Enabling Ransomware Prevention
Function
This API is used to enable ransomware prevention. Ensure that the region has Cloud Backup and Recovery (CBR), because ransomware prevention depends on it.
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
- If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
- If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.
URI
POST /v5/{project_id}/ransomware/protection/open
Parameter | Mandatory | Type | Description |
|---|---|---|---|
project_id | Yes | String | Definition Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID. Constraints N/A Range The value contains 1 to 256 characters. Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
enterprise_project_id | No | String | Definition Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID. To query assets in all enterprise projects, set this parameter to all_granted_eps. Constraints You need to set this parameter only after the enterprise project function is enabled. Range The value can contain 1 to 256 characters. Default Value 0: default enterprise project. |
Request Parameters
Parameter | Mandatory | Type | Description |
|---|---|---|---|
X-Auth-Token | Yes | String | Definition User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token. Constraints N/A Range The value can contain 1 to 32,768 characters. Default Value N/A |
region | No | String | Definition Region ID, which is used to query assets in the required region. For details about how to obtain a region ID, see Obtaining a Region ID. Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
operating_system | Yes | String | Definition OS supported by the policy. Constraints N/A Range Its value can be: Default Value N/A |
ransom_protection_status | Yes | String | Definition Whether ransomware prevention is enabled. If ransomware prevention is enabled, specify either protection_policy_id or create_protection_policy. Constraints N/A Range Its value can be: Default Value N/A |
protection_policy_id | No | String | Definition Ransomware prevention policy ID. This parameter is mandatory if you select an existing protection policy when enabling ransomware protection. Constraints N/A Range You can enter 0 to 64 characters. Default Value N/A |
create_protection_policy | No | Definition Create a protection policy. If you enable ransomware protection and create a protection policy, protection_policy_id is left blank and create_protection_policy is mandatory. Constraints N/A Range The value can contain 0 to 64 characters. Default Value N/A | |
backup_protection_status | Yes | String | Definition Whether server backup is enabled. If server backup is enabled, backup_cycle is mandatory. Constraints N/A Range Its value can be: Default Value N/A |
backup_resources | No | BackupResources object | Definition This parameter is mandatory if backup is enabled. If this parameter is left blank, HSS is compatible with the vault bound to HSS_projectid. Constraints N/A Range 0 to 20 BackupResources objects Default Value N/A |
backup_policy_id | No | String | Definition Backup policy ID. Constraints N/A Range You can enter 0 to 64 characters. Default Value N/A |
backup_cycle | No | Backup policy. | |
agent_id_list | Yes | Array of strings | Definition IDs of agents where protection is enabled. Constraints N/A Range The list can contain 0 to 64 items. Default Value N/A |
host_id_list | Yes | Array of strings | Definition IDs of servers where protection is enabled. Constraints N/A Range The list can contain 0 to 64 items. Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
policy_id | No | String | Definition Policy ID. This parameter is optional for a new policy. Constraints N/A Range You can enter 0 to 64 characters. Default Value N/A |
policy_name | No | String | Definition Policy name. This parameter is mandatory when you create a protection policy. Constraints N/A Range You can enter 0 to 64 characters. Default Value N/A |
protection_mode | No | String | Definition Protection action. This parameter is mandatory when you create a protection policy. Constraints N/A Range Its value can be: Default Value N/A |
bait_protection_status | No | String | Definition Whether to enable honeypot protection. This parameter is mandatory when you create a protection policy. Constraints N/A Range The option is as follows: Default Value N/A |
protection_directory | No | String | Definition Protected directory. This parameter is mandatory when you create a protection policy. Constraints Separate multiple directories with semicolons (;). You can configure up to 20 directories. Range The value can contain 0 to 128 characters. Only the following special characters are allowed: ._+-. The value cannot start with a space. Up to 256 characters are allowed. Default Value N/A |
protection_type | No | String | Definition Type of the file to be protected. This parameter is mandatory when you create a protection policy. Constraints N/A Range txt, csv, rtf, doc, docx, xls, xlsx, ppt, pptx, pdf, xml, json, sql, mdf, dbf, ldf, db, myd, wdb, si, cfs, cfe, fnm, fdx, fdt, tvx, tvf, tvd, tim, nvd, nvm, dvd, dvm, jpeg, bmp, gif, png, tiff, eps, mp3, mp4, avi, mpg, wmv, RMVB, mov, 3pg, swf, flv, rar, gz, tgz, zip, 7z, cpp, c, java, asp, php, python, html, js, vdi, vmdk, vdx, ovf, qcow2, vmem, vswp, img, bak, back, cer, crt, pem, key, csr Default Value N/A |
exclude_directory | No | String | Definition (Optional) Excluded directory. Constraints Separate multiple directories with semicolons (;). You can configure up to 20 excluded directories. Range The value can contain 0 to 128 characters. Only the following special characters are allowed: ._+-. The value cannot start with a space. Up to 256 characters are allowed. Default Value N/A |
runtime_detection_status | No | String | Definition Whether to perform runtime checks. Constraints N/A Range Currently, it can only be disabled. This field is reserved. Default Value N/A |
operating_system | No | String | Definition OS that supports the policy. This parameter is mandatory when you create a protection policy. Constraints N/A Range The options are as follows: Default Value N/A |
