PutEnableFwSwitch - Cloud Firewall - Alibaba Cloud Documentation Center

Enables a firewall.

Operation description

You can call this operation to enable a firewall. After the firewall is enabled, traffic passes through Cloud Firewall.

QPS limits

This operation is limited to 5 queries per second (QPS) per user. If you exceed this limit, your API calls are throttled. This may affect your business. We recommend that you call this operation at a reasonable rate.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter	Type	Required	Description	Example
SourceIp `deprecated`	string	No	The source IP address of the request.	192.0.XX.XX
Lang	string	No	The language of the messages that you receive. zh: Chinese en: English	zh
IpaddrList	array	No	The list of IP addresses. Note You must specify a value for at least one of the IpaddrList, RegionList, and ResourceTypeList parameters. These parameters cannot be all empty.	["192.0.X.X","192.0.X.X"]
	string	No	The list of IP addresses. Note You must specify a value for at least one of the IpaddrList, RegionList, and ResourceTypeList parameters. These parameters cannot be all empty.	192.0.XX.XX
RegionList	array	No	The list of regions. Note You must specify a value for at least one of the IpaddrList, RegionList, and ResourceTypeList parameters. These parameters cannot be all empty.	["cn-hangzhou","cn-shanghai"]
	string	No	The list of regions. Note You must specify a value for at least one of the IpaddrList, RegionList, and ResourceTypeList parameters. These parameters cannot be all empty.	cn-hangzhou,cn-shanghai
ResourceTypeList	array	No	The list of asset types. Valid values: BastionHostIP: The egress IP address of a bastion host. BastionHostIngressIP: The ingress IP address of a bastion host. EcsEIP: The EIP of an ECS instance. EcsPublicIP: The public IP address of an ECS instance. EIP: An EIP. EniEIP: The EIP of an elastic network interface (ENI). NatEIP: The EIP of a NAT gateway. SlbEIP: The EIP of an SLB instance. SlbPublicIP: The public IP address of an SLB instance. NatPublicIP: The public IP address of a NAT gateway. HAVIP: A high-availability virtual IP address (HAVIP). Note You must specify a value for at least one of the IpaddrList, RegionList, and ResourceTypeList parameters. These parameters cannot be all empty.	["EcsPublicIp","NatEip"]
	string	No	The list of asset types. Valid values: BastionHostIP: The egress IP address of a bastion host. BastionHostIngressIP: The ingress IP address of a bastion host. EcsEIP: The EIP of an ECS instance. EcsPublicIP: The public IP address of an ECS instance. EIP: An EIP. EniEIP: The EIP of an ENI. NatEIP: The EIP of a NAT gateway. SlbEIP: The EIP of an SLB instance. SlbPublicIP: The public IP address of an SLB instance. NatPublicIP: The public IP address of a NAT gateway. HAVIP: A HAVIP. Note You must specify a value for at least one of the IpaddrList, RegionList, and ResourceTypeList parameters. These parameters cannot be all empty.	EcsPublicIp,NatEip
MemberUid	string	No	The unique identifier (UID) of the member.	1234
IpVersion	string	No	The IP version.	4

Response elements

Element	Type	Description	Example
	object
RequestId	string	The request ID.	B2841452-CB8D-4F7D-B247-38E1CF7334F8
AbnormalResourceStatusList	array<object>	The list of status information for assets that are not synchronized.
	object
Resource	string	The IP address of the asset.	203.0.113.0
Status	string	The status of the asset that is not synchronized. Valid value: ip_not_sync: The asset is not synchronized.	ip_not_sync
Msg	string	The message for the asset that is not synchronized. Valid value: cloudfirewall do not sync this ip address: Cloud Firewall did not synchronize the IP address of this asset.	cloudfirewall do not sync this ip address

Examples

Success response

JSON format

{
  "RequestId": "B2841452-CB8D-4F7D-B247-38E1CF7334F8",
  "AbnormalResourceStatusList": [
    {
      "Resource": "203.0.113.0",
      "Status": "ip_not_sync",
      "Msg": "cloudfirewall do not sync this ip address"
    }
  ]
}

Error codes

HTTP status code	Error code	Error message	Description
400	ErrorInstanceOpenIpNumExceed	The maximum number of protected assets has been reached.	The maximum number of protected assets has been reached.
400	ErrorInstanceStatusNotNormal	This operation is not supported when the instance is in the current state.	This operation is not supported when the instance is in the current state.
400	ErrorParamsNotEnough	Parameters are insufficient.	Parameters are insufficient.
400	ErrorDBTxError	A database transaction error occurred.	The error message returned because an internal error has occurred in the database transaction.
400	ErrorParamsInvalid	Invalid Params	The parameter is invalid.
400	ErrorInstanceOpenIpRegionNumExceed	open ip region num exceed.	Your zone protection quota is insufficient.
400	ErrorBandwidthPenalty	Cloud Firewall bandwidth is being overused.	Cloud Firewall bandwidth is being overused.
400	ErrorGeneralInstanceSpecFull	Cloud Firewall instance specifications are full.	Cloud Firewall instance specifications are full.
401	ErrorAuthentication	An authentication error occurred.	An authentication error occurred.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.