文档首页/ 安全云脑 SecMaster/ API参考/ 安全云脑 API V1/ 应急策略/ 创建重试应急策略 - CreateRetryPolicy
更新时间:2026-01-29 GMT+08:00
在线调试
CLI示例
查看PDF
分享

创建重试应急策略 - CreateRetryPolicy

功能介绍

创建重试应急策略

调用方法

请参见如何调用API

授权信息

账号具备所有API的调用权限,如果使用账号下的IAM用户调用当前API,该IAM用户需具备调用API所需的权限,具体权限要求请参见权限和授权项

URI

POST /v1/{project_id}/workspaces/{workspace_id}/soc/policys

表1 路径参数

参数

是否必选

参数类型

描述

project_id

String

参数解释:

项目ID,用于明确项目归属,配置后可通过该ID查询项目下资产,可以通过调用API获取,也可以从控制台获取。获取项目ID

约束限制:

不涉及

取值范围:

不涉及

默认取值:

不涉及

workspace_id

String

参数解释:

工作空间id。

约束限制:

不涉及

取值范围:

不涉及

默认取值:

不涉及
表2 Query参数

参数

是否必选

参数类型

描述

action_type

String

操作类型:create创建,retry重试

请求参数

表3 请求Header参数

参数

是否必选

参数类型

描述

X-Auth-Token

String

参数解释:

用户Token,通过调用IAM服务获取用户Token接口获取(响应消息头中X-Subject-Token的值)。获取用户Token

约束限制:

不涉及

取值范围:

不涉及

默认取值:

不涉及

Content-Type

String

参数解释:

内容类型

  • application/json;charset=UTF-8 普通API请求的类型

约束限制:

不涉及

取值范围:

  • application/json;charset=UTF-8

默认取值:

不涉及

X-Secmaster-Version

String

服务版本,例如25.5.0
表4 请求Body参数

参数

是否必选

参数类型

描述

data_object

data_object object

策略实体信息
表5 data_object

参数

是否必选

参数类型

描述

retry_list

Array of strings

重试策略ID

block_age

block_age object

阻断老化

block_target

String

策略对象

defense_policy_list

Array of defense_policy_list objects

与操作连接对应的策略列表

description

String

描述信息

labels

String

标签

policy_category

String

类型,WHITE/BLOCK,WHITE代表加白(将ip等对象加入白名单),BLOCK代表阻断(将ip等对象加入黑名单)

policy_type

policy_type object

阻断类型

region_id

String

区域ID

policy_direction

String

出入方向

account_scope

String

账号范围

eps_scope

String

企业项目范围

region_scope

String

region范围
表6 block_age

参数

是否必选

参数类型

描述

is_block_ageing

Boolean

是否阻断老化

block_ageing

String

老化时间,毫秒级时间戳
表7 defense_policy_list

参数

是否必选

参数类型

描述

defense_connection_id

String

操作连接ID

defense_connection_name

String

操作连接名称

defense_connection_region_id

String

防线策略归属区域ID

defense_connection_region_name

String

防线策略归属区域名称

defense_type

String

防线服务

target_enterprise_id

String

企业项目ID

target_enterprise_name

String

企业项目名称

target_project_id

String

防线策略归属项目ID

target_project_name

String

防线策略归属项目名称
表8 policy_type

参数

是否必选

参数类型

描述

policy_type

String

阻断类型:User Name/Source Ip/Domain Name

响应参数

状态码:200

表9 响应Body参数

参数

参数类型

描述

code

String

状态码

data

String

下发任务id

message

String

状态信息

request_id

String

请求id

success

Boolean

请求状态

状态码:400

表10 响应Body参数

参数

参数类型

描述

code

String

参数解释:

错误码

取值范围:

不涉及

message

String

参数解释:

错误描述

取值范围:

不涉及

请求示例

https://{endpoint}/v1/{project_id}/workspaces/{workspace_id}/soc/policys?action_type=create

