Help Center/ Web Application Firewall/ API Reference/ APIs/ Managing Rules/ Batch Updating Threat Intelligence Rules
Updated on 2026-05-12 GMT+08:00
Online Debugging
CLI Examples
View PDF
Share

Batch Updating Threat Intelligence Rules

Function

This API is used to batch update threat intelligence rules.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/waf/rule/ip-reputation/batch-update

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Definition

Project ID. To obtain it, log in to the Huawei Cloud console, click the username, choose My Credentials, and find the project ID in the Projects list.

Constraints

N/A

Range

The value contains 32 characters. Only letters and digits are supported.

Default Value

N/A

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Definition

User token. You can obtain it by calling the IAM API for obtaining a user token. The user token is the value of X-Subject-Token in the response header.

Constraints

N/A

Range

N/A

Default Value

N/A

Content-Type

Yes

String

Definition

Content type.

Constraints

N/A

Range

N/A

Default Value

application/json;charset=utf8
Table 3 Request body parameters

Parameter

Mandatory

Type

Description

name

Yes

String

Definition

Rule name.

Constraints

Length range: [1, 256]

Range

N/A

Default Value

N/A

description

No

String

Definition

Rule description.

Constraints

N/A

Range

N/A

Default Value

N/A

action

Yes

action object

Definition

Protective action configuration.

Constraints

N/A

Range

N/A

Default Value

N/A

type

Yes

String

Definition

Reputation type (currently, only IDC is supported).

Constraints

N/A

Range

  • idc

Default Value

N/A

tags

Yes

Array of strings

Definition

Tag list. Tags are used to specify the associated indicator identifiers. They can be queried through the ConfirmPolicyIpReputationMap API. Multiple identifiers are separated by commas (,).

Constraints

A tag can appear only once across multiple rules. That is, the tag lists of multiple rules cannot overlap.

Range

N/A

Default Value

N/A

policy_rule_ids

Yes

Array of policy_rule_ids objects

Definition

Array of policy and rule IDs. It associates a protection policy with the corresponding rule set.

Constraints

N/A

Range

N/A

Default Value

N/A
Table 4 action

Parameter

Mandatory

Type

Description

category

Yes

String

Definition

Action type

Constraints

N/A

Range

  • pass: WAF allows requests.

  • log: WAF only logs detected attacks.

  • block: WAF blocks detected attacks.

Default Value

N/A
Table 5 policy_rule_ids

Parameter

Mandatory

Type

Description

policy_id

Yes

String

Definition

Policy ID, which uniquely identifies a protection policy. You can obtain the policy ID by calling the ListPolicy API for querying the list of protection policies.

Constraints

N/A

Range

N/A

Default Value

N/A

rule_ids

Yes

Array of strings

Definition

Rule ID array, including the ID of a single threat intelligence rule in the current protection policy. You can obtain the rule ID by calling the API for querying the list of threat intelligence rules (ListIpReputationRules).

Constraints

ID of a single rule.

Range

N/A

Default Value

N/A

Response Parameters

Status code: 200

Table 6 Response body parameters

Parameter

Type

Description

policy_rule_ids

Array of policy_rule_ids objects

Definition

Policy and rule ID array. It shows the association between the protection policy and the corresponding rule IDs.

Constraints

N/A

Range

N/A

Default Value

N/A
Table 7 policy_rule_ids

Parameter

Type

Description

policy_id

String

Definition

Policy ID, which uniquely identifies a protection policy.

Constraints

N/A

Range

N/A

Default Value

N/A

rule_ids

Array of strings

Definition

Rule ID array. IDs of rules in the current protection policy are returned.

Constraints

N/A

Range

N/A

Default Value

N/A

Status code: 400

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs.

details

Array of IAM5ErrorDetails objects

The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs.
Table 9 IAM5ErrorDetails

Parameter

Type

Description

error_code

String

Error codes of the downstream service.

error_msg

String

Error messages of the downstream service.

Status code: 401

Table 10 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs.

details

Array of IAM5ErrorDetails objects

The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs.
Table 11 IAM5ErrorDetails

Parameter

Type

Description

error_code

String

Error codes of the downstream service.

error_msg

String

Error messages of the downstream service.

Status code: 500

Table 12 Response body parameters

Parameter

Type

Description

error_code

String

Error code.

error_msg

String

Error message.

encoded_authorization_message

String

You can call the decode-authorization-message interface of the STS service to decode the rejection reason. For details, see the STS5 joint commissioning and self-verification. This parameter is returned only when an IAM 5 authentication error occurs.

details

Array of IAM5ErrorDetails objects

The set of error messages reported when a downstream service is invoked. This parameter is returned only when an IAM 5 authentication error occurs.
Table 13 IAM5ErrorDetails

Parameter

Type

Description

error_code

String

Error codes of the downstream service.

error_msg

String

Error messages of the downstream service.

Example Requests

{
  "name" : "IDC IP intelligence rule - CN North4",
  "policyname" : "Protection policy for service A",
  "description" : "Intelligence matching rules based on IDC source IP addresses to block access from high-risk IP addresses.",
  "action" : {
    "category" : "captcha"
  },
  "type" : "idc",
  "tags" : [ "AliCloud", "TencentCloud" ],
  "policy_rule_ids" : [ {
    "policy_id" : "prp-8f76543210abcdefg",
    "rule_ids" : [ "rule-1234567890abcdef", "rule-0987654321fedcba" ]
  } ]
}

Example Responses

Status code: 200

Definition

OK

Constraints

N/A

Range

N/A

Default Value

N/A

{
  "policy_rule_ids" : [ {
    "rule_ids" : [ "ed37d85a925d469bb01986d06291d15f" ],
    "policy_id" : "4a34899ab17a4811a6da57742f69135a"
  } ]
}

SDK Sample Code

The SDK sample code is as follows.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.waf.v1.region.WafRegion;
import com.huaweicloud.sdk.waf.v1.*;
import com.huaweicloud.sdk.waf.v1.model.*;


public class BatchUpdateIpReputationRulesSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        WafClient client = WafClient.newBuilder()
                .withCredential(auth)
                .withRegion(WafRegion.valueOf("<YOUR REGION>"))
                .build();
        BatchUpdateIpReputationRulesRequest request = new BatchUpdateIpReputationRulesRequest();
        try {
            BatchUpdateIpReputationRulesResponse response = client.batchUpdateIpReputationRules(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkwaf.v1.region.waf_region import WafRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkwaf.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = WafClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(WafRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = BatchUpdateIpReputationRulesRequest()
        response = client.batch_update_ip_reputation_rules(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    waf "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/waf/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth, err := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        SafeBuild()

    if err != nil {
        fmt.Println(err)
        return
    }

    hcClient, err := waf.WafClientBuilder().
         WithRegion(region.ValueOf("<YOUR REGION>")).
         WithCredential(auth).
         SafeBuild()


    if err != nil {
        fmt.Println(err)
        return
    }

    client := waf.NewWafClient(hcClient)

    request := &model.BatchUpdateIpReputationRulesRequest{}
	response, err := client.BatchUpdateIpReputationRules(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

Definition

OK

Constraints

N/A

Range

N/A

Default Value

N/A

400

Definition

Request failed.

Constraints

N/A

Range

N/A

Default Value

N/A

401

Definition

The token does not have required permissions.

Constraints

N/A

Range

N/A

Default Value

N/A

500

Definition

Internal server error.

Constraints

N/A

Range

N/A

Default Value

N/A

Error Codes

See Error Codes.

Parent Topic: Managing Rules