Obtaining East-West Firewall Information
Function
This API is used to obtain east-west firewall information.
Calling Method
For details, see Calling APIs.
URI
GET /v1/{project_id}/firewall/east-west
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
limit |
Yes |
Integer |
Number of records displayed on each page. The value ranges from 1 to 1024. |
|
offset |
Yes |
Integer |
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0. |
|
enterprise_project_id |
No |
String |
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0. |
|
fw_instance_id |
Yes |
String |
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
User token. You can obtain the token by referring to Obtaining a User Token. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
data |
Returned data for obtaining the east-west firewall list. |
|
Parameter |
Type |
Description |
|---|---|---|
|
object_id |
String |
Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. You can obtain the ID by calling the API for querying firewall instances. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects). If type is 0, object_id is the ID of a protected object on the Internet border. If type is 1, object_id is the ID of a protected object on the VPC border. Here, a protected object ID whose type is 1 is used. You can obtain the value of type from data.records.protect_objects.type (The period [.] is used to separate different levels of objects). |
|
project_id |
String |
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID. |
|
status |
Integer |
Protection status: 0 (enabled), 1 (disabled). |
|
firewall_associated_subnets |
Array of SubnetInfo objects |
Information about the subnet associated with a cloud firewall. |
|
er |
ErInstance object |
Information about the associated enterprise router in the outbound direction. |
|
inspection_vpc |
VpcDetail object |
Information about the traffic diversion VPC. |
|
protect_infos |
Array of EwProtectResourceInfo objects |
East-west protected resource information. |
|
total |
Integer |
Total number of protected VPCs. |
|
offset |
Integer |
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0. |
|
limit |
Integer |
Number of records displayed on each page. The value ranges from 1 to 1024. |
|
mode |
String |
Protection mode. Its value is er. |
|
Parameter |
Type |
Description |
|---|---|---|
|
availability_zone |
String |
ID of the AZ where a subnet is located, which is obtained from an endpoint. For details, see Endpoints. |
|
cidr |
String |
Available IP address ranges for subnets in a VPC. Ranges: 10.0.0.0/8-24 172.16.0.0/12-24 192.168.0.0/16-24 If cidr is not specified, it is left blank by default. The value must be in CIDR format, for example, 192.168.0.0/16. |
|
name |
String |
Subnet name. |
|
id |
String |
Subnet ID. |
|
gateway_ip |
String |
Subnet gateway. The value is the IP address in the subnet CIDR block cidr. |
|
vpc_id |
String |
UUID generated when a VPC is created. |
|
ipv6_enable |
Boolean |
Whether IPv6 is supported: true (yes), false (no). |
|
Parameter |
Type |
Description |
|---|---|---|
|
id |
String |
Enterprise router ID, which is generated when an enterprise router is created. |
|
name |
String |
Enterprise router name. |
|
project_id |
String |
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID. |
|
attachment_id |
String |
Connection ID of an enterprise router. This connection is used to connect the firewall and the enterprise router. This field can be used to obtain the connection details on the connection management page after querying a specified enterprise router by its ID on the Enterprise Router page. |
|
Parameter |
Type |
Description |
|---|---|---|
|
id |
String |
Random UUID generated when a traffic diversion VPC is created. |
|
name |
String |
Traffic diversion VPC name. |
|
cidr |
String |
Available subnet ranges in a VPC. Ranges: 10.0.0.0/8-24; 172.16.0.0/12-24; and 192.168.0.0/16-24. If cidr is not specified, it is left blank by default. Constraint: The value must be in CIDR format, for example, 192.168.0.0/16. |
|
Parameter |
Type |
Description |
|---|---|---|
|
protected_resource_type |
Integer |
Protected resource type: 0 (VPC), 1 (VGW), 2 (VPN), or 3 (peering). |
|
protected_resource_name |
String |
Protected resource name. |
|
protected_resource_id |
String |
Protected resource ID. |
|
protected_resource_nat_name |
String |
Name of the NAT gateway to be protected. The professional edition supports NAT rules. |
|
protected_resource_nat_id |
String |
ID of the NAT gateway to be protected. The professional edition supports NAT rules. |
|
protected_resource_project_id |
String |
Tenant ID of a protected resource. The firewall supports cross-account protection. |
|
protected_resource_mode |
String |
Protected resource mode. Its value is er. |
|
status |
Integer |
Protection status of a protected resource: 0 (associated), 1 (not associated). |
Status code: 500
|
Parameter |
Type |
Description |
|---|---|---|
|
error_code |
String |
Error code. |
|
error_msg |
String |
Error description. |
Example Requests
Obtain information about the east-west firewall 80e0f2df-24fd-49c2-8398-11f9a0299b3e whose project ID is 09bb24e6f280d23d0f9fc0104b901480.
