Help Center/ Cloud Firewall/ API Reference/ API/ Firewall Management/ Changing the East-West Firewall Protection Status

Updated on 2024-07-01 GMT+08:00

Online Debugging

CLI Examples

View PDF

Changing the East-West Firewall Protection Status

Function

This API is used to enable or disable east-west protection.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/firewall/east-west/protect

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project.
fw_instance_id	No	String	Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall.

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.

**Table 4** Request body parameters
Parameter	Mandatory	Type	Description
object_id	Yes	String	Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. Note that the value 0 indicates the ID of a protected object on the Internet border, and the value 1 indicates the ID of a protected object on the VPC border. For details, see the API Explorer and Help Center FAQ.
status	Yes	Integer	Protection status. The value can be 0 (enabled) or 1 (disabled). Enumeration values: 0 1

Response Parameters

Status code: 200

**Table 5** Response body parameters
Parameter	Type	Description
data	data object	Response body
trace_id	String	trace id

**Table 6** data
Parameter	Type	Description
id	String	ID

Status code: 400

**Table 7** Response body parameters
Parameter	Type	Description
error_code	String	Error code Minimum: 8 Maximum: 36
error_msg	String	Description Minimum: 2 Maximum: 512

Example Requests

In the project with the ID 09bb24e6fe80d23d2fa2c010b53b418c, enable east-west firewall protection for the object with the ID 74820b38-1cc0-4f0b-8cce-32490fa840a3.

https://{Endpoint}/v1/09bb24e6fe80d23d2fa2c010b53b418c/firewall/east-west/protect

{
  "object_id" : "74820b38-1cc0-4f0b-8cce-32490fa840a3",
  "status" : 1
}

Example Responses

Status code: 200

Response body for updating the east-west protection status

{
  "data" : {
    "id" : "5c539816-7a94-4833-9df0-944b362f0797"
  }
}

Status code: 400

Bad Request

{
  "error_code" : "CFW.00200005",
  "error_msg" : "operation content does not exist"
}

SDK Sample Code

The SDK sample code is as follows.

Java

In the project with the ID 09bb24e6fe80d23d2fa2c010b53b418c, enable east-west firewall protection for the object with the ID 74820b38-1cc0-4f0b-8cce-32490fa840a3.

    
     
       
       
         package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.cfw.v1.region.CfwRegion;
import com.huaweicloud.sdk.cfw.v1.*;
import com.huaweicloud.sdk.cfw.v1.model.*;


public class ChangeEastWestFirewallStatusSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        CfwClient client = CfwClient.newBuilder()
                .withCredential(auth)
                .withRegion(CfwRegion.valueOf("<YOUR REGION>"))
                .build();
        ChangeEastWestFirewallStatusRequest request = new ChangeEastWestFirewallStatusRequest();
        request.withEnterpriseProjectId("<enterprise_project_id>");
        request.withFwInstanceId("<fw_instance_id>");
        ChangeProtectStatusRequestBody body = new ChangeProtectStatusRequestBody();
        body.withStatus(ChangeProtectStatusRequestBody.StatusEnum.NUMBER_1);
        body.withObjectId("74820b38-1cc0-4f0b-8cce-32490fa840a3");
        request.withBody(body);
        try {
            ChangeEastWestFirewallStatusResponse response = client.changeEastWestFirewallStatus(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

        

      

    
   

Python

In the project with the ID 09bb24e6fe80d23d2fa2c010b53b418c, enable east-west firewall protection for the object with the ID 74820b38-1cc0-4f0b-8cce-32490fa840a3.

    
     
       
       
         # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkcfw.v1.region.cfw_region import CfwRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkcfw.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]

    credentials = BasicCredentials(ak, sk)

    client = CfwClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(CfwRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ChangeEastWestFirewallStatusRequest()
        request.enterprise_project_id = "<enterprise_project_id>"
        request.fw_instance_id = "<fw_instance_id>"
        request.body = ChangeProtectStatusRequestBody(
            status=1,
            object_id="74820b38-1cc0-4f0b-8cce-32490fa840a3"
        )
        response = client.change_east_west_firewall_status(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

        

      

    
   

Go

In the project with the ID 09bb24e6fe80d23d2fa2c010b53b418c, enable east-west firewall protection for the object with the ID 74820b38-1cc0-4f0b-8cce-32490fa840a3.

    
     
       
       
         package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    cfw "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/cfw/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := cfw.NewCfwClient(
        cfw.CfwClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ChangeEastWestFirewallStatusRequest{}
	enterpriseProjectIdRequest:= "<enterprise_project_id>"
	request.EnterpriseProjectId = &enterpriseProjectIdRequest
	fwInstanceIdRequest:= "<fw_instance_id>"
	request.FwInstanceId = &fwInstanceIdRequest
	request.Body = &model.ChangeProtectStatusRequestBody{
		Status: model.GetChangeProtectStatusRequestBodyStatusEnum().E_1,
		ObjectId: "74820b38-1cc0-4f0b-8cce-32490fa840a3",
	}
	response, err := client.ChangeEastWestFirewallStatus(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

        

      

    
   

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code	Description
200	Response body for updating the east-west protection status
400	Bad Request
401	Unauthorized
403	Forbidden
404	Not Found
500	Internal Server Error

Error Codes

See Error Codes.

Parent topic: Firewall Management

Previous topic: Querying the Number of Protected VPCs

Next topic: List Firewall Detail

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot

Changing the East-West Firewall Protection Status

Function

Calling Method

URI

Request Parameters

Response Parameters

Example Requests

Example Responses

SDK Sample Code

Java

Python

Go

More

Status Codes

Error Codes

Feedback

Was this page helpful?