All Products
Search
Document Center

Web Application Firewall:List of operations by function

Last Updated:Nov 15, 2024
This product(waf-openapi/2021-10-01) OpenAPI adopts RPC Signature style. See signature details in Description of the signature mechanism. We have packaged SDKs for common programming languages for developers. Developers can directly call the OpenAPI of this product by downloading the SDK without paying attention to the technical details. If the existing SDK cannot meet the usage requirements, you can connect through the signature mechanism. It will take about 5 working days. Therefore, it is recommended to join our DingTalk service group (78410016550) and sign under the guidance of experts.
Before using the API, you need to prepare your identity account and access key (AccessKey) to effectively access the API through client tools (SDK, CLI, etc.). For details see getAccessKey.

Instance information

APITitleDescription
CreatePostpaidInstanceCreatePostpaidInstanceCreates a pay-as-you-go Web Application Firewall (WAF) 3.0 instance.
DescribeInstanceDescribeInstanceQueries the details of a Web Application Firewall (WAF) instance within the current Alibaba Cloud account.
ReleaseInstanceReleaseInstanceReleases a Web Application Firewall (WAF) 3.0 instance.

Website Configuration

APITitleDescription
Cloud NativeCloud Native
SyncProductInstanceSyncProductInstanceSynchronizes Elastic Compute Service (ECS) instances and Classic Load Balancer (CLB) instances to Web Application Firewall (WAF).
DescribeCloudResourcesDescribeCloudResourcesQueries cloud service resources that are added to Web Application Firewall (WAF).
DescribeProductInstancesDescribeProductInstancesQueries the cloud service instances to be added to Web Application Firewall (WAF) in transparent proxy mode.
DescribeResourceSupportRegionsDescribeResourceSupportRegionsQueries the region IDs of the Classic Load Balancer (CLB) and Elastic Compute Service (ECS) instances that are added to Web Application Firewall (WAF) in cloud native mode.
DescribeResourceRegionIdDescribeResourceRegionIdQueries the region IDs of the resources that are added to Web Application Firewall (WAF) in cloud native mode. The resources include Application Load Balancer (ALB) instances, Microservices Engine (MSE) instances, and custom domain names bound to web applications in Function Compute.
DescribeResourceInstanceCertsDescribeResourceInstanceCertsQueries the certificates that are used in cloud service instances. The certificates returned include the certificates within the delegated administrator account and the certificates within members to which specific instances belong. For example, the delegated administrator account has certificate 1, instance lb-xx-1 belongs to member B, and member B has certificate 2. If you specify instance lb-xx-1 in the request, certificate 1 and certificate 2 are returned.
CreateCloudResourceCreateCloudResourceAdds a service to Web Application Firewall (WAF). This operation is supported for only the Elastic Compute Service (ECS) and Classic Load Balancer (CLB) services.
ModifyCloudResourceModifyCloudResourceModifies the configurations of a service that is added to Web Application Firewall (WAF).
DeleteCloudResourceDeleteCloudResourceRemoves a service from Web Application Firewall (WAF). This operation is supported for only the Elastic Compute Service (ECS) and Classic Load Balancer (CLB) services.
DescribeCloudResourceAccessedPortsDescribeCloudResourceAccessedPortsQueries the ports of the cloud service that is added to Web Application Firewall (WAF). This operation is supported for only Elastic Compute Service (ECS) and Classic Load Balancer (CLB).
DescribeCloudResourceAccessPortDetailsDescribeCloudResourceAccessPortDetailsQueries a port of the cloud service that is added to Web Application Firewall (WAF). This operation is supported for only Elastic Compute Service (ECS) and Classic Load Balancer (CLB).
CNAME RecordCNAME Record
CreateDomainCreateDomainAdds a domain name to Web Application Firewall (WAF).
ModifyDomainModifyDomainModifies the configurations of a domain name that is added to Web Application Firewall (WAF) in CNAME record mode.
DeleteDomainDeleteDomainDeletes a domain name that is added to Web Application Firewall (WAF).
DescribeDomainsDescribeDomainsQueries the domain names that are added to Web Application Firewall (WAF).
DescribeDomainDetailDescribeDomainDetailQueries the details of a domain name that is added to Web Application Firewall (WAF).
DescribePunishedDomainsDescribePunishedDomainsQueries a list of domain names that are added to Web Application Firewall (WAF) and penalized for failing to obtain an Internet Content Provider (ICP) filing.
ModifyDomainPunishStatusModifyDomainPunishStatusRe-adds a domain name that is penalized for failing to obtain an Internet Content Provider (ICP) filing to Web Application Firewall (WAF).
DescribeCertDetailDescribeCertDetailQueries the details of a certificate, such as the certificate name, expiration time, issuance time, and associated domain name.
DescribeCertsDescribeCertsQueries the certificates issued for your domain names that are added to Web Application Firewall (WAF).
DescribeDomainDNSRecordDescribeDomainDNSRecordChecks whether the Domain Name System (DNS) settings of a domain name are properly configured.
DescribeWafSourceIpSegmentDescribeWafSourceIpSegmentQueries the back-to-origin CIDR blocks of a Web Application Firewall (WAF) instance.
DescribeResourcePortDescribeResourcePortQueries the ports of a cloud service instance that are added to Web Application Firewall (WAF).
DescribeDDoSStatusDescribeDDoSStatusChecks whether DDoS attacks occur on specific domain names protected by a Web Application Firewall (WAF) instance.
CreateSM2CertCreateSM2CertUploads a ShangMi (SM) certificate for a domain name that is added to Web Application Firewall (WAF) in CNAME record mode.
DescribeCnameCountDescribeCnameCountQueries the total number of domain names that are added to Web Application Firewall (WAF) in CNAME record mode and hybrid cloud reverse proxy mode.
DescribeDefaultHttpsDescribeDefaultHttpsQueries the default SSL and Transport Layer Security (TLS) settings.
ModifyDefaultHttpsModifyDefaultHttpsModifies the default SSL and Transport Layer Security (TLS) settings.
Hybrid CloudHybrid Cloud
DescribeHybridCloudResourcesDescribeHybridCloudResourcesQueries the domain names that are added to a Web Application Firewall (WAF) instance in hybrid cloud mode.

