ConfigL7RsPolicy - Anti-DDoS - Alibaba Cloud Documentation Center

Configures a back-to-origin policy for the forwarding rule of a website.

Operation description

If multiple origin servers are configured for a website that is added to Anti-DDoS Pro or Anti-DDoS Premium, you can modify the load balancing algorithms for back-to-origin traffic based on back-to-origin policies. The IP hash algorithm is used by default. You can change the algorithm to the round-robin or least response time algorithm. For more information, see the description of the Policy parameter in the "Request parameters" section of this topic.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-ddoscoo:ConfigL7RsPolicy	none	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
ResourceGroupId	string	No	The ID of the resource group to which the instance belongs in Resource Management. This parameter is empty by default, which indicates that the instance belongs to the default resource group. For more information about resource groups, see Create a resource group.	rg-acfm2pz25js****
Domain	string	Yes	The domain name of the website. Note A forwarding rule must be configured for the domain name. You can call the DescribeDomains operation to query the domain names for which forwarding rules are configured.	www.aliyun.com
Policy	string	Yes	The back-to-origin policy. The value is a string that consists of a JSON struct. The JSON struct contains the following fields: ProxyMode: The load balancing algorithm for back-to-origin traffic. This field is required and must be a string. Valid values: ip_hash: the IP hash algorithm. This algorithm is used to redirect requests from the same IP address to the same origin server. rr: the round-robin algorithm. This algorithm is used to redirect requests to origin servers in turn. If you use this algorithm, you can specify a weight for each server based on server performance. least_time: the least response time algorithm. This algorithm is used to minimize the latency when requests are forwarded from the instance to origin servers based on the intelligent DNS resolution feature. Attributes: the parameters for back-to-origin processing. This field is optional and must be a JSON array. Each element in the array contains the following fields: RealServer: the address of the origin server. This field is optional and must be a string. Attribute: the parameter for back-to-origin processing. This field is optional and must be a JSON object. Valid values: Weight: the weight of the server. This field is optional and must be an integer. This field takes effect only when ProxyMode is set to rr. Valid values: 1 to 100. Default value: 100. An origin server with a higher weight receives more requests. ConnectTimeout: the timeout period for new connections. This field is optional and must be an integer. Valid values: 1 to 10. Unit: seconds. Default value: 5. FailTimeout: the period after which a connection is considered to have failed. This field is optional and must be an integer. Valid values: 1 to 3600. Unit: seconds. Default value: 10. MaxFails: the maximum number of failures allowed. This field is related to health checks. This field is optional and must be an integer. Valid values: 1 to 10. Unit: seconds. Default value: 3. Mode: the primary/secondary attribute flag. This parameter is optional and must be a string. Valid values: active (primary) and backup (secondary). ReadTimeout: the read timeout period. This field is optional and must be an integer. Valid values: 10 to 300. Unit: seconds. Default value: 120. SendTimeout: the write timeout period. This field is optional and must be an integer. Valid values: 10 to 300. Unit: seconds. Default value: 120.	{"ProxyMode":"rr","Attributes":[{"RealServer":"1.*..1","Attribute":{"Weight":100}},{"RealServer":"2..*.2","Attribute":{"Weight":100}}]}
UpstreamRetry	integer	No	The retry switch. Valid values: 1: on 0: off	1

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The ID of the request.	0bcf28g5-d57c-11e7-9bs0-d89d6717dxbc

Examples

Sample success responses

JSONformat

{
  "RequestId": "0bcf28g5-d57c-11e7-9bs0-d89d6717dxbc"
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2024-05-09	The request parameters of the API has changed	View Change Details