From ca5c9a334262b6a68ac82399c52a46b4dd4f9c3f Mon Sep 17 00:00:00 2001 From: qinweiwei Date: Fri, 1 Aug 2025 08:53:39 +0000 Subject: [PATCH] CFW API 20250428 version Reviewed-by: Gladkov, Maksim Co-authored-by: qinweiwei Co-committed-by: qinweiwei --- docs/cfw/api-ref/ALL_META.TXT.json | 11 +- docs/cfw/api-ref/AddLogConfig.html | 186 +-- docs/cfw/api-ref/CLASS.TXT.json | 4 +- docs/cfw/api-ref/CreateEastWestFirewall.html | 96 +- docs/cfw/api-ref/CreateFirewall.html | 92 +- docs/cfw/api-ref/ErrorCode.html | 1044 ++++++++++++----- docs/cfw/api-ref/ListEastWestFirewall.html | 420 +++---- docs/cfw/api-ref/ListJob.html | 6 +- docs/cfw/api-ref/ListLogConfig.html | 166 +-- docs/cfw/api-ref/UpdateLogConfig.html | 186 +-- docs/cfw/api-ref/cfw_02_0013.html | 74 ++ docs/cfw/api-ref/cfw_02_0015.html | 6 +- docs/cfw/api-ref/cfw_02_0017.html | 35 +- ...8728478.jpg => en-us_image_0277985093.jpg} | Bin 14 files changed, 1402 insertions(+), 924 deletions(-) rename docs/cfw/api-ref/{en-us_image_0218728478.jpg => en-us_image_0277985093.jpg} (100%) diff --git a/docs/cfw/api-ref/ALL_META.TXT.json b/docs/cfw/api-ref/ALL_META.TXT.json index d2fb1abdd..afeb2ca34 100644 --- a/docs/cfw/api-ref/ALL_META.TXT.json +++ b/docs/cfw/api-ref/ALL_META.TXT.json @@ -221,7 +221,7 @@ "node_id":"createeastwestfirewall.xml", "product_code":"cfw", "code":"12", - "des":"This API is used to create an east-west firewall.POST /v1/{project_id}/firewall/east-westStatus code: 200Under firewall 55b26ab5-e4b0-40e8-941c-a1778fe2a500 in project 09", + "des":"This API is used to create an east-west firewall.POST /v1/{project_id}/firewall/east-westStatus code: 200In project 09bb24e6f280d23d0f9fc0104b901480, create a firewall 55", "doc_type":"api", "kw":"Creating an East-West Firewall,Firewall Management,API Reference", "search_title":"", @@ -1563,13 +1563,15 @@ "node_id":"cfw_02_0013.xml", "product_code":"cfw", "code":"80", - "des":"NormalStatus CodeDescriptionDescription200OKThe request is successfully processed.AbnormalStatus CodeDescriptionDescription400Bad RequestIt is a bad request.401Unauthoriz", + "des":"NormalStatus CodeDescriptionDescription200OKThe request is successfully processed.201CreatedThe request for creating resources has been fulfilled.202AcceptedThe request h", "doc_type":"api", "kw":"Status Code,Appendix,API Reference", "search_title":"", "metedata":[ { "documenttype":"api", + "IsBot":"No;Yes", + "opensource":"true", "prodname":"cfw" } ], @@ -1587,9 +1589,8 @@ "search_title":"", "metedata":[ { - "documenttype":"api", "prodname":"cfw", - "opensource":"true" + "documenttype":"api" } ], "title":"Error Codes", @@ -1607,6 +1608,8 @@ "metedata":[ { "documenttype":"api", + "opensource":"true", + "IsBot":"Yes", "prodname":"cfw" } ], diff --git a/docs/cfw/api-ref/AddLogConfig.html b/docs/cfw/api-ref/AddLogConfig.html index ebd037bd7..31360fede 100644 --- a/docs/cfw/api-ref/AddLogConfig.html +++ b/docs/cfw/api-ref/AddLogConfig.html @@ -1,216 +1,216 @@

Adding Log Configurations

-

Function

This API is used to add log configurations.

+

Function

This API is used to add log configurations.

-

URI

POST /v1/{project_id}/cfw/logs/configuration

+

URI

POST /v1/{project_id}/cfw/logs/configuration

-
Table 1 Path Parameters

Parameter

+
- - - - - - -
Table 1 Path Parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

project_id

+

project_id

Yes

+

Yes

String

+

String

Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

+

Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.
-
Table 2 Query Parameters

Parameter

+
- - - - - - - - - - -
Table 2 Query Parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

fw_instance_id

+

fw_instance_id

Yes

+

Yes

String

+

String

Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

+

Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

enterprise_project_id

+

enterprise_project_id

No

+

No

String

+

String

Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

+

Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.
-

Request Parameters

-
Table 3 Request header parameters

Parameter

+

Request Parameters

+
- - - - - - - - - - -
Table 3 Request header parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

X-Auth-Token

+

X-Auth-Token

Yes

+

Yes

String

+

String

User token. You can obtain the token by referring to Obtaining a User Token.

+

User token. You can obtain the token by referring to Obtaining a User Token.

Content-Type

+

Content-Type

Yes

+

Yes

String

+

String

Content type. It can only be set to application/json.

+

Content type. It can only be set to application/json.
-
Table 4 Request body parameters

Parameter

+
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Table 4 Request body parameters

Parameter

Mandatory

+

Mandatory

Type

+

Type

Description

+

Description

fw_instance_id

+

fw_instance_id

Yes

+

Yes

String

+

String

Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

+

Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

lts_enable

+

lts_enable

Yes

+

Yes

Integer

+

Integer

Whether to enable LTS: 1 (yes), 0 (no). If the parameter is set to 1 then parameters lts_attack_log_stream_enable, lts_access_log_stream_enable, lts_flow_log_stream_enable must be mandatory.

+

Whether to enable LTS: 1 (yes), 0 (no). If the parameter is set to 1 then parameters lts_attack_log_stream_enable, lts_access_log_stream_enable, lts_flow_log_stream_enable must be mandatory

lts_log_group_id

+

lts_log_group_id

Yes

+

Yes

String

+

String

Log Tank Service (LTS) log group ID, which can be obtained by calling the API for querying all the log groups of an account in LTS. Find the value in log_groups.log_group_id (The period [.] is used to separate different levels of objects).

+

Log Tank Service (LTS) log group ID, which can be obtained by calling the API for querying all the log groups of an account in LTS. Find the value in log_groups.log_group_id (The period [.] is used to separate different levels of objects).

lts_attack_log_stream_id

+

lts_attack_log_stream_id

No

+

No

String

+

String

Attack log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+

Attack log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

lts_attack_log_stream_enable

+

lts_attack_log_stream_enable

No

+

No

Integer

+

Integer

Whether to enable the attack log stream: 1 (yes), 0 (no).

+

Whether to enable the attack log stream: 1 (yes), 0 (no).

lts_access_log_stream_id

+

lts_access_log_stream_id

No

+

No

String

+

String

Access control log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+

Access control log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

lts_access_log_stream_enable

+

lts_access_log_stream_enable

No

+

No

Integer

+

Integer

Whether to enable the access control stream: 1 (yes), 0 (no).

+

Whether to enable the access control stream: 1 (yes), 0 (no).

lts_flow_log_stream_id

+

lts_flow_log_stream_id

No

+

No

String

+

String

Traffic log ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+

Traffic log ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

lts_flow_log_stream_enable

+

lts_flow_log_stream_enable

No

+

No

Integer

+

Integer

Whether to enable the traffic log function: 1 (yes), 0 (no).

+

Whether to enable the traffic log function: 1 (yes), 0 (no).
-

Response Parameters

Status code: 200

+

Response Parameters

Status code: 200

-
Table 5 Response body parameters

Parameter

+
- - - - -
Table 5 Response body parameters

Parameter

Type

+

Type

Description

+

Description

data

+

data

String

+

String

Return value for adding log configurations. The value is the firewall ID.

+

Return value for adding log configurations. The value is the firewall ID.
-

Example Requests

Add log stream configurations for firewall 4d6c860a-0338-49e8-ac64-fcaeb4182ba5 in project 408972e72dcd4c1a9b033e955802a36b. The LTS group ID is 20282428-a8f9-4e75-8246-165e64cf8ba8. The access control log stream, traffic log stream, attack log stream, and LTS are disabled.

-
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/cfw/logs/configuration?fw_instance_id=4d6c860a-0338-49e8-ac64-fcaeb4182ba5&enterprise_project_id=default
+
Example Requests
Add log stream configurations for firewall 4d6c860a-0338-49e8-ac64-fcaeb4182ba5 in project 408972e72dcd4c1a9b033e955802a36b. The LTS group ID is 20282428-a8f9-4e75-8246-165e64cf8ba8. The access control log stream, traffic log stream, attack log stream, and LTS are disabled.

+
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/cfw/logs/configuration?fw_instance_id=4d6c860a-0338-49e8-ac64-fcaeb4182ba5&enterprise_project_id=default
 
 {
   "fw_instance_id" : "4d6c860a-0338-49e8-ac64-fcaeb4182ba5",
@@ -221,29 +221,29 @@
   "lts_flow_log_stream_enable" : 0
 }

 

-
Example Responses
Status code: 200

-
Return value for adding log configurations.