Protection Configurations

APITitleDescription
Protected objectsProtected objects
CreateDefenseResourceGroupCreateDefenseResourceGroupCreates a protected object group.
ModifyDefenseResourceGroupModifyDefenseResourceGroupModifies the configurations of a protected object group.
DeleteDefenseResourceGroupDeleteDefenseResourceGroupDeletes a protected object group.
DescribeDefenseResourceGroupDescribeDefenseResourceGroupQueries the information about a protected object group.
DescribeDefenseResourceGroupsDescribeDefenseResourceGroupsPerforms a pagination query to retrieve the information about protected object groups.
DescribeDefenseResourceGroupNamesDescribeDefenseResourceGroupNamesQueries the names of protected object groups.
DescribeDefenseResourceDescribeDefenseResourceQueries the information about a protected object.
DescribeDefenseResourcesDescribeDefenseResourcesQueries protected objects by page.
DescribeDefenseResourceNamesDescribeDefenseResourceNamesPerforms a pagination query to retrieve the names of protected objects.
ModifyDefenseResourceXffModifyDefenseResourceXffModifies the cookie settings of a protected object and the method to identify the originating IP addresses of clients.
ModifyPauseProtectionStatusModifyPauseProtectionStatusModifies the protection status of Web Application Firewall (WAF).
DescribePauseProtectionStatusDescribePauseProtectionStatusQueries the protection status of Web Application Firewall (WAF).
Protection rulesProtection rules
ModifyDefenseRuleCacheModifyDefenseRuleCacheUpdates the cached page of a website that is protected based on a website tamper-proofing rule.
DescribeDefenseResourceTemplatesDescribeDefenseResourceTemplatesQueries the protection templates that are associated with a protected object or protected object group.
DescribeDefenseTemplateValidGroupsDescribeDefenseTemplateValidGroupsQueries the names of protected object groups for which a protection template can take effect.
DescribeDefenseTemplatesDescribeDefenseTemplatesPerforms a paging query to retrieve protection templates.
CreateDefenseTemplateCreateDefenseTemplateCreates a protection rule template.
CopyDefenseTemplateCopyDefenseTemplateCreates a new protection template from the copy.
ModifyDefenseTemplateModifyDefenseTemplateModifies the configurations of a protection rule template.
DescribeDefenseTemplateDescribeDefenseTemplateQueries a protection rule template.
ModifyDefenseTemplateStatusModifyDefenseTemplateStatusChanges the status of a protection rule template.
DeleteDefenseTemplateDeleteDefenseTemplateDeletes a protection rule template.
CreateDefenseRuleCreateDefenseRuleCreates a protection rule.
ModifyDefenseRuleModifyDefenseRuleModifies the configurations of a protection rule.
ModifyDefenseRuleStatusModifyDefenseRuleStatusChanges the status of a protection rule.
DeleteDefenseRuleDeleteDefenseRuleDeletes a protection rule.
DescribeDefenseRuleDescribeDefenseRuleQueries a protection rule.
DescribeDefenseRulesDescribeDefenseRulesQueries protection rules by page.
ModifyTemplateResourcesModifyTemplateResourcesAssociates or disassociates a protection resource with or from a protection rule template.
DescribeTemplateResourcesDescribeTemplateResourcesQueries the resources that are associated to a protection rule template.
DescribeTemplateResourceCountDescribeTemplateResourceCountQueries the number of protected resources for which a protection template takes effect.
DescribeRuleGroupsDescribeRuleGroupsQueries regular expression rule groups by page.
Protection for Major EventsProtection for Major Events
CreateMajorProtectionBlackIpCreateMajorProtectionBlackIpCreates an IP address blacklist for major event protection.
ModifyMajorProtectionBlackIpModifyMajorProtectionBlackIpModifies an IP address blacklist for major event protection.
DeleteMajorProtectionBlackIpDeleteMajorProtectionBlackIpDeletes an IP address blacklist for major event protection.
ClearMajorProtectionBlackIpClearMajorProtectionBlackIpClears an IP address blacklist for major event protection.
DescribeMajorProtectionBlackIpsDescribeMajorProtectionBlackIpsQueries IP addresses in an IP address blacklist for major event protection by page.

