Updating an ACL Rule
Function
This API is used to update an ACL rule.
Calling Method
For details, see Calling APIs.
URI
PUT /v1/{project_id}/acl-rule/{acl_rule_id}
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Definition: Project ID, which is used to specify the project that an asset belongs to. You can query the assets of a project by project ID. You can obtain the project ID from the API or console. For details, see Obtaining a Project ID. Constraints: N/A Range: 32-bit UUID Default Value: N/A |
acl_rule_id |
Yes |
String |
Definition: Rule ID, which can be obtained by calling the API for querying protection rules. Find the value in data.records.rule_id (The period [.] is used to separate different levels of objects). Constraints: N/A Range: N/A Default Value: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
enterprise_project_id |
No |
String |
Definition: Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0. Constraints: N/A Range: N/A Default Value: N/A |
fw_instance_id |
No |
String |
Definition: Firewall ID. It is a unique ID generated after a firewall instance is created. You can obtain the firewall ID by referring to Obtaining a Firewall ID. Constraints: N/A Range: 32-bit UUID Default Value: N/A |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Definition: User token, which carries user identity information. After the token is configured, you can use it for API authentication. You can obtain the token by referring to Obtaining a User Token. Constraints: N/A Range: N/A Default Value: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
address_type |
No |
Integer |
Definition: Internet protocol type of an IP address, which is specified by the customer. Constraints: N/A Range: 0: IPv4; 1: IPv6 Default Value: N/A |
name |
No |
String |
Definition: Rule name, which is defined by a user and is used to identify a rule. Constraints: The string lentgh can be 0 to 255 characters. Range: N/A Default Value: N/A |
direction |
No |
Integer |
Definition: Rule direction. It can be from the cloud to on-premises, or from on-premises to the cloud. Constraints: If type is set to 0 (Internet rule) or 2 (NAT rule), the direction is mandatory. Range: 0: inbound (on-premises to cloud); 1: outbound (cloud to on-premises). Default Value: N/A |
action_type |
No |
Integer |
Definition: Rule action type, which is used to distinguish the action of a rule on traffic. Constraints: Only 0 and 1 are allowed. Range: 0: permit; 1: deny Default Value: N/A |
status |
No |
Integer |
Definition: Rule status, which is used to determine whether a rule is enabled. Constraints: Only 0 and 1 are allowed. Range: 0: disable; 1: enable Default Value: N/A |
applications |
No |
Array of strings |
Definition: List of protocols that a rule applies to. Constraints: N/A Range: Rule application type. Its value can be HTTP, HTTPS, TLS1, DNS, SSH, MYSQL, SMTP, RDP, RDPS, VNC, POP3, IMAP4, SMTPS, POP3S, FTPS, ANY, or BGP. Default Value: N/A |
description |
No |
String |
Definition: Rule description, which is used to describe the usage of a rule. Constraints: N/A Range: Can contain 0 to 255 characters. Default Value: N/A |
long_connect_time_hour |
No |
Long |
Definition: Persistent connection duration (in hours). Constraints: Only numbers are allowed. Range: 0-24,000. Default Value: N/A |
long_connect_time_minute |
No |
Long |
Definition: Persistent connection duration (in minutes). Constraints: Only numbers are allowed. Range: 0–60 Default Value: N/A |
long_connect_time_second |
No |
Long |
Definition: Persistent connection duration (in seconds). Constraints: Only numbers are allowed. Range: 0–60 Default Value: N/A |
long_connect_time |
No |
Long |
Definition: Duration (in seconds) of a persistent connection, that is, the maximum duration of a traffic session. Constraints: Only numbers are allowed. Range: 1-86,400,000. Default Value: N/A |
long_connect_enable |
No |
Integer |
Definition: Specifies whether persistent connections are supported. Constraints: N/A Range: 0: not supported; 1: supported Default Value: N/A |
source |
No |
RuleAddressDto object |
Definition: Source address DTO. Constraints: N/A |
destination |
No |
RuleAddressDto object |
Definition: Destination address DTO. Constraints: N/A |
service |
No |
RuleServiceDto object |
Definition: Service object Constraints: N/A |
type |
No |
Integer |
Definition: Rule type, which is used to distinguish different protected objects. Constraints: N/A Range: 0: Internet border rule. The source and destination addresses must be EIPs or domain names. 1: Inter-VPC rule. The source and destination addresses must be private IP addresses. 2: NAT rule. The source address must be a private IP address, and the destination address must be an EIP or a domain name. Default Value: N/A |
