forked from docs/cloud-firewall
13 KiB
13 KiB
- original_name
CreateEastWestFirewall.html
Create East West Firewall
Function
This API is used to create east west firewall.
URI
POST /v1/{project_id}/firewall/east-west
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| project_id | Yes | String | Project ID |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| enterprise_project_id | No | String | Enterprise project id, the id generated by the enterprise project after the user supports the enterprise project, which can be obtained by calling the ListFirewallList. |
| fw_instance_id | Yes | String | Firewall instance ID, which is automatically generated after a CFW instance is created. You can obtain the ID by calling the API used for querying a firewall instance. For details, see the API Explorer and Help Center FAQ.By default, if fw_instance_Id is not specified, information about the first firewall under the account is returned. If fw_instance_Id is specified, information about the firewall with this fw_instance_Id is returned.If object_Id is specified, information about the firewall with this object_Id is returned by default. If both fw_instance_Id and object_Id are specified, the specified object_Id must belong to the specified firewall. |
Request Parameters
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| X-Auth-Token | Yes | String | User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. |
| Parameter | Mandatory | Type | Description |
|---|---|---|---|
| er_id | No | String | Instance ID of the associated outbound ER, which can be obtained by calling the Querying Enterprise Routers API |
| inspection_cidr | Yes | String | inspection cidr |
| mode | Yes | String | east-west protection mode,only er mode is supported |
Response Parameters
Status code: 200
| Parameter | Type | Description |
|---|---|---|
| data | CreateEWFirewallResp <createeastwestfirewall__response_createewfirewallresp> object |
create east west firewall response |
| Parameter | Type | Description |
|---|---|---|
| id | String | Protected object ID, which is used to distinguish Internet border protection from VPC border protection after a CFW instance is created. |
| er | ER <createeastwestfirewall__response_er> object |
ER data |
| inspertion_vpc | CreateEWFirewallInspectVpcResp <createeastwestfirewall__response_createewfirewallinspectvpcresp> object |
inspection vpc |
| Parameter | Type | Description |
|---|---|---|
| er_id | String | ER ID |
| er_attach_id | String | ER attachment ID, connection id between CFW and ER |
| Parameter | Type | Description |
|---|---|---|
| vpc_id | String | vpc id |
| subnet_ids | Array of strings | subnet ids |
Example Requests
Create an east-west protection in ER mode under firewall 55b26ab5-e4b0-40e8-941c-a1778fe2a500, the project ID is 09bb24e6f280d23d0f9fc0104b901480, the inspection_cidr is 10.1.0.0/24, and the er_id is e0b22a23-02cf-4092-ace9-34b39e10dc77.
https://{Endpoint}/v1/09bb24e6f280d23d0f9fc0104b901480/firewall/east-west?fw_instance_id=55b26ab5-e4b0-40e8-941c-a1778fe2a500&enterprise_project_id=default
{
"inspection_cidr" : "10.1.0.0/24",
"mode" : "er",
"er_id" : "e0b22a23-02cf-4092-ace9-34b39e10dc77"
}Example Responses
Status code: 200
Create East West Firewall Response Body
{
"data" : {
"id" : "acc86ca7-818b-4c3d-8a9a-3915a2b21651",
"er" : {
"er_id" : "f0f5275a-40aa-4d1e-ac78-2550f7818d43",
"er_attach_id" : "bd62ddd3-5e20-482b-aefa-9e2940e2b1a9"
},
"inspertion_vpc" : {
"vpc_id" : "00672633-0466-4c35-99ef-5e3f5c813a4b",
"subnet_ids" : [ "294682a0-1e85-45f5-92c8-e52bee09c204", "a86277bb-35d5-4442-bc0b-2e9d4e6a9080", "95829240-14e0-47e6-b9e7-2ac228e7b00f" ]
}
}
}Status Codes
| Status Code | Description |
|---|---|
| 200 | Create East West Firewall Response Body |
Error Codes
See Error Codes <errorcode>.