APITitleDescription
DeleteApisecAbnormalsDeleteApisecAbnormalsDeletes multiple risks detected by the API security module at a time.
ModifyApisecAbnormalsModifyApisecAbnormalsModifies the status of multiple risks detected by the API security module at a time.
DescribeApisecAssetTrendDescribeApisecAssetTrendQueries the asset trends in the API security module.
DescribeApisecEventDomainStatisticDescribeApisecEventDomainStatisticQueries the statistics on domain names on which security events are detected by the API security module.
DescribeApisecSensitiveDomainStatisticDescribeApisecSensitiveDomainStatisticQueries the statistics on domain names on which sensitive data is detected by the API security module.
ModifyApisecEventsModifyApisecEventsModifies the status of multiple security events detected by the API security module at a time.
DeleteApisecEventsDeleteApisecEventsDeletes multiple security events detected by the API security module at a time.
DescribeApisecLogDeliveriesDescribeApisecLogDeliveriesQueries the configurations of API security log subscription.
DescribeApisecSlsLogStoresDescribeApisecSlsLogStoresQueries the Logstores whose names start with apisec- in Simple Log Service.
ModifyApisecLogDeliveryStatusModifyApisecLogDeliveryStatusModifies the status of API security log subscription.
DescribeApisecSlsProjectsDescribeApisecSlsProjectsQueries the projects whose names start with apisec- in Simple Log Service.
ModifyApisecLogDeliveryModifyApisecLogDeliveryModifies the configurations of API security log subscription.
CreateApiExportCreateApiExportCreates a data export task in the API security module.
DescribeApiExportsDescribeApiExportsQueries the list of data export tasks in the API security module.
DescribeApisecAbnormalsDescribeApisecAbnormalsQueries the list of API security risks.
DescribeApisecApiResourcesDescribeApisecApiResourcesQueries API assets in the API security module.
ModifyApisecStatusModifyApisecStatusChanges the status of the API security module for protected objects or protected object groups.
ModifyApisecModuleStatusModifyApisecModuleStatusChanges the status of features in the API security module for protected objects or protected object groups.
ModifyApisecApiResourceModifyApisecApiResourceModifies the annotations of APIs in the API security module.
DescribeUserEventTypeDescribeUserEventTypeQueries the types and statistics of security events in the API security module.
DescribeUserEventTrendDescribeUserEventTrendQueries the trends of attacks detected by the API security module.
DescribeUserAssetDescribeUserAssetQueries the user asset statistics in the API security module.
DescribeUserApiRequestDescribeUserApiRequestQueries the traffic statistics of an API.
DescribeUserAbnormalTypeDescribeUserAbnormalTypeQueries the types and statistics of risks in the API security module.
DescribeUserAbnormalTrendDescribeUserAbnormalTrendQueries the trends of API security risks.
DescribeSensitiveStatisticDescribeSensitiveStatisticQueries the sensitive data statistics of the tracing and auditing feature.
DescribeSensitiveRequestsDescribeSensitiveRequestsQueries the tracing results of sensitive data.
DescribeSensitiveRequestLogDescribeSensitiveRequestLogQueries the access logs of sensitive data.
DescribeSensitiveOutboundTrendDescribeSensitiveOutboundTrendQueries the trends of cross-border data transfer of personal information.
DescribeSensitiveOutboundStatisticDescribeSensitiveOutboundStatisticQueries the data types of personal information involved in cross-border data transfer.
DescribeSensitiveOutboundDistributionDescribeSensitiveOutboundDistributionQueries the traffic distribution of personal information records involved in cross-border data transfer.
DescribeSensitiveDetectionResultDescribeSensitiveDetectionResultQueries the compliance check results of API security.
DescribeSensitiveApiStatisticDescribeSensitiveApiStatisticQueries the personal information-related APIs and domain names.
DescribeFreeUserEventsDescribeFreeUserEventsQueries the list of security events on which basic detection is performed in the API security module.
DescribeFreeUserEventTypesDescribeFreeUserEventTypesQueries the types of security events on which basic detection is performed in the API security module.
DescribeFreeUserEventCountDescribeFreeUserEventCountQueries the statistics of security events that are detected by using the basic detection feature of the API security module.
DescribeFreeUserAssetCountDescribeFreeUserAssetCountQueries the asset statistics provided by basic detection in the API security module.
DescribeApisecUserOperationsDescribeApisecUserOperationsQueries user operation records in the API security module.
DescribeApisecSuggestionsDescribeApisecSuggestionsQueries the protection suggestions for APIs.
DescribeApisecStatisticsDescribeApisecStatisticsQueries the statistics of API security-related risks and events.
DescribeApisecRulesDescribeApisecRulesQueries the policies configured in the API security module.
DescribeApisecProtectionResourcesDescribeApisecProtectionResourcesQueries the list of protected objects to which API security policies are applied.
DescribeApisecProtectionGroupsDescribeApisecProtectionGroupsQueries the list of protected object groups to which API security policies are applied.
DescribeApisecMatchedHostsDescribeApisecMatchedHostsQueries the list of domain names detected in the API security module.
DescribeApisecEventsDescribeApisecEventsQueries API security events.