tag |
No |
TagsVO object |
Definition: Tag object attached to a rule. Constraints: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
type |
Yes |
Integer |
Definition: Address input type, which is used to distinguish different input types. Constraints: If type is set to 0 (Internet rule) or 2 (NAT rule), the direction is mandatory. Range: 0 (manual input), 1 (associated IP address group), 2 (domain name), 3 (geographical location), 4 (domain name group) 5 (multiple objects), 6 (domain name group - network), 7 (domain name group - application). Default Value: N/A |
address_type |
No |
Integer |
Definition: IP address protocol type, which is used to distinguish different Internet protocols. Constraints: If type is set to 0 (manual input), this parameter cannot be left blank. Range: Address type: 0 (IPv4); 1: (IPv6) Default Value: N/A |
address |
No |
String |
Definition: IP address information, which is used to specify the IP addresses for a rule. Constraints: If type is set to 0 (manual input), this parameter cannot be left blank. Range: N/A Default Value: N/A |
address_set_id |
No |
String |
Definition: ID of the associated IP address group. You can query the IP address group ID by calling the API for querying address groups. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). Constraints: If type is set to 1 (associated IP address group), this parameter cannot be left blank. Range: N/A Default Value: N/A |
address_set_name |
No |
String |
Definition: Name of the associated IP address group. You can query the IP address group name by calling the API for querying address groups. Find the value in data.records.name (The period [.] is used to separate different levels of objects). Constraints: If type is set to 1 (associated IP address group), this parameter cannot be left blank. Range: N/A Default Value: N/A. |
domain_address_name |
No |
String |
Definition: Domain name or domain name group name, which is used to specify the domain name or domain name group name referenced by the rule. Constraints: If type is set to 2 or 7, the value cannot be empty and can contain up to 255 characters. Range: N/A Default Value: N/A |
region_list_json |
No |
String |
Definition: JSON value of the rule region list, which is used to specify the region name list referenced by the rule. Constraints: N/A Range: N/A Default Value: N/A |
region_list |
No |
Array of IpRegionDto objects |
Definition: Rule region list. Constraints: N/A |
domain_set_id |
No |
String |
Definition: Domain group ID, which is used to specify the domain name group referenced by a rule. Its value can be obtained by calling the API for querying the domain name group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). Constraints: The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application). Range: N/A Default Value: N/A |
domain_set_name |
No |
String |
Definition: Domain group name, which is used to specify the domain name group referenced by a rule. Its value can be obtained by calling the API for querying the domain name group list. Find the value in data.records.name (The period [.] is used to separate different levels of objects). Constraints: The value cannot be left blank when type is set to 4 (domain name group) or 7 (domain name group - application). Range: N/A Default Value: N/A |
ip_address |
No |
Array of strings |
Definition: IP address list, which is used to specify the IP address list referenced by a rule. Constraints: This parameter cannot be left blank when type is set to 5 (multiple objects). Range: N/A Default Value: N/A |
address_group |
No |
Array of strings |
Definition: Address group ID list, which is used to specify the list of address group IDs referenced by a rule. Its value can be obtained by calling the API for querying the address group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). In the search criteria, query_address_set_type must be set to 0 (user-defined address group). Constraints: This parameter cannot be left blank when type is set to 5 (multiple objects). Range: N/A Default Value: N/A |
address_group_names |
No |
Array of AddressGroupVO objects |
Definition: Address group name list. Constraints: N/A |
address_set_type |
No |
Integer |
Definition: Address group type, which is used to specify the address group type referenced by a rule. Constraints: If address is set to 1 (associated IP address group), this parameter cannot be left blank. Range: It value can be 0 (user-defined address group), 1 (WAF proxy IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group). Default Value: N/A |
