tencent cloud

Cloud Access Management

Product Introduction
CAM Overview
Features
Scenarios
Basic Concepts
Use Limits
User Types
Purchase Guide
Getting Started
Creating Admin User
Creating and Authorizing Sub-account
Logging In to Console with Sub-account
User Guide
Overview
Users
Access Key
User Groups
Role
Identity Provider
Policies
Permissions Boundary
Troubleshooting
Downloading Security Analysis Report
CAM-Enabled Role
Overview
Compute
Container
Microservice
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Database SaaS Service
Networking
CDN and Acceleration
Network Security
Data Security
Application Security
Domains & Websites
Big Data
Middleware
Interactive Video Services
Real-Time Interaction
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
CAM-Enabled API
Overview
Compute
Edge Computing
Container
Distributed cloud
Microservice
Serverless
Essential Storage Service
Data Process and Analysis
Data Migration
Relational Database
Enterprise Distributed DBMS
NoSQL Database
Database SaaS Tool
Networking
CDN and Acceleration
Network Security
Endpoint Security
Data Security
Business Security
Application Security
Domains & Websites
Office Collaboration
Big Data
Voice Technology
Image Creation
Tencent Big Model
AI Platform Service
Natural Language Processing
Optical Character Recognition
Middleware
Communication
Interactive Video Services
Real-Time Interaction
Stream Services
Media On-Demand
Media Process Services
Media Process
Cloud Real-time Rendering
Game Services
Education Sevices
Medical Services
Cloud Resource Management
Management and Audit Tools
Developer Tools
Monitor and Operation
More
Use Cases
Security Practical Tutorial
Multi-Identity Personnel Permission Management
Authorizing Certain Operations by Tag
Supporting Isolated Resource Access for Employees
Enterprise Multi-Account Permissions Management
Reviewing Employee Operation Records on Tencent Cloud
Implementing Attribute-Based Access Control for Employee Resource Permissions Management
During tag-based authentication, only tag key matching is supported
Business Use Cases
TencentDB for MySQL
CLB
CMQ
COS
CVM
VPC
VOD
Others
API Documentation
History
Introduction
API Category
Making API Requests
User APIs
Policy APIs
Role APIs
Identity Provider APIs
Data Types
Error Codes
FAQs
Role
Key
Others
CAM Users and Permissions
Glossary
문서Cloud Access ManagementCAM-Enabled APINetwork SecurityTencent Cloud Firewall

Tencent Cloud Firewall

PDF
포커스 모드
폰트 크기
마지막 업데이트 시간: 2026-04-03 09:41:10

Fundamental information

Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
Cloud Firewall cfw Supported not supported Operation level Partially supported

Note:

The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

  • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
  • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
  • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

API authorization granularity

Two authorization granularity levels of API are supported: resource level, and operation level.

  • Resource level: It supports the authorization of a specific resource.
  • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