Report information

APITitleDescription
DescribeFlowChartDescribeFlowChartQueries the traffic statistics of requests that are forwarded to Web Application Firewall (WAF).
DescribePeakTrendDescribePeakTrendQueries the queries per second (QPS) statistics of a WAF instance.
DescribeResponseCodeTrendGraphDescribeResponseCodeTrendGraphQueries the trend of the number of error codes that are returned to clients or Web Application Firewall (WAF). The error codes include 302, 405, 444, 499, and 5XX.
DescribeVisitUasDescribeVisitUasQueries the top 10 user agents that are used to initiate requests.
DescribeVisitTopIpDescribeVisitTopIpQueries the top 10 IP addresses from which requests are sent.
DescribeRuleHitsTopResourceDescribeRuleHitsTopResourceQueries the top 10 protected objects that trigger protection rules.
DescribeRuleHitsTopRuleIdDescribeRuleHitsTopRuleIdQueries the IDs of the top 10 protection rules that are matched by requests.
DescribeRuleHitsTopTuleTypeDescribeRuleHitsTopTuleTypeQueries the top 10 protection modules that are matched.
DescribeRuleHitsTopUrlDescribeRuleHitsTopUrlQueries the top 10 URLs that trigger protection rules.
DescribeRuleHitsTopClientIpDescribeRuleHitsTopClientIpQueries the top 10 IP addresses from which attacks are initiated.
DescribeFlowTopResourceDescribeFlowTopResourceQueries the top 10 protected objects that receive requests.
DescribeRuleHitsTopUaDescribeRuleHitsTopUaQueries the top 10 user agents that are used to initiate attacks.
DescribeFlowTopUrlDescribeFlowTopUrlQueries the top 10 URLs that are used to initiate requests.