-
{
+
Example Responses
Status code: 200

+
Return value for adding log configurations.

+
{
   "data" : "4d6c860a-0338-49e8-ac64-fcaeb4182ba5"
 }

 

-
Status Codes

-

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

+
Status Codes

+

-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Return value for adding log configurations.

+
Return value for adding log configurations.

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/CLASS.TXT.json b/docs/cfw/api-ref/CLASS.TXT.json
index 3c30c0c4f..391717062 100644
--- a/docs/cfw/api-ref/CLASS.TXT.json
+++ b/docs/cfw/api-ref/CLASS.TXT.json
@@ -99,7 +99,7 @@
 		"code":"11"
 	},
 	{
-		"desc":"This API is used to create an east-west firewall.POST /v1/{project_id}/firewall/east-westStatus code: 200Under firewall 55b26ab5-e4b0-40e8-941c-a1778fe2a500 in project 09",
+		"desc":"This API is used to create an east-west firewall.POST /v1/{project_id}/firewall/east-westStatus code: 200In project 09bb24e6f280d23d0f9fc0104b901480, create a firewall 55",
 		"product_code":"cfw",
 		"title":"Creating an East-West Firewall",
 		"uri":"CreateEastWestFirewall.html",
@@ -711,7 +711,7 @@
 		"code":"79"
 	},
 	{
-		"desc":"NormalStatus CodeDescriptionDescription200OKThe request is successfully processed.AbnormalStatus CodeDescriptionDescription400Bad RequestIt is a bad request.401Unauthoriz",
+		"desc":"NormalStatus CodeDescriptionDescription200OKThe request is successfully processed.201CreatedThe request for creating resources has been fulfilled.202AcceptedThe request h",
 		"product_code":"cfw",
 		"title":"Status Code",
 		"uri":"cfw_02_0013.html",
diff --git a/docs/cfw/api-ref/CreateEastWestFirewall.html b/docs/cfw/api-ref/CreateEastWestFirewall.html
index 166deab14..147ae54bd 100644
--- a/docs/cfw/api-ref/CreateEastWestFirewall.html
+++ b/docs/cfw/api-ref/CreateEastWestFirewall.html
@@ -112,72 +112,25 @@
 
ID of the associated enterprise router in the outbound direction, which can be obtained by calling the API for querying the enterprise router list of the Enterprise Router service. Find the enterprise router ID in instances.id (The period [.] is used to separate different levels of objects).

 		
 
inspection_vpc_id

+
inspection_cidr

 
No

+
Yes

 		
 
String

 
Inspection VPC ID.

+
CIDR block used for creating a traffic diversion VPC.

+
Only private network address segments (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) are supported. Otherwise, route conflicts may occur in public network access scenarios, such as SNAT.

+
The CIDR block 10.6.0.0/16-10.7.0.0/16 is reserved for CFW and cannot be specified.

+
This CIDR block cannot overlap with the private CIDR block to be protected, or routing conflicts and protection failures may occur.

 		
 
er_associated_subnet

+
mode

 
No

+
Yes

 
AssociatedSubnet object

+
String

 
Subnet associated with an enterprise router.

-
firewall_associated_subnets

-
No

-
Array of AssociatedSubnet objects

-
List of subnets associated with a firewall.

-

-

-
-

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@@ -186,7 +139,7 @@
 
Response Parameters
Status code: 200

 
-
Table 5 AssociatedSubnet
Parameter

-
Mandatory

-
Type

-
Description

-
az

-
Yes

-
String

-
AZ.

-
subnet_segment

-
Yes

-
String

-
Subnet CIDR block.

-
subnet_name

-
Yes

-
String

-
Subnet name.

+
East-west firewall mode. Enter er.

 		
 

 
 
Table 6 Response body parameters
Parameter

+

@@ -205,7 +158,7 @@
 
Table 5 Response body parameters
Parameter

 		
 
Type

 

 

 
-
Table 7 CreateEWFirewallResp
Parameter

+

@@ -238,7 +191,7 @@
 
Table 6 CreateEWFirewallResp
Parameter

 		
 
Type

 

 

 
-

-
@@ -386,34 +340,6 @@
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 8 ER
Parameter

+

@@ -257,14 +210,14 @@
 
-
Table 7 ER
Parameter

 		
 
Type

 		
 
String

 
Connection ID of an enterprise router. This connection is used to connect the firewall and the enterprise router. This field can be used to obtain the connection details on the connection management page after querying a specified enterprise router by its ID on the Enterprise Router page.

+
Attachment ID of an enterprise router. This attachment is used to connect the firewall and the enterprise router. To obtain the value of this field, query the enterprise router by er_id on the Enterprise Router page, and then query the attachment on the Manage Attachment page.

 		
 

 
 

 

 
-

-
-
-
-
-
-
@@ -204,42 +194,6 @@
 
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 9 CreateEWFirewallInspectVpcResp
Parameter

+

@@ -290,26 +243,13 @@
 
Table 8 CreateEWFirewallInspectVpcResp
Parameter

 		
 
Type

 

 

 
-
Example Requests
Under firewall 55b26ab5-e4b0-40e8-941c-a1778fe2a500 in project 09bb24e6f280d23d0f9fc0104b901480, create a firewall in enterprise router mode. The enterprise router ID is 0eb296a4-aa9b-493e-b58a-ce993a16edfc, the inspection VPC is 0eb296a4-aa9b-493e-b58a-ce993a16edfd, the subnets associated with the firewall are fw-subnet and cfw-subnet, and the subnet associated with the enterprise router is er-subnet.

+
Example Requests
In project 09bb24e6f280d23d0f9fc0104b901480, create a firewall 55b26ab5-e4b0-40e8-941c-a1778fe2a500 in Enterprise Router mode. Set inspection_cidr to 10.1.0.0/24 and er_id to 0eb296a4-aa9b-493e-b58a-ce993a16edfc.

 
https://{Endpoint}/v1/09bb24e6f280d23d0f9fc0104b901480/firewall/east-west?fw_instance_id=55b26ab5-e4b0-40e8-941c-a1778fe2a500&enterprise_project_id=default
 
 {
-  "er_associated_subnet" : {
-    "cidr" : "192.168.2.0/24",
-    "name" : "er-subnet",
-    "vpc_id" : "0eb296a4-aa9b-493e-b58a-ce993a16edfd"
-  },
   "er_id" : "0eb296a4-aa9b-493e-b58a-ce993a16edfc",
-  "firewall_associated_subnets" : [ {
-    "cidr" : "192.168.1.0/24",
-    "name" : "fw-subnet",
-    "vpc_id" : "0eb296a4-aa9b-493e-b58a-ce993a16edfd"
-  }, {
-    "cidr" : "192.168.3.0/24",
-    "name" : "cfw-subnet",
-    "vpc_id" : "0eb296a4-aa9b-493e-b58a-ce993a16edfd"
-  } ],
-  "inspection_vpc_id" : "0eb296a4-aa9b-493e-b58a-ce993a16edfd"
+  "mode" : "er",
+  "inspection_cidr" : "10.1.0.0/24"
 }

 

 
Example Responses
Status code: 200

diff --git a/docs/cfw/api-ref/CreateFirewall.html b/docs/cfw/api-ref/CreateFirewall.html
index b4192a509..994d676c1 100644
--- a/docs/cfw/api-ref/CreateFirewall.html
+++ b/docs/cfw/api-ref/CreateFirewall.html
@@ -48,16 +48,6 @@
 
User token. You can obtain the token by referring to Obtaining a User Token.

 		
 
X-Client-Token

-
No

-
String

-
Identifier that ensures idempotency of client requests.

-
It is a 32-bit UUID and is generated by the client. The value must be unique.

-

 
Content-Type

 		
 
Yes

@@ -123,7 +113,7 @@
 		
 
charge_info object

 
Billing type, which can be yearly/monthly or pay-per-use (default setting).

+
Billing type, which can be pay-per-use (default setting).

 		
 

 
Billing mode. The value can only be postPaid, indicating pay-per-use billing.

 		
 
period_type

-
No

-
String

-
Leave it blank.

-
period_num

-
No

-
String

-
Leave it blank.

-
is_auto_renew

-
No

-
String

-
Leave it blank.

-
is_auto_pay

-
No

-
String

-
Leave it blank.

-

 
 

 

@@ -319,7 +273,7 @@
 
 
charge_info object

 
Billing type, which can be yearly/monthly or pay-per-use (default setting).

+
Billing type, which can be pay-per-use (default setting).

 		
 

 
Billing mode. The value can only be postPaid, indicating pay-per-use billing.

 		
 
period_type

-
String

-
Leave it blank.

-
period_num

-
String

-
Leave it blank.

-
is_auto_renew

-
String

-
Leave it blank.

-
is_auto_pay

-
String

-
Leave it blank.

