar. please refer to the product document for detailed requirements. |
InjectJS | String | No | JavaScript injection option. default value: run-attestations. valid values:. |
JustInTimeTranscodeTemplate
Just-In-Time transcoding template description.
Used by actions: DescribeJustInTimeTranscodeTemplates.
Name | Type | Description |
---|---|---|
TemplateId | String | Unique identifier of the instant transcoding template. |
TemplateName | String | Specifies the transcoding template name. |
Comment | String | Template description information. |
Type | String | Template type. valid values: |
VideoStreamSwitch | String | Enable video stream. valid values: |
AudioStreamSwitch | String | Enable audio stream. valid values: |
VideoTemplate | VideoTemplateInfo | Video stream configuration parameters. this field is valid only when VideoStreamSwitch is on. |
AudioTemplate | AudioTemplateInfo | Audio stream configuration parameters. specifies this field is valid only when AudioStreamSwitch is on. |
CreateTime | String | Template creation time. uses ISO date format. |
UpdateTime | String | Template last modified time. uses ISO date format. |
L4OfflineLog
The L7 log details
Used by actions: DownloadL4Logs.
Name | Type | Description |
---|---|---|
ProxyId | String | L4 proxy instance ID. |
Area | String | Log query area. Valid values:mainland : Chinese mainland;overseas : Global (outside the Chinese mainland). |
LogPacketName | String | Log packet name. |
Url | String | Log download address. |
LogTime | Integer | (Disused) Log packaging time. |
LogStartTime | Timestamp ISO8601 | Start time of log packaging. |
LogEndTime | Timestamp ISO8601 | End time of the log package. |
Size | Integer | Log size (in bytes). |
L4Proxy
Layer 4 proxy instance.
Used by actions: DescribeL4Proxy.
Name | Type | Required | Description |
---|---|---|---|
ZoneId | String | No | Zone ID. |
ProxyId | String | No | Layer 4 proxy instance ID. |
ProxyName | String | No | Layer 4 proxy instance name. |
Area | String | No | Acceleration zone of the Layer 4 proxy instance. |
Cname | String | No | Access via CNAME. |
Ips | Array of String | No | After the fixed IP address is enabled, this value will return the corresponding access IP address; if it is not enabled, this value will be empty. |
Status | String | No | Status of the Layer 4 proxy instance. |
Ipv6 | String | No | Specifies whether to enable IPv6 access. |
StaticIp | String | No | Specifies whether to enable the fixed IP address. |
AccelerateMainland | String | No | Specifies whether to enable network optimization in the Chinese mainland. |
DDosProtectionConfig | DDosProtectionConfig | No | Security protection configuration. Note: This field may return null, indicating that no valid value can be obtained. |
L4ProxyRuleCount | Integer | No | Number of forwarding rules under the Layer 4 proxy instance. |
UpdateTime | Timestamp ISO8601 | No | Latest modification time. |
L4ProxyRemoteAuth
L4 remote authentication information.
Used by actions: CreateL4ProxyRules, DescribeL4ProxyRules, ModifyL4ProxyRules.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable L4 remote authentication. Valid values: |
Address | String | Yes | Remote authentication service address, in the format of domain/ip:port, such as example.auth.com:8888. |
ServerFaultyBehavior | String | Yes | Default origin-pull behavior based on L4 forwarding rules after the remote authentication service is disabled. Valid values: |
L4ProxyRule
Details of Layer 4 proxy forwarding rules.
Used by actions: CreateL4ProxyRules, DescribeL4ProxyRules, ModifyL4ProxyRules.
Name | Type | Required | Description |
---|---|---|---|
RuleId | String | No | Forwarding rule ID. Note: Do not fill in this parameter when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it must be filled in when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. |
Protocol | String | No | Forwarding protocol. Valid values: Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
PortRange | Array of String | No | Forwarding port, which can be set as follows: Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
OriginType | String | No | Origin server type. Valid values: Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
OriginValue | Array of String | No | Origin server address. Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
OriginPortRange | String | No | Origin server port, which can be set as follows: Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
ClientIPPassThroughMode | String | No | Transmission of the client IP address. Valid values: Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules, and if not specified, the default value OFF will be used; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
SessionPersist | String | No | Specifies whether to enable session persistence. Valid values: Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules, and if not specified, the default value off will be used; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
SessionPersistTime | Integer | No | Session persistence period, with a range of 30-3600, measured in seconds. Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules. It is valid only when SessionPersist is set to on and defaults to 3600 if not specified. It is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
RuleTag | String | No | Rule tag. Accepts 1-50 arbitrary characters. Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value. |
Status | String | No | Rule status. Valid values: Note: Do not set this parameter when L4ProxyRule is used as an input parameter in CreateL4ProxyRules and ModifyL4ProxyRules. |
BuId | String | No | BuID. |
RemoteAuth | L4ProxyRemoteAuth | No | Remote authentication information. Note: RemoteAuth cannot be used as an input parameter in CreateL4ProxyRules or ModifyL4ProxyRules. If this parameter is input, it will be ignored. If the returned data of DescribeL4ProxyRules is empty, it indicates that remote authentication is disabled. Note: This field may return null, which indicates a failure to obtain a valid value. |
L7OfflineLog
Details of L7 logs.
Used by actions: DownloadL7Logs.
Name | Type | Description |
---|---|---|
Domain | String | Log domain name. |
Area | String | Log query area. Valid values:mainland : Chinese mainland;overseas : Global (outside the Chinese mainland). |
LogPacketName | String | Log packet name. |
Url | String | Log download address. |
LogTime | Integer | (Disused) Log packaging time. |
LogStartTime | Timestamp ISO8601 | Start time of log packaging. |
LogEndTime | Timestamp ISO8601 | End time of the log package. |
Size | Integer | Original log size (in bytes). |
LoadBalancer
LoadBalancer information.
Used by actions: DescribeLoadBalancerList.
Name | Type | Description |
---|---|---|
InstanceId | String | LoadBalancer ID. |
Name | String | LoadBalancer name, which can contain 1 to 200 characters, including a-z, A-Z, 0-9, underscores (_), and hyphens (-). |
Type | String | LoadBalancer type. Valid values: |
HealthChecker | HealthChecker | Health check policy. For details, refer to Health Check Policies. |
SteeringPolicy | String | Traffic scheduling policy among origin server groups. Valid values: |
FailoverPolicy | String | Request retry policy when access to an origin server fails. For details, refer to Introduction to Request Retry Strategy. Valid values: |
OriginGroupHealthStatus | Array of OriginGroupHealthStatus | Origin server group health status. |
Status | String | LoadBalancer status. Valid values: |
L4UsedList | Array of String | Specifies the list of l4 proxy instances bound to the load balancing instance. |
L7UsedList | Array of String | List of Layer-7 domain names bound to a LoadBalancer. |
LogFormat
Output format for real-time log delivery. You can directly use the specified predefined log output format (JSON Lines / csv) through the FormatType parameter, or define a variant output format through additional parameters based on the predefined log output format.
Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.
Name | Type | Required | Description |
---|---|---|---|
FormatType | String | Yes | Predefined output format for log shipping. Valid values: |
BatchPrefix | String | No | A string added before each log delivery batch. Each log delivery batch may contain multiple log records. |
BatchSuffix | String | No | A string appended after each log delivery batch. |
RecordPrefix | String | No | A string added before each log record. |
RecordSuffix | String | No | A string appended after each log record. |
RecordDelimiter | String | No | A string inserted between log records as a separator. Valid values: |
FieldDelimiter | String | No | A string inserted between fields as a separator within a single log record. Valid values: |
ManagedRuleAction
Action for specific RuleId.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
RuleId | String | Yes | Specific items under ManagedRuleGroup, used to rewrite the configuration of this individual rule item, refer to product documentation for details. |
Action | SecurityAction | Yes | Action for the managed rule item specified by RuleId, the SecurityAction Name parameter supports: Deny : block and respond with an block page;Monitor : observe, do not process the request and record the security event in logs;Disabled : disabled, do not scan the request and skip this rule. |
ManagedRuleAutoUpdate
Managed rule automatic update option.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
AutoUpdateToLatestVersion | String | Yes | Enable automatic update to the latest version or not. Values: on : enabledoff : disabled |
RulesetVersion | String | No | Current version, compliant with ISO 8601 standard format, such as 2023-12-21T12:00:32Z, empty by default, output parameter only. |
ManagedRuleDetail
Managed rule detail.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
RuleId | String | No | Managed rule Id. |
RiskLevel | String | No | Protection level of managed rules. Values: low : low risk, this rule has a relatively low risk and is applicable to very strict access scenarios, this level of rule may generate considerable false alarms.medium : medium risk, this means the risk of this rule is normal and is suitable for protection scenarios with stricter requirements.high : high risk, this indicates that the risk of this rule is relatively high and will not generate false alarms in most scenarios.extreme : ultra-high risk. this represents that the risk of this rule is extremely high and will not generate false alarms basically. |
Description | String | No | Rule description. |
Tags | Array of String | No | Rule tag. Some types of rules do not have tags. |
RuleVersion | String | No | Rule version. |
ManagedRuleGroup
Managed rule group configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
GroupId | String | Yes | Name of the managed rule group, if the configuration for the rule group is not specified, it will be processed by default, refer to product documentation for the specific value of GroupId. |
SensitivityLevel | String | Yes | Protection level of the managed rule group. Values: loose : lenient, only contain ultra-high risk rules, at this point, Action parameter needs configured instead of RuleActions parameter;normal : normal, contain ultra-high risk and high-risk rules, at this point,Action parameter needs configured instead of RuleActions parameter;strict : strict, contains ultra-high risk, high-risk and medium-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter;extreme : super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter;custom : custom, refined strategy, configure the RuleActions parameter for each individual rule, at this point, the Action field is invalid, use RuleActions to configure the refined strategy for each individual rule. |
Action | SecurityAction | Yes | Action for ManagedRuleGroup. the Name parameter value of SecurityAction supports: Deny : block and respond with a block page;Monitor : observe, do not process requests and record security events in logs;Disabled : not enabled, do not scan requests and skip this rule. |
RuleActions | Array of ManagedRuleAction | No | Specific configuration of rule items under the managed rule group, valid only when SensitivityLevel is custom. |
MetaData | ManagedRuleGroupMeta | No | ManagedRuleGroup detailed information, output parameter only. |
ManagedRuleGroupMeta
Managed rule group meta information.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
GroupDetail | String | No | ManagedRuleGroup detailed information, output parameter only. |
GroupName | String | No | ManagedRuleGroup name, output parameter only. |
RuleDetails | Array of ManagedRuleDetail | No | All sub-rules information under current ManagedRuleGroup, output parameter only. |
ManagedRules
Managed rules configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Enabled | String | Yes | The managed rule status. Values: on : enabled, all managed rules take effect as configured;off : disabled, all managed rules do not take effect. |
DetectionOnly | String | Yes | Evaluation mode is enabled or not, it is valid only when the Enabled parameter is set to on . Values: on : enabled, all managed rules take effect in observe mode. |
SemanticAnalysis | String | No | Managed rule semantic analysis is enabled or not, it is valid only when the Enabled parameter is on . Values: on : enabled, perform semantic analysis before processing requests;off : disabled, process requests directly without semantic analysis.The default value is off . |
AutoUpdate | ManagedRuleAutoUpdate | No | Managed rule automatic update option. |
ManagedRuleGroups | Array of ManagedRuleGroup | No | Configuration of the managed rule group. If this structure is passed as an empty array or the GroupId is not included in the array, it will be processed based by default. |
MaxAge
Browser cache rule configuration, which is used to set the default value of MaxAge
and is disabled by default.
