API
  • History
  • Introduction
  • API Category
  • Making API Requests
    • Request Structure
    • Common Params
    • Signature v3
    • Signature
    • Responses
  • Site APIs
    • CreateZone
    • DescribeIdentifications
    • ModifyZone
    • DeleteZone
    • ModifyZoneStatus
    • CheckCnameStatus
    • IdentifyZone
    • DescribeZones
    • VerifyOwnership
  • Acceleration Domain Management APIs
    • CreateAccelerationDomain
    • DescribeAccelerationDomains
    • ModifyAccelerationDomain
    • ModifyAccelerationDomainStatuses
    • DeleteAccelerationDomains
    • CreateSharedCNAME
    • BindSharedCNAME
    • DeleteSharedCNAME
  • Site Acceleration Configuration APIs
    • CreateRule
    • DeleteRules
    • DescribeHostsSetting
    • DescribeRules
    • DescribeRulesSetting
    • DescribeZoneSetting
    • ModifyRule
    • ModifyZoneSetting
  • Alias Domain APIs
    • CreateAliasDomain
    • DescribeAliasDomains
    • ModifyAliasDomain
    • ModifyAliasDomainStatus
    • DeleteAliasDomain
  • Security Configuration APIs
    • CreateSecurityIPGroup
    • DescribeSecurityIPGroup
    • ModifySecurityIPGroup
    • DeleteSecurityIPGroup
    • DescribeOriginProtection
    • DescribeSecurityTemplateBindings
    • ModifySecurityPolicy
    • BindSecurityTemplateToEntity
    • DescribeSecurityIPGroupInfo
  • Layer 4 Application Proxy APIs
    • CreateL4Proxy
    • ModifyL4Proxy
    • ModifyL4ProxyStatus
    • DescribeL4Proxy
    • DeleteL4Proxy
    • CreateL4ProxyRules
    • ModifyL4ProxyRules
    • ModifyL4ProxyRulesStatus
    • DescribeL4ProxyRules
    • DeleteL4ProxyRules
    • CreateApplicationProxy
    • ModifyApplicationProxy
    • ModifyApplicationProxyStatus
    • DescribeApplicationProxies
    • DeleteApplicationProxy
    • CreateApplicationProxyRule
    • ModifyApplicationProxyRule
    • ModifyApplicationProxyRuleStatus
    • DeleteApplicationProxyRule
  • Content Management APIs
    • CreatePurgeTask
    • DescribePurgeTasks
    • CreatePrefetchTask
    • DescribePrefetchTasks
    • DescribeContentQuota
  • Data Analysis APIs
    • DescribeDDoSAttackData
    • DescribeDDoSAttackEvent
    • DescribeDDoSAttackTopData
    • DescribeOverviewL7Data
    • DescribeTimingL4Data
    • DescribeTimingL7AnalysisData
    • DescribeTopL7AnalysisData
    • DescribeTimingL7CacheData
    • DescribeTopL7CacheData
  • Log Service APIs
    • DownloadL7Logs
    • DownloadL4Logs
    • CreateCLSIndex
    • CreateRealtimeLogDeliveryTask
    • ModifyRealtimeLogDeliveryTask
    • DeleteRealtimeLogDeliveryTask
    • DescribeRealtimeLogDeliveryTasks
  • Billing APIs
    • CreatePlan
    • UpgradePlan
    • RenewPlan
    • ModifyPlan
    • IncreasePlanQuota
    • DestroyPlan
    • CreatePlanForZone
    • BindZoneToPlan
    • DescribeBillingData
    • DescribeAvailablePlans
  • Certificate APIs
    • DescribeDefaultCertificates
    • ModifyHostsCertificate
  • Load Balancing APIs
    • CreateOriginGroup
    • ModifyOriginGroup
    • DeleteOriginGroup
    • DescribeOriginGroup
  • Custom Response Page APIs
    • CreateCustomizeErrorPage
    • DescribeCustomErrorPages
    • ModifyCustomErrorPage
    • DeleteCustomErrorPage
  • Diagnostic Tool APIs
    • DescribeIPRegion
  • Version Management APIs
    • CreateConfigGroupVersion
    • DeployConfigGroupVersion
    • DescribeConfigGroupVersionDetail
    • DescribeConfigGroupVersions
    • DescribeDeployHistory
    • DescribeEnvironments
  • Data Types
  • Error Codes
このページは現在英語版のみで提供されており、日本語版も近日中に提供される予定です。ご利用いただきありがとうございます。

Data Types

AccelerateMainland

Cross-MLC-border acceleration.

Used by actions: CreateApplicationProxy, DescribeApplicationProxies, DescribeZoneSetting, ModifyApplicationProxy.

NameTypeRequiredDescription
SwitchStringYesWhether to enable Cross-MLC-border acceleration. Valid values:
  • on: Enable;
  • off: Disable.
  • AccelerateType

    Acceleration type

    Used by actions: DescribeHostsSetting.

    NameTypeRequiredDescription
    SwitchStringYesAcceleration switch. Values:
  • on: Enable
  • off: Disable
  • AccelerationDomain

    Accelerated domain name

    Used by actions: DescribeAccelerationDomains.

    NameTypeDescription
    ZoneIdStringID of the site.
    DomainNameStringAccelerated domain name
    DomainStatusStringStatus of the accelerated domain name. Values:
  • online: Activated
  • process: Being deployed
  • offline: Disabled
  • forbidden: Blocked
  • init: Pending activation
  • OriginDetailOriginDetailDetails of the origin.
    Note: This field may return null, indicating that no valid values can be obtained.
    OriginProtocolStringOrigin-pull protocol configuration. Values:
  • FOLLOW: Follow the protocol of origin
  • HTTP: Send requests to the origin over HTTP
  • HTTPS: Send requests to the origin over HTTPS

  • Note: This field may return·null, indicating that no valid values can be obtained.
    HttpOriginPortIntegerThe port used for HTTP origin-pull requests
    Note: This field may return·null, indicating that no valid values can be obtained.
    HttpsOriginPortIntegerThe port used for HTTPS origin-pull requests
    Note: This field may return·null, indicating that no valid values can be obtained.
    IPv6StatusStringIPv6 status. Values:
  • follow: Follow the IPv6 configuration of the site
  • on: Enable
  • off: Disable

  • Note: This field may return·null, indicating that no valid values can be obtained.
    CnameStringThe CNAME address.
    IdentificationStatusStringOwnership verification status. Values:
  • pending: Pending verification
  • finished: Verified

  • Note: This field may return null, indicating that no valid values can be obtained.
    CreatedOnTimestamp ISO8601Creation time of the accelerated domain name.
    ModifiedOnTimestamp ISO8601Modification time of the accelerated domain name.
    OwnershipVerificationOwnershipVerificationInformation required to verify the ownership of a domain name.
    Note: This field may return·null, indicating that no valid values can be obtained.
    CertificateAccelerationDomainCertificateDomain name certificate information
    Note: This field may return·null, indicating that no valid values can be obtained.

    AccelerationDomainCertificate

    Information of the acceleration domain name certificate.

    Used by actions: DescribeAccelerationDomains.

    NameTypeRequiredDescription
    ModeStringNoCertificate configuration mode. Values:
  • disable: Do not configure the certificate;
  • eofreecert: Use a free certificate provided by EdgeOne;
  • sslcert: Configure an SSL certificate.
  • ListArray of CertificateInfoNoList of server certificates. The relevant certificates are deployed on the entrance side of the EO.
    Note: This field may return null, which indicates a failure to obtain a valid value.
    ClientCertInfoMutualTLSNoIn the edge mutual authentication scenario, this field represents the client's CA certificate, which is deployed inside the EO node and used for EO node authentication of the client certificate.
    UpstreamCertInfoUpstreamCertInfoNoThe certificate carried during EO node origin-pull is used when the origin server enables the mutual authentication handshake to validate the client certificate, ensuring that the request originates from a trusted EO node.

    AclCondition

    The condition that makes up an access control rule

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    MatchFromStringYesFilters:
  • host: Request domain name;
  • sip: Client IP;
  • ua: User-Agent;
  • cookie: Cookie;
  • cgi: CGI script;
  • xff: XFF header;
  • url: Request URL;
  • accept: Request content type;
  • method: Request method<;/li>
  • header: Request header;
  • app_proto: Application layer protocol;
  • sip_proto: Network layer protocol;
  • uabot: UA rules (only available in custom bot rules);
  • idcid: IDC rules (only available in custom bot rules);
  • sipbot: Search engine rules (only available in custom bot rules);
  • portrait: Client reputation (only available in custom bot rules);
  • header_seq: Header sequence (only available in custom bot rules);
  • hdr: Request body (only available in custom Web protection rules).
  • MatchParamStringYesThe parameter of the field. When MatchFrom = header, the key contained in the header can be passed.
    OperatorStringYesThe logical operator. Values:
  • equal: Value equals
  • not_equal: Value not equals
  • include: String contains
  • not_include: String not contains
  • match: IP matches
  • not_match: IP not matches
  • include_area: Regions contain
  • is_empty: Value left empty
  • not_exists: Key fields not exist
  • regexp: Regex matches
  • len_gt: Value greater than
  • len_lt: Value smaller than
  • len_eq: Value equals
  • match_prefix: Prefix matches
  • match_suffix: Suffix matches
  • wildcard: Wildcard
  • MatchContentStringYesThe content to match.

    AclConfig

    ACL configuration

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesSwitch. Values:
  • on: Enable
  • off: Disable
  • AclUserRulesArray of AclUserRuleYesThe custom rule.
    CustomizesArray of AclUserRuleNoCustom managed rules
    Note: This field may return null, indicating that no valid value can be obtained.

    AclUserRule

    The custom rule

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    RuleNameStringYesThe rule name.
    ActionStringYesThe action. Values:
  • trans: Allow
  • drop: Block the request
  • monitor: Observe
  • ban: Block the IP
  • redirect: Redirect the request
  • page: Return the specified page
  • alg: JavaScript challenge
  • RuleStatusStringYesThe rule status. Values:
  • on: Enabled
  • off: Disabled
  • AclConditionsArray of AclConditionYesThe custom rule.
    RulePriorityIntegerYesThe rule priority. Value range: 0-100.
    RuleIDIntegerNoRule ID, which is only used as an output parameter.
    UpdateTimeStringNoThe update time, which is only used as an output parameter.
    PunishTimeIntegerNoIP ban duration. Range: 0-2 days. It's required when Action=ban.
    PunishTimeUnitStringNoThe unit of the IP ban duration. Values:
  • second: Second
  • minutes: Minute
  • hour: Hour
  • Default value: second.
    NameStringNoName of the custom return page. It's required when Action=page.
    PageIdIntegerNo(Disused) ID of the custom return page. The default value is 0, which means that the system default blocking page is used.
    CustomResponseIdStringNoID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Action=page.
    ResponseCodeIntegerNoThe response code to trigger the return page. It's required when Action=page. Value: 100-600. 3xx response codes are not supported. Default value: 567.
    RedirectUrlStringNoThe redirection URL. It's required when Action=redirect.

    Action

    Rule engine action. Each feature supports only one of the following three action types. The RuleAction array can be of only one of the following types. For all details, see DescribeRulesSetting.

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    NormalActionNormalActionNoCommon feature operations. The options for this category include:
  • Access URL overriding (AccessUrlRedirect);
  • Origin URL overriding (UpstreamUrlRedirect);
  • QUIC;
  • WebSocket;
  • Video dragging (VideoSeek);
  • Token authentication (Authentication);
  • Custom CacheKey (CacheKey);
  • Node caching TTL (Cache);
  • Browser caching TTL (MaxAge);
  • Offline caching (OfflineCache);
  • Smart routing (SmartRouting);
  • Range-based origin pull (RangeOriginPull);
  • HTTP/2 origin pull (UpstreamHttp2);
  • Host header overriding (HostHeader);
  • Forced HTTPS (ForceRedirect);
  • HTTPS origin pull (OriginPullProtocol);
  • Cache pre-refresh (CachePrefresh);
  • Smart compression (Compression);
  • Hsts;
  • ClientIpHeader;
  • SslTlsSecureConf;
  • OcspStapling;
  • HTTP/2 access (Http2);
  • Redirection during origin pull (UpstreamFollowRedirect);
  • Modifying origin server (Origin);
  • Layer 7 origin pull timeout (HTTPUpstreamTimeout);
  • HTTP response (HttpResponse).

  • Note: This field may return null, indicating that no valid values can be obtained.
    RewriteActionRewriteActionNoFeature operation with a request/response header. Features of this type include:
  • RequestHeader: HTTP request header modification.
  • ResponseHeader: HTTP response header modification.

  • Note: This field may return null, indicating that no valid values can be obtained.
    CodeActionCodeActionNoFeature operation with a status code. Features of this type include:
  • ErrorPage: Custom error page.
  • StatusCodeCache: Status code cache TTL.

  • Note: This field may return null, indicating that no valid values can be obtained.

    AdvancedFilter

    Key-value pair filters for conditional filtering queries and fuzzy queries, such as filtering ID, name, and status.
    If more than one filter exists, the logical relationship between these filters is AND.
    If one filter has multiple values, the logical relationship between these values is OR.

    Used by actions: DescribeAccelerationDomains, DescribeAliasDomains, DescribeConfigGroupVersions, DescribeCustomErrorPages, DescribeDeployHistory, DescribeOriginGroup, DescribePrefetchTasks, DescribePurgeTasks, DescribeRealtimeLogDeliveryTasks, DescribeZones.

    NameTypeRequiredDescription
    NameStringYesField to be filtered.
    ValuesArray of StringYesValue of the filtered field.
    FuzzyBooleanNoWhether to enable fuzzy query.

    AiRule

    AI rule engine

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ModeStringYesThe status of the AI rule engine. Values:
  • smart_status_close: Disabled
  • smart_status_open: Block
  • smart_status_observe: Observe
  • AlgDetectJS

    Validate client behavior.

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    NameStringNoMethod to validate client behavior.
    WorkLevelStringNoProof-of-work strength. Values:
  • low (default): Low
  • middle: Medium
  • high: High
  • ExecuteModeIntegerNoImplement a delay before executing JS in milliseconds. Value range: 0-1000. Default value: 500.
    InvalidStatTimeIntegerNoThe period threshold for validating the result "Client JS disabled" in seconds. Value range: 5-3600. Default value: 10.
    InvalidThresholdIntegerNoThe number of times for the result "Client JS disabled" occurred in the specified period. Value range: 1-100000000. Default value: 30.
    AlgDetectResultsArray of AlgDetectResultNoClient behavior validation results.

    AlgDetectResult

    Active bot detection results.

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ResultStringNoThe validation result. Values:
  • invalid: Invalid Cookie
  • cookie_empty: No Cookie/Cookie expired
  • js_empty: Client JS disabled
  • low: Low-risk session
  • middle: Medium-risk session
  • high: High-risk session
  • timeout: JS validation timed out
  • not_browser: Invalid browser
  • is_bot: Bot client
  • ActionStringNoThe action. Values:
  • drop: Block
  • monitor: Observe
  • silence: Drop w/o response
  • shortdelay: Add short latency
  • longdelay: Add long latency
  • AlgDetectRule

    Active bot detection rule.

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    RuleIDIntegerNoID of the rule.
    RuleNameStringNoName of the rule.
    SwitchStringNoWhether to enable the rule.
    AlgConditionsArray of AclConditionNoCondition specified for the rule.
    AlgDetectSessionAlgDetectSessionNoValidate Cookie when the condition is satisfied.
    Note: This field may return null, indicating that no valid values can be obtained.
    AlgDetectJSArray of AlgDetectJSNoValidate client behavior when the condition is satisfied.
    UpdateTimeStringNoThe update time, which is only used as an output parameter.

    AlgDetectSession

    Validate Cookie.

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    NameStringNoMethod to validate Cookie.
    DetectModeStringNoThe validation mode. Values:
  • detect: Validate only
  • update_detect (default): Update Cookie and validate
  • SessionAnalyzeSwitchStringNoWhether to enable Cookie-based session check. The default value is off. Values:
  • off: Disable
  • on: Enable
  • InvalidStatTimeIntegerNoThe period threshold for validating the result "No Cookie/Cookie expired" in seconds. Value range: 5-3600. Default value: 10.
    InvalidThresholdIntegerNoThe number of times for the result "No Cookie/Cookie expired" occurred in the specified period. Value range: 1-100000000. Default value: 300.
    AlgDetectResultsArray of AlgDetectResultNoCookie validation results.
    SessionBehaviorsArray of AlgDetectResultNoCookie-based session check results.

    AliasDomain

    Information of the alias domain name

    Used by actions: DescribeAliasDomains.