process_whitelist | No | Array of TrustProcessInfo objects | Process whitelist |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
path | No | String | Definition Process path. Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A |
hash | No | String | Definition Process hash. Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
vault_id | No | String | Definition Select the ID of the vault to be bound. The value cannot be empty. Constraints N/A Range The value contains 0 to 64 characters. Default Value N/A |
resource_list | No | Array of ResourceInfo objects | Definition List of servers for which the backup function needs to be enabled. Constraints N/A Range 0 to 20 server IDs Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
host_id | No | String | Definition Server ID. Constraints N/A Range The value can contain 0 to 128 characters. Default Value N/A |
history_backup_status | No | String | Definition Whether to enable backup status depends on error_message or status of available servers. If error_message is left blank, backup is not enabled and the value of this field is closed. If error_message has a value, the value of this field is opened. Constraints N/A Range Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
enabled | No | Boolean | Definition Whether the policy is enabled. Constraints N/A Range Default Value true |
policy_id | No | String | Definition Policy ID. This parameter is mandatory if backup protection is enabled. Constraints N/A Range The value contains 1 to 256 characters. Default Value N/A |
operation_definition | No | Definition Scheduling parameter. Constraints N/A Range The value range is 0 to 100. Default Value N/A | |
trigger | No | BackupTriggerRequestInfo1 object | Definition Time scheduling rule for the policy. Constraints N/A Range N/A Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
day_backups | No | Integer | Definition Number of daily backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory. Constraints N/A Range The value range is 0 to 100. Default Value N/A |
max_backups | No | Integer | Definition Maximum number of backups that can be automatically created for an object. If the value is set to -1, backups will not be cleared when they reach the quantity limit. If this parameter and retention_duration_days are both left blank, the backups will be retained permanently. Constraints N/A Range The value can be -1 or in the range 1 to 99,999. Default Value -1 |
month_backups | No | Integer | Definition Number of monthly backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory. Constraints N/A Range The value range is 0 to 100. Default Value N/A |
retention_duration_days | No | Integer | Definition Backup retention period, in days. The maximum value is 99,999. If the value is set to -1, backups will not be cleared by retention duration. If this parameter and max_backups are both left blank, the backups will be retained permanently. Constraints N/A Range Value range: -1 to 99,999 Default Value -1 |
timezone | No | String | Definition Time zone where the user is located, for example, UTC+08:00 Constraints This parameter cannot be set if none of the yearly, monthly, weekly, and daily backup parameters is selected. Range ... Default Value N/A |
week_backups | No | Integer | Definition Number of weekly backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory. Constraints N/A Range The value range is 0 to 100. Default Value N/A |
year_backups | No | Integer | Definition Number of yearly backups retained, which is not affected by the allowed maximum number of retained backups. If this parameter is configured, timezone is mandatory. Constraints N/A Range The value range is 0 to 100. Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
properties | No | Definition Time rule for policy execution. This parameter is mandatory if the backup function is enabled with ransomware protection. Constraints N/A Range N/A Default Value N/A |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
pattern | No | Array of strings | Definition Scheduling rule. This parameter is mandatory if the backup function is enabled with ransomware protection. Constraints A maximum of 24 rules can be configured. Range Scheduling rule. It complies with iCalendar RFC 2445, but it supports only parameters FREQ, BYDAY, BYHOUR, BYMINUTE, and INTERVAL. FREQ can be set only to WEEKLY or DAILY. BYDAY* can be set to MO, TU, WE, TH, FR, SA, or SU (seven days of a week). BYHOUR ranges from 0 to 23 hours. BYMINUTE ranges from 0 minutes to 59 minutes. The scheduling interval must not be less than 1 hour. A maximum of 24 time points can be configured in a day. For example, if the scheduling time is 14:00 from Monday to Sunday, set the scheduling rule as follows: 'FREQ=WEEKLY;BYDAY=MO,TU,WE,TH,FR,SA,SU;BYHOUR=14;BYMINUTE=00' To start scheduling at 14:00 every day, the rule is as follows: FREQ=DAILY;INTERVAL=1;BYHOUR=14;BYMINUTE=00' Default Value N/A |
Response Parameters
Status code: 200
Request succeeded.
None
Example Requests
Enable ransomware protection for the server. The OS type is Linux, the target server ID is 71a15ecc-049f-4cca-bd28-5e90aca1817f, and the agent ID of the target server is c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8. Server backup is disabled.
POST https://{endpoint}/v5/{project_id}/ransomware/protection/open
{
"ransom_protection_status" : "opened",
"backup_protection_status" : "closed",
"operating_system" : "Linux",
"protection_policy_id" : "",
"agent_id_list" : [ "c9bed5397db449ebdfba15e85fcfc36accee125c68954daf5cab0528bab59bd8" ],
"host_id_list" : [ "71a15ecc-049f-4cca-bd28-5e90aca1817f" ],
"create_protection_policy" : {
"bait_protection_status" : "opened",
"exclude_directory" : "",
"protection_mode" : "alarm_only",
"policy_name" : "test111",
"protection_directory" : "/etc/test",
"protection_type" : "docx"
}
} Example Responses
None
Status Codes
Status Code | Description |
|---|---|
200 | Request succeeded. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