https://{Endpoint}/v1/09bb24e6f280d23d0f9fc0104b901480/firewall/east-west?limit=10&offset=0&fw_instance_id=80e0f2df-24fd-49c2-8398-11f9a0299b3e
Example Responses
Status code: 200
Response to the request for querying east-west firewall information.
{
"data" : {
"er" : {
"id" : "f0f5275a-40aa-4d1e-ac78-2550f7818d43",
"name" : "er",
"project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"attachment_id" : "e978c028-0ccf-4168-a015-0094ac631e88"
},
"inspection_vpc" : {
"cidr" : "10.13.13.0/24",
"id" : "3baa2248-03d4-47ac-aefa-ec6f9a30ed80",
"name" : "inspection-vpc"
},
"limit" : 50,
"mode" : "er",
"object_id" : "6cc31075-0b03-461d-aa3a-73c4765bf9ac",
"offset" : 0,
"project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"protect_infos" : [ {
"protected_resource_id" : "09b26b83-4b7c-499f-805b-50820900cd9f",
"protected_resource_mode" : "er",
"protected_resource_name" : "vpc-4",
"protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"protected_resource_type" : 0,
"status" : 0
}, {
"protected_resource_id" : "2956f917-af18-44a2-a0f2-f592633d4431",
"protected_resource_mode" : "er",
"protected_resource_name" : "vpc-t3",
"protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"protected_resource_type" : 0,
"status" : 0
}, {
"protected_resource_id" : "69d4c81f-80bd-4c28-9074-f26b400b3a34",
"protected_resource_mode" : "er",
"protected_resource_name" : "vpc-t2",
"protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"protected_resource_type" : 0,
"status" : 0
}, {
"protected_resource_id" : "e1b18d3e-8f7d-4c4e-a326-37db7bd89a3a",
"protected_resource_mode" : "er",
"protected_resource_name" : "vpc-t1",
"protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"protected_resource_type" : 0,
"status" : 0
}, {
"protected_resource_id" : "f91c1747-1325-4b39-9d58-7fac0bd2786f",
"protected_resource_mode" : "er",
"protected_resource_name" : "vpc-5",
"protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"protected_resource_type" : 0,
"status" : 0
}, {
"protected_resource_id" : "bd556a7d-447e-49eb-be17-f93af09769f5",
"protected_resource_mode" : "er",
"protected_resource_name" : "inspct-a",
"protected_resource_project_id" : "5c69cf330cda42369cbd726ee1bc5e76",
"protected_resource_type" : 0,
"status" : 1
} ],
"status" : 0,
"total" : 6
}
}
SDK Sample Code
The SDK sample code is as follows.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.cfw.v1.region.CfwRegion; import com.huaweicloud.sdk.cfw.v1.*; import com.huaweicloud.sdk.cfw.v1.model.*; public class ListEastWestFirewallSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CfwClient client = CfwClient.newBuilder() .withCredential(auth) .withRegion(CfwRegion.valueOf("<YOUR REGION>")) .build(); ListEastWestFirewallRequest request = new ListEastWestFirewallRequest(); try { ListEastWestFirewallResponse response = client.listEastWestFirewall(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcfw.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CfwClient.new_builder() \ .with_credentials(credentials) \ .with_region(CfwRegion.value_of("<YOUR REGION>")) \ .build() try: request = ListEastWestFirewallRequest() response = client.list_east_west_firewall(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := cfw.NewCfwClient( cfw.CfwClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.ListEastWestFirewallRequest{} response, err := client.ListEastWestFirewall(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Response to the request for querying east-west firewall information. |
|
400 |
Bad Request |
|
401 |
Unauthorized: Request error. |
|
403 |
Forbidden: Access forbidden. |
|
404 |
Not Found: Web page not found. |
|
500 |
Internal Server Error: Internal service error. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