    NameTypeDescription
    AliasNameStringThe alias domain name.
    ZoneIdStringThe site ID.
    TargetNameStringThe target domain name.
    StatusStringStatus of the alias domain name. Values:
  • active: Activated
  • pending: Deploying
  • conflict: Reclaimed
  • stop: Stopped
  • ForbidModeIntegerThe blocking mode. Values:
  • 0: Not blocked
  • 11: Blocked due to regulatory compliance
  • 14: Blocked due to ICP filing not obtained
  • CreatedOnTimestamp ISO8601Creation time of the alias domain name.
    ModifiedOnTimestamp ISO8601Modification time of the alias domain name.

    ApplicationProxy

    Application proxy instance

    Used by actions: DescribeApplicationProxies.

    NameTypeDescription
    ZoneIdStringThe site ID.
    ZoneNameStringThe site name.
    ProxyIdStringThe proxy ID.
    ProxyNameStringThe domain name or subdomain name when ProxyType=hostname.
    The instance name when ProxyType=instance.
    ProxyTypeStringThe proxy type. Values:
  • hostname: The proxy is created by subdomain name.
  • instance: The proxy is created by instance.
  • PlatTypeStringThe scheduling mode. Values:
  • ip: Schedule via Anycast IP.
  • domain: Schedule via CNAME.
  • AreaStringAcceleration region. Values:
  • mainland: Chinese mainland.
  • overseas: Global (outside the Chinese mainland);

  • Default value: overseas.
    SecurityTypeIntegerWhether to enable security protection. Values:
  • 0: Disable security protection.
  • 1: Enable security protection.
  • AccelerateTypeIntegerWhether to enable acceleration. Values:
  • 0: Disable acceleration.
  • 1: Enable acceleration.
  • SessionPersistTimeIntegerThe session persistence duration.
    StatusStringThe rule status. Values:
  • online: Enabled
  • offline: Disabled
  • progress: Deploying
  • stopping: Disabling
  • fail: Failed to deploy or disable
  • BanStatusStringThe blocking status of the proxy. Values:
  • banned: Blocked
  • banning: Blocking
  • recover: Unblocked
  • recovering: Unblocking
  • ScheduleValueArray of StringScheduling information.
    HostIdStringWhen ProxyType=hostname:
    This field indicates the unique ID of the subdomain name.
    Ipv6Ipv6The IPv6 access configuration.
    UpdateTimeTimestamp ISO8601The update time.
    ApplicationProxyRulesArray of ApplicationProxyRuleList of rules.
    AccelerateMainlandAccelerateMainlandCross-MLC-border acceleration.

    ApplicationProxyRule

    Application proxy rule

    Used by actions: CreateApplicationProxy, DescribeApplicationProxies.

    NameTypeRequiredDescription
    ProtoStringYesProtocol. Valid values:
  • TCP: TCP protocol;
  • UDP: UDP protocol.
  • PortArray of StringYesPort. Supported formats:
  • A single port, such as 80.
  • A port range, such as 81-82, indicating two ports 81 and 82.

  • Note: Up to 20 ports can be input for each rule.
    OriginTypeStringYesOrigin server type. Valid values:
  • custom: manually added;
  • loadbalancer: cloud load balancer;
  • origins: origin server group.
  • OriginValueArray of StringYesOrigin server information.
  • When OriginType is custom, it indicates one or more origin servers, such as ["8.8.8.8","9.9.9.9"] or OriginValue=["test.com"];
  • When OriginType is loadbalancer, it indicates a cloud load balancer, such as ["lb-xdffsfasdfs"];
  • When OriginType is origins, it requires one and only one element, indicating the origin server group ID, such as ["origin-537f5b41-162a-11ed-abaa-525400c5da15"].
  • RuleIdStringNoRule ID.
    StatusStringNoStatus. Valid values:
  • online: enabled;
  • offline: disabled;
  • progress: deploying;
  • stopping: disabling;
  • fail: deployment or disabling failed.
  • ForwardClientIpStringNoPassing the client IP address. Valid values:
  • TOA: passing via TOA, available only when Proto = TCP;
  • PPV1: passing via Proxy Protocol V1, available only when Proto = TCP;
  • PPV2: passing via Proxy Protocol V2;
  • OFF: no passing.
  • Default value: OFF.
    SessionPersistBooleanNoWhether to enable session persistence. Valid values:
  • true: Enable;
  • false: Disable.
  • Default value: false.
    SessionPersistTimeIntegerNoDuration for session persistence. The value takes effect only when SessionPersist is true.
    Note: This field may return null, which indicates a failure to obtain a valid value.
    OriginPortStringNoOrigin server port. Supported formats:
  • A single port, such as 80.
  • A port range, such as 81-82, indicating two ports 81 and 82.
  • RuleTagStringNoRule tag.
    Note: This field may return null, which indicates a failure to obtain a valid value.

    AscriptionInfo

    The site ownership information

    Used by actions: DescribeIdentifications, IdentifyZone.

    NameTypeDescription
    SubdomainString
    RecordTypeStringThe record type.
    RecordValueStringThe record value.

    BillingData

    Billing data item

    Used by actions: DescribeBillingData.

    NameTypeDescription
    TimeTimestamp ISO8601Time.
    ValueIntegerValue.

    BillingDataFilter

    Billing data filter criteria.

    Used by actions: DescribeBillingData.

    NameTypeRequiredDescription
    TypeStringYesParameter name.
    ValueStringYesParameter value.

    BindSharedCNAMEMap

    Bindings between a shared CNAME and connected domain names

    Used by actions: BindSharedCNAME.

    NameTypeRequiredDescription
    SharedCNAMEStringYesThe shared CNAME to be bound with or unbound from.
    DomainNamesArray of StringYesAcceleration domains (up to 20).

    BotConfig

    Bot security configuration

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable bot security. Values:
  • on: Enable
  • off: Disable
  • BotManagedRuleBotManagedRuleNoThe settings of the bot managed rule. If it is null, the settings that were last configured will be used.
    BotPortraitRuleBotPortraitRuleNoThe settings of the client reputation rule. If it is null, the settings that were last configured will be used.
    IntelligenceRuleIntelligenceRuleNoThe bot intelligence settings. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid values can be obtained.
    BotUserRulesArray of BotUserRuleNoSettings of the custom bot rule. If it is null, the settings that were last configured will be used.
    AlgDetectRuleArray of AlgDetectRuleNoActive bot detection rule.
    CustomizesArray of BotUserRuleNoSettings of the bot managed rule. It is only used for output.
    Note: This field may return null, indicating that no valid values can be obtained.

    BotExtendAction

    Bot extended actions

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ActionStringYesAction. Valid values:
  • monitor: Observe;
  • alg: JavaScript challenge;
  • captcha: Managed challenge;
  • random: Actions are executed based on the percentage specified in ExtendActions;
  • silence: Silence;
  • shortdelay: Add short latency;
  • longdelay: Add long latency.
  • PercentIntegerNoThe probability for triggering the action. Value range: 0-100.
    Note: This field may return null, indicating that no valid values can be obtained.

    BotManagedRule

    Bot managed rules. The rule IDs can be obtained from the output of DescribeBotManagedRules.

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ActionStringYesThe rule action. Values:
  • drop: Block
  • trans: Allow
  • alg: JavaScript challenge
  • monitor: Observe
  • RuleIDIntegerNoThe rule ID, which is only used as an output parameter.
    TransManagedIdsArray of IntegerNoThe ID of the rule that applies the "Allow" action.
    Note: This field may return null, indicating that no valid values can be obtained.
    AlgManagedIdsArray of IntegerNoThe ID of the rule that applies the "JavaScript challenge" action.
    Note: This field may return null, indicating that no valid values can be obtained.
    CapManagedIdsArray of IntegerNoThe ID of the rule that applies the "Managed challenge" action.
    Note: This field may return null, indicating that no valid values can be obtained.
    MonManagedIdsArray of IntegerNoThe ID of the rule that applies the "Observe" action.
    Note: This field may return null, indicating that no valid values can be obtained.
    DropManagedIdsArray of IntegerNoThe ID of the rule that applies the "Block" action.
    Note: This field may return null, indicating that no valid values can be obtained.

    BotPortraitRule

    Bot user portrait rules

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesSwitch. Values:
  • on: Enable
  • off: Disable
  • RuleIDIntegerNoThe rule ID, which is only used as an output parameter.
    AlgManagedIdsArray of IntegerNoThe ID of the rule that applies the "JavaScript challenge" action.
    Note: This field may return null, indicating that no valid values can be obtained.
    CapManagedIdsArray of IntegerNoThe ID of the rule that applies the "Managed challenge" action.
    Note: This field may return null, indicating that no valid values can be obtained.
    MonManagedIdsArray of IntegerNoThe ID of the rule that applies the "Observe" action.
    Note: This field may return null, indicating that no valid values can be obtained.
    DropManagedIdsArray of IntegerNoThe ID of the rule that applies the "Block" action.
    Note: This field may return null, indicating that no valid values can be obtained.

    BotUserRule

    Custom bot rules

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    RuleNameStringYes
    ActionStringYesThe action. Values:
  • drop: Block the request
  • monitor: Observe
  • trans: Allow
  • redirect: Redirect the request
  • page: Return the specified page
  • alg: JavaScript challenge
  • captcha: Managed challenge
  • random: Handle the request randomly by the weight
  • silence: Keep the connection but do not response to the client
  • shortdelay: Add a short latency period
  • longdelay: Add a long latency period
  • RuleStatusStringYesThe rule status. Values:
  • on: Enabled
  • off: Disabled
  • Default value: on
    AclConditionsArray of AclConditionYesDetails of the rule.
    RulePriorityIntegerYesThe rule weight. Value range: 0-100.
    RuleIDIntegerNoRule ID, which is only used as an output parameter.
    ExtendActionsArray of BotExtendActionNo[Currently unavailable] Specify the random action and percentage.
    FreqFieldsArray of StringNoThe filter. Values:
  • sip: Client IP

  • This parameter is left empty by default.
    UpdateTimeStringNoThe update time, which is only used as an output parameter.
    FreqScopeArray of StringNoQuery scope. Values:
  • source_to_eo: (Response) Traffic going from the origin to EdgeOne.
  • client_to_eo: (Request) Traffic going from the client to EdgeOne.

  • Default: source_to_eo.
    NameStringNoName of the custom return page. It's required when Action=page.
    CustomResponseIdStringNoID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Action=page.
    ResponseCodeIntegerNoThe response code to trigger the return page. It's required when Action=page. Value: 100-600. 3xx response codes are not supported. Default value: 567.
    RedirectUrlStringNoThe redirection URL. It's required when Action=redirect.

    CC

    CC configuration item.

    Used by actions: DescribeHostsSetting.

    NameTypeRequiredDescription
    SwitchStringYesWAF switch. Values:
  • on: Enable
  • off: Disable
  • PolicyIdIntegerNoID of the policy

    CLSTopic

    The configuration information of real-time log delivery to Tencent Cloud CLS

    Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks.

    NameTypeRequiredDescription
    LogSetIdStringYesThe ID of the Tencent Cloud CLS log set.
    TopicIdStringYesThe ID of the Tencent Cloud CLS log topic.
    LogSetRegionStringYesThe region of the Tencent Cloud CLS log set.

    Cache

    Cache time settings

    Used by actions: DescribeHostsSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable cache configuration. Values:
  • on: Enable
  • off: Disable
  • CacheTimeIntegerNoCache expiration time setting.
    Unit: second. The maximum value is 365 days.
    Note: This field may return null, indicating that no valid values can be obtained.

    CacheConfig

    Cache rule configuration.

    Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    CacheCacheNoCache configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    NoCacheNoCacheNoNo-cache configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    FollowOriginFollowOriginNoFollows the origin server configuration
    Note: This field may return null, indicating that no valid values can be obtained.

    CacheKey

    The cache key configuration.

    Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    FullUrlCacheStringNoWhether to enable full-path cache. Values:
  • on: Enable full-path cache (i.e., disable Ignore Query String).
  • off: Disable full-path cache (i.e., enable Ignore Query String).

  • Note: This field may return null, indicating that no valid values can be obtained.
    IgnoreCaseStringNoWhether to ignore case in the cache key. Values:
  • on: Ignore
  • off: Not ignore

  • Note: This field may return null, indicating that no valid values can be obtained.
    QueryStringQueryStringNoRequest parameter contained in CacheKey.
    Note: This field may return null, indicating that no valid values can be obtained.

    CachePrefresh

    Cache prefresh

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable cache prefresh. Values:
  • on: Enable
  • off: Disable
  • PercentIntegerNoThe cache prefresh percentage. Values: 1-99
    Note: This field may return null, indicating that no valid values can be obtained.

    CacheTag

    The information attached when the node cache purge type is set to purge_cache_tag.

    Used by actions: CreatePurgeTask.

    NameTypeRequiredDescription
    DomainsArray of StringYesList of domain names to purge cache for.

    CertificateInfo

    HTTPS server certificate configuration

    Used by actions: DescribeAccelerationDomains, ModifyHostsCertificate.

    NameTypeRequiredDescription
    CertIdStringYesCertificate ID, which originates from the SSL side. You can check the CertId from the SSL Certificate List.
    AliasStringNoAlias of the certificate.
    TypeStringNoType of the certificate. Values:
  • default: Default certificate
  • upload: Specified certificate
  • managed: Tencent Cloud-managed certificate
  • ExpireTimeTimestamp ISO8601NoThe certificate expiration time.
    DeployTimeTimestamp ISO8601NoTime when the certificate is deployed.
    SignAlgoStringNoSignature algorithm.
    StatusStringNoStatus of the certificate. Values:
    u200c
  • deployed: The deployment has completed

  • u200c
  • processing: Deployment in progress

  • u200c
  • applying: Application in progress

  • u200c
  • failed: Application rejected
  • issued: Binding failed.
  • CheckRegionHealthStatus

    Health status of origin servers in each health check region.

    Used by actions: DescribeOriginGroupHealthStatus.

    NameTypeDescription
    RegionStringHealth check region, which is a two-letter code according to ISO-3166-1.
    HealthyStringHealth status of origin servers in a single health check region. Valid values:
  • Healthy: healthy.
  • Unhealthy: unhealthy.
  • Undetected: no data detected.
  • Note: If all origin servers in a single health check region are healthy, the status is healthy; otherwise, it is unhealthy.
    OriginHealthStatusArray of OriginHealthStatusOrigin server health status.

    ClientIpCountry

    Location information of the client IP carried in origin-pull. It is formatted as a two-letter ISO-3166-1 country/region code.

    Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable configuration. Values:
  • on: Enable
  • off: Disable
  • HeaderNameStringNoName of the request header that contains the client IP region. It is valid when Switch=on.
    The default value EO-Client-IPCountry is used when it is not specified.

    ClientIpHeader

    The client IP header configuration

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable the configuration. Values:
  • on: Enable
  • off: Disable
  • HeaderNameStringNoName of the request header containing the client IP address for origin-pull. When Switch is on, this parameter is required. X-Forwarded-For is not allowed for this parameter.
    Note: This field may return null, which indicates a failure to obtain a valid value.

    CnameStatus

    CNAME status

    Used by actions: CheckCnameStatus.

    NameTypeDescription
    RecordNameStringThe domain name.
    CnameStringThe CNAME address.
    Note: This field may return null, indicating that no valid values can be obtained.
    StatusStringThe CNAME status. Values:
  • active: Activated
  • moved: Not activated

  • Note: This field may return null, indicating that no valid values can be obtained.

    CodeAction

    Rule engine action with a status code

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    ActionStringYesFeature name. For details, see DescribeRulesSetting API
    ParametersArray of RuleCodeActionParamsYesOperation parameter.

    Compression

    Smart compression configuration.

    Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable smart compression. Values:
  • on: Enable
  • off: Disable
  • AlgorithmsArray of StringNoCompression algorithm. Values:
  • brotli: Brotli algorithm
  • gzip: Gzip algorithm

  • Note: This field may return null, indicating that no valid values can be obtained.

    ConfigGroupVersionInfo

    Version information about the configuration group.

    Used by actions: DeployConfigGroupVersion, DescribeConfigGroupVersionDetail, DescribeConfigGroupVersions, DescribeDeployHistory, DescribeEnvironments.

    NameTypeRequiredDescription
    VersionIdStringYesVersion ID.
    VersionNumberStringNoVersion No.
    GroupIdStringNoConfiguraration group ID.
    GroupTypeStringNoConfiguration group type. Valid values:
  • l7_acceleration: L7 acceleration configuration group.
  • edge_functions: Edge function configuration group.
  • DescriptionStringNoVersion description.
    StatusStringNoVersion status. Valid values:
  • creating: Being created.
  • inactive: Not effective.
  • active: Effective.
  • CreateTimeTimestamp ISO8601NoVersion creation time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).

    CustomEndpoint

    The configuration information of real-time log delivery to a custom HTTP(S) interface

    Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

    NameTypeRequiredDescription
    UrlStringYesAddress of the custom HTTP API for real-time log shipping. Currently, only HTTP and HTTPS protocols are supported.
    AccessIdStringNoCustom SecretId used for generating an encrypted signature. This parameter is required if the origin server needs authentication.
    AccessKeyStringNoCustom SecretKey used for generating an encrypted signature. This parameter is required if the origin server needs authentication.
    CompressTypeStringNoType of data compression. Valid values:
  • gzip: gzip compression.
  • If this parameter is not input, compression is disabled.
    ProtocolStringNoType of the application layer protocol used in POST requests for log shipping. Valid values:
  • http: HTTP protocol;
  • https: HTTPS protocol.
  • If this parameter is not input, the protocol type is parsed from the URL field.
    HeadersArray of HeaderNoCustom request header carried in log shipping. For a header carried by default in EdgeOne log pushing, such as Content-Type, the header value you input will overwrite the default value. The header value references a single variable ${batchSize} to obtain the number of log entries included in each POST request.

    CustomErrorPage

    Custom error code page structure.

    Used by actions: DescribeCustomErrorPages.

    NameTypeDescription
    PageIdStringCustom error page ID.
    ZoneIdStringZone ID.
    NameStringCustom error page name.
    ContentTypeStringCustom error page type.
    DescriptionStringCustom error page description.
    ContentStringCustom error page content.
    ReferencesArray of ErrorPageReferenceCustom error page reference.

    CustomField

    The custom log field in a real-time log delivery task.

    Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

    NameTypeRequiredDescription
    NameStringYesType of the custom log filed, which indicates extracting data from a specified position in HTTP requests and responses. Valid values:
  • ReqHeader: Extract the value of a specified field from an HTTP request header;
  • RspHeader: Extract the value of a specified field from an HTTP response header;
  • Cookie: Extract the value of a specified field from a cookie;
  • ReqBody: Extract specified content from an HTTP request body using a Google RE2 regular expression.

  • Note: This field may return null, which indicates a failure to obtain a valid value.
    ValueStringYesEnter the definition of the field value based on the field type (Name). This parameter is case-sensitive.
  • When the field type is ReqHeader, RspHeader, or Cookie, enter the name of the parameter for which you need to extract the value, such as Accept-Language. You can enter 1-100 characters. The name should start with a letter, contain letters, digits, and hyphens (-) in the middle, and end with a letter or digit.
  • When the field type is ReqBody, enter the Google RE2 regular expression. The maximum length of the regular expression is 4 KB.

  • Note: This field may return null, which indicates a failure to obtain a valid value.
    EnabledBooleanNoIndicates whether to deliver this field. If not filled in, this field will not be delivered.
    Note: This field may return null, indicating that no valid values can be obtained.

    CustomizedHeader

    Custom header that can be configured for HTTP/HTTPS health check policies under a LoadBalancer.

    Used by actions: CreateLoadBalancer, ModifyLoadBalancer.

    NameTypeRequiredDescription
    KeyStringYesCustom header key.
    Note: This field may return null, which indicates a failure to obtain a valid value.
    ValueStringYesCustom header value.
    Note: This field may return null, which indicates a failure to obtain a valid value.

    DDoS

    DDoS mitigation configuration

    Used by actions: DescribeHostsSetting.

    NameTypeRequiredDescription
    SwitchStringYesSwitch. Values:
  • on: Enable
  • off: Disable
  • DDoSAttackEvent

    Information of the DDoS attacker

    Used by actions: DescribeDDoSAttackEvent.

    NameTypeDescription
    EventIdStringThe event ID.
    AttackTypeStringThe attack type.
    AttackStatusIntegerThe attack status.
    AttackMaxBandWidthIntegerThe maximum attack bandwidth.
    AttackPacketMaxRateIntegerThe peak attack packet rate.
    AttackStartTimeIntegerThe attack start time recorded in seconds.
    AttackEndTimeIntegerThe attack end time recorded in seconds.
    PolicyIdIntegerThe DDoS policy ID.
    Note: This field may return null, indicating that no valid value was found.
    ZoneIdStringThe site ID.
    Note: This field may return null, indicating that no valid value was found.
    AreaStringGeolocation scope. Values:
  • overseas: Regions outside the Chinese mainland
  • mainland: Chinese mainland

  • Note: This field may return null, indicating that no valid value was found.
    DDoSBlockDataArray of DDoSBlockDataThe blocking time of a DDoS attack.
    Note: This field may return null, indicating that no valid value was found.

    DDoSBlockData

    DDoS blocking details

    Used by actions: DescribeDDoSAttackEvent.

    NameTypeDescription
    StartTimeIntegerThe start time recorded in UNIX timestamp.
    EndTimeIntegerThe end time recorded in UNIX timestamp. 0 indicates the blocking is ongoing.
    BlockAreaStringThe regions blocked.

    DDosProtectionConfig

    Exclusive DDoS protection specifications configuration applicable to Layer 4 proxy or web site service.

    Used by actions: CreateL4Proxy, DescribeL4Proxy.

    NameTypeRequiredDescription
    LevelMainlandStringNoDedicated anti-DDoS specifications in the Chinese mainland. For details, refer to Dedicated Anti-DDoS Related Fees.
  • PLATFORM: uses the default protection. Dedicated anti-DDoS is not enabled;
  • BASE30_MAX300: uses dedicated anti-DDoS, which provides 30 Gbps guaranteed protection bandwidth and up to 300 Gbps elastic protection bandwidth;
  • BASE60_MAX600: uses dedicated anti-DDoS, which provides 60 Gbps guaranteed protection bandwidth and up to 600 Gbps elastic protection bandwidth.
  • If this field is not specified, the default value 'PLATFORM' will be used.
    MaxBandwidthMainlandIntegerNoConfiguration of elastic protection bandwidth for exclusive DDoS protection in the Chinese mainland.Valid only when exclusive DDoS protection in the Chinese mainland is enabled (refer to the LevelMainland parameter configuration), and the value has the following limitations:
  • When exclusive DDoS protection is enabled in the Chinese mainland and the 30 Gbps baseline protection bandwidth is used (the LevelMainland parameter value is BASE30_MAX300): the value range is 30 to 300 in Gbps;
  • When exclusive DDoS protection is enabled in the Chinese mainland and the 60 Gbps baseline protection bandwidth is used (the LevelMainland parameter value is BASE60_MAX600): the value range is 60 to 600 in Gbps;
  • When the default protection of the platform is used (the LevelMainland parameter value is PLATFORM): configuration is not supported, and the value of this parameter is invalid.
  • LevelOverseasStringNoDedicated anti-DDoS specifications in global regions (excluding the Chinese mainland).
  • PLATFORM: uses the default protection. Dedicated anti-DDoS is not enabled;
  • ANYCAST300: uses dedicated anti-DDoS, which provides 300 Gbps protection bandwidth;
  • ANYCAST_ALLIN: uses dedicated anti-DDoS, which provides all available protection resources.
  • If this field is not specified, the default value 'PLATFORM' will be used.

    DefaultServerCertInfo

    HTTPS server certificate configuration

    Used by actions: DescribeDefaultCertificates.

    NameTypeRequiredDescription
    CertIdStringYesID of the server certificate.
    Note: This field may return null, indicating that no valid values can be obtained.
    AliasStringNoAlias of the certificate.
    Note: This field may return null, indicating that no valid values can be obtained.
    TypeStringNoType of the certificate. Values:
  • default: Default certificate;
  • upload: Custom certificate;
  • managed: Tencent Cloud-managed certificate.

  • Note: This field may return null, indicating that no valid values can be obtained.
    ExpireTimeTimestamp ISO8601NoTime when the certificate expires.
    Note: This field may return null, indicating that no valid values can be obtained.
    EffectiveTimeTimestamp ISO8601NoTime when the certificate takes effect.
    Note: This field may return null, indicating that no valid values can be obtained.
    CommonNameStringNoCommon name of the certificate.
    Note: This field may return null, indicating that no valid values can be obtained.
    SubjectAltNameArray of StringNoDomain names added to the SAN certificate.
    Note: This field may return null, indicating that no valid values can be obtained.
    StatusStringNoDeployment status. Values:
  • processing: Deployment in progress
  • deployed: Deployed
  • failed: Deployment failed

  • Note: This field may return null, indicating that no valid value can be obtained.
    MessageStringNoFailure description
    Note: This field may return null, indicating that no valid values can be obtained.
    SignAlgoStringNoCertificate algorithm.
    Note: This field may return null, indicating that no valid value can be obtained.

    DeliveryCondition

    Real-time log delivery conditions used to define the scope of log delivery. The relationship between items in a DeliveryCondition array is "or", whereas the relationship between items in an inner Conditions array is "and".

    Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

    NameTypeRequiredDescription
    ConditionsArray of QueryConditionNoLog filter criteria. The detailed filter criteria are as follows:
  • EdgeResponseStatusCode: Filter by response status code returned from the EdgeOne node to the client.
    ?? Supported operators: equal, great, less, great_equal, less_equal
    ?? Valid values: any integer greater than or equal to 0
  • OriginResponseStatusCode: Filter by response status code of the origin server.
    ?? Supported operators: equal, great, less, great_equal, less_equal.
    ?? Valid values: any integer greater than or equal to -1
  • SecurityAction: Filter by final action after the request matches a security rule.
    ?? Supported operator: equal
    ?? Options:
    ?? -: unknown/not matched
    ?? Monitor: observation
    ?? JSChallenge: JavaScript challenge
    ?? Deny: blocking
    ?? Allow: allowing
    ?? BlockIP: IP blocking
    ?? Redirect: redirection
    ?? ReturnCustomPage: returning to a custom page
    ?? ManagedChallenge: managed challenge
    ?? Silence: silence
    ?? LongDelay: response after a long delay
    ?? ShortDelay: response after a short delay
  • SecurityModule: Filter by name of the security module finally handling the request.
    ??Supported operator: equal
    ??Options:
    ?? -: unknown/not matched
    ?? CustomRule: Custom Rules in Web Protection
    ?? RateLimitingCustomRule: Rate Limiting Rules in Web Protection
    ?? ManagedRule: Managed Rules in Web Protection
    ?? L7DDoS: CC Attack Defense in Web Protection
    ?? BotManagement: Bot Basic Management in Bot Management
    ?? BotClientReputation: Client Reputation Analysis in Bot Management
    ?? BotBehaviorAnalysis: Bot Intelligent Analysis in Bot Management
    ?? BotCustomRule: Custom Bot Rules in Bot Management
    ?? BotActiveDetection: Active Detection in Bot Management
  • DeployRecord

    Version release record details for the configuration group.

    Used by actions: DescribeDeployHistory.

    NameTypeDescription
    ConfigGroupVersionInfosArray of ConfigGroupVersionInfoDetails about the released version.
    DeployTimeTimestamp ISO8601Release time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).
    StatusStringRelease status. Valid values:
  • deploying: Being released.
  • failure: Release failed.
  • success: Released successfully.
  • MessageStringRelease result information.
    RecordIdStringRelease record ID.
    Note: this field may return null, indicating that no valid values can be obtained.
    DescriptionStringChange description.

    DetailHost

    Domain name configuration information

    Used by actions: DescribeHostsSetting.

    NameTypeDescription
    ZoneIdStringThe site ID.
    StatusStringThe acceleration status. Values:
  • process: In progress
  • online: Enabled
  • offline: Disabled
  • HostStringThe domain name.
    ZoneNameStringName of the site
    CnameStringThe assigned CNAME
    IdStringThe resource ID.
    InstanceIdStringThe instance ID.
    LockIntegerThe lock status.
    ModeIntegerThe domain name status.
    AreaStringThe acceleration area of the domain name. Values:
  • global: Global.
  • mainland: Chinese mainland.
  • overseas: Outside the Chinese mainland.
  • AccelerateTypeAccelerateTypeThe acceleration type configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    HttpsHttpsThe HTTPS configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    CacheConfigCacheConfigThe cache configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    OriginOriginThe origin configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    SecurityTypeSecurityTypeThe security type.
    Note: This field may return null, indicating that no valid values can be obtained.
    CacheKeyCacheKeyThe cache key configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    CompressionCompressionThe smart compression configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    WafWafThe WAF protection configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    CCCCThe CC protection configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    DDoSDDoSDDoS mitigation configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    SmartRoutingSmartRoutingThe smart routing configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    Ipv6Ipv6The IPv6 access configuration item.
    Note: This field may return null, indicating that no valid values can be obtained.
    ClientIpCountryClientIpCountryWhether to carry the location information of the client IP during origin-pull.
    Note: This field may return null, indicating that no valid value can be obtained.

    DiffIPWhitelist

    Differences between the newest and existing intermediate IPs

    Used by actions: DescribeOriginProtection.

    NameTypeDescription
    LatestIPWhitelistIPWhitelistThe latest intermediate IPs.
    AddedIPWhitelistIPWhitelistThe intermediate IPs added to the existing list.
    RemovedIPWhitelistIPWhitelistThe intermediate IPs removed from the existing list.
    NoChangeIPWhitelistIPWhitelistThe intermediate IPs that remain unchanged.

    DnsVerification

    Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

    NameTypeDescription
    SubdomainStringThe host record.
    RecordTypeStringThe record type.
    RecordValueStringThe record value.

    DropPageConfig

    Block page configuration

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable configuration. Values:
  • on: Enable
  • off: Disable
  • WafDropPageDetailDropPageDetailNoThe settings of the block page that applies managed rules. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid values can be obtained.
    AclDropPageDetailDropPageDetailNoThe settings of the block page that applies custom rules. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid values can be obtained.

    DropPageDetail

    The configuration details of the block page

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    PageIdIntegerYesThe ID of the block page. Specify 0 to use the default block page.
    (Disused) If 0 is passed, the default block page will be used.
    StatusCodeIntegerYesThe HTTP status code to trigger the block page. Range: 100-600, excluding 3xx codes. Code 566: Requests blocked by managed rules. Code 567: Requests blocked by web security rules (except managed rules).
    NameStringYesThe block page file or URL.
    TypeStringYesType of the block page. Values:
  • page: Return the specified page.

  • CustomResponseIdStringNoID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Type=page.

    EntityStatus

    Status of domain names bound with this template.

    Used by actions: DescribeSecurityTemplateBindings.

    NameTypeDescription
    EntityStringInstance name. Only subdomain names are supported.
    StatusStringInstance configuration status. Values:
  • online: Configuration has taken effect;
  • fail: Configuration failed;
  • process: Configuration is being delivered.
  • MessageStringMessage returned after the operation completed.

    EnvInfo

    Environment information.

    Used by actions: DescribeEnvironments.

    NameTypeDescription
    EnvIdStringEnvironment ID.
    EnvTypeStringEnvironment type. Valid values:
  • production: Production environment.
  • staging: Test environment.
  • StatusStringEnvironment status. Valid values:
  • creating: Being created.
  • running: The environment is stable, with version changes allowed.
  • version_deploying: The version is currently being deployed, with no more changes allowed.
  • ScopeArray of StringEffective scope of the configuration in the current environment. Valid values:
  • ALL: It takes effect on the entire network when EnvType is set to production.
  • It returns the IP address of the test node for host binding during testing when EnvType is set to staging.
  • CurrentConfigGroupVersionInfosArray of ConfigGroupVersionInfoFor the effective versions of each configuration group in the current environment, there are two possible scenarios based on the value of Status:
  • When Status is set to version_deploying, the returned value of this field represents the previously effective version. In other words, during the deployment of the new version, the effective version is the one that was in effect before any changes were made.
  • When Status is set to running, the value returned by this field is the currently effective version.
  • CreateTimeTimestamp ISO8601Creation time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).
    UpdateTimeTimestamp ISO8601Update time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).

    ErrorPageReference

    Custom error page's referenced source

    Used by actions: DescribeCustomErrorPages.

    NameTypeDescription
    BusinessIdStringReferenced business ID, such as the custom block rule ID.

    ExceptConfig

    Exception rules, which are used to bypass specific rules

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable configuration. Values:
  • on: Enable
  • off: Disable
  • ExceptUserRulesArray of ExceptUserRuleNoThe settings of the exception rule. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid values can be obtained.

    ExceptUserRule

    The settings of the exception rule

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    RuleNameStringYesThe rule name.
    ActionStringYesThe rule action. It only supports the value skip, which indicates skipping all managed rules.
    RuleStatusStringYesThe rule status. Values:
  • on: Enabled
  • off: Disabled
  • RuleIDIntegerNoThe rule ID, which is automatically created and only used as an output parameter.
    UpdateTimeTimestamp ISO8601NoThe update time. If it is null, the current date and time is recorded.
    Note: This field may return null, indicating that no valid value can be obtained.
    ExceptUserRuleConditionsArray of ExceptUserRuleConditionNoThe matching condition.
    Note: This field may return null, indicating that no valid values can be obtained.
    ExceptUserRuleScopeExceptUserRuleScopeNoThe scope to which the exception rule applies.
    Note: This field may return null, indicating that no valid values can be obtained.
    RulePriorityIntegerNoThe rule priority. Value range: 0-100. If it is null, it defaults to 0.

    ExceptUserRuleCondition

    The condition of the exception rule

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    MatchFromStringNoThe field to match. Values:
  • host: Request domain name
  • sip: Client IP
  • ua: User-Agent
  • cookie: Cookie
  • cgi: CGI script
  • xff: XFF header
  • url: Request URL
  • accept: Request content type
  • method: Request method
  • header: Request header
  • sip_proto: Network layer protocol
  • MatchParamStringNoThe parameter of the field. Only when MatchFrom = header, the key contained in the header can be passed.
    OperatorStringNoThe logical operator. Values:
  • equal: String equals
  • not_equal: Value not equals
  • include: String contains
  • not_include: String not contains
  • match: IP matches
  • not_match: IP not matches
  • include_area: Regions contain
  • is_empty: Value left empty
  • not_exists: Key fields not exist
  • regexp: Regex matches
  • len_gt: Value greater than
  • len_lt: Value smaller than
  • len_eq: Value equals
  • match_prefix: Prefix matches
  • match_suffix: Suffix matches
  • wildcard: Wildcard
  • MatchContentStringNoThe value of the parameter.

    ExceptUserRuleScope

    The scope to which the exception rule applies

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    TypeStringNoException mode. Values:
  • complete: Skip the exception rule for full requests.
  • partial: Skip the exception rule for partial requests.
  • ModulesArray of StringNoThe module to be activated. Values:
  • waf: Tencent Cloud-managed rules
  • rate: Rate limiting rules
  • acl: Custom rule
  • cc: CC attack defense
  • bot: Bot protection

  • Note: this field may return null, indicating that no valid value is obtained.
    PartialModulesArray of PartialModuleNoModule settings of the exception rule. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid value can be obtained.
    SkipConditionsArray of SkipConditionNoCondition settings of the exception rule. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid value can be obtained.

    FailReason

    Failure reason

    Used by actions: CreatePrefetchTask, CreatePurgeTask.

    NameTypeDescription
    ReasonStringFailure reason.
    TargetsArray of StringList of resources failed to be processed.

    FileAscriptionInfo

    Verification file, used to verify site ownership

    Used by actions: DescribeIdentifications, IdentifyZone.

    NameTypeDescription
    IdentifyPathStringDirectory of the verification file.
    IdentifyContentStringContent of the verification file.

    FileVerification

    Information required for verifying via a file. It's applicable to sites connected via CNAMEs.

    Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

    NameTypeDescription
    PathStringEdgeOne obtains the file verification information in the format of "Scheme + Host + URL Path", (e.g. https://www.example.com/.well-known/teo-verification/z12h416twn.txt). This field is the URL path section of the URL you need to create.
    ContentStringContent of the verification file. The contents of this field need to be filled into the text file returned by Path.

    Filter

    Key-value pair filters for conditional filtering queries, such as filtering ID, name, and status.
    If more than one filter exists, the logical relationship between these filters is AND.
    If multiple values exist in one filter, the logical relationship between these values under the same filter is OR.

    Used by actions: DescribeApplicationProxies, DescribeDefaultCertificates, DescribeFunctionRules, DescribeFunctions, DescribeHostsSetting, DescribeIdentifications, DescribeL4Proxy, DescribeL4ProxyRules, DescribeLoadBalancerList, DescribeOriginProtection, DescribeRules.

    NameTypeRequiredDescription
    NameStringYesFields to be filtered.
    ValuesArray of StringYesValue of the filtered field.

    FirstPartConfig

    The configuration to detect slow attacks based on the transfer period the first 8 KB of requests

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesSwitch. Values:
  • on: Enable
  • off: Disable

  • Note: This field may return null, indicating that no valid value can be obtained.
    StatTimeIntegerNoThe transfer period threshold of the first 8 KB. If the threshold is reached, it’s considered a slow attack. Default: 5.
    Note: This field may return null, indicating that no valid value can be obtained.

    FollowOrigin

    Following origin server configuration for caching.

    Used by actions: DescribeHostsSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable the configuration of following the origin server. Valid values:
  • on: Enable
  • off: Disable
  • DefaultCacheStringNoWhether to cache when an origin server does not return the Cache-Control header. This field is required when Switch is on; otherwise, it is ineffective. Valid values:
  • on: Cache.
  • off: Do not cache.

  • Note: This field may return null, which indicates a failure to obtain a valid value.
    DefaultCacheStrategyStringNoWhether to use the default caching policy when an origin server does not return the Cache-Control header. This field is required when DefaultCache is set to on; otherwise, it is ineffective. When DefaultCacheTime is not 0, this field should be off. Valid values:
  • on: Use the default caching policy.
  • off: Do not use the default caching policy.

  • Note: This field may return null, which indicates a failure to obtain a valid value.
    DefaultCacheTimeIntegerNoThe default cache time in seconds when an origin server does not return the Cache-Control header. The value ranges from 0 to 315360000. This field is required when DefaultCache is set to on; otherwise, it is ineffective. When DefaultCacheStrategy is on, this field should be 0.
    Note: This field may return null, which indicates a failure to obtain a valid value.

    ForceRedirect

    Forced HTTPS redirect configuration for access protocols.

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable force HTTPS redirect. Values:
  • on: Enable
  • off: Disable
  • RedirectStatusCodeIntegerNoRedirect status code. Values:
  • 301: 301 redirect
  • 302: 302 redirect

  • Note: This field may return null, indicating that no valid values can be obtained.

    Function

    Details of an edge function.

    Used by actions: DescribeFunctions.

    NameTypeDescription
    FunctionIdStringFunction ID.
    ZoneIdStringZone ID.
    NameStringFunction name.
    RemarkStringFunction description.
    ContentStringFunction content.
    DomainStringDefault domain name of a function.
    CreateTimeStringCreation time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.
    UpdateTimeStringModification time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.

    FunctionEnvironmentVariable

    Environment variables of an edge function

    Used by actions: DescribeFunctionRuntimeEnvironment, HandleFunctionRuntimeEnvironment.

    NameTypeRequiredDescription
    KeyStringYesVariable name, which should be unique and can only contain uppercase and lowercase letters, digits, and special characters including at signs (@), periods (.), hyphens (-), and underscores (_). Its maximum size is 64 bytes.
    ValueStringNoVariable value. Its maximum size is 5000 bytes. The default value is empty.
    TypeStringNoVariable type. Valid values:
  • string: string type;
  • json: JSON object type.
  • Default value: string.

    FunctionRule

    Trigger rules for an edge function

    Used by actions: DescribeFunctionRules.

    NameTypeDescription
    RuleIdStringRule ID.
    FunctionRuleConditionsArray of FunctionRuleConditionRule condition list. There is an OR relationship between items in the list.
    FunctionIdStringFunction ID, specifying a function executed when a trigger rule condition is met.
    RemarkStringRule description.
    FunctionNameStringFunction name.
    PriorityIntegerPriority of a trigger rule for a function. The larger the value, the higher the priority.
    CreateTimeTimestamp ISO8601Creation time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.
    UpdateTimeTimestamp ISO8601Update time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.

    FunctionRuleCondition

    Condition of a trigger rule for an edge function.

    Used by actions: CreateFunctionRule, DescribeFunctionRules, ModifyFunctionRule.

    NameTypeRequiredDescription
    RuleConditionsArray of RuleConditionYesCondition of a trigger rule for an edge function. This condition is considered met if all items in the list are met.

    Grpc

    Configuration of gRPC support

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable gRPC support. Valid values:
  • on: Enable;
  • off: Disable.
  • HTTP header, used as input for the CreatePrefetchTask API

    Used by actions: CreatePrefetchTask, CreateRealtimeLogDeliveryTask, ModifyRealtimeLogDeliveryTask.

    NameTypeRequiredDescription
    NameStringYesHTTP header name.
    ValueStringYesHTTP header value

    HealthChecker

    LoadBalancer health check policy.

    Used by actions: CreateLoadBalancer, DescribeLoadBalancerList, ModifyLoadBalancer.

    NameTypeRequiredDescription
    TypeStringYesHealth check policy. Valid values:
  • HTTP.
  • HTTPS.
  • TCP.
  • UDP.
  • ICMP Ping.
  • NoCheck.

  • Note: NoCheck means the health check policy is not enabled.
    PortIntegerNoCheck port, which is required when Type = HTTP, Type = HTTPS, Type = TCP, or Type = UDP.
    IntervalIntegerNoCheck frequency, in seconds. It indicates how often a health check task is initiated. Valid values: 30, 60, 180, 300, 600.
    TimeoutIntegerNoTimeout for each health check, in seconds. If the health check time exceeds this value, the check result is determined as "unhealthy". The default value is 5s, and the value should be less than Interval.
    HealthThresholdIntegerNoHealthy state threshold, in the number of times. It indicates that if the consecutive health check results are "healthy" for a certain number of times, an origin server is considered "healthy". The default value is 3 times, with the minimum value of 1 time.
    CriticalThresholdIntegerNoUnhealthy state threshold, in the number of times. It indicates that if the consecutive health check results are "unhealthy" for a certain number of times, an origin server is considered "unhealthy". The default value is 2 times.
    PathStringNoProbe path. This parameter is valid only when Type = HTTP or Type = HTTPS. It needs to include the complete host/path and should not contain a protocol, for example, www.example.com/test.
    MethodStringNoRequest method. This parameter is valid only when Type = HTTP or Type = HTTPS. Valid values:
  • GET.
  • HEAD.
  • ExpectedCodesArray of StringNoThe status codes used to determine that the probe result is healthy when the probe node initiates a health check to an origin server. This parameter is valid only when Type = HTTP or Type = HTTPS.
    HeadersArray of CustomizedHeaderNoThe custom HTTP request header carried by a probe request, with a maximum value of 10. This parameter is valid only when Type = HTTP or Type = HTTPS.
    FollowRedirectStringNoWhether to follow 301/302 redirect. When enabled, 301/302 is considered a "healthy" status code, redirecting 3 times by default. This parameter is valid only when Type = HTTP or Type = HTTPS.
    SendContextStringNoThe content sent by a health check. Only ASCII visible characters are allowed, with up to 500 characters. This parameter is valid only when Type = UDP.
    RecvContextStringNoThe expected return result from an origin server during health check. Only ASCII visible characters are allowed, with up to 500 characters. This parameter is valid only when Type = UDP.

    Hsts

    HSTS configuration

    Used by actions: DescribeHostsSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable the configuration. Values:
  • on: Enable
  • off: Disable
  • MaxAgeIntegerNoMaxAge (in seconds). The maximum value is 1 day.
    Note: This field may return null, indicating that no valid values can be obtained.
    IncludeSubDomainsStringNoWhether to contain subdomain names. Values:
  • on: Enable
  • off: Disable

  • Note: This field may return null, indicating that no valid values can be obtained.
    PreloadStringNoWhether to enable preloading. Values:
  • on: Enable
  • off: Disable

  • Note: This field may return null, indicating that no valid values can be obtained.

    Https

    Domain name HTTPS acceleration configuration. This is disabled by default.

    Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    Http2StringNoWhether to enable HTTP2. Values:
  • on: Enable
  • off: Disable

  • Note: This field may return null, indicating that no valid values can be obtained.
    OcspStaplingStringNoWhether to enable OCSP. Values:
  • on: Enable
  • off: Disable

  • Note: This field may return null, indicating that no valid values can be obtained.
    TlsVersionArray of StringNoTLS version. Valid values:
  • TLSv1: TLSv1 version;
  • TLSV1.1: TLSv1.1 version;
  • TLSV1.2: TLSv1.2 version;
  • TLSv1.3: TLSv1.3 version.
  • Only consecutive versions can be enabled at the same time.
    Note: This field may return null, indicating that no valid values can be obtained.
    HstsHstsNoHSTS Configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    CertInfoArray of ServerCertInfoNoThe certificate configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    ApplyTypeStringNoWhether the certificate is managed by EdgeOne. Values:
  • apply: Managed by EdgeOne.
  • none: Not managed by EdgeOne.
  • If it is left empty, the default value none is used.
    Note: This field may return null, indicating that no valid value can be obtained.
    CipherSuiteStringNoThe cipher suite, with values:
  • loose-v2023: Provides high compatibility with general security, and supports TLS 1.0-1.3 cipher suites;
  • general-v2023: Provides relatively high compatibility with moderate security, and supports TLS 1.2-1.3 cipher suites;
  • strict-v2023: Provides high security, disables all cipher suites with security risks, and supports TLS 1.2-1.3 cipher suites.

  • Note: This field may return null, which indicates a failure to obtain a valid value.

    IPGroup

    IP range group

    Used by actions: CreateSecurityIPGroup, DescribeSecurityIPGroup, DescribeSecurityIPGroupInfo, ModifySecurityIPGroup.

    NameTypeRequiredDescription
    GroupIdIntegerYesGroup ID. Enter 0.
    NameStringYesGroup name.
    ContentArray of StringYesIP group content. Only supports IP and IP mask.

    IPRegionInfo

    IP location information query

    Used by actions: DescribeIPRegion.

    NameTypeDescription
    IPStringIP address, IPV4 or IPV6.
    IsEdgeOneIPStringWhether the IP belongs to an EdgeOne node. Valid values:
  • yes: This IP belongs to an EdgeOne node;
  • no: This IP does not belong to an EdgeOne node.
  • IPWhitelist

    Intermediate IPs

    Used by actions: DescribeOriginProtection.

    NameTypeDescription
    IPv4Array of StringList of IPv4 addresses
    IPv6Array of StringList of IPv6 addresses

    Identification

    The site verification information

    Used by actions: DescribeIdentifications.

    NameTypeDescription
    ZoneNameStringThe site name.
    DomainStringThe subdomain name to be verified. To verify the ownership of a site, leave it blank.
    Note: This field may return null, indicating that no valid values can be obtained.
    StatusStringThe verification status. Values:
  • pending: The verification is ongoing.
  • finished: The verification completed.
  • AscriptionAscriptionInfoDetails of the DNS record.
    OriginalNameServersArray of StringThe NS record of the domain name.
    Note: This field may return null, indicating that no valid values can be obtained.
    FileAscriptionFileAscriptionInfoDetails of the verification file.

    ImageOptimize

    Image optimization configuration.

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable configuration. Values:
  • on: Enable
  • off: Disable
  • IntelligenceRule

    Bot intelligence rules

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringNoSwitch. Values:
  • on: Enable
  • off: Disable

  • Note: This field may return null, indicating that no valid values can be obtained.
    IntelligenceRuleItemsArray of IntelligenceRuleItemNoItems in a bot intelligence rule
    Note: This field may return null, indicating that no valid values can be obtained.

    IntelligenceRuleItem

    Bot intelligence rule items

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    LabelStringYesThe tag to categorize bots. Values:
  • evil_bot: Malicious bot
  • suspect_bot: Suspected bot
  • good_bot: Good bot
  • normal: Normal request
  • ActionStringYesThe action taken on bots. Values
  • drop: Block
  • trans: Allow
  • alg: JavaScript challenge
  • captcha: Managed challenge
  • monitor: Observe
  • IpTableConfig

    IP/Region blocklist/allowlist configuration

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesSwitch. Values:
  • on: Enable
  • off: Disable

  • Note: This field may return null, indicating that no valid values can be obtained.
    IpTableRulesArray of IpTableRuleNoThe settings of the basic access control rule. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid values can be obtained.

    IpTableRule

    IP blocklist/allowlist rule details

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ActionStringYesThe action. Values:
  • drop: Block
  • trans: Allow
  • monitor: Observe
  • MatchFromStringYesThe matching dimension. Values:
  • ip: Match by IP.
  • area: Match by IP region.
  • OperatorStringNoMatching method. It defaults to equal if it’s left empty.
    Values:
  • is_empty: The field is empty.
  • not_exists: The configuration item does not exist.
  • include: Include
  • not_include: Do not include
  • equal: Equal to
  • not_equal: Not equal to

  • Note: This field may return null, indicating that no valid values can be obtained.
    RuleIDIntegerNoThe rule ID, which is only used as an output parameter.
    UpdateTimeTimestamp ISO8601NoThe update time, which is only used as an output parameter.
    StatusStringNoThe rule status. A null value indicates that the rule is enabled. Values:
  • on: Enabled
  • off: Disabled

  • Note: This field may return null, indicating that no valid values can be obtained.
    RuleNameStringNoThe rule name.
    Note: This field may return null, indicating that no valid values can be obtained.
    MatchContentStringNoMatching content. It’s not required when Operator is is_emty or not_exists.