Log configurations

APITitleDescription
DescribeUserSlsLogRegionsDescribeUserSlsLogRegionsQueries available regions for log storage.
DescribeUserWafLogStatusDescribeUserWafLogStatusQueries the status, region ID, and status modification time of Web Application Firewall (WAF) logs.
DescribeSlsAuthStatusDescribeSlsAuthStatusQueries whether Web Application Firewall (WAF) is authorized to access Logstores.
DescribeSlsLogStoreStatusDescribeSlsLogStoreStatusQueries the status of a Simple Log Service Logstore.
DescribeSlsLogStoreDescribeSlsLogStoreQueries information about a Logstore, such as the total capacity, storage duration, and used capacity.
ModifyResourceLogStatusModifyResourceLogStatusEnables or disables the log collection feature for a protected object.
DescribeResourceLogStatusDescribeResourceLogStatusQueries whether the log collection feature is enabled for a protected object.

Hybrid Cloud Cluster Management

APITitleDescription
DescribeHybridCloudServerRegionsDescribeHybridCloudServerRegionsQueries information about the regions that the hybrid cloud mode supports, such as the Internet service providers (ISPs), continents, and cities.
DescribeHybridCloudUnassignedMachinesDescribeHybridCloudUnassignedMachinesQueries servers that are not assigned to a hybrid cloud cluster.
ModifyHybridCloudClusterBypassStatusModifyHybridCloudClusterBypassStatusEnables or disables manual bypass for a hybrid cloud cluster of the SDK-based traffic mirroring mode.
DescribeHybridCloudUserDescribeHybridCloudUserQueries the HTTP and HTTPS ports that you can use when you add a domain name to Web Application Firewall (WAF) in hybrid cloud mode.
DescribeHybridCloudGroupsDescribeHybridCloudGroupsQueries the hybrid cloud node groups that are added to Web Application Firewall (WAF).

Multi Account Management

APITitleDescription
CreateMemberAccountsCreateMemberAccountsAdds members to use the multi-account management feature of Web Application Firewall (WAF).
ModifyMemberAccountModifyMemberAccountModifies the information about members that are added for multi-account management.
DeleteMemberAccountDeleteMemberAccountRemoves the members that are added for multi-account management in Web Application Firewall (WAF).
DescribeAccountDelegatedStatusDescribeAccountDelegatedStatusQueries whether an Alibaba Cloud account is the delegated administrator account of a Web Application Firewall (WAF) instance.
DescribeMemberAccountsDescribeMemberAccountsQueries information about members.

APITitleDescription
ChangeResourceGroupChangeResourceGroupChanges the resource group to which a protected object belongs.

Tag Management

APITitleDescription
TagResourcesTagResourcesAdds tags to resources.
ListTagKeysListTagKeysQueries tag keys.
UntagResourcesUntagResourcesRemoves tags from resources and then deletes the tags.
ListTagResourcesListTagResourcesQueries the tags that are added to a resource.
ListTagValuesListTagValuesQueries the tag values of a tag key.

APITitleDescription
ModifyHybridCloudClusterRuleModifyHybridCloudClusterRuleModifies the rule of a hybrid cloud cluster.
CreateHybridCloudGroupCreateHybridCloudGroupCreates a node group for a hybrid cloud cluster.
DescribeHybridCloudClusterRuleDescribeHybridCloudClusterRuleObtains the rule information about a hybrid cloud cluster.
ModifyHybridCloudServerModifyHybridCloudServerModifies the information about a hybrid cloud node.
ModifyHybridCloudGroupExpansionServerModifyHybridCloudGroupExpansionServerAdds a node to a node group of a hybrid cloud cluster.
ModifyHybridCloudGroupShrinkServerModifyHybridCloudGroupShrinkServerDeletes a node from a node group of a hybrid cloud cluster.
ModifyHybridCloudSdkPullinStatusModifyHybridCloudSdkPullinStatusModifies the traffic redirection status of a hybrid cloud cluster by using an SDK.
DescribeHybridCloudClustersDescribeHybridCloudClustersQueries a list of hybrid cloud clusters.