文档首页/ 云防火墙 CFW/ API参考/ API/ IPS白名单管理/ 批量添加IPS白名单 - BatchCreateIpsWhitelist
更新时间:2026-07-07 GMT+08:00
分享

批量添加IPS白名单 - BatchCreateIpsWhitelist

功能介绍

批量添加IPS白名单

调用方法

请参见如何调用API

授权信息

账号具备所有API的调用权限,如果使用账号下的IAM用户调用当前API,该IAM用户需具备调用API所需的权限。

  • 如果使用角色与策略授权,具体权限要求请参见权限和授权项
  • 如果使用身份策略授权,当前API调用无需身份策略权限。

URI

POST /v1/{project_id}/cfw/{fw_instance_id}/ips/whitelist/batch-create

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

参数解释

项目ID,用于明确项目归属,配置后可通过该ID查询项目下资产,可以从调API处获取,也可以从控制台获取。项目ID获取方式

约束限制

不涉及

取值范围

32位UUID

默认取值

不涉及

fw_instance_id

String

参数解释

防火墙ID,用户创建防火墙实例后产生的唯一ID,配置后可区分不同防火墙,可通过防火墙ID获取方式获取

约束限制

不涉及

取值范围

36位UUID

默认取值

不涉及

请求参数

表2 请求Body参数

参数

是否必选

参数类型

描述

ips_white_list_dto_list

Array of IpsWhiteListDto objects

参数解释

添加的IPS白名单列表

约束限制

不涉及

取值范围

不涉及

默认取值

不涉及

表3 IpsWhiteListDto

参数

是否必选

参数类型

描述

source_address

String

参数解释

源地址

约束限制

不涉及

取值范围

不涉及

默认取值

不涉及

dest_address

String

参数解释

目的地址

约束限制

不涉及

取值范围

不涉及

默认取值

不涉及

ip_version

Integer

参数解释

IP类型

约束限制

不涉及

取值范围

4:表示IP类型为IPv4

6:表示IP类型为IPv6

默认取值

不涉及

name

String

参数解释

白名单名称

约束限制

不涉及

取值范围

不涉及

默认取值

不涉及

ips_id

String

参数解释

IPS规则ID,all代表所有IPS

约束限制

不涉及

取值范围

不涉及

默认取值

不涉及

effective_scopes

Array of strings

参数解释

生效范围:NAT EIP VPC HCS场景中还有VGW信息

约束限制

不涉及

取值范围

不涉及

默认取值

不涉及

description

String

参数解释

白名单描述

约束限制

不涉及

取值范围

不涉及

默认取值

不涉及

响应参数

状态码:200

表4 响应Body参数

参数

参数类型

描述

data

IpsWhitelistRespData object

参数解释

创建的白名单DATA

取值范围

不涉及

表5 IpsWhitelistRespData

参数

参数类型

描述

list_ids

Array of strings

参数解释

白名单ID列表

取值范围

不涉及

状态码:400

表6 响应Body参数

参数

参数类型

描述

error_code

String

参数解释

错误码

取值范围

不涉及

error_msg

String

参数解释

错误描述

取值范围

不涉及

请求示例

创建IPS白名单,其中IPS白名单名称为test-001,IP类型为IPv4,源IP为8.8.8.0/32,目的IP为8.8.8.0/32,生效范围为EIP

https://{Endpoint}/v1/eefb11b22d5944f2aa067954516df1cf/cfw/175572ed-67e8-4837-9776-e2e07080ea45/ips/whitelist/batch-create

{
  "ips_white_list_dto_list" : [ {
    "name" : "test-001",
    "ip_version" : 4,
    "source_address" : "8.8.8.0/32",
    "dest_address" : "8.8.8.0/32",
    "effective_scopes" : [ "EIP" ]
  } ]
}

响应示例

状态码:200

{
  "data" : {
    "list_ids" : [ "76fad07b-8304-486f-b802-943be05a3122" ]
  }
}

SDK代码示例

SDK代码示例如下。

创建IPS白名单,其中IPS白名单名称为test-001,IP类型为IPv4,源IP为8.8.8.0/32,目的IP为8.8.8.0/32,生效范围为EIP

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.cfw.v1.region.CfwRegion;
import com.huaweicloud.sdk.cfw.v1.*;
import com.huaweicloud.sdk.cfw.v1.model.*;

import java.util.List;
import java.util.ArrayList;

public class BatchCreateIpsWhitelistSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        CfwClient client = CfwClient.newBuilder()
                .withCredential(auth)
                .withRegion(CfwRegion.valueOf("<YOUR REGION>"))
                .build();
        BatchCreateIpsWhitelistRequest request = new BatchCreateIpsWhitelistRequest();
        request.withFwInstanceId("{fw_instance_id}");
        BatchCreateIpsWhiteListDto body = new BatchCreateIpsWhiteListDto();
        List<String> listIpsWhiteListDtoListEffectiveScopes = new ArrayList<>();
        listIpsWhiteListDtoListEffectiveScopes.add("EIP");
        List<IpsWhiteListDto> listbodyIpsWhiteListDtoList = new ArrayList<>();
        listbodyIpsWhiteListDtoList.add(
            new IpsWhiteListDto()
                .withSourceAddress("8.8.8.0/32")
                .withDestAddress("8.8.8.0/32")
                .withIpVersion(4)
                .withName("test-001")
                .withEffectiveScopes(listIpsWhiteListDtoListEffectiveScopes)
        );
        body.withIpsWhiteListDtoList(listbodyIpsWhiteListDtoList);
        request.withBody(body);
        try {
            BatchCreateIpsWhitelistResponse response = client.batchCreateIpsWhitelist(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

创建IPS白名单,其中IPS白名单名称为test-001,IP类型为IPv4,源IP为8.8.8.0/32,目的IP为8.8.8.0/32,生效范围为EIP

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcfw.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = CfwClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CfwRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = BatchCreateIpsWhitelistRequest()
        request.fw_instance_id = "{fw_instance_id}"
        listEffectiveScopesIpsWhiteListDtoList = [
            "EIP"
        ]
        listIpsWhiteListDtoListbody = [
            IpsWhiteListDto(
                source_address="8.8.8.0/32",
                dest_address="8.8.8.0/32",
                ip_version=4,
                name="test-001",
                effective_scopes=listEffectiveScopesIpsWhiteListDtoList
            )
        ]
        request.body = BatchCreateIpsWhiteListDto(
            ips_white_list_dto_list=listIpsWhiteListDtoListbody
        )
        response = client.batch_create_ips_whitelist(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

创建IPS白名单,其中IPS白名单名称为test-001,IP类型为IPv4,源IP为8.8.8.0/32,目的IP为8.8.8.0/32,生效范围为EIP

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth, err := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        SafeBuild()

    if err != nil {
        fmt.Println(err)
        return
    }

    hcClient, err := cfw.CfwClientBuilder().
         WithRegion(region.ValueOf("<YOUR REGION>")).
         WithCredential(auth).
         SafeBuild()


    if err != nil {
        fmt.Println(err)
        return
    }

    client := cfw.NewCfwClient(hcClient)

    request := &model.BatchCreateIpsWhitelistRequest{}
	request.FwInstanceId = "{fw_instance_id}"
	var listEffectiveScopesIpsWhiteListDtoList = []string{
        "EIP",
    }
	var listIpsWhiteListDtoListbody = []model.IpsWhiteListDto{
        {
            SourceAddress: "8.8.8.0/32",
            DestAddress: "8.8.8.0/32",
            IpVersion: int32(4),
            Name: "test-001",
            EffectiveScopes: listEffectiveScopesIpsWhiteListDtoList,
        },
    }
	request.Body = &model.BatchCreateIpsWhiteListDto{
		IpsWhiteListDtoList: listIpsWhiteListDtoListbody,
	}
	response, err := client.BatchCreateIpsWhitelist(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

400

Bad Request

错误码

请参见错误码

相关文档