    Ipv6

    The IPv6 access configuration.

    Used by actions: CreateApplicationProxy, DescribeApplicationProxies, DescribeHostsSetting, DescribeZoneSetting, ModifyApplicationProxy, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable IPv6 access. Valid values:
  • on: Enable;
  • off: Disable.
  • JITVideoProcess

    Just-in-time media processing configuration.

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesJust-in-time media processing configuration switch. Valid values:
  • on: Enable.
  • off: Disable.
  • L4OfflineLog

    The L7 log details

    Used by actions: DownloadL4Logs.

    NameTypeDescription
    ProxyIdStringL4 proxy instance ID.
    AreaStringLog query area. Valid values:
  • mainland: Chinese mainland;
  • overseas: Global (outside the Chinese mainland).
  • LogPacketNameStringLog packet name.
    UrlStringLog download address.
    LogTimeInteger(Disused) Log packaging time.
    LogStartTimeTimestamp ISO8601Start time of log packaging.
    LogEndTimeTimestamp ISO8601End time of the log package.
    SizeIntegerLog size (in bytes).

    L4Proxy

    Layer 4 proxy instance.

    Used by actions: DescribeL4Proxy.

    NameTypeRequiredDescription
    ZoneIdStringNoZone ID.
    ProxyIdStringNoLayer 4 proxy instance ID.
    ProxyNameStringNoLayer 4 proxy instance name.
    AreaStringNoAcceleration zone of the Layer 4 proxy instance.
  • mainland: Availability zone in the Chinese mainland;
  • overseas: Global availability zone (excluding the Chinese mainland);
  • global: Global availability zone.
  • CnameStringNoAccess via CNAME.
    IpsArray of StringNoAfter the fixed IP address is enabled, this value will return the corresponding access IP address; if it is not enabled, this value will be empty.
    StatusStringNoStatus of the Layer 4 proxy instance.
  • online: Enabled;
  • offline: Disabled;
  • progress: Deploying;

  • stopping: Disabling;
  • banned: Blocked;
  • fail: Failed to deploy or disable.
  • Ipv6StringNoSpecifies whether to enable IPv6 access.
  • on: Enable;
  • off: Disable.
  • StaticIpStringNoSpecifies whether to enable the fixed IP address.
  • on: Enable;
  • off: Disable.
  • AccelerateMainlandStringNoSpecifies whether to enable network optimization in the Chinese mainland.
  • on: Enable
  • off: Disable
  • DDosProtectionConfigDDosProtectionConfigNoSecurity protection configuration.
    Note: This field may return null, indicating that no valid value can be obtained.
    L4ProxyRuleCountIntegerNoNumber of forwarding rules under the Layer 4 proxy instance.
    UpdateTimeTimestamp ISO8601NoLatest modification time.

    L4ProxyRemoteAuth

    L4 remote authentication information.

    Used by actions: CreateL4ProxyRules, DescribeL4ProxyRules, ModifyL4ProxyRules.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable L4 remote authentication. Valid values:
  • on: Enable;
  • off: Disable.
  • AddressStringYesRemote authentication service address, in the format of domain/ip:port, such as example.auth.com:8888.
    ServerFaultyBehaviorStringYesDefault origin-pull behavior based on L4 forwarding rules after the remote authentication service is disabled. Valid values:
  • reject: Block and deny access;
  • allow: Allow access.
  • L4ProxyRule

    Details of Layer 4 proxy forwarding rules.

    Used by actions: CreateL4ProxyRules, DescribeL4ProxyRules, ModifyL4ProxyRules.

    NameTypeRequiredDescription
    RuleIdStringNoForwarding rule ID.
    Note: Do not fill in this parameter when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it must be filled in when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules.
    ProtocolStringNoForwarding protocol. Valid values:
  • TCP: TCP protocol;
  • UDP: UDP protocol.

  • Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    PortRangeArray of StringNoForwarding port, which can be set as follows:
  • A single port, such as 80;
  • A range of ports, such as 81-85, representing ports 81, 82, 83, 84, 85.

  • Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    OriginTypeStringNoOrigin server type. Valid values:
  • IP_DOMAIN: IP/Domain name origin server;
  • ORIGIN_GROUP: Origin server group;
  • LB: Cloud Load Balancer, currently only open to the allowlist.

  • Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    OriginValueArray of StringNoOrigin server address.
  • When OriginType is set to IP_DOMAIN, enter the IP address or domain name, such as 8.8.8.8 or test.com;
  • When OriginType is set to ORIGIN_GROUP, enter the origin server group ID, such as og-537y24vf5b41;
  • When OriginType is set to LB, enter the Cloud Load Balancer instance ID, such as lb-2qwk30xf7s9g.

  • Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    OriginPortRangeStringNoOrigin server port, which can be set as follows:
  • A single port, such as 80;
  • A range of ports, such as 81-85, representing ports 81, 82, 83, 84, 85. When inputting a range of ports, ensure that the length corresponds with that of the forwarding port range. For example, if the forwarding port range is 80-90, this port range should be 90-100.

  • Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    ClientIPPassThroughModeStringNoTransmission of the client IP address. Valid values:
  • TOA: Available only when Protocol=TCP;

  • PPV1: Transmission via Proxy Protocol V1. Available only when Protocol=TCP;
  • PPV2: Transmission via Proxy Protocol V2;

  • SPP: Transmission via Simple Proxy Protocol. Available only when Protocol=UDP;

  • OFF: No transmission.

  • Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules, and if not specified, the default value OFF will be used; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    SessionPersistStringNoSpecifies whether to enable session persistence. Valid values:
  • on: Enable;
  • off: Disable.

  • Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules, and if not specified, the default value off will be used; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    SessionPersistTimeIntegerNoSession persistence period, with a range of 30-3600, measured in seconds.
    Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules. It is valid only when SessionPersist is set to on and defaults to 3600 if not specified. It is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    RuleTagStringNoRule tag. Accepts 1-50 arbitrary characters.
    Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
    StatusStringNoRule status. Valid values:
  • online: Enabled;
  • offline: Disabled;
  • progress: Deploying;
  • stopping: Disabling;
  • fail: Failed to deploy or disable.

  • Note: Do not set this parameter when L4ProxyRule is used as an input parameter in CreateL4ProxyRules and ModifyL4ProxyRules.
    BuIdStringNoBuID.
    RemoteAuthL4ProxyRemoteAuthNoRemote authentication information.
    Note: RemoteAuth cannot be used as an input parameter in CreateL4ProxyRules or ModifyL4ProxyRules. If this parameter is input, it will be ignored. If the returned data of DescribeL4ProxyRules is empty, it indicates that remote authentication is disabled.
    Note: This field may return null, which indicates a failure to obtain a valid value.

    L7OfflineLog

    Details of L7 logs.

    Used by actions: DownloadL7Logs.

    NameTypeDescription
    DomainStringLog domain name.
    AreaStringLog query area. Valid values:
  • mainland: Chinese mainland;
  • overseas: Global (outside the Chinese mainland).
  • LogPacketNameStringLog packet name.
    UrlStringLog download address.
    LogTimeInteger(Disused) Log packaging time.
    LogStartTimeTimestamp ISO8601Start time of log packaging.
    LogEndTimeTimestamp ISO8601End time of the log package.
    SizeIntegerOriginal log size (in bytes).

    LoadBalancer

    LoadBalancer information.

    Used by actions: DescribeLoadBalancerList.

    NameTypeDescription
    InstanceIdStringLoadBalancer ID.
    NameStringLoadBalancer name, which can contain 1 to 200 characters, including a-z, A-Z, 0-9, underscores (_), and hyphens (-).
    TypeStringLoadBalancer type. Valid values:
  • HTTP: HTTP-specific LoadBalancer. It supports adding HTTP-specific and general origin server groups. It can only be referenced by site acceleration services (such as domain name service and rule engine).
  • GENERAL: general LoadBalancer. It only supports adding general origin server groups. It can be referenced by site acceleration services (such as domain name service and rule engine) and Layer-4 proxy.
  • HealthCheckerHealthCheckerHealth check policy. For details, refer to Health Check Policies.
    SteeringPolicyStringTraffic scheduling policy among origin server groups. Valid values:
  • Priority: Perform failover according to priority.
  • FailoverPolicyStringRequest retry policy when access to an origin server fails. For details, refer to Introduction to Request Retry Strategy. Valid values:
  • OtherOriginGroup: After a single request fails, retry with another origin server within the next lower priority origin server group.
  • OtherRecordInOriginGroup: After a single request fails, retry with another origin server within the same origin server group.
  • OriginGroupHealthStatusArray of OriginGroupHealthStatusOrigin server group health status.
    StatusStringLoadBalancer status. Valid values:
  • Pending: deploying.
  • Deleting: deleting.
  • Running: effective.
  • L4UsedListArray of StringList of Layer-4 proxy instances bound to a LoadBalancer.
    L7UsedListArray of StringList of Layer-7 domain names bound to a LoadBalancer.

    LogFormat

    Output format for real-time log delivery. You can directly use the specified predefined log output format (JSON Lines / csv) through the FormatType parameter, or define a variant output format through additional parameters based on the predefined log output format.

    Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

    NameTypeRequiredDescription
    FormatTypeStringYesPredefined output format for log shipping. Valid values:
  • json: Use JSON Lines as the predefined log output format. In each log entry, fields are displayed as key-value pairs.
  • csv: Use the predefined log output format csv, where each log entry only is presented as field values only, excluding field names.
  • BatchPrefixStringNoA string added before each log delivery batch. Each log delivery batch may contain multiple log records.
    BatchSuffixStringNoA string appended after each log delivery batch.
    RecordPrefixStringNoA string added before each log record.
    RecordSuffixStringNoA string appended after each log record.
    RecordDelimiterStringNoA string inserted between log records as a separator. Valid values:
  • \n: line break;
  • \t: tab character;
  • ,: Half-width comma.
  • FieldDelimiterStringNoA string inserted between fields as a separator within a single log record. Valid values:
  • \t: tab character;
  • ,: half-width comma;
  • ;: Half-width semicolon.
  • MaxAge

    Browser cache rule configuration, which is used to set the default value of MaxAge and is disabled by default.

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    FollowOriginStringNoWhether to follow the origin server. Values:
  • on: Follow the origin server and ignore the field MaxAgeTime;
  • off: Do not follow the origin server and apply the field MaxAgeTime.
  • MaxAgeTimeIntegerNoSpecifies the maximum amount of time (in seconds). The maximum value is 365 days.
    Note: The value 0 means not to cache.

    MutualTLS

    Used by actions: DescribeAccelerationDomains, ModifyHostsCertificate.

    NameTypeRequiredDescription
    SwitchStringYes
    CertInfosArray of CertificateInfoNoMutual authentication certificate list.
    Note: When using MutualTLS as an input parameter in ModifyHostsCertificate, you only need to provide the CertId of the corresponding certificate. You can check the CertId from the SSL Certificate List.

    NoCache

    No-cache configuration

    Used by actions: DescribeHostsSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable no-cache configuration. Valid values:
  • on: Enable
  • off: Disable
  • NormalAction

    Common action of the rule engine

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    ActionStringYesFeature name. For details, see DescribeRulesSetting API
    ParametersArray of RuleNormalActionParamsYesParameter

    NsVerification

    Information required for switching DNS servers. It's applicable to sites connected via NSs.

    Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

    NameTypeDescription
    NameServersArray of StringThe DNS server address assigned to the user when connecting a site to EO via NS. You need to switch the NameServer of the domain name to this address.

    OfflineCache

    Offline cache feature status switch.

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether offline cache is enabled. Valid values:
  • on: Enable
  • off: Disable
  • Origin

    The origin server configuration.

    Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    OriginsArray of StringNoPrimary origin server list
    Note: This field may return null, indicating that no valid values can be obtained.
    BackupOriginsArray of StringNoThe list of backup origin servers.
    Note: This field may return null, indicating that no valid values can be obtained.
    OriginPullProtocolStringNoOrigin-pull protocol configuration. Values:
  • http: Force HTTP for origin-pull.
  • follow: Follow protocol.
  • https: Force HTTPS for origin-pull.

  • Note: This field may return null, indicating that no valid value can be obtained.
    CosPrivateAccessStringNoWhether to allow private access to buckets when OriginType=cos. Valid values:
  • on: Private access;
  • off: Public access.

  • Note: This field may return null, indicating that no valid values can be obtained.

    OriginDetail

    Details of the origin.

    Used by actions: DescribeAccelerationDomains.

    NameTypeDescription
    OriginTypeStringOrigin server type. Valid values:
  • IP_DOMAIN: IPv4, IPv6, or domain name type origin server;
  • COS: Tencent Cloud COS origin server;
  • AWS_S3: AWS S3 COS origin server;
  • ORIGIN_GROUP: origin server group;
  • VOD: Video on Demand;
  • SPACE: origin server uninstallation, currently only available to the allowlist;
  • LB: load balancing. Currently only available to the allowlist.
  • OriginStringOrigin server address, which varies with the value of OriginType:
  • When OriginType = IP_DOMAIN, this parameter is an IPv4 address, an IPv6 address, or a domain name.
  • When OriginType = COS, this parameter is the access domain name of the COS bucket.
  • When OriginType = AWS_S3, this parameter is the access domain name of the S3 bucket.
  • When OriginType = ORIGIN_GROUP, this parameter is the origin server group ID.
  • When OriginType = VOD, this parameter is the VOD application ID.
  • BackupOriginStringSecondary origin group ID. This parameter is valid only when OriginType is ORIGIN_GROUP and a secondary origin group is configured.
    OriginGroupNameStringPrimary origin group name. This parameter returns a value when OriginType is ORIGIN_GROUP.
    BackOriginGroupNameStringSecondary origin group name. This parameter is valid only when OriginType is ORIGIN_GROUP and a secondary origin group is configured.
    PrivateAccessStringWhether access to the private object storage origin server is allowed. This parameter is valid only when the origin server type OriginType is COS or AWS_S3. Valid values:
  • on: Enable private authentication;
  • off: Disable private authentication.

  • If this field is not specified, the default value 'off' will be used.
    PrivateParametersArray of PrivateParameterPrivate authentication parameter. This parameter is valid only when PrivateAccess is on.
    Note: This field may return null, indicating that no valid values can be obtained.

    OriginGroup

    Origin group information.

    Used by actions: DescribeOriginGroup.

    NameTypeDescription
    GroupIdStringThe ID of the origin group.
    NameStringThe name of the origin group.
    TypeStringThe origin group type. Values:
  • GENERAL: General origin group
  • HTTP: HTTP-specific origin group
  • RecordsArray of OriginRecordDetails of the origin record.
    ReferencesArray of OriginGroupReferenceList of instances referencing this origin group.
    CreateTimeTimestamp ISO8601Creation time of the origin group.
    UpdateTimeTimestamp ISO8601The update time of the origin group.
    HostHeaderStringOrigin-pull host header
    Note: This field may return·null, indicating that no valid values can be obtained.

    OriginGroupHealthStatus

    Origin server group health status.

    Used by actions: DescribeLoadBalancerList.

    NameTypeDescription
    OriginGroupIDStringOrigin server group ID.
    OriginGroupNameStringOrigin server group name.
    OriginTypeStringOrigin server group type. Valid values:
  • HTTP: HTTP-specific.
  • GENERAL: general.
  • PriorityStringPriority.
    OriginHealthStatusArray of OriginHealthStatusHealth status of each origin server in an origin server group.

    OriginGroupHealthStatusDetail

    Details of origin server group health status.

    Used by actions: DescribeOriginGroupHealthStatus.

    NameTypeDescription
    OriginGroupIdStringOrigin server group ID.
    OriginHealthStatusArray of OriginHealthStatusThe health status of each origin server in an origin server group, which is comprehensively decided based on the results of all detection regions. If more than half of the regions determine that the origin server is unhealthy, the corresponding status is unhealthy; otherwise, it is healthy.
    CheckRegionHealthStatusArray of CheckRegionHealthStatusHealth status of origin servers in each health check region.

    OriginGroupInLoadBalancer

    The origin server groups that need to be bound in a LoadBalancer and their priorities.

    Used by actions: CreateLoadBalancer, ModifyLoadBalancer.

    NameTypeRequiredDescription
    PriorityStringYesPriority, in the format of "priority_" + "number". The highest priority is "priority_1". Reference values:
  • priority_1: first priority.
  • priority_2: second priority.
  • priority_3: third priority.
  • You can increase numbers for other priorities, up to "priority_10".
    OriginGroupIdStringYesOrigin server group ID.

    OriginGroupReference

    Services referencing this origin group

    Used by actions: DescribeOriginGroup.

