检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
The following example grants some CFW, NAT, and ECS permissions: 1 { "Version": "5.0", "Statement": [ { "Effect": "Allow", "Action": [ "cfw:eip:count", "cfw:eip:list" ] }, { "Effect
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A type Yes String Definition Log type.
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A direction No String Definition Session direction.
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A direction No String Definition Session direction.
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A start_time No Long Definition Start time. Constraints N/A Range Milliseconds-level timestamp. Default Value N/A end_time No Long Definition End time.
Request Parameters Table 3 Request body parameters Parameter Mandatory Type Description effect_scope No Array of integers Effective scope: 1 (the effective scope for deletion is EIP), 2 (the effective scope for deletion is NAT), 1,2 (the effective scope for deletion is EIP and NAT
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A direction No String Definition Session direction.
For details about how to enable traffic protection for private IP addresses, see Enabling NAT Gateway Traffic Protection.
The VPC has ELB, NAT Gateway, VPCEP, or DCS deployed. For details about how to configure routes in the preceding scenario, see Why Traffic Can't Be Forwarded from a VPC with a Route Destination of 0.0.0.0/0 to Its Enterprise Router?
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A direction No String Definition Session direction.
The professional edition supports NAT rules. protected_resource_nat_id String ID of the NAT gateway to be protected. The professional edition supports NAT rules. protected_resource_project_id String Tenant ID of a protected resource.
The Elastic Cloud Servers (ECSs), NAT gateways, Elastic Load Balance (ELB), or other resources that are bound to EIPs can be protected.
For details, see Configuring Protection Rules to Block or Allow NAT Gateway Border Traffic. For details about how to batch add protection policies, see Importing and Exporting Protection Policies.
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A item Yes String Definition Aggregation type.
For details about how to allow cloud resources to access specified domain names through the NAT gateway, see Configuring a Protection Rule to Protect SNAT Traffic.
Constraints N/A Range internet (north-south logs), nat (NAT logs), vpc (east-west logs), or vgw (VGW logs) Default Value N/A start_time No Long Definition Start time. Constraints N/A Range Milliseconds-level timestamp. Default Value N/A end_time No Long Definition End time.
For details about how to enable NAT gateway traffic protection, see Enabling NAT Gateway Traffic Protection. Parent Topic: System Management
Range N/A nat Integer Definition NAT access control policy. Range N/A total Integer Definition Total number. Range N/A Table 14 AttackEvent Parameter Type Description changed Integer Definition Number of changes. Range N/A deny Integer Definition Number of blocked objects.
) bound to the EIP. device_name String Name of the device (such as ECS and NAT) bound to the EIP device_owner String Owner of the device (such as ECS and NAT) bound to the EIP. associate_instance_type String Type of the associated instance: NATGW, ELB, or PORT. fw_instance_name String
For a professional edition firewall, one or more EIP, NAT, or EIP and NAT records may be displayed, depending on the imported records. Calling Method For details, see Calling APIs.