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
FollowOrigin | String | No | Whether to follow the origin server. Values:on : Follow the origin server and ignore the field MaxAgeTime;off : Do not follow the origin server and apply the field MaxAgeTime. |
MaxAgeTime | Integer | No | Specifies the maximum amount of time (in seconds). The maximum value is 365 days. Note: The value 0 means not to cache. |
MaxAgeParameters
Browser Cache TTL configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
FollowOrigin | String | No | Specifies whether to follow the origin server cache-control configuration, with the following values:.On : follow the origin server and ignore the field cachetime;Off : do not follow the origin server and apply the field cachetime. |
CacheTime | Integer | No | Custom cache time value, unit: seconds. value range: 0-315360000. note: when followorigin is off, it means not following the origin server and using cachetime to set the cache time; otherwise, this field will not take effect. |
MinimalRequestBodyTransferRate
Minimum minimum body transfer rate threshold configuration. ```.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
MinimalAvgTransferRateThreshold | String | Yes | Minimum body transfer rate threshold, the measurement unit is only supported in bps. |
CountingPeriod | String | Yes | Minimum body transfer rate statistical time range, valid values: |
Enabled | String | Yes | Specifies whether the minimum body transfer rate threshold is enabled. valid values: |
ModifyOriginParameters
Modifying origin server configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
OriginType | String | No | The origin type. values:. |
Origin | String | No | Origin server address, which varies according to the value of origintype:. |
OriginProtocol | String | No | Origin-Pull protocol configuration. this parameter is required when origintype is ipdomain, origingroup, or loadbalance. valid values are:. |
HTTPOriginPort | Integer | No | The HTTP origin port, value ranges from 1 to 65535. this parameter is required when the origin-pull protocol OriginProtocol is HTTP or follow. |
HTTPSOriginPort | Integer | No | The HTTPS origin port, value ranges from 1 to 65535. this parameter is required when the origin-pull protocol OriginProtocol is HTTPS or follow. |
PrivateAccess | String | No | Specifies whether access to the private object storage origin server is allowed. this parameter is required when the origin server type OriginType is COS or AWSS3. valid values:. |
PrivateParameters | OriginPrivateParameters | No | Private authentication parameter. this parameter is valid only when origintype = awss3 and privateaccess = on. Note: this field may return null, which indicates a failure to obtain a valid value. |
ModifyRequestHeaderParameters
Modify HTTP request header configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
HeaderActions | Array of HeaderAction | No | List of http header setting rules. Note: this field may return null, which indicates a failure to obtain a valid value. |
ModifyResponseHeaderParameters
Modify HTTP node response header configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
HeaderActions | Array of HeaderAction | No | HTTP origin-pull header rules list. Note: this field may return null, which indicates a failure to obtain a valid value. |
MultiPathGateway
Multi-Channel security gateway details.
Used by actions: DescribeMultiPathGateway, DescribeMultiPathGateways.
Name | Type | Description |
---|---|---|
GatewayId | String | Specifies the gateway ID. |
GatewayName | String | Gateway name. |
GatewayType | String | Gateway type. valid values: |
GatewayPort | Integer | Gateway port. value range: 1-65535 (excluding 8888). |
Status | String | Gateway status. valid values: |
GatewayIP | String | Gateway IP, in IPv4 format. |
RegionId | String | Gateway region Id. which can be obtained from the DescribeMultiPathGatewayRegions API. |
Lines | Array of MultiPathGatewayLine | Line information. The line information will be returned when querying gateway information with DescribeMultiPathGateway ande not returned when querying the gateway list with DescribeMultiPathGateways. |
MultiPathGatewayLine
Multi-Channel security gateway line information.
Used by actions: DescribeMultiPathGateway, DescribeMultiPathGatewayLine, DescribeMultiPathGateways.
Name | Type | Description |
---|---|---|
LineId | String | line ID. where line-0 and line-1 are system-reserved IDs. valid values: |
LineType | String | Line type. valid values: |
LineAddress | String | Line address in the format host:port. |
ProxyId | String | Layer-4 proxy instance ID,returned only when the LineType value is proxy (EdgeOne layer-4 proxy). |
RuleId | String | Forwarding rule ID. returned only when the LineType value is proxy (EdgeOne layer-4 proxy). |
MutualTLS
Used by actions: DescribeAccelerationDomains, ModifyHostsCertificate.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | |
CertInfos | Array of CertificateInfo | No | Mutual authentication certificate list. Note: When using MutualTLS as an input parameter in ModifyHostsCertificate, you only need to provide the CertId of the corresponding certificate. You can check the CertId from the SSL Certificate List. |
NextOriginACL
When origin ACLs are updated, this field will be returned with the next version of the IP range to take effect, including a comparison with the currently effective IP range.
Used by actions: DescribeOriginACL.
Name | Type | Required | Description |
---|---|---|---|
Version | String | No | Version number. |
PlannedActiveTime | String | No | Version effective time, which adopts UTC+8 and follows the date and time format of the ISO 8601 standard. |
EntireAddresses | Addresses | No | IP range details. |
AddedAddresses | Addresses | No | The latest origin IP range newly-added compared with the origin IP range in CurrentOrginACL. |
RemovedAddresses | Addresses | No | The latest origin IP range deleted compared with the origin IP range in CurrentOrginACL. |
NoChangeAddresses | Addresses | No | The latest origin IP range is unchanged compared with the origin IP range in CurrentOrginACL. |
NoCache
No-cache configuration
Used by actions: CreateL7AccRules, DescribeHostsSetting, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable no-cache configuration. Valid values:on : Enableoff : Disable |
NormalAction
Common action of the rule engine
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | Feature name. For details, see DescribeRulesSetting API |
Parameters | Array of RuleNormalActionParams | Yes | Parameter |
NsVerification
Information required for switching DNS servers. It's applicable to sites connected via NSs.
Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.
Name | Type | Description |
---|---|---|
NameServers | Array of String | The DNS server address assigned to the user when connecting a site to EO via NS. You need to switch the NameServer of the domain name to this address. |
OCSPStaplingParameters
OCSP stapling configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable ocsp stapling configuration switch. values:.On : enable;. |
OfflineCache
Offline cache feature status switch.
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether offline cache is enabled. Valid values:on : Enableoff : Disable |
OfflineCacheParameters
Offline cache feature status switch.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable offline caching. values:.On : enable;. |
Origin
The origin server configuration.
Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Origins | Array of String | No | Origin server list. |
BackupOrigins | Array of String | No | Backup origin list. |
OriginPullProtocol | String | No | Origin server protocol configuration. valid values:.Follow : follow protocol. |
CosPrivateAccess | String | No | When the origin is tencent cloud COS, whether it is a private access bucket. valid values:.on : private network access;off : public access. |
OriginACLEntity
Instances that require configuration origin ACLs.
Used by actions: ModifyOriginACL.
Name | Type | Required | Description |
---|---|---|---|
Type | String | Yes | Instance type. Valid values: -l7: L7 acceleration domain; -l4: L4 proxy instance. |
Instances | Array of String | Yes | Instance detail. Valid values: -When Type = l7, please enter the L7 acceleration domain. -When Type = l4, please enter the L4 proxy instance ID. |
OperationMode | String | Yes | Operation mode. Valid values:. - enable: enabled L7/L4 instances. - disable: disable L7/L4 instances. |
OriginACLInfo
The binding relationship between L7 acceleration domains/L4 proxy instances and origin IP ranges, as well as origin IP range details.
Used by actions: DescribeOriginACL.
Name | Type | Required | Description |
---|---|---|---|
L7Hosts | Array of String | No | The list of L7 accelerated domains that enable the origin ACLs. This field is empty when origin protection is not enabled. |
L4ProxyIds | Array of String | No | The list of L4 proxy instances that enable the origin ACLs. This field is empty when origin protection is not enabled. |
CurrentOriginACL | CurrentOriginACL | No | Currently effective origin ACLs. This field is empty when origin protection is not enabled. Note: This field may return null, which indicates a failure to obtain a valid value. |
NextOriginACL | NextOriginACL | No | When the origin ACLs are updated, this field will be returned with the next version's origin IP range to take effect, including a comparison with the current origin IP range. This field is empty if not updated or origin protection is not enabled. Note: This field may return null, which indicates a failure to obtain a valid value. |
Status | String | No | Origin protection status. Vaild values: - online: in effect; - offline: disabled; - updating: configuration deployment in progress. |
OriginDetail
Details of the origin.
Used by actions: DescribeAccelerationDomains.
Name | Type | Description |
---|---|---|
OriginType | String | Origin server type. Valid values: |
Origin | String | Origin server address, which varies with the value of OriginType: |
BackupOrigin | String | Secondary origin group ID. This parameter is valid only when OriginType is ORIGIN_GROUP and a secondary origin group is configured. |
OriginGroupName | String | Primary origin group name. This parameter returns a value when OriginType is ORIGIN_GROUP. |
BackOriginGroupName | String | Secondary origin group name. This parameter is valid only when OriginType is ORIGIN_GROUP and a secondary origin group is configured. |
PrivateAccess | String | Whether access to the private object storage origin server is allowed. This parameter is valid only when the origin server type OriginType is COS or AWS_S3. Valid values: If this field is not specified, the default value 'off' will be used. |
PrivateParameters | Array of PrivateParameter | Private authentication parameter. This parameter is valid only when PrivateAccess is on. Note: This field may return null, indicating that no valid values can be obtained. |
HostHeader | String | Specifies the current configuration of the origin-pull HOST header. |
VodOriginScope | String | VOD origin-pull range. this parameter returns a value when OriginType = VOD. valid values: |
VodBucketId | String | VOD bucket ID. this parameter is required when OriginType = VOD and VodOriginScope = bucket. data source: storage ID of the bucket under the VOD professional application. |
OriginGroup
Origin group information.
Used by actions: DescribeOriginGroup.
Name | Type | Description |
---|---|---|
GroupId | String | The ID of the origin group. |
Name | String | The name of the origin group. |
Type | String | The origin group type. Values:GENERAL : General origin groupHTTP : HTTP-specific origin group |
Records | Array of OriginRecord | Details of the origin record. |
References | Array of OriginGroupReference | List of instances referencing this origin group. |
CreateTime | Timestamp ISO8601 | Creation time of the origin group. |
UpdateTime | Timestamp ISO8601 | The update time of the origin group. |
HostHeader | String | Specifies the origin-pull Host Header. |
OriginGroupHealthStatus
Origin server group health status.
Used by actions: DescribeLoadBalancerList.
Name | Type | Description |
---|---|---|
OriginGroupID | String | Origin server group ID. |
OriginGroupName | String | Origin server group name. |
OriginType | String | Origin server group type. Valid values: |
Priority | String | Priority. |
OriginHealthStatus | Array of OriginHealthStatus | Health status of each origin server in an origin server group. |
OriginGroupHealthStatusDetail
Details of origin server group health status.
Used by actions: DescribeOriginGroupHealthStatus.
Name | Type | Description |
---|---|---|
OriginGroupId | String | Origin server group ID. |
OriginHealthStatus | Array of OriginHealthStatus | The health status of each origin server in an origin server group, which is comprehensively decided based on the results of all detection regions. If more than half of the regions determine that the origin server is unhealthy, the corresponding status is unhealthy; otherwise, it is healthy. |
CheckRegionHealthStatus | Array of CheckRegionHealthStatus | Health status of origin servers in each health check region. |
OriginGroupInLoadBalancer
The origin server groups that need to be bound in a LoadBalancer and their priorities.
Used by actions: CreateLoadBalancer, ModifyLoadBalancer.
Name | Type | Required | Description |
---|---|---|---|
Priority | String | Yes | Priority, in the format of "priority_" + "number". The highest priority is "priority_1". Reference values: |
OriginGroupId | String | Yes | Origin server group ID. |
OriginGroupReference
Services referencing this origin group
Used by actions: DescribeOriginGroup.
Name | Type | Description |
---|---|---|
InstanceType | String | Services referencing the origin group. Values:AccelerationDomain : Acceleration domain nameRuleEngine : Rules engineLoadbalance : Load balancerApplicationProxy : L4 proxy |
InstanceId | String | ID of the instances referencing the origin group |
InstanceName | String | Name of the instance referencing the origin group |
OriginHealthStatus
Health status of origin servers in an origin server group.
Used by actions: DescribeLoadBalancerList, DescribeOriginGroupHealthStatus.
Name | Type | Description |
---|---|---|
Origin | String | Origin server. |
Healthy | String | Origin server health status. Valid values: |
OriginInfo
Details of the origin.
Used by actions: CreateAccelerationDomain, ModifyAccelerationDomain.
Name | Type | Required | Description |
---|---|---|---|
OriginType | String | Yes | Origin server type, with values: |
Origin | String | Yes | Origin server address, which varies according to the value of OriginType: |
BackupOrigin | String | No | The ID of the secondary origin group. This parameter is valid only when OriginType is ORIGIN_GROUP. This field indicates the old version capability, which cannot be configured or modified on the control panel after being called. Please submit a ticket if required. |
PrivateAccess | String | No | Whether access to the private Cloud Object Storage origin server is allowed. This parameter is valid only when OriginType is COS or AWS_S3. Valid values: If it is not specified, the default value is off. |
PrivateParameters | Array of PrivateParameter | No | Private authentication parameter. This parameter is valid only when PrivateAccess is on. |
HostHeader | String | No | Custom origin server HOST header. this parameter is valid only when OriginType=IP_DOMAIN.If the OriginType is another type of origin, this parameter does not need to be passed in, otherwise an error will be reported. If OriginType is COS or AWS_S3, the HOST header for origin-pull will remain consistent with the origin server domain name. If OriginType is ORIGIN_GROUP, the HOST header follows the ORIGIN site GROUP configuration. if not configured, it defaults to the acceleration domain name. If OriginType is VOD or SPACE, no configuration is required for this header, and the domain name takes effect based on the corresponding origin. |
VodOriginScope | String | No | VOD origin-pull scope. this parameter is valid only when OriginType = VOD. valid values: |
VodBucketId | String | No | VOD bucket ID. this parameter is required when OriginType = VOD and VodOriginScope = bucket. data source: storage ID of the bucket under the VOD professional edition application. |
OriginPrivateParameters
Private authentication parameters for Cloud Object Storage origin server.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
AccessKeyId | String | Yes | Authentication parameter access key id. |
SecretAccessKey | String | Yes | Authentication parameter secret access key. |
SignatureVersion | String | Yes | Authentication version. values:. |
Region | String | No | Region of the bucket. |
OriginProtectionInfo
Origin protection configuration
Used by actions: DescribeOriginProtection.