{
  "data_object" : {
    "region_id" : "RegionId",
    "block_target" : "1.2.3.4",
    "policy_category" : "BLOCK",
    "description" : "",
    "labels" : "",
    "block_age" : {
      "is_block_ageing" : false,
      "block_ageing" : null
    },
    "policy_type" : {
      "policy_type" : "Source Ip"
    },
    "defense_policy_list" : [ {
      "defense_connection_id" : "84b273d3-47a8-3aba-bd00-7bdd1431d635",
      "defense_connection_name" : "CFW",
      "defense_type" : "CFW",
      "target_enterprise_id" : "0",
      "target_enterprise_name" : "default",
      "target_project_id" : "3bb27e024693436da46b5f5aaf499060",
      "target_project_name" : "RegionName",
      "defense_connection_region_id" : "RegionId",
      "defense_connection_region_name" : "RegionName"
    } ]
  }
}

响应示例

状态码:200

创建应急策略返回body体

{
  "code" : "00000000",
  "data" : "b724da59-81db-4dc9-b059-d519869e9a41",
  "message" : "",
  "request_id" : "",
  "success" : true
}

SDK代码示例

SDK代码示例如下。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
 
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.secmaster.v1.region.SecMasterRegion;
import com.huaweicloud.sdk.secmaster.v1.*;
import com.huaweicloud.sdk.secmaster.v1.model.*;

import java.util.List;
import java.util.ArrayList;

public class CreateRetryPolicySolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        SecMasterClient client = SecMasterClient.newBuilder()
                .withCredential(auth)
                .withRegion(SecMasterRegion.valueOf("<YOUR REGION>"))
                .build();
        CreateRetryPolicyRequest request = new CreateRetryPolicyRequest();
        request.withWorkspaceId("{workspace_id}");
        CreateRetryPolicyRequestBody body = new CreateRetryPolicyRequestBody();
        CreateRetryPolicyRequestBodyDataObjectPolicyType policyTypeDataObject = new CreateRetryPolicyRequestBodyDataObjectPolicyType();
        policyTypeDataObject.withPolicyType(CreateRetryPolicyRequestBodyDataObjectPolicyType.PolicyTypeEnum.fromValue("Source Ip"));
        List<CreateRetryPolicyRequestBodyDataObjectDefensePolicyList> listDataObjectDefensePolicyList = new ArrayList<>();
        listDataObjectDefensePolicyList.add(
            new CreateRetryPolicyRequestBodyDataObjectDefensePolicyList()
                .withDefenseConnectionId("84b273d3-47a8-3aba-bd00-7bdd1431d635")
                .withDefenseConnectionName("CFW")
                .withDefenseConnectionRegionId("RegionId")
                .withDefenseConnectionRegionName("RegionName")
                .withDefenseType("CFW")
                .withTargetEnterpriseId("0")
                .withTargetEnterpriseName("default")
                .withTargetProjectId("3bb27e024693436da46b5f5aaf499060")
                .withTargetProjectName("RegionName")
        );
        CreateRetryPolicyRequestBodyDataObjectBlockAge blockAgeDataObject = new CreateRetryPolicyRequestBodyDataObjectBlockAge();
        blockAgeDataObject.withIsBlockAgeing(false);
        CreateRetryPolicyRequestBodyDataObject dataObjectbody = new CreateRetryPolicyRequestBodyDataObject();
        dataObjectbody.withBlockAge(blockAgeDataObject)
            .withBlockTarget("1.2.3.4")
            .withDefensePolicyList(listDataObjectDefensePolicyList)
            .withDescription("")
            .withLabels("")
            .withPolicyCategory(CreateRetryPolicyRequestBodyDataObject.PolicyCategoryEnum.fromValue("BLOCK"))
            .withPolicyType(policyTypeDataObject)
            .withRegionId("RegionId");
        body.withDataObject(dataObjectbody);
        request.withBody(body);
        try {
            CreateRetryPolicyResponse response = client.createRetryPolicy(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdksecmaster.v1.region.secmaster_region import SecMasterRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdksecmaster.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = SecMasterClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(SecMasterRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreateRetryPolicyRequest()
        request.workspace_id = "{workspace_id}"
        policyTypeDataObject = CreateRetryPolicyRequestBodyDataObjectPolicyType(
            policy_type="Source Ip"
        )
        listDefensePolicyListDataObject = [
            CreateRetryPolicyRequestBodyDataObjectDefensePolicyList(
                defense_connection_id="84b273d3-47a8-3aba-bd00-7bdd1431d635",
                defense_connection_name="CFW",
                defense_connection_region_id="RegionId",
                defense_connection_region_name="RegionName",
                defense_type="CFW",
                target_enterprise_id="0",
                target_enterprise_name="default",
                target_project_id="3bb27e024693436da46b5f5aaf499060",
                target_project_name="RegionName"
            )
        ]
        blockAgeDataObject = CreateRetryPolicyRequestBodyDataObjectBlockAge(
            is_block_ageing=False
        )
        dataObjectbody = CreateRetryPolicyRequestBodyDataObject(
            block_age=blockAgeDataObject,
            block_target="1.2.3.4",
            defense_policy_list=listDefensePolicyListDataObject,
            description="",
            labels="",
            policy_category="BLOCK",
            policy_type=policyTypeDataObject,
            region_id="RegionId"
        )
        request.body = CreateRetryPolicyRequestBody(
            data_object=dataObjectbody
        )
        response = client.create_retry_policy(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    secmaster "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/secmaster/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := secmaster.NewSecMasterClient(
        secmaster.SecMasterClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreateRetryPolicyRequest{}
	request.WorkspaceId = "{workspace_id}"
	policyTypeDataObject := &model.CreateRetryPolicyRequestBodyDataObjectPolicyType{
		PolicyType: model.GetCreateRetryPolicyRequestBodyDataObjectPolicyTypePolicyTypeEnum().SOURCE_IP,
	}
	var listDefensePolicyListDataObject = []model.CreateRetryPolicyRequestBodyDataObjectDefensePolicyList{
        {
            DefenseConnectionId: "84b273d3-47a8-3aba-bd00-7bdd1431d635",
            DefenseConnectionName: "CFW",
            DefenseConnectionRegionId: "RegionId",
            DefenseConnectionRegionName: "RegionName",
            DefenseType: "CFW",
            TargetEnterpriseId: "0",
            TargetEnterpriseName: "default",
            TargetProjectId: "3bb27e024693436da46b5f5aaf499060",
            TargetProjectName: "RegionName",
        },
    }
	blockAgeDataObject := &model.CreateRetryPolicyRequestBodyDataObjectBlockAge{
		IsBlockAgeing: false,
	}
	descriptionDataObject:= ""
	labelsDataObject:= ""
	dataObjectbody := &model.CreateRetryPolicyRequestBodyDataObject{
		BlockAge: blockAgeDataObject,
		BlockTarget: "1.2.3.4",
		DefensePolicyList: listDefensePolicyListDataObject,
		Description: &descriptionDataObject,
		Labels: &labelsDataObject,
		PolicyCategory: model.GetCreateRetryPolicyRequestBodyDataObjectPolicyCategoryEnum().BLOCK,
		PolicyType: policyTypeDataObject,
		RegionId: "RegionId",
	}
	request.Body = &model.CreateRetryPolicyRequestBody{
		DataObject: dataObjectbody,
	}
	response, err := client.CreateRetryPolicy(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

更多编程语言的SDK代码示例,请参见API Explorer的代码示例页签,可生成自动对应的SDK代码示例。

状态码

状态码

描述

200

创建应急策略返回body体

400

创建应急策略错误返回body体

错误码

请参见错误码

父主题: 应急策略

相关文档