predefined_group |
No |
Array of strings |
Definition: ID list of predefined address groups. It is used to specify the predefined address group ID list referenced by a rule. Its value can be obtained by calling the API for querying the address group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). In the search criteria, query_address_set_type must be set to 1 (predefined address group). Constraints: This parameter cannot be left blank when type is set to 5 (multiple objects). Range: It value can be 0 (user-defined address group), 1 (WAF proxy IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group). Default Value: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
region_id |
No |
String |
Definition: Region ID, which is used to specify the region where a rule is used. You can obtain the region ID by referring to Obtaining the Names and IDs of an Account, IAM User, Project, User Group, Region, and Agency. Constraints: N/A Range: N/A Default Value: N/A |
description_cn |
No |
String |
Definition: Region description in Chinese, which is used only for China regions and can be obtained from the region information table. Constraints: N/A Range: N/A Default Value: N/A |
description_en |
No |
String |
Definition: Region description in English, which is used only for non-China regions and can be obtained from the region information table. Constraints: N/A Range: N/A Default Value: N/A |
region_type |
No |
Integer |
Definition: Area type Constraints: N/A Range: 0: country; 1: province; 2: continent Default Value: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
address_set_type |
No |
Integer |
Address group type: 0 (user-defined address group), 1 (WAF proxy IP address group), 2 (DDoS back-to-source IP address group), or 3 (NAT64 address group). |
name |
No |
String |
Name of an associated IP address group, which can be obtained by calling the API for querying the address group list. Find the value in data.records.name (The period [.] is used to separate different levels of objects). |
set_id |
No |
String |
ID of an associated IP address group, which can be obtained by calling the API for querying the address group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
type |
Yes |
Integer |
Definition: Service input type, which is used to specify the service input type of a rule. Constraints: N/A Range: 0: manual input; 1: automatic input Default Value: N/A |
protocol |
No |
Integer |
Definition: Service protocol type, which is used to specify the service protocol type referenced by a rule. Constraints: If type is set to 0 (manual), this parameter cannot be left blank. Range: Protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (Any). Default Value: N/A |
protocols |
No |
Array of integers |
Definition: Protocol list, which is used to specify the protocol list referenced by a rule. Constraints: If type is set to 0 (manual), this parameter cannot be left blank. Range: Protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (Any). Default Value: N/A |
source_port |
No |
String |
Definition: Source port, that is, the port of the session initiator. Constraints: N/A Range: N/A Default Value: N/A |
dest_port |
No |
String |
Definition: Destination port, that is, the port of the session receiver. Constraints: N/A Range: N/A Default Value: N/A |
service_set_id |
No |
String |
Definition: Service group ID, which specifies the service group referenced by a rule. The service group ID can be obtained by calling the API for querying the service group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). Constraints: If address is set to 1 (associated IP address group), this parameter cannot be left blank. Range: N/A Default Value: N/A |
service_set_name |
No |
String |
Definition: Name of a service (protocol, source port, or destination port) group. It specifies the service group referenced by a rule. It can be obtained by calling the API for querying the service group list. Find the value in data.records.name (The period [.] is used to separate different levels of objects). Constraints: If address is set to 1 (associated IP address group), this parameter cannot be left blank. Range: N/A Default Value: N/A |
custom_service |
No |
Array of ServiceItem objects |
Definition: Custom service, which is used to specify the service referenced by a rule. Constraints: N/A Range: N/A Default Value: N/A |
predefined_group |
No |
Array of strings |