Name | Type | Description |
---|---|---|
ZoneId | String | ID of the site. |
Hosts | Array of String | List of domain names. |
ProxyIds | Array of String | List of proxy IDs. |
CurrentIPWhitelist | IPWhitelist | The existing intermediate IPs. Note: This field may return null , indicating that no valid values can be obtained. |
NeedUpdate | Boolean | Whether the intermediate IP update is needed for the site. Values:true : Update needed;false : Update not needed. |
Status | String | Status of the origin protection configuration. Values:online : Origin protection is activated;offline : Origin protection is disabled.nonactivate : Origin protection is not activated. This value is returned only when the feature is not activated before it’s used. |
PlanSupport | Boolean | Whether origin protection is supported in the plan. Values:true : Origin protection supported;false : Origin protection not supported. |
DiffIPWhitelist | DiffIPWhitelist | Differences between the latest and existing intermediate IPs. Note: This field may return null , indicating that no valid values can be obtained. |
OriginRecord
Origin group record
Used by actions: CreateOriginGroup, DescribeOriginGroup, ModifyOriginGroup.
Name | Type | Required | Description |
---|---|---|---|
Record | String | Yes | The origin record value, which can be an IPv4/IPv6 address or a domain name. |
Type | String | No | The origin type. Values:IP_DOMAIN : IPv4/IPv6 address or domain nameCOS : COS bucket addressAWS_S3 : AWS S3 bucket address |
RecordId | String | No | The origin record ID. |
Weight | Integer | No | Weight of an origin. Range: 0-100. If it is not specified, a random weight is assigned. If 0 is passed in, there is no traffic scheduled to this origin.Note: This field may return·null, indicating that no valid values can be obtained. |
Private | Boolean | No | Whether to enable private authentication. It is valid when OriginType=COS/AWS_S3 . Values:true : Yes.false : No.false . |
PrivateParameters | Array of PrivateParameter | No | Private authentication parameters. This field is valid when Private=true . |
OwnershipVerification
Information of domain name ownership verification.
Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.
Name | Type | Description |
---|---|---|
DnsVerification | DnsVerification | CNAME, when there is no domain name access, the information required for DNS resolution verification is used. For details, refer to Site/Domain Ownership Verification . Note: This field may return null, which indicates a failure to obtain a valid value. |
FileVerification | FileVerification | CNAME, when there is no domain name access, the information required for file verification is used. For details, refer to Site/Domain Ownership Verification . Note: This field may return null, which indicates a failure to obtain a valid value. |
NsVerification | NsVerification | u200cInformation required for switching DNS servers. It's applicable to sites connected via NSs. For details, see Modifying DNS Server. Note: This field may return·null, indicating that no valid values can be obtained. |
PartialModule
Module settings of the exception rule
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Module | String | No | Module name. value is.waf : to be deprecated, managed rule. |
Include | Array of Integer | No | Specifies the list of rule ids that require exceptions under the module. |
Plan
Package information.
Used by actions: DescribePlans.
Name | Type | Description |
---|---|---|
PlanType | String | Package type. valid values:.Plan-Trial : trial planPlan-Personal : personal planPlan-Basic : basic planPlan-Standard : standard edition plan |
PlanId | String | Package ID. such as edgeone-2y041pblwaxe. |
Area | String | Service area. valid values:.Mainland : chinese mainlandoverseas : global (chinese mainland not included)Global : global (chinese mainland included) |
AutoRenewal | Boolean | Auto-Renew switch. valid values:. |
Status | String | Package status. valid values:.expiring-soon : will expire soon;expired : expiration status;Isolated : isolated stateoverdue-isolated : arrears isolated state. |
PayMode | Integer | Payment type. valid values:. |
ZonesInfo | Array of ZoneInfo | Describes the site information bound to the package, including the site id, site name, and site status. |
SmartRequestCapacity | Integer | Smart acceleration request quantity in the package, unit: times. |
VAUCapacity | Integer | Specifies the VAU specification in the package. measurement unit: unit. |
AccTrafficCapacity | Integer | Specifies the content acceleration traffic specification in the package, measurement unit: byte. |
SmartTrafficCapacity | Integer | Specifies the smart acceleration traffic specification in the package. measurement unit: byte. |
DDoSTrafficCapacity | Integer | Specifies the DDoS protection traffic specification in the package, measurement unit: byte. |
SecTrafficCapacity | Integer | Security traffic specification in the package. measurement unit: byte. |
SecRequestCapacity | Integer | Security requests in the package, unit: times. |
L4TrafficCapacity | Integer | Specifies the layer 4 acceleration traffic specification in the package, measurement unit: byte. |
CrossMLCTrafficCapacity | Integer | Specifies the network optimization traffic specification in the package for the chinese mainland, measurement unit: byte. |
Bindable | String | Specifies whether the package allows binding to new sites. valid values:.false : cannot bind new sites. |
EnabledTime | Timestamp ISO8601 | Package activation time. |
ExpiredTime | Timestamp ISO8601 | Plan expiration time. |
Features | Array of String | Supported features of the package include: |
PlanInfo
EdgeOne plan information
Used by actions: DescribeAvailablePlans.
Name | Type | Description |
---|---|---|
Currency | String | Settlement currency. Values:CNY : Settled by Chinese RMB;USD : Settled by US dollars. |
Flux | Integer | Traffic quota of the plan. It includes the traffic for security acceleration, content acceleration and smart acceleration. Unit: byte. |
Frequency | String | Settlement cycle. Values:y : Settled by year;m : Settled by month;h : Settled by hour;M : Settled by minute;s : Settled by second. |
PlanType | String | The plan option. Values:sta : Standard plan that supports content delivery network outside the Chinese mainland.sta_with_bot : Standard plan that supports content delivery network outside the Chinese mainland and bot management.sta_cm : Standard plan that supports content delivery network inside the Chinese mainland.sta_cm_with_bot : Standard plan that supports content delivery network inside the Chinese mainland and bot management.sta : Standard plan that supports content delivery network over the globe.sta_global_with_bot : Standard plan that supports content delivery network over the globe and bot management.ent : Enterprise plan that supports content delivery network outside the Chinese mainland.ent_with_bot : Enterprise plan that supports content delivery network outside the Chinese mainland and bot management.ent_cm : Enterprise plan that supports content delivery network inside the Chinese mainland.ent_cm_with_bot : Enterprise plan that supports content delivery network inside the Chinese mainland and bot management.ent_global : Enterprise plan that supports content delivery network over the globe.ent_global_with_bot : Enterprise plan that supports content delivery network over the globe and bot management. |
Price | Float | Plan price (in CNY fen/US cent). The price unit depends on the settlement currency. |
Request | Integer | Quota on security acceleration requests |
SiteNumber | Integer | Number of sites to be bound to the plan |
Area | String | The acceleration region. Values:mainland : Chinese mainlandoverseas : Global (Chinese mainland not included)global : Global (Chinese mainland included) |
PostMaxSize
Maximum size of the file uploaded for streaming via a POST request
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable POST upload limit (default limit: 32 MB). Valid values: on : Enable;off : Disable. |
MaxSize | Integer | No | Maximum limit. value range between 1MB and 500MB. byte. |
PostMaxSizeParameters
Maximum size of the file uploaded for streaming via a POST request.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable post request file upload limit, in bytes (default limit: 32 * 220 bytes). valid values: on : enable limit;off : disable limit. |
MaxSize | Integer | No | Maximum size of the file uploaded for streaming via a post request, in bytes. value range: 1 * 220 bytes to 500 * 220 bytes. |
PrepaidPlanParam
Prepaid Plan Billing Parameters
Used by actions: CreatePlan.
Name | Type | Required | Description |
---|---|---|---|
Period | Integer | No | Prepaid plan duration, unit: month. Valid values: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 24, 36. If this field is not specified, the default value '1' will be used. |
RenewFlag | String | No | The auto-renewal flag for prepaid plan has the following values: If this field is not specified, the default value 'off' will be used. When auto-renewal is enabled, it defaults to renewing for one month. |
PrivateParameter
Private authentication parameters for Cloud Object Storage origin server
Used by actions: CreateAccelerationDomain, CreateOriginGroup, DescribeAccelerationDomains, DescribeOriginGroup, ModifyAccelerationDomain, ModifyOriginGroup.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | The name of the private authentication parameter. Valid values: |
Value | String | Yes | The parameter value. |
QUICParameters
QUIC configuration item.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable quic. values:.On : enable;. |
QueryCondition
The query condition
Used by actions: CreateRealtimeLogDeliveryTask, DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData, DescribeTopL7AnalysisData, DescribeTopL7CacheData, ModifyRealtimeLogDeliveryTask.
Name | Type | Required | Description |
---|---|---|---|
Key | String | Yes | The key of QueryCondition. |
Operator | String | Yes | The conditional operator. Values:equals : EqualsnotEquals : Does not equalinclude : ContainsnotInclude : Does not containstartWith : Starts withnotStartWith : Does not start withendWith : Ends withnotEndWith : Does not end with |
Value | Array of String | Yes | The value of QueryCondition. |
QueryString
Request parameter contained in CacheKey
Used by actions: DescribeHostsSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to use QueryString as part of CacheKey . Values:on : Yesoff : No |
Action | String | No | CacheKey usage via QueryString, valid values:. |
Value | Array of String | No | Specifies the url parameter array for usage/exclusion. |
Quic
QUIC configuration item
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable QUIC. Valid values: on : Enable;off : Disable. |
Quota
Purging/Pre-warming available usage and quota
Used by actions: DescribeContentQuota.