-

 
 

 

@@ -445,7 +371,7 @@
 

 

 
-
Example Requests
The customer whose project ID is 124147da-5b08-471a-93d2-bc82acc290c6 subscribes to the standard firewall. The firewall name is CFW-Test, the enterprise project ID is 0, the resource tag is a key-value pair, the key is TagKey, the value is TagValue, the added number of protected EIPs is 2000, the added protection bandwidth is 5000 Mbit/s, and the added number of protected VPCs is 100. The yearly/monthly billing mode is used. Auto-renewal and auto-payment are enabled. The usage duration is one month.

+
Example Requests
The customer whose project ID is 124147da-5b08-471a-93d2-bc82acc290c6 subscribes to the standard firewall. The firewall name is CFW-Test, the enterprise project ID is 0, the resource tag is a key-value pair, the key is TagKey, the value is TagValue, the added number of protected EIPs is 2000, the added protection bandwidth is 5000 Mbit/s, and the added number of protected VPCs is 100. Pay-per-use billing is used.

 
https://{Endpoint}/v2/124147da-5b08-471a-93d2-bc82acc290c6/firewall
 
 {
@@ -462,11 +388,7 @@
     "extend_vpc_count" : 100
   },
   "charge_info" : {
-    "charge_mode" : "prePaid",
-    "period_type" : "month",
-    "period_num" : 1,
-    "is_auto_renew" : true,
-    "is_auto_pay" : true
+    "charge_mode" : "postPaid"
   }
 }

 

@@ -475,11 +397,7 @@
 
{
   "data" : {
     "charge_info" : {
-      "charge_mode" : "prePaid",
-      "is_auto_pay" : true,
-      "is_auto_renew" : true,
-      "period_num" : 1,
-      "period_type" : "month"
+      "charge_mode" : "postPaid"
     },
     "enterprise_project_id" : "0",
     "flavor" : {
diff --git a/docs/cfw/api-ref/ErrorCode.html b/docs/cfw/api-ref/ErrorCode.html
index 7ddda20ba..8f9e98cc2 100644
--- a/docs/cfw/api-ref/ErrorCode.html
+++ b/docs/cfw/api-ref/ErrorCode.html
@@ -1,589 +1,1101 @@
 
 
 
Error Codes

-

-
Status Code

+

+

-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
-
-
-
-
-
+
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/cfw/api-ref/ListEastWestFirewall.html b/docs/cfw/api-ref/ListEastWestFirewall.html
index dd76359d0..3f9d3b929 100644
--- a/docs/cfw/api-ref/ListEastWestFirewall.html
+++ b/docs/cfw/api-ref/ListEastWestFirewall.html
@@ -1,488 +1,488 @@
 
Obtaining East-West Firewall Information

-
Function
This API is used to obtain east-west firewall information.

+
Function
This API is used to obtain east-west firewall information.

 

-
URI
GET /v1/{project_id}/firewall/east-west

+
URI
GET /v1/{project_id}/firewall/east-west

 
-
Module

 
Error Codes

+
Status Code

 
Error Message

+
Error Code

 
Description

+
Message

 
Solution

+
Description

+
Measure

 		
 

 
400

+
Common module

 
CFW.00109004

+
400

 
http to external service error.

+
CFW.00109004

 
http to external service error.

+
HTTP request error

 
Try again later or contact technical support.

+
HTTP request error

+
Try again later or contact technical support.

 		
 
400

+
400

 
CFW.00200001

+
CFW.00300001

 
empty param

+
Failed to query the database.

 
empty param.

+
Failed to query the database.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00200004

+
CFW.00400008

 
can not delete for used.

+
The protected object does not exist.

 
can not delete for used.

+
The protected object does not exist.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00200005

+
CFW.00800001

 
operation content does not exist.

+
An exception occurred when querying ETCD.

 
operation content does not exist.

+
An exception occurred when querying ETCD.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00200007

+
CFW.00800002

 
name conflict.

+
An exception occurred when querying ETCD.

 
name conflict.

+
An exception occurred when querying ETCD.

 
please rename the name.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00200009

+
CFW.00800003

 
A request with the same param already exists.

+
An exception occurred when querying ETCD.

 
A request with the same param already exists.

+
An exception occurred when querying ETCD.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00200010

+
CFW.01100008

 
Config type error.

+
Configurations cannot be delivered during cluster scale-out.

 
Config type error.

+
Configurations cannot be delivered during cluster scale-out.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
DNS resolution

 
CFW.00200011

+
400

 
Not support batch operation.

+
CFW.00200005

 
Not support batch operation.

+
The domain name group in the request does not exist.

 
contact technical support.

+
The domain name group in the request does not exist.

+
Check whether the domain name group carried in the request exists.

 		
 
400

+
Deleting a domain name

 
CFW.00200013

+
400

 
url syntax error.

+
CFW.00200005

 
url syntax error.

+
The domain name group in the request does not exist.

 
contact technical support.

+
The domain name group in the request does not exist.

+
Check whether the domain name group carried in the request exists.

 		
 
400

+
Deleting a domain name group

 
CFW.00200020

+
400

 
added acl rules can't exceed 20.

+
CFW.00200004

 
added acl rules can't exceed 20.

+
The domain name group to be deleted is referenced.

 
Please reduce the number of added acl rules.

+
The domain name group to be deleted is referenced.

+
Delete the rules that reference the domain name group and then delete the domain name group.

 		
 
400

+
400

 
CFW.00200022

+
CFW.00200005

 
all IP address segments is not allowed in black and white list.

+
The domain name group in the request does not exist.

 
all IP address segments is not allowed in black and white list.

+
The domain name group in the request does not exist.

 
Please specify the black and white list ip address segment.

+
Check whether the domain name group carried in the request exists.

 		
 
400

+
Updating a domain group

 
CFW.00200023

+
400

 
PARAM_UPGRADING_TASK_OUT_OF_RANGE

+
CFW.00200005

 
PARAM_UPGRADING_TASK_OUT_OF_RANGE.

+
The domain name group in the request does not exist.

 
contact technical support.

+
The domain name group in the request does not exist.

+
Check whether the domain name group carried in the request exists.

 		
 
400

+
Querying access control logs

 
CFW.00200024

+
400

 
Exceeded maximum quantity limit.

+
CFW.00500002

 
Exceeded maximum quantity limit.

+
Invalid interval

 
contact technical support.

+
Invalid interval

+
Contact technical support.

 		
 
400

+
Querying attack logs

 
CFW.00200025

+
400

 
long connection acl rules time out of range.

+
CFW.00500002

 
long connection acl rules time out of range.

+
Invalid interval

 
Please make sure the long connection rule duration is from one second to a thousand days.

+
Invalid interval

+
Contact technical support.

 		
 
400

+
400

 
CFW.00200026

+
CFW.00500004

 
Long connection acl rules reach limit.

+
The page jump spacing is too large.

 
Long connection acl rules reach limit.

+
The page jump spacing is too large.

 
Please delete some long connection rules.

+
Contact technical support.

 		
 
400

+
Querying traffic logs

 
CFW.00200027

+
400

 
acl address is error.

+
CFW.00500002

 
acl address is error.

+
Invalid interval

 
Please make sure that the acl rule address conforms to the specification.

+
Invalid interval

+
Contact technical support.

 		
 
400

+
Querying the protected EIP list

 
CFW.00200028

+
400

 
inconsistent address types.

+
CFW.00200030

 
inconsistent address types.

+
Incorrect address type

 
Please make sure the address type is the same.

+
Incorrect address type

+
Contact technical support.

 		
 
400

+
400

 
CFW.00200030

+
CFW.00200016

 
address type is error.

+
Incorrect instance status

 
address type is error.

+
Incorrect instance status

 
contact technical support.

+
Contact technical support.

 		
 
400

+
Querying the rule list

 
CFW.00200032

+
400

 
The engine does not support IPv6.

+
CFW.00200030

 
The engine does not support IPv6.

+
Incorrect address type

 
contact technical support.

+
Incorrect address type

+
Contact technical support.

 		
 
400

+
Adding an ACL rule

 
CFW.00200036

+
400

 
The network segment cannot be changed to a private network segment.

+
CFW.00200001

 
The network segment cannot be changed to a private network segment.

+
The rule direction cannot be empty.

 
contact technical support.

+
The rule direction cannot be empty.

+
Check whether the rule direction in the request parameter is empty.

 		
 
400

+
400

 
CFW.00200041

+
CFW.00200005

 
address is null.

+
The address group ID in the request does not exist.

 
address is null.

+
The address group ID in the request does not exist.

 
Please add address type parameter.

+
Check whether the address group ID carried in the request exists.

 		
 
400

+
400

 
CFW.00200016

+
CFW.00200005

 
instance status error.

+
The service group ID in the request does not exist.

 
instance status error.

+
The service group ID in the request does not exist.

 
contact technical support.

+
Check whether the service group ID in the request exists.

 		
 
400

+
400

 
CFW.00200110

+
CFW.00200005

 
Can't operate basic defense

+
The domain name group in the request does not exist.

 
Can't operate basic defense

+
The domain name group in the request does not exist.

 
contact technical support.

+
Check whether the domain name group carried in the request exists.

 		
 
400

+
400

 
CFW.00300001

+
CFW.00200007

 
Parse command error.

+
The rule name carried in the request is the same as a rule name in the database.

 
Parse command error.

+
The rule name carried in the request is the same as a rule name in the database.

 
contact technical support.

+
Delete duplicate rules from the request.

 		
 
400

+
400

 
CFW.00400002

+
CFW.00200020

 
not need to operate.

+
Up to 20 ACL rules can be added.

 
not need to operate.

+
Up to 20 ACL rules can be added.

 
contact technical support.

+
Reduce the number of ACL rules to be added.

 		
 
400

+
400

 
CFW.00400004

+
CFW.00200025

 
item already exist.

+
The time limit of persistent connection is exceeded.

 
item already exist.

+
The time limit of persistent connection is exceeded.

 
Please delete some service items.

+
Ensure that the duration of the persistent connection is in the range from 1 second to 1000 days.

 		
 
400

+
400

 
CFW.00400006

+
CFW.00200026

 
clear rule hit count param error.

+
The number of persistent connection rules reaches the upper limit.

 
clear rule hit count param error.

+
The number of persistent connection rules reaches the upper limit.

 
Please check and confirm whether the parameter value is legal.

+
Delete unnecessary persistent connection rules.

 		
 
400

+
400

 
CFW.00400007

+
CFW.00200028

 
ACL_RULE_TYPE_INCONSISTENT.

+
Inconsistent address types

 
ACL_RULE_TYPE_INCONSISTENT.

+
Inconsistent address types

 
Make sure to add the same rule type.

+
Ensure the address types are the same.

 		
 
400

+
400

 
CFW.00400008

+
CFW.00200032

 
protect object doesn't exist.

+
The engine does not support IPv6.

 
protect object doesn't exist.

+
The engine does not support IPv6.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00400009

+
CFW.00400007

 
The number of wildcard domain name protection rules exceeds the upper limit

+
The types of the added rules are inconsistent.

 
The number of wildcard domain name protection rules exceeds the upper limit

+
The types of the added rules are inconsistent.

 
Please delete some generic domain name protection rules.

+
Ensure the types of the added rules are the same.

 		
 
400

+
400

 
CFW.00400010

+
CFW.00400010

 
not supported protocol for long connection.

+
The protocol is not supported by the persistent connection.

 
not supported protocol for long connection.

+
The protocol is not supported by the persistent connection.

 
Please make sure that the rule protocol belongs to TCP, UDP.

+
Ensure the protocol is TCP or UDP.

 		
 
400

+
Updating an ACL rule

 
CFW.00400011

+
400

 
BLACK_WHITE_LIST_REPEAT.

+
CFW.00200005

 
BLACK_WHITE_LIST_REPEAT.

+
The address group ID in the request does not exist.

 
Make sure to add a different black and white list.

+
The address group ID in the request does not exist.

+
Check whether the address group ID carried in the request is correct.

 		
 
400

+
400

 
CFW.00400012

+
CFW.00200005

 
East west protection not existed,private Ip blackWhite list cannot be submitted.

+
The service group ID in the request does not exist.

 
East west protection not existed,private Ip blackWhite list cannot be submitted.

+
The service group ID in the request does not exist.

 
Please add east-west protection.

+
Check whether the service group ID carried in the request is correct.

 		
 
400

+
400

 
CFW.00400013

+
CFW.00200005

 
The number of blocklists or trustlists exceeds the maximum 2000.

+
The domain name group in the request does not exist.

 
The number of blocklists or trustlists exceeds the maximum 2000.

+
The domain name group in the request does not exist.

 
Please delete some black and white lists.

+
Check whether the domain name group carried in the request is correct.

 		
 
400

+
400

 
CFW.00500002

+
CFW.00200007

 
time range error.

+
The rule name carried in the request is the same as a rule name in the database.

 
time range error.

+
The rule name carried in the request is the same as a rule name in the database.

 
contact technical support.

+
Delete duplicate rules from the request.

 		
 
400

+
400

 
CFW.00500004

+
CFW.00200025

 
time range error.

+
The time limit of persistent connection is exceeded.

 
time range error.

+
The time limit of persistent connection is exceeded.

 
contact technical support.

+
Ensure that the duration of the persistent connection is in the range from 1 second to 1000 days.

 		
 
400

+
400

 
CFW.00600003

+
CFW.00200026

 
HTTP response status code does not match.

+
The number of persistent connection rules reaches the upper limit.

 
HTTP response status code does not match.

+
The number of persistent connection rules reaches the upper limit.

 
contact technical support.

+
Delete unnecessary persistent connection rules.

 		
 
400

+
400

 
CFW.00700001

+
CFW.00200028

 
er not exist error.

+
Inconsistent address types

 
er not exist error.

+
Inconsistent address types

 
Please check if er exists.

+
Ensure the address types are the same.

 		
 
400

+
400

 
CFW.00700002

+
CFW.00400010

 
vpc not exist error.

+
The protocol is not supported by the persistent connection.

 
vpc not exist error.

+
The protocol is not supported by the persistent connection.

 
Please check if vpc exists.

+
Ensure the protocol is TCP or UDP.

 		
 
400

+
Modifying the priority of an ACL rule

 
CFW.00700003

+
400

 
associated subnet conflict.

+
CFW.00400002

 
associated subnet conflict.

+
No operation is required.

 
Please make sure that the created subnet does not overlap with the subnet segment under the existing vpc.

+
No operation is required.

+
Contact technical support.

 		
 
400

+
Deleting the rule hit count

 
CFW.00700004

+
400

 
create subnet error.

+
CFW.00400006

 
create subnet error.

+
An error occurred when the rule hit count is deleted.

 
contact technical support.

+
An error occurred when the rule hit count is deleted.

+
Check whether the parameter value is valid.

 		
 
400

+
Creating an east-west CFW instance

 
CFW.00700007

+
400

 
er attach vpc error.

+
CFW.00700001

 
er attach vpc error.

+
The associated ER does not exist.

 
contact technical support.

+
The associated ER does not exist.

+
The associated ER does not exist.

 		
 
400

+
400

 
CFW.00700012

+
CFW.00700002

 
change route error.

+
The associated VPC does not exist.

 
change route error.

+
The associated VPC does not exist.

 
contact technical support.

+
Check whether the VPC exists.

 		
 
400

+
400

 
CFW.00700015

+
CFW.00700003

 
Get VPC quotas error.

+
The network segments of the associated subnets conflict.

 
Get VPC quotas error.

+
The network segments of the associated subnets conflict.

 
contact technical support.

+
Ensure the subnet to be created does not overlap with the subnet CIDR block in the existing VPC.

 		
 
400

+
400

 
CFW.00700016

+
CFW.00700004

 
Vpc contain route table quota not enough.

+
Failed to create the subnet.

 
Vpc contain route table quota not enough.

+
Failed to create the subnet.

 
Please delete the existing routing table under vpc.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00800001

+
CFW.00700007

 
An error occurred when querying from etcd.

+
ER failed to create a VPC connection

 
An error occurred when querying from etcd.

+
ER failed to create a VPC connection

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00800002

+
CFW.00700012

 
An error occurred when deleting from etcd.

+
Failed to modify the route.

 
An error occurred when deleting from etcd.

+
Failed to modify the route.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00800003

+
CFW.00700015

 
An error occurred when save to etcd.

+
Failed to query VPC quotas.

 
An error occurred when save to etcd.

+
Failed to query VPC quotas.

 
contact technical support.

+
Contact technical support.

 		
 
400

+
400

 
CFW.00900016

+
CFW.00700016

 
The import task is in progress. Please operate after the task is completed.

+
Insufficient route table quota for the VPC.

 
The import task is in progress. Please operate after the task is completed.

+
Insufficient route table quota for the VPC.

 
Please wait some time until the import task finishes.

+
Delete the existing route table in the VPC.

 		
 
400

+
Changing the east-west protection status

 
CFW.00900020

+
400

 
Address groups exceed the maximum limit

+
CFW.00200016

 
Address groups exceed the maximum limit

+
Incorrect instance status

 
Please delete some address groups.

+
Incorrect instance status

+
Contact technical support.

 		
 
400

+
Creating a firewall

 
CFW.00900030

+
400

 
Global services reach limit.

+
CFW.00600003

 
Global services reach limit.

+
The available specifications are empty.

 
Please delete some service items.

+
The available specifications are empty.

+
Contact technical support.

 		
 
400

+
Deleting a firewall

 
CFW.01100008

+
400

 
Configurations cannot be delivered during cluster capacity expansion.

+
CFW.00200016

 
Configurations cannot be delivered during cluster capacity expansion.

+
Incorrect instance status

 
contact technical support.

+
Incorrect instance status

+
Contact technical support.

+
Adding an address group

+
400

+
CFW.00200001

+
The address group name is empty.

+
The address group name is empty.

+
Check whether the address group name in the request is empty.

+
400

+
CFW.00200007

+
The address group name carried in the request is the same as an address group name in the database.

+
The address group name carried in the request is the same as an address group name in the database.

+
Delete duplicate address group names from the request.

+
400

+
CFW.00200032

+
The engine does not support IPv6.

+
The engine does not support IPv6.

+
Contact technical support.

+
400

+
CFW.00900020

+
The number of address groups exceeds the upper limit.

+
The number of address groups exceeds the upper limit.

+
Delete some address groups.

+
Adding an address group member list

+
400

+
CFW.00200001

+
The address group member list is empty.

+
The address group member list is empty.

+
Check whether the address group member list in the request is empty.

+
Obtaining the address group list

+
400

+
CFW.00200030

+
Incorrect address type

+
Incorrect address type

+
Contact technical support.

+
Updating an address group

+
400

+
CFW.00200005

+
The address group in the request does not exist.

+
The address group in the request does not exist.

+
Check whether the address group carried in the request exists.

+
400

+
CFW.00200007

+
The address group name carried in the request is the same as an address group name in the database.

+
The address group name carried in the request is the same as an address group name in the database.

+
Delete duplicate address group names from the request.

+
400

+
CFW.00200016

+
Incorrect instance status

+
Incorrect instance status

+
Contact technical support.

+
Deleting an address group

+
400

+
CFW.00200004

+
The address group to be deleted is being referenced.

+
The address group to be deleted is being referenced.

+
Delete the rules that reference the address group and then delete the address group.

+
400

+
CFW.00200005

+
The address group in the request does not exist.

+
The address group in the request does not exist.

+
Check whether the address group carried in the request exists.

+
Updating members in an address group

+
400

+
CFW.00400004

+
The member already exists.

+
The member already exists.

+
Delete unnecessary address group members.

+
Adding a service group

+
400

+
CFW.00200007

+
The service group name carried in the request is the same as a service group name in the database.

+
The service group name carried in the request is the same as a service group name in the database.

+
Delete duplicate service group names from the request.

+
400

+
CFW.00200024

+
The number of added service groups exceeds the upper limit.

+
The number of added service groups exceeds the upper limit.

+
Remove unnecessary service groups and try again.

+
Adding a member to a service group

+
400

+
CFW.00400004

+
The member already exists.

+
The member already exists.

+
Delete unnecessary service group members.

+
400

+
CFW.00900030

+
The total number of services reaches the upper limit.

+
The total number of services reaches the upper limit.

+
Delete unnecessary service group members.

+
Updating a service group

+
400

+
CFW.00200005

+
The service group in the request does not exist.

+
The service group in the request does not exist.

+
Check whether the service group in the request exists.

+
400

+
CFW.00200007

+
The address group name carried in the request is the same as an address group name in the database.

+
The address group name carried in the request is the same as an address group name in the database.

+
Delete duplicate service group names from the request.

+
Deleting a service group

+
400

+
CFW.00200004

+
The service group to be deleted is being referenced.

+
The service group to be deleted is being referenced.

+
Delete the rules that reference the service group and then delete the address group.

+
400

+
CFW.00200005

+
The service group in the request does not exist.

+
The service group in the request does not exist.

+
Check whether the service group in the request exists.

+
Updating a member in a service group

+
400

+
CFW.00400004

+
The member already exists.

+
The member already exists.

+
Delete unnecessary service group members.

+
Configuring the blacklist or whitelist

+
400

+
CFW.00200022

+
It is not allowed to configuring all IP address segments in the blacklist and whitelist.

+
It is not allowed to configuring all IP address segments in the blacklist and whitelist.

+
Set specific IP address segments in the blacklist and whitelist.

+
400

+
CFW.00200016

+
Incorrect instance status

+
Incorrect instance status

+
Contact technical support.

+
400

+
CFW.00200032

+
The engine does not support IPv6.

+
The engine does not support IPv6.

+
Contact technical support.

+
400

+
CFW.00400011

+
Duplicate blacklist and whitelist information.

+
Duplicate blacklist and whitelist information.

+
Ensure unique blacklist and whitelist items are added.

+
400

+
CFW.00400012

+
East-west protection does not support IPv6, and the private IP address blacklist and whitelist cannot be delivered.

+
East-west protection does not support IPv6, and the private IP address blacklist and whitelist cannot be delivered.

+
Add east-west protection.

+
400

+
CFW.00400013

+
The number of records in the blacklist and whitelist has reached the upper limit (2000).

+
The number of records in the blacklist and whitelist has reached the upper limit (2000).

+
Delete unnecessary blacklist or whitelist items.

+
Updating the blacklist or whitelist

+
400

+
CFW.00200005

+
The blacklist or whitelist item carried in the request does not exist.

+
The blacklist or whitelist item carried in the request does not exist.

+
Check whether the blacklist and whitelist items carried in the request exist.

+
400

+
CFW.00200005

+
The blacklist or whitelist item carried in the request does not exist.

+
The blacklist or whitelist item carried in the request does not exist.

+
Check whether the blacklist and whitelist items carried in the request exist.

+
400

+
CFW.00200022

+
It is not allowed to configuring all IP address segments in the blacklist and whitelist.

+
It is not allowed to configuring all IP address segments in the blacklist and whitelist.

+
Set specific IP address segments in the blacklist and whitelist.

+
400

+
CFW.00200032

+
The engine does not support IPv6.

+
The engine does not support IPv6.

+
Contact technical support.

+
400

+
CFW.00200036

+
The CIDR block cannot be changed to a private network segment.

+
The CIDR block cannot be changed to a private network segment.

+
Contact technical support.

+
400

+
CFW.00200016

+
Incorrect instance status

+
Incorrect instance status

+
Contact technical support.

+
400

+
CFW.00400011

+
Duplicate blacklist and whitelist information.

+
Duplicate blacklist and whitelist information.

+
Ensure unique blacklist and whitelist items are added.

+
400

+
CFW.00200028

+
Inconsistent address types

+
Inconsistent address types

+
Ensure the address types are the same.

+
Removing a blacklisted or whitelisted item

+
400

+
CFW.00200005

+
The blacklist or whitelist item carried in the request does not exist.

+
The blacklist or whitelist item carried in the request does not exist.

+
Check whether the blacklist and whitelist items carried in the request exist.

+
User-defined IPS rules

+
400

+
CFW.00200016

+
Incorrect instance status

+
Incorrect instance status

+
Contact technical support.

+
Changing the IPS switch status

+
400

+
CFW.00200023

+
Failed to call the background API for modifying the IPS switch status.

+
Failed to call the background API for modifying the IPS switch status.

+
Try again later or contact technical support.

+
400

+
CFW.00200110

+
Basic defense cannot be operated.

+
Basic defense cannot be operated.

+
Contact technical support.

+
Changing the EIP protection mode

+
400

+
CFW.00200016

+
Incorrect instance status

+
Incorrect instance status

+
Contact technical support.

 		
 

 
 
 
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

+
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
limit

+
limit

 
Yes

+
Yes

 
Integer

+
Integer

 
Number of records displayed on each page. The value ranges from 1 to 1024.

+
Number of records displayed on each page. The value ranges from 1 to 1024.

 		
 
offset

+
offset

 
Yes

+
Yes

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

+
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

 		
 
fw_instance_id

+
fw_instance_id

 
Yes

+
Yes

 
String

+
String

 
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

+
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. You can obtain the token by referring to Obtaining a User Token.

+
User token. You can obtain the token by referring to Obtaining a User Token.

 		
 
Content-Type

+
Content-Type

 
Yes

+
Yes

 
String

+
String

 
Content type. It can only be set to application/json.

+
Content type. It can only be set to application/json.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
GetEastWestFirewallResponseBody object

+
GetEastWestFirewallResponseBody object

 
Returned data for obtaining the east-west firewall list.

+
Returned data for obtaining the east-west firewall list.

 		
 

 
 

 

 
-
Table 5 GetEastWestFirewallResponseBody
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 GetEastWestFirewallResponseBody
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
object_id

+
object_id

 
String

+
String

 
Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. You can obtain the ID by calling the API for querying firewall instances. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects). If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border. Here, a protected object ID whose type is 1 is used. You can obtain the value of type from data.records.protect_objects.type (The period [.] is used to separate different levels of objects).

+
Protected object ID, which is used to distinguish between Internet border protection and VPC border protection after a cloud firewall is created. You can obtain the ID by calling the API for querying firewall instances. In the return value, find the ID in data.records.protect_objects.object_id (The period [.] is used to separate different levels of objects). If the value of type is 0, the protected object ID belongs to the Internet border. If the value of type is 1, the protected object ID belongs to the VPC border. Here, a protected object ID whose type is 1 is used. You can obtain the value of type from data.records.protect_objects.type (The period [.] is used to separate different levels of objects).

 		
 
project_id

+
project_id

 
String

+
String

 
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

+
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

 		
 
status

+
status

 
Integer

+
Integer

 
Protection status: 0 (enabled), 1 (disabled).

+
Protection status: 0 (enabled), 1 (disabled).

 		
 
firewall_associated_subnets

+
firewall_associated_subnets

 
Array of SubnetInfo objects

+
Array of SubnetInfo objects

 
Information about the subnet associated with a cloud firewall.

+
Information about the subnet associated with a cloud firewall.

 		
 
er

+
er

 
ErInstance object

+
ErInstance object

 
Information about the associated enterprise router in the outbound direction.

+
Information about the associated enterprise router in the outbound direction.

 		
 
inspection_vpc

+
inspection_vpc

 
VpcDetail object

+
VpcDetail object

 
Information about the inspection VPC.

+
Information about the inspection VPC.

 		
 
protect_infos

+
protect_infos

 
Array of EwProtectResourceInfo objects

+
Array of EwProtectResourceInfo objects

 
East-west protected resource information.

+
East-west protected resource information.

 		
 
total

+
total

 
Integer

+
Integer

 
Total number of protected VPCs.

+
Total number of protected VPCs.

 		
 
offset

+
offset

 
Integer

+
Integer

 
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

+
Offset, which specifies the start position of the record to be returned. The value must be a number no less than 0. The default value is 0.

 		
 
limit

+
limit

 
Integer

+
Integer

 
Number of records displayed on each page. The value ranges from 1 to 1024.

+
Number of records displayed on each page. The value ranges from 1 to 1024.

 		
 
mode

+
mode

 
String

+
String

 
Protection mode. Its value is er.

+
Protection mode. Its value is er.

 		
 

 
 

 

 
-
Table 6 SubnetInfo
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 6 SubnetInfo
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
availability_zone

+
availability_zone

 
String

+
String

 
ID of the AZ where a subnet is located, which is obtained from an endpoint.

+
ID of the AZ where a subnet is located, which is obtained from an endpoint.

 		
 
cidr

+
cidr

 
String

+
String

 
Available IP address ranges for subnets in a VPC.

-
Value ranges:

-
10.0.0.0/8-24

-
172.16.0.0/12-24

-
192.168.0.0/16-24

-
If cidr is not specified, it is left blank by default.

-
The value must be in CIDR format, for example, 192.168.0.0/16.

+
Available IP address ranges for subnets in a VPC.

+
Value ranges:

+
10.0.0.0/8-24

+
172.16.0.0/12-24

+
192.168.0.0/16-24

+
If cidr is not specified, it is left blank by default.

+
The value must be in CIDR format, for example, 192.168.0.0/16.

 		
 
name

+
name

 
String

+
String

 
Subnet name.

+
Subnet name.

 		
 
id

+
id

 
String

+
String

 
Subnet ID.

+
Subnet ID.

 		
 
gateway_ip

+
gateway_ip

 
String

+
String

 
Subnet gateway. The value is the IP address in the subnet CIDR block cidr.

+
Subnet gateway. The value is the IP address in the subnet CIDR block cidr.

 		
 
vpc_id

+
vpc_id

 
String

+
String

 
UUID generated when a VPC is created.

+
UUID generated when a VPC is created.

 		
 
ipv6_enable

+
ipv6_enable

 
Boolean

+
Boolean

 
Whether IPv6 is supported: true (yes), false (no).

+
Whether IPv6 is supported: true (yes), false (no).

 		
 

 
 

 

 
-
Table 7 ErInstance
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 7 ErInstance
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
id

+
id

 
String

+
String

 
Enterprise router ID, which is generated when an enterprise router is created.

+
Enterprise router ID, which is generated when an enterprise router is created.

 		
 
name

+
name

 
String

+
String

 
Enterprise router name.

+
Enterprise router name.

 		
 
state

+
state

 
String

+
String

 
Enterprise router status: pending, available, modifying, deleting, or failed.

+
Enterprise router status: pending, available, modifying, deleting, or failed.

 		
 
enterprise_project_id

+
enterprise_project_id

 
String

+
String

 
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

+
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

 		
 
project_id

+
project_id

 
String

+
String

 
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

+
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

 		
 
enable_ipv6

+
enable_ipv6

 
String

+
String

 
Whether to enable IPv6: true (yes), false (no).

+
Whether to enable IPv6: true (yes), false (no).

 		
 
attachment_id

+
attachment_id

 
String

+
String

 
Connection ID of an enterprise router. This connection is used to connect the firewall and the enterprise router. This field can be used to obtain the connection details on the connection management page after querying a specified enterprise router by its ID on the Enterprise Router page.

+
Attachment ID of an enterprise router. This attachment is used to connect the firewall and the enterprise router. To obtain the value of this field, query the enterprise router by er_id on the Enterprise Router page, and then query the attachment on the Manage Attachment page.

 		
 

 
 

 

 
-
Table 8 VpcDetail
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 8 VpcDetail
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
id

+
id

 
String

+
String

 
Random UUID generated when a inspection VPC is created.

+
Random UUID generated when a inspection VPC is created.

 		
 
name

+
name

 
String

+
String

 
Inspection VPC name.

+
Inspection VPC name.

 		
 
cidr

+
cidr

 
String

+
String

 
Available subnet ranges in a VPC. Value ranges: 10.0.0.0/8-24; 172.16.0.0/12-24; and 192.168.0.0/16-24. If cidr is not specified, it is left blank by default. Constraint: The value must be in CIDR format, for example, 192.168.0.0/16.

+
Available subnet ranges in a VPC. Value ranges: 10.0.0.0/8-24; 172.16.0.0/12-24; and 192.168.0.0/16-24. If cidr is not specified, it is left blank by default. Constraint: The value must be in CIDR format, for example, 192.168.0.0/16.

 		
 

 
 

 

 
-
Table 9 EwProtectResourceInfo
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 9 EwProtectResourceInfo
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
protected_resource_type

+
protected_resource_type

 
Integer

+
Integer

 
Protected resource type: 0 (VPC), 1 (VGW), 2 (VPN), or 3 (peering).

+
Protected resource type: 0 (VPC), 1 (VGW), 2 (VPN), or 3 (peering).

 		
 
protected_resource_name

+
protected_resource_name

 
String

+
String

 
Protected resource name.

+
Protected resource name.

 		
 
protected_resource_id

+
protected_resource_id

 
String

+
String

 
Protected resource ID.

+
Protected resource ID.

 		
 
protected_resource_nat_name

+
protected_resource_nat_name

 
String

+
String

 
Name of the NAT gateway to be protected. The professional edition supports NAT rules.

+
Name of the NAT gateway to be protected. The professional edition supports NAT rules.

 		
 
protected_resource_nat_id

+
protected_resource_nat_id

 
String

+
String

 
ID of the NAT gateway to be protected. The professional edition supports NAT rules.

+
ID of the NAT gateway to be protected. The professional edition supports NAT rules.

 		
 
protected_resource_project_id

+
protected_resource_project_id

 
String

+
String

 
Tenant ID of a protected resource. The firewall supports cross-account protection.

+
Tenant ID of a protected resource. The firewall supports cross-account protection.

 		
 
protected_resource_mode

+
protected_resource_mode

 
String

+
String

 
Protected resource mode. Its value is er.

+
Protected resource mode. Its value is er.

 		
 
status

+
status

 
Integer

+
Integer

 
Protection status of a protected resource: 0 (associated), 1 (not associated).

+
Protection status of a protected resource: 0 (associated), 1 (not associated).

 		
 

 
 

 

-
Status code: 500

+
Status code: 500

 
-
Table 10 Response body parameters
Parameter

+

-
-
-
-
-
-
-
-
Table 10 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
error_code

+
error_code

 
String

+
String

 
Error code.

+
Error code.

 		
 
error_msg

+
error_msg

 
String

+
String

 
Error description.

+
Error description.

 		
 

 
 

 

 
-
Example Requests
Obtain information about the east-west firewall 80e0f2df-24fd-49c2-8398-11f9a0299b3e whose project ID is 09bb24e6f280d23d0f9fc0104b901480.

-
https://{Endpoint}/v1/09bb24e6f280d23d0f9fc0104b901480/firewall/east-west?limit=10&offset=0&fw_instance_id=80e0f2df-24fd-49c2-8398-11f9a0299b3e

+
Example Requests
Obtain information about the east-west firewall 80e0f2df-24fd-49c2-8398-11f9a0299b3e whose project ID is 09bb24e6f280d23d0f9fc0104b901480.

+
https://{Endpoint}/v1/09bb24e6f280d23d0f9fc0104b901480/firewall/east-west?limit=10&offset=0&fw_instance_id=80e0f2df-24fd-49c2-8398-11f9a0299b3e

 

-
Example Responses
Status code: 200

-
Response to the request for querying east-west firewall information.

-
{
+
Example Responses
Status code: 200

+
Response to the request for querying east-west firewall information.

+
{
   "data" : {
     "er" : {
       "id" : "9635a8c7-6274-4e23-836c-7f3061894fd7",
@@ -534,48 +534,48 @@
   }
 }

 

-
Status Codes

-
Status Code

+
Status Codes

+

-
-
-
-
-
-
-
-
-
-
-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Response to the request for querying east-west firewall information.

+
Response to the request for querying east-west firewall information.

 		
 
400

+
400

 
Bad Request

+
Bad Request

 		
 
401

+
401

 
Unauthorized

+
Unauthorized

 		
 
403

+
403

 
Forbidden

+
Forbidden

 		
 
404

+
404

 
Not Found

+
Not Found

 		
 
500

+
500

 
Internal Server Error

+
Internal Server Error

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/ListJob.html b/docs/cfw/api-ref/ListJob.html
index a08a60844..b110b0bcd 100644
--- a/docs/cfw/api-ref/ListJob.html
+++ b/docs/cfw/api-ref/ListJob.html
@@ -145,9 +145,9 @@
 
Return value of the API for obtaining the information about a pay-per-use firewall creation task.

 
{
   "data" : {
-    "begin_time" : 1641370501000,
-    "end_time" : 1641370515000,
-    "id" : "f588ce71-e26c-400d-8981-f854355f6849",
+    "begin_time" : "2023-11-14 10:10:27 +0800",
+    "end_time" : "2023-11-14 10:15:46 +0800",
+    "id" : "7517d932-8e79-4273-a001-ceff74e121f7",
     "status" : "Success"
   }
 }

diff --git a/docs/cfw/api-ref/ListLogConfig.html b/docs/cfw/api-ref/ListLogConfig.html
index 0aacf40ba..863bebba2 100644
--- a/docs/cfw/api-ref/ListLogConfig.html
+++ b/docs/cfw/api-ref/ListLogConfig.html
@@ -1,200 +1,200 @@
 
 
 
Obtaining Log Configurations

-
Function
This API is used to obtain log configurations.

+
Function
This API is used to obtain log configurations.

 

-
URI
GET /v1/{project_id}/cfw/logs/configuration

+
URI
GET /v1/{project_id}/cfw/logs/configuration

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

+
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
fw_instance_id

+
fw_instance_id

 
Yes

+
Yes

 
String

+
String

 
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

+
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

+
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. You can obtain the token by referring to Obtaining a User Token.

+
User token. You can obtain the token by referring to Obtaining a User Token.

 		
 
Content-Type

+
Content-Type

 
Yes

+
Yes

 
String

+
String

 
Content type. It can only be set to application/json.

+
Content type. It can only be set to application/json.

 		
 

 
 

 

 

-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-
Table 4 Response body parameters
Parameter

+

-
-
-
-
-
Table 4 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
LogConfigDto object

+
LogConfigDto object

 
Log configurations.

+
Log configurations.

 		
 

 
 

 

 
-
Table 5 LogConfigDto
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 5 LogConfigDto
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
fw_instance_id

+
fw_instance_id

 
String

+
String

 
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

+
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

 		
 
lts_enable

+
lts_enable

 
Integer

+
Integer

 
Whether to enable LTS: 1 (yes), 0 (no). If the parameter is set to 1 then parameters lts_attack_log_stream_enable, lts_access_log_stream_enable, lts_flow_log_stream_enable must be mandatory.

+
Whether to enable LTS: 1 (yes), 0 (no). If the parameter is set to 1 then parameters lts_attack_log_stream_enable, lts_access_log_stream_enable, lts_flow_log_stream_enable must be mandatory

 		
 
lts_log_group_id

+
lts_log_group_id

 
String

+
String

 
Log Tank Service (LTS) log group ID, which can be obtained by calling the API for querying all the log groups of an account in LTS. Find the value in log_groups.log_group_id (The period [.] is used to separate different levels of objects).

+
Log Tank Service (LTS) log group ID, which can be obtained by calling the API for querying all the log groups of an account in LTS. Find the value in log_groups.log_group_id (The period [.] is used to separate different levels of objects).

 		
 
lts_attack_log_stream_id

+
lts_attack_log_stream_id

 
String

+
String

 
Attack log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+
Attack log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

 		
 
lts_attack_log_stream_enable

+
lts_attack_log_stream_enable

 
Integer

+
Integer

 
Whether to enable the attack log stream: 1 (yes), 0 (no).

+
Whether to enable the attack log stream: 1 (yes), 0 (no).

 		
 
lts_access_log_stream_id

+
lts_access_log_stream_id

 
String

+
String

 
Access control log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+
Access control log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

 		
 
lts_access_log_stream_enable

+
lts_access_log_stream_enable

 
Integer

+
Integer

 
Whether to enable the access control stream: 1 (yes), 0 (no).

+
Whether to enable the access control stream: 1 (yes), 0 (no).

 		
 
lts_flow_log_stream_id

+
lts_flow_log_stream_id

 
String

+
String

 
Traffic log ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+
Traffic log ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

 		
 
lts_flow_log_stream_enable

+
lts_flow_log_stream_enable

 
Integer

+
Integer

 
Whether to enable the traffic log function: 1 (yes), 0 (no).

+
Whether to enable the traffic log function: 1 (yes), 0 (no).

 		
 

 
 

 

 
-
Example Requests
Query the log configuration of the firewall 4e113415-7811-4bb3-bf5e-eb835953f7d4 in project 408972e72dcd4c1a9b033e955802a36b.

-
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/cfw/logs/configuration?fw_instance_id=4e113415-7811-4bb3-bf5e-eb835953f7d4&enterprise_project_id=default

+
Example Requests
Query the log configuration of the firewall 4e113415-7811-4bb3-bf5e-eb835953f7d4 in project 408972e72dcd4c1a9b033e955802a36b.

+
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/cfw/logs/configuration?fw_instance_id=4e113415-7811-4bb3-bf5e-eb835953f7d4&enterprise_project_id=default

 

-
Example Responses
Status code: 200

-
Return value for querying log configurations.

-
{
+
Example Responses
Status code: 200

+
Return value for querying log configurations.

+
{
   "data" : {
     "fw_instance_id" : "4df2bcd1-6299-4fba-8e71-8d50ea807090",
     "lts_access_log_stream_enable" : 0,
@@ -205,23 +205,23 @@
   }
 }

 

-
Status Codes

-
Status Code

+
Status Codes

+

-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Return value for querying log configurations.

+
Return value for querying log configurations.

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/UpdateLogConfig.html b/docs/cfw/api-ref/UpdateLogConfig.html
index f18796574..79e5fccea 100644
--- a/docs/cfw/api-ref/UpdateLogConfig.html
+++ b/docs/cfw/api-ref/UpdateLogConfig.html
@@ -1,216 +1,216 @@
 
 
 
Updating Log Configurations

-
Function
This API is used to update log configurations.

+
Function
This API is used to update log configurations.

 

-
URI
PUT /v1/{project_id}/cfw/logs/configuration

+
URI
PUT /v1/{project_id}/cfw/logs/configuration

 
-
Table 1 Path Parameters
Parameter

+

-
-
-
-
-
-
-
Table 1 Path Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
project_id

+
project_id

 
Yes

+
Yes

 
String

+
String

 
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

+
Project ID, which can be obtained by calling an API or from the console. For details, see Obtaining a Project ID.

 		
 

 
 

 

 
-
Table 2 Query Parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
Table 2 Query Parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
fw_instance_id

+
fw_instance_id

 
Yes

+
Yes

 
String

+
String

 
Firewall ID, which can be obtained via API by referring to Obtaining a Firewall ID.

+
Firewall ID, which can be obtained via API by referring to Obtaining a Firewall ID.

 		
 
enterprise_project_id

+
enterprise_project_id

 
No

+
No

 
String

+
String

 
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

+
Enterprise project ID, which is the ID of a project planned based on organizations. You can obtain the enterprise project ID by referring to Obtaining an Enterprise Project ID. If the enterprise project function is not enabled, the value is 0.

 		
 

 
 

 

 
-
Request Parameters

-
Table 3 Request header parameters
Parameter

+
Request Parameters

+

-
-
-
-
-
-
-
-
-
-
-
Table 3 Request header parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
X-Auth-Token

+
X-Auth-Token

 
Yes

+
Yes

 
String

+
String

 
User token. You can obtain the token by referring to Obtaining a User Token.

+
User token. You can obtain the token by referring to Obtaining a User Token.

 		
 
Content-Type

+
Content-Type

 
Yes

+
Yes

 
String

+
String

 
Content type. It can only be set to application/json.

+
Content type. It can only be set to application/json.

 		
 

 
 

 

 
-

-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
Table 4 Request body parameters
Parameter

+

-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Table 4 Request body parameters
Parameter

 
Mandatory

+
Mandatory

 
Type

+
Type

 
Description

+
Description

 		
 

 
fw_instance_id

+
fw_instance_id

 
Yes

+
Yes

 
String

+
String

 
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

+
Firewall ID, which can be obtained by referring to Obtaining a Firewall ID.

 		
 
lts_enable

+
lts_enable

 
Yes

+
Yes

 
Integer

+
Integer

 
Whether to enable LTS: 1 (yes), 0 (no). If the parameter is set to 1 then parameters lts_attack_log_stream_enable, lts_access_log_stream_enable, lts_flow_log_stream_enable must be mandatory.

+
Whether to enable LTS: 1 (yes), 0 (no). If the parameter is set to 1 then parameters lts_attack_log_stream_enable, lts_access_log_stream_enable, lts_flow_log_stream_enable must be mandatory

 		
 
lts_log_group_id

+
lts_log_group_id

 
Yes

+
Yes

 
String

+
String

 
Log Tank Service (LTS) log group ID, which can be obtained by calling the API for querying all the log groups of an account in LTS. Find the value in log_groups.log_group_id (The period [.] is used to separate different levels of objects).

+
Log Tank Service (LTS) log group ID, which can be obtained by calling the API for querying all the log groups of an account in LTS. Find the value in log_groups.log_group_id (The period [.] is used to separate different levels of objects).

 		
 
lts_attack_log_stream_id

+
lts_attack_log_stream_id

 
No

+
No

 
String

+
String

 
Attack log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+
Attack log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

 		
 
lts_attack_log_stream_enable

+
lts_attack_log_stream_enable

 
No

+
No

 
Integer

+
Integer

 
Whether to enable the attack log stream: 1 (yes), 0 (no).

+
Whether to enable the attack log stream: 1 (yes), 0 (no).

 		
 
lts_access_log_stream_id

+
lts_access_log_stream_id

 
No

+
No

 
String

+
String

 
Access control log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+
Access control log stream ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

 		
 
lts_access_log_stream_enable

+
lts_access_log_stream_enable

 
No

+
No

 
Integer

+
Integer

 
Whether to enable the access control stream: 1 (yes), 0 (no).

+
Whether to enable the access control stream: 1 (yes), 0 (no).

 		
 
lts_flow_log_stream_id

+
lts_flow_log_stream_id

 
No

+
No

 
String

+
String

 
Traffic log ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

+
Traffic log ID, which can be obtained by calling the API for querying all the log streams in a specified log group in LTS. Find the value in log_streams.log_stream_id (The period [.] is used to separate different levels of objects).

 		
 
lts_flow_log_stream_enable

+
lts_flow_log_stream_enable

 
No

+
No

 
Integer

+
Integer

 
Whether to enable the traffic log function: 1 (yes), 0 (no).

+
Whether to enable the traffic log function: 1 (yes), 0 (no).

 		
 

 
 

 

 
-
Response Parameters
Status code: 200

+
Response Parameters
Status code: 200

 
-

+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
Table 5 Response body parameters
Parameter

+

-
-
-
-
-
Table 5 Response body parameters
Parameter

 
Type

+
Type

 
Description

+
Description

 		
 

 
data

+
data

 
String

+
String

 
Return value for updating log configurations. The value is the firewall ID.

+
Return value for updating log configurations. The value is the firewall ID.

 		
 

 
 

 

 
-
Example Requests
Update the log configurations of firewall 22c4a5db-504c-471f-8187-5192bc11de0b in project 408972e72dcd4c1a9b033e955802a36b. The LTS log, flow log, access control log, and attack log functions are disabled.

-
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/cfw/logs/configuration?fw_instance_id=22c4a5db-504c-471f-8187-5192bc11de0b&enterprise_project_id=default
+
Example Requests
Update the log configurations of firewall 22c4a5db-504c-471f-8187-5192bc11de0b in project 408972e72dcd4c1a9b033e955802a36b. The LTS log, flow log, access control log, and attack log functions are disabled.

+
https://{Endpoint}/v1/408972e72dcd4c1a9b033e955802a36b/cfw/logs/configuration?fw_instance_id=22c4a5db-504c-471f-8187-5192bc11de0b&enterprise_project_id=default
 
 {
   "fw_instance_id" : "22c4a5db-504c-471f-8187-5192bc11de0b",
@@ -221,29 +221,29 @@
   "lts_flow_log_stream_enable" : 0
 }

 

-
Example Responses
Status code: 200

-
Return value for updating log configurations.

-
{
+
Example Responses
Status code: 200

+
Return value for updating log configurations.

+
{
   "data" : "4e113415-7811-4bb3-bf5e-eb835953f7d4"
 }

 

-
Status Codes

-

+
+
+
+
+
+
+
+
+
+
+
+
Status Code

+
Status Codes

+

-
-
-
Status Code

 
Description

+
Description

 		
 

 
200

+
200

 
Return value for updating log configurations.

+
Return value for updating log configurations.

 		
 

 
 

 

 

-
Error Codes
See Error Codes.

+
Error Codes
See Error Codes.

 

 

 

diff --git a/docs/cfw/api-ref/cfw_02_0013.html b/docs/cfw/api-ref/cfw_02_0013.html
index 23e5de1bc..b2f368af4 100644
--- a/docs/cfw/api-ref/cfw_02_0013.html
+++ b/docs/cfw/api-ref/cfw_02_0013.html
@@ -17,6 +17,28 @@
 
The request is successfully processed.

 		
 
201

+
Created

+
The request for creating resources has been fulfilled.

+
202

+
Accepted

+
The request has been accepted, but the processing has not been completed.

+
204

+
No Content

+
The request has been fulfilled, but the HTTP response does not contain a response body.

+
The status code is returned in response to an HTTP OPTIONS request.

+

 
 

 

@@ -57,6 +79,43 @@
 
The page is not found.

 		
 
405

+
Method Not Allowed

+
The request contains one or more methods not supported for the resource.

+
Modify the request and then try again.

+
409

+
Conflict

+
The request could not be processed due to a conflict with the current state of the resource.

+
This status code indicates that the resource that the client is attempting to create already exists, or that the requested update cannot be fulfilled due to the conflict.

+
413

+
Request Entity Too Large

+
The request is larger than what the server is able to process. The server may close the connection to prevent the client from continuing the request. If the server cannot process the request temporarily, the response will contain a Retry-After header field.

+
415

+
Unsupported Media Type

+
The server is unable to process the media format in the request.

+
429

+
Too Many Requests

+
The client has sent excessive number of requests to the server within a given time (exceeding the limit on the access frequency of the client), or the server has received an excessive number of requests within a given time (beyond its processing capability). In this case, the client should resend the request after the time specified in the Retry-After header of the response has elapsed.

+

 
500

 		
 
Internal Server Error

@@ -64,6 +123,21 @@
 
There is an internal server error.

 		
 
501

+
Not Implemented

+
The server does not support the function required to fulfill the request.

+
503

+
Service Unavailable

+
The requested service is invalid.

+
Modify the request and then try again.

+

 
 

 

diff --git a/docs/cfw/api-ref/cfw_02_0015.html b/docs/cfw/api-ref/cfw_02_0015.html
index 787f1611b..1e7a16892 100644
--- a/docs/cfw/api-ref/cfw_02_0015.html
+++ b/docs/cfw/api-ref/cfw_02_0015.html
@@ -1,10 +1,10 @@
 
 
 
Obtaining a Project ID

-
Obtaining a Project ID from the Console
A project ID is required for some URLs when an API is called. To obtain a project ID, perform the following operations:

-
  1. Log in to the management console.
  2. Click the username and choose My Credential from the drop-down list.
    On the My Credential page, view project IDs in the project list.
    
+
    Obtaining a Project ID from the Console
    A project ID is required for some URLs when an API is called. To obtain a project ID, perform the following operations:
    
+
    1. Log in to the management console.
    2. Click the username and choose My Credential from the drop-down list.
      On the displayed page, view project IDs in the project list.
      
 
    
-
    Figure 1 Viewing project IDs
    
+
    Figure 1 Viewing project IDs
    
 
    
 
    
 
    
diff --git a/docs/cfw/api-ref/cfw_02_0017.html b/docs/cfw/api-ref/cfw_02_0017.html
index d9c1290c7..519199f85 100644
--- a/docs/cfw/api-ref/cfw_02_0017.html
+++ b/docs/cfw/api-ref/cfw_02_0017.html
@@ -8,7 +8,38 @@
 

 

 
2025-02-18

+
2025-08-01

+
This issue is the fifteenth official release.

+
Changed the Type of begin_time and end_time in "Obtaining the Status of a CFW Task" to String.

+
2025-07-09

+
This is the fourteenth official release.

+
Optimized the "Example Responses" section in "Obtaining the Status of a CFW Task".

+
2025-06-27

+
This is the thirteenth official release.
  • Optimized the "Example Requests" section in "Creating an East-West Firewall."
  • Changed connection ID to attachment ID.

+

+
2025-05-23

+
This is the twelfth official release.
  • Optimized the description of lts_enable.
  • Updated the "Example Request" section in "Creating a Firewall."
  • Updated the inspection_vpc_id parameter in "Creating an East-West Firewall".

+

+
2025-03-31

+
This issue is the eleventh official release.

+
Deleted:

+
period_type, period_num, and other parameters.

+
2025-02-18

 		
 
This issue is the tenth official release. 

 
Optimized:

@@ -19,7 +50,7 @@
 

 
2025-01-22

 
This is the ninth official release.

+
This issue is the ninth official release.

 
Added the header parameter Content-Type.

 
Optimized:
 

diff --git a/docs/cfw/api-ref/en-us_image_0218728478.jpg b/docs/cfw/api-ref/en-us_image_0277985093.jpg
similarity index 100%
rename from docs/cfw/api-ref/en-us_image_0218728478.jpg
rename to docs/cfw/api-ref/en-us_image_0277985093.jpg