Querying Details About a Network ACL
Function
This API is used to query details about a network ACL.
This API is now available in CN North-Beijing4, CN East-Shanghai1, CN South-Guangzhou, CN South-Shenzhen, CN Southwest-Guiyang1, and AP-Singapore.
URI
GET /v3/{project_id}/vpc/firewalls/{firewall_id}
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
firewall_id |
Yes |
String |
ID of a network ACL, which uniquely identifies a network ACL. |
project_id |
Yes |
String |
Project ID. |
Request Parameters
None
Response Parameters
Status code: 200
Parameter |
Type |
Description |
|---|---|---|
firewall |
FirewallDetail object |
Response body for querying a network ACL. |
request_id |
String |
Request ID. |
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Network ACL ID, which uniquely identifies a network ACL. The value is a string in UUID format. |
name |
String |
Network ACL name. The value can contain no more than 64 characters, including letters, digits, underscores (_), hyphens (-), and periods (.). |
description |
String |
Provides supplementary information about an IP address group. The value can contain no more than 255 characters. The value cannot contain angle brackets (< or >). |
project_id |
String |
ID of the project that a network ACL belongs to. |
created_at |
String |
Time when a network ACL is created. UTC time in the format of yyyy-MM-ddTHH:mmss. The value is automatically generated by the system. |
updated_at |
String |
Time when a network ACL was last updated. UTC time in the format of yyyy-MM-ddTHH:mmss. The value is automatically generated by the system. |
admin_state_up |
Boolean |
Whether a network ACL is enabled. The value can be true or false. true indicates that the network ACL is enabled, and false indicates that the network ACL is disabled. |
status |
String |
Network ACL status. |
enterprise_project_id |
String |
ID of the enterprise project that a network ACL belongs to. The value is 0 or a string that contains a maximum of 36 characters in UUID format with hyphens (-). Value 0 indicates the default enterprise project. |
tags |
Array of ResourceTag objects |
Network ACL tags. |
associations |
Array of FirewallAssociation objects |
Subnets that are associated with a network ACL. |
ingress_rules |
Array of FirewallRuleDetail objects |
Inbound network ACL rules. |
egress_rules |
Array of FirewallRuleDetail objects |
Outbound network ACL rules. |
Parameter |
Type |
Description |
|---|---|---|
key |
String |
Tag key. Tag keys must be unique for each resource. Minimum length: 1 Maximum length: 128 |
value |
String |
Tag value. Maximum length: 255 |
Parameter |
Type |
Description |
|---|---|---|
virsubnet_id |
String |
IDs of subnets that are associated with a network ACL. |
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Network ACL rule ID, which uniquely identifies a network ACL rule. The value is a string in UUID format. |
name |
String |
Network ACL rule name. The value can contain no more than 64 characters, including letters, digits, underscores (_), hyphens (-), and periods (.). |
description |
String |
Provides supplementary information about a network ACL rule. The value can contain no more than 255 characters. The value cannot contain angle brackets (< or >). |
action |
String |
Whether a network ACL rule allows or denies traffic. The value can be allow or deny. |
project_id |
String |
ID of the project that a network ACL belongs to. |
protocol |
String |
Network ACL rule protocol. The value can be TCP, UDP, ICMP, ICMPV6, or a value from 0 to 255. |
ip_version |
Integer |
IP version of a network ACL rule. The value can be 4 (IPv4) or 6 (IPv6). |
source_ip_address |
String |
Source IP address or CIDR block of a network ACL rule. source_ip_address and source_address_group_id cannot be configured at the same time. |
destination_ip_address |
String |
Destination IP address or CIDR block of a network ACL rule. destination_ip_address and destination_address_group_id cannot be configured at the same time. |
source_port |
String |
Source ports of a network ACL rule. You can specify a single port or a port range. Separate every two entries with a comma. The default number of supported port entries is 20. |
destination_port |
String |
Destination ports of a network ACL rule. You can specify a single port or a port range. Separate every two entries with a comma. The default number of supported port entries is 20. |
source_address_group_id |
String |
Source IP address group ID of a network ACL rule. source_ip_address and source_address_group_id cannot be configured at the same time. |
destination_address_group_id |
String |
Destination IP address group ID of a network ACL rule. destination_ip_address and destination_address_group_id cannot be configured at the same time. |
Example Request
Query details about a network ACL.
GET https://{Endpoint}/v3/{project_id}/vpc/firewalls/{firewall_id}
Example Response
Status code: 200
OK
{
"firewall" : {
"id" : "e9a7731d-5bd9-4250-a524-b9a076fd5629",
"name" : "network_acl_test1",
"description" : "network_acl_test1",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"created_at" : "2022-04-07T07:30:46",
"updated_at" : "2022-04-07T07:30:46",
"admin_state_up" : true,
"enterprise_project_id" : "158ad39a-dab7-45a3-9b5a-2836b3cf93f9",
"status" : "ACTIVE",
"tags" : [ ],
"ingress_rules" : [ {
"id" : "e9a7731d-5bd9-4250-a524-b9a076fd5629",
"name" : "network_acl_rule test",
"description" : "network_acl_rule test",
"action" : "allow",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"protocol" : "tcp",
"ip_version" : 4,
"source_ip_address" : "192.168.3.0/24",
"destination_ip_address" : "192.168.6.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90",
"source_address_group_id" : null,
"destination_address_group_id" : null
} ],
"egress_rules" : [ {
"id" : "e9a7731d-5bd9-4250-a524-b9a076fd5629",
"name" : "network_acl_rule test",
"description" : "network_acl_rule test",
"action" : "allow",
"project_id" : "9476ea5a8a9849c38358e43c0c3a9e12",
"protocol" : "tcp",
"ip_version" : "4",
"source_ip_address" : "192.168.3.0/24",
"destination_ip_address" : "192.168.6.0/24",
"source_port" : "30-40,60-90",
"destination_port" : "40-60,70-90",
"source_address_group_id" : null,
"destination_address_group_id" : null
} ],
"associations" : [ {
"virsubnet_id" : "8359e5b0-353f-4ef3-a071-98e67a34a143"
} ]
}
}
Status Codes
See Status Codes.
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