Name | Type | Description |
---|---|---|
Batch | Integer | |
Daily | Integer | Daily submission quota limit. |
DailyAvailable | Integer | Remaining daily submission quota. |
Type | String | Type of cache purging/pre-warming. Values:purge_prefix : Purge by prefixpurge_url : Purge by URLpurge_host : Purge by hostnamepurge_all : Purge all cachespurge_cache_tag : Purge by cache tagprefetch_url : Pre-warm by URL |
RangeOriginPullParameters
Configuration parameters for range back-to-source.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable range gets. values are:.On : enable;. |
RateLimitConfig
Rate limiting rules
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Switch. Values:on : Enableoff : Disable |
RateLimitUserRules | Array of RateLimitUserRule | No | The settings of the custom rate limiting rule. If it is null, the settings that were last configured will be used. |
RateLimitTemplate | RateLimitTemplate | No | The rate limit template feature. if null, use the last set configuration by default. |
RateLimitIntelligence | RateLimitIntelligence | No | Intelligent client filtering. if null, use the last set configuration by default. |
RateLimitCustomizes | Array of RateLimitUserRule | No | The custom rate limiting rules. if it is null , the previous settings is used. |
RateLimitIntelligence
Client filtering
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable configuration. Values:on : Enableoff : Disable |
Action | String | Yes | Action to be executed. Values:monitor : Observealg : Challenge |
RuleId | Integer | No | The rule ID, which is only used as a response parameter. |
RateLimitTemplate
Rate limit template
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Mode | String | Yes | The mode. Values:sup_loose : Super looseloose : Looseemergency : Emergencynormal : Moderatestrict : Strictclose : Off |
Action | String | No | The action. Values:alg : JavaScript challengemonitor : Observealg is used. |
RateLimitTemplateDetail | RateLimitTemplateDetail | No | The settings of the rate limiting template. It is only used as an output parameter. |
RateLimitTemplateDetail
The settings of the rate limiting template
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Mode | String | Yes | Template level name. valid values:.Loose : looseEmergency : emergencynormal : moderateclose : off, precise rate limiting effective. |
ID | Integer | Yes | Unique ID. |
Action | String | Yes | Template action. valid values:.monitor : observe |
PunishTime | Integer | Yes | Penalty time, value range 0-2 days, unit second. |
Threshold | Integer | Yes | Statistical threshold, in times. Value range: 0-4294967294. |
Period | Integer | Yes | Statistical cycle. Value range: 0-120 seconds. |
RateLimitUserRule
Rate limit rule
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Threshold | Integer | Yes | The request threshold. Value range: 0-4294967294. |
Period | Integer | Yes | The statistical period. The value can be 10, 20, 30, 40, 50, or 60 seconds. |
RuleName | String | Yes | The rule name, which consists of only letters, digits, and underscores and cannot start with an underscore. |
Action | String | Yes | Action. Values:monitor : Observe;drop : Block;redirect : Redirect;page : Return a specific page;alg : JavaScript challenge. |
PunishTime | Integer | Yes | The amount of time taken to perform the action. Value range: 0 seconds - 2 days. |
PunishTimeUnit | String | Yes | The time unit. Values:second : Secondminutes : Minutehour : Hour |
RuleStatus | String | Yes | The rule status. Values:on : Enabledoff : Disabledon |
AclConditions | Array of AclCondition | Yes | The rule details. |
RulePriority | Integer | Yes | The rule weight. Value range: 0-100. |
RuleID | Integer | No | Rule ID, which is only used as an output parameter. |
FreqFields | Array of String | No | The filter. Values:sip : Client IPThis parameter is left empty by default. |
UpdateTime | String | No | Update time. It is only used as a response parameter, and defaults to the current time. |
FreqScope | Array of String | No | Query scope. Values:source_to_eo : (Response) Traffic going from the origin to EdgeOne.client_to_eo : (Request) Traffic going from the client to EdgeOne.Default: source_to_eo . |
Name | String | No | Name of the custom return page. It's required when Action=page . |
CustomResponseId | String | No | ID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Action=page . |
ResponseCode | Integer | No | The response code to trigger the return page. It's required when Action=page . Value: 100-600. 3xx response codes are not supported. Default value: 567. |
RedirectUrl | String | No | The redirection URL. It's required when Action=redirect . |
RateLimitingRule
Specifies the rate limit configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Id | String | No | The ID of precise rate limiting. rule ID supports different rule configuration operations: |
Name | String | No | Specifies the name of the precise rate limit. |
Condition | String | No | The specific content of precise speed limit shall comply with the expression syntax. for detailed specifications, see the product documentation. |
CountBy | Array of String | No | Rate threshold request feature match mode. this field is required when Enabled is on. when there are multiple conditions, composite multiple conditions will perform statistics count. the maximum number of conditions must not exceed 5. valid values: |
MaxRequestThreshold | Integer | No | Precision rate limiting specifies the cumulative number of interceptions within the time range. value ranges from 1 to 100000. |
CountingPeriod | String | No | Specifies the time window for statistics. valid values: |
ActionDuration | String | No | The duration of an Action is only supported in the following units: |
Action | SecurityAction | No | Precision rate limiting handling methods. valid values: |
Priority | Integer | No | Precision rate limiting specifies the priority. value range is 0 to 100. default is 0. |
Enabled | String | No | Whether the precise rate limiting rule is enabled. valid values: |
RateLimitingRules
Precision rate limiting configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Rules | Array of RateLimitingRule | No | Definition list of precise rate limiting. when using ModifySecurityPolicy to modify the Web protection configuration: |
RealtimeLogDeliveryTask
Real-time log delivery task
Used by actions: DescribeRealtimeLogDeliveryTasks.
Name | Type | Description |
---|---|---|
TaskId | String | ID of a real-time log shipping task. |
TaskName | String | Name of a real-time log shipping task. |
DeliveryStatus | String | Status of a real-time log shipping task. Valid values: |
TaskType | String | Type of a real-time log shipping task. Valid values: |
EntityList | Array of String | List of entities (L7 domain names or L4 proxy instances) corresponding to a real-time log shipping task. Valid value examples: |
LogType | String | Data shipping type. Valid values: |
Area | String | Data shipping area. Valid values: |
Fields | Array of String | List of predefined fields for shipping. |
CustomFields | Array of CustomField | List of custom fields for shipping. |
DeliveryConditions | Array of DeliveryCondition | Filter criteria of log shipping. |
Sample | Integer | Sampling ratio in permille. Value range: 1-1000. For example, 605 indicates a sampling ratio of 60.5%. |
LogFormat | LogFormat | Output format for log delivery. When the output parameter is null, the default format is used, which works as follows: Note: This field may return 'null', which indicates a failure to obtain a valid value. |
CLS | CLSTopic | Configuration information of the CLS. Note: This field may return null, which indicates a failure to obtain a valid value. |
CustomEndpoint | CustomEndpoint | Configuration information of the custom HTTP service. Note: This field may return null, which indicates a failure to obtain a valid value. |
S3 | S3 | Configuration information of the AWS S3-compatible bucket. Note: This field may return null, which indicates a failure to obtain a valid value. |
CreateTime | Timestamp ISO8601 | Creation time. |
UpdateTime | Timestamp ISO8601 | Update time. |
RedirectActionParameters
Additional parameter for SecurityAction Redirect
.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
URL | String | Yes | Redirect URL. |
RenewFlag
Auto-renewal configuration item in a prepaid plan.
Used by actions: ModifyPlan.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | The auto-renewal flag for prepaid plan has the following values: |
RequestBodyTransferTimeout
Body transfer timeout duration configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
IdleTimeout | String | Yes | Body transfer timeout duration. valid values: 5-120. measurement unit: seconds (s) only. |
Enabled | String | Yes | Whether body transfer timeout is enabled. valid values: on : enableoff : disable |
RequestFieldsForException
Skipped fields configuration in exception rules.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Scope | String | Yes | Skip specific field. supported values:. |
Condition | String | Yes | Skip specific field expression must comply with expression grammar. Condition supports expression configuration syntax: For example: |
TargetField | String | Yes | The Scope parameter takes different values. the TargetField expression supports the following values:. |
Resource
Billable resource
Used by actions: DescribeZones.
Name | Type | Description |
---|---|---|
Id | String | The resource ID. |
PayMode | Integer | Billing mode0 : Pay-as-you-go |
CreateTime | Timestamp ISO8601 | The creation time. |
EnableTime | Timestamp ISO8601 | The effective time. |
ExpireTime | Timestamp ISO8601 | The expiration time. |
Status | String | The plan status. Values:normal : Normalisolated : Isolateddestroyed : Terminated |
Sv | Array of Sv | Pricing query parameter |
AutoRenewFlag | Integer | Whether to enable auto-renewal. Values:0 : Default status.1 : Enable auto-renewal.2 : Disable auto-renewal. |
PlanId | String | ID of the resource associated with the plan. |
Area | String | Applicable area. Values:mainland : Chinese mainlandoverseas : Regions outside the Chinese mainlandglobal : Global |
Group | String | The resource type. Values:plan : Plan resourcespay-as-you-go : Pay-as-you-go resources value-added : Value-added resources Note: This field may return null, indicating that no valid values can be obtained. |
ZoneNumber | Integer | The sites that are associated with the current resources. Note: This field may return null, indicating that no valid values can be obtained. |
Type | String | Resource tag type. Valid values: |
ResponseSpeedLimitParameters
Single-link download speed limit configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Mode | String | Yes | Download rate limit mode. valid values:. |
MaxSpeed | String | Yes | The speed limit value specifies the size of the speed limit. fill in a value or variable with a unit. the currently supported unit is: KB/s. |
StartAt | String | No | The speed limit start value can be download size or specified duration. fill in a value with unit or variable to specify download size or specified duration. -When the Mode value is LimitAfterSpecificBytesDownloaded, the valid values of the unit are: KB. -When the Mode value is LimitAfterSpecificSecondsDownloaded, the valid value of the unit is: s. |
ReturnCustomPageActionParameters
Additional parameter for SecurityAction ReturnCustomPage
.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
ResponseCode | String | Yes | Response custom status code. |
ErrorPageId | String | Yes | Response custom page ID. |
RewriteAction
Rule engine action for the HTTP request/response header
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | Feature name. For details, see DescribeRulesSetting API |
Parameters | Array of RuleRewriteActionParams | Yes | Parameter |
Rule
Rule item of the rule engine. The items in the Conditions
array are in OR
relationship, and the items in the inner Conditions
list are in AND
relationship.
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Conditions | Array of RuleAndConditions | Yes | Judgment condition for executing the feature. Note: The feature can be executed if any condition in the array is met. |
Actions | Array of Action | No | Executed feature. Note: Actions and SubRules cannot be both empty. |
SubRules | Array of SubRuleItem | No | Nested rule. Note: SubRules and Actions cannot be both empty. |
RuleAndConditions
List of rule engine conditions in AND
relationship
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Conditions | Array of RuleCondition | Yes | Rule engine condition. This condition will be considered met if all items in the array are met. |
RuleBranch
Sub-rule branch.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Condition | String | No | Match condition (https://intl.cloud.tencent.com/document/product/1552/90438?from_cn_redirect=1#33f65828-c6c6-4b66-a011-25a20b548d5d). |
Actions | Array of RuleEngineAction | No | Operations. Note: actions and subrules cannot both be empty. Note: this field may return null, which indicates a failure to obtain a valid value. |
SubRules | Array of RuleEngineSubRule | No | List of sub-rules. multiple rules exist in this list and are executed sequentially from top to bottom. note: subrules and actions cannot both be empty. currently, only one layer of subrules is supported. Note: this field may return null, which indicates a failure to obtain a valid value. |
RuleChoicePropertiesItem
Detailed settings of the rule engine that can be used for request match, which are optional parameter configuration items.
Used by actions: DescribeRulesSetting.
Name | Type | Description |
---|---|---|
Name | String | The parameter name. |
Type | String | The parameter value type.Values .ChoicesValue . |
ChoicesValue | Array of String | Valid parameter values. Note: If Type is CUSTOM_NUM or CUSTOM_STRING , this parameter will be an empty array. |
Min | Integer | Minimum value. If both Min and Max are set to 0 , this parameter does not take effect. |
Max | Integer | Maximum value. If both Min and Max are set to 0 , this parameter does not take effect. |
IsMultiple | Boolean | Whether multiple values can be selected or entered. |
IsAllowEmpty | Boolean | Whether the parameter can be left empty. |
ExtraParameter | RuleExtraParameter | Special parameter.NormalAction for RuleAction . Id is Action , select RewirteAction for RuleAction .Id is StatusCode , select CodeAction for RuleAction . |
RuleCodeActionParams
Parameters of the action with the StatusCode
field as the rule engine condition
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
StatusCode | Integer | Yes | The status code. |
Name | String | Yes | The parameter name. For details, see DescribeRulesSetting. |
Values | Array of String | Yes | The parameter value. |
RuleCondition
Rule engine condition parameters
Used by actions: CreateFunctionRule, CreateRule, DescribeRules, ModifyFunctionRule, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Operator | String | Yes | Operator. Valid values:equal : EqualnotEquals : Does not equalexist : Existsnotexist : Does not exist |
Target | String | Yes | Matching type. Valid values: |
Values | Array of String | No | Parameter values for corresponding matching types. It is allowed to pass an empty array only when the matching type is query_string or request_header and the operator value is exist or not exist. Corresponding match types include: |
IgnoreCase | Boolean | No | Whether the parameter value is case insensitive. Default value: false. |
Name | String | No | The parameter name of the match type. This field is required only when Target=query_string/request_header .query_string : Name of the query string, such as "lang" and "version" in "lang=cn&version=1".request_header : Name of the HTTP request header, such as "Accept-Language" in the "Accept-Language:zh-CN,zh;q=0.9" header. |
RuleEngineAction
Rule engine operations.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Operation Name. the Name must correspond to the parameter structure, for example, if Name=Cache, CacheParameters is required.ForceRedirectHTTPS : force https redirect configuration for access protocol. |
CacheParameters | CacheParameters | No | Node cache ttl configuration parameter. when name is cache, this parameter is required. Note: this field may return null, which indicates a failure to obtain a valid value. |
CacheKeyParameters | CacheKeyParameters | No | Custom cache key configuration parameter. when name is cachekey, this parameter is required. Note: this field may return null, which indicates a failure to obtain a valid value. |
CachePrefreshParameters | CachePrefreshParameters | No | The cache prefresh configuration parameter. this parameter is required when name is cacheprefresh .Note: this field may return null, which indicates a failure to obtain a valid value. |
AccessURLRedirectParameters | AccessURLRedirectParameters | No | The access url redirection configuration parameter. this parameter is required when name is accessurlredirect .Note: this field may return null, which indicates a failure to obtain a valid value. |
UpstreamURLRewriteParameters | UpstreamURLRewriteParameters | No | The origin-pull url rewrite configuration parameter. this parameter is required when name is upstreamurlrewrite .Note: this field may return null, which indicates a failure to obtain a valid value. |
QUICParameters | QUICParameters | No | The quic configuration parameter. this parameter is required when name is quic .Note: this field may return null, which indicates a failure to obtain a valid value. |
WebSocketParameters | WebSocketParameters | No | The websocket configuration parameter. this parameter is required when name is websocket .Note: this field may return null, which indicates a failure to obtain a valid value. |
AuthenticationParameters | AuthenticationParameters | No | Token authentication configuration parameter. this parameter is required when name is authentication .Note: this field may return null, which indicates a failure to obtain a valid value. |
MaxAgeParameters | MaxAgeParameters | No | Browser cache ttl configuration parameter. this parameter is required when name is maxage .Note: this field may return null, which indicates a failure to obtain a valid value. |
StatusCodeCacheParameters | StatusCodeCacheParameters | No | Status code cache ttl configuration parameter. this parameter is required when name is statuscodecache .Note: this field may return null, which indicates a failure to obtain a valid value. |
OfflineCacheParameters | OfflineCacheParameters | No | Offline cache configuration parameter. this parameter is required when name is offlinecache .Note: this field may return null, which indicates a failure to obtain a valid value. |
SmartRoutingParameters | SmartRoutingParameters | No | Smart acceleration configuration parameter. this parameter is required when name is smartrouting .Note: this field may return null, which indicates a failure to obtain a valid value. |
RangeOriginPullParameters | RangeOriginPullParameters | No | Shard source retrieval configuration parameter. this parameter is required when name is set to rangeoriginpull. Note: this field may return null, which indicates a failure to obtain a valid value. |
UpstreamHTTP2Parameters | UpstreamHTTP2Parameters | No | HTTP2 origin-pull configuration parameter. this parameter is required when name is set to upstreamhttp2. Note: this field may return null, which indicates a failure to obtain a valid value. |
HostHeaderParameters | HostHeaderParameters | No | Host header rewrite configuration parameter. this parameter is required when name is set to hostheader. Note: this field may return null, which indicates a failure to obtain a valid value. |
ForceRedirectHTTPSParameters | ForceRedirectHTTPSParameters | No | Force https redirect configuration parameter. this parameter is required when the name is set to forceredirecthttps. Note: this field may return null, which indicates a failure to obtain a valid value. |
CompressionParameters | CompressionParameters | No | Intelligent compression configuration. this parameter is required when name is set to compression. Note: this field may return null, which indicates a failure to obtain a valid value. |
HSTSParameters | HSTSParameters | No | HSTS configuration parameter. this parameter is required when name is hsts. Note: this field may return null, which indicates a failure to obtain a valid value. |
ClientIPHeaderParameters | ClientIPHeaderParameters | No | Client ip header configuration for storing client request ip information. this parameter is required when name is clientipheader. Note: this field may return null, which indicates a failure to obtain a valid value. |
OCSPStaplingParameters | OCSPStaplingParameters | No | OCSP stapling configuration parameter. this parameter is required when the name is set to ocspstapling. Note: this field may return null, which indicates a failure to obtain a valid value. |
HTTP2Parameters | HTTP2Parameters | No | HTTP2 access configuration parameter. this parameter is required when name is http2. Note: this field may return null, which indicates a failure to obtain a valid value. |
PostMaxSizeParameters | PostMaxSizeParameters | No | Maximum size configuration for file streaming upload via a post request. this parameter is required when name is postmaxsize. Note: this field may return null, which indicates a failure to obtain a valid value. |
ClientIPCountryParameters | ClientIPCountryParameters | No | Configuration parameter for carrying the region information of the client ip during origin-pull. this parameter is required when the name is set to clientipcountry. Note: this field may return null, which indicates a failure to obtain a valid value. |
UpstreamFollowRedirectParameters | UpstreamFollowRedirectParameters | No | Configuration parameter for following redirects during origin-pull. this parameter is required when the name is set to upstreamfollowredirect. Note: this field may return null, which indicates a failure to obtain a valid value. |
UpstreamRequestParameters | UpstreamRequestParameters | No | Configuration parameter for origin-pull request. this parameter is required when the name is set to upstreamrequest. Note: this field may return null, which indicates a failure to obtain a valid value. |
TLSConfigParameters | TLSConfigParameters | No | SSL/TLS security configuration parameter. this parameter is required when the name is set to tlsconfig. Note: this field may return null, which indicates a failure to obtain a valid value. |
ModifyOriginParameters | ModifyOriginParameters | No | Configuration parameter for modifying the origin server. this parameter is required when the name is set to modifyorigin. Note: this field may return null, which indicates a failure to obtain a valid value. |
HTTPUpstreamTimeoutParameters | HTTPUpstreamTimeoutParameters | No | Configuration of layer 7 origin timeout. this parameter is required when name is httpupstreamtimeout. Note: this field may return null, which indicates a failure to obtain a valid value. |
HttpResponseParameters | HTTPResponseParameters | No | HTTP response configuration parameters. this parameter is required when name is httpresponse. Note: this field may return null, which indicates a failure to obtain a valid value. |
ErrorPageParameters | ErrorPageParameters | No | Custom error page configuration parameters. this parameter is required when name is errorpage. Note: this field may return null, which indicates a failure to obtain a valid value. |
ModifyResponseHeaderParameters | ModifyResponseHeaderParameters | No | Modify http node response header configuration parameters. this parameter is required when name is modifyresponseheader. Note: this field may return null, which indicates a failure to obtain a valid value. |
ModifyRequestHeaderParameters | ModifyRequestHeaderParameters | No | Modify http node request header configuration parameters. this parameter is required when name is modifyrequestheader. Note: this field may return null, which indicates a failure to obtain a valid value. |
ResponseSpeedLimitParameters | ResponseSpeedLimitParameters | No | Single connection download speed limit configuration parameter. this parameter is required when name is responsespeedlimit. Note: this field may return null, which indicates a failure to obtain a valid value. |
SetContentIdentifierParameters | SetContentIdentifierParameters | No | Specifies the content identification configuration parameter. this parameter is required when the Name value is SetContentIdentifier. Note: This field may return null, which indicates a failure to obtain a valid value. |
VaryParameters | VaryParameters | No | Vary feature configuration parameter. when Name value is Vary, this parameter is required. |
RuleEngineItem
Rule details of the rule engine.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Status | String | No | Rule status. values: enable : enableddisable : disabled |
RuleId | String | No | Rule id. a unique identifier for the rule. this parameter is required when calling modifyl7accrules . |
RuleName | String | No | Rule name. name length limit: 255 characters. |
Description | Array of String | No | Rule annotation. multiple annotations can be added. |
Branches | Array of RuleBranch | No | Sub-Rule branch. this list currently supports filling in only one rule; multiple entries are invalid. Note: this field may return null, which indicates a failure to obtain a valid value. |
RulePriority | Integer | No | Rule priority. only used as an output parameter. |
RuleEngineSubRule
Sub-rule
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Branches | Array of RuleBranch | No | Sub-Rule branch. Note: this field may return null, which indicates a failure to obtain a valid value. |
Description | Array of String | No | Rule comments. |
RuleExtraParameter
Rule engine parameter details and special parameter types.
Used by actions: DescribeRulesSetting.
Name | Type | Description |
---|---|---|
Id | String | Parameter name. Valid values:Action : Required parameter for HTTP header modification when RewirteAction is selected for RuleAction .StatusCode : Required parameter for the status code feature when CodeAction is selected for RuleAction . |
Type | String | Parameter value type.CHOICE : The parameter value can be selected only from Values .CUSTOM_NUM : The parameter value is a custom integer.CUSTOM_STRING : The parameter value is a custom string. |
Choices | Array of String | Valid values. Note: If the value of Id is StatusCode , values in the array are all integer values. When entering a parameter value, enter the integer value of the string. |
RuleItem
Rule details of the rule engine
Used by actions: DescribeRules.
Name | Type | Description |
---|---|---|
RuleId | String | The rule ID. |
RuleName | String | The rule name. It is a string that can contain 1–255 characters. |
Status | String | Rule status. Values:enable : Enableddisable : Disabled |
Rules | Array of Rule | The rule content. |
RulePriority | Integer | The rule priority. The greater the value, the higher the priority. The minimum value is 1 . |
Tags | Array of String | Tag of the rule. |
RuleNormalActionParams
Common action parameter of a rule engine condition
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | The parameter name. For details, see DescribeRulesSetting. |
Values | Array of String | Yes | The parameter value. |
RuleRewriteActionParams
Parameter of the action for the HTTP request/response header of a rule engine condition.
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | Yes | Feature parameter name. For details, see DescribeRulesSetting.add : Add the HTTP header.set : Rewrite the HTTP header.del : Delete the HTTP header. |
Name | String | Yes | Parameter name |
Values | Array of String | Yes | Parameter value |
RulesProperties
Detailed settings of the rule engine that can be used for request match.
Used by actions: DescribeRulesSetting.
Name | Type | Description |
---|---|---|
Name | String | Parameter name. |
Min | Integer | Minimum value. If both Min and Max are set to 0 , this parameter does not take effect. |
ChoicesValue | Array of String | Valid parameter values. Note: If Type is CUSTOM_NUM or CUSTOM_STRING , this parameter will be an empty array. |
Type | String | The parameter value type.CHOICE : the parameter value can only be selected from choicesvalue .choicesvalue .choiceproperties are the properties associated with this object type.CUSTOM_NUM : (integer) custom value. |
Max | Integer | Maximum value. If both Min and Max are set to 0 , this parameter does not take effect. |
IsMultiple | Boolean | Whether multiple values can be selected or entered. |
IsAllowEmpty | Boolean | Whether the parameter can be left empty. |
ChoiceProperties | Array of RuleChoicePropertiesItem | Associated configuration parameters of this parameter, which are required for API call. Note: This parameter will be an empty array if no special parameters are added as optional parameters. |
ExtraParameter | RuleExtraParameter | NormalAction is selected for RuleAction .Note: This field may return null, indicating that no valid values can be obtained. |
RulesSettingAction
List of the settings of the rule engine that can be used for request match and their detailed information.
Used by actions: DescribeRulesSetting.
Name | Type | Description |
---|---|---|
Action | String | Feature name. Valid values:AccessUrlRedirect ).UpstreamUrlRedirect ).( ErrorPage ).QUIC ).WebSocket ).VideoSeek ).Authentication ).CacheKey : Custom cache key.Cache : Node cache TTL.MaxAge : Browser cache TTL.OfflineCache : Offline cache.SmartRouting : Smart acceleration.RangeOriginPull : Range GETs.UpstreamHttp2 : HTTP/2 forwarding.HostHeader : Host header rewrite.ForceRedirect : Force HTTPS.OriginPullProtocol : Origin-pull HTTPS.CachePrefresh : Cache prefresh.Compression : Smart compression.RequestHeader : HTTP request header modification.ResponseHeader ).StatusCodeCache ).Hsts .ClientIpHeader .TlsVersion .OcspStapling . |
Properties | Array of RulesProperties | Parameter information |
S3
The configuration information of real-time log delivery to an AWS S3 compatible bucket
Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.
Name | Type | Required | Description |
---|---|---|---|
Endpoint | String | Yes | The URL without bucket name or path, for example: https://storage.googleapis.com , https://s3.ap-northeast-2.amazonaws.com , and https://cos.ap-nanjing.myqcloud.com . |
Region | String | Yes | The region where the bucket is located, for example: ap-northeast-2 . |
Bucket | String | Yes | The bucket name and log storage directory, for example: your_bucket_name/EO-logs/ . If the directory does not exist in the bucket, it will be created automatically. |
AccessId | String | Yes | The Access Key ID used to access the bucket. |
AccessKey | String | Yes | The secret key used to access the bucket. |
CompressType | String | No | The data compress type. Valid values: |
SecEntry
Returned value of security data entry
Used by actions: DescribeDDoSAttackData.
Name | Type | Description |
---|---|---|
Key | String | The query dimension value. |
Value | Array of SecEntryValue | The details. |
SecEntryValue
The security data queried by metric
Used by actions: DescribeDDoSAttackData.
Name | Type | Description |
---|---|---|
Metric | String | The metric name. |
Detail | Array of TimingDataItem | The time-series data details. |
Max | Integer | The maximum value. |
Avg | Float | The average value. |
Sum | Float | Sum |
SecurityAction
Action for security operation.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Name | String | Yes | Safe execution actions. valid values:.Monitor : observe; only record logsRedirect : Redirect to URLReturnCustomPage : to be deprecated, use specified page block; |
DenyActionParameters | DenyActionParameters | No | Additional parameters when Name is Deny. |
RedirectActionParameters | RedirectActionParameters | No | Additional parameter when Name is Redirect. |
AllowActionParameters | AllowActionParameters | No | Additional parameters when Name is Allow. |
ChallengeActionParameters | ChallengeActionParameters | No | Additional parameter when Name is Challenge. |
BlockIPActionParameters | BlockIPActionParameters | No | To be deprecated, additional parameter when Name is BlockIP. |
ReturnCustomPageActionParameters | ReturnCustomPageActionParameters | No | To be deprecated, additional parameter when Name is ReturnCustomPage. |
SecurityConfig
Web security configuration.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
WafConfig | WafConfig | No | Managed rule. if the parameter is null or not filled, use the last set configuration by default. |
RateLimitConfig | RateLimitConfig | No | Rate limiting. if the parameter is null or not filled, the configuration last set will be used by default. |
AclConfig | AclConfig | No | Custom rule. specifies if the parameter is null or not filled, use the last set configuration by default. |
BotConfig | BotConfig | No | Bot configuration. if the parameter is null or not filled, use the last set configuration by default. |
SwitchConfig | SwitchConfig | No | Switch setting of the 7-layer protection. if the parameter is null or not filled, use the last set configuration by default. |
IpTableConfig | IpTableConfig | No | Basic access control. if the parameter is null or not filled, use the last set configuration by default. |
ExceptConfig | ExceptConfig | No | Exception rule configuration. if the parameter is null or not filled, use the last set configuration by default. |
DropPageConfig | DropPageConfig | No | Custom block page settings. if the parameter is null or not filled, use the last set configuration by default. |
TemplateConfig | TemplateConfig | No | Template configuration. specifies parameter usage for output only. |
SlowPostConfig | SlowPostConfig | No | Slow attack configuration. if the parameter is null or not filled, use the last set configuration by default. |
DetectLengthLimitConfig | DetectLengthLimitConfig | No | Detect length limit configuration. for output usage only. |
SecurityPolicy
Web security policy.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
CustomRules | CustomRules | No | Custom rules. If the parameter is null or not filled, the configuration last set will be used by default. Note: This field may return null, indicating that no valid value can be obtained. |
ManagedRules | ManagedRules | No | Managed. If the parameter is null or not filled, the configuration last set will be used by default. Note: This field may return null, indicating that no valid value can be obtained. |
HttpDDoSProtection | HttpDDoSProtection | No | HTTP DDOS protection configuration. |
RateLimitingRules | RateLimitingRules | No | Configures the rate limiting rule. |
ExceptionRules | ExceptionRules | No | Exception rule configuration. |
BotManagement | BotManagement | No | Bot management configuration. |
SecurityPolicyTemplateInfo
Policy template information.
Used by actions: DescribeWebSecurityTemplates.
Name | Type | Description |
---|---|---|
ZoneId | String | The zone ID to which the policy template belongs. |
TemplateId | String | Policy template ID. |
TemplateName | String | The name of the policy template. |
BindDomains | Array of BindDomainInfo | Information about domains bound to the policy template. |
SecurityTemplateBinding
Bindings of a security policy template
Used by actions: DescribeSecurityTemplateBindings.
Name | Type | Description |
---|---|---|
TemplateId | String | template ID |
TemplateScope | Array of TemplateScope | Binding status of the template. |
SecurityType
The security type setting item.
Used by actions: DescribeHostsSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable the security type setting. Values:on : Enableoff : Disable |
ServerCertInfo
HTTPS server certificate configuration
Used by actions: DescribeHostsSetting, ModifyHostsCertificate, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
CertId | String | Yes | Specifies the server certificate ID, which originates from the SSL side. you can check the CertId from the SSL certificate list. |
Alias | String | No | Certificate remark name. |
Type | String | No | Certificate type. valid values:. |
ExpireTime | Timestamp ISO8601 | No | Certificate expiration time. |
DeployTime | Timestamp ISO8601 | No | Specifies the cert deployment time. |
SignAlgo | String | No | Signature algorithm. |
CommonName | String | No | Domain name of the certificate. |
SetContentIdentifierParameters
Content identifier configuration parameters
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
ContentIdentifier | String | No | Content identifier id. |
SkipCondition
Exception rule conditions, used to filter requests by specific fields
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Type | String | Yes | The field type. Values:header_fields : HTTP request headercookie : HTTP request cookiequery_string : Query string in the HTTP request URLuri : HTTP request URIbody_raw : HTTP request bodybody_json : JSON HTTP request body |
Selector | String | Yes | The specific field. Values:args : Query parameter in the URI, such as "?name1=jack&age=12"path : Partial path in the URI, such as "/path/to/resource.jpg"full : Full path in the URI, such as "example.com/path/to/resource.jpg?name1=jack&age=12"upload_filename : File path segmentkeys : All keysvalues : Values of all keyskey_value : Key and its value |
MatchFromType | String | No | The match method used to match the key. Values:equal : Exact matchwildcard : Wildcard match (only asterisks) |
MatchFrom | Array of String | No | Match the Key value. |
MatchContentType | String | No | The match method used to match the content.equal : Exact matchwildcard : Wildcard match (only asterisks) |
MatchContent | Array of String | No | Match the Value. |
SlowAttackDefense
Slow attack protection configuration.
Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.
Name | Type | Required | Description |
---|---|---|---|
Enabled | String | Yes | Whether slow attack protection is enabled. valid values: |
Action | SecurityAction | No | Slow attack protection handling method. required when Enabled is on. valid values for SecurityAction Name: |
MinimalRequestBodyTransferRate | MinimalRequestBodyTransferRate | No | The specific configuration of the minimum body transfer rate threshold is required when Enabled is on. |
RequestBodyTransferTimeout | RequestBodyTransferTimeout | No | Specifies the specific configuration of body transfer timeout duration. required when Enabled is on. |
SlowPostConfig
Slow attack defense configuration.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Values:on : Enableoff : Disable |
FirstPartConfig | FirstPartConfig | No | First packet configuration. |
SlowRateConfig | SlowRateConfig | No | Specifies the basic configuration. |
Action | String | No | Handling action for slow attack. valid values:.monitor : observedrop : block the request. |
RuleId | Integer | No | Specifies the Id of this rule. |
SlowRateConfig
The configuration to detect slow attacks
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Switch. Values:on : Enableoff : Disable |
Interval | Integer | No | The statistics interval in seconds. after the first packet transfer, the data transmission axis is split by this parameter for separate computing of slow attacks on each shard. |
Threshold | Integer | No | Specifies the rate threshold applied during statistics in bps. if the transmission rate in this shard does not reach the parameter value, it is identified as a slow attack and the slow attack handling method is applied. |
SmartRouting
Smart acceleration configuration
Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable smart acceleration. Values:on : Enableoff : Disable |
SmartRoutingParameters
Smart acceleration configuration.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable smart acceleration. values:.On : enable;. |
StandardDebug
Standard debugging
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable standard debugging. Values:on : Enableoff : Disable |
AllowClientIPList | Array of String | Yes | The client IP to allow. It can be an IPv4/IPv6 address or a CIDR block. If not specified, it means to allow any client IP |
ExpireTime | Timestamp ISO8601 | Yes | The time when the standard debugging setting expires. If it is exceeded, this feature becomes invalid. |
StandardDebugParameters
Debug structure.
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable standard debugging. values:.On : enable;. |
AllowClientIPList | Array of String | No | The client ip to allow. it can be an ipv4/ipv6 address or a cidr block. 0.0.0.0/0 means to allow all ipv4 clients for debugging; ::/0 means to allow all ipv6 clients for debugging; 127.0.0.1 is not allowed. note: this field is required when switch=on and the number of entries should be 1-100. when switch=off , this field is not required and any value specified will not take effect. |
Expires | Timestamp ISO8601 | No | Debug feature expiration time. the feature will be disabled after the set time. note: this field is required when switch=on . when switch=off , this field is not required and any value specified will not take effect. |
StatusCodeCacheParam
Status Code Cache TTL configuration internal structure.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
StatusCode | Integer | No | Status code. valid values: 400, 401, 403, 404, 405, 407, 414, 500, 501, 502, 503, 504, 509, 514. |
CacheTime | Integer | No | Cache time value in seconds. value range: 0–31536000. |
StatusCodeCacheParameters
Status Code Cache TTL configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
StatusCodeCacheParams | Array of StatusCodeCacheParam | No | Status code cache ttl. Note: this field may return null, which indicates a failure to obtain a valid value. |
SubRule
Nested rule settings
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Conditions | Array of RuleAndConditions | Yes | The condition that determines if a feature should run. Note: If any condition in the array is met, the feature will run. |
Actions | Array of Action | Yes | The feature to be executed. |
SubRuleItem
Rule engine nested rule
Used by actions: CreateRule, DescribeRules, ModifyRule.
Name | Type | Required | Description |
---|---|---|---|
Rules | Array of SubRule | Yes | Nested rule settings |
Tags | Array of String | No | Tag of the rule. |
Sv
Pricing query parameter
Used by actions: DescribeZones.
Name | Type | Required | Description |
---|---|---|---|
Key | String | Yes | The parameter key. |
Value | String | Yes | The parameter value. |
Pack | String | No | Quota for a resource. Values:zone : Quota for sitescustom-rule : Quota for custom rulesrate-limiting-rule : Quota for rate limiting rulesl4-proxy-instance : Quota for L4 proxy instances Note: This field may return null, indicating that no valid values can be obtained. |
InstanceId | String | No | ID of the L4 proxy instance. Note: This field may return null, indicating that no valid values can be obtained. |
ProtectionSpecs | String | No | The protection specification. Values: cm_30G : 30 Gbps base protection bandwidth in Chinese mainland service areacm_60G : 60 Gbps base protection bandwidth in Chinese mainland service areacm_100G : 100 Gbps base protection bandwidth in Chinese mainland service areaanycast_300G : 300 Gbps Anycast-based protection in Global (MLC) service areaanycast_unlimited : Unlimited Anycast-based protection bandwidth in Global (MLC) service areacm_30G_anycast_300G : 30 Gbps base protection bandwidth in Chinese mainland service area and 300 Gbps Anycast-based protection bandwidth in Global (MLC) service areacm_30G_anycast_unlimited : 30 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service area: 60 Gbps base protection bandwidth in **Chinese mainland** service area and 300 Gbps Anycast-based protection bandwidth in **Global (MLC)** service area</li><li> cm_60G_anycast_unlimited : 60 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service areacm_100G_anycast_300G : 100 Gbps base protection bandwidth in Chinese mainland service area and 300 Gbps Anycast-based protection bandwidth in Global (MLC) service areaNote: This field may return null, indicating that no valid values can be obtained. |
SwitchConfig
Web security configuration switch
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
WebSwitch | String | Yes | Whether to enable web protection. Values:on : Enableoff : Disable |
TCCaptchaOption
CAPTCHA authentication instance information.
Used by actions: CreateSecurityClientAttester, DescribeSecurityClientAttester, ModifySecurityClientAttester.
Name | Type | Required | Description |
---|---|---|---|
CaptchaAppId | String | Yes | CaptchaAppId information. |
AppSecretKey | String | Yes | AppSecretKey information. |
TCRCEOption
RCE authentication option instance information.
Used by actions: CreateSecurityClientAttester, DescribeSecurityClientAttester, ModifySecurityClientAttester.
Name | Type | Required | Description |
---|---|---|---|
Channel | String | Yes | Channel information. |
TLSConfigParameters
SSL/TLS Security configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Version | Array of String | No | TLS version. at least one must be specified. if multiple versions are specified, they must be consecutive, e.g., enable tls1, 1.1, 1.2, and 1.3. it is not allowed to enable only 1 and 1.2 while disabling 1.1. valid values: tlsv1 : tlsv1 version;tlsv1.1 : tlsv1.1 version;tlsv1.2 : tlsv1.2 version;tlsv1.3 : tlsv1.3 version. |
CipherSuite | String | No | Cipher suite. for detailed information, please refer to tls versions and cipher suites description. valid values: loose-v2023 : loose-v2023 cipher suite;general-v2023 : general-v2023 cipher suite;strict-v2023 : strict-v2023 cipher suite. |
Tag
Tag configuration
Used by actions: CreateContentIdentifier, CreateZone, DescribeContentIdentifiers, DescribeZones.
Name | Type | Required | Description |
---|---|---|---|
TagKey | String | Yes | The tag key. Note: This field may return null, indicating that no valid values can be obtained. |
TagValue | String | Yes | The tag value. Note: This field may return null, indicating that no valid values can be obtained. |
Task
Content management task result
Used by actions: DescribePrefetchTasks, DescribePurgeTasks.
Name | Type | Description |
---|---|---|
JobId | String | ID of the task. |
Target | String | Resource. |
Type | String | Type of the task. |
Method | String | Node cache purge method. valid values:. |
Status | String | Status. valid values:. |
CreateTime | Timestamp ISO8601 | Creation time of the task. |
UpdateTime | Timestamp ISO8601 | Completion time of the task. |
FailType | String | Refresh and preheat failure type. valid values:. |
FailMessage | String | Failure description for refresh and preheating. |
TemplateConfig
Security template settings
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
TemplateId | String | Yes | The template ID. |
TemplateName | String | Yes | The template name. |
TemplateScope
Domain names bound with the template.
Used by actions: DescribeSecurityTemplateBindings.
Name | Type | Required | Description |
---|---|---|---|
ZoneId | String | No | ID of the site. Note: This field may return·null, indicating that no valid values can be obtained. |
EntityStatus | Array of EntityStatus | No | List of instance statuses Note: This field may return·null, indicating that no valid values can be obtained. |
TimingDataItem
Data items of the statistical curve
Used by actions: DescribeDDoSAttackData, DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.
Name | Type | Description |
---|---|---|
Timestamp | Integer | Time point for returning data, in the format of Unix timestamp in seconds. |
Value | Integer | The value. |
TimingDataRecord
The time-series data
Used by actions: DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.
Name | Type | Description |
---|---|---|
TypeKey | String | The query dimension value. |
TypeValue | Array of TimingTypeValue | Detailed time series data |
TimingTypeValue
Detailed data of time series type
Used by actions: DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.
Name | Type | Description |
---|---|---|
Sum | Integer | Sum. |
Max | Integer | The maximum value. |
Avg | Integer | The average value. |
MetricName | String | Metric name. |
Detail | Array of TimingDataItem | Details. Note: This field may return null, indicating that no valid values can be obtained. |
TopDataRecord
The top-ranked data record
Used by actions: DescribeTopL7AnalysisData, DescribeTopL7CacheData.
Name | Type | Description |
---|---|---|
TypeKey | String | The query dimension value. |
DetailData | Array of TopDetailData | Top data rankings |
TopDetailData
The top-ranked data details
Used by actions: DescribeTopL7AnalysisData, DescribeTopL7CacheData.
Name | Type | Description |
---|---|---|
Key | String | The field name. |
Value | Integer | The field value. |
TopEntry
The Top-ranked data
Used by actions: DescribeDDoSAttackTopData.
Name | Type | Description |
---|---|---|
Key | String | The query dimension value. |
Value | Array of TopEntryValue | The details. |
TopEntryValue
The top-ranked data
Used by actions: DescribeDDoSAttackTopData.
Name | Type | Description |
---|---|---|
Name | String | The item name. |
Count | Integer | The number of items. |
URLPath
Access URL redirect path configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Action | String | No | Action to be executed. values:.Follow : follow the request;Custom : custom;Regex : regular expression matching. |
Regex | String | No | Regular expression matching expression, length range is 1-1024. note: when action is regex, this field is required; when action is follow or custom, this field is not required and will not take effect if filled. |
Value | String | No | Redirect target url, length range is 1-1024. note: when action is regex or custom, this field is required; when action is follow, this field is not required and will not take effect if filled. |
UpstreamCertInfo
The certificate carried during EO node origin-pull is used when the origin server enables the mutual authentication handshake to validate the client certificate, ensuring that the request originates from a trusted EO node.
Used by actions: DescribeAccelerationDomains.
Name | Type | Required | Description |
---|---|---|---|
UpstreamMutualTLS | MutualTLS | No | In the origin-pull mutual authentication scenario, this field represents the certificate (including the public and private keys) carried during EO node origin-pull, which is deployed in the EO node for the origin server to authenticate the EO node. When used as an input parameter, it is left blank to indicate retaining the original configuration. |
UpstreamFollowRedirectParameters
Origin-pull redirection parameters configuration
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable origin-pull to follow the redirection configuration. values:.On : enable;. |
MaxTimes | Integer | No | The maximum number of redirects. value range: 1-5. Note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled. |
UpstreamHTTP2Parameters
HTTP2 origin-pull configuration
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable http2 origin-pull. valid values:.On : enable;. |
UpstreamHttp2
HTTP2 origin-pull configuration
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable HTTP2 origin-pull. Valid values: on : Enable;off : Disable. |
UpstreamRequestCookie
Origin-pull request parameters Cookie configuration
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable the origin-pull request parameter cookie. valid values:.On : enable;. |
Action | String | No | Origin-Pull request parameter cookie mode. this parameter is required when switch is on. valid values are:.IncludeCustom : retain partial parameters. |
Values | Array of String | No | Specifies parameter values. this parameter takes effect only when the query string mode action is includecustom or excludecustom , and is used to specify the parameters to be reserved or ignored. up to 10 parameters are supported. |
UpstreamRequestParameters
Origin-pull request parameters configuration.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
QueryString | UpstreamRequestQueryString | No | Query string configuration. optional. if not provided, it will not be configured. Note: this field may return null, which indicates a failure to obtain a valid value. |
Cookie | UpstreamRequestCookie | No | Cookie configuration. optional. if not provided, it will not be configured. Note: this field may return null, which indicates a failure to obtain a valid value. |
UpstreamRequestQueryString
Origin-pull request parameters query string configuration.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable origin-pull request parameter query string. values:.On : enable;. |
Action | String | No | Query string mode. this parameter is required when switch is on. values:.Full : retain allIgnore : ignore all; |
Values | Array of String | No | Specifies parameter values. this parameter takes effect only when the query string mode action is includecustom or excludecustom , and is used to specify the parameters to be reserved or ignored. up to 10 parameters are supported. |
UpstreamURLRewriteParameters
Origin URL rewrite configuration parameters.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Type | String | No | Origin-Pull URL rewrite type. valid values: Path. |
Action | String | No | Origin-Pull URL rewrite action. valid values:. |
Value | String | No | Origin-Pull URL rewrite value. should meet URL Path standard and ensure the rewritten Path starts with / to prevent the Host of the origin-pull URL from being modified, with a length range of 1–1024. when Action is addPrefix, it cannot end with /. when Action is rmvPrefix, * cannot exist. when Action is regexReplace, $NUM can be used to refer to regular expression capture groups, where NUM represents the group number, such as $1, and supports up to $9. |
Regex | String | No | Origin-Pull URL rewrite used for regex replacement to match the full path regular expression. should meet Google RE2 standard with length range 1–1024. this field is required when Action is regexReplace, otherwise not required. |
VanityNameServers
Custom name servers
Used by actions: DescribeZones, ModifyZone.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable custom name servers. Values:on : Enableoff : Disable |
Servers | Array of String | No | List of custom name servers |
VanityNameServersIps
IP information of the custom name server
Used by actions: DescribeZones.
Name | Type | Description |
---|---|---|
Name | String | Custom name of the name server |
IPv4 | String | IPv4 address of the custom name server |
VaryParameters
Vary feature configuration parameter.
Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Vary feature configuration switch. valid values:.on : Enable; |
VideoTemplateInfo
Video stream configuration parameters.
Used by actions: CreateJustInTimeTranscodeTemplate, DescribeJustInTimeTranscodeTemplates.
Name | Type | Required | Description |
---|---|---|---|
Codec | String | Yes | Encoding format for video streams. valid values: |
Fps | Float | No | Video frame rate. value ranges from 0 to 30. measurement unit: Hz. If the value is 0, the frame rate will be the same as that of the source video, with a maximum not exceeding 30. Default value: 0. |
Bitrate | Integer | No | Specifies the bitrate of video stream. valid values: 0 and [128, 10000]. measurement unit: kbps. Value is 0, means automatically select video bitrate based on video image and quality. Default value: 0. |
ResolutionAdaptive | String | No | Resolution adaptation. available values: |
Width | Integer | No | The maximum value of the video stream Width (or long side). valid values: 0 and [128, 1920]. unit: px. |
Height | Integer | No | The maximum value of the video stream Height (or short side). valid values: 0 and [128, 1080]. unit: px. |
FillType | String | No | Filling method. specifies the processing method for transcoding when video stream configuration width and height parameters are inconsistent with the aspect ratio of the original video. valid values: |
Waf
N/A
Used by actions: DescribeHostsSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable WAF. Values:on : Enableoff : Disable |
PolicyId | Integer | No | ID of the policy |
WafConfig
WAF configuration.
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable WAF configuration. Values:on : Enableoff : Disable |
Level | String | Yes | The protection level. Values:loose : Loosenormal : Moderatestrict : Strictstricter : Super strictcustom : Custom |
Mode | String | Yes | The WAF global mode. Values:block : Block globallyobserve : Observe globally |
WafRule | WafRule | No | The settings of the managed rule. If it is null, the settings that were last configured will be used. |
AiRule | AiRule | No | The setting of the AI rule engine. If it is null, the setting that was last configured will be used. |
WafRule
WAF rule
Used by actions: ModifySecurityPolicy.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable managed rules. Values:on : Enableoff : Disable |
BlockRuleIDs | Array of Integer | Yes | IDs of the rules to be disabled. |
ObserveRuleIDs | Array of Integer | Yes | IDs of the rules to be executed in Observe mode. |
WebSocket
WebSocket configuration
Used by actions: DescribeZoneSetting, ModifyZoneSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | Yes | Whether to enable WebSocket connection timeout. Values:on : The field "Timeout" can be configured.off : The field "Timeout" is fixed to 15 seconds. |
Timeout | Integer | No | The timeout period in seconds. Maximum value: 120. |
WebSocketParameters
WebSocket configuration
Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
Switch | String | No | Whether to enable websocket connection timeout. values:. |
Timeout | Integer | No | Timeout, unit: seconds. maximum timeout is 120 seconds. note: this field is required when switch is on; otherwise, this field will not take effect. |
Zone
Site information
Used by actions: DescribeZones.
Name | Type | Description |
---|---|---|
ZoneId | String | Site ID. |
ZoneName | String | The site name. |
OriginalNameServers | Array of String | List of name servers used by the site |
NameServers | Array of String | The list of name servers assigned by Tencent Cloud. |
Status | String | The site status. Values: u200c active : The name server is switched to EdgeOne.u200c pending : The name server is not switched.u200c moved : The name server is changed to other service providers.u200c deactivated : The site is blocked.initializing : The site is not bound with any plan. |
Type | String | Site access method. Valid values: |
Paused | Boolean | Whether the site is disabled. |
CnameSpeedUp | String | Whether CNAME acceleration is enabled. Values:enabled : Enableddisabled : Disabled |
CnameStatus | String | CNAME record access status. Values:finished : The site is verified.pending : The site is being verified. |
Tags | Array of Tag | The list of resource tags. |
Resources | Array of Resource | The list of billable resources. |
CreatedOn | Timestamp ISO8601 | The creation time of the site. |
ModifiedOn | Timestamp ISO8601 | The modification date of the site. |
Area | String | The site access region. Values:global : Global.mainland : Chinese mainland.overseas : Outside the Chinese mainland. |
VanityNameServers | VanityNameServers | The custom name server information. Note: This field may return null, indicating that no valid values can be obtained. |
VanityNameServersIps | Array of VanityNameServersIps | The custom name server IP information. Note: This field may return null, indicating that no valid values can be obtained. |
ActiveStatus | String | Status of the proxy. Values:active : Enabledinactive : Not activatedpaused : Disabled |
AliasZoneName | String | Site alias. a composite of digits, numbers, english letters, -, and _, limited to 20 characters. |
IsFake | Integer | Whether it’s a fake site. Valid values: 0 : Non-fake site;1 : Fake site. |
LockStatus | String | Lock status. Values: enable : Normal. Modification is allowed.disable : Locked. Modification is not allowed.plan_migrate : Adjusting the plan. Modification is not allowed. |
OwnershipVerification | OwnershipVerification | Ownership verification information Note: This field may return·null, indicating that no valid values can be obtained. |
ZoneConfig
Site acceleration configuration.
Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.
Name | Type | Required | Description |
---|---|---|---|
SmartRouting | SmartRoutingParameters | No | <Intelligent acceleration configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
Cache | CacheConfigParameters | No | Node cache expiration time configuration. . Note: this field may return null, which indicates a failure to obtain a valid value. |
MaxAge | MaxAgeParameters | No | Browser cache rule configuration, which is used to set the default value of maxage and is disabled by default. . Note: this field may return null, which indicates a failure to obtain a valid value. |
CacheKey | CacheKeyConfigParameters | No | The node cache key configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
CachePrefresh | CachePrefreshParameters | No | Cache prefresh configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
OfflineCache | OfflineCacheParameters | No | Offline cache configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
Compression | CompressionParameters | No | Smart compression configuration. . Note: this field may return null, which indicates a failure to obtain a valid value. |
ForceRedirectHTTPS | ForceRedirectHTTPSParameters | No | Forced https redirect configuration for access protocols. . Note: this field may return null, which indicates a failure to obtain a valid value. |
HSTS | HSTSParameters | No | HSTS configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
TLSConfig | TLSConfigParameters | No | TLS configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
OCSPStapling | OCSPStaplingParameters | No | OCSP stapling configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
HTTP2 | HTTP2Parameters | No | HTTP/2 configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
QUIC | QUICParameters | No | QUIC access configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
UpstreamHTTP2 | UpstreamHTTP2Parameters | No | HTTP2 origin-pull configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
IPv6 | IPv6Parameters | No | IPv6 access configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
WebSocket | WebSocketParameters | No | WebSocket configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
PostMaxSize | PostMaxSizeParameters | No | POST request transport configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
ClientIPHeader | ClientIPHeaderParameters | No | Client ip origin-pull request header configuration. Note: this field may return null, which indicates a failure to obtain a valid value. |
ClientIPCountry | ClientIPCountryParameters | No | Whether to carry the region information of the client ip during origin-pull. Note: this field may return null, which indicates a failure to obtain a valid value. |
Grpc | GrpcParameters | No | Configuration of grpc support. Note: this field may return null, which indicates a failure to obtain a valid value. |
AccelerateMainland | AccelerateMainlandParameters | No | Accelerate optimization and configuration in mainland china. Note: this field may return null, which indicates a failure to obtain a valid value. |
StandardDebug | StandardDebugParameters | No | Standard debugging configuration. . Note: this field may return null, which indicates a failure to obtain a valid value. |
ZoneConfigParameters
Site configuration information.
Used by actions: DescribeL7AccSetting.
Name | Type | Description |
---|---|---|
ZoneName | String | The site name. |
ZoneConfig | ZoneConfig | Site configuration information. Note: this field may return null, which indicates a failure to obtain a valid value. |
ZoneInfo
Describes the returned site information.
Used by actions: DescribePlans.
Name | Type | Required | Description |
---|---|---|---|
ZoneId | String | No | Site id. |
ZoneName | String | No | Site name. |
Paused | Boolean | No | Whether to disable the site. valid values: |
ZoneSetting
The site configuration.
Used by actions: DescribeZoneSetting.
Name | Type | Description |
---|---|---|
ZoneName | String | Name of the site |
Area | String | Site acceleration region. Values:mainland : Acceleration in the Chinese mainland.overseas : Acceleration outside the Chinese mainland. |
CacheKey | CacheKey | Node cache key configuration Note: This field may return null, indicating that no valid values can be obtained. |
Quic | Quic | The QUIC access configuration. Note: This field may return null, indicating that no valid values can be obtained. |
PostMaxSize | PostMaxSize | The POST transport configuration. Note: This field may return null, indicating that no valid values can be obtained. |
Compression | Compression | Smart compression configuration. Note: This field may return null, indicating that no valid values can be obtained. |
UpstreamHttp2 | UpstreamHttp2 | HTTP2 origin-pull configuration Note: This field may return null, indicating that no valid values can be obtained. |
ForceRedirect | ForceRedirect | Force HTTPS redirect configuration Note: This field may return null, indicating that no valid values can be obtained. |
CacheConfig | CacheConfig | Cache expiration time configuration Note: This field may return null, indicating that no valid values can be obtained. |
Origin | Origin | Origin server configuration. Note: This field may return null, indicating that no valid values can be obtained. |
SmartRouting | SmartRouting | Smart acceleration configuration Note: This field may return null, indicating that no valid values can be obtained. |
MaxAge | MaxAge | Browser cache configuration Note: This field may return null, indicating that no valid values can be obtained. |
OfflineCache | OfflineCache | The offline cache configuration. Note: This field may return null, indicating that no valid values can be obtained. |
WebSocket | WebSocket | WebSocket configuration. Note: This field may return null, indicating that no valid values can be obtained. |
ClientIpHeader | ClientIpHeader | Origin-pull client IP header configuration Note: This field may return null, indicating that no valid values can be obtained. |
CachePrefresh | CachePrefresh | Cache prefresh configuration Note: This field may return null, indicating that no valid values can be obtained. |
Ipv6 | Ipv6 | IPv6 access configuration Note: This field may return null, indicating that no valid values can be obtained. |
Https | Https | HTTPS acceleration configuration Note: This field may return null, indicating that no valid values can be obtained. |
ClientIpCountry | ClientIpCountry | Whether to carry the location information of the client IP during origin-pull. Note: This field may return null , indicating that no valid value can be obtained. |
Grpc | Grpc | Configuration of gRPC support Note: This field may return null , indicating that no valid value can be obtained. |
ImageOptimize | ImageOptimize | Image optimization configuration. Note: This field may return null , indicating that no valid value was found. |
AccelerateMainland | AccelerateMainland | Cross-MLC-border acceleration. Note: This field may return null , indicating that no valid values can be obtained. |
StandardDebug | StandardDebug | Standard debugging configuration. Note: This field may return null, indicating that no valid values can be obtained. |
JITVideoProcess | JITVideoProcess | Just-in-time media processing configuration. Note: This field may return null, which indicates a failure to obtain a valid value. |
- APIResource
- APIService
- AccelerateMainland
- AccelerateMainlandParameters
- AccelerateType
- AccelerationDomain
- AccelerationDomainCertificate
- AccessURLRedirectParameters
- AccessURLRedirectQueryString
- AclCondition
- AclConfig
- AclUserRule
- Action
- AdaptiveFrequencyControl
- Addresses
- AdvancedFilter
- AiRule
- AlgDetectJS
- AlgDetectResult
- AlgDetectRule
- AlgDetectSession
- AliasDomain
- AllowActionParameters
- ApplicationProxy
- ApplicationProxyRule
- AscriptionInfo
- AudioTemplateInfo
- AuthenticationParameters
- BandwidthAbuseDefense
- BillingData
- BillingDataFilter
- BindDomainInfo
- BindSharedCNAMEMap
- BlockIPActionParameters
- BotConfig
- BotExtendAction
- BotManagedRule
- BotManagement
- BotPortraitRule
- BotUserRule
- CC
- CLSTopic
- Cache
- CacheConfig
- CacheConfigCustomTime
- CacheConfigParameters
- CacheKey
- CacheKeyConfigParameters
- CacheKeyCookie
- CacheKeyHeader
- CacheKeyParameters
- CacheKeyQueryString
- CacheParameters
- CachePrefresh
- CachePrefreshParameters
- CacheTag
- CertificateInfo
- ChallengeActionParameters
- CheckRegionHealthStatus
- ClientAttestationRule
- ClientAttestationRules
- ClientAttester
- ClientFiltering
- ClientIPCountryParameters
- ClientIPHeaderParameters
- ClientIpCountry
- ClientIpHeader
- CnameStatus
- CodeAction
- Compression
- CompressionParameters
- ConfigGroupVersionInfo
- ContentIdentifier
- CurrentOriginACL
- CustomEndpoint
- CustomErrorPage
- CustomField
- CustomRule
- CustomRules
- CustomTime
- CustomizedHeader
- DDoS
- DDoSAttackEvent
- DDoSBlockData
- DDoSProtection
- DDosProtectionConfig
- DefaultServerCertInfo
- DeliveryCondition
- DenyActionParameters
- DeployRecord
- DetailHost
- DetectLengthLimitCondition
- DetectLengthLimitConfig
- DetectLengthLimitRule
- DeviceProfile
- DiffIPWhitelist
- DnsRecord
- DnsVerification
- DomainDDoSProtection
- DropPageConfig
- DropPageDetail
- EntityStatus
- EnvInfo
- ErrorPage
- ErrorPageParameters
- ErrorPageReference
- ExceptConfig
- ExceptUserRule
- ExceptUserRuleCondition
- ExceptUserRuleScope
- ExceptionRule
- ExceptionRules
- FailReason
- FileAscriptionInfo
- FileVerification
- Filter
- FirstPartConfig
- FollowOrigin
- ForceRedirect
- ForceRedirectHTTPSParameters
- Function
- FunctionEnvironmentVariable
- FunctionRule
- FunctionRuleCondition
- GatewayRegion
- Grpc
- GrpcParameters
- HSTSParameters
- HTTP2Parameters
- HTTPResponseParameters
- HTTPUpstreamTimeoutParameters
- Header
- HeaderAction
- HealthChecker
- HostHeaderParameters
- HostName
- Hsts
- HttpDDoSProtection
- Https
- IPExpireInfo
- IPGroup
- IPRegionInfo
- IPWhitelist
- IPv6Parameters
- Identification
- ImageOptimize
- IntelligenceRule
- IntelligenceRuleItem
- IpTableConfig
- IpTableRule
- Ipv6
- JITVideoProcess
- JSInjectionRule
- JustInTimeTranscodeTemplate
- L4OfflineLog
- L4Proxy
- L4ProxyRemoteAuth
- L4ProxyRule
- L7OfflineLog
- LoadBalancer
- LogFormat
- ManagedRuleAction
- ManagedRuleAutoUpdate
- ManagedRuleDetail
- ManagedRuleGroup
- ManagedRuleGroupMeta
- ManagedRules
- MaxAge
- MaxAgeParameters
- MinimalRequestBodyTransferRate
- ModifyOriginParameters
- ModifyRequestHeaderParameters
- ModifyResponseHeaderParameters
- MultiPathGateway
- MultiPathGatewayLine
- MutualTLS
- NextOriginACL
- NoCache
- NormalAction
- NsVerification
- OCSPStaplingParameters
- OfflineCache
- OfflineCacheParameters
- Origin
- OriginACLEntity
- OriginACLInfo
- OriginDetail
- OriginGroup
- OriginGroupHealthStatus
- OriginGroupHealthStatusDetail
- OriginGroupInLoadBalancer
- OriginGroupReference
- OriginHealthStatus
- OriginInfo
- OriginPrivateParameters
- OriginProtectionInfo
- OriginRecord
- OwnershipVerification
- PartialModule
- Plan
- PlanInfo
- PostMaxSize
- PostMaxSizeParameters
- PrepaidPlanParam
- PrivateParameter
- QUICParameters
- QueryCondition
- QueryString
- Quic
- Quota
- RangeOriginPullParameters
- RateLimitConfig
- RateLimitIntelligence
- RateLimitTemplate
- RateLimitTemplateDetail
- RateLimitUserRule
- RateLimitingRule
- RateLimitingRules
- RealtimeLogDeliveryTask
- RedirectActionParameters
- RenewFlag
- RequestBodyTransferTimeout
- RequestFieldsForException
- Resource
- ResponseSpeedLimitParameters
- ReturnCustomPageActionParameters
- RewriteAction
- Rule
- RuleAndConditions
- RuleBranch
- RuleChoicePropertiesItem
- RuleCodeActionParams
- RuleCondition
- RuleEngineAction
- RuleEngineItem
- RuleEngineSubRule
- RuleExtraParameter
- RuleItem
- RuleNormalActionParams
- RuleRewriteActionParams
- RulesProperties
- RulesSettingAction
- S3
- SecEntry
- SecEntryValue
- SecurityAction
- SecurityConfig
- SecurityPolicy
- SecurityPolicyTemplateInfo
- SecurityTemplateBinding
- SecurityType
- ServerCertInfo
- SetContentIdentifierParameters
- SkipCondition
- SlowAttackDefense
- SlowPostConfig
- SlowRateConfig
- SmartRouting
- SmartRoutingParameters
- StandardDebug
- StandardDebugParameters
- StatusCodeCacheParam
- StatusCodeCacheParameters
- SubRule
- SubRuleItem
- Sv
- SwitchConfig
- TCCaptchaOption
- TCRCEOption
- TLSConfigParameters
- Tag
- Task
- TemplateConfig
- TemplateScope
- TimingDataItem
- TimingDataRecord
- TimingTypeValue
- TopDataRecord
- TopDetailData
- TopEntry
- TopEntryValue
- URLPath
- UpstreamCertInfo
- UpstreamFollowRedirectParameters
- UpstreamHTTP2Parameters
- UpstreamHttp2
- UpstreamRequestCookie
- UpstreamRequestParameters
- UpstreamRequestQueryString
- UpstreamURLRewriteParameters
- VanityNameServers
- VanityNameServersIps
- VaryParameters
- VideoTemplateInfo
- Waf
- WafConfig
- WafRule
- WebSocket
- WebSocketParameters
- Zone
- ZoneConfig
- ZoneConfigParameters
- ZoneInfo
- ZoneSetting