Definition: ID list of predefined service groups, which is used to specify predefined service groups referenced by a rule. Service group ID, which can be obtained by calling the API for querying the service group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). Constraints: In the search criteria, query_service_set_type must be set to 1 (predefined service group). Range: N/A Default Value: N/A |
service_group |
No |
Array of strings |
Definition: Service group ID list, which is used to specify the service groups referenced by a rule. Service group ID, which can be obtained by calling the API for querying the service group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). Constraints: In the search criteria, query_service_set_type must be set to 0 (user-defined service group). Range: N/A Default Value: N/A |
service_group_names |
No |
Array of ServiceGroupVO objects |
Definition: Name of a service (protocol, source port, or destination port) group. List. Constraints: N/A |
service_set_type |
No |
Integer |
Definition: Service group type, which is used to specify the service group type referenced by a rule. Constraints: N/A Range: 0 (user-defined service group), 1 (common web service), 2 (common remote login and ping), or 3 (common database). Default Value: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
protocol |
No |
Integer |
Definition: Protocol type, which is used to specify the network protocol of a rule. Constraints: If RuleServiceDto.type is set to 0, this parameter cannot be left blank. Range: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (Any). Default Value: N/A |
source_port |
No |
String |
Definition: Source port, that is, the port of the session initiator. Constraints: N/A Range: N/A Default Value: N/A |
dest_port |
No |
String |
Definition: Destination port, that is, the port of the session receiver. Constraints: N/A Range: N/A Default Value: N/A |
description |
No |
String |
Definition: Service (protocol, source port, or destination port) member. Constraints: The value must be a string consisting of 0 to 255 characters. Range: N/A Default Value: N/A |
name |
No |
String |
Definition: Service (protocol, source port, or destination port) member. Constraints: The value must be a string consisting of 0 to 255 characters. Range: N/A Default Value: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
name |
No |
String |
Definition: Name of a service (protocol, source port, or destination port) group. Constraints: N/A Range: N/A Default Value: N/A |
protocols |
No |
Array of integers |
Definition: Protocol List Constraints: N/A Range: Protocol type: 6 (TCP), 17 (UDP), 1 (ICMP), 58 (ICMPv6), or -1 (Any). Default Value: N/A |
service_set_type |
No |
Integer |
Definition: Type of a service (protocol, source port, or destination port) group. Constraints: N/A Range: 0: custom service group; 1: predefined service group Default Value: N/A |
set_id |
No |
String |
Definition: Service group ID, which can be obtained by calling the API for querying the service group list. Find the value in data.records.set_id (The period [.] is used to separate different levels of objects). Constraints: N/A Range: N/A Default Value: N/A |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
tag_id |
No |
String |
Definition: Rule ID Constraints: N/A Range: N/A Default Value: N/A |
tag_key |
No |
String |
Definition: Rule tag key. Constraints: N/A Range: N/A Default Value: N/A |
tag_value |
No |
String |
Definition: Rule tag value. Constraints: N/A Range: N/A Default Value: N/A |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
data |
RuleId object |
Definition: Return value for updating a rule. |
Parameter |
Type |
Description |
---|---|---|
id |
String |
Definition: Rule ID Range: N/A |
name |
String |
Definition: Rule Range: N/A |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error description. |
Example Requests
The following example shows how to update an IPv4 inbound rule. The rule name is Test rule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.
https://{Endpoint}/v1/9d80d070b6d44942af73c9c3d38e0429/acl-rule/ceaa0407-b9c8-4dfd-9eca-b6ead2dfd031 { "name" : "Test rule.", "status" : 1, "action_type" : 0, "description" : "", "source" : { "type" : 0, "address" : "1.1.1.1" }, "destination" : { "type" : 0, "address" : "2.2.2.2" }, "service" : { "type" : 0, "protocol" : 6, "source_port" : "0", "dest_port" : "0" }, "type" : 0, "address_type" : 0, "tag" : { "tag_key" : "", "tag_value" : "" }, "long_connect_enable" : 0, "direction" : 0 }
Example Responses
Status code: 200
OK
{ "data" : { "id" : "ceaa0407-b9c8-4dfd-9eca-b6ead2dfd031" } }
Status code: 400
Bad Request
{ "error_code" : "CFW.00200005", "error_msg" : "Object not found." }
SDK Sample Code
The SDK sample code is as follows.
The following example shows how to update an IPv4 inbound rule. The rule name is Test rule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.cfw.v1.region.CfwRegion; import com.huaweicloud.sdk.cfw.v1.*; import com.huaweicloud.sdk.cfw.v1.model.*; public class UpdateAclRuleSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); CfwClient client = CfwClient.newBuilder() .withCredential(auth) .withRegion(CfwRegion.valueOf("<YOUR REGION>")) .build(); UpdateAclRuleRequest request = new UpdateAclRuleRequest(); request.withAclRuleId("{acl_rule_id}"); UpdateRuleAclDto body = new UpdateRuleAclDto(); TagsVO tagbody = new TagsVO(); tagbody.withTagKey("") .withTagValue(""); RuleServiceDto servicebody = new RuleServiceDto(); servicebody.withType(0) .withProtocol(6) .withSourcePort("0") .withDestPort("0"); RuleAddressDto destinationbody = new RuleAddressDto(); destinationbody.withType(0) .withAddress("2.2.2.2"); RuleAddressDto sourcebody = new RuleAddressDto(); sourcebody.withType(0) .withAddress("1.1.1.1"); body.withTag(tagbody); body.withType(UpdateRuleAclDto.TypeEnum.NUMBER_0); body.withService(servicebody); body.withDestination(destinationbody); body.withSource(sourcebody); body.withLongConnectEnable(UpdateRuleAclDto.LongConnectEnableEnum.NUMBER_0); body.withDescription(""); body.withStatus(1); body.withActionType(UpdateRuleAclDto.ActionTypeEnum.NUMBER_0); body.withDirection(UpdateRuleAclDto.DirectionEnum.NUMBER_0); body.withName("Test rule."); body.withAddressType(UpdateRuleAclDto.AddressTypeEnum.NUMBER_0); request.withBody(body); try { UpdateAclRuleResponse response = client.updateAclRule(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
The following example shows how to update an IPv4 inbound rule. The rule name is Test rule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkcfw.v1 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = CfwClient.new_builder() \ .with_credentials(credentials) \ .with_region(CfwRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateAclRuleRequest() request.acl_rule_id = "{acl_rule_id}" tagbody = TagsVO( tag_key="", tag_value="" ) servicebody = RuleServiceDto( type=0, protocol=6, source_port="0", dest_port="0" ) destinationbody = RuleAddressDto( type=0, address="2.2.2.2" ) sourcebody = RuleAddressDto( type=0, address="1.1.1.1" ) request.body = UpdateRuleAclDto( tag=tagbody, type=0, service=servicebody, destination=destinationbody, source=sourcebody, long_connect_enable=0, description="", status=1, action_type=0, direction=0, name="Test rule.", address_type=0 ) response = client.update_acl_rule(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
The following example shows how to update an IPv4 inbound rule. The rule name is Test rule, the source is the IP address 1.1.1.1, the destination is the IP address 2.2.2.2, the service type is service, the protocol type is TCP, the source port is 0, and the destination port is 0. Persistent connections are not supported. The action is to allow. The status is enabled.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := cfw.NewCfwClient( cfw.CfwClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateAclRuleRequest{} request.AclRuleId = "{acl_rule_id}" tagKeyTag:= "" tagValueTag:= "" tagbody := &model.TagsVo{ TagKey: &tagKeyTag, TagValue: &tagValueTag, } protocolService:= int32(6) sourcePortService:= "0" destPortService:= "0" servicebody := &model.RuleServiceDto{ Type: int32(0), Protocol: &protocolService, SourcePort: &sourcePortService, DestPort: &destPortService, } addressDestination:= "2.2.2.2" destinationbody := &model.RuleAddressDto{ Type: int32(0), Address: &addressDestination, } addressSource:= "1.1.1.1" sourcebody := &model.RuleAddressDto{ Type: int32(0), Address: &addressSource, } typeUpdateRuleAclDto:= model.GetUpdateRuleAclDtoTypeEnum().E_0 longConnectEnableUpdateRuleAclDto:= model.GetUpdateRuleAclDtoLongConnectEnableEnum().E_0 descriptionUpdateRuleAclDto:= "" statusUpdateRuleAclDto:= int32(1) actionTypeUpdateRuleAclDto:= model.GetUpdateRuleAclDtoActionTypeEnum().E_0 directionUpdateRuleAclDto:= model.GetUpdateRuleAclDtoDirectionEnum().E_0 nameUpdateRuleAclDto:= "Test rule." addressTypeUpdateRuleAclDto:= model.GetUpdateRuleAclDtoAddressTypeEnum().E_0 request.Body = &model.UpdateRuleAclDto{ Tag: tagbody, Type: &typeUpdateRuleAclDto, Service: servicebody, Destination: destinationbody, Source: sourcebody, LongConnectEnable: &longConnectEnableUpdateRuleAclDto, Description: &descriptionUpdateRuleAclDto, Status: &statusUpdateRuleAclDto, ActionType: &actionTypeUpdateRuleAclDto, Direction: &directionUpdateRuleAclDto, Name: &nameUpdateRuleAclDto, AddressType: &addressTypeUpdateRuleAclDto, } response, err := client.UpdateAclRule(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
Status Code |
Description |
---|---|
200 |
OK |
400 |
Bad Request |
401 |
Unauthorized: Request error. |
403 |
Forbidden: Access forbidden. |
404 |
Not Found: Web page not found. |
500 |
Internal Server Error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot