tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Cloud Access Management
    Documentation
    Download PDF

    Tencent Cloud Firewall

    Last updated: 2024-11-20 09:29:36
    Download PDF

      Fundamental information

      Product Abbreviation in CAM Console Authorization by Tag Authorization Granularity IP Restriction
      Cloud Firewall cfw Supported not supported Operation level Supported

      Note:

      The authorization granularity of cloud products is divided into three levels: service level, operation level, and resource level, based on the degree of granularity.

      • Service level: It defines whether a user has the permission to access the service as a whole. A user can have either full access or no access to the service. For the authorization granularity of cloud products at service level, the authorization of specific APIs are not supported.
      • Operation level: It defines whether a user has the permission to call a specific API of the service. For example, granting an account read-only access to the CVM service is an authorization at the operation level.
      • Resource level: It is the finest authorization granularity which defines whether a user has the permission to access specific resources. For example, granting an account read/write access to a specific CVM instance is an authorization at the resource level.

      API authorization granularity

      Two authorization granularity levels of API are supported: resource level, and operation level.

      • Resource level: It supports the authorization of a specific resource.
      • Operation level: It does not support the authorization of a specific resource. If the policy syntax restricts a specific resource during authorization, CAM will determine that this API is not within the scope of authorization, and deem it as unauthorized.

      Write operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      AddAcRule Add Internet Boundary Rules(Old API will be decommissioned soon) Operation level * Supported
      AddAclRule Add Internet Access Control Rules Operation level * Supported
      AddDnsAclRule Add Dns access control rules Operation level * Supported
      AddEnterpriseSecurityGroupRules Create New Enterprise Security Group Rules Operation level * Supported
      AddNatAcRule Operation level * Supported
      AddVpcAcRule Operation level * Supported
      AddVpcFwTcRule Add inter-VPC firewall traffic control policy Operation level * Supported
      AddZeroTrustWebService Add zero trust web service Operation level * Supported
      CreateAcRules Create ACL Rules Operation level * Supported
      CreateAddressTemplate Create address template Operation level * Supported
      CreateAlertCenterRule Alarm Center-Block, Release and Disposal Interface Operation level * Supported
      CreateAsyncTask CreateAsyncTask Operation level * Supported
      CreateBakRuleList Operation level * Supported
      CreateBlockIgnoreRuleList Add block list and ignore list rules in batches Operation level * Supported
      CreateBlockIgnoreRuleNew Add intrusion prevention block list and allow list rules in batches (new) Operation level * Supported
      CreateClsDeliverTask CreateClsDeliverTask Operation level * Supported
      CreateDatabaseWhiteListRules CreateDatabaseWhiteListRules Operation level * Supported
      CreateIOAAccessGroup Override Edit IOA User Group Access Operation level * Supported
      CreateIdsWhiteRule Create an intrusion prevention rule whitelist interface Operation level * Supported
      CreateNatFwInstance Create a NAT firewall instance (Region parameter is required). Operation level * Supported
      CreateNatFwInstanceWithDomain Create NAT firewall instance and connect a domain name (The Region parameter is required) Operation level * Supported
      CreateProbeTask create probe task Operation level * Supported
      CreateRemoteMtInstance Create a zero-trust remote operation and maintenance instance Operation level * Supported
      CreateSecurityGroupRules Operation level * Supported
      CreateVpcFwGroup Create an Inter-VPC Firewall (Firewall Group) Operation level * Supported
      CreateZeroTrustAclMulti Adding Zero Trust Remote Operation and Maintenance Rules in Batch - Identity Perspective Operation level * Supported
      CreateZeroTrustCommandRule Add zero trust remote operation and maintenance command control rules in batches Operation level * Supported
      CreateZeroTrustDomain CreateZeroTrustDomain Operation level * Supported
      CreateZeroTrustTrial Apply for Zero Trust Remote Operation and Maintenance Trial Operation level * Supported
      DeleteAcRule Delete ACL Rule Operation level * Supported
      DeleteAddressTemplate Delete address template rules Operation level * Supported
      DeleteAllAccessControlRule DeleteAllAccessControlRule Operation level * Supported
      DeleteBlockIgnoreRuleAll Delete all black and white lists (support filtering) Operation level * Supported
      DeleteBlockIgnoreRuleList Delete intrusion prevention ban list and allow list rules in batches Operation level * Supported
      DeleteBlockIgnoreRuleNew Deleting Intrusion Prevention Block List and Allow List Rules in Batch (New) Operation level * Supported
      DeleteClsDeliverTask DeleteClsDeliverTask Operation level * Supported
      DeleteIOAAccessGroup Delete iOA user group access Operation level * Supported
      DeleteIdsWhiteRule Deleting the intrusion prevention rule whitelist interface Operation level * Supported
      DeleteNatFwInstance Delete Nat Firewall Instance Operation level * Supported
      DeleteRemoteAccessDomain DeleteRemoteAccessDomain Operation level * Supported
      DeleteRemoteMtInstance Delete a zero-trust remote operation and maintenance instance Operation level * Supported
      DeleteResourceGroup delete cfw resource group Operation level * Supported
      DeleteSecurityGroupRule Operation level * Supported
      DeleteVpcFwGroup DeleteVpcFwGroup Operation level * Supported
      DeleteZeroTrustAuthUserInfoById Batch deletion of zero trust operation and maintenance users Operation level * Supported
      DeleteZeroTrustCommandRule Delete zero trust remote operation and maintenance command control rules Operation level * Supported
      DeleteZeroTrustDomain DeleteZeroTrustDomain Operation level * Supported
      DeleteZeroTrustWebService delete zero trust web service Operation level * Supported
      DeleteZeroTrustWebServiceAccess delete zero trust web service access info Operation level * Supported
      ExpandCfwVertical ExpandCfwVertical Operation level * Supported
      IgnoreZeroTrustError Ignore Zero Trust Remote Operations error banner Operation level * Supported
      ImportCFWFile Import common methods Operation level * Supported
      ModifyAcRule Modify ACL Rule Operation level * Supported
      ModifyAclApiDispatch ACL write interface request transfer Operation level * Supported
      ModifyAclRule Modify Internet Border Access Control Rules Operation level * Supported
      ModifyActionShowStatus ModifyActionShowStatus Operation level * Supported
      ModifyAddressTemplate Modify address template Operation level * Supported
      ModifyAllPublicIPSwitchStatus ModifyAllPublicIPSwitchStatus Operation level * Supported
      ModifyAllRuleStatus ModifyAllRuleStatus Operation level * Supported
      ModifyAssetScan ModifyAssetScan Operation level * Supported
      ModifyAssetSync Asset Synchronization Operation level * Supported
      ModifyBlockIgnoreList Batch operation interface for ban list and release list Operation level * Supported
      ModifyBlockIgnoreRule Edit individual intrusion prevention ban list and allow list rules Operation level * Supported
      ModifyBlockIgnoreRuleNew Edit individual intrusion prevention block list and pass list rules (new) Operation level * Supported
      ModifyBlockTop ModifyBlockTop Operation level * Supported
      ModifyClsDeliverSwitch ModifyClsDeliverSwitch Operation level * Supported
      ModifyClsDeliverTask ModifyClsDeliverTask Operation level * Supported
      ModifyCommonStatus Universal asynchronous table modification interface Operation level * Supported
      ModifyDNSFWSwitchAll Enable all DNS firewall switches (support filtering) Operation level * Supported
      ModifyDnsAclRule Modify DNS access control rules Operation level * Supported
      ModifyDnsAclRuleSwitch Enable or disable DNS rule switches in batches Operation level * Supported
      ModifyDnsAclRuleSwitchAll Edit all DNS ACL rules (support filtering) Operation level * Supported
      ModifyEWRuleStatus Operation level * Supported
      ModifyEdgeIpSwitch Change boundary firewall switch (bypass, serial) Operation level * Supported
      ModifyEdgeIpSwitchAll Edit serial firewall switches (all on, all off) Operation level * Supported
      ModifyEdgeIpSwitchWeight Edit Internet border ip switch weights Operation level * Supported
      ModifyEdgeName Modify the name of the VPC firewall edge. Operation level * Supported
      ModifyEnterpriseSecurityDispatchStatus Operation level * Supported
      ModifyEnterpriseSecurityGroupRule Operation level * Supported
      ModifyEnterpriseSecurityGroupRuleLst Operation level * Supported
      ModifyEnterpriseSecurityGroupSequenceRules Operation level * Supported
      ModifyFwConfig Edit firewall configuration Operation level * Supported
      ModifyFwGroupSwitch Modify firewall (group) switch (supporting single-point mode, multi-point mode, and full interconnection mode) Operation level * Supported
      ModifyFwGroupSwitchAll Modify VPC firewall all switches Operation level * Supported
      ModifyIgnoreAsyncTaskErr Ignore exception task information Operation level * Supported
      ModifyNatAcRule Operation level * Supported
      ModifyNatAcRuleSwitchAll Modify all NAT rule switches (support filtering) Operation level * Supported
      ModifyNatAclRuleSwitch Enable or disable NAT rule switch Operation level * Supported
      ModifyNatFwConfig Set up NAT firewall configuration Operation level * Supported
      ModifyNatFwReSelect Reselect VPC or NAT for the NAT firewall instance. Operation level * Supported
      ModifyNatFwSwitch Modify NAT firewall switch Operation level * Supported
      ModifyNatFwSwitchAll Modify all switches of NAT firewall (support filtering) Operation level * Supported
      ModifyNatFwVpcDnsSwitch NAT Firewall VPC DNS Switch Toggle Operation level * Supported
      ModifyNatInstance ModifyNatInstance Operation level * Supported
      ModifyNatSequenceRules Operation level * Supported
      ModifyNetflowRuleStatus Operation level * Supported
      ModifyNetflowRuleStatusAll Modify all internet boundary access control lists (support conditional filtering) Operation level * Supported
      ModifyNoticeCommonNew General settings status modification (new) Operation level * Supported
      ModifyProbeTask modify probe task Operation level * Supported
      ModifyRemoteMtInstance Edit a zero-trust remote operation and maintenance instance Operation level * Supported
      ModifyResourceGroup ModifyResourceGroup Operation level * Supported