Write operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
AddAclRule Add Internet Access Control Rules Operation level * Supported
AddDnsAclRule Add Dns access control rules Operation level * Supported
AddEnterpriseSGRulesForIPV6 AddEnterpriseSGRulesForIPV6 Operation level * Supported
AddEnterpriseSecurityGroupRules Create New Enterprise Security Group Rules Operation level * Supported
AddNDRUser AddNDRUser Operation level * Supported
AddNatAcRule Operation level * Supported
AddNatFwTcRule AddNatFwTcRule Operation level * Supported
AddNewBindRoleUser Firewall role authorization binding interface Operation level * Supported
AddOrganAcl Add organizational permissions Operation level * Supported
AddVpcAcRule Add VPC Firewall intranet rules. Operation level * Supported
AddVpcFwTcRule Add inter-VPC firewall traffic control policy Operation level * Supported
AddZeroTrustWebService Add zero trust web service Operation level * Supported
BindChannel BindChannel Operation level * Supported
CancelUpdateEngineReserveTask CancelUpdateEngineReserveTask Operation level * Supported
CheckAlarmRule Verification alarm rules Operation level * Supported
CreateAIInterpretationFeedBack AI accuracy feedback Operation level * Supported
CreateAcRules Create ACL Rules Operation level * Supported
CreateAddressTemplate Create address template Operation level * Supported
CreateAlarm Create a log alert policy Operation level * Supported
CreateAlertCenterOmit Alarm Center-Ignore Handling Interface Operation level * Supported
CreateAlertCenterRule Alarm Center-Block, Release and Disposal Interface Operation level * Supported
CreateApplyTrial Request a trial firewall Operation level * Supported
CreateAsyncTask CreateAsyncTask Operation level * Supported
CreateBakRuleList Operation level * Supported
CreateBetaTask Establishing Beta Automation Tasks Operation level * Supported
CreateBlockIgnoreRuleList Add block list and ignore list rules in batches Operation level * Supported
CreateBlockIgnoreRuleNew Add intrusion prevention block list and allow list rules in batches (new) Operation level * Supported
CreateClsDeliverTask CreateClsDeliverTask Operation level * Supported
CreateDatabaseWhiteListRules CreateDatabaseWhiteListRules Operation level * Supported
CreateHoneypotTrial Apply for a trial firewall honeypot Operation level * Supported
CreateIOAAccessGroup Override Edit IOA User Group Access Operation level * Supported
CreateNDRAnalysis CreateNDRAnalysis Operation level * Supported
CreateNDRPolicy create NDR flow filter policy Operation level * Supported
CreateNatFwInstance Create a NAT firewall instance (Region parameter is required). Operation level * Supported
CreateNatFwInstanceWithDomain Create NAT firewall instance and connect a domain name (The Region parameter is required) Operation level * Supported
CreatePcapTask Create a packet capture task Operation level * Supported
CreateProbeTask create probe task Operation level * Supported
CreateRemoteMtInstance Create a zero-trust remote operation and maintenance instance Operation level * Supported
CreateResourceGroup CreateResourceGroup Operation level * Supported
CreateSecurityGroupRules Operation level * Supported
CreateVpcFwGroup Create an Inter-VPC Firewall (Firewall Group) Operation level * Supported
CreateVpcFwInstance Create an inter-VPC firewall instance Operation level * Supported
CreateWhiteRule Creating an Intrusion Prevention Whitelist Operation level * Supported
CreateZeroTrustAclMulti Adding Zero Trust Remote Operation and Maintenance Rules in Batch - Identity Perspective Operation level * Supported
CreateZeroTrustCommandRule Add zero trust remote operation and maintenance command control rules in batches Operation level * Supported
CreateZeroTrustDomain CreateZeroTrustDomain Operation level * Supported
CreateZeroTrustTrial Apply for Zero Trust Remote Operation and Maintenance Trial Operation level * Supported
DeleteAcRule Delete ACL Rule Operation level * Supported
DeleteAddressTemplate Delete address template rules Operation level * Supported
DeleteAlarm Delete log alert policy Operation level * Supported
DeleteAllAccessControlRule DeleteAllAccessControlRule Operation level * Supported
DeleteBlockIgnoreRuleAll Delete all black and white lists (support filtering) Operation level * Supported
DeleteBlockIgnoreRuleList Delete intrusion prevention ban list and allow list rules in batches Operation level * Supported
DeleteBlockIgnoreRuleNew Deleting Intrusion Prevention Block List and Allow List Rules in Batch (New) Operation level * Supported
DeleteClsDeliverTask DeleteClsDeliverTask Operation level * Supported
DeleteIOAAccessGroup Delete iOA user group access Operation level * Supported
DeleteNDRAssetIdentificationItem Delete NDR asset identification results. Operation level * Supported
DeleteNDRPolicy delete NDR flow filter policy Operation level * Supported
DeleteNatFwInstance Delete Nat Firewall Instance Operation level * Supported
DeletePcapTask DeletePcapTask Operation level * Supported
DeleteProbe DeleteProbe Operation level * Supported
DeleteRemoteAccessDomain DeleteRemoteAccessDomain Operation level * Supported
DeleteRemoteMtInstance Delete a zero-trust remote operation and maintenance instance Operation level * Supported
DeleteReport DeleteReport Operation level * Supported
DeleteResourceGroup delete cfw resource group Operation level * Supported
DeleteSecurityGroupRule Operation level * Supported
DeleteSession DeleteSession Operation level * Supported
DeleteVpcFwGroup DeleteVpcFwGroup Operation level * Supported
DeleteWeComCache Clear WeChat Work cache Operation level * Supported
DeleteWhiteRule delete the whitelist Operation level * Supported
DeleteWhiteRuleAll Delete Whitelist-All Operation level * Supported
DeleteZeroTrustAuthUserInfoById Batch deletion of zero trust operation and maintenance users Operation level * Supported
DeleteZeroTrustCommandRule Delete zero trust remote operation and maintenance command control rules Operation level * Supported
DeleteZeroTrustDomain DeleteZeroTrustDomain Operation level * Supported
DeleteZeroTrustWebService delete zero trust web service Operation level * Supported
DeleteZeroTrustWebServiceAccess delete zero trust web service access info Operation level * Supported
ExpandCfwVertical ExpandCfwVertical Operation level * Supported
IgnoreEnterpriseSecurityGroupDomainStatus IgnoreEnterpriseSecurityGroupDomainStatus Operation level * Supported
IgnoreZeroTrustError Ignore Zero Trust Remote Operations error banner Operation level * Supported
ImportBlockIgnoreRuleList Batch import of intrusion prevention ban list and pass list rules Operation level * Supported
ImportCFWFile Import common methods Operation level * Supported
ModifyAcRule Modify ACL Rule Operation level * Supported
ModifyAclApiDispatch ACL write interface request transfer Operation level * Supported
ModifyAclRule Modify Internet Border Access Control Rules Operation level * Supported
ModifyAclRuleStatus ModifyAclRuleStatus Operation level * Supported
ModifyActionShowStatus ModifyActionShowStatus Operation level * Supported
ModifyAddressTemplate Modify address template Operation level * Supported
ModifyAlarm Modify log alert policy Operation level * Supported
ModifyAllPublicIPSwitchStatus ModifyAllPublicIPSwitchStatus Operation level * Supported
ModifyAllRuleStatus ModifyAllRuleStatus Operation level * Supported
ModifyApiDispatch ModifyApiDispatch Operation level * Supported
ModifyAssetNDRPolicy modify NDR Policy Relation Asset List Operation level * Supported
ModifyAssetScan ModifyAssetScan Operation level * Supported
ModifyAssetSync Asset Synchronization Operation level * Supported
ModifyBetaTask ModifyBetaTask Operation level * Supported
ModifyBlackListSwitchStatus ModifyBlackListSwitchStatus Operation level * Supported
ModifyBlockIgnoreList Batch operation interface for ban list and release list Operation level * Supported
ModifyBlockIgnoreRule Edit individual intrusion prevention ban list and allow list rules Operation level * Supported
ModifyBlockIgnoreRuleNew Edit individual intrusion prevention block list and pass list rules (new) Operation level * Supported
ModifyBlockTop ModifyBlockTop Operation level * Supported
ModifyChooseResourceGroup Asset Center-Asset Group-Asset Operation Operation level * Supported
ModifyClsDeliverSwitch ModifyClsDeliverSwitch Operation level * Supported
ModifyClsDeliverTask ModifyClsDeliverTask Operation level * Supported
ModifyClusterFwTransparentMode Modify the Transparent Mode Switch of the Cluster Firewall Operation level * Supported
ModifyClusterVpcFwSwitch Modify the VPC firewall switch in cluster mode Operation level * Supported
ModifyCommonStatus Universal asynchronous table modification interface Operation level * Supported
ModifyDNSFWSwitchAll Enable all DNS firewall switches (support filtering) Operation level * Supported
ModifyDnsAclRule Modify DNS access control rules Operation level * Supported
ModifyDnsAclRuleSwitch Enable or disable DNS rule switches in batches Operation level * Supported
ModifyDnsAclRuleSwitchAll Edit all DNS ACL rules (support filtering) Operation level * Supported
ModifyDnsResolveIp Configure Dns to resolve IP Operation level * Supported
ModifyEWRuleStatus Operation level * Supported
ModifyEdgeIpSwitch Change boundary firewall switch (bypass, serial) Operation level * Supported
ModifyEdgeIpSwitchAll Edit serial firewall switches (all on, all off) Operation level * Supported
ModifyEdgeIpSwitchWeight Edit Internet border ip switch weights Operation level * Supported
ModifyEdgeName Modify the name of the VPC firewall edge. Operation level * Supported
ModifyEnterpriseSGRulesForIPV6 modify sg rule for ipv6 Operation level * Supported
ModifyEnterpriseSecurityDispatchStatus Operation level * Supported
ModifyEnterpriseSecurityGroupRule Operation level * Supported
ModifyEnterpriseSecurityGroupRuleLst Operation level * Supported
ModifyEnterpriseSecurityGroupSequenceRules Operation level * Supported
ModifyFwAZone Modify firewall availability zone Operation level * Supported
ModifyFwConfig Edit firewall configuration Operation level * Supported
ModifyFwGroupSwitch Modify firewall (group) switch (supporting single-point mode, multi-point mode, and full interconnection mode) Operation level * Supported
ModifyFwGroupSwitchAll Modify VPC firewall all switches Operation level * Supported
ModifyIgnoreAsyncTaskErr Ignore exception task information Operation level * Supported
ModifyIgnoreNdrSwitchErr ModifyIgnoreNdrSwitchErr Operation level * Supported
ModifyIpsModeSwitch Modify the IPS protection mode. Operation level * Supported
ModifyIpsRuleList Modify IPS rule list Operation level * Supported
ModifyLogStorageConfig ModifyLogStorageConfig Operation level * Supported
ModifyNDRAssetIdentificationCustomizedColumn Modify the custom display fields for NDR asset identification results. Operation level * Supported
ModifyNDRBandwidth Edit traffic analysis bandwidth Operation level * Supported
ModifyNDRDataLeakAiAlertStatus Modifying Alarm Event Status of Sensitive Data Leakage for External AI Operation level * Supported
ModifyNDRDataLeakAlertStatus Update the status of sensitive data leak alert events Operation level * Supported
ModifyNDRDataLeakOutAlertStatus Modify Outbound Sensitive Data Leakage Alert Event Status Operation level * Supported
ModifyNDRDataLeakRuleConfig Modifying NDR Data Leakage Rules and Policies Configuration Operation level * Supported
ModifyNDRDataMaskingStatus Modify the desensitization status of NDR sensitive data Operation level * Supported
ModifyNDRPolicy modify NDR flow filter policy Operation level * Supported
ModifyNDRPortRiskStatus Modify the NDR port risk alarm status Operation level * Supported
ModifyNDRRiskDetectStatus Modifying NDR Risk Detection Status Operation level * Supported
ModifyNDRWeakPwdAlertStatus Update the status of weak password alert events Operation level * Supported
ModifyNatAcRule Operation level * Supported
ModifyNatAcRuleSwitchAll Modify all NAT rule switches (support filtering) Operation level * Supported
ModifyNatAclRuleSwitch Enable or disable NAT rule switch Operation level * Supported
ModifyNatFwConfig Set up NAT firewall configuration Operation level * Supported
ModifyNatFwReSelect Reselect VPC or NAT for the NAT firewall instance. Operation level * Supported
ModifyNatFwSwitch Modify NAT firewall switch Operation level * Supported
ModifyNatFwSwitchAll Modify all switches of NAT firewall (support filtering) Operation level * Supported
ModifyNatFwTcRule Edit traffic control policy Operation level * Supported
ModifyNatFwVpcDnsSwitch NAT Firewall VPC DNS Switch Toggle Operation level * Supported
ModifyNatInstance ModifyNatInstance Operation level * Supported
ModifyNatSequenceRules Operation level * Supported
ModifyNdrClusterSwitch Enable cluster and node traffic analysis interface (support interface filtering) Operation level * Supported
ModifyNdrClusterSwitchWeight Edit cluster and node traffic analysis switch weights Operation level * Supported
ModifyNdrConfig ModifyNdrConfig Operation level * Supported
ModifyNdrCustomFieldConfig ModifyNdrCustomFieldConfig Operation level * Supported
ModifyNdrEdgeIpSwitch ModifyNdrEdgeIpSwitch Operation level * Supported
ModifyNdrEdgeIpSwitchAll ModifyNdrEdgeIpSwitchAll Operation level * Supported
ModifyNdrEdgeIpSwitchWeight ModifyNdrEdgeIpSwitchWeight Operation level * Supported
ModifyNdrSwitch Enable/Disable Traffic Analysis Switch Operation level * Supported
ModifyNdrSwitchAll Enable all traffic analysis APIs (API filtering supported) Operation level * Supported
ModifyNdrSwitchWeight Edit traffic analysis switch weight Operation level * Supported
ModifyNetflowRuleStatus Operation level * Supported
ModifyNetflowRuleStatusAll Modify all internet boundary access control lists (support conditional filtering) Operation level * Supported
ModifyNoticeCommonNew General settings status modification (new) Operation level * Supported
ModifyPacketDropAction Modify Firewall Packet Drop Action Operation level * Supported
ModifyProbeTask modify probe task Operation level * Supported
ModifyRemoteAccessInstance ModifyRemoteAccessInstance Operation level * Supported
ModifyRemoteMtInstance Edit a zero-trust remote operation and maintenance instance Operation level * Supported
ModifyReportTitle ModifyReportTitle Operation level * Supported
ModifyResourceGroup ModifyResourceGroup Operation level * Supported
ModifyResourceGroupOrder Asset Center Asset Group Movement Operation level * Supported
ModifyRouteBackup Modify backup route Operation level * Supported
ModifyRunSyncAsset Sync Assets - Internet & VPC (New) Operation level * Supported
ModifySGRulesSequenceForIPV6 modify sg Sequence for ipv6 Operation level * Supported
ModifySecurityGroupItemRuleStatus Enable and disable individual enterprise security group rules Operation level * Supported
ModifySecurityGroupRule Operation level * Supported
ModifySecurityGroupRuleAll Edit all enterprise security group rules (support filtering) Operation level * Supported
ModifySecurityGroupSequenceRules Operation level * Supported
ModifySecurityGroupTableStatus Modify Security Group List Status Operation level * Supported
ModifySequenceAclRules Internet Rules Quick Sort Operation level * Supported
ModifySequenceRules modify rule sequence Operation level * Supported
ModifySerialRegion Edit Serial Firewall Regional Bandwidth Allocation Operation level * Supported
ModifyStorageLogTypeSetting Modify the tenant log storage type configuration Operation level * Supported
ModifyStorageProtocolLogTypeSetting ModifyStorageProtocolLogTypeSetting Operation level * Supported
ModifyStorageSetting Log storage settings Operation level * Supported
ModifyStrictModeConfig Modify strict mode configuration Operation level * Supported
ModifySwitchStatus ModifySwitchStatus Operation level * Supported
ModifyTableStatus ModifyTableStatus Operation level * Supported
ModifyUserConfig Modify User Config Operation level * Supported
ModifyUserTkeGrant User TKE cluster authorization Operation level * Supported
ModifyVpcAcRule Operation level * Supported
ModifyVpcAcRuleAll Edit all internal network access control lists (support filtering) Operation level * Supported
ModifyVpcAcRuleSwitch Operation level * Supported
ModifyVpcCfwWidth Vertical expansion of firewall between vpc Operation level * Supported
ModifyVpcFwConfig Set up inter-VPC firewall configuration Operation level * Supported
ModifyVpcFwGroup Edit the inter-VPC firewall (firewall group) Operation level * Supported
ModifyVpcFwReSelect Reselect VPC for inter-VPC firewall Operation level * Supported
ModifyVpcFwSequenceRules Operation level * Supported
ModifyVpcFwSwitch Modify the firewall switch between VPCs Operation level * Supported
ModifyVpcFwTcRule Editing a VPC Traffic Control Policy Operation level * Supported
ModifyWebServiceMod ModifyWebServiceMod Operation level * Supported
ModifyWhiteRule Editing the Intrusion Prevention Whitelist Operation level * Supported
ModifyZeroTrustAssetAcl Edit Zero Trust Remote Operation and Maintenance Asset Permission Details Operation level * Supported
ModifyZeroTrustAuthUserInfoById Mass Modification of Zero Trust Operational Users Operation level * Supported
ModifyZeroTrustBlockStatus Zero Trust Unauthorized Block Button Operation level * Supported
ModifyZeroTrustCommandRule Modify zero trust remote operation and maintenance command control rules Operation level * Supported
ModifyZeroTrustCommandRuleSwitch Batch modification of zero trust remote operation and maintenance command control rule switches Operation level * Supported
ModifyZeroTrustCommandRuleSwitchAll Modify all zero trust remote operation and maintenance command control rules (supports filtering) Operation level * Supported
ModifyZeroTrustDomain ModifyZeroTrustDomain Operation level * Supported
ModifyZeroTrustEip Edit Zero Trust Regional Public IP Operation level * Supported
ModifyZeroTrustInstancePort Edit Zero Trust Remote Operation and Maintenance Server Instance Port Operation level * Supported
ModifyZeroTrustRegionSwitch Modify Zero Trust Operation and Maintenance Region Switch Operation level * Supported
ModifyZeroTrustRule ModifyZeroTrustRule Operation level * Supported
ModifyZeroTrustRuleSwitch Modify IOA permission rule switches in batches Operation level * Supported
ModifyZeroTrustRuleSwitchAll Modify all zero-trust permission rules (support filtering) Operation level * Supported
ModifyZeroTrustUserAcl Edit Zero Trust Remote Operation and Maintenance User Permissions Details Operation level * Supported
ModifyZeroTrustVpcSwitch Modify Zero Trust VPC Switch Operation level * Supported
ModifyZeroTrustVpcSwitchAll Batch Modify Zero Trust VPC Switches Operation level * Supported
ModifyZeroTrustWebService modify zero web service base info Operation level * Supported
ProbeQuickly probe quickly Operation level * Supported
RemoveAcRule RemoveAcRule Operation level * Supported
RemoveAclRule Delete Internet Access Control Rules Operation level * Supported
RemoveDnsAclRule Delete Dns Access Control Rules Operation level * Supported
RemoveEnterpriseSGRuleForIPV6 remove sg rule foripv6 Operation level * Supported
RemoveEnterpriseSecurityGroupRule Operation level * Supported
RemoveEnterpriseSecurityGroupRuleLst Operation level * Supported
RemoveNatAcRule Operation level * Supported
RemoveOfflineExportTask Delete offline log export tasks Operation level * Supported
RemoveVpcAcRule Operation level * Supported
RemoveVpcFwTcRule Deleting a VPC Traffic Control Policy Operation level * Supported
ResetDnsRuleHitTimes Reset hit count for DNS firewall rules Operation level * Supported
ResetNatRuleHitTimes Operation level * Supported
ResetVpcRuleHitTimes Operation level * Supported
RestartFwIns Restart the firewall instance Operation level * Supported
SaveAutoBackUpSetting Operation level * Supported
SetCfwInsBypass Set firewall instance bypass Operation level * Supported
SetLbDnatRule SetLbDnatRule Operation level * Supported
SetNatFwDnatRule SetNatFwDnatRule Operation level * Supported
SetNatFwEip Set up an EIP address for the NAT firewall instance Operation level * Supported
SetNatProbeEip SetNatProbeEip Operation level * Supported
StartUpdateResourceTask StartUpdateResourceTask Operation level * Supported
StopAsyncTask StopAsyncTask Operation level * Supported
StopSecurityGroupRuleDispatch Operation level * Supported
StopSession StopSession Operation level * Supported
SwitchMaster Firewall switchover Operation level * Supported
SyncIOAUserAccess Synchronize iOA user access data Operation level * Supported
SyncWeChatWorkAccess Synchronize enterprise WeChat access data Operation level * Supported
TriggerNDRDataLeakAiAnalysis Submit Sensitive Data Leakage Risk AI Analysis Task Operation level * Supported
UnbindChannel UnbindChannel Operation level * Supported
UnbindEdgeCFW Unbundling SD-WAN edge and CFW Operation level * Supported
UpdateCfwIdpsMode UpdateCfwIdpsMode Operation level * Supported
UpdateCheckCcnNonDirectFlag Re-check the non-direct connection flag of VPC instances accessing VPC Firewall in CCN Operation level * Supported
UpdateClusterVpcFw Modify and update the VPC firewall policy configuration in CCN Operation level * Supported
UpdateEngine Upgrading the firewall engine Operation level * Supported

Read operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
AddZBTiNotice Important security information notification Operation level * Supported
CheckNatFwTcRule Check flow control rules for conflicts Operation level * Supported
CheckVpcFwTcRule CheckVpcFwTcRule Operation level * Supported
CreateAlertCenterRuleAsync Alarm Center-Asynchronous Processing Interface Operation level * Supported
CreateChooseVpcs CreateChooseVpcs Operation level * Supported
CreateNDRFileExportTask Create NDR File Download Task Operation level * Supported
CreateZeroTrustRule CreateZeroTrustRule Operation level * Supported
DeleteZeroTrustRule DeleteZeroTrustRule Operation level * Supported
DescribeAIInterpretation Security incident AI summary Operation level * Supported
DescribeAccessDomainInfoList Operation level * Supported
DescribeAclApiDispatch Operation level * Supported
DescribeAclRegInfo Query the regions supported for configuring ACL rules. Operation level * Supported
DescribeAclRuleExportStatus Query the export status of Acl rules Operation level * Supported
DescribeAclTag Access control tag query Operation level * Supported
DescribeAddressTemplateList Query address template list Operation level * Supported
DescribeAlarmRecordHistory Query log and alarm history Operation level * not supported
DescribeAlarms Query the list of log alert policies. Operation level * Supported
DescribeAlertCenterEventNameSelectList Dynamically obtain the alarm center security event filter list Operation level * Supported
DescribeAlertCenterList Alarm center alarm list query Operation level * Supported
DescribeAlertCenterOverview describe alert center overview data Operation level * Supported
DescribeAlertEventDetail Alarm center alarm details query Operation level * Supported
DescribeAlertLogEventNameSelectList Dynamically obtain the intrusion prevention log security event filter list Operation level * Supported
DescribeAlertRecordHistory Query log alarm history list Operation level * Supported
DescribeAllRegionList Query region configuration information Operation level * Supported
DescribeAllYwUserByOrgan Organization descendant member list interface Operation level * Supported
DescribeAllZoneList Availability zone information Operation level * Supported
DescribeApiDispatch DescribeApiDispatch Operation level * Supported
DescribeAreaStatus DescribeAreaStatus Operation level * Supported
DescribeAssetEventTree DescribeAssetEventTree Operation level * Supported
DescribeAssetExportStatus Query the asset export status of the asset center Operation level * Supported
DescribeAssetFilterList DescribeAssetFilterList Operation level * Supported
DescribeAssetOverviewNew DescribeAssetOverviewNew Operation level * Supported
DescribeAssetScanList DescribeAssetScanList Operation level * Supported
DescribeAssetSync Asset synchronization status query Operation level * Supported
DescribeAssociatedInstanceList Operation level * Supported
DescribeAsyncTask Query asynchronous task information Operation level * Supported
DescribeAsyncTaskErr Asynchronous task exception information Operation level * Supported
DescribeAutoBackUpSettingList Operation level * Supported
DescribeBandWidthBanner Bandwidth Exceeded Banner Operation level * Supported
DescribeBetaTaskAclRuleList DescribeBetaTaskAclRuleList Operation level * Supported
DescribeBillingInfo Query billing information Operation level * Supported
DescribeBlackWhiteQuota Query the total interface of blacklist and whitelist quotas Operation level * Supported
DescribeBlockByIpTimesList DescribeBlockByIpTimesList Operation level * Supported
DescribeBlockIPBySGSwitch DescribeBlockIPBySGSwitch Operation level * Supported
DescribeBlockIgnoreImportCredential DescribeBlockIgnoreImportCredential Operation level * Supported
DescribeBlockIgnoreList Operation level * Supported
DescribeBlockIgnoreRulesImportProgress DescribeBlockIgnoreRulesImportProgress Operation level * Supported
DescribeBlockStaticList Alarm center column chart Operation level * Supported
DescribeBlockTimesList Alarm Center-Blocking Line Chart Operation level * Supported
DescribeBorderACLList Operation level * Supported
DescribeBorderFwRuleHitDetail Query edge access control rule hit details Operation level * Supported
DescribeBorderRuleStatus Query Internet boundary rule quota and usage situation Operation level * Supported
DescribeBuyPageInfo Obtain firewall event vulnerability statistics Operation level * Supported
DescribeCFWEngineStatus Cloud Firewall Engine Status Full Link Interface Operation level * Supported
DescribeCFWInfo DescribeCFWInfo Operation level * Supported
DescribeCcnAssociatedInstances Query CCN associated instance information (excluding firewall traffic diversion instances) Operation level * Supported
DescribeCcnInstanceRegionStatus Describe CCN-associated instance regional firewall leadflow network deployment status Operation level * Supported
DescribeCcnSASEEdge DescribeCcnSASEEdge Operation level * Supported
DescribeCcnVpcFwPolicyLimit The number of rules is limited when querying VPC firewall access policy configurations in CCN. Operation level * Supported
DescribeCcnVpcFwSwitch Query CCN VPC firewall switch configuration Operation level * Supported
DescribeCdcIds Operation level * Supported
DescribeCfwCidr DescribeCfwCidr Operation level * Supported
DescribeCfwEips DescribeCfwEips Operation level * Supported
DescribeCfwInsStatus Operation level * Supported
DescribeCfwUpdateStatus Operation level * Supported
DescribeCfwUserStatus Query tenant cloud firewall usage Operation level * Supported
DescribeCfwVersion Query the engine mode and version number of the NAT VPC firewall. Operation level * Supported
DescribeChangeGroupRuleNotice Query whether it is necessary to display the rule changes of the security group Operation level * Supported
DescribeChangeGroupRules DescribeChangeGroupRules Operation level * Supported
DescribeChangeSecurityGroupAssociateInstances DescribeChangeSecurityGroupAssociateInstances Operation level * Supported
DescribeChangeSecurityGroupNum DescribeChangeSecurityGroupNum Operation level * Supported
DescribeChannelBindList DescribeChannelBindList Operation level * Supported
DescribeChannelBindStatus DescribeChannelBindStatus Operation level * Supported
DescribeCheckCLSStatus Check if the current user has subscribed to CLS service Operation level * Supported
DescribeChooseAsset DescribeChooseAsset Operation level * Supported
DescribeCidrRelatedInstances Operation level * Supported
DescribeClsDeliverTask DescribeClsDeliverTask Operation level * Supported
DescribeClusterVpcFwSwitchs Query the Inter-VPC firewall switch in cluster mode Operation level * Supported
DescribeConfig Operation level * Supported
DescribeCosBucketList DescribeCosBucketList Operation level * Supported
DescribeCvmMonitorData Query CVM instance monitoring data Operation level * Supported
DescribeDNSFWAssetTrendList Get DNS firewall status monitoring line chart Operation level * Supported
DescribeDNSFWStatus Get DNS Firewall Status Bar Operation level * Supported
DescribeDNSFWSwitch Get DSN firewall switch information Operation level * Supported
DescribeDNSProtectList Get DNS firewall intrusion prevention list Operation level * Supported
DescribeDbOverview Describe Database Overview Operation level * Supported
DescribeDefenseSwitch Get a list of attack and defense buttons Operation level * Supported
DescribeDnsAclRule Query the DNS access control list Operation level * Supported
DescribeDnsFwRuleHitDetail Query DNS access control rule hit details Operation level * Supported
DescribeDnsRuleStatus Query the quota and usage of DNS rules Operation level * Supported
DescribeDomainParseIpLst Query domain name ip resolution list Operation level * Supported
DescribeEdgeCFWSwitch Check whether sd-wan cloud firewall is allowed Operation level * Supported
DescribeEdgeFwFlowStat Border firewall status monitoring TAB page content Operation level * Supported
DescribeEdgeIpFlowLists Query the Internet border IP switch traffic statistics list Operation level * Supported
DescribeEdgeIpSimple Internet Boundary Firewall Switch List Operation level * Supported
DescribeEdgeRegionStat Boundary firewall regional bandwidth usage ratio data Operation level * Supported
DescribeElasticBandWidth Tenant elastic bandwidth interval query Operation level * Supported
DescribeEngineUpdateDetail DescribeEngineUpdateDetail Operation level * Supported
DescribeEnterpriseSGRuleProgress query sg dispatch progress Operation level * Supported
DescribeEnterpriseSecurityDispatchStatus Operation level * Supported
DescribeEnterpriseSecurityGroupDomainParseList DescribeEnterpriseSecurityGroupDomainParseList Operation level * Supported
DescribeEnterpriseSecurityGroupRule DescribeEnterpriseSecurityGroupRule Operation level * Supported
DescribeEnterpriseSecurityGroupRuleList query enterprise security rule list Operation level * Supported
DescribeEnterpriseSecurityNotDispatchCount Operation level * Supported
DescribeEsLog DescribeEsLog Operation level * Supported
DescribeEventNameList DescribeEventNameList Operation level * Supported
DescribeExportLogs DescribeExportLogs Operation level * Supported
DescribeFileAlertDetail Get Malicious File Alert Detail Infomation Operation level * Supported
DescribeFlowCenterAddressLists DescribeFlowCenterAddressLists Operation level * Supported
DescribeFlowCenterAssetLists DescribeFlowCenterAssetLists Operation level * Supported
DescribeFlowCenterLogsV1 Internet traffic center list query Operation level * Supported
DescribeFlowDistributeList Internet Traffic Center Traffic Map Query Operation level * Supported
DescribeFuncDynamics Dynamic query of functions Operation level * Supported
DescribeFwConfig Query firewall configuration Operation level * Supported
DescribeFwEdgeBar Internet Boundary Page Overview Data Operation level * Supported
DescribeFwEdgeIps Serial firewall switch list Operation level * Supported
DescribeFwFirstConfig First time entering the firewall page configuration Operation level * Supported
DescribeFwGroupIdNames Get the ID name list of the user\\\\\\\'s firewall (group). Operation level * Supported
DescribeFwGroupInstanceInfo Obtain All Tenant VPC Firewalls (Groups) and VPC Firewall Instance Card Information Operation level * Supported
DescribeFwProtectOverview Get an overview of firewall protection Operation level * Supported
DescribeFwSwitchOverview Query firewall switch summary Operation level * Supported
DescribeFwSyncStatus Get firewall synchronization status Operation level * Supported
DescribeGAAPNDRSwitchTaskErrorList DescribeGAAPNDRSwitchTaskErrorList Operation level * Supported
DescribeGAAPNDRSwitchTaskProgress DescribeGAAPNDRSwitchTaskProgress Operation level * Supported
DescribeGlobalSetting Operation level * Supported
DescribeGroupAddressIpList Query IP information of asset groups Operation level * Supported
DescribeGuideScanInfo Novice guide to scan interface information Operation level * Supported
DescribeGwlbVpcFwSwitch VPC Horizontal Scaling Firewall Switch List Operation level * Supported
DescribeHoneyPotAttacker Query the Aggregator List Operation level * Supported
DescribeHoneypotTrial Check the Firewall Honeypot Trial Status Operation level * Supported
DescribeIOAAccessDirectoryList Query the IOA access directory list Operation level * Supported
DescribeIOAAccountGroups Query IOA account directory list Operation level * Supported
DescribeIOALocalAccounts Query iOA account list Operation level * Supported
DescribeIPStatusList DescribeIPStatusList Operation level * Supported
DescribeImportCredential Get temporary records of imported file uploads Operation level * Supported
DescribeImportWeChatSpec DescribeImportWeChatSpec Operation level * Supported
DescribeIndex Get index configuration information Operation level * Supported
DescribeIndexs Get multiple index configuration information Operation level * Supported
DescribeInstanceTrafficStatData Obtain instance traffic statistics Operation level * Supported
DescribeInternetOutOverview Query of Outbound Overview in Traffic Center Operation level * Supported
DescribeIpStatLst Get the peak bandwidth of a single cvm of nat vpc Operation level * Supported
DescribeIpTcRule Query the flow control policy of IP Operation level * Supported
DescribeIpsModeSwitch Obtain the intrusion prevention protection mode. Operation level * Supported
DescribeIsolateList Query Isolation List Operation level * Supported
DescribeLBFailureWarning Query the relevant error information for the LB honeypot service Operation level * Supported
DescribeLogAnalysisConfigs Get collection rule configuration Operation level * Supported
DescribeLogContext Contextual search Operation level * Supported
DescribeLogHistogram Get the log quantity histogram Operation level * Supported
DescribeLogStorageSetting DescribeLogStorageSetting Operation level * Supported
DescribeLogStorageStatistic Tenant log storage statistics Operation level * Supported
DescribeLogType Get log type Operation level * Supported
DescribeLogs Log audit log query Operation level * Supported
DescribeLogsAsync Log audit log asynchronous query Operation level * Supported
DescribeLogsCountAsync Obtain the total number of log audit log asynchronous query results Operation level * Supported
DescribeLogsResultAsync Log audit log asynchronous query result list acquisition Operation level * Supported
DescribeModifyResourceUser check modify privilege Operation level * Supported
DescribeModuleConfig Operation level * Supported
DescribeNDRAnalysisStatus DescribeNDRAnalysisStatus Operation level * Supported
DescribeNDRAssetIdentificationCustomizedColumn Query the custom display fields for NDR asset identification results. Operation level * Supported
DescribeNDRAssetIdentificationExportStatus Query the export status of the NDR asset identification results list. Operation level * Supported
DescribeNDRAssetIdentificationList Query the list of NDR asset identification results. Operation level * Supported
DescribeNDRAssetList DescribeNdrAssetList Operation level * Supported
DescribeNDRAssetViewPortRiskList Obtaining the NDR port risk-asset view alarm list Operation level * Supported
DescribeNDRConfig Get traffic analysis configuration Operation level * Supported
DescribeNDRDataLeakAiAlertList Obtaining Sensitive Data Leakage - Alarm List for External AI Operation level * Supported
DescribeNDRDataLeakAiInstanceTopN Obtaining TopN Risks of NDR Sensitive Information for External AI Assets Operation level * Supported
DescribeNDRDataLeakAiLogList Obtaining Raw Log List of NDR Data Leakage for External AI Operation level * Supported
DescribeNDRDataLeakAiLogTotal Obtaining Raw Log Total of NDR Data Leakage for External AI Operation level * Supported
DescribeNDRDataLeakAiTypeStat Obtaining Sensitive Type Statistics of NDR Sensitive Information Connected to External AI Applications Operation level * Supported
DescribeNDRDataLeakAlertList Retrieve the data leak alert list for sensitive data Operation level * Supported
DescribeNDRDataLeakApiTopN Obtaining TopN Risks of NDR Sensitive Information API Operation level * Supported
DescribeNDRDataLeakApiTypeStat Obtaining NDR Sensitive Information API Sensitive Type Statistics Operation level * Supported
DescribeNDRDataLeakDataAnalysisList Obtain List of Data Dimension Analysis Results within the Sensitive Data Leakage Operation level * Supported
DescribeNDRDataLeakDataAnalysisTotal Obtain Total Count for Analysis Results of Data Dimension within the Sensitive Data Leakage Operation level * Supported
DescribeNDRDataLeakInstanceTopN Get Inbound Data Leakage Risk Assets TopN Operation level * Supported
DescribeNDRDataLeakLogList Get Data Leakage Raw Log List Operation level * Supported
DescribeNDRDataLeakLogTotal Get Data Leakage Risk Raw Log Total Count Operation level * Supported
DescribeNDRDataLeakOutAlertDetail Get NDR Outbound Sensitive Data Leakage Risk Details Operation level * Supported
DescribeNDRDataLeakOutAlertList Get NDR Outbound Sensitive Data Leakage Alert List Operation level * Supported
DescribeNDRDataLeakOutInstanceTopN Get Outbound Data Leakage Risk Assets TopN Operation level * Supported
DescribeNDRDataLeakOutTypeStat Get Outbound Data Leak Sensitive Type Statistics Operation level * Supported
DescribeNDRDataLeakRuleConfig Obtaining NDR Data Leakage Rules and Policies Configuration Operation level * Supported
DescribeNDRDataLeakSrcAnalysisList Obtain List of Source IP Dimension Analysis Results within the Sensitive Data Leakage Operation level * Supported
DescribeNDRDataLeakSrcAnalysisTotal Obtain Total Count for Source IP Dimension Analysis Results within the Sensitive Data Leakage Operation level * Supported
DescribeNDRDataLeakSubAnalysisList Obtain List of Sub Dimension Analysis Results within the Sensitive Data Leakage Operation level * Supported
DescribeNDRDataLeakSubAnalysisTotal Obtain Total Count for Analysis Results of Sub Dimension within the Sensitive Data Leakage Operation level * Supported
DescribeNDRDataMaskingStatus Query the desensitization status of NDR sensitive data Operation level * Supported
DescribeNDRExportTaskStatus Retrieve Export Task Status Operation level * Supported
DescribeNDRFile Get NDR File List Operation level * Supported
DescribeNDRFileDetectStatus Access Status of File Detection Operation level * Supported
DescribeNDRFileDownUrl Get NDR File Download URL Operation level * Supported
DescribeNDRFlowStatsData NDR Monitoring Panel - Peak and Average Bandwidth Statistics Operation level * Supported
DescribeNDRInstanceSwitchInfo Retrieve the Enabled Status of an NDR Instance Operation level * Supported
DescribeNDROverview Traffic Analysis Overview Operation level * Supported
DescribeNDRPacketExportStatus Get NDR Alert PCAP Export Task Status Operation level * Supported
DescribeNDRPolicyRuleList Describe NDR Policy Rule List Operation level * Supported
DescribeNDRPortRiskExportStatus Get the NDR port risk alarm export status Operation level * Supported
DescribeNDRPortViewPortRiskList Get eth NDR port risk, port view alarm list Operation level * Supported
DescribeNDRRiskDetectStatus Obtaining NDR Risk Detection Status Operation level * Supported
DescribeNDRRiskOverview Query NDR Risk Overview Data Operation level * Supported
DescribeNDRRiskTrend Query NDR Risk Trend Data Operation level * Supported
DescribeNDRSensitiveType Query NDR Sensitive Data Types Operation level * Supported
DescribeNDRSwitchErr Describe NDR Switch Error Operation level * Supported
DescribeNDRSwitchPreCheck Query Statistics of NDR Switch Pre-check Results Operation level * Supported
DescribeNDRSwitchPreCondition Refresh the NDR switch status check Operation level * Supported
DescribeNDRSwitchTaskList query ndr switch task list Operation level * Supported
DescribeNDRTkeClusters Get the TKE cluster list in NDR Operation level * Supported
DescribeNDRTkeNodes Get the TKE host node list in NDR Operation level * Supported
DescribeNDRTkePods Get the TKE Pod List in NDR Operation level * Supported
DescribeNDRWeakPwdAlertList Retrieve the weak password alert list Operation level * Supported
DescribeNDRWeakPwdLogList Retrieve the raw log list of weak password alerts Operation level * Supported
DescribeNDRWeakPwdLogTotal Retrieve the total count of raw logs for weak password alerts Operation level * Supported
DescribeNDRWeakPwdSettings Retrieve weak password detection configuration Operation level * Supported
DescribeNatAcRule Operation level * Supported
DescribeNatConnectionsTrends NAT Firewall monitoring panel-connection statistics Operation level * Supported
DescribeNatExistRegions DescribeNatExistRegions Operation level * Supported
DescribeNatFwInfoCount Get the number of all subnets and the number of natfw instances that the current user has access to the nat firewall. Operation level * Supported
DescribeNatFwInstance Operation level * Supported
DescribeNatFwInstanceWithRegion Query Tenant Maintainable NAT Instances Operation level * Supported
DescribeNatFwInstancesInfo Operation level * Supported
DescribeNatFwRouteBackupLst Query the details of the NAT firewall backup route Operation level * Supported
DescribeNatFwRuleHitDetail Query the hit details of NAT access control rules Operation level * Supported
DescribeNatFwSwitch Query NAT firewall switch list response Operation level * Supported
DescribeNatFwVpcDnsLst Display the VPC DNS switch corresponding to the current NATFW instance. Operation level * Supported
DescribeNatGwJoinFwStatus Query whether natgw is connected to the firewall Operation level * Supported
DescribeNatIpConnections NAT firewall monitoring panel-IP perspective connection number statistics Operation level * Supported
DescribeNatNewFlowStatsData NAT Monitoring Panel-Peak Average Bandwidth Statistics Operation level * Supported
DescribeNatRuleScopes Query the list of selectable effective scopes for Nat rules. Operation level * Supported
DescribeNatRuleStatus Query NAT rule quota and usage situation Operation level * Supported
DescribeNatSessionConnections NAT firewall monitoring panel-session perspective connection number statistics Operation level * Supported
DescribeNatSubnetStatLst NAT firewall subnet traffic statistics display Operation level * Supported
DescribeNdrClusterSwitchPreCheck Query Pre-check Results of TKE NDR Switch Operation level * Supported
DescribeNdrCustomFieldConfigs DescribeNdrCustomFieldConfigs Operation level * Supported
DescribeNdrEdgeIpList DescribeNdrEdgeIpList Operation level * Supported
DescribeNetFlowDomainInfo Query the active external domain name list Operation level * Supported
DescribeNetFlowDomainTop Obtain the Top 5 active external domain name traffic Operation level * Supported
DescribeNetflowBorderUsed Internet border usage excess alarm Operation level * Supported
DescribeNetflowCenterTrends Traffic center traffic line chart query Operation level * Supported
DescribeNewAuthInfo Operation level * Supported
DescribeNewNatCheckInfo DescribeNewNatCheckInfo Operation level * Supported
DescribeNoInsOfSecurityGroup Operation level * Supported
DescribeNodeEdge Firewall Switch - VPC Boundary Firewall - Virtual Private Cloud VPC Topology Diagram Operation level * Supported
DescribeNtaFile nta file list Operation level * Supported
DescribeNtaFileDownUrl Query NTA file download link Operation level * Supported
DescribeOfflineExportTask DescribeOfflineExportTask Operation level * Supported
DescribeOfflineExportTemporaryCredentials DescribeOfflineExportTemporaryCredentials Operation level * Supported
DescribeOperateLogSelect Obtain operation log filter box data Operation level * Supported
DescribeOrderDetailList Get order details Operation level * Supported
DescribeOrderList Billing resource ID list Operation level * Supported
DescribeOrganAcl Organization permissions data Operation level * Supported
DescribeOverviewFlowStat Internet Boundary Traffic Bandwidth Statistics Overview Operation level * Supported
DescribePacketDropAction Query Firewall Packet Drop Action Setting Operation level * Supported
DescribePresetQuestions DescribePresetQuestions Operation level * Supported
DescribeProbeHistory DescribeProbeHistory Operation level * Supported
DescribeProbeList Query the list of exposed probes Operation level * Supported
DescribeProbeTaskDetail DescribeProbeTaskDetail Operation level * Supported
DescribeProtectModeCount Get protection mode statistics. Operation level * Supported
DescribeProtectObjectInfo Query Firewall Protection Instance Object Information Operation level * Supported
DescribeQueryNotEmptyRuleListInfo Operation level * Supported
DescribeRainbowConfigs Describe Rainbow Configs Operation level * Supported
DescribeRemoteAccessIp DescribeRemoteAccessIp Operation level * Supported
DescribeReplayUrl DescribeReplayUrl Operation level * Supported
DescribeReportDetail DescribeReportDetail Operation level * Supported
DescribeReports DescribeReports Operation level * Supported
DescribeResourceGroup Asset Center Asset Tree Information Query Operation level * Supported
DescribeResourceGroupNew Operation level * Supported
DescribeRiskAssets DescribeRiskAssets Operation level * Supported
DescribeRuleOverview describe rule overview Operation level * Supported
DescribeSGRuleProgress query sg dispatch progress Operation level * Supported
DescribeSecurityGroupAssociateInstances Operation level * Supported
DescribeSecurityGroupList DescribeSecurityGroupList Operation level * Supported
DescribeSecurityGroupPolicies Describe Security Group Policies Operation level * Supported
DescribeSecurityGroupRuleStatus Query enterprise security group rule quota and usage situation Operation level * Supported
DescribeSecurityGroupVersionInfo Security group rule change version information Operation level * Supported
DescribeSecurityGroups Describe Security Groups Operation level * Supported
DescribeSelectAssetGroup Asset information query under asset group Operation level * Supported
DescribeSelectedAssetsByUserId Query the detailed list of allocation permissions Operation level * Supported
DescribeSerialRegion DescribeSerialRegion Operation level * Supported
DescribeSessionMessageContent DescribeSessionMessageContent Operation level * Supported
DescribeSessionMessages DescribeSessionMessages Operation level * Supported
DescribeSessions DescribeSessions Operation level * Supported
DescribeShowBakRuleList Operation level * Supported
DescribeSourceAsset Query all asset information of an asset group Operation level * Supported
DescribeStrictModeConfig DescribeStrictModeConfig Operation level * Supported
DescribeSwitchError Error message on the Internet border firewall switch banner Operation level * Supported
DescribeSwitchLists DescribeSwitchLists Operation level * Supported
DescribeSwitchStatus DescribeSwitchStatus Operation level * Supported
DescribeSyncIOAUserAccessStatus Get synchronization iOA user synchronization status Operation level * Supported
DescribeSyncWeChatWorkAccessStatus Get the synchronization status of enterprise WeChat Operation level * Supported
DescribeTLogInfo Describe TLog Info Operation level * Supported
DescribeTLogIpList Describe TLog IpList Operation level * Supported
DescribeTableStatus DescribeTableStatus Operation level * Supported
DescribeTagIpList Operation level * Supported
DescribeTaskStatus DescribeTaskStatus Operation level * Supported
DescribeTemplates Get template list Operation level * Supported
DescribeTiCenterList DescribeTiCenterList Operation level * Supported
DescribeTiContent DescribeTiContent Operation level * Supported
DescribeTkeNDRAssetList Query Results: TKE Cluster Traffic Analysis Asset List Operation level * Supported
DescribeTkeNDRNodeInsList Query the details of NDR container cluster node instances Operation level * Supported
DescribeTokenQuota DescribeTokenQuota Operation level * Supported
DescribeTopics Get a list of log topics Operation level * Supported
DescribeTrialModuleConfig Query resource configuration module Operation level * Supported
DescribeUnHandleEventTabList DescribeUnHandleEventTabList Operation level * Supported
DescribeUserConfig Get user configuration Operation level * Supported
DescribeUserListByAssetId Query asset permission overview Operation level * Supported
DescribeVisitTimesAndFlowAssetMaxTop DescribeVisitTimesAndFlowAssetMaxTop Operation level * Supported
DescribeVpcAcRule Operation level * Supported
DescribeVpcAclEdgeRange Operation level * Supported
DescribeVpcConnectionsTrends Inter-VPC firewall monitoring panel-connection statistics Operation level * Supported
DescribeVpcDetail Operation level * Supported
DescribeVpcEdgeList Operation level * Supported
DescribeVpcEdgeStatus DescribeVpcEdgeStatus Operation level * Supported
DescribeVpcFlowCenterLogsV1 Vpc traffic center list query Operation level * Supported
DescribeVpcFwCcnPolicyWhiteList VPC Firewall CCN Policy Routing Whitelist Operation level * Supported
DescribeVpcFwCrossStatus Get the status of VPC firewall across tenant edge or vpc Operation level * Supported
DescribeVpcFwGroupFlowStat VPC firewall status monitoring TAB page content Operation level * Supported
DescribeVpcFwGroupIns Query the firewall (group) ID name and the corresponding relationship under the instance. Operation level * Supported
DescribeVpcFwGroupSwitch VPC Firewall (Group) Switch List Operation level * Supported
DescribeVpcFwIpStat Query traffic statistics at a single IP granularity under the VPC firewall Operation level * Supported
DescribeVpcFwJoinInstances DescribeVpcFwJoinInstances Operation level * Supported
DescribeVpcFwRuleHitDetail Query the hit details of access control rules between intranets Operation level * Supported
DescribeVpcFwViewStat DescribeVpcFwViewStat Operation level * Supported
DescribeVpcFwVpcStat Query traffic statistics at vpc granularity under the VPC firewall Operation level * Supported
DescribeVpcInstance Obtain the list of all VPC firewall instances of the tenant. Operation level * Supported
DescribeVpcIpConnections Inter-VPC firewall monitoring panel-IP perspective connection number statistics Operation level * Supported
DescribeVpcLogEdge Operation level * Supported
DescribeVpcLogStatus Operation level * Supported
DescribeVpcRuleStatus Query the quota and usage situation of intra-network rules Operation level * Supported
DescribeVpcSessionConnections Inter-VPC firewall monitoring panel - connection statistics from session perspective Operation level * Supported
DescribeWeChatWorkUserList Query the list of enterprise WeChat access personnel Operation level * Supported
DescribeWeComBindLink DescribeWeComBindLink Operation level * Supported
DescribeWeComInstallLink DescribeWeComInstallLink Operation level * Supported
DescribeWeComStatus Operation level * Supported
DescribeWebAssetFilterList DescribeWebAssetFilterList Operation level * Supported
DescribeWebCosUrl Operation level * Supported
DescribeWebServiceStat DescribeWebServiceStat Operation level * Supported
DescribeWebServiceVisitLogDomainEnum DescribeWebServiceVisitLogDomainEnum Operation level * Supported
DescribeWebServices Asset Center web service query list Operation level * Supported
DescribeWhiteRule DescribeWhiteRule Operation level * Supported
DescribeYwUserList Operation and maintenance user list Operation level * Supported
DescribeZeroTrustAccessList Query the list of zero trust remote operation and maintenance identity access cards Operation level * Supported
DescribeZeroTrustAccessOverview DescribeZeroTrustAccessOverview Operation level * Supported
DescribeZeroTrustAccessSpecifications DescribeZeroTrustAccessSpecifications Operation level * Supported
DescribeZeroTrustAllAccessLog zero trust asset access log Operation level * Supported
DescribeZeroTrustAssetOverView Zero Trust Assets Overview Operation level * Supported
DescribeZeroTrustAuthorityOverview Query Zero Trust Permissions Overview Operation level * Supported
DescribeZeroTrustBlockPreview Query Zero Trust Ban Preview Operation level * Supported
DescribeZeroTrustBlockStatus Query zero trust unauthorized access ban status Operation level * Supported
DescribeZeroTrustCommandRule Query the list of zero trust remote operation and maintenance command control rules Operation level * Supported
DescribeZeroTrustCommandRuleHitDetail Query zero trust remote operation and maintenance command control rule hit details Operation level * Supported
DescribeZeroTrustConfig Query zero trust remote operation and maintenance configuration Operation level * Supported
DescribeZeroTrustDb zero trust database asset list Operation level * Supported
DescribeZeroTrustDomainInfo DescribeZeroTrustDomainInfo Operation level * Supported
DescribeZeroTrustDomainList DescribeZeroTrustDomainList Operation level * Supported
DescribeZeroTrustError Query Zero Trust Remote Operation and Maintenance Error Banner Operation level * Supported
DescribeZeroTrustRegionItem DescribeZeroTrustRegionItem Operation level * Supported
DescribeZeroTrustVpcList Zero trust asset access VPC list Operation level * Supported
ExportAclRules Export ACL rule file Operation level * Supported
ExportAlertCenterList Export alarm list from alarm center Operation level * Supported
ExportAsset Asset center asset data export file Operation level * Supported
ExportLogsOffline Log audit log offline export Operation level * Supported
ExportNDRAssetIdentificationList Export the list of NDR asset identification results. Operation level * Supported
ExportNDRDataLeakAiAlertList Exporting Risk Alarm List of API Sensitive Data Transmission for External AI Operation level * Supported
ExportNDRDataLeakAlertList Export API Sensitive Data Transfer Risk Alert List Operation level * Supported
ExportNDRDataLeakOutAlertList Export Outbound Sensitive Data Leakage Risk List Operation level * Supported
ExportNDRFileReport Export analysis report about alerted malicious files Operation level * Supported
ExportNDRPacket Export Pcap About NDR Alert Operation level * Supported
ExportNDRPortRiskList Exporting the NDR port risk alarm list Operation level * Supported
ExportNDRWeakPwdAlertList Export NDR Weak Password Risk Alert List Operation level * Supported
ExportWhiteRule Whitelist policy export interface - New Operation level * Supported
ExportZeroTrustDb export zero trust databases asset Operation level * Supported
GetAlarmLog Query alarm trigger details Operation level * Supported
GetIocAnalysis GetIocAnalysis Operation level * Supported
GetIocSummary GetIocSummary Operation level * Supported
ModifyNDRFileDetectStatus Modify Status of NDR File Detection Operation level * Supported
ModifyNdrEdgeIpSwitchPreCheck Query Statistics of Pre-check Results for NDR Public Network Traffic Switch Operation level * Supported
ModifyZeroTrustWebServiceAccess modify zero trust web service access Operation level * Supported
OpenZeroTrustWebServiceAccess open zero trust web service access Operation level * Supported
QueryUpdateResourceTaskStatus Query the status of asset synchronization tasks Operation level * Supported
QueryVpcFwSupportSwitchMode Query the switch modes supported by the firewall between VPCs Operation level * Supported
RemoveNatFwTcRule Deleting a traffic control policy Operation level * Supported
ResetAclRuleHitTimes Reset hit count for internet rules Operation level * Supported
ResumeTaskStream ResumeTaskStream Operation level * Supported
SearchLog Retrieve analysis logs Operation level * Supported

Other Operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
DeleteBillingResource Billing active destruction Operation level * Supported
ModifyLoginTime Update login time Operation level * Supported
ModifyPolicyAuthority Report Policy Permissions Operation level * Supported
ModifyUserAuthCheckStatus Asset Sync Authorization Status Change Operation level * Supported
SyncFwOperate Synchronize firewall operations Operation level * Supported

List Operations

API API Description Authorization Granularity Six-segment Resource Description IP Restriction
DescribeAcLists Query Access Control List Operation level * Supported
DescribeAclRule Query the Internet Access Control List Operation level * Supported
DescribeAddrTmplSelectList rule select address Template liet Operation level * Supported
DescribeBaradStatus DescribeBaradStatus Operation level * Supported
DescribeDefenseError DescribeDefenseError Operation level * Supported
DescribeDnsResolveIp DescribeDnsResolveIp Operation level * Supported
DescribeEmptySGSetInstanceListForIPV6 query empty sg set instance list Operation level * Supported
DescribeEnterpriseSGRuleListForIPV6 query ipv6 sg rule list Operation level * Supported
DescribeFwEngineZoneList DescribeFwEngineZoneList Operation level * Supported
DescribeNDRPolicyList Describe NDR Policy List Operation level * Supported
DescribeNatFwDnatRule DescribeNatFwDnatRule Operation level * Supported
DescribePresetAddrTmplList query preset address template list Operation level * Supported
DescribeRemoteInstances Query the list of zero-trust remote operation and maintenance instances Operation level * Supported
DescribeSGRuleAssociateInstanceListForIPV6 query rule associate asset for ipv6 Operation level * Supported
DescribeSetNatProbeEipTaskStatus DescribeSetNatProbeEipTaskStatus Operation level * Supported
DescribeUserBandwidthUsage DescribeUserBandwidthUsage Operation level * Supported
DescribeZeroTrustRule DescribeZeroTrustRule Operation level * Supported
DescribeZeroTrustRuleHitDetail DescribeZeroTrustRuleHitDetail Operation level * Supported
ExportNatFwDnatRule ExportNatFwDnatRule Operation level * Supported
이전 주제: Global Application Acceleration Platform다음 주제: Tencent Cloud EdgeOne

도움말 및 지원

문제 해결에 도움이 되었나요?

피드백