    NameTypeDescription
    InstanceTypeStringServices referencing the origin group. Values:
  • AccelerationDomain: Acceleration domain name
  • RuleEngine: Rules engine
  • Loadbalance: Load balancer
  • ApplicationProxy: L4 proxy
  • InstanceIdStringID of the instances referencing the origin group
    InstanceNameStringName of the instance referencing the origin group

    OriginHealthStatus

    Health status of origin servers in an origin server group.

    Used by actions: DescribeLoadBalancerList, DescribeOriginGroupHealthStatus.

    NameTypeDescription
    OriginStringOrigin server.
    HealthyStringOrigin server health status. Valid values:
  • Healthy: healthy.
  • Unhealthy: unhealthy.
  • Undetected: no data detected.

  • OriginInfo

    Details of the origin.

    Used by actions: CreateAccelerationDomain, ModifyAccelerationDomain.

    NameTypeRequiredDescription
    OriginTypeStringYesOrigin server type, with values:
  • IP_DOMAIN: IPv4, IPv6, or domain name type origin server;
  • COS: Tencent Cloud COS origin server;
  • AWS_S3: AWS S3 origin server;
  • ORIGIN_GROUP: origin server group type origin server;

  • VOD: Video on Demand;
  • SPACE: origin server uninstallation. Currently only available to the allowlist;
  • LB: load balancing. Currently only available to the allowlist.
  • OriginStringYesOrigin server address, which varies according to the value of OriginType:
  • When OriginType = IP_DOMAIN, fill in an IPv4 address, an IPv6 address, or a domain name;
  • When OriginType = COS, fill in the access domain name of the COS bucket;
  • When OriginType = AWS_S3, fill in the access domain name of the S3 bucket;
  • When OriginType = ORIGIN_GROUP, fill in the origin server group ID;
  • When OriginType = VOD, fill in the VOD application ID;
  • When OriginType = LB, fill in the Cloud Load Balancer instance ID. This feature is currently only available to the allowlist;
  • When OriginType = SPACE, fill in the origin server uninstallation space ID. This feature is currently only available to the allowlist.
  • BackupOriginStringNoThe ID of the secondary origin group. This parameter is valid only when OriginType is ORIGIN_GROUP. This field indicates the old version capability, which cannot be configured or modified on the control panel after being called. Please submit a ticket if required.
    PrivateAccessStringNoWhether access to the private Cloud Object Storage origin server is allowed. This parameter is valid only when OriginType is COS or AWS_S3. Valid values:
  • on: Enable private authentication;
  • off: Disable private authentication.

  • If it is not specified, the default value is off.
    PrivateParametersArray of PrivateParameterNoPrivate authentication parameter. This parameter is valid only when PrivateAccess is on.

    OriginProtectionInfo

    Origin protection configuration

    Used by actions: DescribeOriginProtection.

    NameTypeDescription
    ZoneIdStringID of the site.
    HostsArray of StringList of domain names.
    ProxyIdsArray of StringList of proxy IDs.
    CurrentIPWhitelistIPWhitelistThe existing intermediate IPs.
    Note: This field may return null, indicating that no valid values can be obtained.
    NeedUpdateBooleanWhether the intermediate IP update is needed for the site. Values:
  • true: Update needed;
  • false: Update not needed.
  • StatusStringStatus of the origin protection configuration. Values:
  • online: Origin protection is activated;
  • offline: Origin protection is disabled.
  • nonactivate: Origin protection is not activated. This value is returned only when the feature is not activated before it’s used.
  • PlanSupportBooleanWhether origin protection is supported in the plan. Values:
  • true: Origin protection supported;
  • false: Origin protection not supported.
  • DiffIPWhitelistDiffIPWhitelistDifferences between the latest and existing intermediate IPs.
    Note: This field may return null, indicating that no valid values can be obtained.

    OriginRecord

    Origin group record

    Used by actions: CreateOriginGroup, DescribeOriginGroup, ModifyOriginGroup.

    NameTypeRequiredDescription
    RecordStringYesThe origin record value, which can be an IPv4/IPv6 address or a domain name.
    TypeStringNoThe origin type. Values:
  • IP_DOMAIN: IPv4/IPv6 address or domain name
  • COS: COS bucket address
  • AWS_S3: AWS S3 bucket address
  • RecordIdStringNoThe origin record ID.
    WeightIntegerNoWeight of an origin. Range: 0-100. If it is not specified, a random weight is assigned. If 0 is passed in, there is no traffic scheduled to this origin.
    Note: This field may return·null, indicating that no valid values can be obtained.
    PrivateBooleanNoWhether to enable private authentication. It is valid when OriginType=COS/AWS_S3. Values:
  • true: Yes.
  • false: No.
  • Default: false.
    PrivateParametersArray of PrivateParameterNoPrivate authentication parameters. This field is valid when Private=true.

    OwnershipVerification

    Information of domain name ownership verification.

    Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

    NameTypeDescription
    DnsVerificationDnsVerificationCNAME, when there is no domain name access, the information required for DNS resolution verification is used. For details, refer to Site/Domain Ownership Verification
    .
    Note: This field may return null, which indicates a failure to obtain a valid value.
    FileVerificationFileVerificationCNAME, when there is no domain name access, the information required for file verification is used. For details, refer to Site/Domain Ownership Verification
    .
    Note: This field may return null, which indicates a failure to obtain a valid value.
    NsVerificationNsVerificationu200cInformation required for switching DNS servers. It's applicable to sites connected via NSs. For details, see Modifying DNS Server.
    Note: This field may return·null, indicating that no valid values can be obtained.

    PartialModule

    Module settings of the exception rule

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ModuleStringNoThe module. Values:
  • waf: Managed rules
  • IncludeArray of IntegerNoList of managed rule IDs to be skipped.
    Note: This field may return null, indicating that no valid value can be obtained.

    PlanInfo

    EdgeOne plan information

    Used by actions: DescribeAvailablePlans.

    NameTypeDescription
    CurrencyStringSettlement currency. Values:
  • CNY: Settled by Chinese RMB;
  • USD: Settled by US dollars.
  • FluxIntegerTraffic quota of the plan. It includes the traffic for security acceleration, content acceleration and smart acceleration. Unit: byte.
    FrequencyStringSettlement cycle. Values:
  • y: Settled by year;
  • m: Settled by month;
  • h: Settled by hour;
  • M: Settled by minute;
  • s: Settled by second.
  • PlanTypeStringThe plan option. Values:
  • sta: Standard plan that supports content delivery network outside the Chinese mainland.
  • sta_with_bot: Standard plan that supports content delivery network outside the Chinese mainland and bot management.
  • sta_cm: Standard plan that supports content delivery network inside the Chinese mainland.
  • sta_cm_with_bot: Standard plan that supports content delivery network inside the Chinese mainland and bot management.
  • sta: Standard plan that supports content delivery network over the globe.
  • sta_global_with_bot: Standard plan that supports content delivery network over the globe and bot management.
  • ent: Enterprise plan that supports content delivery network outside the Chinese mainland.
  • ent_with_bot: Enterprise plan that supports content delivery network outside the Chinese mainland and bot management.
  • ent_cm: Enterprise plan that supports content delivery network inside the Chinese mainland.
  • ent_cm_with_bot: Enterprise plan that supports content delivery network inside the Chinese mainland and bot management.
  • ent_global: Enterprise plan that supports content delivery network over the globe.
  • ent_global_with_bot: Enterprise plan that supports content delivery network over the globe and bot management.
  • PriceFloatPlan price (in CNY fen/US cent). The price unit depends on the settlement currency.
    RequestIntegerQuota on security acceleration requests
    SiteNumberIntegerNumber of sites to be bound to the plan
    AreaStringThe acceleration region. Values:
  • mainland: Chinese mainland
  • overseas: Global (Chinese mainland not included)
  • global: Global (Chinese mainland included)
  • PostMaxSize

    Maximum size of the file uploaded for streaming via a POST request

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable POST upload limit (default limit: 32 MB). Valid values:
  • on: Enable;
  • off: Disable.
  • MaxSizeIntegerNoMaximum size. Value range: 1-500 MB.
    Note: This field may return null, indicating that no valid values can be obtained.

    PrepaidPlanParam

    Prepaid Plan Billing Parameters

    Used by actions: CreatePlan.

    NameTypeRequiredDescription
    PeriodIntegerNoPrepaid plan duration, unit: month. Valid values: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 24, 36.

    If this field is not specified, the default value '1' will be used.
    RenewFlagStringNoThe auto-renewal flag for prepaid plan has the following values:
  • on: Enable auto-renewal;
  • off: Disable auto-renewal.

  • If this field is not specified, the default value 'off' will be used. When auto-renewal is enabled, it defaults to renewing for one month.

    PrivateParameter

    Private authentication parameters for Cloud Object Storage origin server

    Used by actions: CreateAccelerationDomain, CreateOriginGroup, DescribeAccelerationDomains, DescribeOriginGroup, ModifyAccelerationDomain, ModifyOriginGroup.

    NameTypeRequiredDescription
    NameStringYesThe name of the private authentication parameter. Valid values:
  • AccessKeyId: Access Key ID for authentication;
  • SecretAccessKey: Secret Access Key for authentication;
  • SignatureVersion: Authentication version, v2 or v4;
  • Region: The region of the storage bucket.
  • ValueStringYesThe parameter value.

    QueryCondition

    The query condition

    Used by actions: CreateRealtimeLogDeliveryTask, DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData, DescribeTopL7AnalysisData, DescribeTopL7CacheData, ModifyRealtimeLogDeliveryTask.

    NameTypeRequiredDescription
    KeyStringYesThe key of QueryCondition.
    OperatorStringYesThe conditional operator. Values:
  • equals: Equals
  • notEquals: Does not equal
  • include: Contains
  • notInclude: Does not contain
  • startWith: Starts with
  • notStartWith: Does not start with
  • endWith: Ends with
  • notEndWith: Does not end with
  • ValueArray of StringYesThe value of QueryCondition.

    QueryString

    Request parameter contained in CacheKey

    Used by actions: DescribeHostsSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to use QueryString as part of CacheKey. Values:
  • on: Yes
  • off: No
  • ActionStringNoSpecifies how to use query strings in the cache key. Values:
  • includeCustom: Include partial query strings.</li><li>excludeCustom`: Exclude partial query strings.

  • Note: This field may return null, indicating that no valid values can be obtained.
    ValueArray of StringNoArray of query strings used/excluded
    Note: This field may return null, indicating that no valid values can be obtained.

    Quic

    QUIC configuration item

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable QUIC. Valid values:
  • on: Enable;
  • off: Disable.
  • Quota

    Purging/Pre-warming available usage and quota

    Used by actions: DescribeContentQuota.

    NameTypeDescription
    BatchInteger
    DailyIntegerDaily submission quota limit.
    DailyAvailableIntegerRemaining daily submission quota.
    TypeStringType of cache purging/pre-warming. Values:
  • purge_prefix: Purge by prefix
  • purge_url: Purge by URL
  • purge_host: Purge by hostname
  • purge_all: Purge all caches
  • purge_cache_tag: Purge by cache tag
  • prefetch_url: Pre-warm by URL
  • RateLimitConfig

    Rate limiting rules

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesSwitch. Values:
  • on: Enable
  • off: Disable
  • RateLimitUserRulesArray of RateLimitUserRuleNoThe settings of the custom rate limiting rule. If it is null, the settings that were last configured will be used.
    RateLimitTemplateRateLimitTemplateNoThe settings of the rate limiting template. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid values can be obtained.
    RateLimitIntelligenceRateLimitIntelligenceNoThe client filtering settings. If it is null, the settings that were last configured will be used.
    Note: This field may return null, indicating that no valid values can be obtained.
    RateLimitCustomizesArray of RateLimitUserRuleNoThe custom rate limiting rules. If it is null, the previous settings is used.
    Note: This field may return null, indicating that no valid value can be obtained.

    RateLimitIntelligence

    Client filtering

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable configuration. Values:
  • on: Enable
  • off: Disable
  • ActionStringYesAction to be executed. Values:
  • monitor: Observe
  • alg: Challenge
  • RuleIdIntegerNoThe rule ID, which is only used as a response parameter.

    RateLimitTemplate

    Rate limit template

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ModeStringYesThe mode. Values:
  • sup_loose: Super loose
  • loose: Loose
  • emergency: Emergency
  • normal: Moderate
  • strict: Strict
  • close: Off
  • ActionStringNoThe action. Values:
  • alg: JavaScript challenge
  • monitor: Observe
  • If it is left empty, the default value alg is used.
    RateLimitTemplateDetailRateLimitTemplateDetailNoThe settings of the rate limiting template. It is only used as an output parameter.

    RateLimitTemplateDetail

    The settings of the rate limiting template

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ModeStringYesTemplate level name. Valid values:
  • sup_loose: super loose;
  • loose: loose;
  • emergency: emergency;
  • normal: normal;
  • strict: strict;
  • close: disabled, effective only for precise rate limiting.

  • Note: This field may return null, which indicates a failure to obtain a valid value.
    IDIntegerYesUnique ID.
    ActionStringYesTemplate action. Valid values:
  • alg: JavaScript challenge;
  • monitor: observation.

  • Note: This field may return null, which indicates a failure to obtain a valid value.
    PunishTimeIntegerYesPenalty duration, in seconds. Value range: 0-2 days.
    Note: This field may return null, which indicates a failure to obtain a valid value.
    ThresholdIntegerYesStatistical threshold, in times. Value range: 0-4294967294.
    PeriodIntegerYesStatistical cycle. Value range: 0-120 seconds.

    RateLimitUserRule

    Rate limit rule

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    ThresholdIntegerYesThe request threshold. Value range: 0-4294967294.
    PeriodIntegerYesThe statistical period. The value can be 10, 20, 30, 40, 50, or 60 seconds.
    RuleNameStringYesThe rule name, which consists of only letters, digits, and underscores and cannot start with an underscore.
    ActionStringYesAction. Values:
  • monitor: Observe;
  • drop: Block;
  • redirect: Redirect;
  • page: Return a specific page;
  • alg: JavaScript challenge.
  • PunishTimeIntegerYesThe amount of time taken to perform the action. Value range: 0 seconds - 2 days.
    PunishTimeUnitStringYesThe time unit. Values:
  • second: Second
  • minutes: Minute
  • hour: Hour
  • RuleStatusStringYesThe rule status. Values:
  • on: Enabled
  • off: Disabled
  • Default value: on
    AclConditionsArray of AclConditionYesThe rule details.
    RulePriorityIntegerYesThe rule weight. Value range: 0-100.
    RuleIDIntegerNoRule ID, which is only used as an output parameter.
    FreqFieldsArray of StringNoThe filter. Values:
  • sip: Client IP

  • This parameter is left empty by default.
    UpdateTimeStringNoUpdate time. It is only used as a response parameter, and defaults to the current time.
    FreqScopeArray of StringNoQuery scope. Values:
  • source_to_eo: (Response) Traffic going from the origin to EdgeOne.
  • client_to_eo: (Request) Traffic going from the client to EdgeOne.

  • Default: source_to_eo.
    NameStringNoName of the custom return page. It's required when Action=page.
    CustomResponseIdStringNoID of custom response. The ID can be obtained via the DescribeCustomErrorPages API. It's required when Action=page.
    ResponseCodeIntegerNoThe response code to trigger the return page. It's required when Action=page. Value: 100-600. 3xx response codes are not supported. Default value: 567.
    RedirectUrlStringNoThe redirection URL. It's required when Action=redirect.

    RealtimeLogDeliveryTask

    Real-time log delivery task

    Used by actions: DescribeRealtimeLogDeliveryTasks.

    NameTypeDescription
    TaskIdStringID of a real-time log shipping task.
    TaskNameStringName of a real-time log shipping task.
    DeliveryStatusStringStatus of a real-time log shipping task. Valid values:
  • enabled: enabled;
  • disabled: disabled;
  • deleted: deleted abnormally. Check whether the destination log set/log topic of Tencent Cloud CLS has been deleted.
  • TaskTypeStringType of a real-time log shipping task. Valid values:
  • cls: push to Tencent Cloud CLS;
  • custom_endpoint: push to a custom HTTP(S) address;
  • s3: push to an AWS S3-compatible bucket address.
  • EntityListArray of StringList of entities (L7 domain names or L4 proxy instances) corresponding to a real-time log shipping task. Valid value examples:
  • L7 domain name: domain.example.com;
  • L4 proxy instance: sid-2s69eb5wcms7.
  • LogTypeStringData shipping type. Valid values:
  • domain: site acceleration logs;
  • application: L4 proxy logs;
  • web-rateLiming: rate limiting and CC attack defense logs;
  • web-attack: managed rule logs;
  • web-rule: custom rule logs;
  • web-bot: Bot management logs.
  • AreaStringData shipping area. Valid values:
  • mainland: within the Chinese mainland;
  • overseas: global (excluding the Chinese mainland).
  • FieldsArray of StringList of predefined fields for shipping.
    CustomFieldsArray of CustomFieldList of custom fields for shipping.
    DeliveryConditionsArray of DeliveryConditionFilter criteria of log shipping.
    SampleIntegerSampling ratio in permille. Value range: 1-1000. For example, 605 indicates a sampling ratio of 60.5%.
    LogFormatLogFormatOutput format for log delivery. When the output parameter is null, the default format is used, which works as follows:
  • When TaskType is 'custom_endpoint', the default format is an array of JSON objects, with each JSON object representing a log entry;
  • When TaskType is 's3', the default format is JSON Lines.

  • Note: This field may return 'null', which indicates a failure to obtain a valid value.
    CLSCLSTopicConfiguration information of the CLS.
    Note: This field may return null, which indicates a failure to obtain a valid value.
    CustomEndpointCustomEndpointConfiguration information of the custom HTTP service.
    Note: This field may return null, which indicates a failure to obtain a valid value.
    S3S3Configuration information of the AWS S3-compatible bucket.
    Note: This field may return null, which indicates a failure to obtain a valid value.
    CreateTimeTimestamp ISO8601Creation time.
    UpdateTimeTimestamp ISO8601Update time.

    RenewFlag

    Auto-renewal configuration item in a prepaid plan.

    Used by actions: ModifyPlan.

    NameTypeRequiredDescription
    SwitchStringYesThe auto-renewal flag for prepaid plan has the following values:
  • on: Enable auto-renewal;
  • off: Disable auto-renewal.
  • Resource

    Billable resource

    Used by actions: DescribeZones.

    NameTypeDescription
    IdStringThe resource ID.
    PayModeIntegerBilling mode
    0: Pay-as-you-go
    CreateTimeTimestamp ISO8601The creation time.
    EnableTimeTimestamp ISO8601The effective time.
    ExpireTimeTimestamp ISO8601The expiration time.
    StatusStringThe plan status. Values:
  • normal: Normal
  • isolated: Isolated
  • destroyed: Terminated
  • SvArray of SvPricing query parameter
    AutoRenewFlagIntegerWhether to enable auto-renewal. Values:
  • 0: Default status.
  • 1: Enable auto-renewal.
  • 2: Disable auto-renewal.
  • PlanIdStringID of the resource associated with the plan.
    AreaStringApplicable area. Values:
  • mainland: Chinese mainland
  • overseas: Regions outside the Chinese mainland
  • global: Global
  • GroupStringThe resource type. Values:
  • plan: Plan resources
  • pay-as-you-go: Pay-as-you-go resources
  • value-added: Value-added resources

  • Note: This field may return null, indicating that no valid values can be obtained.
    ZoneNumberIntegerThe sites that are associated with the current resources.
    Note: This field may return null, indicating that no valid values can be obtained.
    TypeStringResource tag type. Valid values:
  • vodeo: vodeo resource.
  • RewriteAction

    Rule engine action for the HTTP request/response header

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    ActionStringYesFeature name. For details, see DescribeRulesSetting API
    ParametersArray of RuleRewriteActionParamsYesParameter

    Rule

    Rule item of the rule engine. The items in the Conditions array are in OR relationship, and the items in the inner Conditions list are in AND relationship.

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    ConditionsArray of RuleAndConditionsYesJudgment condition for executing the feature.
    Note: The feature can be executed if any condition in the array is met.
    ActionsArray of ActionNoExecuted feature. Note: Actions and SubRules cannot be both empty.
    SubRulesArray of SubRuleItemNoNested rule. Note: SubRules and Actions cannot be both empty.

    RuleAndConditions

    List of rule engine conditions in AND relationship

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    ConditionsArray of RuleConditionYesRule engine condition. This condition will be considered met if all items in the array are met.

    RuleChoicePropertiesItem

    Detailed settings of the rule engine that can be used for request match, which are optional parameter configuration items.

    Used by actions: DescribeRulesSetting.

    NameTypeDescription
    NameStringThe parameter name.
    TypeStringThe parameter value type.
  • CHOICE: The parameter value can be selected only from Values.
  • TOGGLE: The parameter value is of switch type and can be selected from ChoicesValue.
  • CUSTOM_NUM: The parameter value is a custom integer.
  • CUSTOM_STRING: The parameter value is a custom string.
  • ChoicesValueArray of StringValid parameter values.
    Note: If Type is CUSTOM_NUM or CUSTOM_STRING, this parameter will be an empty array.
    MinIntegerMinimum value. If both Min and Max are set to 0, this parameter does not take effect.
    MaxIntegerMaximum value. If both Min and Max are set to 0, this parameter does not take effect.
    IsMultipleBooleanWhether multiple values can be selected or entered.
    IsAllowEmptyBooleanWhether the parameter can be left empty.
    ExtraParameterRuleExtraParameterSpecial parameter.
  • NULL: Select NormalAction for RuleAction.
  • If the member parameter Id is Action, select RewirteAction for RuleAction.
  • If the member parameter Id is StatusCode, select CodeAction for RuleAction.
  • RuleCodeActionParams

    Parameters of the action with the StatusCode field as the rule engine condition

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    StatusCodeIntegerYesThe status code.
    NameStringYesThe parameter name. For details, see DescribeRulesSetting.
    ValuesArray of StringYesThe parameter value.

    RuleCondition

    Rule engine condition parameters

    Used by actions: CreateFunctionRule, CreateRule, DescribeRules, ModifyFunctionRule, ModifyRule.

    NameTypeRequiredDescription
    OperatorStringYesOperator. Valid values:
  • equals: Equals
  • notEquals: Does not equal
  • exist: Exists
  • notexist: Does not exist
  • TargetStringYesMatching type. Valid values:
  • filename: Filename;
  • extension: File suffix;
  • host: Host;
  • full_url: A complete URL path under the current site, including the HTTP protocol, the host, and the path;
  • url: The request for a URL path under the current site;
  • client_country: Client country/region;
  • query_string: The query string for a requested URL under the current site;
  • request_header: HTTP request header;
  • client_ip: Client IP;
  • request_protocol: Request protocol;
  • request_method: HTTP request method.
  • ValuesArray of StringNoParameter values for corresponding matching types. It is allowed to pass an empty array only when the matching type is query_string or request_header and the operator value is exist or not exist. Corresponding match types include:
  • extension: File suffix such as jpg or txt;
  • filename: For example, foo in foo.jpg;
  • all (any request under the site): all;
  • host: The host under the current site. For example, www.maxx55.com;
  • URL path: The request for a URL path under the current site. For example, /example;
  • URL full: The request for a complete URL under the current site, including the HTTP protocol, the host, and the path. For example: https://www.maxx55.cn/example;
  • client_country: Country/region identifier compliant with the ISO3166 standard;
  • query_string: The parameter value in the query string of the requested URL under the current site. For example, cn and 1 in lang=cn&version=1;
  • request_header: The value of the HTTP request header field. For example, zh-CN,zh;q=0.9 in Accept-Language:zh-CN,zh;q=0.9;
  • client_ip: The client request IP carried in the current request, which supports IPv4/IPv6 and an IP range;
  • request_protocol: The protocol of the current request. Valid values: HTTP and HTTPS;
  • request_method: The method of the current request. Valid values: GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT, OPTIONS, PATCH, COPY, LOCK, MKCOL, MOVE, PROPFIND, PROPPATCH, and UNLOCK.
  • IgnoreCaseBooleanNoWhether the parameter value is case insensitive. Default value: false.
    NameStringNoThe parameter name of the match type. This field is required only when Target=query_string/request_header.
  • query_string: Name of the query string, such as "lang" and "version" in "lang=cn&version=1".
  • request_header: Name of the HTTP request header, such as "Accept-Language" in the "Accept-Language:zh-CN,zh;q=0.9" header.
  • RuleExtraParameter

    Rule engine parameter details and special parameter types.

    Used by actions: DescribeRulesSetting.

    NameTypeDescription
    IdStringParameter name. Valid values:
  • Action: Required parameter for HTTP header modification when RewirteAction is selected for RuleAction.
  • StatusCode: Required parameter for the status code feature when CodeAction is selected for RuleAction.
  • TypeStringParameter value type.
  • CHOICE: The parameter value can be selected only from Values.
  • CUSTOM_NUM: The parameter value is a custom integer.
  • CUSTOM_STRING: The parameter value is a custom string.
  • ChoicesArray of StringValid values.
    Note: If the value of Id is StatusCode, values in the array are all integer values. When entering a parameter value, enter the integer value of the string.

    RuleItem

    Rule details of the rule engine

    Used by actions: DescribeRules.

    NameTypeDescription
    RuleIdStringThe rule ID.
    RuleNameStringThe rule name. It is a string that can contain 1–255 characters.
    StatusStringRule status. Values:
  • enable: Enabled
  • disable: Disabled
  • RulesArray of RuleThe rule content.
    RulePriorityIntegerThe rule priority. The greater the value, the higher the priority. The minimum value is 1.
    TagsArray of StringTag of the rule.

    RuleNormalActionParams

    Common action parameter of a rule engine condition

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    NameStringYesThe parameter name. For details, see DescribeRulesSetting.
    ValuesArray of StringYesThe parameter value.

    RuleRewriteActionParams

    Parameter of the action for the HTTP request/response header of a rule engine condition.

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    ActionStringYesFeature parameter name. For details, see DescribeRulesSetting.
  • add: Add the HTTP header.
  • set: Rewrite the HTTP header.
  • del: Delete the HTTP header.
  • NameStringYesParameter name
    ValuesArray of StringYesParameter value

    RulesProperties

    Detailed settings of the rule engine that can be used for request match.

    Used by actions: DescribeRulesSetting.

    NameTypeDescription
    NameStringParameter name.
    MinIntegerMinimum value. If both Min and Max are set to 0, this parameter does not take effect.
    ChoicesValueArray of StringValid parameter values.
    Note: If Type is CUSTOM_NUM or CUSTOM_STRING, this parameter will be an empty array.
    TypeStringThe parameter value type.
  • CHOICE: If Type=CHOICE, choose a value in ChoiceValue.
  • TOGGLE: If Type=TOGGLE, choose on or off from ChoicesValue.
  • OBJECT: Specify an object. If this is specified, ChoiceProperties includes attributes of the specified object. See Example 2. Create a rule with Type=OBJECT
  • CUSTOM_NUM: (Integer) Custom value.
  • CUSTOM_STRING: (String) Custom value.
  • MaxIntegerMaximum value. If both Min and Max are set to 0, this parameter does not take effect.
    IsMultipleBooleanWhether multiple values can be selected or entered.
    IsAllowEmptyBooleanWhether the parameter can be left empty.
    ChoicePropertiesArray of RuleChoicePropertiesItemAssociated configuration parameters of this parameter, which are required for API call.
    Note: This parameter will be an empty array if no special parameters are added as optional parameters.
    ExtraParameterRuleExtraParameter
  • NULL: No special parameters when NormalAction is selected for RuleAction.

  • Note: This field may return null, indicating that no valid values can be obtained.

    RulesSettingAction

    List of the settings of the rule engine that can be used for request match and their detailed information.

    Used by actions: DescribeRulesSetting.

    NameTypeDescription
    ActionStringFeature name. Valid values:
  • Access URL rewrite (AccessUrlRedirect).
  • Origin-pull URL rewrite (UpstreamUrlRedirect).
  • Custom error page
    (ErrorPage).
  • QUIC (QUIC).
  • WebSocket (WebSocket).
  • Video dragging (VideoSeek).
  • Token authentication (Authentication).
  • CacheKey: Custom cache key.
  • Cache: Node cache TTL.
  • MaxAge: Browser cache TTL.
  • OfflineCache: Offline cache.
  • SmartRouting: Smart acceleration.
  • RangeOriginPull: Range GETs.
  • UpstreamHttp2: HTTP/2 forwarding.
  • HostHeader: Host header rewrite.
  • ForceRedirect: Force HTTPS.
  • OriginPullProtocol: Origin-pull HTTPS.
  • CachePrefresh: Cache prefresh.
  • Compression: Smart compression.
  • RequestHeader: HTTP request header modification.
  • HTTP response header modification (ResponseHeader).
  • Status code cache TTL (StatusCodeCache).
  • Hsts.
  • ClientIpHeader.
  • TlsVersion.
  • OcspStapling.
  • PropertiesArray of RulesPropertiesParameter information

    S3

    The configuration information of real-time log delivery to an AWS S3 compatible bucket

    Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

    NameTypeRequiredDescription
    EndpointStringYesThe URL without bucket name or path, for example: https://storage.googleapis.com, https://s3.ap-northeast-2.amazonaws.com, and https://cos.ap-nanjing.myqcloud.com.
    RegionStringYesThe region where the bucket is located, for example: ap-northeast-2.
    BucketStringYesThe bucket name and log storage directory, for example: your_bucket_name/EO-logs/. If the directory does not exist in the bucket, it will be created automatically.
    AccessIdStringYesThe Access Key ID used to access the bucket.
    AccessKeyStringYesThe secret key used to access the bucket.
    CompressTypeStringNoThe data compress type. Valid values:
  • gzip: gzip compression.
  • If this field is not filled in, compression is disabled.

    SecEntry

    Returned value of security data entry

    Used by actions: DescribeDDoSAttackData.

    NameTypeDescription
    KeyStringThe query dimension value.
    ValueArray of SecEntryValueThe details.

    SecEntryValue

    The security data queried by metric

    Used by actions: DescribeDDoSAttackData.

    NameTypeDescription
    MetricStringThe metric name.
    DetailArray of TimingDataItemThe time-series data details.
    MaxIntegerThe maximum value.
    AvgFloatThe average value.
    SumFloatSum

    SecurityConfig

    Security configuration

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    WafConfigWafConfigNoManaged rule. If the parameter is null or not filled, the configuration last set will be used by default.
    Note: This field may return null, indicating that no valid value can be obtained.
    RateLimitConfigRateLimitConfigNoRate limiting. If the parameter is null or not filled, the configuration last set will be used by default.
    Note: This field may return null, indicating that no valid value can be obtained.
    AclConfigAclConfigNoCustom rule. If the parameter is null or not filled, the configuration last set will be used by default.
    Note: This field may return null, indicating that no valid value can be obtained.
    BotConfigBotConfigNoBot configuration. If the parameter is null or not filled, the configuration last set will be used by default.
    Note: This field may return null, indicating that no valid value can be obtained.
    SwitchConfigSwitchConfigNoSwitch setting of the 7-layer protection. If the parameter is null or not filled, the configuration last set will be used by default.Note: This field may return null, indicating that no valid value can be obtained.
    IpTableConfigIpTableConfigNoBasic access control. If the parameter is null or not filled, the configuration last set will be used by default.
    Note: This field may return null, indicating that no valid value can be obtained.
    ExceptConfigExceptConfigNoException rule configuration. If the parameter is null or not filled, the configuration last set will be used by default.Note: This field may return null, indicating that no valid value can be obtained.
    DropPageConfigDropPageConfigNoCustom block page settings. If the parameter is null or not filled, the configuration last set will be used by default.Note: This field may return null, indicating that no valid value can be obtained.
    TemplateConfigTemplateConfigNoSecurity template settings
    Note: This field may return null, indicating that no valid value can be obtained.
    SlowPostConfigSlowPostConfigNoSettings for slow attack defense. If the parameter is null or not filled, the configuration last set will be used by default.Note: This field may return null, indicating that no valid value can be obtained.

    SecurityTemplateBinding

    Bindings of a security policy template

    Used by actions: DescribeSecurityTemplateBindings.

    NameTypeDescription
    TemplateIdStringtemplate ID
    TemplateScopeArray of TemplateScopeBinding status of the template.

    SecurityType

    The security type setting item.

    Used by actions: DescribeHostsSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable the security type setting. Values:
  • on: Enable
  • off: Disable
  • ServerCertInfo

    HTTPS server certificate configuration

    Used by actions: DescribeHostsSetting, ModifyHostsCertificate, ModifyZoneSetting.

    NameTypeRequiredDescription
    CertIdStringYesServer certificate ID, which originates from the SSL side. You can check the CertId from the SSL Certificate List.

    Note: This field may return null, which indicates a failure to obtain a valid value.
    AliasStringNoAlias of the certificate.
    Note: This field may return null, indicating that no valid values can be obtained.
    TypeStringNoType of the certificate. Values:
    u200c
  • default: Default certificate

  • u200c
  • upload: Custom certificate

  • u200c
  • managed: Tencent Cloud-managed certificate

  • Note: This field may return·null, indicating that no valid values can be obtained.
    ExpireTimeTimestamp ISO8601NoTime when the certificate expires.
    Note: This field may return null, indicating that no valid values can be obtained.
    DeployTimeTimestamp ISO8601NoTime when the certificate is deployed.
    Note: This field may return null, indicating that no valid values can be obtained.
    SignAlgoStringNoSignature algorithm.
    Note: This field may return null, indicating that no valid values can be obtained.
    CommonNameStringNoDomain name of the certificate.
    Note: This field may return null, indicating that no valid value can be obtained.

    SkipCondition

    Exception rule conditions, used to filter requests by specific fields

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    TypeStringYesThe field type. Values:
  • header_fields: HTTP request header
  • cookie: HTTP request cookie
  • query_string: Query string in the HTTP request URL
  • uri: HTTP request URI
  • body_raw: HTTP request body
  • body_json: JSON HTTP request body
  • SelectorStringYesThe specific field. Values:
  • args: Query parameter in the URI, such as "?name1=jack&age=12"
  • path: Partial path in the URI, such as "/path/to/resource.jpg"
  • full: Full path in the URI, such as "example.com/path/to/resource.jpg?name1=jack&age=12"
  • upload_filename: File path segment
  • keys: All keys
  • values: Values of all keys
  • key_value: Key and its value
  • MatchFromTypeStringNoThe match method used to match the key. Values:
  • equal: Exact match
  • wildcard: Wildcard match (only asterisks)
  • MatchFromArray of StringNoThe value that matches the key.
    Note: This field may return null, indicating that no valid value can be obtained.
    MatchContentTypeStringNoThe match method used to match the content.
  • equal: Exact match
  • wildcard: Wildcard match (only asterisks)
  • MatchContentArray of StringNoThe value that matches the content.
    Note: This field may return null, indicating that no valid value can be obtained.

    SlowPostConfig

    Slow attack defense configuration.

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesValues:
  • on: Enable
  • off: Disable
  • FirstPartConfigFirstPartConfigNoDetect slow attacks by the transfer period of the first 8 KB of requests
    Note: This field may return null, indicating that no valid value can be obtained.
    SlowRateConfigSlowRateConfigNoDetect slow attacks by the data rate of the main body (excluding the first 8 KB) of requests
    Note: This field may return null, indicating that no valid value can be obtained.
    ActionStringNoThe action to taken when a slow attack is detected. Values:
  • monitor: Observe
  • drop: Block the request

  • Note: This field may return null, indicating that no valid value can be obtained.
    RuleIdIntegerNoID of the rule
    Note: This field may return null, indicating that no valid value can be obtained.

    SlowRateConfig

    The configuration to detect slow attacks

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesSwitch. Values:
  • on: Enable
  • off: Disable
  • IntervalIntegerNoThe sampling interval in seconds. In this way, the first 8 KB of the request is ignored. The rest of data is separated in to multiple parts according to this interval for slow attack measurement.
    Note: This field may return null, indicating that no valid value can be obtained.
    ThresholdIntegerNoThe transfer rate threshold in bps. When the transfer rate of a sample is lower than the threshold, it’s considered a slow attack and handled according to the specified Action.
    Note: This field may return null, indicating that no valid value can be obtained.

    SmartRouting

    Smart acceleration configuration

    Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable smart acceleration. Values:
  • on: Enable
  • off: Disable
  • StandardDebug

    Standard debugging

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable standard debugging. Values:
  • on: Enable
  • off: Disable
  • AllowClientIPListArray of StringYesThe client IP to allow. It can be an IPv4/IPv6 address or a CIDR block. If not specified, it means to allow any client IP
    ExpireTimeTimestamp ISO8601YesThe time when the standard debugging setting expires. If it is exceeded, this feature becomes invalid.

    SubRule

    Nested rule settings

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    ConditionsArray of RuleAndConditionsYesThe condition that determines if a feature should run.
    Note: If any condition in the array is met, the feature will run.
    ActionsArray of ActionYesThe feature to be executed.

    SubRuleItem

    Rule engine nested rule

    Used by actions: CreateRule, DescribeRules, ModifyRule.

    NameTypeRequiredDescription
    RulesArray of SubRuleYesNested rule settings
    TagsArray of StringNoTag of the rule.

    Sv

    Pricing query parameter

    Used by actions: DescribeZones.

    NameTypeRequiredDescription
    KeyStringYesThe parameter key.
    ValueStringYesThe parameter value.
    PackStringNoQuota for a resource. Values:
  • zone: Quota for sites
  • custom-rule: Quota for custom rules
  • rate-limiting-rule: Quota for rate limiting rules
  • l4-proxy-instance: Quota for L4 proxy instances

  • Note: This field may return null, indicating that no valid values can be obtained.
    InstanceIdStringNoID of the L4 proxy instance.
    Note: This field may return null, indicating that no valid values can be obtained.
    ProtectionSpecsStringNoThe protection specification.
    Values:
  • cm_30G: 30 Gbps base protection bandwidth in Chinese mainland service area
  • cm_60G: 60 Gbps base protection bandwidth in Chinese mainland service area
  • cm_100G: 100 Gbps base protection bandwidth in Chinese mainland service area
  • anycast_300G: 300 Gbps Anycast-based protection in Global (MLC) service area
  • anycast_unlimited: Unlimited Anycast-based protection bandwidth in Global (MLC) service area
  • cm_30G_anycast_300G: 30 Gbps base protection bandwidth in Chinese mainland service area and 300 Gbps Anycast-based protection bandwidth in Global (MLC) service area
  • cm_30G_anycast_unlimited: 30 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service area
  • cm_60G_anycast_300G: 60 Gbps base protection bandwidth in **Chinese mainland** service area and 300 Gbps Anycast-based protection bandwidth in **Global (MLC)** service area</li><li> cm_60G_anycast_unlimited: 60 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service area
  • cm_100G_anycast_300G: 100 Gbps base protection bandwidth in Chinese mainland service area and 300 Gbps Anycast-based protection bandwidth in Global (MLC) service area
  • cm_100G_anycast_unlimited`: 100 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service area

  • Note: This field may return null, indicating that no valid values can be obtained.

    SwitchConfig

    Web security configuration switch

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    WebSwitchStringYesWhether to enable web protection. Values:
  • on: Enable
  • off: Disable
  • It does not affect DDoS and bot configuration.

    Tag

    Tag configuration

    Used by actions: CreateZone, DescribeZones.

    NameTypeRequiredDescription
    TagKeyStringYesThe tag key.
    Note: This field may return null, indicating that no valid values can be obtained.
    TagValueStringYesThe tag value.
    Note: This field may return null, indicating that no valid values can be obtained.

    Task

    Content management task result

    Used by actions: DescribePrefetchTasks, DescribePurgeTasks.

    NameTypeDescription
    JobIdStringID of the task.
    TargetStringResource.
    TypeStringType of the task.
    MethodStringNode cache purge method, with values:
  • invalidate: Marks as expired. A back-to-origin validation is triggered upon user request, sending an HTTP conditional request with If-None-Match and If-Modified-Since headers. If the origin server responds with 200, the node will fetch new resources from the origin and update the cache; if the origin server responds with 304, the cache will not be updated;
  • delete: Directly deletes the node's cache, triggering a resource fetch from the origin upon user request.

  • Note: This field may return null, which indicates a failure to obtain a valid value.
    StatusStringStatus. Valid values:
  • processing: Processing;
  • success: Succeeded;
  • failed: Failed;
  • timeout: Timed out.
  • CreateTimeTimestamp ISO8601Creation time of the task.
    UpdateTimeTimestamp ISO8601Completion time of the task.

    TemplateConfig

    Security template settings

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    TemplateIdStringYesThe template ID.
    TemplateNameStringYesThe template name.

    TemplateScope

    Domain names bound with the template.

    Used by actions: DescribeSecurityTemplateBindings.

    NameTypeRequiredDescription
    ZoneIdStringNoID of the site.
    Note: This field may return·null, indicating that no valid values can be obtained.
    EntityStatusArray of EntityStatusNoList of instance statuses
    Note: This field may return·null, indicating that no valid values can be obtained.

    TimingDataItem

    Data items of the statistical curve

    Used by actions: DescribeDDoSAttackData, DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.

    NameTypeDescription
    TimestampIntegerTime point for returning data, in the format of Unix timestamp in seconds.
    ValueIntegerThe value.

    TimingDataRecord

    The time-series data

    Used by actions: DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.

    NameTypeDescription
    TypeKeyStringThe query dimension value.
    TypeValueArray of TimingTypeValueDetailed time series data

    TimingTypeValue

    Detailed data of time series type

    Used by actions: DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.

    NameTypeDescription
    SumIntegerSum.
    MaxIntegerThe maximum value.
    AvgIntegerThe average value.
    MetricNameStringMetric name.
    DetailArray of TimingDataItemDetails.
    Note: This field may return null, indicating that no valid values can be obtained.

    TopDataRecord

    The top-ranked data record

    Used by actions: DescribeTopL7AnalysisData, DescribeTopL7CacheData.

    NameTypeDescription
    TypeKeyStringThe query dimension value.
    DetailDataArray of TopDetailDataTop data rankings

    TopDetailData

    The top-ranked data details

    Used by actions: DescribeTopL7AnalysisData, DescribeTopL7CacheData.

    NameTypeDescription
    KeyStringThe field name.
    ValueIntegerThe field value.

    TopEntry

    The Top-ranked data

    Used by actions: DescribeDDoSAttackTopData.

    NameTypeDescription
    KeyStringThe query dimension value.
    ValueArray of TopEntryValueThe details.

    TopEntryValue

    The top-ranked data

    Used by actions: DescribeDDoSAttackTopData.

    NameTypeDescription
    NameStringThe item name.
    CountIntegerThe number of items.

    UpstreamCertInfo

    The certificate carried during EO node origin-pull is used when the origin server enables the mutual authentication handshake to validate the client certificate, ensuring that the request originates from a trusted EO node.

    Used by actions: DescribeAccelerationDomains.

    NameTypeRequiredDescription
    UpstreamMutualTLSMutualTLSNoIn the origin-pull mutual authentication scenario, this field represents the certificate (including the public and private keys) carried during EO node origin-pull, which is deployed in the EO node for the origin server to authenticate the EO node. When used as an input parameter, it is left blank to indicate retaining the original configuration.

    UpstreamHttp2

    HTTP2 origin-pull configuration

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable HTTP2 origin-pull. Valid values:
  • on: Enable;
  • off: Disable.
  • VanityNameServers

    Custom name servers

    Used by actions: DescribeZones, ModifyZone.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable custom name servers. Values:
  • on: Enable
  • off: Disable
  • ServersArray of StringNoList of custom name servers

    VanityNameServersIps

    IP information of the custom name server

    Used by actions: DescribeZones.

    NameTypeDescription
    NameStringCustom name of the name server
    IPv4StringIPv4 address of the custom name server

    Waf

    N/A

    Used by actions: DescribeHostsSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable WAF. Values:
  • on: Enable
  • off: Disable
  • PolicyIdIntegerNoID of the policy

    WafConfig

    WAF configuration.

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable WAF configuration. Values:
  • on: Enable
  • off: Disable
  • The configuration can be modified even when it is disabled.
    LevelStringYesThe protection level. Values:
  • loose: Loose
  • normal: Moderate
  • strict: Strict
  • stricter: Super strict
  • custom: Custom
  • ModeStringYesThe WAF global mode. Values:
  • block: Block globally
  • observe: Observe globally
  • WafRuleWafRuleNoThe settings of the managed rule. If it is null, the settings that were last configured will be used.
    AiRuleAiRuleNoThe setting of the AI rule engine. If it is null, the setting that was last configured will be used.

    WafRule

    WAF rule

    Used by actions: ModifySecurityPolicy.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable managed rules. Values:
  • on: Enable
  • off: Disable
  • BlockRuleIDsArray of IntegerYesIDs of the rules to be disabled.
    ObserveRuleIDsArray of IntegerYesIDs of the rules to be executed in Observe mode.

    WebSocket

    WebSocket configuration

    Used by actions: DescribeZoneSetting, ModifyZoneSetting.

    NameTypeRequiredDescription
    SwitchStringYesWhether to enable WebSocket connection timeout. Values:
  • on: The field "Timeout" can be configured.
  • off: The field "Timeout" is fixed to 15 seconds.
  • TimeoutIntegerNoThe timeout period in seconds. Maximum value: 120.

    Zone

    Site information

    Used by actions: DescribeZones.

    NameTypeDescription
    ZoneIdStringSite ID.
    ZoneNameStringThe site name.
    OriginalNameServersArray of StringList of name servers used by the site
    NameServersArray of StringThe list of name servers assigned by Tencent Cloud.
    StatusStringThe site status. Values:
    u200c
  • active: The name server is switched to EdgeOne.

  • u200c
  • pending: The name server is not switched.

  • u200c
  • moved: The name server is changed to other service providers.

  • u200c
  • deactivated: The site is blocked.
  • initializing: The site is not bound with any plan.
  • TypeStringSite access method. Valid values:
  • full: NS access;
  • partial: CNAME access;
  • noDomainAccess: access with no domain name.
  • PausedBooleanWhether the site is disabled.
    CnameSpeedUpStringWhether CNAME acceleration is enabled. Values:
  • enabled: Enabled
  • disabled: Disabled
  • CnameStatusStringCNAME record access status. Values:
  • finished: The site is verified.
  • pending: The site is being verified.
  • TagsArray of TagThe list of resource tags.
    ResourcesArray of ResourceThe list of billable resources.
    CreatedOnTimestamp ISO8601The creation time of the site.
    ModifiedOnTimestamp ISO8601The modification date of the site.
    AreaStringThe site access region. Values:
  • global: Global.
  • mainland: Chinese mainland.
  • overseas: Outside the Chinese mainland.
  • VanityNameServersVanityNameServersThe custom name server information.
    Note: This field may return null, indicating that no valid values can be obtained.
    VanityNameServersIpsArray of VanityNameServersIpsThe custom name server IP information.
    Note: This field may return null, indicating that no valid values can be obtained.
    ActiveStatusStringStatus of the proxy. Values:
  • active: Enabled
  • inactive: Not activated
  • paused: Disabled
  • AliasZoneNameStringThe site alias. It can be up to 20 characters consisting of digits, letters, hyphens (-) and underscores (_).
    Note: This field may return null, indicating that no valid values can be obtained.
    IsFakeIntegerWhether it’s a fake site. Valid values:
  • 0: Non-fake site;
  • 1: Fake site.
  • LockStatusStringLock status. Values:
  • enable: Normal. Modification is allowed.
  • disable: Locked. Modification is not allowed.
  • plan_migrate: Adjusting the plan. Modification is not allowed.
  • OwnershipVerificationOwnershipVerificationOwnership verification information
    Note: This field may return·null, indicating that no valid values can be obtained.

    ZoneSetting

    The site configuration.

    Used by actions: DescribeZoneSetting.

    NameTypeDescription
    ZoneNameStringName of the site
    AreaStringSite acceleration region. Values:
  • mainland: Acceleration in the Chinese mainland.
  • overseas: Acceleration outside the Chinese mainland.
  • CacheKeyCacheKeyNode cache key configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    QuicQuicThe QUIC access configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    PostMaxSizePostMaxSizeThe POST transport configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    CompressionCompressionSmart compression configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    UpstreamHttp2UpstreamHttp2HTTP2 origin-pull configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    ForceRedirectForceRedirectForce HTTPS redirect configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    CacheConfigCacheConfigCache expiration time configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    OriginOriginOrigin server configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    SmartRoutingSmartRoutingSmart acceleration configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    MaxAgeMaxAgeBrowser cache configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    OfflineCacheOfflineCacheThe offline cache configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    WebSocketWebSocketWebSocket configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    ClientIpHeaderClientIpHeaderOrigin-pull client IP header configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    CachePrefreshCachePrefreshCache prefresh configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    Ipv6Ipv6IPv6 access configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    HttpsHttpsHTTPS acceleration configuration
    Note: This field may return null, indicating that no valid values can be obtained.
    ClientIpCountryClientIpCountryWhether to carry the location information of the client IP during origin-pull.
    Note: This field may return null, indicating that no valid value can be obtained.
    GrpcGrpcConfiguration of gRPC support
    Note: This field may return null, indicating that no valid value can be obtained.
    ImageOptimizeImageOptimizeImage optimization configuration.
    Note: This field may return null, indicating that no valid value was found.
    AccelerateMainlandAccelerateMainlandCross-MLC-border acceleration.
    Note: This field may return null, indicating that no valid values can be obtained.
    StandardDebugStandardDebugStandard debugging configuration.
    Note: This field may return null, indicating that no valid values can be obtained.
    JITVideoProcessJITVideoProcessJust-in-time media processing configuration.
    Note: This field may return null, which indicates a failure to obtain a valid value.