      ModifySecurityGroupItemRuleStatus Enable and disable individual enterprise security group rules Operation level * Supported
      ModifySecurityGroupRule Operation level * Supported
      ModifySecurityGroupRuleAll Edit all enterprise security group rules (support filtering) Operation level * Supported
      ModifySecurityGroupSequenceRules Operation level * Supported
      ModifySecurityGroupTableStatus Modify Security Group List Status Operation level * Supported
      ModifySequenceAclRules Internet Rules Quick Sort Operation level * Supported
      ModifySequenceRules modify rule sequence Operation level * Supported
      ModifySerialRegion Edit Serial Firewall Regional Bandwidth Allocation Operation level * Supported
      ModifyStorageSetting Log storage settings Operation level * Supported
      ModifySwitchStatus ModifySwitchStatus Operation level * Supported
      ModifyTableStatus ModifyTableStatus Operation level * Supported
      ModifyVpcAcRule Operation level * Supported
      ModifyVpcAcRuleAll Edit all internal network access control lists (support filtering) Operation level * Supported
      ModifyVpcAcRuleSwitch Operation level * Supported
      ModifyVpcCfwWidth Vertical expansion of firewall between vpc Operation level * Supported
      ModifyVpcFwConfig Set up inter-VPC firewall configuration Operation level * Supported
      ModifyVpcFwGroup Edit the inter-VPC firewall (firewall group) Operation level * Supported
      ModifyVpcFwSequenceRules Operation level * Supported
      ModifyZeroTrustAssetAcl Edit Zero Trust Remote Operation and Maintenance Asset Permission Details Operation level * Supported
      ModifyZeroTrustAuthUserInfoById Mass Modification of Zero Trust Operational Users Operation level * Supported
      ModifyZeroTrustBlockStatus Zero Trust Unauthorized Block Button Operation level * Supported
      ModifyZeroTrustCommandRule Modify zero trust remote operation and maintenance command control rules Operation level * Supported
      ModifyZeroTrustCommandRuleSwitch Batch modification of zero trust remote operation and maintenance command control rule switches Operation level * Supported
      ModifyZeroTrustCommandRuleSwitchAll Modify all zero trust remote operation and maintenance command control rules (supports filtering) Operation level * Supported
      ModifyZeroTrustDomain ModifyZeroTrustDomain Operation level * Supported
      ModifyZeroTrustEip Edit Zero Trust Regional Public IP Operation level * Supported
      ModifyZeroTrustInstancePort Edit Zero Trust Remote Operation and Maintenance Server Instance Port Operation level * Supported
      ModifyZeroTrustRegionSwitch Modify Zero Trust Operation and Maintenance Region Switch Operation level * Supported
      ModifyZeroTrustRule ModifyZeroTrustRule Operation level * Supported
      ModifyZeroTrustRuleSwitch Modify IOA permission rule switches in batches Operation level * Supported
      ModifyZeroTrustRuleSwitchAll Modify all zero-trust permission rules (support filtering) Operation level * Supported
      ModifyZeroTrustUserAcl Edit Zero Trust Remote Operation and Maintenance User Permissions Details Operation level * Supported
      ModifyZeroTrustVpcSwitch Modify Zero Trust VPC Switch Operation level * Supported
      ModifyZeroTrustVpcSwitchAll Batch Modify Zero Trust VPC Switches Operation level * Supported
      ModifyZeroTrustWebService modify zero web service base info Operation level * Supported
      ProbeQuickly probe quickly Operation level * Supported
      RemoveAcRule RemoveAcRule Operation level * Supported
      RemoveAclRule Delete Internet Access Control Rules Operation level * Supported
      RemoveDnsAclRule Delete Dns Access Control Rules Operation level * Supported
      RemoveEnterpriseSecurityGroupRule Operation level * Supported
      RemoveEnterpriseSecurityGroupRuleLst Operation level * Supported
      RemoveNatAcRule Operation level * Supported
      RemoveVpcAcRule Operation level * Supported
      ResetDnsRuleHitTimes Reset hit count for DNS firewall rules Operation level * Supported
      ResetNatRuleHitTimes Operation level * Supported
      ResetVpcRuleHitTimes Operation level * Supported
      SaveAutoBackUpSetting Operation level * Supported
      SetNatFwDnatRule SetNatFwDnatRule Operation level * Supported
      SetNatFwEip Set up an EIP address for the NAT firewall instance Operation level * Supported
      StopSecurityGroupRuleDispatch Operation level * Supported
      SyncIOAUserAccess Synchronize iOA user access data Operation level * Supported
      SyncWeChatWorkAccess Synchronize enterprise WeChat access data Operation level * Supported

      Read operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      CreateChooseVpcs CreateChooseVpcs Operation level * Supported
      CreateZeroTrustRule CreateZeroTrustRule Operation level * Supported
      DeleteZeroTrustRule DeleteZeroTrustRule Operation level * Supported
      DescribeAccessDomainInfoList Operation level * Supported
      DescribeAclApiDispatch Operation level * Supported
      DescribeAclRuleExportStatus Query the export status of Acl rules Operation level * Supported
      DescribeAclTag Access control tag query Operation level * Supported
      DescribeAddressTemplateList Query address template list Operation level * Supported
      DescribeAllRegionList Query region configuration information Operation level * Supported
      DescribeAllZoneList Availability zone information Operation level * Supported
      DescribeApiDispatch DescribeApiDispatch Operation level * Supported
      DescribeAreaStatus DescribeAreaStatus Operation level * Supported
      DescribeAssetOverviewNew DescribeAssetOverviewNew Operation level * Supported
      DescribeAssetScanStatus DescribeAssetScanStatus Operation level * Supported
      DescribeAssetSync Asset synchronization status query Operation level * Supported
      DescribeAssociatedInstanceList Operation level * Supported
      DescribeAsyncTask Query asynchronous task information Operation level * Supported
      DescribeAsyncTaskErr Asynchronous task exception information Operation level * Supported
      DescribeAutoBackUpSettingList Operation level * Supported
      DescribeBandWidthBanner Bandwidth Exceeded Banner Operation level * Supported
      DescribeBillingInfo Query billing information Operation level * Supported
      DescribeBlackWhiteQuota Operation level * Supported
      DescribeBlockByIpTimesList DescribeBlockByIpTimesList Operation level * Supported
      DescribeBlockIgnoreList Operation level * Supported
      DescribeBlockStaticList Alarm center column chart Operation level * Supported
      DescribeBlockTimesList Alarm Center-Blocking Line Chart Operation level * Supported
      DescribeBorderACLList Operation level * Supported
      DescribeBorderFwRuleHitDetail Query edge access control rule hit details Operation level * Supported
      DescribeBorderRuleStatus Query Internet boundary rule quota and usage situation Operation level * Supported
      DescribeCdcIds Operation level * Supported
      DescribeCfwEips DescribeCfwEips Operation level * Supported
      DescribeCfwInsStatus Operation level * Supported
      DescribeCfwUpdateStatus Operation level * Supported
      DescribeCfwUserStatus Query tenant cloud firewall usage Operation level * Supported
      DescribeCfwVersion Query the engine mode and version number of the NAT VPC firewall. Operation level * Supported
      DescribeChangeGroupRuleNotice Query whether it is necessary to display the rule changes of the security group Operation level * Supported
      DescribeChangeGroupRules Operation level * Supported
      DescribeChangeSecurityGroupAssociateInstances Operation level * Supported
      DescribeChangeSecurityGroupNum Operation level * Supported
      DescribeCheckCLSStatus Check if the current user has subscribed to CLS service Operation level * Supported
      DescribeCidrRelatedInstances Operation level * Supported
      DescribeClsDeliverTask DescribeClsDeliverTask Operation level * Supported
      DescribeConfig Operation level * Supported
      DescribeDNSFWStatus Get DNS Firewall Status Bar Operation level * Supported
      DescribeDNSFWSwitch Get DSN firewall switch information Operation level * Supported
      DescribeDNSProtectList Get DNS firewall intrusion prevention list Operation level * Supported
      DescribeDefenseSwitch Get a list of attack and defense buttons Operation level * Supported
      DescribeDnsAclRule Query the DNS access control list Operation level * Supported
      DescribeDnsFwRuleHitDetail Query DNS access control rule hit details Operation level * Supported
      DescribeDnsRuleStatus Query the quota and usage of DNS rules Operation level * Supported
      DescribeDomainParseIpLst Query domain name ip resolution list Operation level * Supported
      DescribeEdgeFwFlowStat Border firewall status monitoring TAB page content Operation level * Supported
      DescribeEdgeIpFlowLists Query the Internet border IP switch traffic statistics list Operation level * Supported
      DescribeElasticBandWidth Tenant elastic bandwidth interval query Operation level * Supported
      DescribeEnterpriseSGRuleProgress Operation level * Supported
      DescribeEnterpriseSecurityDispatchStatus Operation level * Supported
      DescribeEnterpriseSecurityGroupRule DescribeEnterpriseSecurityGroupRule Operation level * Supported
      DescribeEnterpriseSecurityGroupRuleList query enterprise security rule list Operation level * Supported
      DescribeEnterpriseSecurityNotDispatchCount Operation level * Supported
      DescribeFlowCenterLogsV1 Internet traffic center list query Operation level * Supported
      DescribeFwConfig Query firewall configuration Operation level * Supported
      DescribeFwEdgeBar Internet Boundary Page Overview Data Operation level * Supported
      DescribeFwEdgeIps Serial firewall switch list Operation level * Supported
      DescribeFwFirstConfig First time entering the firewall page configuration Operation level * Supported
      DescribeFwGroupIdNames Operation level * Supported
      DescribeFwGroupInstanceInfo Obtain All Tenant VPC Firewalls (Groups) and VPC Firewall Instance Card Information Operation level * Supported
      DescribeFwSwitchOverview Query firewall switch summary Operation level * Supported
      DescribeFwSyncStatus Get firewall synchronization status Operation level * Supported
      DescribeGlobalSetting Operation level * Supported
      DescribeGuideScanInfo Novice guide to scan interface information Operation level * Supported
      DescribeIOAAccessDirectoryList Query the IOA access directory list Operation level * Supported
      DescribeIOAAccountGroups Query IOA account directory list Operation level * Supported
      DescribeIOALocalAccounts Query iOA account list Operation level * Supported
      DescribeIPStatusList DescribeIPStatusList Operation level * Supported
      DescribeIdsWhiteRule Query intrusion prevention rule whitelist interface Operation level * Supported
      DescribeImportCredential Get temporary records of imported file uploads Operation level * Supported
      DescribeImportWeChatSpec DescribeImportWeChatSpec Operation level * Supported
      DescribeIpStatLst Get the peak bandwidth of a single cvm of nat vpc Operation level * Supported
      DescribeLogStorageStatistic Tenant log storage statistics Operation level * Supported
      DescribeLogs Operation level * Supported
      DescribeLogsAsync Log audit log asynchronous query Operation level * Supported
      DescribeLogsCountAsync Obtain the total number of log audit log asynchronous query results Operation level * Supported
      DescribeLogsResultAsync Log audit log asynchronous query result list acquisition Operation level * Supported
      DescribeModifyResourceUser check modify privilege Operation level * Supported
      DescribeModuleConfig Operation level * Supported
      DescribeNatAcRule Operation level * Supported
      DescribeNatConnectionsTrends NAT Firewall monitoring panel-connection statistics Operation level * Supported
      DescribeNatExistRegions DescribeNatExistRegions Operation level * Supported
      DescribeNatFwInfoCount Get the number of all subnets and the number of natfw instances that the current user has access to the nat firewall. Operation level * Supported
      DescribeNatFwInstance Operation level * Supported
      DescribeNatFwInstanceWithRegion Query Tenant Maintainable NAT Instances Operation level * Supported
      DescribeNatFwInstancesInfo Operation level * Supported
      DescribeNatFwRuleHitDetail Query the hit details of NAT access control rules Operation level * Supported
      DescribeNatFwSwitch Query NAT firewall switch list response Operation level * Supported
      DescribeNatFwVpcDnsLst Display the VPC DNS switch corresponding to the current NATFW instance. Operation level * Supported
      DescribeNatIpConnections NAT firewall monitoring panel-IP perspective connection number statistics Operation level * Supported
      DescribeNatNewFlowStatsData NAT Monitoring Panel-Peak Average Bandwidth Statistics Operation level * Supported
      DescribeNatRuleScopes Query the list of selectable effective scopes for Nat rules. Operation level * Supported
      DescribeNatRuleStatus Query NAT rule quota and usage situation Operation level * Supported
      DescribeNatSessionConnections NAT firewall monitoring panel-session perspective connection number statistics Operation level * Supported
      DescribeNatSubnetStatLst NAT firewall subnet traffic statistics display Operation level * Supported
      DescribeNetFlowDomainInfo Query the active external domain name list Operation level * Supported
      DescribeNetFlowDomainTop Obtain the Top 5 active external domain name traffic Operation level * Supported
      DescribeNewAuthInfo Operation level * Supported
      DescribeNewNatCheckInfo DescribeNewNatCheckInfo Operation level * Supported
      DescribeNoInsOfSecurityGroup Operation level * Supported
      DescribeNodeEdge Firewall Switch - VPC Boundary Firewall - Virtual Private Cloud VPC Topology Diagram Operation level * Supported
      DescribeNtaFile nta file list Operation level * Supported
      DescribeNtaFileDownUrl Query NTA file download link Operation level * Supported
      DescribeOperateLogSelect Obtain operation log filter box data Operation level * Supported
      DescribeOrderDetailList Get order details Operation level * Supported
      DescribeProbeHistory DescribeProbeHistory Operation level * Supported
      DescribeProbeTaskDetail DescribeProbeTaskDetail Operation level * Supported
      DescribeQueryNotEmptyRuleListInfo Operation level * Supported
      DescribeResourceGroup Asset Center Asset Tree Information Query Operation level * Supported
      DescribeResourceGroupNew Operation level * Supported
      DescribeRuleOverview describe rule overview Operation level * Supported
      DescribeSGRuleProgress Operation level * Supported
      DescribeSecurityGroupAssociateInstances Operation level * Supported
      DescribeSecurityGroupList Operation level * Supported
      DescribeSecurityGroupRuleStatus Query enterprise security group rule quota and usage situation Operation level * Supported
      DescribeSecurityGroupVersionInfo Security group rule change version information Operation level * Supported
      DescribeSelectAssetGroup Asset information query under asset group Operation level * Supported
      DescribeSelectedAssetsByUserId Query the detailed list of allocation permissions Operation level * Supported
      DescribeShowBakRuleList Operation level * Supported
      DescribeSourceAsset Query all asset information of an asset group Operation level * Supported
      DescribeSwitchStatus DescribeSwitchStatus Operation level * Supported
      DescribeSyncIOAUserAccessStatus Get synchronization iOA user synchronization status Operation level * Supported
      DescribeSyncWeChatWorkAccessStatus Get the synchronization status of enterprise WeChat Operation level * Supported
      DescribeTLogInfo Describe TLog Info Operation level * Supported
      DescribeTLogIpList Describe TLog IpList Operation level * Supported
      DescribeTableStatus DescribeTableStatus Operation level * Supported
      DescribeTagIpList Operation level * Supported
      DescribeTrialModuleConfig Query resource configuration module Operation level * Supported
      DescribeUnHandleEventTabList DescribeUnHandleEventTabList Operation level * Supported
      DescribeUserListByAssetId Query asset permission overview Operation level * Supported
      DescribeVpcAcRule Operation level * Supported
      DescribeVpcAclEdgeRange Operation level * Supported
      DescribeVpcConnectionsTrends Inter-VPC firewall monitoring panel-connection statistics Operation level * Supported
      DescribeVpcDetail Operation level * Supported
      DescribeVpcEdgeList Operation level * Supported
      DescribeVpcFlowCenterLogsV1 Vpc traffic center list query Operation level * Supported
      DescribeVpcFwCrossStatus Get the status of VPC firewall across tenant edge or vpc Operation level * Supported
      DescribeVpcFwGroupFlowStat VPC firewall status monitoring TAB page content Operation level * Supported
      DescribeVpcFwGroupIns Query the firewall (group) ID name and the corresponding relationship under the instance. Operation level * Supported
      DescribeVpcFwGroupSwitch VPC Firewall (Group) Switch List Operation level * Supported
      DescribeVpcFwIpStat Query traffic statistics at a single IP granularity under the VPC firewall Operation level * Supported
      DescribeVpcFwRuleHitDetail Query the hit details of access control rules between intranets Operation level * Supported
      DescribeVpcFwVpcStat Query traffic statistics at vpc granularity under the VPC firewall Operation level * Supported
      DescribeVpcInstance Obtain the list of all VPC firewall instances of the tenant. Operation level * Supported
      DescribeVpcIpConnections Inter-VPC firewall monitoring panel-IP perspective connection number statistics Operation level * Supported
      DescribeVpcLogEdge Operation level * Supported
      DescribeVpcLogStatus Operation level * Supported
      DescribeVpcRuleStatus Operation level * Supported
      DescribeVpcSessionConnections Inter-VPC firewall monitoring panel - connection statistics from session perspective Operation level * Supported
      DescribeWeChatWorkUserList Query the list of enterprise WeChat access personnel Operation level * Supported
      DescribeWeComStatus Operation level * Supported
      DescribeWebCosUrl Operation level * Supported
      DescribeWebServiceStat DescribeWebServiceStat Operation level * Supported
      DescribeWebServices Asset Center web service query list Operation level * Supported
      DescribeYwUserList Operation and maintenance user list Operation level * Supported
      DescribeZeroTrustAccessList Query the list of zero trust remote operation and maintenance identity access cards Operation level * Supported
      DescribeZeroTrustAccessOverview DescribeZeroTrustAccessOverview Operation level * Supported
      DescribeZeroTrustAccessSpecifications DescribeZeroTrustAccessSpecifications Operation level * Supported
      DescribeZeroTrustAllAccessLog zero trust asset access log Operation level * Supported
      DescribeZeroTrustAssetOverView Zero Trust Assets Overview Operation level * Supported
      DescribeZeroTrustAuthorityOverview Query Zero Trust Permissions Overview Operation level * Supported
      DescribeZeroTrustBlockPreview Query Zero Trust Ban Preview Operation level * Supported
      DescribeZeroTrustBlockStatus Query zero trust unauthorized access ban status Operation level * Supported
      DescribeZeroTrustCommandRule Query the list of zero trust remote operation and maintenance command control rules Operation level * Supported
      DescribeZeroTrustCommandRuleHitDetail Query zero trust remote operation and maintenance command control rule hit details Operation level * Supported
      DescribeZeroTrustConfig Query zero trust remote operation and maintenance configuration Operation level * Supported
      DescribeZeroTrustDb zero trust database asset list Operation level * Supported
      DescribeZeroTrustDomainInfo DescribeZeroTrustDomainInfo Operation level * Supported
      DescribeZeroTrustDomainList DescribeZeroTrustDomainList Operation level * Supported
      DescribeZeroTrustError Query Zero Trust Remote Operation and Maintenance Error Banner Operation level * Supported
      DescribeZeroTrustRegionItem DescribeZeroTrustRegionItem Operation level * Supported
      DescribeZeroTrustVpcList Zero trust asset access VPC list Operation level * Supported
      ExportAclRules Export ACL rule file Operation level * Supported
      ExportLogsOffline Log audit log offline export Operation level * Supported
      ExportZeroTrustDb export zero trust databases asset Operation level * Supported
      ModifyZeroTrustWebServiceAccess modify zero trust web service access Operation level * Supported
      OpenZeroTrustWebServiceAccess open zero trust web service access Operation level * Supported
      ResetAclRuleHitTimes Reset hit count for internet rules Operation level * Supported

      Other Operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      DeleteBillingResource Billing active destruction Operation level * Supported
      ModifyLoginTime Update login time Operation level * Supported
      ModifyPolicyAuthority Report Policy Permissions Operation level * Supported
      ModifyUserAuthCheckStatus Asset Sync Authorization Status Change Operation level * Supported
      SyncFwOperate Synchronize firewall operations Operation level * Supported

      List Operations

      API API Description Authorization Granularity Six-segment Resource Description IP Restriction
      DescribeAcLists Query Access Control List Operation level * Supported
      DescribeAclRule Query the Internet Access Control List Operation level * Supported
      DescribeAddrTmplSelectList rule select address Template liet Operation level * Supported
      DescribeFwEngineZoneList DescribeFwEngineZoneList Operation level * Supported
      DescribeNatFwDnatRule DescribeNatFwDnatRule Operation level * Supported
      DescribePresetAddrTmplList query preset address template list Operation level * Supported
      DescribeRemoteInstances Query the list of zero-trust remote operation and maintenance instances Operation level * Supported
      DescribeSwitchLists Query FireWall Switch list Operation level * Supported
      DescribeUserBandwidthUsage DescribeUserBandwidthUsage Operation level * Supported
      DescribeZeroTrustRule DescribeZeroTrustRule Operation level * Supported
      DescribeZeroTrustRuleHitDetail DescribeZeroTrustRuleHitDetail Operation level * Supported
      ExportNatFwDnatRule ExportNatFwDnatRule Operation level * Supported
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy