Data Types

Download PDF

Last updated: 2025-11-27 16:42:27

Data Types

Last updated: 2025-11-27 16:42:27

Download PDF

APIResource

API resource.

Used by actions: CreateSecurityAPIResource, DescribeSecurityAPIResource, ModifySecurityAPIResource.

Name	Type	Required	Description
Id	String	No	Specifies the resource ID.
Name	String	No	Specifies the resource name.
APIServiceIds	Array of String	No	Specifies the API service ID list associated with the API resource.
Path	String	No	Specifies the resource path.
Methods	Array of String	No	Request method list. valid values: GET, POST, PUT, HEAD, PATCH, OPTIONS, DELETE.
RequestConstraint	String	No	Specifies the specific content of the request content match rule, which must comply with the expression grammar. please refer to the product document for detailed requirements.

APIService

API service configuration.

Used by actions: CreateSecurityAPIService, DescribeSecurityAPIService, ModifySecurityAPIService.

Name	Type	Required	Description
Id	String	No	API service ID.
Name	String	No	Specifies the API service name.
BasePath	String	No	Specifies the base path.

AccelerateMainland

Cross-MLC-border acceleration.

Used by actions: CreateApplicationProxy, DescribeApplicationProxies, DescribeZoneSetting, ModifyApplicationProxy.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable Cross-MLC-border acceleration. Valid values: `on`: Enable; `off`: Disable.

AccelerateMainlandParameters

Accelerate optimization and configuration in mainland China.

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Mainland china acceleration optimization switch. valid values:. `On`: enable; . Off: disable. .

AccelerateType

Acceleration type

Used by actions: DescribeHostsSetting.

Name	Type	Required	Description
Switch	String	Yes	Acceleration switch. Values: `on`: Enable `off`: Disable

AccelerationDomain

Accelerated domain name

Used by actions: DescribeAccelerationDomains.

Name	Type	Description
ZoneId	String	ID of the site.
DomainName	String	Accelerated domain name
DomainStatus	String	Status of the accelerated domain name. Values: `online`: Activated `process`: Being deployed `offline`: Disabled `forbidden`: Blocked `init`: Pending activation
OriginDetail	OriginDetail	Details of the origin. Note: This field may return null, indicating that no valid values can be obtained.
OriginProtocol	String	Origin-pull protocol configuration. Values: `FOLLOW`: Follow the protocol of origin `HTTP`: Send requests to the origin over HTTP `HTTPS`: Send requests to the origin over HTTPS Note: This field may return·null, indicating that no valid values can be obtained.
HttpOriginPort	Integer	The port used for HTTP origin-pull requests Note: This field may return·null, indicating that no valid values can be obtained.
HttpsOriginPort	Integer	The port used for HTTPS origin-pull requests Note: This field may return·null, indicating that no valid values can be obtained.
IPv6Status	String	IPv6 status. Values: `follow`: Follow the IPv6 configuration of the site `on`: Enable `off`: Disable Note: This field may return·null, indicating that no valid values can be obtained.
Cname	String	The CNAME address.
IdentificationStatus	String	Ownership verification status. Values: `pending`: Pending verification `finished`: Verified Note: This field may return null, indicating that no valid values can be obtained.
CreatedOn	Timestamp ISO8601	Creation time of the accelerated domain name.
ModifiedOn	Timestamp ISO8601	Modification time of the accelerated domain name.
OwnershipVerification	OwnershipVerification	Information required to verify the ownership of a domain name. Note: This field may return·null, indicating that no valid values can be obtained.
Certificate	AccelerationDomainCertificate	Domain name certificate information Note: This field may return·null, indicating that no valid values can be obtained.

AccelerationDomainCertificate

Information of the acceleration domain name certificate.

Used by actions: DescribeAccelerationDomains.

Name	Type	Required	Description
Mode	String	No	Certificate configuration mode. Values: `disable`: Do not configure the certificate; `eofreecert`: Use a free certificate provided by EdgeOne; `sslcert`: Configure an SSL certificate.
List	Array of CertificateInfo	No	List of server certificates. The relevant certificates are deployed on the entrance side of the EO. Note: This field may return null, which indicates a failure to obtain a valid value.
ClientCertInfo	MutualTLS	No	In the edge mutual authentication scenario, this field represents the client's CA certificate, which is deployed inside the EO node and used for EO node authentication of the client certificate.
UpstreamCertInfo	UpstreamCertInfo	No	The certificate carried during EO node origin-pull is used when the origin server enables the mutual authentication handshake to validate the client certificate, ensuring that the request originates from a trusted EO node.

AccessURLRedirectParameters

Access URL redirect configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
StatusCode	Integer	No	Status code. valid values: 301, 302, 303, 307, 308.
Protocol	String	No	Target request protocol. valid values:. Http: target request protocol http; . Https: target request protocol https; . Follow: follow the request. .
HostName	HostName	No	Target hostname. Note: this field may return null, which indicates a failure to obtain a valid value.
URLPath	URLPath	No	Target path. Note: this field may return null, which indicates a failure to obtain a valid value.
QueryString	AccessURLRedirectQueryString	No	Carry query parameters. Note: this field may return null, which indicates a failure to obtain a valid value.

AccessURLRedirectQueryString

Access URL redirect configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Action	String	No	Action to be executed. values:. `Full`: retain all . `Ignore`: ignore all .

AclCondition

The condition that makes up an access control rule

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
MatchFrom	String	Yes	Filters: `host`: Request domain name; `sip`: Client IP; `ua`: User-Agent; `cookie`: Cookie; `cgi`: CGI script; `xff`: XFF header; `url`: Request URL; `accept`: Request content type; `method`: Request method<;/li> `header`: Request header; `app_proto`: Application layer protocol; `sip_proto`: Network layer protocol; `uabot`: UA rules (only available in custom bot rules); `idcid`: IDC rules (only available in custom bot rules); `sipbot`: Search engine rules (only available in custom bot rules); `portrait`: Client reputation (only available in custom bot rules); `header_seq`: Header sequence (only available in custom bot rules); `hdr`: Request body (only available in custom Web protection rules).
MatchParam	String	Yes	The parameter of the field. When `MatchFrom = header`, the key contained in the header can be passed.
Operator	String	Yes	The logical operator. Values: `equal`: Value equals `not_equal`: Value not equals `include`: String contains `not_include`: String not contains `match`: IP matches `not_match`: IP not matches `include_area`: Regions contain `is_empty`: Value left empty `not_exists`: Key fields not exist `regexp`: Regex matches `len_gt`: Value greater than `len_lt`: Value smaller than `len_eq`: Value equals `match_prefix`: Prefix matches `match_suffix`: Suffix matches `wildcard`: Wildcard
MatchContent	String	Yes	The content to match.

AclConfig

ACL configuration

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Switch. Values: `on`: Enable `off`: Disable
AclUserRules	Array of AclUserRule	Yes	The custom rule.
Customizes	Array of AclUserRule	No	Managed custom rules.

AclUserRule

The custom rule

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
RuleName	String	Yes	The rule name.
Action	String	Yes	The action. Values: `trans`: Allow `drop`: Block the request `monitor`: Observe `ban`: Block the IP `redirect`: Redirect the request `page`: Return the specified page `alg`: JavaScript challenge
RuleStatus	String	Yes	The rule status. Values: `on`: Enabled `off`: Disabled
AclConditions	Array of AclCondition	Yes	The custom rule.
RulePriority	Integer	Yes	The rule priority. Value range: 0-100.
RuleID	Integer	No	Rule ID, which is only used as an output parameter.
UpdateTime	String	No	The update time, which is only used as an output parameter.
PunishTime	Integer	No	IP ban duration. Range: 0-2 days. It's required when `Action=ban`.
PunishTimeUnit	String	No	The unit of the IP ban duration. Values: `second`: Second `minutes`: Minute `hour`: Hour Default value: `second`.
Name	String	No	Name of the custom return page. It's required when `Action=page`.
PageId	Integer	No	(Disused) ID of the custom return page. The default value is 0, which means that the system default blocking page is used.
CustomResponseId	String	No	ID of custom response. The ID can be obtained via the `DescribeCustomErrorPages` API. It's required when `Action=page`.
ResponseCode	Integer	No	The response code to trigger the return page. It's required when `Action=page`. Value: 100-600. 3xx response codes are not supported. Default value: 567.
RedirectUrl	String	No	The redirection URL. It's required when `Action=redirect`.

Action

Rule engine action. Each feature supports only one of the following three action types. The RuleAction array can be of only one of the following types. For all details, see DescribeRulesSetting.

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
NormalAction	NormalAction	No	Common feature operations. the options for this category include:. Access url rewrite (`accessurlredirect`). . origin url overriding (upstreamurlredirect); . quic; . websocket; . video dragging (videoseek); . token authentication (authentication); . custom cachekey (cachekey); . node caching ttl (cache); . browser cache ttl (maxage); . offline caching (offlinecache); . smart acceleration (smartrouting); . range-based origin pull (rangeoriginpull); . http/2 origin pull (upstreamhttp2); . host header overriding (hostheader); . force https (forceredirect); . https origin pull (originpullprotocol); . `ResponseSpeedLimit`: single connection download speed limit. . `CachePrefresh`: cache prefresh. . `Compression`: smart compression. . Hsts; . ClientIpHeader; . ssltlssecureconf; . ocspstapling; . http/2 access (http2); . redirection during origin pull (upstreamfollowredirect); . modifying origin server (origin); . layer 7 origin pull timeout (httpupstreamtimeout). . http response (httpresponse). . Note: this field may return null, which indicates a failure to obtain a valid value.
RewriteAction	RewriteAction	No	Feature operation with a request/response header. Features of this type include: `RequestHeader`: HTTP request header modification. `ResponseHeader`: HTTP response header modification. Note: This field may return null, indicating that no valid values can be obtained.
CodeAction	CodeAction	No	Feature operation with a status code. Features of this type include: `ErrorPage`: Custom error page. `StatusCodeCache`: Status code cache TTL. Note: This field may return null, indicating that no valid values can be obtained.

AdaptiveFrequencyControl

Adaptive frequency control.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Enabled	String	Yes	Whether adaptive frequency control is enabled. valid values: on: enable; off: disable. .
Sensitivity	String	No	The restriction level of adaptive frequency control. required when Enabled is on. valid values: Loose: Loose Moderate: Moderate Strict: Strict .
Action	SecurityAction	No	The handling method of adaptive frequency control. this field is required when Enabled is on. valid values for SecurityAction Name: Monitor: observation; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .

Addresses

IP range details.

Used by actions: DescribeMultiPathGatewayOriginACL, DescribeOriginACL.

Name	Type	Required	Description
IPv4	Array of String	No	IPv4 subnet.
IPv6	Array of String	No	IPv6 subnet.

AdvancedFilter

Key-value pair filters for conditional filtering queries and fuzzy queries, such as filtering ID, name, and status.
If more than one filter exists, the logical relationship between these filters is AND.
If one filter has multiple values, the logical relationship between these values is OR.

Used by actions: DescribeAccelerationDomains, DescribeAliasDomains, DescribeConfigGroupVersions, DescribeContentIdentifiers, DescribeCustomErrorPages, DescribeDeployHistory, DescribeDnsRecords, DescribeOriginGroup, DescribePrefetchTasks, DescribePurgeTasks, DescribeRealtimeLogDeliveryTasks, DescribeZones.

Name	Type	Required	Description
Name	String	Yes	Field to be filtered.
Values	Array of String	Yes	Value of the filtered field.
Fuzzy	Boolean	No	Whether to enable fuzzy query.

AiRule

AI rule engine

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Mode	String	Yes	The status of the AI rule engine. Values: `smart_status_close`: Disabled `smart_status_open`: Block `smart_status_observe`: Observe

AlgDetectJS

Validate client behavior.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Name	String	No	Method to validate client behavior.
WorkLevel	String	No	Proof-of-work strength. Values: `low` (default): Low `middle`: Medium `high`: High
ExecuteMode	Integer	No	Implement a delay before executing JS in milliseconds. Value range: 0-1000. Default value: 500.
InvalidStatTime	Integer	No	The period threshold for validating the result "Client JS disabled" in seconds. Value range: 5-3600. Default value: 10.
InvalidThreshold	Integer	No	The number of times for the result "Client JS disabled" occurred in the specified period. Value range: 1-100000000. Default value: 30.
AlgDetectResults	Array of AlgDetectResult	No	Client behavior validation results.

AlgDetectResult

Active bot detection results.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Result	String	No	The validation result. Values: `invalid`: Invalid Cookie `cookie_empty`: No Cookie/Cookie expired `js_empty`: Client JS disabled `low`: Low-risk session `middle`: Medium-risk session `high`: High-risk session `timeout`: JS validation timed out `not_browser`: Invalid browser `is_bot`: Bot client
Action	String	No	The action. Values: `drop`: Block `monitor`: Observe `silence`: Drop w/o response `shortdelay`: Add short latency `longdelay`: Add long latency

AlgDetectRule

Active bot detection rule.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
RuleID	Integer	No	ID of the rule.
RuleName	String	No	Name of the rule.
Switch	String	No	Whether to enable the rule.
AlgConditions	Array of AclCondition	No	Condition specified for the rule.
AlgDetectSession	AlgDetectSession	No	Checksum of the Cookie and behavior analysis of the session.
AlgDetectJS	Array of AlgDetectJS	No	Validate client behavior when the condition is satisfied.
UpdateTime	String	No	The update time, which is only used as an output parameter.

AlgDetectSession

Validate Cookie.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Name	String	No	Method to validate Cookie.
DetectMode	String	No	The validation mode. Values: `detect`: Validate only `update_detect` (default): Update Cookie and validate
SessionAnalyzeSwitch	String	No	Whether to enable Cookie-based session check. The default value is `off`. Values: `off`: Disable `on`: Enable
InvalidStatTime	Integer	No	The period threshold for validating the result "No Cookie/Cookie expired" in seconds. Value range: 5-3600. Default value: 10.
InvalidThreshold	Integer	No	The number of times for the result "No Cookie/Cookie expired" occurred in the specified period. Value range: 1-100000000. Default value: 300.
AlgDetectResults	Array of AlgDetectResult	No	Cookie validation results.
SessionBehaviors	Array of AlgDetectResult	No	Cookie-based session check results.

AliasDomain

Information of the alias domain name

Used by actions: DescribeAliasDomains.

Name	Type	Description
AliasName	String	The alias domain name.
ZoneId	String	The site ID.
TargetName	String	The target domain name.
Status	String	Status of the alias domain name. Values: `active`: Activated `pending`: Deploying `conflict`: Reclaimed `stop`: Stopped
ForbidMode	Integer	The blocking mode. Values: `0`: Not blocked `11`: Blocked due to regulatory compliance `14`: Blocked due to ICP filing not obtained
CreatedOn	Timestamp ISO8601	Creation time of the alias domain name.
ModifiedOn	Timestamp ISO8601	Modification time of the alias domain name.

AllowActionParameters

Additional parameter for Web security Allow.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
MinDelayTime	String	No	Minimum latency response time. when configured as 0s, it means no delay for direct response. supported units: s: seconds, value ranges from 0 to 5. .
MaxDelayTime	String	No	Maximum delayed response time. supported units: s: seconds, value ranges from 5 to 10. .

ApplicationProxy

Application proxy instance

Used by actions: DescribeApplicationProxies.

Name	Type	Description
ZoneId	String	The site ID.
ZoneName	String	The site name.
ProxyId	String	The proxy ID.
ProxyName	String	The domain name or subdomain name when `ProxyType=hostname`. The instance name when `ProxyType=instance`.
ProxyType	String	The proxy type. Values: `hostname`: The proxy is created by subdomain name. `instance`: The proxy is created by instance.
PlatType	String	The scheduling mode. Values: `ip`: Schedule via Anycast IP. `domain`: Schedule via CNAME.
Area	String	Acceleration region. Values: `mainland`: Chinese mainland. `overseas`: Global (outside the Chinese mainland); Default value: overseas.
SecurityType	Integer	Whether to enable security protection. Values: `0`: Disable security protection. `1`: Enable security protection.
AccelerateType	Integer	Whether to enable acceleration. Values: `0`: Disable acceleration. `1`: Enable acceleration.
SessionPersistTime	Integer	The session persistence duration.
Status	String	The rule status. Values: `online`: Enabled `offline`: Disabled `progress`: Deploying `stopping`: Disabling `fail`: Failed to deploy or disable
BanStatus	String	The blocking status of the proxy. Values: `banned`: Blocked `banning`: Blocking `recover`: Unblocked `recovering`: Unblocking
ScheduleValue	Array of String	Scheduling information.
HostId	String	When `ProxyType=hostname`: This field indicates the unique ID of the subdomain name.
Ipv6	Ipv6	The IPv6 access configuration.
UpdateTime	Timestamp ISO8601	The update time.
ApplicationProxyRules	Array of ApplicationProxyRule	List of rules.
AccelerateMainland	AccelerateMainland	Cross-MLC-border acceleration.

ApplicationProxyRule

Application proxy rule

Used by actions: CreateApplicationProxy, DescribeApplicationProxies.

Name	Type	Required	Description
Proto	String	Yes	Protocol. Valid values: TCP: TCP protocol; UDP: UDP protocol.
Port	Array of String	Yes	Port. Supported formats: A single port, such as 80. A port range, such as 81-82, indicating two ports 81 and 82. Note: Up to 20 ports can be input for each rule.
OriginType	String	Yes	Origin server type. Valid values: custom: manually added; loadbalancer: cloud load balancer; origins: origin server group.
OriginValue	Array of String	Yes	Origin server information. When OriginType is custom, it indicates one or more origin servers, such as `["8.8.8.8","9.9.9.9"]` or `OriginValue=["test.com"]`; When OriginType is loadbalancer, it indicates a cloud load balancer, such as ["lb-xdffsfasdfs"]; When OriginType is origins, it requires one and only one element, indicating the origin server group ID, such as ["origin-537f5b41-162a-11ed-abaa-525400c5da15"].
RuleId	String	No	Rule ID.
Status	String	No	Status. Valid values: online: enabled; offline: disabled; progress: deploying; stopping: disabling; fail: deployment or disabling failed.
ForwardClientIp	String	No	Passing the client IP address. Valid values: TOA: passing via TOA, available only when Proto = TCP; PPV1: passing via Proxy Protocol V1, available only when Proto = TCP; PPV2: passing via Proxy Protocol V2; OFF: no passing. Default value: OFF.
SessionPersist	Boolean	No	Whether to enable session persistence. Valid values: true: Enable; false: Disable. Default value: false.
SessionPersistTime	Integer	No	Duration for session persistence. the value takes effect only when SessionPersist is true.
OriginPort	String	No	Origin server port. Supported formats: A single port, such as 80. A port range, such as 81-82, indicating two ports 81 and 82.
RuleTag	String	No	Tag of the rule.

AscriptionInfo

The site ownership information

Used by actions: DescribeIdentifications, IdentifyZone.

Name	Type	Description
Subdomain	String
RecordType	String	The record type.
RecordValue	String	The record value.

AudioTemplateInfo

Audio stream configuration parameters.

Used by actions: CreateJustInTimeTranscodeTemplate, DescribeJustInTimeTranscodeTemplates.

Name	Type	Required	Description
Codec	String	Yes	Encoding format for audio streams. optional values:. libfdk_aac.
AudioChannel	Integer	No	Audio channel quantity. valid values: 2: dual-channel. default value: 2.

AuthenticationParameters

Token authentication configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
AuthType	String	No	Authentication type. valid values:. TypeA: authentication method a type, for specific meaning please refer to authentication method a; . TypeB: authentication method b type, for specific meaning please refer to authentication method b; . TypeC: authentication method c type, for specific meaning please refer to authentication method c; . TypeD: authentication method d type, for specific meaning please refer to authentication method d; . TypeVOD: authentication method v type, for specific meaning please refer to authentication method v. .
SecretKey	String	No	The primary authentication key consists of 6–40 uppercase and lowercase english letters or digits, and cannot contain " and $.
Timeout	Integer	No	Validity period of the authentication url, in seconds, value range: 1–630720000. used to determine if the client access request has expired:. If the current time exceeds "timestamp + validity period", it is an expired request, and a 403 is returned directly. . If the current time does not exceed "timestamp + validity period", the request is not expired, and the md5 string is further validated. note: when authtype is one of typea, typeb, typec, or typed, this field is required.
BackupSecretKey	String	No	The backup authentication key consists of 6–40 uppercase and lowercase english letters or digits, and cannot contain " and $.
AuthParam	String	No	Authentication parameters name. the node will validate the value corresponding to this parameter name. consists of 1-100 uppercase and lowercase letters, numbers, or underscores. note: this field is required when authtype is either typea or typed.
TimeParam	String	No	Authentication timestamp. it cannot be the same as the value of the authparam field. note: this field is required when authtype is typed.
TimeFormat	String	No	Authentication time format. values:. Dec: decimal; . Hex: hexadecimal. note: this field is required when authtype is typed. the default is hex.

BandwidthAbuseDefense

Bandwidth abuse protection configuration (chinese mainland only).

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Enabled	String	Yes	Whether bandwidth abuse protection (applicable to chinese mainland only) is enabled. valid values: on: enabled; off: disabled. .
Action	SecurityAction	No	Bandwidth abuse protection (applicable to chinese mainland) handling method. required when Enabled is on. valid values for SecurityAction Name: Monitor: observe; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .

BillingData

Billing data item.

Used by actions: DescribeBillingData.

Name	Type	Description
Time	Timestamp ISO8601	Specifies the data timestamp.
Value	Integer	Value.
ZoneId	String	Site ID of the associated data point. if the content identifier feature is enabled, this item is the content identifier.
Host	String	Specifies the domain name of the data point.
ProxyId	String	Specifies the layer-4 proxy instance ID the data point belongs to.
RegionId	String	Specifies the billing region ID the data point belongs to. the billing region is determined by the EdgeOne node region where the actual service user client is located. valid values: CH: chinese mainland AF: africa AS1: asia pacific zone 1 AS2: asia pacific zone 2 AS3: asia pacific zone 3 EU: europe MidEast: middle east NA: north america SA: south america .

BillingDataFilter

Billing data filter criteria.

Used by actions: DescribeBillingData.

Name	Type	Required	Description
Type	String	Yes	Parameter name.
Value	String	Yes	Parameter value.

BindDomainInfo

Describes the domain names bound to the policy template.

Used by actions: DescribeWebSecurityTemplates.

Name	Type	Description
Domain	String	Domain name.
ZoneId	String	Zone ID to which the domain belongs.
Status	String	Binding status. valid values:. `process`: binding in progress `online`: binding succeeded. `fail`: binding failed.

BindSharedCNAMEMap

Bindings between a shared CNAME and connected domain names

Used by actions: BindSharedCNAME.

Name	Type	Required	Description
SharedCNAME	String	Yes	The shared CNAME to be bound with or unbound from.
DomainNames	Array of String	Yes	Acceleration domains (up to 20).

BlockIPActionParameters

Additional parameter for SecurityAction BlockIP.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Duration	String	Yes	Penalty duration for `BlockIP`. Units: `s`: second, value range 1-120; `m`: minute, value range 1-120; `h`: hour, value range 1-48. .

BotConfig

Bot security configuration

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable bot security. Values: `on`: Enable `off`: Disable
BotManagedRule	BotManagedRule	No	The settings of the bot managed rule. If it is null, the settings that were last configured will be used.
BotPortraitRule	BotPortraitRule	No	The settings of the client reputation rule. If it is null, the settings that were last configured will be used.
IntelligenceRule	IntelligenceRule	No	Bot intelligent analysis. if null, use the last set configuration by default.
BotUserRules	Array of BotUserRule	No	Settings of the custom bot rule. If it is null, the settings that were last configured will be used.
AlgDetectRule	Array of AlgDetectRule	No	Active bot detection rule.
Customizes	Array of BotUserRule	No	Bot managed custom policy. optional input. output usage only.

BotExtendAction

Bot extended actions

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Action	String	Yes	Action. Valid values: `monitor`: Observe; `alg`: JavaScript challenge; `captcha`: Managed challenge; `random`: Actions are executed based on the percentage specified in `ExtendActions`; `silence`: Silence; `shortdelay`: Add short latency; `longdelay`: Add long latency.
Percent	Integer	No	The probability for triggering the action. value range: 0-100.

BotManagedRule

Bot managed rules. The rule IDs can be obtained from the output of DescribeBotManagedRules.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Action	String	Yes	The rule action. Values: `drop`: Block `trans`: Allow `alg`: JavaScript challenge `monitor`: Observe
RuleID	Integer	No	The rule ID, which is only used as an output parameter.
TransManagedIds	Array of Integer	No	Rule ID to allow. defaults to no rules configured for allowance.
AlgManagedIds	Array of Integer	No	Rule ID of the JS challenge. default is all rules without configuring the JS challenge.
CapManagedIds	Array of Integer	No	The rule ID for digit verification code. by default, all rules do not configure digit verification code.
MonManagedIds	Array of Integer	No	Rule ID for observation. by default, observation is not configured for all rules.
DropManagedIds	Array of Integer	No	Rule ID for interception. by default, all rules have no configuration interception.

BotManagement

Web security BOT managed rules architecture.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
ClientAttestationRules	ClientAttestationRules	No	Definition list of client authentication rules. feature in beta test. submit a ticket or contact smart customer service if needed.

BotPortraitRule

Bot user portrait rules

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Switch. Values: `on`: Enable `off`: Disable
RuleID	Integer	No	The rule ID, which is only used as an output parameter.
AlgManagedIds	Array of Integer	No	The rule ID of JS challenge. default all rules without configuring JS challenge.
CapManagedIds	Array of Integer	No	Rule ID for digit captcha-intl. default is all rules without configuring digit captcha-intl.
MonManagedIds	Array of Integer	No	Rule ID for observation. by default, observation is not configured for all rules.
DropManagedIds	Array of Integer	No	Rule ID for interception. default to all rules with no configuration interception.

BotUserRule

Custom bot rules

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
RuleName	String	Yes
Action	String	Yes	The action. Values: `drop`: Block the request `monitor`: Observe `trans`: Allow `redirect`: Redirect the request `page`: Return the specified page `alg`: JavaScript challenge `captcha`: Managed challenge `random`: Handle the request randomly by the weight `silence`: Keep the connection but do not response to the client `shortdelay`: Add a short latency period `longdelay`: Add a long latency period
RuleStatus	String	Yes	The rule status. Values: `on`: Enabled `off`: Disabled Default value: `on`
AclConditions	Array of AclCondition	Yes	Details of the rule.
RulePriority	Integer	Yes	The rule weight. Value range: 0-100.
RuleID	Integer	No	Rule ID, which is only used as an output parameter.
ExtendActions	Array of BotExtendAction	No	[Currently unavailable] Specify the random action and percentage.
FreqFields	Array of String	No	The filter. Values: `sip`: Client IP This parameter is left empty by default.
UpdateTime	String	No	The update time, which is only used as an output parameter.
FreqScope	Array of String	No	Query scope. Values: `source_to_eo`: (Response) Traffic going from the origin to EdgeOne. `client_to_eo`: (Request) Traffic going from the client to EdgeOne. Default: `source_to_eo`.
Name	String	No	Name of the custom return page. It's required when `Action=page`.
CustomResponseId	String	No	ID of custom response. The ID can be obtained via the `DescribeCustomErrorPages` API. It's required when `Action=page`.
ResponseCode	Integer	No	The response code to trigger the return page. It's required when `Action=page`. Value: 100-600. 3xx response codes are not supported. Default value: 567.
RedirectUrl	String	No	The redirection URL. It's required when `Action=redirect`.

CC

CC configuration item.

Used by actions: DescribeHostsSetting.

Name	Type	Required	Description
Switch	String	Yes	WAF switch. Values: `on`: Enable `off`: Disable
PolicyId	Integer	No	ID of the policy

CLSTopic

The configuration information of real-time log delivery to Tencent Cloud CLS

Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks.

Name	Type	Required	Description
LogSetId	String	Yes	The ID of the Tencent Cloud CLS log set.
TopicId	String	Yes	The ID of the Tencent Cloud CLS log topic.
LogSetRegion	String	Yes	The region of the Tencent Cloud CLS log set.

Cache

Cache time settings

Used by actions: DescribeHostsSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable cache configuration. Values: `on`: Enable `off`: Disable
CacheTime	Integer	No	Specifies the cache expiration time settings. Unit: seconds. the maximum settable value is 365 days.

CacheConfig

Cache rule configuration.

Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Cache	Cache	No	Cache configuration Note: This field may return null, indicating that no valid values can be obtained.
NoCache	NoCache	No	No-cache configuration Note: This field may return null, indicating that no valid values can be obtained.
FollowOrigin	FollowOrigin	No	Follows the origin server configuration Note: This field may return null, indicating that no valid values can be obtained.

CacheConfigCustomTime

Node cache TTL custom cache time configuration parameters

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Custom cache time switch. values:. `On`: enable; . Off: disable. .
CacheTime	Integer	No	Custom cache time value, unit: seconds. value range: 0-315360000. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled.

CacheConfigParameters

Node Cache TTL configuration parameters

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
FollowOrigin	FollowOrigin	No	Follow origin server cache configuration. only one of followorigin, nocache, customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value.
NoCache	NoCache	No	No cache configuration. only one of followorigin, nocache, customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value.
CustomTime	CacheConfigCustomTime	No	Custom cache time configuration. only one of followorigin, nocache, customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value.

CacheKey

The cache key configuration.

Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
FullUrlCache	String	No	Whether to enable full path cache. valid values:. `on`: enable full-path cache (i.e., disable ignore query string). . `off`: disable full-path cache (i.e., enable parameter ignore). .
IgnoreCase	String	No	Specifies whether to use case-insensitive cache. valid values:. `on`: ignore . `off`: not ignore .
QueryString	QueryString	No	Request parameter contained in `CacheKey`. Note: This field may return `null`, indicating that no valid values can be obtained.

CacheKeyConfigParameters

The cache key configuration.

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
FullURLCache	String	No	Whether to enable full-path cache. values:. `On`: enable full-path cache (i.e., disable ignore query string). . `Off`: disable full-path cache (i.e., enable ignore query string). .
IgnoreCase	String	No	Whether to ignore case in the cache key. values:. `On`: ignore; . `Off`: not ignore. .
QueryString	CacheKeyQueryString	No	Query string retention configuration parameter. this field and fullurlcache must be set simultaneously, but cannot both be `on`.

CacheKeyCookie

Custom Cache Key Cookie configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	No	Whether to enable feature. values:. `On`: enable; . Off: disable. .
Action	String	No	Cache action. values:. `Full`: retain all . `ignore`: ignore all; . `includecustom`: retain specified parameters; . `excludecustom`: ignore specified parameters. note: when `switch` is on, this field is required. when `switch` is off, this field is not required and will not take effect if filled.
Values	Array of String	No	Custom cache key cookie name list. note: this field is required when action is includecustom or excludecustom; when action is full or ignore, this field is not required and will not take effect if filled.

CacheKeyHeader

Custom Cache Key HTTP request header configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	No	Whether to enable feature. values:. `On`: enable; . Off: disable. .
Values	Array of String	No	Custom cache key http request header list. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled.

CacheKeyParameters

Custom Cache Key configuration parameters. The FullURLCache and QueryString parameters are combined. For specific examples, refer to:

Retain all query strings. Enable ignore case.

{
"CacheKey": {
  "FullURLCache": "on",
  "QueryString": {
    "Switch": "off"
  },
  "IgnoreCase": "on"
}
}

Ignore all query strings. Enable ignore case.

{
"CacheKey": {
  "FullURLCache": "off",
  "QueryString": {
    "Switch": "off"
  },
  "IgnoreCase": "on"
}
}

Retain specified query string parameters. Disable ignore case.

{
"CacheKey": {
  "FullURLCache": "off",
  "QueryString": {
      "Switch": "on",
      "Action": "includeCustom",
      "Values": ["name1","name2","name3"]
  },
  "IgnoreCase": "off"
}
}

-Query string ignore specified parameters. Disable ignore case.

{
"CacheKey": {
  "FullURLCache": "off",
  "QueryString": {
      "Switch": "on",
      "Action": "excludeCustom",
      "Values": ["name1","name2","name3"]
  },
  "IgnoreCase": "off"
}
}

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
FullURLCache	String	No	Switch for retaining the complete query string. values:. `On`: enable; . Off: disable. note: at least one of fullurlcache, ignorecase, header, scheme, or cookie must be configured. this field and querystring.switch must be set simultaneously, but cannot both be on.
QueryString	CacheKeyQueryString	No	Configuration parameter for retaining the query string. this field and fullurlcache must be set simultaneously, but cannot both be on. Note: this field may return null, which indicates a failure to obtain a valid value.
IgnoreCase	String	No	Switch for ignoring case. values:. `On`: enable; . Off: disable. note: at least one of fullurlcache, ignorecase, header, scheme, or cookie must be configured.
Header	CacheKeyHeader	No	HTTP request header configuration parameters. at least one of the following configurations must be set: fullurlcache, ignorecase, header, scheme, cookie. Note: this field may return null, which indicates a failure to obtain a valid value.
Scheme	String	No	Request protocol switch. valid values:. `On`: enable; . Off: disable. note: at least one of fullurlcache, ignorecase, header, scheme, or cookie must be configured.
Cookie	CacheKeyCookie	No	Cookie configuration parameters. at least one of the following configurations must be set: fullurlcache, ignorecase, header, scheme, cookie. Note: this field may return null, which indicates a failure to obtain a valid value.

CacheKeyQueryString

Custom Cache Key query string configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Query string retain/ignore specified parameter switch. valid values are:. `On`: enable; . Off: disable. .
Action	String	No	Actions to retain/ignore specified parameters in the query string. values:. `IncludeCustom`: retain partial parameters. . `ExcludeCustom`: ignore partial parameters. note: this field is required when `switch` is on. when `switch` is off, this field is not required and will not take effect if filled.
Values	Array of String	No	List of parameter names to be retained/ignored in the query string. note: this field is required when `switch` is on. when `switch` is off, this field is not required and will not take effect if filled.

CacheParameters

Node Cache TTL configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
FollowOrigin	FollowOrigin	No	Cache follows origin server. if not specified, this configuration is not set. only one of followorigin, nocache, or customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value.
NoCache	NoCache	No	No cache. if not specified, this configuration is not set. only one of followorigin, nocache, or customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value.
CustomTime	CustomTime	No	Custom cache time. if not specified, this configuration is not set. only one of followorigin, nocache, or customtime can have switch set to on. Note: this field may return null, which indicates a failure to obtain a valid value.

CachePrefresh

Cache prefresh

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable cache prefresh. Values: `on`: Enable `off`: Disable
Percent	Integer	No	Cache pre-refresh percentage. value range: 1-99.

CachePrefreshParameters

Cache prefresh configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable cache prefresh. values:. `On`: enable; . Off: disable. .
CacheTimePercent	Integer	No	Prefresh interval set as a percentage of the node cache time. value range: 1-99. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled.

CacheTag

The information attached when the node cache purge type is set to purge_cache_tag.

Used by actions: CreatePurgeTask.

Name	Type	Required	Description
Domains	Array of String	Yes	List of domain names to purge cache for.

CertificateInfo

HTTPS server certificate configuration.

Used by actions: DescribeAccelerationDomains, ModifyHostsCertificate.

Name	Type	Required	Description
CertId	String	Yes	Certificate ID, which originates from the SSL side. You can check the CertId from the SSL Certificate List.
Alias	String	No	Alias of the certificate.
Type	String	No	Type of the certificate. Values: `default`: Default certificate `upload`: Specified certificate `managed`: Tencent Cloud-managed certificate
ExpireTime	Timestamp ISO8601	No	The certificate expiration time.
DeployTime	Timestamp ISO8601	No	Time when the certificate is deployed.
SignAlgo	String	No	Signature algorithm.
Status	String	No	Status of the certificate. Values: u200c `deployed`: The deployment has completed u200c `processing`: Deployment in progress u200c `applying`: Application in progress u200c `failed`: Application rejected `issued`: Binding failed.

ChallengeActionParameters

Web security Challenge additional parameter.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
ChallengeOption	String	Yes	Safe execution challenge actions. valid values: InterstitialChallenge: interstitial challenge; InlineChallenge: embedded challenge; JSChallenge: JavaScript challenge; ManagedChallenge: managed challenge. .
Interval	String	No	Specifies the time interval for challenge repetition. this field is required when Name is InterstitialChallenge/InlineChallenge. default value is 300s. supported units: s: second, value ranges from 1 to 60; m: minute, value ranges from 1 to 60; h: hour, value ranges from 1 to 24. .
AttesterId	String	No	Client authentication method ID. this field is required when Name is InterstitialChallenge/InlineChallenge.

CheckRegionHealthStatus

Health status of origin servers in each health check region.

Used by actions: DescribeOriginGroupHealthStatus.

Name	Type	Description
Region	String	Health check region, which is a two-letter code according to ISO-3166-1.
Healthy	String	Health status of origin servers in a single health check region. Valid values: Healthy: healthy. Unhealthy: unhealthy. Undetected: no data detected. Note: If all origin servers in a single health check region are healthy, the status is healthy; otherwise, it is unhealthy.
OriginHealthStatus	Array of OriginHealthStatus	Origin server health status.

ClientAttestationRule

Client authentication rule.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Id	String	No	Client authentication rule ID. supported rule configuration operations by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing rules not included in the ClientAttestationRule list under BotManagement parameters will be deleted. .
Name	String	No	Specifies the name of the client authentication rule.
Enabled	String	No	Whether the rule is enabled. valid values: `on`: enable `off`: disable .
Priority	Integer	No	Priority of rules. a smaller value indicates higher priority execution. value range: 0-100. default value: 0.
Condition	String	No	The rule content must comply with expression grammar. for details, see the product document.
AttesterId	String	No	Specifies the client authentication option ID.
DeviceProfiles	Array of DeviceProfile	No	Client device configuration. if the DeviceProfiles parameter value is not specified in the ClientAttestationRules parameter, keep the existing client device configuration and do not modify it.
InvalidAttestationAction	SecurityAction	No	Handling method for failed client authentication. valid values for SecurityAction Name: Deny: block; Monitor: observation; Redirect: redirection; Challenge: Challenge. default value: Monitor.

ClientAttestationRules

Describes the client authentication configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Rules	Array of ClientAttestationRule	No	List of client authentication. when using ModifySecurityPolicy to modify Web protection configuration: if Rules in SecurityPolicy.BotManagement.ClientAttestationRules is not specified or the parameter length of Rules is zero: clear all client authentication rule configuration. if ClientAttestationRules in SecurityPolicy.BotManagement parameters is unspecified: keep existing client authentication rule configuration and do not modify. .

ClientAttester

Specifies the authentication option configuration.

Used by actions: CreateSecurityClientAttester, DescribeSecurityClientAttester, ModifySecurityClientAttester.

Name	Type	Required	Description
Id	String	No	Authentication option ID.
Name	String	No	Specifies the authentication option name.
Type	String	No	Authentication rule type. only returned in the response. valid values:. PRESET: system PRESET rule. only AttesterDuration can be modified. . CUSTOM: user-defined rules. .
AttesterSource	String	No	Authentication method. valid values:. TC-RCE: uses the full-stack risk control engine for authentication. . TC-CAPTCHA-Intl: specifies authentication using captcha-intl. .
AttesterDuration	String	No	Validity time of the authentication. defaults to 60s. supported measurement units:. S: specifies seconds. value range: 60–43200. . M: specifies minutes. value range: 1–720. . H. specifies the hour. value range: 1–12. .
TCRCEOption	TCRCEOption	No	TC-RCE authentication configuration message. Specifies the required field when the AttesterSource parameter value is TC-RCE. .
TCCaptchaOption	TCCaptchaOption	No	Specifies the configuration message for TC-CAPTCHA certification. Specifies the required field when the AttesterSource parameter value is TC-CAPTCHA. .

ClientFiltering

Intelligent client filtering.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Enabled	String	Yes	Whether intelligent client filtering is enabled. valid values: on: enable; off: disable. .
Action	SecurityAction	No	The handling method of intelligent client filtering. when Enabled is on, this field is required. the Name parameter of SecurityAction supports: Monitor: observation; Deny: block; Challenge: Challenge, where ChallengeActionParameters.Name only supports JSChallenge. .

ClientIPCountryParameters

Location information of the Client IP carried in origin-pull. It is formatted as a two-letter ISO-3166-1 country/region code.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable configuration. values:. `On`: enable; . Off: disable. .
HeaderName	String	No	Name of the request header that contains the client ip region. it is valid when `switch=on`. the default value `eo-client-ipcountry` is used when it is not specified.

ClientIPHeaderParameters

The header configuration for storing client request IP.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable configuration. values:. `On`: enable; . Off: disable. .
HeaderName	String	No	Name of the request header containing the client ip address for origin-pull. when switch is on, this parameter is required. x-forwarded-for is not allowed for this parameter.

ClientIpCountry

Location information of the client IP carried in origin-pull. It is formatted as a two-letter ISO-3166-1 country/region code.

Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable configuration. Values: `on`: Enable `off`: Disable
HeaderName	String	No	Name of the request header that contains the client IP region. It is valid when `Switch=on`. The default value `EO-Client-IPCountry` is used when it is not specified.

ClientIpHeader

The client IP header configuration

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable the configuration. Values: `on`: Enable `off`: Disable
HeaderName	String	No	Specifies the request header name containing the client IP For origin-pull. this parameter is required when Switch is on. X-Forwarded-For is not allowed For this parameter.

CnameStatus

CNAME status

Used by actions: CheckCnameStatus.

Name	Type	Description
RecordName	String	The domain name.
Cname	String	The CNAME address. Note: This field may return null, indicating that no valid values can be obtained.
Status	String	CNAME status. valid values:. `active`: activated . `moved`: not effective; .

CodeAction

Rule engine action with a status code

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Action	String	Yes	Feature name. For details, see DescribeRulesSetting API
Parameters	Array of RuleCodeActionParams	Yes	Operation parameter.

Compression

Smart compression configuration.

Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable smart compression. Values: `on`: Enable `off`: Disable
Algorithms	Array of String	No	Supported compression algorithm list. valid values:. Brotli: specifies the brotli algorithm. . Gzip: specifies the gzip algorithm. .

CompressionParameters

Smart compression configuration.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable smart compression. values:. `On`: enable; . Off: disable. .
Algorithms	Array of String	No	Supported compression algorithm list. this field is required when switch is on; otherwise, it is not effective. valid values:. `Brotli`: brotli algorithm; . `Gzip`: gzip algorithm. .

ConfigGroupVersionInfo

Version information about the configuration group.

Used by actions: DeployConfigGroupVersion, DescribeConfigGroupVersionDetail, DescribeConfigGroupVersions, DescribeDeployHistory, DescribeEnvironments.

Name	Type	Required	Description
VersionId	String	Yes	Version ID.
VersionNumber	String	No	Version No.
GroupId	String	No	Configuraration group ID.
GroupType	String	No	Configuration group type. Valid values: l7_acceleration: L7 acceleration configuration group. edge_functions: Edge function configuration group.
Description	String	No	Version description.
Status	String	No	Version status. Valid values: creating: Being created. inactive: Not effective. active: Effective.
CreateTime	Timestamp ISO8601	No	Version creation time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).

ContentIdentifier

Content identifier. This feature is only available to the allowlist.

Used by actions: DescribeContentIdentifiers.

Name	Type	Description
ContentId	String	Content identifier id.
Description	String	Content identifier description.
ReferenceCount	Integer	Count of citations by the rule engine.
PlanId	String	Bound package id.
Tags	Array of Tag	Bound tags.
Status	String	Content identifier status. valid values:. `Active`: activated . `Deleted`: deleted .
CreatedOn	Timestamp ISO8601	Creation time, which adopts coordinated universal time (utc) and follows the date and time format of the iso 8601 standard.
ModifiedOn	Timestamp ISO8601	Latest update time, which adopts coordinated universal time (utc) and follows the date and time format of the iso 8601 standard.
DeletedOn	Timestamp ISO8601	Deletion time, which is empty when the status is not `deleted`. the time format follows the iso 8601 standard and is represented in coordinated universal time (utc). Note: this field may return null, which indicates a failure to obtain a valid value.

CurrentOriginACL

Currently effective origin ACLs.

Used by actions: DescribeOriginACL.

Name	Type	Required	Description
EntireAddresses	Addresses	No	IP range details. Note: This field may return null, which indicates a failure to obtain a valid value.
Version	String	No	Version number. Note: This field may return null, which indicates a failure to obtain a valid value.
ActiveTime	String	No	Version effective time in UTC+8, following the date and time format of the ISO 8601 standard. Note: This field may return null, which indicates a failure to obtain a valid value.
IsPlaned	String	No	This parameter is used to record whether "I've upgraded to the lastest version" is completed before the origin ACLs version is effective. valid values:. - true: specifies that the version is effective and the update to the latest version is confirmed. - false: when the version takes effect, the confirmation of updating to the latest origin ACLs are not completed. The IP range is forcibly updated to the latest version in the backend. When this parameter returns false, please confirm in time whether your origin server firewall configuration has been updated to the latest version to avoid origin-pull failure. Note: This field may return null, which indicates a failure to obtain a valid value.

CustomEndpoint

The configuration information of real-time log delivery to a custom HTTP(S) interface

Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

Name	Type	Required	Description
Url	String	Yes	Address of the custom HTTP API for real-time log shipping. Currently, only HTTP and HTTPS protocols are supported.
AccessId	String	No	Custom SecretId used for generating an encrypted signature. This parameter is required if the origin server needs authentication.
AccessKey	String	No	Custom SecretKey used for generating an encrypted signature. This parameter is required if the origin server needs authentication.
CompressType	String	No	Type of data compression. Valid values: gzip: gzip compression. If this parameter is not input, compression is disabled.
Protocol	String	No	Type of the application layer protocol used in POST requests for log shipping. Valid values: http: HTTP protocol; https: HTTPS protocol. If this parameter is not input, the protocol type is parsed from the URL field.
Headers	Array of Header	No	Custom request header carried in log shipping. For a header carried by default in EdgeOne log pushing, such as Content-Type, the header value you input will overwrite the default value. The header value references a single variable ${batchSize} to obtain the number of log entries included in each POST request.

CustomErrorPage

Custom error code page structure.

Used by actions: DescribeCustomErrorPages.

Name	Type	Description
PageId	String	Custom error page ID.
ZoneId	String	Zone ID.
Name	String	Custom error page name.
ContentType	String	Custom error page type.
Description	String	Custom error page description.
Content	String	Custom error page content.
References	Array of ErrorPageReference	Custom error page reference.

CustomField

The custom log field in a real-time log delivery task.

Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

Name	Type	Required	Description
Name	String	Yes	Type of the custom log field, which indicates extracting data from specified positions in HTTP requests and responses. valid values:. ReqHeader: extract the value of a specified field from an HTTP request header; . RspHeader: extracts the value of a specified field from an HTTP response header. . Cookie: extract the specified field value from a cookie; . ReqBody: extract specified content from an HTTP request body using a Google RE2 regular expression. .
Value	String	Yes	Enter the field value definition based on the field type (Name). this parameter is case-sensitive. When the field type is ReqHeader, RspHeader, or Cookie, enter the parameter name for value extraction, such as Accept-Language. you can enter 1-100 characters. the name must start with a letter, contain letters, digits, or hyphens (-) in the middle, and end with a letter or digit. . When the field type is ReqBody, enter the Google RE2 regular expression. the maximum length of the regular expression is 4 KB. .
Enabled	Boolean	No	Whether to deliver this field. leave blank to skip delivery.

CustomRule

Custom rule configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Name	String	Yes	The custom rule name.
Condition	String	Yes	The specifics of the custom rule, must comply with the expression grammar, please refer to product documentation for details.
Action	SecurityAction	Yes	Action for custom rules. The Name parameter of SecurityAction supports: `Deny`: block; `Monitor`: observe; `ReturnCustomPage`: block with customized page; `Redirect`: Redirect to URL; `BlockIP`: IP blocking; `JSChallenge`: JavaScript challenge; `ManagedChallenge`: managed challenge; `Allow`: Allow. .
Enabled	String	Yes	The custom rule status. Values: `on`: enabled `off`: disabled .
Id	String	No	Custom rule ID. Different rule configuration operations are supported by rule ID : - Add a new rule: ID is empty or the ID parameter is not specified; - Modify an existing rule: specify the rule ID that needs to be updated/modified; - Delete an existing rule: existing rules not included in the Rules parameter will be deleted.
RuleType	String	No	Type of custom rule. Values: `BasicAccessRule`: basic access control; `PreciseMatchRule`: exact custom rule, default; `ManagedAccessRule`: expert customized rule, output parameter only. The default value is PreciseMatchRule.
Priority	Integer	No	Customize the priority of custom rule. Range: 0-100, the default value is 0, this parameter only supports PreciseMatchRule.

CustomRules

Custom rules configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Rules	Array of CustomRule	No	The custom rule. when modifying the Web protection configuration using ModifySecurityPolicy: - if the Rules parameter is not specified or the parameter length of Rules is zero: clear all custom rule configurations. - if the Rules parameter is not specified: keep the existing custom rule configuration without modification.

CustomTime

Node cache TTL custom cache time parameter configuration.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	No	Custom cache time switch. values:. `On`: enable; . Off: disable. .
IgnoreCacheControl	String	No	Ignore origin server cachecontrol switch. values:. `On`: enable; . Off: disable. note: this field is required when `switch` is on. when `switch` is off, this field is not required and will not take effect if filled.
CacheTime	Integer	No	Custom cache time value, unit: seconds. value range: 0-315360000. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled.

CustomizedHeader

Custom header that can be configured for HTTP/HTTPS health check policies under a LoadBalancer.

Used by actions: CreateLoadBalancer, ModifyLoadBalancer.

Name	Type	Required	Description
Key	String	Yes	Specifies the custom header Key.
Value	String	Yes	Set custom headers Value.

DDoS

DDoS mitigation configuration

Used by actions: DescribeHostsSetting.

Name	Type	Required	Description
Switch	String	Yes	Switch. Values: `on`: Enable `off`: Disable

DDoSAttackEvent

Information of the DDoS attacker

Used by actions: DescribeDDoSAttackEvent.

Name	Type	Description
EventId	String	The event ID.
AttackType	String	The attack type.
AttackStatus	Integer	The attack status.
AttackMaxBandWidth	Integer	The maximum attack bandwidth.
AttackPacketMaxRate	Integer	The peak attack packet rate.
AttackStartTime	Integer	The attack start time recorded in seconds.
AttackEndTime	Integer	The attack end time recorded in seconds.
PolicyId	Integer	The DDoS policy ID. Note: This field may return `null`, indicating that no valid value was found.
ZoneId	String	The site ID. Note: This field may return `null`, indicating that no valid value was found.
Area	String	Geolocation scope. Values: `overseas`: Regions outside the Chinese mainland `mainland`: Chinese mainland Note: This field may return `null`, indicating that no valid value was found.
DDoSBlockData	Array of DDoSBlockData	The blocking time of a DDoS attack. Note: This field may return `null`, indicating that no valid value was found.

DDoSBlockData

DDoS blocking details

Used by actions: DescribeDDoSAttackEvent.

Name	Type	Description
StartTime	Integer	The start time recorded in UNIX timestamp.
EndTime	Integer	The end time recorded in UNIX timestamp. `0` indicates the blocking is ongoing.
BlockArea	String	The regions blocked.

DDoSProtection

Exclusive Anti-DDoS protection configuration.

Used by actions: DescribeDDoSProtection, ModifyDDoSProtection.

Name	Type	Required	Description
ProtectionOption	String	Yes	Specifies the protection scope of standalone DDoS. valid values:. protect_all_domains: specifies exclusive Anti-DDoS protection for all domain names in the site. newly added domain names automatically enable exclusive Anti-DDoS protection. when this parameter is specified, DomainDDoSProtections will not be processed. . protect_specified_domains: only applicable to specified domains. specific scope can be set via DomainDDoSProtection parameter. .
DomainDDoSProtections	Array of DomainDDoSProtection	No	Anti-DDoS configuration of the domain. specifies the exclusive ddos protection settings for the domain in request parameters. When ProtectionOption remains protect_specified_domains, the domain names not filled in keep their exclusive Anti-DDoS protection configuration unchanged, while explicitly specified domain names are updated according to the input parameters. . When ProtectionOption switches from protect_all_domains to protect_specified_domains: if DomainDDoSProtections is empty, disable exclusive DDoS protection for all domains under the site; if DomainDDoSProtections is not empty, disable or maintain exclusive DDoS protection for the domain names specified in the parameter, and disable exclusive DDoS protection for other unlisted domain names. .
SharedCNAMEDDoSProtections	Array of DomainDDoSProtection	No	Specifies the exclusive DDoS protection configuration of a shared CNAME. used as an output parameter.

DDosProtectionConfig

Exclusive DDoS protection specifications configuration applicable to Layer 4 proxy or web site service.

Used by actions: CreateL4Proxy, DescribeL4Proxy.

Name	Type	Required	Description
LevelMainland	String	No	Dedicated anti-DDoS specifications in the Chinese mainland. For details, refer to Dedicated Anti-DDoS Related Fees. PLATFORM: uses the default protection. Dedicated anti-DDoS is not enabled; BASE30_MAX300: uses dedicated anti-DDoS, which provides 30 Gbps guaranteed protection bandwidth and up to 300 Gbps elastic protection bandwidth; BASE60_MAX600: uses dedicated anti-DDoS, which provides 60 Gbps guaranteed protection bandwidth and up to 600 Gbps elastic protection bandwidth. If this field is not specified, the default value 'PLATFORM' will be used.
MaxBandwidthMainland	Integer	No	Configuration of elastic protection bandwidth for exclusive DDoS protection in the Chinese mainland.Valid only when exclusive DDoS protection in the Chinese mainland is enabled (refer to the LevelMainland parameter configuration), and the value has the following limitations: When exclusive DDoS protection is enabled in the Chinese mainland and the 30 Gbps baseline protection bandwidth is used (the LevelMainland parameter value is BASE30_MAX300): the value range is 30 to 300 in Gbps; When exclusive DDoS protection is enabled in the Chinese mainland and the 60 Gbps baseline protection bandwidth is used (the LevelMainland parameter value is BASE60_MAX600): the value range is 60 to 600 in Gbps; When the default protection of the platform is used (the LevelMainland parameter value is PLATFORM): configuration is not supported, and the value of this parameter is invalid.
LevelOverseas	String	No	Dedicated anti-DDoS specifications in global regions (excluding the Chinese mainland). PLATFORM: uses the default protection. Dedicated anti-DDoS is not enabled; ANYCAST300: uses dedicated anti-DDoS, which provides 300 Gbps protection bandwidth; ANYCAST_ALLIN: uses dedicated anti-DDoS, which provides all available protection resources. If this field is not specified, the default value 'PLATFORM' will be used.

DefaultServerCertInfo

HTTPS server certificate configuration

Used by actions: DescribeDefaultCertificates.

Name	Type	Required	Description
CertId	String	Yes	Specifies the server certificate ID.
Alias	String	No	Certificate remark name.
Type	String	No	Certificate type. valid values:. `default`: Default certificate; `upload`: External certificate; `managed`: Tencent Cloud managed certificate.
ExpireTime	Timestamp ISO8601	No	Certificate expiration time.
EffectiveTime	Timestamp ISO8601	No	Certificate Validation Time.
CommonName	String	No	Common name of the cert.
SubjectAltName	Array of String	No	Specifies the SAN domain of the certificate.
Status	String	No	Deployment state. valid values:. processing: deployment in progress; . Deployed: deployed . `Failed`: deployment failed .
Message	String	No	Indicates the failure reason when the Status is failed.
SignAlgo	String	No	Certificate algorithm.

DeliveryCondition

Real-time log delivery conditions used to define the scope of log delivery. The relationship between items in a DeliveryCondition array is "or", whereas the relationship between items in an inner Conditions array is "and".

Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

Name	Type	Required	Description
Conditions	Array of QueryCondition	No	Log filter criteria. The detailed filter criteria are as follows: EdgeResponseStatusCode: Filter by response status code returned from the EdgeOne node to the client. ?? Supported operators: equal, great, less, great_equal, less_equal ?? Valid values: any integer greater than or equal to 0 OriginResponseStatusCode: Filter by response status code of the origin server. ?? Supported operators: equal, great, less, great_equal, less_equal. ?? Valid values: any integer greater than or equal to -1 SecurityAction: Filter by final action after the request matches a security rule. ?? Supported operator: equal ?? Options: ?? -: unknown/not matched ?? Monitor: observation ?? JSChallenge: JavaScript challenge ?? Deny: blocking ?? Allow: allowing ?? BlockIP: IP blocking ?? Redirect: redirection ?? ReturnCustomPage: returning to a custom page ?? ManagedChallenge: managed challenge ?? Silence: silence ?? LongDelay: response after a long delay ?? ShortDelay: response after a short delay SecurityModule: Filter by name of the security module finally handling the request. ??Supported operator: equal ??Options: ?? -: unknown/not matched ?? CustomRule: Custom Rules in Web Protection ?? RateLimitingCustomRule: Rate Limiting Rules in Web Protection ?? ManagedRule: Managed Rules in Web Protection ?? L7DDoS: CC Attack Defense in Web Protection ?? BotManagement: Bot Basic Management in Bot Management ?? BotClientReputation: Client Reputation Analysis in Bot Management ?? BotBehaviorAnalysis: Bot Intelligent Analysis in Bot Management ?? BotCustomRule: Custom Bot Rules in Bot Management ?? BotActiveDetection: Active Detection in Bot Management

DenyActionParameters

Safe execution action specifies additional parameters for the ban.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
BlockIp	String	No	Specifies whether to extend the ban on the source IP. valid values. `on`: Enable; off: Disable. After enabled, continuously blocks client ips that trigger the rule. when this option is enabled, the BlockIpDuration parameter must be simultaneously designated. Note: this option cannot intersect with ReturnCustomPage or Stall.
BlockIpDuration	String	No	The ban duration when BlockIP is on.
ReturnCustomPage	String	No	Specifies whether to use a custom page. valid values:. `on`: Enable; off: Disable. Enabled, use custom page content to intercept requests. when this option is enabled, ResponseCode and ErrorPageId parameters must be specified simultaneously. Note: this option cannot intersect with the BlockIp or Stall option.
ResponseCode	String	No	Status code of the custom page.
ErrorPageId	String	No	Specifies the page id of the custom page.
Stall	String	No	Specifies whether to suspend the request source without processing. valid values:. `on`: Enable; off: Disable. Enabled, no longer responds to requests in the current connection session and does not actively disconnect. used for crawler combat to consume client connection resources. Note: this option cannot intersect with BlockIp or ReturnCustomPage options.

DeployRecord

Version release record details for the configuration group.

Used by actions: DescribeDeployHistory.

Name	Type	Description
ConfigGroupVersionInfos	Array of ConfigGroupVersionInfo	Details about the released version.
DeployTime	Timestamp ISO8601	Release time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).
Status	String	Release status. Valid values: deploying: Being released. failure: Release failed. success: Released successfully.
Message	String	Release result information.
RecordId	String	Release record ID.
Description	String	Change description.

DetailHost

Domain name configuration information

Used by actions: DescribeHostsSetting.

Name	Type	Description
ZoneId	String	The site ID.
Status	String	The acceleration status. Values: `process`: In progress `online`: Enabled `offline`: Disabled
Host	String	The domain name.
ZoneName	String	Name of the site
Cname	String	The assigned CNAME
Id	String	The resource ID.
InstanceId	String	The instance ID.
Lock	Integer	The lock status.
Mode	Integer	The domain name status.
Area	String	The acceleration area of the domain name. Values: `global`: Global. `mainland`: Chinese mainland. `overseas`: Outside the Chinese mainland.
AccelerateType	AccelerateType	The acceleration type configuration item. Note: This field may return null, indicating that no valid values can be obtained.
Https	Https	The HTTPS configuration item. Note: This field may return null, indicating that no valid values can be obtained.
CacheConfig	CacheConfig	The cache configuration item. Note: This field may return null, indicating that no valid values can be obtained.
Origin	Origin	The origin configuration item. Note: This field may return null, indicating that no valid values can be obtained.
SecurityType	SecurityType	The security type. Note: This field may return null, indicating that no valid values can be obtained.
CacheKey	CacheKey	The cache key configuration item. Note: This field may return null, indicating that no valid values can be obtained.
Compression	Compression	The smart compression configuration item. Note: This field may return null, indicating that no valid values can be obtained.
Waf	Waf	The WAF protection configuration item. Note: This field may return null, indicating that no valid values can be obtained.
CC	CC	The CC protection configuration item. Note: This field may return null, indicating that no valid values can be obtained.
DDoS	DDoS	DDoS mitigation configuration Note: This field may return null, indicating that no valid values can be obtained.
SmartRouting	SmartRouting	The smart routing configuration item. Note: This field may return null, indicating that no valid values can be obtained.
Ipv6	Ipv6	The IPv6 access configuration item. Note: This field may return null, indicating that no valid values can be obtained.
ClientIpCountry	ClientIpCountry	Whether to carry the location information of the client IP during origin-pull. Note: This field may return `null`, indicating that no valid value can be obtained.

DetectLengthLimitCondition

Length limit detection condition configuration.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Name	String	Yes	Parameter name of the matched condition. Values:. `body_depth`: detection depth of the request body packet part.
Values	Array of String	Yes	The parameter value of the match condition. the value is used in pairs with Name. When the Name value is body_depth, Values only support passing in a single value. valid Values:. 10KB; 64KB; 128KB.

DetectLengthLimitConfig

Length limit detection configuration.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
DetectLengthLimitRules	Array of DetectLengthLimitRule	Yes	List of rules that detect length limits.

DetectLengthLimitRule

Length limit detection rule details configuration.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
RuleId	Integer	Yes	Rule Id, output parameter only.
RuleName	String	Yes	Rule name, output parameter only.
Description	String	Yes	Rule description, output parameter only.
Conditions	Array of DetectLengthLimitCondition	Yes	Rule configuration conditions, output parameter only.
Action	String	Yes	Handling method. Values:. `skip`: when request body data exceeds the detection depth set by `body_depth` in `Conditions` output parameters, skip all request body content detection. . `scan`: detect at the detection depth set by `body_depth` in the `Conditions` output parameters only. Truncate the excess part of the request body content directly, the excess part of the request body will not go through security detection. Output paramter only.

DeviceProfile

Describes the client device configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
ClientType	String	Yes	Client device type. valid values: iOS; Android; WebView. .
HighRiskMinScore	Integer	No	The minimum value to determine a request as high-risk ranges from 1–99. the larger the value, the higher the request risk, and the closer it resembles a request initiated by a Bot client. the default value is 50, corresponding to high-risk for values 51–100.
HighRiskRequestAction	SecurityAction	No	Handling method for high-risk requests. valid values for SecurityAction Name: Deny: block; Monitor: observation; Redirect: redirection; Challenge: Challenge. default value: Monitor.
MediumRiskMinScore	Integer	No	Specifies the minimum value to determine a request as medium-risk. value range: 1–99. the larger the value, the higher the request risk, resembling requests initiated by a Bot client. default value: 15, corresponding to medium-risk for values 16–50.
MediumRiskRequestAction	SecurityAction	No	Handling method for medium-risk requests. SecurityAction Name parameter supports: Deny: block; Monitor: observe; Redirect: Redirect; Challenge: Challenge. default value is Monitor.

DiffIPWhitelist

Differences between the newest and existing intermediate IPs

Used by actions: DescribeOriginProtection.

Name	Type	Description
LatestIPWhitelist	IPWhitelist	The latest intermediate IPs.
AddedIPWhitelist	IPWhitelist	The intermediate IPs added to the existing list.
RemovedIPWhitelist	IPWhitelist	The intermediate IPs removed from the existing list.
NoChangeIPWhitelist	IPWhitelist	The intermediate IPs that remain unchanged.

DnsRecord

DNS record

Used by actions: DescribeDnsRecords, ModifyDnsRecords.

Name	Type	Required	Description
ZoneId	String	No	Zone id. note: zoneid is for output parameter use only and cannot be used as an input parameter in modifydnsrecords. if this parameter is passed, it will be ignored.
RecordId	String	No	DNS record id.
Name	String	No	DNS record name.
Type	String	No	DNS record type. valid values are:. A: point the domain to a public network ipv4 address, such as 8.8.8.8; . AAAA: point the domain to a public network ipv6 address; . MX: used for email servers. when there are multiple mx records, the lower the priority, the higher the precedence; . CNAME: point the domain to another domain name, which will resolve to the final ip address; . TXT: identify and describe the domain, commonly used for domain verification and spf records (anti-spam); . NS: if you need to delegate the resolution of a subdomain to another dns service provider, you need to add an ns record. ns records cannot be added to the root domain name; . CAA: specifies the ca that can issue certificates for this site; . SRV: indicates that a server is using a service, commonly seen in microsoft system directory management. .
Location	String	No	DNS record resolution route, if not specified, defaults to default, indicating the default resolution route, effective in all regions. resolution route configuration only applies when type (dns record type) is a, aaaa, or cname. for valid values, refer to: resolution routes and corresponding code enumeration.
Content	String	No	DNS record content. fill in the corresponding content based on the type value.
TTL	Integer	No	Cache time. value range: 60–86400. the smaller the value, the faster the record modification will take effect globally. unit: seconds.
Weight	Integer	No	DNS record weight. value range: -1–100. a value of -1 means no weight is assigned, and 0 means no parsing. weight configuration is only applicable when type (dns record type) is a, aaaa, or cname.
Priority	Integer	No	MX record priority. value range: 0–50. the smaller the value, the higher the priority.
Status	String	No	DNS record parsing status. valid values are: enable: takes effect; disable: disabled. note: status is only used as an output parameter and cannot be used as an input parameter in modifydnsrecords. if this parameter is passed, it will be ignored.
CreatedOn	Timestamp ISO8601	No	Creation time. note: createdon is only used as an output parameter and cannot be used as an input parameter in modifydnsrecords. if this parameter is passed, it will be ignored.
ModifiedOn	Timestamp ISO8601	No	Modification time. note: modifiedon is for output parameter only and cannot be used as an input parameter in modifydnsrecords. if this parameter is passed, it will be ignored.

DnsVerification

Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

Name	Type	Description
Subdomain	String	The host record.
RecordType	String	The record type.
RecordValue	String	The record value.

DomainDDoSProtection

Exclusive Anti-DDoS protection of the domain.

Used by actions: DescribeDDoSProtection, ModifyDDoSProtection.

Name	Type	Required	Description
Domain	String	Yes	Domain name.
Switch	String	Yes	Standalone DDoS switch of the domain. valid values:. on: enabled; . off: closed. .

DropPageConfig

Block page configuration

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable configuration. Values: `on`: Enable `off`: Disable
WafDropPageDetail	DropPageDetail	No	Intercept page configuration for Waf(managed rules) module. if null, historical configuration is used by default.
AclDropPageDetail	DropPageDetail	No	Interception page configuration for custom pages. if null, use the last set configuration by default.

DropPageDetail

The configuration details of the block page

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
PageId	Integer	Yes	The ID of the block page. Specify `0` to use the default block page. (Disused) If 0 is passed, the default block page will be used.
StatusCode	Integer	Yes	The HTTP status code to trigger the block page. Range: 100-600, excluding 3xx codes. Code 566: Requests blocked by managed rules. Code 567: Requests blocked by web security rules (except managed rules).
Name	String	Yes	The block page file or URL.
Type	String	Yes	Type of the block page. Values: `page`: Return the specified page.
CustomResponseId	String	No	ID of custom response. The ID can be obtained via the `DescribeCustomErrorPages` API. It's required when `Type=page`.

EntityStatus

Status of domain names bound with this template.

Used by actions: DescribeSecurityTemplateBindings.

Name	Type	Description
Entity	String	Instance name. Only subdomain names are supported.
Status	String	Instance configuration status. Values: `online`: Configuration has taken effect; `fail`: Configuration failed; `process`: Configuration is being delivered.
Message	String	Message returned after the operation completed.

EnvInfo

Environment information.

Used by actions: DescribeEnvironments.

Name	Type	Description
EnvId	String	Environment ID.
EnvType	String	Environment type. Valid values: production: Production environment. staging: Test environment.
Status	String	Environment status. Valid values: creating: Being created. running: The environment is stable, with version changes allowed. version_deploying: The version is currently being deployed, with no more changes allowed.
Scope	Array of String	Effective scope of the configuration in the current environment. Valid values: ALL: It takes effect on the entire network when EnvType is set to production. It returns the IP address of the test node for host binding during testing when EnvType is set to staging.
CurrentConfigGroupVersionInfos	Array of ConfigGroupVersionInfo	For the effective versions of each configuration group in the current environment, there are two possible scenarios based on the value of Status: When Status is set to version_deploying, the returned value of this field represents the previously effective version. In other words, during the deployment of the new version, the effective version is the one that was in effect before any changes were made. When Status is set to running, the value returned by this field is the currently effective version.
CreateTime	Timestamp ISO8601	Creation time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).
UpdateTime	Timestamp ISO8601	Update time. The time format follows the ISO 8601 standard and is represented in Coordinated Universal Time (UTC).

ErrorPage

Custom error page.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
StatusCode	Integer	Yes	Status code. supported values are 400, 403, 404, 405, 414, 416, 451, 500, 501, 502, 503, 504.
RedirectURL	String	Yes	Redirect url. requires a full redirect path, such as https://www.test.com/error.html.

ErrorPageParameters

Custom error page configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
ErrorPageParams	Array of ErrorPage	No	Custom error page configuration list. Note: this field may return null, which indicates a failure to obtain a valid value.

ErrorPageReference

Custom error page's referenced source

Used by actions: DescribeCustomErrorPages.

Name	Type	Description
BusinessId	String	Referenced business ID, such as the custom block rule ID.

ExceptConfig

Exception rules, which are used to bypass specific rules

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable configuration. Values: `on`: Enable `off`: Disable
ExceptUserRules	Array of ExceptUserRule	No	The settings of the exception rule. if it is null, the settings that were last configured will be used.

ExceptUserRule

The settings of the exception rule

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
RuleName	String	Yes	The rule name.
Action	String	Yes	The rule action. It only supports the value `skip`, which indicates skipping all managed rules.
RuleStatus	String	Yes	The rule status. Values: `on`: Enabled `off`: Disabled
RuleID	Integer	No	The rule ID, which is automatically created and only used as an output parameter.
UpdateTime	Timestamp ISO8601	No	Last update time. if null, the underlying layer generates it using the current system time by default.
ExceptUserRuleConditions	Array of ExceptUserRuleCondition	No	The matching condition.
ExceptUserRuleScope	ExceptUserRuleScope	No	Scope where the rule takes effect.
RulePriority	Integer	No	The rule priority. Value range: 0-100. If it is null, it defaults to 0.

ExceptUserRuleCondition

The condition of the exception rule

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
MatchFrom	String	No	The field to match. Values: `host`: Request domain name `sip`: Client IP `ua`: User-Agent `cookie`: Cookie `cgi`: CGI script `xff`: XFF header `url`: Request URL `accept`: Request content type `method`: Request method `header`: Request header `sip_proto`: Network layer protocol
MatchParam	String	No	The parameter of the field. Only when `MatchFrom = header`, the key contained in the header can be passed.
Operator	String	No	The logical operator. Values: `equal`: String equals `not_equal`: Value not equals `include`: String contains `not_include`: String not contains `match`: IP matches `not_match`: IP not matches `include_area`: Regions contain `is_empty`: Value left empty `not_exists`: Key fields not exist `regexp`: Regex matches `len_gt`: Value greater than `len_lt`: Value smaller than `len_eq`: Value equals `match_prefix`: Prefix matches `match_suffix`: Suffix matches `wildcard`: Wildcard
MatchContent	String	No	The value of the parameter.

ExceptUserRuleScope

The scope to which the exception rule applies

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Type	String	No	Exception mode. Values: `complete`: Skip the exception rule for full requests. `partial`: Skip the exception rule for partial requests.
Modules	Array of String	No	Effective module. the field value can be:. `waf`: tencent cloud-managed rules . `Rate`: rate limit . `acl`: custom rule . `Cc`: cc attack defense . `Bot`: bot protection .
PartialModules	Array of PartialModule	No	Skip exception rule details for some rule ids. if null, use the last set configuration by default.
SkipConditions	Array of SkipCondition	No	Details of the exception rule for skipping specific fields. if null, use the last set configuration by default.

ExceptionRule

Web security exception rule.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Id	String	No	The ID of the exception rule. different rule configuration operations are supported by rule ID: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the ExceptionRules parameter will be deleted. .
Name	String	No	The name of the exception rule.
Condition	String	No	Describes the specific content of the exception rule, which must comply with the expression grammar. for details, please refer to the product document.
SkipScope	String	No	Exception rule execution options, valid values: WebSecurityModules: designate the security protection module for the exception rule. ManagedRules: designate the managed rule. .
SkipOption	String	No	Skip the specific type of request. valid values: SkipOnAllRequestFields: skip all requests; SkipOnSpecifiedRequestFields: skip specified request fields. valid only when SkipScope is ManagedRules.
WebSecurityModulesForException	Array of String	No	Specifies the security protection module for exception rules. valid only when SkipScope is WebSecurityModules. valid values: websec-mod-managed-rules: managed rule. websec-mod-rate-limiting: rate limit. websec-mod-custom-rules: custom rule. websec-mod-adaptive-control: adaptive frequency control, intelligent client filtering, slow attack protection, traffic theft protection. websec-mod-bot: bot management. .
ManagedRulesForException	Array of String	No	Specifies the managed rule for the exception rule. valid only when SkipScope is ManagedRules. cannot specify ManagedRuleGroupsForException at this time.
ManagedRuleGroupsForException	Array of String	No	A managed rule group with designated exception rules is valid only when SkipScope is ManagedRules, and at this point you cannot specify ManagedRulesForException.
RequestFieldsForException	Array of RequestFieldsForException	No	Specify exception rules to skip request fields. valid only when SkipScope is ManagedRules and SkipOption is SkipOnSpecifiedRequestFields.
Enabled	String	No	Whether the exception rule is enabled. valid values: `on`: enable `off`: disable .

ExceptionRules

Web security exception rules.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Rules	Array of ExceptionRule	No	Definition list of exception Rules. when using ModifySecurityPolicy to modify Web protection configuration: if the Rules parameter is not specified or the parameter length is zero: clear all exception rule configurations. if the ExceptionRules parameter value is not specified in SecurityPolicy: keep existing exception rule configurations without modification. .

FailReason

Failure reason

Used by actions: CreatePrefetchTask, CreatePurgeTask.

Name	Type	Description
Reason	String	Failure reason.
Targets	Array of String	List of resources failed to be processed.

FileAscriptionInfo

Verification file, used to verify site ownership

Used by actions: DescribeIdentifications, IdentifyZone.

Name	Type	Description
IdentifyPath	String	Directory of the verification file.
IdentifyContent	String	Content of the verification file.

FileVerification

Information required for verifying via a file. It's applicable to sites connected via CNAMEs.

Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

Name	Type	Description
Path	String	EdgeOne obtains the file verification information in the format of "Scheme + Host + URL Path", (e.g. https://www.example.com/.well-known/teo-verification/z12h416twn.txt). This field is the URL path section of the URL you need to create.
Content	String	Content of the verification file. The contents of this field need to be filled into the text file returned by `Path`.

Filter

Key-value pair filters for conditional filtering queries, such as filtering ID, name, and status.
If more than one filter exists, the logical relationship between these filters is AND.
If multiple values exist in one filter, the logical relationship between these values under the same filter is OR.

Used by actions: DescribeApplicationProxies, DescribeDefaultCertificates, DescribeFunctionRules, DescribeFunctions, DescribeHostsSetting, DescribeIdentifications, DescribeJustInTimeTranscodeTemplates, DescribeL4Proxy, DescribeL4ProxyRules, DescribeL7AccRules, DescribeLoadBalancerList, DescribeMultiPathGateways, DescribeOriginProtection, DescribePlans, DescribeRules.

Name	Type	Required	Description
Name	String	Yes	Fields to be filtered.
Values	Array of String	Yes	Value of the filtered field.

FirstPartConfig

The configuration to detect slow attacks based on the transfer period the first 8 KB of requests

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Switch. valid values:. `on`: Enable; off: Disable.
StatTime	Integer	No	The statistical period of the first segment packet is in seconds. expect the duration to be 5 seconds by default.

FollowOrigin

Following origin server configuration for caching.

Used by actions: CreateL7AccRules, DescribeHostsSetting, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable the configuration of following the origin server. Valid values: `on`: Enable `off`: Disable
DefaultCache	String	No	Whether to cache when an origin server does not return the cache-control header. this field is required when switch is on; when switch is off, this field is not required and will be ineffective if filled. valid values:. On: cache; . Off: do not cache. .
DefaultCacheStrategy	String	No	Whether to use the default caching policy when an origin server does not return the cache-control header. this field is required when defaultcache is set to on; otherwise, it is ineffective. when defaultcachetime is not 0, this field should be off. valid values:. On: use the default caching policy. . Off: do not use the default caching policy. .
DefaultCacheTime	Integer	No	The default cache time in seconds when an origin server does not return the cache-control header. the value ranges from 0 to 315360000. this field is required when defaultcache is set to on; otherwise, it is ineffective. when defaultcachestrategy is on, this field should be 0.

ForceRedirect

Forced HTTPS redirect configuration for access protocols.

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable force HTTPS redirect. Values: `on`: Enable `off`: Disable
RedirectStatusCode	Integer	No	Redirection status code. valid values:. `301`: 301 redirect . `302`: 302 redirect .

ForceRedirectHTTPSParameters

Forced HTTPS redirect configuration for access protocols.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable forced redirect configuration switch. values:. `On`: enable; . Off: disable. .
RedirectStatusCode	Integer	No	Redirection status code. this field is required when switch is on; otherwise, it is not effective. valid values are:. `301`: 301 redirect; . `302`: 302 redirect. .

Function

Details of an edge function.

Used by actions: DescribeFunctions.

Name	Type	Description
FunctionId	String	Function ID.
ZoneId	String	Zone ID.
Name	String	Function name.
Remark	String	Function description.
Content	String	Function content.
Domain	String	Default domain name of a function.
CreateTime	String	Creation time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.
UpdateTime	String	Modification time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.

FunctionEnvironmentVariable

Environment variables of an edge function

Used by actions: DescribeFunctionRuntimeEnvironment, HandleFunctionRuntimeEnvironment.

Name	Type	Required	Description
Key	String	Yes	Variable name, which should be unique and can only contain uppercase and lowercase letters, digits, and special characters including at signs (@), periods (.), hyphens (-), and underscores (_). Its maximum size is 64 bytes.
Value	String	No	Variable value. Its maximum size is 5000 bytes. The default value is empty.
Type	String	No	Variable type. Valid values: string: string type; json: JSON object type. Default value: string.

FunctionRule

Trigger rules for an edge function

Used by actions: DescribeFunctionRules.

Name	Type	Description
RuleId	String	Rule ID.
FunctionRuleConditions	Array of FunctionRuleCondition	Rule condition list. There is an OR relationship between items in the list.
FunctionId	String	Function ID, specifying a function executed when a trigger rule condition is met.
Remark	String	Rule description.
FunctionName	String	Function name.
Priority	Integer	Priority of a trigger rule for a function. The larger the value, the higher the priority.
CreateTime	Timestamp ISO8601	Creation time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.
UpdateTime	Timestamp ISO8601	Update time, which adopts Coordinated Universal Time (UTC) and follows the date and time format of the ISO 8601 standard.

FunctionRuleCondition

Condition of a trigger rule for an edge function.

Used by actions: CreateFunctionRule, DescribeFunctionRules, ModifyFunctionRule.

Name	Type	Required	Description
RuleConditions	Array of RuleCondition	Yes	Condition of a trigger rule for an edge function. This condition is considered met if all items in the list are met.

GatewayRegion

Multi-Channel security gateway available region.

Used by actions: DescribeMultiPathGatewayRegions.

Name	Type	Description
RegionId	String	Region ID.
CNName	String	Chinese region name.
ENName	String	English name of the region.

Grpc

Configuration of gRPC support

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable gRPC support. Valid values: `on`: Enable; `off`: Disable.

GrpcParameters

gRPC configuration item.

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable grpc. values:. `On`: enable; . Off: disable. .

HSTSParameters

HSTS configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable hsts. values:. `On`: enable; . Off: disable. .
Timeout	Integer	No	Cache hsts header time, unit: seconds. value range: 1-31536000. note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled.
IncludeSubDomains	String	No	Whether to allow other subdomains to inherit the same hsts header. values:. On: allows other subdomains to inherit the same hsts header. . Off: does not allow other subdomains to inherit the same hsts header. note: when switch is on, this field is required; when switch is off, this field is not required and will not take effect if filled.
Preload	String	No	Whether to allow the browser to preload the hsts header. valid values:. On: allows the browser to preload the hsts header. . Off: does not allow the browser to preload the hsts header. note: when switch is on, this field is required; when switch is off, this field is not required and will not take effect if filled.

HTTP2Parameters

HTTP2 integration configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable http2 access. values:. `On`: enable; . Off: disable. .

HTTPResponseParameters

HTTP response configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
StatusCode	Integer	No	Response status code. supports 2xx, 4xx, 5xx, excluding 499, 514, 101, 301, 302, 303, 509, 520-599.
ResponsePage	String	No	Response page id.

HTTPUpstreamTimeoutParameters

Layer-7 origin-pull timeout configuration.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
ResponseTimeout	Integer	No	HTTP response timeout in seconds. value range: 5–600.

HTTP header, used as input for the CreatePrefetchTask API

Used by actions: CreatePrefetchTask, CreateRealtimeLogDeliveryTask, ModifyRealtimeLogDeliveryTask.

Name	Type	Required	Description
Name	String	Yes	HTTP header name.
Value	String	Yes	HTTP header value

HeaderAction

HTTP header setting rules.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Action	String	Yes	HTTP header setting methods. valid values are:. `Set`: sets a value for an existing header parameter; . `Del`: deletes a header parameter; . `Add`: adds a header parameter. .
Name	String	Yes	HTTP header name.
Value	String	No	HTTP header value. this parameter is required when the action is set to `set` or `add`; it is optional when the action is set to `del`.

HealthChecker

LoadBalancer health check policy.

Used by actions: CreateLoadBalancer, DescribeLoadBalancerList, ModifyLoadBalancer.

Name	Type	Required	Description
Type	String	Yes	Health check policy. Valid values: HTTP. HTTPS. TCP. UDP. ICMP Ping. NoCheck. Note: NoCheck means the health check policy is not enabled.
Port	Integer	No	Check port, which is required when Type = HTTP, Type = HTTPS, Type = TCP, or Type = UDP.
Interval	Integer	No	Check frequency, in seconds. It indicates how often a health check task is initiated. Valid values: 30, 60, 180, 300, 600.
Timeout	Integer	No	Timeout for each health check, in seconds. If the health check time exceeds this value, the check result is determined as "unhealthy". The default value is 5s, and the value should be less than Interval.
HealthThreshold	Integer	No	Healthy state threshold, in the number of times. It indicates that if the consecutive health check results are "healthy" for a certain number of times, an origin server is considered "healthy". The default value is 3 times, with the minimum value of 1 time.
CriticalThreshold	Integer	No	Unhealthy state threshold, in the number of times. It indicates that if the consecutive health check results are "unhealthy" for a certain number of times, an origin server is considered "unhealthy". The default value is 2 times.
Path	String	No	Probe path. This parameter is valid only when Type = HTTP or Type = HTTPS. It needs to include the complete host/path and should not contain a protocol, for example, www.example.com/test.
Method	String	No	Request method. This parameter is valid only when Type = HTTP or Type = HTTPS. Valid values: GET. HEAD.
ExpectedCodes	Array of String	No	The status codes used to determine that the probe result is healthy when the probe node initiates a health check to an origin server. This parameter is valid only when Type = HTTP or Type = HTTPS.
Headers	Array of CustomizedHeader	No	The custom HTTP request header carried by a probe request, with a maximum value of 10. This parameter is valid only when Type = HTTP or Type = HTTPS.
FollowRedirect	String	No	Whether to follow 301/302 redirect. When enabled, 301/302 is considered a "healthy" status code, redirecting 3 times by default. This parameter is valid only when Type = HTTP or Type = HTTPS.
SendContext	String	No	The content sent by a health check. Only ASCII visible characters are allowed, with up to 500 characters. This parameter is valid only when Type = UDP.
RecvContext	String	No	The expected return result from an origin server during health check. Only ASCII visible characters are allowed, with up to 500 characters. This parameter is valid only when Type = UDP.

HostHeaderParameters

Host Header Rewrite configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Action	String	No	Action to be executed. values:. FollowOrigin: follow origin server domain name; . `Custom`: custom .
ServerName	String	No	Host header rewrite requires a complete domain name. note: this field is required when switch is on; when switch is off, this field is not required and any value will be ignored.

HostName

Access URL redirect HostName configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Action	String	No	Target hostname configuration, valid values are:. `Follow`: follow the request; . `Custom`: custom .
Value	String	No	Custom value for target hostname, maximum length is 1024. note: when action is custom, this field is required; when action is follow, this field is not effective.

Hsts

HSTS configuration

Used by actions: DescribeHostsSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable the configuration. Values: `on`: Enable `off`: Disable
MaxAge	Integer	No	MaxAge value. expressed in seconds, maximum value is 1 day.
IncludeSubDomains	String	No	Specifies whether the subdomain is included. valid values:. `on`: Enable; off: Disable.
Preload	String	No	Whether to enable preloading. valid values:. `on`: Enable; off: Disable.

HttpDDoSProtection

HTTP DDOS protection configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
AdaptiveFrequencyControl	AdaptiveFrequencyControl	No	Specifies the specific configuration of adaptive frequency control.
ClientFiltering	ClientFiltering	No	Specifies the intelligent client filter configuration.
BandwidthAbuseDefense	BandwidthAbuseDefense	No	Specifies the specific configuration for bandwidth abuse protection.
SlowAttackDefense	SlowAttackDefense	No	Specifies the configuration of slow attack protection.

Https

Domain name HTTPS acceleration configuration. This is disabled by default.

Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Http2	String	No	http2 configuration switch. valid values:. `on`: Enable; off: Disable.
OcspStapling	String	No	OCSP configuration switch. valid values:. `on`: Enable; off: Disable.
TlsVersion	Array of String	No	Tls version settings. valid values:. TLSv1: specifies the tlsv1 version. . TLSv1.1: specifies the tlsv1.1 version. . TLSv1.2: specifies the tlsv1.2 version. . TLSv1.3: specifies the tlsv1.3 version. consecutive versions must be enabled when modifying. .
Hsts	Hsts	No	HSTS Configuration Note: This field may return null, indicating that no valid values can be obtained.
CertInfo	Array of ServerCertInfo	No	The certificate configuration. Note: This field may return null, indicating that no valid values can be obtained.
ApplyType	String	No	Application type. valid values:. `apply`: managed by EdgeOne. . `none`: not managed by EdgeOne. if it is left empty, the default value `none` is used.
CipherSuite	String	No	The cipher suite, with valid values:. loose-v2023: provides high compatibility with general security, and supports TLS 1.0-1.3 cipher suites; . general-v2023: provides relatively high compatibility with moderate security, and supports TLS 1.2-1.3 cipher suites. . strict-v2023: provides high security, disables all cipher suites with security risks, and supports TLS 1.2-1.3 cipher suites. .

IPExpireInfo

Stores the scheduled expiration time and corresponding IP.

Used by actions: CreateSecurityIPGroup, DescribeSecurityIPGroup, DescribeSecurityIPGroupInfo, ModifySecurityIPGroup.

Name	Type	Required	Description
ExpireTime	Timestamp ISO8601	No	Scheduled expiration time, following the ISO 8601 standard date and time format, such as "2022-01-01T00:00:00+08:00".
IPList	Array of String	No	IP list. supports ip and ip range.

IPGroup

IP range group

Used by actions: CreateSecurityIPGroup, DescribeSecurityIPGroup, DescribeSecurityIPGroupInfo, ModifySecurityIPGroup.

Name	Type	Required	Description
GroupId	Integer	Yes	Group ID. Enter `0`.
Name	String	Yes	Group name.
Content	Array of String	Yes	IP group content, supports ip and ip range.
IPTotalCount	Integer	No	Number of ips or ranges in effect in the IP group. valid as an output parameter, no need to specify this field as an input parameter.
IPExpireInfo	Array of IPExpireInfo	No	Specifies the scheduled expiration information of the IP. Specifies the IP address or IP range configuration with scheduled expiration time as an input parameter. As an output parameter, contains the following two categories of information. Currently not expired scheduled expiration information: expiration configuration not triggered. . Scheduled expiration information expired within a week: cache expiration configuration has been triggered. .

IPRegionInfo

IP location information query

Used by actions: DescribeIPRegion.

Name	Type	Description
IP	String	IP address, IPV4 or IPV6.
IsEdgeOneIP	String	Whether the IP belongs to an EdgeOne node. Valid values: yes: This IP belongs to an EdgeOne node; no: This IP does not belong to an EdgeOne node.

IPWhitelist

Intermediate IPs

Used by actions: DescribeOriginProtection.

Name	Type	Description
IPv4	Array of String	List of IPv4 addresses
IPv6	Array of String	List of IPv6 addresses

IPv6Parameters

IPv6 access configuration.

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable ipv6 access functionality. valid values:. `On`: enable ipv6 access; . `Off`: disable ipv6 access feature. .

Identification

The site verification information

Used by actions: DescribeIdentifications.

Name	Type	Description
ZoneName	String	The site name.
Domain	String	The subdomain name to be verified. to verify the ownership of a site, leave it blank.
Status	String	The verification status. Values: `pending`: The verification is ongoing. `finished`: The verification completed.
Ascription	AscriptionInfo	Details of the DNS record.
OriginalNameServers	Array of String	Specifies the current NS record of the domain name.
FileAscription	FileAscriptionInfo	Details of the verification file.

ImageOptimize

Image optimization configuration.

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable configuration. Values: `on`: Enable `off`: Disable

IntelligenceRule

Bot intelligence rules

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	No	Switch. valid values:. `on`: Enable; off: Disable.
IntelligenceRuleItems	Array of IntelligenceRuleItem	No	Specifies the rule detail.

IntelligenceRuleItem

Bot intelligence rule items

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Label	String	Yes	The tag to categorize bots. Values: `evil_bot`: Malicious bot `suspect_bot`: Suspected bot `good_bot`: Good bot `normal`: Normal request
Action	String	Yes	The action taken on bots. Values `drop`: Block `trans`: Allow `alg`: JavaScript challenge `captcha`: Managed challenge `monitor`: Observe

IpTableConfig

IP/Region blocklist/allowlist configuration

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Switch. valid values:. `on`: Enable; off: disabled; .
IpTableRules	Array of IpTableRule	No	Basic control rules. if null, historical configuration is used by default.

IpTableRule

IP blocklist/allowlist rule details

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Action	String	Yes	The action. Values: `drop`: Block `trans`: Allow `monitor`: Observe
MatchFrom	String	Yes	The matching dimension. Values: `ip`: Match by IP. `area`: Match by IP region.
Operator	String	No	Matching method. It defaults to `equal` if it’s left empty. Values: `is_empty`: The field is empty. `not_exists`: The configuration item does not exist. `include`: Include `not_include`: Do not include `equal`: Equal to `not_equal`: Not equal to Note: This field may return null, indicating that no valid values can be obtained.
RuleID	Integer	No	The rule ID, which is only used as an output parameter.
UpdateTime	Timestamp ISO8601	No	The update time, which is only used as an output parameter.
Status	String	No	The rule status. A null value indicates that the rule is enabled. Values: `on`: Enabled `off`: Disabled Note: This field may return null, indicating that no valid values can be obtained.
RuleName	String	No	Specifies the rule name.
MatchContent	String	No	Matching content. It’s not required when `Operator` is `is_emty` or `not_exists`.

Ipv6

The IPv6 access configuration.

Used by actions: CreateApplicationProxy, DescribeApplicationProxies, DescribeHostsSetting, DescribeZoneSetting, ModifyApplicationProxy, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable IPv6 access. Valid values: `on`: Enable; `off`: Disable.

JITVideoProcess

Just-in-time media processing configuration.

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Just-in-time media processing configuration switch. Valid values: on: Enable. off: Disable.

JSInjectionRule

JavaScript injection rule.

Used by actions: CreateSecurityJSInjectionRule, DescribeSecurityJSInjectionRule, ModifySecurityJSInjectionRule.

Name	Type	Required	Description
RuleId	String	No	Rule ID.
Name	String	No	Rule name
Priority	Integer	No	Rule priority. a smaller value indicates higher priority execution. value range: 0-100. default value is 0.
Condition	String	No	Specifies the match condition content, which must comply with the expression grammar. please refer to the product document for detailed requirements.
InjectJS	String	No	JavaScript injection option. default value: run-attestations. valid values:. no-injection: specifies not to inject JavaScript. . inject-sdk-only: injects sdks for all currently supported authentication methods. currently supported: TC-RCE and TC-CAPTCHA. note: to execute authentication detection, configure challenge rules. .

JustInTimeTranscodeTemplate

Just-In-Time transcoding template description.

Used by actions: DescribeJustInTimeTranscodeTemplates.

Name	Type	Description
TemplateId	String	Unique identifier of the instant transcoding template.
TemplateName	String	Specifies the transcoding template name.
Comment	String	Template description information.
Type	String	Template type. valid values: preset: system-preset template; custom: user-defined template. .
VideoStreamSwitch	String	Enable video stream. valid values: on: turn on; off: turn off. .
AudioStreamSwitch	String	Enable audio stream. valid values: on: enable; off: disable. .
VideoTemplate	VideoTemplateInfo	Video stream configuration parameters. this field is valid only when VideoStreamSwitch is on.
AudioTemplate	AudioTemplateInfo	Audio stream configuration parameters. specifies this field is valid only when AudioStreamSwitch is on.
CreateTime	String	Template creation time. uses ISO date format.
UpdateTime	String	Template last modified time. uses ISO date format.

L4OfflineLog

The L7 log details

Used by actions: DownloadL4Logs.

Name	Type	Description
ProxyId	String	L4 proxy instance ID.
Area	String	Log query area. Valid values: `mainland`: Chinese mainland; `overseas`: Global (outside the Chinese mainland).
LogPacketName	String	Log packet name.
Url	String	Log download address.
LogTime	Integer	(Disused) Log packaging time.
LogStartTime	Timestamp ISO8601	Start time of log packaging.
LogEndTime	Timestamp ISO8601	End time of the log package.
Size	Integer	Log size (in bytes).

L4Proxy

Layer 4 proxy instance.

Used by actions: DescribeL4Proxy.

Name	Type	Required	Description
ZoneId	String	No	Zone ID.
ProxyId	String	No	Layer 4 proxy instance ID.
ProxyName	String	No	Layer 4 proxy instance name.
Area	String	No	Acceleration zone of the Layer 4 proxy instance. mainland: Availability zone in the Chinese mainland; overseas: Global availability zone (excluding the Chinese mainland); global: Global availability zone.
Cname	String	No	Access via CNAME.
Ips	Array of String	No	After the fixed IP address is enabled, this value will return the corresponding access IP address; if it is not enabled, this value will be empty.
Status	String	No	Status of the Layer 4 proxy instance. online: Enabled; offline: Disabled; progress: Deploying; stopping: Disabling; banned: Blocked; fail: Failed to deploy or disable.
Ipv6	String	No	Specifies whether to enable IPv6 access. on: Enable; off: Disable.
StaticIp	String	No	Specifies whether to enable the fixed IP address. on: Enable; off: Disable.
AccelerateMainland	String	No	Specifies whether to enable network optimization in the Chinese mainland. on: Enable off: Disable
DDosProtectionConfig	DDosProtectionConfig	No	Security protection configuration. Note: This field may return null, indicating that no valid value can be obtained.
L4ProxyRuleCount	Integer	No	Number of forwarding rules under the Layer 4 proxy instance.
UpdateTime	Timestamp ISO8601	No	Latest modification time.

L4ProxyRemoteAuth

L4 remote authentication information.

Used by actions: CreateL4ProxyRules, DescribeL4ProxyRules, ModifyL4ProxyRules.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable L4 remote authentication. Valid values: on: Enable; off: Disable.
Address	String	Yes	Remote authentication service address, in the format of domain/ip:port, such as example.auth.com:8888.
ServerFaultyBehavior	String	Yes	Default origin-pull behavior based on L4 forwarding rules after the remote authentication service is disabled. Valid values: reject: Block and deny access; allow: Allow access.

L4ProxyRule

Details of Layer 4 proxy forwarding rules.

Used by actions: CreateL4ProxyRules, DescribeL4ProxyRules, ModifyL4ProxyRules.

Name	Type	Required	Description
RuleId	String	No	Forwarding rule ID. Note: Do not fill in this parameter when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it must be filled in when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules.
Protocol	String	No	Forwarding protocol. Valid values: TCP: TCP protocol; UDP: UDP protocol. Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
PortRange	Array of String	No	Forwarding port, which can be set as follows: A single port, such as 80; A range of ports, such as 81-85, representing ports 81, 82, 83, 84, 85. Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
OriginType	String	No	Origin server type. Valid values: IP_DOMAIN: IP/Domain name origin server; ORIGIN_GROUP: Origin server group; LB: Cloud Load Balancer, currently only open to the allowlist. Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
OriginValue	Array of String	No	Origin server address. When OriginType is set to IP_DOMAIN, enter the IP address or domain name, such as 8.8.8.8 or test.com; When OriginType is set to ORIGIN_GROUP, enter the origin server group ID, such as og-537y24vf5b41; When OriginType is set to LB, enter the Cloud Load Balancer instance ID, such as lb-2qwk30xf7s9g. Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
OriginPortRange	String	No	Origin server port, which can be set as follows: A single port, such as 80; A range of ports, such as 81-85, representing ports 81, 82, 83, 84, 85. When inputting a range of ports, ensure that the length corresponds with that of the forwarding port range. For example, if the forwarding port range is 80-90, this port range should be 90-100. Note: This parameter must be filled in when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
ClientIPPassThroughMode	String	No	Transmission of the client IP address. Valid values: TOA: Available only when Protocol=TCP; PPV1: Transmission via Proxy Protocol V1. Available only when Protocol=TCP; PPV2: Transmission via Proxy Protocol V2; SPP: Transmission via Simple Proxy Protocol. Available only when Protocol=UDP; OFF: No transmission. Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules, and if not specified, the default value OFF will be used; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
SessionPersist	String	No	Specifies whether to enable session persistence. Valid values: on: Enable; off: Disable. Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules, and if not specified, the default value off will be used; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
SessionPersistTime	Integer	No	Session persistence period, with a range of 30-3600, measured in seconds. Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules. It is valid only when SessionPersist is set to on and defaults to 3600 if not specified. It is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
RuleTag	String	No	Rule tag. Accepts 1-50 arbitrary characters. Note: This parameter is optional when L4ProxyRule is used as an input parameter in CreateL4ProxyRules; it is optional when L4ProxyRule is used as an input parameter in ModifyL4ProxyRules. If not specified, it will retain its existing value.
Status	String	No	Rule status. Valid values: online: Enabled; offline: Disabled; progress: Deploying; stopping: Disabling; fail: Failed to deploy or disable. Note: Do not set this parameter when L4ProxyRule is used as an input parameter in CreateL4ProxyRules and ModifyL4ProxyRules.
BuId	String	No	BuID.
RemoteAuth	L4ProxyRemoteAuth	No	Remote authentication information. Note: RemoteAuth cannot be used as an input parameter in CreateL4ProxyRules or ModifyL4ProxyRules. If this parameter is input, it will be ignored. If the returned data of DescribeL4ProxyRules is empty, it indicates that remote authentication is disabled. Note: This field may return null, which indicates a failure to obtain a valid value.

L7OfflineLog

Details of L7 logs.

Used by actions: DownloadL7Logs.

Name	Type	Description
Domain	String	Log domain name.
Area	String	Log query area. Valid values: `mainland`: Chinese mainland; `overseas`: Global (outside the Chinese mainland).
LogPacketName	String	Log packet name.
Url	String	Log download address.
LogTime	Integer	(Disused) Log packaging time.
LogStartTime	Timestamp ISO8601	Start time of log packaging.
LogEndTime	Timestamp ISO8601	End time of the log package.
Size	Integer	Original log size (in bytes).

LoadBalancer

LoadBalancer information.

Used by actions: DescribeLoadBalancerList.

Name	Type	Description
InstanceId	String	LoadBalancer ID.
Name	String	LoadBalancer name, which can contain 1 to 200 characters, including a-z, A-Z, 0-9, underscores (_), and hyphens (-).
Type	String	LoadBalancer type. Valid values: HTTP: HTTP-specific LoadBalancer. It supports adding HTTP-specific and general origin server groups. It can only be referenced by site acceleration services (such as domain name service and rule engine). GENERAL: general LoadBalancer. It only supports adding general origin server groups. It can be referenced by site acceleration services (such as domain name service and rule engine) and Layer-4 proxy.
HealthChecker	HealthChecker	Health check policy. For details, refer to Health Check Policies.
SteeringPolicy	String	Traffic scheduling policy among origin server groups. Valid values: Priority: Perform failover according to priority.
FailoverPolicy	String	Request retry policy when access to an origin server fails. For details, refer to Introduction to Request Retry Strategy. Valid values: OtherOriginGroup: After a single request fails, retry with another origin server within the next lower priority origin server group. OtherRecordInOriginGroup: After a single request fails, retry with another origin server within the same origin server group.
OriginGroupHealthStatus	Array of OriginGroupHealthStatus	Origin server group health status.
Status	String	LoadBalancer status. Valid values: Pending: deploying. Deleting: deleting. Running: effective.
L4UsedList	Array of String	Specifies the list of l4 proxy instances bound to the load balancing instance.
L7UsedList	Array of String	List of Layer-7 domain names bound to a LoadBalancer.

LogFormat

Output format for real-time log delivery. You can directly use the specified predefined log output format (JSON Lines / csv) through the FormatType parameter, or define a variant output format through additional parameters based on the predefined log output format.

Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

Name	Type	Required	Description
FormatType	String	Yes	Predefined output format for log shipping. Valid values: json: Use JSON Lines as the predefined log output format. In each log entry, fields are displayed as key-value pairs. csv: Use the predefined log output format csv, where each log entry only is presented as field values only, excluding field names.
BatchPrefix	String	No	A string added before each log delivery batch. Each log delivery batch may contain multiple log records.
BatchSuffix	String	No	A string appended after each log delivery batch.
RecordPrefix	String	No	A string added before each log record.
RecordSuffix	String	No	A string appended after each log record.
RecordDelimiter	String	No	A string inserted between log records as a separator. Valid values: \n: line break; \t: tab character; ,: Half-width comma.
FieldDelimiter	String	No	A string inserted between fields as a separator within a single log record. Valid values: \t: tab character; ,: half-width comma; ;: Half-width semicolon.

ManagedRuleAction

Action for specific RuleId.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
RuleId	String	Yes	Specific items under ManagedRuleGroup, used to rewrite the configuration of this individual rule item, refer to product documentation for details.
Action	SecurityAction	Yes	Action for the managed rule item specified by RuleId, the SecurityAction Name parameter supports: `Deny`: block and respond with an block page; `Monitor`: observe, do not process the request and record the security event in logs; `Disabled`: disabled, do not scan the request and skip this rule. .

ManagedRuleAutoUpdate

Managed rule automatic update option.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
AutoUpdateToLatestVersion	String	Yes	Enable automatic update to the latest version or not. Values: `on`: enabled `off`: disabled .
RulesetVersion	String	No	Current version, compliant with ISO 8601 standard format, such as 2023-12-21T12:00:32Z, empty by default, output parameter only.

ManagedRuleDetail

Managed rule detail.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
RuleId	String	No	Managed rule Id.
RiskLevel	String	No	Protection level of managed rules. Values: `low`: low risk, this rule has a relatively low risk and is applicable to very strict access scenarios, this level of rule may generate considerable false alarms. `medium`: medium risk, this means the risk of this rule is normal and is suitable for protection scenarios with stricter requirements. `high`: high risk, this indicates that the risk of this rule is relatively high and will not generate false alarms in most scenarios. `extreme`: ultra-high risk. this represents that the risk of this rule is extremely high and will not generate false alarms basically. .
Description	String	No	Rule description.
Tags	Array of String	No	Rule tag. Some types of rules do not have tags.
RuleVersion	String	No	Rule version.

ManagedRuleGroup

Managed rule group configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
GroupId	String	Yes	Name of the managed rule group, if the configuration for the rule group is not specified, it will be processed by default, refer to product documentation for the specific value of GroupId.
SensitivityLevel	String	Yes	Protection level of the managed rule group. Values: `loose`: lenient, only contain ultra-high risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `normal`: normal, contain ultra-high risk and high-risk rules, at this point,Action parameter needs configured instead of RuleActions parameter; `strict`: strict, contains ultra-high risk, high-risk and medium-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `extreme`: super strict, contains ultra-high risk, high-risk, medium-risk and low-risk rules, at this point, Action parameter needs configured instead of RuleActions parameter; `custom`: custom, refined strategy, configure the RuleActions parameter for each individual rule, at this point, the Action field is invalid, use RuleActions to configure the refined strategy for each individual rule. .
Action	SecurityAction	Yes	Action for ManagedRuleGroup. the Name parameter value of SecurityAction supports: `Deny`: block and respond with a block page; `Monitor`: observe, do not process requests and record security events in logs; `Disabled`: not enabled, do not scan requests and skip this rule. .
RuleActions	Array of ManagedRuleAction	No	Specific configuration of rule items under the managed rule group, valid only when SensitivityLevel is custom.
MetaData	ManagedRuleGroupMeta	No	ManagedRuleGroup detailed information, output parameter only.

ManagedRuleGroupMeta

Managed rule group meta information.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
GroupDetail	String	No	ManagedRuleGroup detailed information, output parameter only.
GroupName	String	No	ManagedRuleGroup name, output parameter only.
RuleDetails	Array of ManagedRuleDetail	No	All sub-rules information under current ManagedRuleGroup, output parameter only.

ManagedRules

Managed rules configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Enabled	String	Yes	The managed rule status. Values: `on`: enabled, all managed rules take effect as configured; `off`: disabled, all managed rules do not take effect. .
DetectionOnly	String	Yes	Evaluation mode is enabled or not, it is valid only when the `Enabled` parameter is set to `on`. Values: `on`: enabled, all managed rules take effect in `observe` mode. off: disabled, all managed rules take effect according to the specified configuration. .
SemanticAnalysis	String	No	Managed rule semantic analysis is enabled or not, it is valid only when the `Enabled` parameter is `on`. Values: `on`: enabled, perform semantic analysis before processing requests; `off`: disabled, process requests directly without semantic analysis. The default value is `off`.
AutoUpdate	ManagedRuleAutoUpdate	No	Managed rule automatic update option.
ManagedRuleGroups	Array of ManagedRuleGroup	No	Configuration of the managed rule group. If this structure is passed as an empty array or the GroupId is not included in the array, it will be processed based by default.

MaxAge

Browser cache rule configuration, which is used to set the default value of MaxAge and is disabled by default.

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
FollowOrigin	String	No	Whether to follow the origin server. Values: `on`: Follow the origin server and ignore the field MaxAgeTime; `off`: Do not follow the origin server and apply the field MaxAgeTime.
MaxAgeTime	Integer	No	MaxAge specifies the time setting in seconds. value range: 0–315360000. Specifies the time when the cache is disabled if set to 0.

MaxAgeParameters

Browser Cache TTL configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
FollowOrigin	String	No	Specifies whether to follow the origin server cache-control configuration, with the following values:. `On`: follow the origin server and ignore the field cachetime; . `Off`: do not follow the origin server and apply the field cachetime. .
CacheTime	Integer	No	Custom cache time value, unit: seconds. value range: 0-315360000. note: when followorigin is off, it means not following the origin server and using cachetime to set the cache time; otherwise, this field will not take effect.

MinimalRequestBodyTransferRate

Minimum minimum body transfer rate threshold configuration. ```.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
MinimalAvgTransferRateThreshold	String	Yes	Minimum body transfer rate threshold, the measurement unit is only supported in bps.
CountingPeriod	String	Yes	Minimum body transfer rate statistical time range, valid values: 10s: 10 seconds; 30s: 30 seconds; 60s: 60 seconds; 120s: 120 seconds. .
Enabled	String	Yes	Specifies whether the minimum body transfer rate threshold is enabled. valid values: on: enable; off: disable. .

ModifyOriginParameters

Modifying origin server configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
OriginType	String	No	The origin type. values:. IPDomain: ipv4, ipv6, or domain name type origin server; . OriginGroup: origin server group type origin server; . LoadBalance: cloud load balancer (clb), this feature is in beta test. to use it, please submit a ticket or contact smart customer service; . COS: tencent cloud COS origin server; . AWSS3: all object storage origin servers that support the aws s3 protocol. .
Origin	String	No	Origin server address, which varies according to the value of origintype:. When origintype = ipdomain, fill in an ipv4 address, an ipv6 address, or a domain name; . When origintype = cos, please fill in the access domain name of the cos bucket; . When origintype = awss3, fill in the access domain name of the s3 bucket; . When origintype = origingroup, fill in the origin server group id; . When origintype = loadbalance, fill in the cloud load balancer instance id. this feature is currently only available to the allowlist. .
OriginProtocol	String	No	Origin-Pull protocol configuration. this parameter is required when origintype is ipdomain, origingroup, or loadbalance. valid values are:. Http: use http protocol; . Https: use https protocol; . Follow: follow the protocol. .
HTTPOriginPort	Integer	No	The HTTP origin port, value ranges from 1 to 65535. this parameter is required when the origin-pull protocol OriginProtocol is HTTP or follow.
HTTPSOriginPort	Integer	No	The HTTPS origin port, value ranges from 1 to 65535. this parameter is required when the origin-pull protocol OriginProtocol is HTTPS or follow.
PrivateAccess	String	No	Specifies whether access to the private object storage origin server is allowed. this parameter is required when the origin server type OriginType is COS or AWSS3. valid values:. On: enable private authentication; . off: disable private authentication. .
PrivateParameters	OriginPrivateParameters	No	Private authentication parameter. this parameter is valid only when origintype = awss3 and privateaccess = on. Note: this field may return null, which indicates a failure to obtain a valid value.

ModifyRequestHeaderParameters

Modify HTTP request header configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
HeaderActions	Array of HeaderAction	No	List of http header setting rules. Note: this field may return null, which indicates a failure to obtain a valid value.

ModifyResponseHeaderParameters

Modify HTTP node response header configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
HeaderActions	Array of HeaderAction	No	HTTP origin-pull header rules list. Note: this field may return null, which indicates a failure to obtain a valid value.

MultiPathGateway

Multi-Channel security gateway details.

Used by actions: DescribeMultiPathGateway, DescribeMultiPathGateways.

Name	Type	Description
GatewayId	String	Specifies the gateway ID.
GatewayName	String	Gateway name.
GatewayType	String	Gateway type. valid values: Cloud: cloud gateway, created and managed by Tencent cloud. Private: private gateway, deployed by cutomer.
GatewayPort	Integer	Gateway port. value range: 1-65535 (excluding 8888).
Status	String	Gateway status. valid values: creating: The gateway is being created. online: The gateway is online and operational. offline: The gateway is offline and unavailable. disabled: The gateway has been disabled.
GatewayIP	String	Gateway IP, in IPv4 format.
RegionId	String	Gateway region Id. which can be obtained from the DescribeMultiPathGatewayRegions API.
Lines	Array of MultiPathGatewayLine	Line information. The line information will be returned when querying gateway information with DescribeMultiPathGateway ande not returned when querying the gateway list with DescribeMultiPathGateways.

MultiPathGatewayCurrentOriginACL

Describes the currently effective IP range for origin servers.

Used by actions: DescribeMultiPathGatewayOriginACL.

Name	Type	Required	Description
EntireAddresses	Addresses	No	Describes the IP range details for origin servers.
Version	Integer	No	Specifies the version number.
IsPlaned	String	No	This parameter records whether "i have updated to the latest origin IP range" is completed before taking effect. valid values:. true: confirms the update to the latest origin IP is completed. . false: indicates the update to the latest origin IP is not completed. . Note: when false is returned for this parameter, please confirm in time whether your origin server firewall configuration has been updated to the latest IP range to avoid origin-pull failure.

MultiPathGatewayLine

Multi-Channel security gateway line information.

Used by actions: DescribeMultiPathGateway, DescribeMultiPathGatewayLine, DescribeMultiPathGateways.

Name	Type	Description
LineId	String	line ID. where line-0 and line-1 are system-reserved IDs. valid values: line-0: direct connection line. Adding, editing, and deletion are not supported. line-1: EdgeOne layer-4 proxy line. Supports modifying instances and rules, but deletion is not supported. line-2 and above: EdgeOne layer-4 proxy lines or custom lines, supports modifying, deleting instances and rules.
LineType	String	Line type. valid values: direct: Direct connection line. Editing and deletion are not supported. . proxy: EdgeOne layer-4 proxy line, supports editing and modifying instances and rules, but deletion is not supported; custom: Custom line, supports editing and deletion.
LineAddress	String	Line address in the format host:port.
ProxyId	String	Layer-4 proxy instance ID,returned only when the LineType value is proxy (EdgeOne layer-4 proxy).
RuleId	String	Forwarding rule ID. returned only when the LineType value is proxy (EdgeOne layer-4 proxy).

MultiPathGatewayNextOriginACL

When the origin IP range is updated, this field will be returned with the next version's effective origin IP range, including a comparison with the currently effective origin IP range.

Used by actions: DescribeMultiPathGatewayOriginACL.

Name	Type	Required	Description
Version	Integer	No	Specifies the version number.
EntireAddresses	Addresses	No	Describes the IP range details for origin servers.
AddedAddresses	Addresses	No	The latest origin IP range newly added compared with the origin IP range in MultiPathGatewayCurrentOrginACL.
RemovedAddresses	Addresses	No	Specifies the latest IP address range removed from the origin IP range in MultiPathGatewayCurrentOrginACL compared with the original.
NoChangeAddresses	Addresses	No	The latest origin IP range unchanged compared with the origin IP range in MultiPathGatewayCurrentOrginACL.

MultiPathGatewayOriginACLInfo

Multi-Channel gateway example instance binding relationship with origin IP ranges and origin IP range details.

Used by actions: DescribeMultiPathGatewayOriginACL.

Name	Type	Required	Description
MultiPathGatewayCurrentOriginACL	MultiPathGatewayCurrentOriginACL	No	Describes the currently effective IP range for origin servers.
MultiPathGatewayNextOriginACL	MultiPathGatewayNextOriginACL	No	When the origin IP range is updated, this field will be returned with the next version's effective origin IP range, including a comparison with the current origin IP range. this field is empty if not updated.

MutualTLS

HTTPS Mutual authentication.

Used by actions: DescribeAccelerationDomains, ModifyHostsCertificate.

Name	Type	Required	Description
Switch	String	Yes	Mutual authentication configuration switch, the values are: on: enable; off: disable.
CertInfos	Array of CertificateInfo	No	Mutual authentication certificate list. Note: When using MutualTLS as an input parameter in ModifyHostsCertificate, you only need to provide the CertId of the corresponding certificate. You can check the CertId from the SSL Certificate List.

NetworkErrorLogging

Network Error Logging configuration.

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Specifies whether the Network Error Logging configuration is enabled. Valid values:. `on`: Enable; `off`: Disable.

NetworkErrorLoggingParameters

Network Error Logging configuration.

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Specifies whether Network Error Logging configuration is enabled. Valid values: `on`: Enable; `off`: Disable.

NextOriginACL

When origin ACLs are updated, this field will be returned with the next version of the IP range to take effect, including a comparison with the currently effective IP range.

Used by actions: DescribeOriginACL.

Name	Type	Required	Description
Version	String	No	Version number.
PlannedActiveTime	String	No	Version effective time, which adopts UTC+8 and follows the date and time format of the ISO 8601 standard.
EntireAddresses	Addresses	No	IP range details.
AddedAddresses	Addresses	No	The latest origin IP range newly-added compared with the origin IP range in CurrentOrginACL.
RemovedAddresses	Addresses	No	The latest origin IP range deleted compared with the origin IP range in CurrentOrginACL.
NoChangeAddresses	Addresses	No	The latest origin IP range is unchanged compared with the origin IP range in CurrentOrginACL.

NoCache

No-cache configuration

Used by actions: CreateL7AccRules, DescribeHostsSetting, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable no-cache configuration. Valid values: `on`: Enable `off`: Disable

NormalAction

Common action of the rule engine

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Action	String	Yes	Feature name. For details, see DescribeRulesSetting API
Parameters	Array of RuleNormalActionParams	Yes	Parameter

NsVerification

Information required for switching DNS servers. It's applicable to sites connected via NSs.

Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

Name	Type	Description
NameServers	Array of String	The DNS server address assigned to the user when connecting a site to EO via NS. You need to switch the NameServer of the domain name to this address.

OCSPStaplingParameters

OCSP stapling configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable ocsp stapling configuration switch. values:. `On`: enable; . Off: disable. .

OfflineCache

Offline cache feature status switch.

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether offline cache is enabled. Valid values: `on`: Enable `off`: Disable

OfflineCacheParameters

Offline cache feature status switch.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable offline caching. values:. `On`: enable; . Off: disable. .

Origin

The origin server configuration.

Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Origins	Array of String	No	Origin server list.
BackupOrigins	Array of String	No	Backup origin list.
OriginPullProtocol	String	No	Origin server protocol configuration. valid values:. Http: forced http back to source; . `Follow`: follow protocol. . Https: enforce https origin-pull. .
CosPrivateAccess	String	No	When the origin is tencent cloud COS, whether it is a private access bucket. valid values:. `on`: private network access; . `off`: public access. .

OriginACLEntity

Instances that require configuration origin ACLs.

Used by actions: ModifyOriginACL.

Name	Type	Required	Description
Type	String	Yes	Instance type. Valid values: -l7: L7 acceleration domain; -l4: L4 proxy instance.
Instances	Array of String	Yes	Instance detail. Valid values: -When Type = l7, please enter the L7 acceleration domain. -When Type = l4, please enter the L4 proxy instance ID.
OperationMode	String	Yes	Operation mode. Valid values:. - enable: enabled L7/L4 instances. - disable: disable L7/L4 instances.

OriginACLInfo

The binding relationship between L7 acceleration domains/L4 proxy instances and origin IP ranges, as well as origin IP range details.

Used by actions: DescribeOriginACL.

Name	Type	Required	Description
L7Hosts	Array of String	No	The list of L7 accelerated domains that enable the origin ACLs. This field is empty when origin protection is not enabled.
L4ProxyIds	Array of String	No	The list of L4 proxy instances that enable the origin ACLs. This field is empty when origin protection is not enabled.
CurrentOriginACL	CurrentOriginACL	No	Currently effective origin ACLs. This field is empty when origin protection is not enabled. Note: This field may return null, which indicates a failure to obtain a valid value.
NextOriginACL	NextOriginACL	No	When the origin ACLs are updated, this field will be returned with the next version's origin IP range to take effect, including a comparison with the current origin IP range. This field is empty if not updated or origin protection is not enabled. Note: This field may return null, which indicates a failure to obtain a valid value.
Status	String	No	Origin protection status. Vaild values: - online: in effect; - offline: disabled; - updating: configuration deployment in progress.

OriginDetail

Details of the origin.

Used by actions: DescribeAccelerationDomains.

Name	Type	Description
OriginType	String	Origin server type. Valid values: IP_DOMAIN: IPv4, IPv6, or domain name type origin server; COS: Tencent Cloud COS origin server; AWS_S3: AWS S3 COS origin server; ORIGIN_GROUP: origin server group; VOD: Video on Demand; SPACE: origin server uninstallation, currently only available to the allowlist; LB: load balancing. Currently only available to the allowlist.
Origin	String	Origin server address, which varies with the value of OriginType: When OriginType = IP_DOMAIN, this parameter is an IPv4 address, an IPv6 address, or a domain name. When OriginType = COS, this parameter is the access domain name of the COS bucket. When OriginType = AWS_S3, this parameter is the access domain name of the S3 bucket. When OriginType = ORIGIN_GROUP, this parameter is the origin server group ID. When OriginType = VOD, this parameter is the VOD application ID.
BackupOrigin	String	Secondary origin group ID. This parameter is valid only when OriginType is ORIGIN_GROUP and a secondary origin group is configured.
OriginGroupName	String	Primary origin group name. This parameter returns a value when OriginType is ORIGIN_GROUP.
BackOriginGroupName	String	Secondary origin group name. This parameter is valid only when OriginType is ORIGIN_GROUP and a secondary origin group is configured.
PrivateAccess	String	Whether access to the private object storage origin server is allowed. This parameter is valid only when the origin server type OriginType is COS or AWS_S3. Valid values: on: Enable private authentication; off: Disable private authentication. If this field is not specified, the default value 'off' will be used.
PrivateParameters	Array of PrivateParameter	Private authentication parameter. This parameter is valid only when PrivateAccess is on. Note: This field may return null, indicating that no valid values can be obtained.
HostHeader	String	Specifies the current configuration of the origin-pull HOST header.
VodOriginScope	String	VOD origin-pull range. this parameter returns a value when OriginType = VOD. valid values: all: all files in the VOD application corresponding to the current origin server. the default value is all; bucket: files in a specified bucket under the VOD application corresponding to the current origin server. specify the bucket by the VodBucketId parameter. .
VodBucketId	String	VOD bucket ID. this parameter is required when OriginType = VOD and VodOriginScope = bucket. data source: storage ID of the bucket under the VOD professional application.

OriginGroup

Origin group information.

Used by actions: DescribeOriginGroup.

Name	Type	Description
GroupId	String	The ID of the origin group.
Name	String	The name of the origin group.
Type	String	The origin group type. Values: `GENERAL`: General origin group `HTTP`: HTTP-specific origin group
Records	Array of OriginRecord	Details of the origin record.
References	Array of OriginGroupReference	List of instances referencing this origin group.
CreateTime	Timestamp ISO8601	Creation time of the origin group.
UpdateTime	Timestamp ISO8601	The update time of the origin group.
HostHeader	String	Specifies the origin-pull Host Header.

OriginGroupHealthStatus

Origin server group health status.

Used by actions: DescribeLoadBalancerList.

Name	Type	Description
OriginGroupID	String	Origin server group ID.
OriginGroupName	String	Origin server group name.
OriginType	String	Origin server group type. Valid values: HTTP: HTTP-specific. GENERAL: general.
Priority	String	Priority.
OriginHealthStatus	Array of OriginHealthStatus	Health status of each origin server in an origin server group.

OriginGroupHealthStatusDetail

Details of origin server group health status.

Used by actions: DescribeOriginGroupHealthStatus.

Name	Type	Description
OriginGroupId	String	Origin server group ID.
OriginHealthStatus	Array of OriginHealthStatus	The health status of each origin server in an origin server group, which is comprehensively decided based on the results of all detection regions. If more than half of the regions determine that the origin server is unhealthy, the corresponding status is unhealthy; otherwise, it is healthy.
CheckRegionHealthStatus	Array of CheckRegionHealthStatus	Health status of origin servers in each health check region.

OriginGroupInLoadBalancer

The origin server groups that need to be bound in a LoadBalancer and their priorities.

Used by actions: CreateLoadBalancer, ModifyLoadBalancer.

Name	Type	Required	Description
Priority	String	Yes	Priority, in the format of "priority_" + "number". The highest priority is "priority_1". Reference values: priority_1: first priority. priority_2: second priority. priority_3: third priority. You can increase numbers for other priorities, up to "priority_10".
OriginGroupId	String	Yes	Origin server group ID.

OriginGroupReference

Services referencing this origin group

Used by actions: DescribeOriginGroup.

Name	Type	Description
InstanceType	String	Services referencing the origin group. Values: `AccelerationDomain`: Acceleration domain name `RuleEngine`: Rules engine `Loadbalance`: Load balancer `ApplicationProxy`: L4 proxy
InstanceId	String	ID of the instances referencing the origin group
InstanceName	String	Name of the instance referencing the origin group

OriginHealthStatus

Health status of origin servers in an origin server group.

Used by actions: DescribeLoadBalancerList, DescribeOriginGroupHealthStatus.

Name	Type	Description
Origin	String	Origin server.
Healthy	String	Origin server health status. Valid values: Healthy: healthy. Unhealthy: unhealthy. Undetected: no data detected.

OriginInfo

Details of the origin.

Used by actions: CreateAccelerationDomain, ModifyAccelerationDomain.

Name	Type	Required	Description
OriginType	String	Yes	Origin server type, with values: IP_DOMAIN: IPv4, IPv6, or domain name type origin server; COS: Tencent Cloud COS origin server; AWS_S3: AWS S3 origin server; ORIGIN_GROUP: origin server group type origin server; VOD: Video on Demand; SPACE: origin server uninstallation. Currently only available to the allowlist; LB: load balancing. Currently only available to the allowlist.
Origin	String	Yes	Origin server address, which varies according to the value of OriginType: When OriginType = IP_DOMAIN, fill in an IPv4 address, an IPv6 address, or a domain name; When OriginType = COS, fill in the access domain name of the COS bucket; When OriginType = AWS_S3, fill in the access domain name of the S3 bucket; When OriginType = ORIGIN_GROUP, fill in the origin server group ID; When OriginType = VOD, fill in the VOD application ID; When OriginType = LB, fill in the Cloud Load Balancer instance ID. This feature is currently only available to the allowlist; When OriginType = SPACE, fill in the origin server uninstallation space ID. This feature is currently only available to the allowlist.
BackupOrigin	String	No	The ID of the secondary origin group. This parameter is valid only when OriginType is ORIGIN_GROUP. This field indicates the old version capability, which cannot be configured or modified on the control panel after being called. Please submit a ticket if required.
PrivateAccess	String	No	Whether access to the private Cloud Object Storage origin server is allowed. This parameter is valid only when OriginType is COS or AWS_S3. Valid values: on: Enable private authentication; off: Disable private authentication. If it is not specified, the default value is off.
PrivateParameters	Array of PrivateParameter	No	Private authentication parameter. This parameter is valid only when PrivateAccess is on.
HostHeader	String	No	Custom origin server HOST header. this parameter is valid only when OriginType=IP_DOMAIN.If the OriginType is another type of origin, this parameter does not need to be passed in, otherwise an error will be reported. If OriginType is COS or AWS_S3, the HOST header for origin-pull will remain consistent with the origin server domain name. If OriginType is ORIGIN_GROUP, the HOST header follows the ORIGIN site GROUP configuration. if not configured, it defaults to the acceleration domain name. If OriginType is VOD or SPACE, no configuration is required for this header, and the domain name takes effect based on the corresponding origin.
VodOriginScope	String	No	VOD origin-pull scope. this parameter is valid only when OriginType = VOD. valid values: all: all files in the VOD application corresponding to the current origin server. the default value is all; bucket: files in a specified bucket under the VOD application corresponding to the current origin server. specify the bucket by the parameter VodBucketId. .
VodBucketId	String	No	VOD bucket ID. this parameter is required when OriginType = VOD and VodOriginScope = bucket. data source: storage ID of the bucket under the VOD professional edition application.

OriginPrivateParameters

Private authentication parameters for Cloud Object Storage origin server.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
AccessKeyId	String	Yes	Authentication parameter access key id.
SecretAccessKey	String	Yes	Authentication parameter secret access key.
SignatureVersion	String	Yes	Authentication version. values:. V2: v2 version; . V4: v4 version. .
Region	String	No	Region of the bucket.

OriginProtectionInfo

Origin protection configuration

Used by actions: DescribeOriginProtection.

Name	Type	Description
ZoneId	String	ID of the site.
Hosts	Array of String	List of domain names.
ProxyIds	Array of String	List of proxy IDs.
CurrentIPWhitelist	IPWhitelist	The existing intermediate IPs. Note: This field may return `null`, indicating that no valid values can be obtained.
NeedUpdate	Boolean	Whether the intermediate IP update is needed for the site. Values: `true`: Update needed; `false`: Update not needed.
Status	String	Status of the origin protection configuration. Values: `online`: Origin protection is activated; `offline`: Origin protection is disabled. `nonactivate`: Origin protection is not activated. This value is returned only when the feature is not activated before it’s used.
PlanSupport	Boolean	Whether origin protection is supported in the plan. Values: `true`: Origin protection supported; `false`: Origin protection not supported.
DiffIPWhitelist	DiffIPWhitelist	Differences between the latest and existing intermediate IPs. Note: This field may return `null`, indicating that no valid values can be obtained.

OriginPullProtocolParameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Protocol	String	No

OriginRecord

Origin group record

Used by actions: CreateOriginGroup, DescribeOriginGroup, ModifyOriginGroup.

Name	Type	Required	Description
Record	String	Yes	The origin record value, which can be an IPv4/IPv6 address or a domain name.
Type	String	No	The origin type. Values: `IP_DOMAIN`: IPv4/IPv6 address or domain name `COS`: COS bucket address `AWS_S3`: AWS S3 bucket address
RecordId	String	No	The origin record ID.
Weight	Integer	No	Weight of an origin. Range: 0-100. If it is not specified, a random weight is assigned. If `0` is passed in, there is no traffic scheduled to this origin. Note: This field may return·null, indicating that no valid values can be obtained.
Private	Boolean	No	Whether to enable private authentication. It is valid when `OriginType=COS/AWS_S3`. Values: `true`: Yes. `false`: No. Default: `false`.
PrivateParameters	Array of PrivateParameter	No	Private authentication parameters. This field is valid when `Private=true`.

OwnershipVerification

Information of domain name ownership verification.

Used by actions: CreateAccelerationDomain, CreateZone, DescribeAccelerationDomains, DescribeZones.

Name	Type	Description
DnsVerification	DnsVerification	CNAME, when there is no domain name access, the information required for DNS resolution verification is used. For details, refer to Site/Domain Ownership Verification . Note: This field may return null, which indicates a failure to obtain a valid value.
FileVerification	FileVerification	CNAME, when there is no domain name access, the information required for file verification is used. For details, refer to Site/Domain Ownership Verification . Note: This field may return null, which indicates a failure to obtain a valid value.
NsVerification	NsVerification	u200cInformation required for switching DNS servers. It's applicable to sites connected via NSs. For details, see Modifying DNS Server. Note: This field may return·null, indicating that no valid values can be obtained.

PartialModule

Module settings of the exception rule

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Module	String	No	Module name. value is. managed-rule: managed rule Id; . Managed-Group: managed rule group; . `waf`: to be deprecated, managed rule. .
Include	Array of Integer	No	Specifies the list of rule ids that require exceptions under the module.

Plan

Package information.

Used by actions: DescribePlans.

Name	Type	Description
PlanType	String	Package type. valid values:. `Plan-Trial`: trial plan . `Plan-Personal`: personal plan . `Plan-Basic`: basic plan . `Plan-Standard`: standard edition plan . plan-enterprise-v2: enterprise plan; . plan-enterprise-model-a: enterprise edition model a package. . Plan-Enterprise: legacy enterprise plan. .
PlanId	String	Package ID. such as edgeone-2y041pblwaxe.
Area	String	Service area. valid values:. `Mainland`: chinese mainland . `overseas`: global (chinese mainland not included) . `Global`: global (chinese mainland included) .
AutoRenewal	Boolean	Auto-Renew switch. valid values:. true: automatic renewal is enabled. . false: automatic renewal is not enabled. .
Status	String	Package status. valid values:. Normal: indicates the normal status. . `expiring-soon`: will expire soon; . `expired`: expiration status; . `Isolated`: isolated state . `overdue-isolated`: arrears isolated state. .
PayMode	Integer	Payment type. valid values:. 0: postpaid; . 1: prepaid. .
ZonesInfo	Array of ZoneInfo	Describes the site information bound to the package, including the site id, site name, and site status.
SmartRequestCapacity	Integer	Smart acceleration request quantity in the package, unit: times.
VAUCapacity	Integer	Specifies the VAU specification in the package. measurement unit: unit.
AccTrafficCapacity	Integer	Specifies the content acceleration traffic specification in the package, measurement unit: byte.
SmartTrafficCapacity	Integer	Specifies the smart acceleration traffic specification in the package. measurement unit: byte.
DDoSTrafficCapacity	Integer	Specifies the DDoS protection traffic specification in the package, measurement unit: byte.
SecTrafficCapacity	Integer	Security traffic specification in the package. measurement unit: byte.
SecRequestCapacity	Integer	Security requests in the package, unit: times.
L4TrafficCapacity	Integer	Specifies the layer 4 acceleration traffic specification in the package, measurement unit: byte.
CrossMLCTrafficCapacity	Integer	Specifies the network optimization traffic specification in the package for the chinese mainland, measurement unit: byte.
Bindable	String	Specifies whether the package allows binding to new sites. valid values:. true: allows binding a new site. . `false`: cannot bind new sites. .
EnabledTime	Timestamp ISO8601	Package activation time.
ExpiredTime	Timestamp ISO8601	Plan expiration time.
Features	Array of String	Supported features of the package include: ContentAcceleration: content acceleration feature; SmartAcceleration: intelligent acceleration feature; L4: L4 acceleration feature; Waf: advanced Web protection; QUIC: QUIC feature; CrossMLC: network optimization in the chinese mainland; ProcessMedia: media processing feature; L4DDoS: L4 DDoS protection feature; L7DDoS feature will only appear in one of the following specifications: L7DDoS.CM30G; layer-7 DDoS protection feature - 30G guaranteed minimum bandwidth specification in the chinese mainland; L7DDoS.CM60G; layer-7 DDoS protection feature - 60G guaranteed minimum bandwidth specification in the chinese mainland; L7DDoS.CM100G; layer-7 DDoS protection feature - 100G guaranteed minimum bandwidth specification in the chinese mainland; L7DDoS.Anycast300G; layer-7 DDoS protection feature - 300G guaranteed minimum bandwidth specification outside the chinese mainland with Anycast; L7DDoS.AnycastUnlimited; layer-7 DDoS protection feature - unlimited Anycast full protection outside the chinese mainland; L7DDoS.CM30G_Anycast300G; layer-7 DDoS protection feature - 30G guaranteed minimum bandwidth specification in the chinese mainland and 300G guaranteed minimum bandwidth specification outside the chinese mainland with Anycast; L7DDoS.CM60G_Anycast300G; layer-7 DDoS protection feature - 60G guaranteed minimum bandwidth specification in the chinese mainland and 300G guaranteed minimum bandwidth specification outside the chinese mainland with Anycast; L7DDoS.CM100G_Anycast300G; layer-7 DDoS protection feature - 100G guaranteed minimum bandwidth specification in the chinese mainland and 300G guaranteed minimum bandwidth specification outside the chinese mainland with Anycast; L7DDoS.CM30G_AnycastUnlimited; layer-7 DDoS protection feature - 30G guaranteed minimum bandwidth specification in the chinese mainland and unlimited Anycast full protection outside the chinese mainland; L7DDoS.CM60G_AnycastUnlimited; layer-7 DDoS protection feature - 60G guaranteed minimum bandwidth specification in the chinese mainland and unlimited Anycast full protection outside the chinese mainland; L7DDoS.CM100G_AnycastUnlimited; layer-7 DDoS protection feature - 100G guaranteed minimum bandwidth specification in the chinese mainland and unlimited Anycast full protection outside the chinese mainland; .

PlanInfo

EdgeOne plan information

Used by actions: DescribeAvailablePlans.

Name	Type	Description
Currency	String	Settlement currency. Values: `CNY`: Settled by Chinese RMB; `USD`: Settled by US dollars.
Flux	Integer	Traffic quota of the plan. It includes the traffic for security acceleration, content acceleration and smart acceleration. Unit: byte.
Frequency	String	Settlement cycle. Values: `y`: Settled by year; `m`: Settled by month; `h`: Settled by hour; `M`: Settled by minute; `s`: Settled by second.
PlanType	String	The plan option. Values: `sta`: Standard plan that supports content delivery network outside the Chinese mainland. `sta_with_bot`: Standard plan that supports content delivery network outside the Chinese mainland and bot management. `sta_cm`: Standard plan that supports content delivery network inside the Chinese mainland. `sta_cm_with_bot`: Standard plan that supports content delivery network inside the Chinese mainland and bot management. `sta`: Standard plan that supports content delivery network over the globe. `sta_global_with_bot`: Standard plan that supports content delivery network over the globe and bot management. `ent`: Enterprise plan that supports content delivery network outside the Chinese mainland. `ent_with_bot`: Enterprise plan that supports content delivery network outside the Chinese mainland and bot management. `ent_cm`: Enterprise plan that supports content delivery network inside the Chinese mainland. `ent_cm_with_bot`: Enterprise plan that supports content delivery network inside the Chinese mainland and bot management. `ent_global`: Enterprise plan that supports content delivery network over the globe. `ent_global_with_bot`: Enterprise plan that supports content delivery network over the globe and bot management.
Price	Float	Plan price (in CNY fen/US cent). The price unit depends on the settlement currency.
Request	Integer	Quota on security acceleration requests
SiteNumber	Integer	Number of sites to be bound to the plan
Area	String	The acceleration region. Values: `mainland`: Chinese mainland `overseas`: Global (Chinese mainland not included) `global`: Global (Chinese mainland included)

PostMaxSize

Maximum size of the file uploaded for streaming via a POST request

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable POST upload limit (default limit: 32 MB). Valid values: `on`: Enable; `off`: Disable.
MaxSize	Integer	No	Specifies the maximum limit. this field is valid only when Switch is on. value range: 1MB to 800MB. unit: byte.

PostMaxSizeParameters

Maximum size of the file uploaded for streaming via a POST request.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable post request file upload limit, in bytes (default limit: 32 * 2²⁰ bytes). valid values: `on`: enable limit; `off`: disable limit. .
MaxSize	Integer	No	Specifies the maximum limit for file streaming transmission in POST request upload. this field is valid only when Switch is on. value range: 1MB to 800MB. unit: byte.

PrepaidPlanParam

Prepaid Plan Billing Parameters

Used by actions: CreatePlan.

Name	Type	Required	Description
Period	Integer	No	Prepaid plan duration, unit: month. Valid values: 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 24, 36. If this field is not specified, the default value '1' will be used.
RenewFlag	String	No	The auto-renewal flag for prepaid plan has the following values: on: Enable auto-renewal; off: Disable auto-renewal. If this field is not specified, the default value 'off' will be used. When auto-renewal is enabled, it defaults to renewing for one month.

PrivateParameter

Private authentication parameters for Cloud Object Storage origin server

Used by actions: CreateAccelerationDomain, CreateOriginGroup, DescribeAccelerationDomains, DescribeOriginGroup, ModifyAccelerationDomain, ModifyOriginGroup.

Name	Type	Required	Description
Name	String	Yes	The name of the private authentication parameter. Valid values: AccessKeyId: Access Key ID for authentication; SecretAccessKey: Secret Access Key for authentication; SignatureVersion: Authentication version, v2 or v4; Region: The region of the storage bucket.
Value	String	Yes	The parameter value.

QUICParameters

QUIC configuration item.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable quic. values:. `On`: enable; . Off: disable. .

QueryCondition

The query condition

Used by actions: CreateRealtimeLogDeliveryTask, DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData, DescribeTopL7AnalysisData, DescribeTopL7CacheData, ModifyRealtimeLogDeliveryTask.

Name	Type	Required	Description
Key	String	Yes	The key of QueryCondition.
Operator	String	Yes	The conditional operator. Values: `equals`: Equals `notEquals`: Does not equal `include`: Contains `notInclude`: Does not contain `startWith`: Starts with `notStartWith`: Does not start with `endWith`: Ends with `notEndWith`: Does not end with
Value	Array of String	Yes	The value of QueryCondition.

QueryString

Request parameter contained in CacheKey

Used by actions: DescribeHostsSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to use `QueryString` as part of `CacheKey`. Values: `on`: Yes `off`: No
Action	String	No	CacheKey usage via QueryString, valid values:. includeCustom: use partial url parameter; . excludeCustom: exclude partial url parameters. .
Value	Array of String	No	Specifies the url parameter array for usage/exclusion.

Quic

QUIC configuration item

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable QUIC. Valid values: `on`: Enable; `off`: Disable.

Quota

Purging/Pre-warming available usage and quota

Used by actions: DescribeContentQuota.

Name	Type	Description
Batch	Integer
Daily	Integer	Daily submission quota limit.
DailyAvailable	Integer	Remaining daily submission quota.
Type	String	Type of cache purging/pre-warming. Values: `purge_prefix`: Purge by prefix `purge_url`: Purge by URL `purge_host`: Purge by hostname `purge_all`: Purge all caches `purge_cache_tag`: Purge by cache tag `prefetch_url`: Pre-warm by URL

RangeOriginPullParameters

Configuration parameters for range back-to-source.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	No	Whether to enable range gets. values are:. `On`: enable; . Off: disable. .

RateLimitConfig

Rate limiting rules

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Switch. Values: `on`: Enable `off`: Disable
RateLimitUserRules	Array of RateLimitUserRule	No	The settings of the custom rate limiting rule. If it is null, the settings that were last configured will be used.
RateLimitTemplate	RateLimitTemplate	No	The rate limit template feature. if null, use the last set configuration by default.
RateLimitIntelligence	RateLimitIntelligence	No	Intelligent client filtering. if null, use the last set configuration by default.
RateLimitCustomizes	Array of RateLimitUserRule	No	The custom rate limiting rules. if it is `null`, the previous settings is used.

RateLimitIntelligence

Client filtering

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable configuration. Values: `on`: Enable `off`: Disable
Action	String	Yes	Action to be executed. Values: `monitor`: Observe `alg`: Challenge
RuleId	Integer	No	The rule ID, which is only used as a response parameter.

RateLimitTemplate

Rate limit template

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Mode	String	Yes	The mode. Values: `sup_loose`: Super loose `loose`: Loose `emergency`: Emergency `normal`: Moderate `strict`: Strict `close`: Off
Action	String	No	The action. Values: `alg`: JavaScript challenge `monitor`: Observe If it is left empty, the default value `alg` is used.
RateLimitTemplateDetail	RateLimitTemplateDetail	No	The settings of the rate limiting template. It is only used as an output parameter.

RateLimitTemplateDetail

The settings of the rate limiting template

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Mode	String	Yes	Template level name. valid values:. Sup_loose: specifies super loose. . `Loose`: loose . `Emergency`: emergency . `normal`: moderate . strict . `close`: off, precise rate limiting effective. .
ID	Integer	Yes	Unique ID.
Action	String	Yes	Template action. valid values:. alg: JavaScript challenge; . `monitor`: observe .
PunishTime	Integer	Yes	Penalty time, value range 0-2 days, unit second.
Threshold	Integer	Yes	Statistical threshold, in times. Value range: 0-4294967294.
Period	Integer	Yes	Statistical cycle. Value range: 0-120 seconds.

RateLimitUserRule

Rate limit rule

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Threshold	Integer	Yes	The request threshold. Value range: 0-4294967294.
Period	Integer	Yes	The statistical period. The value can be 10, 20, 30, 40, 50, or 60 seconds.
RuleName	String	Yes	The rule name, which consists of only letters, digits, and underscores and cannot start with an underscore.
Action	String	Yes	Action. Values: `monitor`: Observe; `drop`: Block; `redirect`: Redirect; `page`: Return a specific page; `alg`: JavaScript challenge.
PunishTime	Integer	Yes	The amount of time taken to perform the action. Value range: 0 seconds - 2 days.
PunishTimeUnit	String	Yes	The time unit. Values: `second`: Second `minutes`: Minute `hour`: Hour
RuleStatus	String	Yes	The rule status. Values: `on`: Enabled `off`: Disabled Default value: `on`
AclConditions	Array of AclCondition	Yes	The rule details.
RulePriority	Integer	Yes	The rule weight. Value range: 0-100.
RuleID	Integer	No	Rule ID, which is only used as an output parameter.
FreqFields	Array of String	No	The filter. Values: `sip`: Client IP This parameter is left empty by default.
UpdateTime	String	No	Update time. It is only used as a response parameter, and defaults to the current time.
FreqScope	Array of String	No	Query scope. Values: `source_to_eo`: (Response) Traffic going from the origin to EdgeOne. `client_to_eo`: (Request) Traffic going from the client to EdgeOne. Default: `source_to_eo`.
Name	String	No	Name of the custom return page. It's required when `Action=page`.
CustomResponseId	String	No	ID of custom response. The ID can be obtained via the `DescribeCustomErrorPages` API. It's required when `Action=page`.
ResponseCode	Integer	No	The response code to trigger the return page. It's required when `Action=page`. Value: 100-600. 3xx response codes are not supported. Default value: 567.
RedirectUrl	String	No	The redirection URL. It's required when `Action=redirect`.

RateLimitingRule

Specifies the rate limit configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Id	String	No	The ID of precise rate limiting. rule ID supports different rule configuration operations: add a new rule: leave the ID empty or do not specify the ID parameter. modify an existing rule: specify the rule ID that needs to be updated/modified. delete an existing rule: existing Rules not included in the Rules list under the RateLimitingRules parameter will be deleted. .
Name	String	No	Specifies the name of the precise rate limit.
Condition	String	No	The specific content of precise speed limit shall comply with the expression syntax. for detailed specifications, see the product documentation.
CountBy	Array of String	No	Rate threshold request feature match mode. this field is required when Enabled is on. when there are multiple conditions, composite multiple conditions will perform statistics count. the maximum number of conditions must not exceed 5. valid values: http.request.ip: client ip; http.request.xff_header_ip: client ip (priority match xff header); http.request.uri.path: request access path; http.request.cookies['session']: Cookie named session, where session can be replaced with your own specified parameter; http.request.headers['user-agent']: http header named user-agent, where user-agent can be replaced with your own specified parameter; http.request.ja3: request ja3 fingerprint; http.request.uri.query['test']: URL query parameter named test, where test can be replaced with your own specified parameter. .
MaxRequestThreshold	Integer	No	Precision rate limiting specifies the cumulative number of interceptions within the time range. value ranges from 1 to 100000.
CountingPeriod	String	No	Specifies the time window for statistics. valid values: 1s: 1 second; 5s: 5 seconds; 10s: 10 seconds; 20s: 20 seconds; 30s: 30 seconds; 40s: 40 seconds; 50s: 50 seconds; 1m: 1 minute; 2m: 2 minutes; 5m: 5 minutes; 10m: 10 minutes; 1h: 1 hour. .
ActionDuration	String	No	The duration of an Action is only supported in the following units: s: seconds, value range 1–120; m: minutes, value range 1–120; h: hours, value range 1–48; d: days, value range 1–30. .
Action	SecurityAction	No	Precision rate limiting handling methods. valid values: Monitor: Monitor; Deny: block, where DenyActionParameters.Name supports Deny and ReturnCustomPage; Challenge: Challenge, where ChallengeActionParameters.Name supports JSChallenge and ManagedChallenge; Redirect: Redirect to URL; .
Priority	Integer	No	Precision rate limiting specifies the priority. value range is 0 to 100. default is 0.
Enabled	String	No	Whether the precise rate limiting rule is enabled. valid values: on: enabled; off: disabled. .

RateLimitingRules

Precision rate limiting configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Rules	Array of RateLimitingRule	No	Definition list of precise rate limiting. when using ModifySecurityPolicy to modify the Web protection configuration: if the Rules parameter is not specified or its length is zero: clear all precision rate limiting configurations. if the RateLimitingRules parameter value is unspecified in the SecurityPolicy parameter: retain the existing custom rule configuration without modification. .

RealtimeLogDeliveryTask

Real-time log delivery task

Used by actions: DescribeRealtimeLogDeliveryTasks.

Name	Type	Description
TaskId	String	ID of a real-time log shipping task.
TaskName	String	Name of a real-time log shipping task.
DeliveryStatus	String	Status of a real-time log shipping task. Valid values: enabled: enabled; disabled: disabled; deleted: deleted abnormally. Check whether the destination log set/log topic of Tencent Cloud CLS has been deleted.
TaskType	String	Type of a real-time log shipping task. Valid values: cls: push to Tencent Cloud CLS; custom_endpoint: push to a custom HTTP(S) address; s3: push to an AWS S3-compatible bucket address.
EntityList	Array of String	List of entities (L7 domain names or L4 proxy instances) corresponding to a real-time log shipping task. Valid value examples: L7 domain name: domain.example.com; L4 proxy instance: sid-2s69eb5wcms7.
LogType	String	Data shipping type. Valid values: domain: site acceleration logs; application: L4 proxy logs; web-rateLiming: rate limiting and CC attack defense logs; web-attack: managed rule logs; web-rule: custom rule logs; web-bot: Bot management logs.
Area	String	Data shipping area. Valid values: mainland: within the Chinese mainland; overseas: global (excluding the Chinese mainland).
Fields	Array of String	List of predefined fields for shipping.
CustomFields	Array of CustomField	List of custom fields for shipping.
DeliveryConditions	Array of DeliveryCondition	Filter criteria of log shipping.
Sample	Integer	Sampling ratio in permille. Value range: 1-1000. For example, 605 indicates a sampling ratio of 60.5%.
LogFormat	LogFormat	Output format for log delivery. When the output parameter is null, the default format is used, which works as follows: When TaskType is 'custom_endpoint', the default format is an array of JSON objects, with each JSON object representing a log entry; When TaskType is 's3', the default format is JSON Lines. Note: This field may return 'null', which indicates a failure to obtain a valid value.
CLS	CLSTopic	Configuration information of the CLS. Note: This field may return null, which indicates a failure to obtain a valid value.
CustomEndpoint	CustomEndpoint	Configuration information of the custom HTTP service. Note: This field may return null, which indicates a failure to obtain a valid value.
S3	S3	Configuration information of the AWS S3-compatible bucket. Note: This field may return null, which indicates a failure to obtain a valid value.
CreateTime	Timestamp ISO8601	Creation time.
UpdateTime	Timestamp ISO8601	Update time.

RedirectActionParameters

Additional parameter for SecurityAction Redirect.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
URL	String	Yes	Redirect URL.

RenewFlag

Auto-renewal configuration item in a prepaid plan.

Used by actions: ModifyPlan.

Name	Type	Required	Description
Switch	String	Yes	The auto-renewal flag for prepaid plan has the following values: on: Enable auto-renewal; off: Disable auto-renewal.

RequestBodyTransferTimeout

Body transfer timeout duration configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
IdleTimeout	String	Yes	Body transfer timeout duration. valid values: 5-120. measurement unit: seconds (s) only.
Enabled	String	Yes	Whether body transfer timeout is enabled. valid values: `on`: enable `off`: disable .

RequestFieldsForException

Skipped fields configuration in exception rules.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Scope	String	Yes	Skip specific field. supported values:. body.json: parameter content in json requests. at this point, Condition supports key and value, TargetField supports key and value, for example { "Scope": "body.json", "Condition": "", "TargetField": "key" }, which means all parameters in json requests skip WAF scan. . cookie: cookie; at this point Condition supports key, value, TargetField supports key, value, for example { "Scope": "cookie", "Condition": "${key} in ['account-id'] and ${value} like ['prefix-']", "TargetField": "value" }, which means the cookie parameter name equals account-id and the parameter value wildcard matches prefix- to skip WAF scan; . header: HTTP header parameters. at this point, Condition supports key and value, TargetField supports key and value, for example { "Scope": "header", "Condition": "${key} like ['x-auth-']", "TargetField": "value" }, which means header parameter name wildcard match x-auth- skips WAF scan. . uri.query: URL encoding content/query parameter. at this point, Condition supports key and value, TargetField supports key and value. example: { "Scope": "uri.query", "Condition": "${key} in ['action'] and ${value} in ['upload', 'delete']", "TargetField": "value" }. indicates URL encoding content/query parameter name equal to action and parameter value equal to upload or delete skips WAF scan. . uri: specifies the request path uri. at this point, Condition must be empty. TargetField supports query, path, fullpath, such as {"Scope": "uri", "Condition": "", "TargetField": "query"}, indicates the request path uri skips WAF scan for query parameters. . body: request body content. at this point Condition must be empty, TargetField supports fullbody, multipart, such as { "Scope": "body", "Condition": "", "TargetField": "fullbody" }, which means the request body content skips WAF scan as a full request. .
Condition	String	Yes	Skip specific field expression must comply with expression grammar. Condition supports expression configuration syntax: write according to the matching conditional expression syntax of rules, with support for referencing key and value. supports in, like operators, and logical combination with and. . For example: ${key} in ['x-trace-id']: the parameter name equals x-trace-id. ${key} in ['x-trace-id'] and ${value} like ['Bearer ']: the parameter name equals x-trace-id and the parameter value wildcard matches Bearer . .
TargetField	String	Yes	The Scope parameter takes different values. the TargetField expression supports the following values:. body.json: supports key, value. . cookie: supports key and value. . header: supports key, value . uri.query: supports key and value . uri. specifies path, query, or fullpath. . Body: supports fullbody and multipart. .

Resource

Billable resource

Used by actions: DescribeZones.

Name	Type	Description
Id	String	The resource ID.
PayMode	Integer	Billing mode `0`: Pay-as-you-go
CreateTime	Timestamp ISO8601	The creation time.
EnableTime	Timestamp ISO8601	The effective time.
ExpireTime	Timestamp ISO8601	The expiration time.
Status	String	The plan status. Values: `normal`: Normal `isolated`: Isolated `destroyed`: Terminated
Sv	Array of Sv	Pricing query parameter
AutoRenewFlag	Integer	Whether to enable auto-renewal. Values: `0`: Default status. `1`: Enable auto-renewal. `2`: Disable auto-renewal.
PlanId	String	ID of the resource associated with the plan.
Area	String	Applicable area. Values: `mainland`: Chinese mainland `overseas`: Regions outside the Chinese mainland `global`: Global
Group	String	The resource type. Values: `plan`: Plan resources `pay-as-you-go`: Pay-as-you-go resources `value-added`: Value-added resources Note: This field may return null, indicating that no valid values can be obtained.
ZoneNumber	Integer	The sites that are associated with the current resources. Note: This field may return null, indicating that no valid values can be obtained.
Type	String	Resource tag type. Valid values: vodeo: vodeo resource.

ResponseSpeedLimitParameters

Single-link download speed limit configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Mode	String	Yes	Download rate limit mode. valid values:. LimitUponDownload: rate limit throughout the download process; . LimitAfterSpecificBytesDownloaded: rate limit after downloading specific bytes at full speed; . LimitAfterSpecificSecondsDownloaded: start speed limit after downloading at full speed for a specific duration. .
MaxSpeed	String	Yes	The speed limit value specifies the size of the speed limit. fill in a value or variable with a unit. the currently supported unit is: KB/s.
StartAt	String	No	The speed limit start value can be download size or specified duration. fill in a value with unit or variable to specify download size or specified duration. -When the Mode value is LimitAfterSpecificBytesDownloaded, the valid values of the unit are: KB. -When the Mode value is LimitAfterSpecificSecondsDownloaded, the valid value of the unit is: s.

ReturnCustomPageActionParameters

Additional parameter for SecurityAction ReturnCustomPage.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
ResponseCode	String	Yes	Response custom status code.
ErrorPageId	String	Yes	Response custom page ID.

RewriteAction

Rule engine action for the HTTP request/response header

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Action	String	Yes	Feature name. For details, see DescribeRulesSetting API
Parameters	Array of RuleRewriteActionParams	Yes	Parameter

Rule

Rule item of the rule engine. The items in the Conditions array are in OR relationship, and the items in the inner Conditions list are in AND relationship.

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Conditions	Array of RuleAndConditions	Yes	Judgment condition for executing the feature. Note: The feature can be executed if any condition in the array is met.
Actions	Array of Action	No	Executed feature. Note: Actions and SubRules cannot be both empty.
SubRules	Array of SubRuleItem	No	Nested rule. Note: SubRules and Actions cannot be both empty.

RuleAndConditions

List of rule engine conditions in AND relationship

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Conditions	Array of RuleCondition	Yes	Rule engine condition. This condition will be considered met if all items in the array are met.

RuleBranch

Sub-rule branch.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Condition	String	No	Match condition (https://www.tencentcloud.com/document/product/1552/90438?from_cn_redirect=1#33f65828-c6c6-4b66-a011-25a20b548d5d).
Actions	Array of RuleEngineAction	No	Operations. Note: actions and subrules cannot both be empty. Note: this field may return null, which indicates a failure to obtain a valid value.
SubRules	Array of RuleEngineSubRule	No	List of sub-rules. multiple rules exist in this list and are executed sequentially from top to bottom. note: subrules and actions cannot both be empty. currently, only one layer of subrules is supported. Note: this field may return null, which indicates a failure to obtain a valid value.

RuleChoicePropertiesItem

Detailed settings of the rule engine that can be used for request match, which are optional parameter configuration items.

Used by actions: DescribeRulesSetting.

Name	Type	Description
Name	String	The parameter name.
Type	String	The parameter value type. CHOICE: The parameter value can be selected only from `Values`. TOGGLE: The parameter value is of switch type and can be selected from `ChoicesValue`. CUSTOM_NUM: The parameter value is a custom integer. CUSTOM_STRING: The parameter value is a custom string.
ChoicesValue	Array of String	Valid parameter values. Note: If `Type` is `CUSTOM_NUM` or `CUSTOM_STRING`, this parameter will be an empty array.
Min	Integer	Minimum value. If both `Min` and `Max` are set to `0`, this parameter does not take effect.
Max	Integer	Maximum value. If both `Min` and `Max` are set to `0`, this parameter does not take effect.
IsMultiple	Boolean	Whether multiple values can be selected or entered.
IsAllowEmpty	Boolean	Whether the parameter can be left empty.
ExtraParameter	RuleExtraParameter	Special parameter. NULL: Select `NormalAction` for `RuleAction`. If the member parameter `Id` is `Action`, select `RewirteAction` for `RuleAction`. If the member parameter `Id` is `StatusCode`, select `CodeAction` for `RuleAction`.

RuleCodeActionParams

Parameters of the action with the StatusCode field as the rule engine condition

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
StatusCode	Integer	Yes	The status code.
Name	String	Yes	The parameter name. For details, see DescribeRulesSetting.
Values	Array of String	Yes	The parameter value.

RuleCondition

Rule engine condition parameters

Used by actions: CreateFunctionRule, CreateRule, DescribeRules, ModifyFunctionRule, ModifyRule.

Name	Type	Required	Description
Operator	String	Yes	Operator. Valid values: `equal`: Equal `notEquals`: Does not equal `exist`: Exists `notexist`: Does not exist
Target	String	Yes	Matching type. Valid values: filename: Filename; extension: File suffix; host: Host; full_url: A complete URL path under the current site, including the HTTP protocol, the host, and the path; url: The request for a URL path under the current site; client_country: Client country/region; query_string: The query string for a requested URL under the current site; request_header: HTTP request header; client_ip: Client IP; request_protocol: Request protocol; request_method: HTTP request method.
Values	Array of String	No	Parameter values for corresponding matching types. It is allowed to pass an empty array only when the matching type is query_string or request_header and the operator value is exist or not exist. Corresponding match types include: extension: File suffix such as jpg or txt; filename: For example, foo in foo.jpg; all (any request under the site): all; host: The host under the current site. For example, www.maxx55.com; URL path: The request for a URL path under the current site. For example, /example; URL full: The request for a complete URL under the current site, including the HTTP protocol, the host, and the path. For example: https://www.maxx55.cn/example; client_country: Country/region identifier compliant with the ISO3166 standard; query_string: The parameter value in the query string of the requested URL under the current site. For example, cn and 1 in lang=cn&version=1; request_header: The value of the HTTP request header field. For example, zh-CN,zh;q=0.9 in Accept-Language:zh-CN,zh;q=0.9; client_ip: The client request IP carried in the current request, which supports IPv4/IPv6 and an IP range; request_protocol: The protocol of the current request. Valid values: HTTP and HTTPS; request_method: The method of the current request. Valid values: GET, HEAD, POST, PUT, DELETE, TRACE, CONNECT, OPTIONS, PATCH, COPY, LOCK, MKCOL, MOVE, PROPFIND, PROPPATCH, and UNLOCK.
IgnoreCase	Boolean	No	Whether the parameter value is case insensitive. Default value: false.
Name	String	No	The parameter name of the match type. This field is required only when `Target=query_string/request_header`. `query_string`: Name of the query string, such as "lang" and "version" in "lang=cn&version=1". `request_header`: Name of the HTTP request header, such as "Accept-Language" in the "Accept-Language:zh-CN,zh;q=0.9" header.

RuleEngineAction

Rule engine operations.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Name	String	Yes	Operation Name. the Name must correspond to the parameter structure, for example, if Name=Cache, CacheParameters is required. Cache: specifies the node Cache TTL. . CacheKey: specifies the custom cache key. . CachePrefresh: cache pre-refresh; . AccessURLRedirect: url redirection; . UpstreamURLRewrite: specifies the origin-pull url rewrite. . QUIC:QUIC; WebSocket:WebSocket; Authentication: Token Authentication; . MaxAge: browser caching TTL; . StatusCodeCache: specifies the status code cache TTL. . OfflineCache: offline caching; . SmartRouting: smart acceleration; . RangeOriginPull: range-based origin pull; . UpstreamHTTP2: http/2 origin pull; . HostHeader: host header rewrite; . `ForceRedirectHTTPS`: force https redirect configuration for access protocol. . OriginPullProtocol: HTTPS origin pull; . Compression: intelligent compression configuration; . HSTS:HSTS; ClientIPHeader: configuration for storing client request ip in header information; . OCSPStapling: ocsp stapling; . HTTP2: http/2 integration; . PostMaxSize: maximum size of the file uploaded for streaming via a POST request; . ClientIPCountry: region of the client ip during origin-pull; . UpstreamFollowRedirect: specifies the parameter configuration for redirection during origin pull. . UpstreamRequest: origin pull request parameter; . TLSConfig: specifies SSL/TLS security. . ModifyOrigin: modify origin server; . HTTPUpstreamTimeout: specifies the layer 7 origin pull timeout configuration. . HttpResponse: HTTP response; . ErrorPage: specifies the custom error page. . ModifyResponseHeader: modifies the HTTP node response header. . ModifyRequestHeader: modifies the HTTP node request header. . ResponseSpeedLimit: download speed limit for a single connection; . SetContentIdentifier: sets the content identifier; . Vary: vary feature configuration. .
CacheParameters	CacheParameters	No	Node cache ttl configuration parameter. when name is cache, this parameter is required. Note: this field may return null, which indicates a failure to obtain a valid value.
CacheKeyParameters	CacheKeyParameters	No	Custom cache key configuration parameter. when name is cachekey, this parameter is required. Note: this field may return null, which indicates a failure to obtain a valid value.
CachePrefreshParameters	CachePrefreshParameters	No	The cache prefresh configuration parameter. this parameter is required when `name` is `cacheprefresh`. Note: this field may return null, which indicates a failure to obtain a valid value.
AccessURLRedirectParameters	AccessURLRedirectParameters	No	The access url redirection configuration parameter. this parameter is required when `name` is `accessurlredirect`. Note: this field may return null, which indicates a failure to obtain a valid value.
UpstreamURLRewriteParameters	UpstreamURLRewriteParameters	No	The origin-pull url rewrite configuration parameter. this parameter is required when `name` is `upstreamurlrewrite`. Note: this field may return null, which indicates a failure to obtain a valid value.
QUICParameters	QUICParameters	No	The quic configuration parameter. this parameter is required when `name` is `quic`. Note: this field may return null, which indicates a failure to obtain a valid value.
WebSocketParameters	WebSocketParameters	No	The websocket configuration parameter. this parameter is required when `name` is `websocket`. Note: this field may return null, which indicates a failure to obtain a valid value.
AuthenticationParameters	AuthenticationParameters	No	Token authentication configuration parameter. this parameter is required when `name` is `authentication`. Note: this field may return null, which indicates a failure to obtain a valid value.
MaxAgeParameters	MaxAgeParameters	No	Browser cache ttl configuration parameter. this parameter is required when `name` is `maxage`. Note: this field may return null, which indicates a failure to obtain a valid value.
StatusCodeCacheParameters	StatusCodeCacheParameters	No	Status code cache ttl configuration parameter. this parameter is required when `name` is `statuscodecache`. Note: this field may return null, which indicates a failure to obtain a valid value.
OfflineCacheParameters	OfflineCacheParameters	No	Offline cache configuration parameter. this parameter is required when `name` is `offlinecache`. Note: this field may return null, which indicates a failure to obtain a valid value.
SmartRoutingParameters	SmartRoutingParameters	No	Smart acceleration configuration parameter. this parameter is required when `name` is `smartrouting`. Note: this field may return null, which indicates a failure to obtain a valid value.
RangeOriginPullParameters	RangeOriginPullParameters	No	Shard source retrieval configuration parameter. this parameter is required when name is set to rangeoriginpull. Note: this field may return null, which indicates a failure to obtain a valid value.
UpstreamHTTP2Parameters	UpstreamHTTP2Parameters	No	HTTP2 origin-pull configuration parameter. this parameter is required when name is set to upstreamhttp2. Note: this field may return null, which indicates a failure to obtain a valid value.
HostHeaderParameters	HostHeaderParameters	No	Host header rewrite configuration parameter. this parameter is required when name is set to hostheader. Note: this field may return null, which indicates a failure to obtain a valid value.
ForceRedirectHTTPSParameters	ForceRedirectHTTPSParameters	No	Force https redirect configuration parameter. this parameter is required when the name is set to forceredirecthttps. Note: this field may return null, which indicates a failure to obtain a valid value.
OriginPullProtocolParameters	OriginPullProtocolParameters	No
CompressionParameters	CompressionParameters	No	Intelligent compression configuration. this parameter is required when name is set to compression. Note: this field may return null, which indicates a failure to obtain a valid value.
HSTSParameters	HSTSParameters	No	HSTS configuration parameter. this parameter is required when name is hsts. Note: this field may return null, which indicates a failure to obtain a valid value.
ClientIPHeaderParameters	ClientIPHeaderParameters	No	Client ip header configuration for storing client request ip information. this parameter is required when name is clientipheader. Note: this field may return null, which indicates a failure to obtain a valid value.
OCSPStaplingParameters	OCSPStaplingParameters	No	OCSP stapling configuration parameter. this parameter is required when the name is set to ocspstapling. Note: this field may return null, which indicates a failure to obtain a valid value.
HTTP2Parameters	HTTP2Parameters	No	HTTP2 access configuration parameter. this parameter is required when name is http2. Note: this field may return null, which indicates a failure to obtain a valid value.
PostMaxSizeParameters	PostMaxSizeParameters	No	Maximum size configuration for file streaming upload via a post request. this parameter is required when name is postmaxsize. Note: this field may return null, which indicates a failure to obtain a valid value.
ClientIPCountryParameters	ClientIPCountryParameters	No	Configuration parameter for carrying the region information of the client ip during origin-pull. this parameter is required when the name is set to clientipcountry. Note: this field may return null, which indicates a failure to obtain a valid value.
UpstreamFollowRedirectParameters	UpstreamFollowRedirectParameters	No	Configuration parameter for following redirects during origin-pull. this parameter is required when the name is set to upstreamfollowredirect. Note: this field may return null, which indicates a failure to obtain a valid value.
UpstreamRequestParameters	UpstreamRequestParameters	No	Configuration parameter for origin-pull request. this parameter is required when the name is set to upstreamrequest. Note: this field may return null, which indicates a failure to obtain a valid value.
TLSConfigParameters	TLSConfigParameters	No	SSL/TLS security configuration parameter. this parameter is required when the name is set to tlsconfig. Note: this field may return null, which indicates a failure to obtain a valid value.
ModifyOriginParameters	ModifyOriginParameters	No	Configuration parameter for modifying the origin server. this parameter is required when the name is set to modifyorigin. Note: this field may return null, which indicates a failure to obtain a valid value.
HTTPUpstreamTimeoutParameters	HTTPUpstreamTimeoutParameters	No	Configuration of layer 7 origin timeout. this parameter is required when name is httpupstreamtimeout. Note: this field may return null, which indicates a failure to obtain a valid value.
HttpResponseParameters	HTTPResponseParameters	No	HTTP response configuration parameters. this parameter is required when name is httpresponse. Note: this field may return null, which indicates a failure to obtain a valid value.
ErrorPageParameters	ErrorPageParameters	No	Custom error page configuration parameters. this parameter is required when name is errorpage. Note: this field may return null, which indicates a failure to obtain a valid value.
ModifyResponseHeaderParameters	ModifyResponseHeaderParameters	No	Modify http node response header configuration parameters. this parameter is required when name is modifyresponseheader. Note: this field may return null, which indicates a failure to obtain a valid value.
ModifyRequestHeaderParameters	ModifyRequestHeaderParameters	No	Modify http node request header configuration parameters. this parameter is required when name is modifyrequestheader. Note: this field may return null, which indicates a failure to obtain a valid value.
ResponseSpeedLimitParameters	ResponseSpeedLimitParameters	No	Single connection download speed limit configuration parameter. this parameter is required when name is responsespeedlimit. Note: this field may return null, which indicates a failure to obtain a valid value.
SetContentIdentifierParameters	SetContentIdentifierParameters	No	Specifies the content identification configuration parameter. this parameter is required when the Name value is SetContentIdentifier. Note: This field may return null, which indicates a failure to obtain a valid value.
VaryParameters	VaryParameters	No	Vary feature configuration parameter. when Name value is Vary, this parameter is required.

RuleEngineItem

Rule details of the rule engine.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Status	String	No	Rule status. values: `enable`: enabled `disable`: disabled .
RuleId	String	No	Rule id. a unique identifier for the rule. this parameter is required when calling `modifyl7accrules`.
RuleName	String	No	Rule name. name length limit: 255 characters.
Description	Array of String	No	Rule annotation. multiple annotations can be added.
Branches	Array of RuleBranch	No	Sub-Rule branch. this list currently supports filling in only one rule; multiple entries are invalid. Note: this field may return null, which indicates a failure to obtain a valid value.
RulePriority	Integer	No	Rule priority. only used as an output parameter.

RuleEngineSubRule

Sub-rule

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Branches	Array of RuleBranch	No	Sub-Rule branch. Note: this field may return null, which indicates a failure to obtain a valid value.
Description	Array of String	No	Rule comments.

RuleExtraParameter

Rule engine parameter details and special parameter types.

Used by actions: DescribeRulesSetting.

Name	Type	Description
Id	String	Parameter name. Valid values: `Action`: Required parameter for HTTP header modification when `RewirteAction` is selected for `RuleAction`. `StatusCode`: Required parameter for the status code feature when `CodeAction` is selected for `RuleAction`.
Type	String	Parameter value type. `CHOICE`: The parameter value can be selected only from `Values`. `CUSTOM_NUM`: The parameter value is a custom integer. `CUSTOM_STRING`: The parameter value is a custom string.
Choices	Array of String	Valid values. Note: If the value of `Id` is `StatusCode`, values in the array are all integer values. When entering a parameter value, enter the integer value of the string.

RuleItem

Rule details of the rule engine

Used by actions: DescribeRules.

Name	Type	Description
RuleId	String	The rule ID.
RuleName	String	The rule name. It is a string that can contain 1–255 characters.
Status	String	Rule status. Values: `enable`: Enabled `disable`: Disabled
Rules	Array of Rule	The rule content.
RulePriority	Integer	The rule priority. The greater the value, the higher the priority. The minimum value is `1`.
Tags	Array of String	Tag of the rule.

RuleNormalActionParams

Common action parameter of a rule engine condition

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Name	String	Yes	The parameter name. For details, see DescribeRulesSetting.
Values	Array of String	Yes	The parameter value.

RuleRewriteActionParams

Parameter of the action for the HTTP request/response header of a rule engine condition.

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Action	String	Yes	Feature parameter name. For details, see DescribeRulesSetting. `add`: Add the HTTP header. `set`: Rewrite the HTTP header. `del`: Delete the HTTP header.
Name	String	Yes	Parameter name
Values	Array of String	Yes	Parameter value

RulesProperties

Detailed settings of the rule engine that can be used for request match.

Used by actions: DescribeRulesSetting.

Name	Type	Description
Name	String	Parameter name.
Min	Integer	Minimum value. If both `Min` and `Max` are set to `0`, this parameter does not take effect.
ChoicesValue	Array of String	Valid parameter values. Note: If `Type` is `CUSTOM_NUM` or `CUSTOM_STRING`, this parameter will be an empty array.
Type	String	The parameter value type. `CHOICE`: the parameter value can only be selected from `choicesvalue`. TOGGLE: the parameter value is of switch type and can be selected from `choicesvalue`. OBJECT: the parameter value is of object type, and `choiceproperties` are the properties associated with this object type. `CUSTOM_NUM`: (integer) custom value. custom_string: parameter value is user-customized, string type.
Max	Integer	Maximum value. If both `Min` and `Max` are set to `0`, this parameter does not take effect.
IsMultiple	Boolean	Whether multiple values can be selected or entered.
IsAllowEmpty	Boolean	Whether the parameter can be left empty.
ChoiceProperties	Array of RuleChoicePropertiesItem	Associated configuration parameters of this parameter, which are required for API call. Note: This parameter will be an empty array if no special parameters are added as optional parameters.
ExtraParameter	RuleExtraParameter	NULL: No special parameters when `NormalAction` is selected for `RuleAction`. Note: This field may return null, indicating that no valid values can be obtained.

RulesSettingAction

List of the settings of the rule engine that can be used for request match and their detailed information.

Used by actions: DescribeRulesSetting.

Name	Type	Description
Action	String	Feature name. Valid values: Access URL rewrite (`AccessUrlRedirect`). Origin-pull URL rewrite (`UpstreamUrlRedirect`). Custom error page (`ErrorPage`). QUIC (`QUIC`). WebSocket (`WebSocket`). Video dragging (`VideoSeek`). Token authentication (`Authentication`). `CacheKey`: Custom cache key. `Cache`: Node cache TTL. `MaxAge`: Browser cache TTL. `OfflineCache`: Offline cache. `SmartRouting`: Smart acceleration. `RangeOriginPull`: Range GETs. `UpstreamHttp2`: HTTP/2 forwarding. `HostHeader`: Host header rewrite. `ForceRedirect`: Force HTTPS. `OriginPullProtocol`: Origin-pull HTTPS. `CachePrefresh`: Cache prefresh. `Compression`: Smart compression. `RequestHeader`: HTTP request header modification. HTTP response header modification (`ResponseHeader`). Status code cache TTL (`StatusCodeCache`). `Hsts`. `ClientIpHeader`. `TlsVersion`. `OcspStapling`.
Properties	Array of RulesProperties	Parameter information

S3

The configuration information of real-time log delivery to an AWS S3 compatible bucket

Used by actions: CreateRealtimeLogDeliveryTask, DescribeRealtimeLogDeliveryTasks, ModifyRealtimeLogDeliveryTask.

Name	Type	Required	Description
Endpoint	String	Yes	The URL without bucket name or path, for example: `https://storage.googleapis.com`, `https://s3.ap-northeast-2.amazonaws.com`, and `https://cos.ap-nanjing.myqcloud.com`.
Region	String	Yes	The region where the bucket is located, for example: `ap-northeast-2`.
Bucket	String	Yes	The bucket name and log storage directory, for example: `your_bucket_name/EO-logs/`. If the directory does not exist in the bucket, it will be created automatically.
AccessId	String	Yes	The Access Key ID used to access the bucket.
AccessKey	String	Yes	The secret key used to access the bucket.
CompressType	String	No	The data compress type. Valid values: gzip: gzip compression. If this field is not filled in, compression is disabled.

SecEntry

Returned value of security data entry

Used by actions: DescribeDDoSAttackData.

Name	Type	Description
Key	String	The query dimension value.
Value	Array of SecEntryValue	The details.

SecEntryValue

The security data queried by metric

Used by actions: DescribeDDoSAttackData.

Name	Type	Description
Metric	String	The metric name.
Detail	Array of TimingDataItem	The time-series data details.
Max	Integer	The maximum value.
Avg	Float	The average value.
Sum	Float	Sum

SecurityAction

Action for security operation.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Name	String	Yes	Safe execution actions. valid values:. Deny: block request to access site resource; . `Monitor`: observe; only record logs . `Redirect`: Redirect to URL . Disabled: disabled; specify rule is not enabled. . Allow: allow access but delay processing the request. . Challenge: challenge, respond to challenge content; . BlockIP: to be deprecated, ip block; . `ReturnCustomPage`: to be deprecated, use specified page block; . JSChallenge: to be deprecated, JavaScript challenge; . ManagedChallenge: to be deprecated. managed challenge. .
DenyActionParameters	DenyActionParameters	No	Additional parameters when Name is Deny.
RedirectActionParameters	RedirectActionParameters	No	Additional parameter when Name is Redirect.
AllowActionParameters	AllowActionParameters	No	Additional parameters when Name is Allow.
ChallengeActionParameters	ChallengeActionParameters	No	Additional parameter when Name is Challenge.
BlockIPActionParameters	BlockIPActionParameters	No	To be deprecated, additional parameter when Name is BlockIP.
ReturnCustomPageActionParameters	ReturnCustomPageActionParameters	No	To be deprecated, additional parameter when Name is ReturnCustomPage.

SecurityConfig

Web security configuration.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
WafConfig	WafConfig	No	Managed rule. if the parameter is null or not filled, use the last set configuration by default.
RateLimitConfig	RateLimitConfig	No	Rate limiting. if the parameter is null or not filled, the configuration last set will be used by default.
AclConfig	AclConfig	No	Custom rule. specifies if the parameter is null or not filled, use the last set configuration by default.
BotConfig	BotConfig	No	Bot configuration. if the parameter is null or not filled, use the last set configuration by default.
SwitchConfig	SwitchConfig	No	Switch setting of the 7-layer protection. if the parameter is null or not filled, use the last set configuration by default.
IpTableConfig	IpTableConfig	No	Basic access control. if the parameter is null or not filled, use the last set configuration by default.
ExceptConfig	ExceptConfig	No	Exception rule configuration. if the parameter is null or not filled, use the last set configuration by default.
DropPageConfig	DropPageConfig	No	Custom block page settings. if the parameter is null or not filled, use the last set configuration by default.
TemplateConfig	TemplateConfig	No	Template configuration. specifies parameter usage for output only.
SlowPostConfig	SlowPostConfig	No	Slow attack configuration. if the parameter is null or not filled, use the last set configuration by default.
DetectLengthLimitConfig	DetectLengthLimitConfig	No	Detect length limit configuration. for output usage only.

SecurityPolicy

Web security policy.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
CustomRules	CustomRules	No	Custom rules. If the parameter is null or not filled, the configuration last set will be used by default. Note: This field may return null, indicating that no valid value can be obtained.
ManagedRules	ManagedRules	No	Managed. If the parameter is null or not filled, the configuration last set will be used by default. Note: This field may return null, indicating that no valid value can be obtained.
HttpDDoSProtection	HttpDDoSProtection	No	HTTP DDOS protection configuration.
RateLimitingRules	RateLimitingRules	No	Configures the rate limiting rule.
ExceptionRules	ExceptionRules	No	Exception rule configuration.
BotManagement	BotManagement	No	Bot management configuration.

SecurityPolicyTemplateInfo

Policy template information.

Used by actions: DescribeWebSecurityTemplates.

Name	Type	Description
ZoneId	String	The zone ID to which the policy template belongs.
TemplateId	String	Policy template ID.
TemplateName	String	The name of the policy template.
BindDomains	Array of BindDomainInfo	Information about domains bound to the policy template.

SecurityTemplateBinding

Bindings of a security policy template

Used by actions: DescribeSecurityTemplateBindings.

Name	Type	Description
TemplateId	String	template ID
TemplateScope	Array of TemplateScope	Binding status of the template.

SecurityType

The security type setting item.

Used by actions: DescribeHostsSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable the security type setting. Values: `on`: Enable `off`: Disable

ServerCertInfo

HTTPS server certificate configuration

Used by actions: DescribeHostsSetting, ModifyHostsCertificate, ModifyZoneSetting.

Name	Type	Required	Description
CertId	String	Yes	Specifies the server certificate ID, which originates from the SSL side. you can check the CertId from the SSL certificate list.
Alias	String	No	Certificate remark name.
Type	String	No	Certificate type. valid values:. Specifies the default certificate. . Upload: user upload; . managed: tencent cloud hosted. .
ExpireTime	Timestamp ISO8601	No	Certificate expiration time.
DeployTime	Timestamp ISO8601	No	Specifies the cert deployment time.
SignAlgo	String	No	Signature algorithm.
CommonName	String	No	Domain name of the certificate.

SetContentIdentifierParameters

Content identifier configuration parameters

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
ContentIdentifier	String	No	Content identifier id.

SkipCondition

Exception rule conditions, used to filter requests by specific fields

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Type	String	Yes	The field type. Values: `header_fields`: HTTP request header `cookie`: HTTP request cookie `query_string`: Query string in the HTTP request URL `uri`: HTTP request URI `body_raw`: HTTP request body `body_json`: JSON HTTP request body
Selector	String	Yes	The specific field. Values: `args`: Query parameter in the URI, such as "?name1=jack&age=12" `path`: Partial path in the URI, such as "/path/to/resource.jpg" `full`: Full path in the URI, such as "example.com/path/to/resource.jpg?name1=jack&age=12" `upload_filename`: File path segment `keys`: All keys `values`: Values of all keys `key_value`: Key and its value
MatchFromType	String	No	The match method used to match the key. Values: `equal`: Exact match `wildcard`: Wildcard match (only asterisks)
MatchFrom	Array of String	No	Match the Key value.
MatchContentType	String	No	The match method used to match the content. `equal`: Exact match `wildcard`: Wildcard match (only asterisks)
MatchContent	Array of String	No	Match the Value.

SlowAttackDefense

Slow attack protection configuration.

Used by actions: CreateWebSecurityTemplate, DescribeSecurityPolicy, DescribeWebSecurityTemplate, ModifySecurityPolicy, ModifyWebSecurityTemplate.

Name	Type	Required	Description
Enabled	String	Yes	Whether slow attack protection is enabled. valid values: on: enabled; off: disabled. .
Action	SecurityAction	No	Slow attack protection handling method. required when Enabled is on. valid values for SecurityAction Name: Monitor: observation; Deny: block; .
MinimalRequestBodyTransferRate	MinimalRequestBodyTransferRate	No	The specific configuration of the minimum body transfer rate threshold is required when Enabled is on.
RequestBodyTransferTimeout	RequestBodyTransferTimeout	No	Specifies the specific configuration of body transfer timeout duration. required when Enabled is on.

SlowPostConfig

Slow attack defense configuration.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Values: `on`: Enable `off`: Disable
FirstPartConfig	FirstPartConfig	No	First packet configuration.
SlowRateConfig	SlowRateConfig	No	Specifies the basic configuration.
Action	String	No	Handling action for slow attack. valid values:. `monitor`: observe . `drop`: block the request. .
RuleId	Integer	No	Specifies the Id of this rule.

SlowRateConfig

The configuration to detect slow attacks

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Switch. Values: `on`: Enable `off`: Disable
Interval	Integer	No	The statistics interval in seconds. after the first packet transfer, the data transmission axis is split by this parameter for separate computing of slow attacks on each shard.
Threshold	Integer	No	Specifies the rate threshold applied during statistics in bps. if the transmission rate in this shard does not reach the parameter value, it is identified as a slow attack and the slow attack handling method is applied.

SmartRouting

Smart acceleration configuration

Used by actions: DescribeHostsSetting, DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable smart acceleration. Values: `on`: Enable `off`: Disable

SmartRoutingParameters

Smart acceleration configuration.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable smart acceleration. values:. `On`: enable; . Off: disable. .

StandardDebug

Standard debugging

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable standard debugging. Values: `on`: Enable `off`: Disable
AllowClientIPList	Array of String	Yes	The client IP to allow. It can be an IPv4/IPv6 address or a CIDR block. If not specified, it means to allow any client IP
ExpireTime	Timestamp ISO8601	Yes	The time when the standard debugging setting expires. If it is exceeded, this feature becomes invalid.

StandardDebugParameters

Debug structure.

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable standard debugging. values:. `On`: enable; . Off: disable. .
AllowClientIPList	Array of String	No	The client ip to allow. it can be an ipv4/ipv6 address or a cidr block. 0.0.0.0/0 means to allow all ipv4 clients for debugging; ::/0 means to allow all ipv6 clients for debugging; 127.0.0.1 is not allowed. note: this field is required when `switch=on` and the number of entries should be 1-100. when `switch=off`, this field is not required and any value specified will not take effect.
Expires	Timestamp ISO8601	No	Debug feature expiration time. the feature will be disabled after the set time. note: this field is required when `switch=on`. when `switch=off`, this field is not required and any value specified will not take effect.

StatusCodeCacheParam

Status Code Cache TTL configuration internal structure.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
StatusCode	Integer	No	Status code. valid values: 400, 401, 403, 404, 405, 407, 414, 500, 501, 502, 503, 504, 509, 514.
CacheTime	Integer	No	Cache time value in seconds. value range: 0–31536000.

StatusCodeCacheParameters

Status Code Cache TTL configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
StatusCodeCacheParams	Array of StatusCodeCacheParam	No	Status code cache ttl. Note: this field may return null, which indicates a failure to obtain a valid value.

SubRule

Nested rule settings

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Conditions	Array of RuleAndConditions	Yes	The condition that determines if a feature should run. Note: If any condition in the array is met, the feature will run.
Actions	Array of Action	Yes	The feature to be executed.

SubRuleItem

Rule engine nested rule

Used by actions: CreateRule, DescribeRules, ModifyRule.

Name	Type	Required	Description
Rules	Array of SubRule	Yes	Nested rule settings
Tags	Array of String	No	Tag of the rule.

Sv

Pricing query parameter

Used by actions: DescribeZones.

Name	Type	Required	Description
Key	String	Yes	The parameter key.
Value	String	Yes	The parameter value.
Pack	String	No	Quota for a resource. Values: `zone`: Quota for sites `custom-rule`: Quota for custom rules `rate-limiting-rule`: Quota for rate limiting rules `l4-proxy-instance`: Quota for L4 proxy instances Note: This field may return null, indicating that no valid values can be obtained.
InstanceId	String	No	ID of the L4 proxy instance. Note: This field may return null, indicating that no valid values can be obtained.
ProtectionSpecs	String	No	The protection specification. Values: `cm_30G`: 30 Gbps base protection bandwidth in Chinese mainland service area `cm_60G`: 60 Gbps base protection bandwidth in Chinese mainland service area `cm_100G`: 100 Gbps base protection bandwidth in Chinese mainland service area `anycast_300G`: 300 Gbps Anycast-based protection in Global (MLC) service area `anycast_unlimited`: Unlimited Anycast-based protection bandwidth in Global (MLC) service area `cm_30G_anycast_300G`: 30 Gbps base protection bandwidth in Chinese mainland service area and 300 Gbps Anycast-based protection bandwidth in Global (MLC) service area `cm_30G_anycast_unlimited`: 30 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service area cm_60G_anycast_300G`: 60 Gbps base protection bandwidth in Chinese mainland service area and 300 Gbps Anycast-based protection bandwidth in Global (MLC) service area</li><li> cm_60G_anycast_unlimited`: 60 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service area `cm_100G_anycast_300G`: 100 Gbps base protection bandwidth in Chinese mainland service area and 300 Gbps Anycast-based protection bandwidth in Global (MLC) service area cm_100G_anycast_unlimited`: 100 Gbps base protection bandwidth in Chinese mainland service area and unlimited Anycast-based protection bandwidth in Global (MLC) service area Note: This field may return null, indicating that no valid values can be obtained.

SwitchConfig

Web security configuration switch

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
WebSwitch	String	Yes	Whether to enable web protection. Values: `on`: Enable `off`: Disable It does not affect DDoS and bot configuration.

TCCaptchaOption

CAPTCHA authentication instance information.

Used by actions: CreateSecurityClientAttester, DescribeSecurityClientAttester, ModifySecurityClientAttester.

Name	Type	Required	Description
CaptchaAppId	String	Yes	CaptchaAppId information.
AppSecretKey	String	Yes	AppSecretKey information.

TCRCEOption

RCE authentication option instance information.

Used by actions: CreateSecurityClientAttester, DescribeSecurityClientAttester, ModifySecurityClientAttester.

Name	Type	Required	Description
Channel	String	Yes	Channel information.

TLSConfigParameters

SSL/TLS Security configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Version	Array of String	No	TLS version. at least one must be specified. if multiple versions are specified, they must be consecutive, e.g., enable tls1, 1.1, 1.2, and 1.3. it is not allowed to enable only 1 and 1.2 while disabling 1.1. valid values: `tlsv1`: tlsv1 version; `tlsv1.1`: tlsv1.1 version; `tlsv1.2`: tlsv1.2 version; `tlsv1.3`: tlsv1.3 version. .
CipherSuite	String	No	Cipher suite. for detailed information, please refer to tls versions and cipher suites description. valid values: `loose-v2023`: loose-v2023 cipher suite; `general-v2023`: general-v2023 cipher suite; `strict-v2023`: strict-v2023 cipher suite. .

Tag

Tag configuration

Used by actions: CreateContentIdentifier, CreateZone, DescribeContentIdentifiers, DescribeZones.

Name	Type	Required	Description
TagKey	String	Yes	The tag key. Note: This field may return null, indicating that no valid values can be obtained.
TagValue	String	Yes	The tag value. Note: This field may return null, indicating that no valid values can be obtained.

Task

Content management task result

Used by actions: DescribePrefetchTasks, DescribePurgeTasks.

Name	Type	Description
JobId	String	ID of the task.
Target	String	Resource.
Type	String	Type of the task.
Method	String	Node cache purge method. valid values:. invalidate: marks as expired. a back-to-origin validation is triggered upon user request, sending an HTTP conditional request with If-None-Match and If-Modified-Since headers. If the origin server responds with 200, the node will fetch new resources from the origin and update the cache; If the origin server responds with 304, the cache will not be updated; . Delete: directly deletes the node's cache, triggering a resource fetch from the origin upon user request. .
Status	String	Status. valid values:. processing: indicates the operation is in progress. . Success: specifies the success status. . failed: indicates a failure. . Timeout: specifies the timeout period. . Canceled: canceled. .
CreateTime	Timestamp ISO8601	Creation time of the task.
UpdateTime	Timestamp ISO8601	Completion time of the task.
FailType	String	Refresh and preheat failure type. valid values:. taskFailed: specifies the task failure. . quotaExceeded: specifies the quota exceeded status. . downloadManifestFailed: specifies the file failed to download. . accessDenied: specifies access denied. . originPullFailed: specifies the origin-pull failure. .
FailMessage	String	Description of the reason for cache purge or warm cache failure.

TemplateConfig

Security template settings

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
TemplateId	String	Yes	The template ID.
TemplateName	String	Yes	The template name.

TemplateScope

Domain names bound with the template.

Used by actions: DescribeSecurityTemplateBindings.

Name	Type	Required	Description
ZoneId	String	No	ID of the site. Note: This field may return·null, indicating that no valid values can be obtained.
EntityStatus	Array of EntityStatus	No	List of instance statuses Note: This field may return·null, indicating that no valid values can be obtained.

TimingDataItem

Data items of the statistical curve

Used by actions: DescribeDDoSAttackData, DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.

Name	Type	Description
Timestamp	Integer	Time point for returning data, in the format of Unix timestamp in seconds.
Value	Integer	The value.

TimingDataRecord

The time-series data

Used by actions: DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.

Name	Type	Description
TypeKey	String	The query dimension value.
TypeValue	Array of TimingTypeValue	Detailed time series data

TimingTypeValue

Detailed data of time series type

Used by actions: DescribeOverviewL7Data, DescribeTimingL4Data, DescribeTimingL7AnalysisData, DescribeTimingL7CacheData.

Name	Type	Description
Sum	Integer	Sum.
Max	Integer	The maximum value.
Avg	Integer	The average value.
MetricName	String	Metric name.
Detail	Array of TimingDataItem	Details. Note: This field may return null, indicating that no valid values can be obtained.

TopDataRecord

The top-ranked data record

Used by actions: DescribeTopL7AnalysisData, DescribeTopL7CacheData.

Name	Type	Description
TypeKey	String	The query dimension value.
DetailData	Array of TopDetailData	Top data rankings

TopDetailData

The top-ranked data details

Used by actions: DescribeTopL7AnalysisData, DescribeTopL7CacheData.

Name	Type	Description
Key	String	The field name.
Value	Integer	The field value.

TopEntry

The Top-ranked data

Used by actions: DescribeDDoSAttackTopData.

Name	Type	Description
Key	String	The query dimension value.
Value	Array of TopEntryValue	The details.

TopEntryValue

The top-ranked data

Used by actions: DescribeDDoSAttackTopData.

Name	Type	Description
Name	String	The item name.
Count	Integer	The number of items.

URLPath

Access URL redirect path configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Action	String	No	Action to be executed. values:. `Follow`: follow the request; . `Custom`: custom; . `Regex`: regular expression matching. .
Regex	String	No	Regular expression matching expression, length range is 1-1024. note: when action is regex, this field is required; when action is follow or custom, this field is not required and will not take effect if filled.
Value	String	No	Redirect target url, length range is 1-1024. note: when action is regex or custom, this field is required; when action is follow, this field is not required and will not take effect if filled.

UpstreamCertInfo

The certificate carried during EO node origin-pull is used when the origin server enables the mutual authentication handshake to validate the client certificate, ensuring that the request originates from a trusted EO node.

Used by actions: DescribeAccelerationDomains, ModifyHostsCertificate.

Name	Type	Required	Description
UpstreamMutualTLS	MutualTLS	No	In the origin-pull mutual authentication scenario, this field represents the certificate (including the public and private keys) carried during EO node origin-pull, which is deployed in the EO node for the origin server to authenticate the EO node. When used as an input parameter, it is left blank to indicate retaining the original configuration.

UpstreamFollowRedirectParameters

Origin-pull redirection parameters configuration

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	No	Whether to enable origin-pull to follow the redirection configuration. values:. `On`: enable; . Off: disable. .
MaxTimes	Integer	No	The maximum number of redirects. value range: 1-5. Note: this field is required when switch is on; when switch is off, this field is not required and will not take effect if filled.

UpstreamHTTP2Parameters

HTTP2 origin-pull configuration

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable http2 origin-pull. valid values:. `On`: enable; . Off: disable. .

UpstreamHttp2

HTTP2 origin-pull configuration

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable HTTP2 origin-pull. Valid values: `on`: Enable; `off`: Disable.

UpstreamRequestCookie

Origin-pull request parameters Cookie configuration

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	No	Whether to enable the origin-pull request parameter cookie. valid values:. `On`: enable; . Off: disable. .
Action	String	No	Origin-Pull request parameter cookie mode. this parameter is required when `switch` is on. valid values are:. Full: indicates full retention; . Ignore: ignore all. . `IncludeCustom`: retain partial parameters. . ExcludeCustom: ignore partial parameters. .
Values	Array of String	No	Specifies parameter values. this parameter takes effect only when the query string mode action is `includecustom` or `excludecustom`, and is used to specify the parameters to be reserved or ignored. up to 10 parameters are supported.

UpstreamRequestParameters

Origin-pull request parameters configuration.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
QueryString	UpstreamRequestQueryString	No	Query string configuration. optional. if not provided, it will not be configured. Note: this field may return null, which indicates a failure to obtain a valid value.
Cookie	UpstreamRequestCookie	No	Cookie configuration. optional. if not provided, it will not be configured. Note: this field may return null, which indicates a failure to obtain a valid value.

UpstreamRequestQueryString

Origin-pull request parameters query string configuration.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	No	Whether to enable origin-pull request parameter query string. values:. `On`: enable; . Off: disable. .
Action	String	No	Query string mode. this parameter is required when switch is on. values:. `Full`: retain all . `Ignore`: ignore all; . IncludeCustom: retain partial parameters. . ExcludeCustom: ignore partial parameters. .
Values	Array of String	No	Specifies parameter values. this parameter takes effect only when the query string mode action is `includecustom` or `excludecustom`, and is used to specify the parameters to be reserved or ignored. up to 10 parameters are supported.

UpstreamURLRewriteParameters

Origin URL rewrite configuration parameters.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Type	String	No	Origin-Pull URL rewrite type. valid values: Path.
Action	String	No	Origin-Pull URL rewrite action. valid values:. replace: replace the full Path. used to replace the complete request URL Path with the specified Path. addPrefix: add Path prefix. used to add specified Path prefix to request URL Path. . rmvPrefix: specifies the removal of Path prefix. used to remove the specified Path prefix from the request URL Path. regexReplace: refers to regular expression replacement of the full path. used for matching and replacing the full path via Google RE2 regular expressions.
Value	String	No	Origin-Pull URL rewrite value. should meet URL Path standard and ensure the rewritten Path starts with / to prevent the Host of the origin-pull URL from being modified, with a length range of 1–1024. when Action is addPrefix, it cannot end with /. when Action is rmvPrefix, * cannot exist. when Action is regexReplace, $NUM can be used to refer to regular expression capture groups, where NUM represents the group number, such as $1, and supports up to $9.
Regex	String	No	Origin-Pull URL rewrite used for regex replacement to match the full path regular expression. should meet Google RE2 standard with length range 1–1024. this field is required when Action is regexReplace, otherwise not required.

VanityNameServers

Custom name servers

Used by actions: DescribeZones, ModifyZone.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable custom name servers. Values: `on`: Enable `off`: Disable
Servers	Array of String	No	List of custom name servers

VanityNameServersIps

IP information of the custom name server

Used by actions: DescribeZones.

Name	Type	Description
Name	String	Custom name of the name server
IPv4	String	IPv4 address of the custom name server

VaryParameters

Vary feature configuration parameter.

Used by actions: CreateL7AccRules, DescribeL7AccRules, ModifyL7AccRule.

Name	Type	Required	Description
Switch	String	Yes	Vary feature configuration switch. valid values:. `on`: Enable; off: Disable.

VideoTemplateInfo

Video stream configuration parameters.

Used by actions: CreateJustInTimeTranscodeTemplate, DescribeJustInTimeTranscodeTemplates.

Name	Type	Required	Description
Codec	String	Yes	Encoding format for video streams. valid values: H.264: use H.264 encoding; H.265: use H.265 encoding. .
Fps	Float	No	Video frame rate. value ranges from 0 to 30. measurement unit: Hz. If the value is 0, the frame rate will be the same as that of the source video, with a maximum not exceeding 30. Default value: 0.
Bitrate	Integer	No	Specifies the bitrate of video stream. valid values: 0 and [128, 10000]. measurement unit: kbps. Value is 0, means automatically select video bitrate based on video image and quality. Default value: 0.
ResolutionAdaptive	String	No	Resolution adaptation. available values: open: enable. at this point, Width represents the long side of the video and Height represents the short side. close: disable. at this point, Width represents the Width of the video and Height represents the Height. default value: open.
Width	Integer	No	The maximum value of the video stream Width (or long side). valid values: 0 and [128, 1920]. unit: px. when Width and Height are both 0, the resolution is from the same source; when Width is 0 and Height is non-0, Width is scaled proportionally; when Width is non-0 and Height is 0, Height is scaled proportionally; when both Width and Height are non-0, the resolution is specified by the user. default value: 0.
Height	Integer	No	The maximum value of the video stream Height (or short side). valid values: 0 and [128, 1080]. unit: px. when Width and Height are both 0, the resolution is from the same source; when Width is 0 and Height is non-0, Width is scaled proportionally; when Width is non-0 and Height is 0, the Height is scaled proportionally; when both Width and Height are non-0, the resolution is specified by the user. default value: 0.
FillType	String	No	Filling method. specifies the processing method for transcoding when video stream configuration width and height parameters are inconsistent with the aspect ratio of the original video. valid values: stretch: stretch each frame to fill the entire screen, possibly causing the transcoded video to be squashed or stretched. black: maintain video aspect ratio with edges filled with black. white: maintain video aspect ratio with edges filled with white. gauss: maintain video aspect ratio with gaussian blur filling for the rest of the edges. default value: black.

Waf

N/A

Used by actions: DescribeHostsSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable WAF. Values: `on`: Enable `off`: Disable
PolicyId	Integer	No	ID of the policy

WafConfig

WAF configuration.

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable WAF configuration. Values: `on`: Enable `off`: Disable The configuration can be modified even when it is disabled.
Level	String	Yes	The protection level. Values: `loose`: Loose `normal`: Moderate `strict`: Strict `stricter`: Super strict `custom`: Custom
Mode	String	Yes	The WAF global mode. Values: `block`: Block globally `observe`: Observe globally
WafRule	WafRule	No	The settings of the managed rule. If it is null, the settings that were last configured will be used.
AiRule	AiRule	No	The setting of the AI rule engine. If it is null, the setting that was last configured will be used.

WafRule

WAF rule

Used by actions: ModifySecurityPolicy.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable managed rules. Values: `on`: Enable `off`: Disable
BlockRuleIDs	Array of Integer	Yes	IDs of the rules to be disabled.
ObserveRuleIDs	Array of Integer	Yes	IDs of the rules to be executed in Observe mode.

WebSocket

WebSocket configuration

Used by actions: DescribeZoneSetting, ModifyZoneSetting.

Name	Type	Required	Description
Switch	String	Yes	Whether to enable WebSocket connection timeout. Values: `on`: The field "Timeout" can be configured. `off`: The field "Timeout" is fixed to 15 seconds.
Timeout	Integer	No	The timeout period in seconds. Maximum value: 120.

WebSocketParameters

WebSocket configuration

Used by actions: CreateL7AccRules, DescribeL7AccRules, DescribeL7AccSetting, ModifyL7AccRule, ModifyL7AccSetting.

Name	Type	Required	Description
Switch	String	No	Whether to enable websocket connection timeout. values:. On: use timeout as the websocket timeout; . Off: the platform still supports websocket connections, using the system default timeout of 15 seconds. .
Timeout	Integer	No	Timeout, unit: seconds. maximum timeout is 120 seconds. note: this field is required when switch is on; otherwise, this field will not take effect.

Zone

Site information

Used by actions: DescribeZones.

Name	Type	Description
ZoneId	String	Site ID.
ZoneName	String	The site name.
OriginalNameServers	Array of String	List of name servers used by the site
NameServers	Array of String	The list of name servers assigned by Tencent Cloud.
Status	String	The site status. Values: u200c `active`: The name server is switched to EdgeOne. u200c `pending`: The name server is not switched. u200c `moved`: The name server is changed to other service providers. u200c `deactivated`: The site is blocked. `initializing`: The site is not bound with any plan.
Type	String	Site access method. Valid values: full: NS access; partial: CNAME access; noDomainAccess: access with no domain name.
Paused	Boolean	Whether the site is disabled.
CnameSpeedUp	String	Whether CNAME acceleration is enabled. Values: `enabled`: Enabled `disabled`: Disabled
CnameStatus	String	CNAME record access status. Values: `finished`: The site is verified. `pending`: The site is being verified.
Tags	Array of Tag	The list of resource tags.
Resources	Array of Resource	The list of billable resources.
CreatedOn	Timestamp ISO8601	The creation time of the site.
ModifiedOn	Timestamp ISO8601	The modification date of the site.
Area	String	The site access region. Values: `global`: Global. `mainland`: Chinese mainland. `overseas`: Outside the Chinese mainland.
VanityNameServers	VanityNameServers	The custom name server information. Note: This field may return null, indicating that no valid values can be obtained.
VanityNameServersIps	Array of VanityNameServersIps	The custom name server IP information. Note: This field may return null, indicating that no valid values can be obtained.
ActiveStatus	String	Status of the proxy. Values: `active`: Enabled `inactive`: Not activated `paused`: Disabled
AliasZoneName	String	Site alias. a composite of digits, numbers, english letters, -, and _, limited to 20 characters.
IsFake	Integer	Whether it’s a fake site. Valid values: `0`: Non-fake site; `1`: Fake site.
LockStatus	String	Lock status. Values: `enable`: Normal. Modification is allowed. `disable`: Locked. Modification is not allowed. `plan_migrate`: Adjusting the plan. Modification is not allowed.
OwnershipVerification	OwnershipVerification	Ownership verification information Note: This field may return·null, indicating that no valid values can be obtained.

ZoneConfig

Site acceleration configuration.

Used by actions: DescribeL7AccSetting, ModifyL7AccSetting.

Name	Type	Required	Description
SmartRouting	SmartRoutingParameters	No	<Intelligent acceleration configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
Cache	CacheConfigParameters	No	Node cache expiration time configuration. . Note: this field may return null, which indicates a failure to obtain a valid value.
MaxAge	MaxAgeParameters	No	Browser cache rule configuration, which is used to set the default value of maxage and is disabled by default. . Note: this field may return null, which indicates a failure to obtain a valid value.
CacheKey	CacheKeyConfigParameters	No	The node cache key configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
CachePrefresh	CachePrefreshParameters	No	Cache prefresh configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
OfflineCache	OfflineCacheParameters	No	Offline cache configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
Compression	CompressionParameters	No	Smart compression configuration. . Note: this field may return null, which indicates a failure to obtain a valid value.
ForceRedirectHTTPS	ForceRedirectHTTPSParameters	No	Forced https redirect configuration for access protocols. . Note: this field may return null, which indicates a failure to obtain a valid value.
HSTS	HSTSParameters	No	HSTS configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
TLSConfig	TLSConfigParameters	No	TLS configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
OCSPStapling	OCSPStaplingParameters	No	OCSP stapling configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
HTTP2	HTTP2Parameters	No	HTTP/2 configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
QUIC	QUICParameters	No	QUIC access configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
UpstreamHTTP2	UpstreamHTTP2Parameters	No	HTTP2 origin-pull configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
IPv6	IPv6Parameters	No	IPv6 access configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
WebSocket	WebSocketParameters	No	WebSocket configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
PostMaxSize	PostMaxSizeParameters	No	POST request transport configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
ClientIPHeader	ClientIPHeaderParameters	No	Client ip origin-pull request header configuration. Note: this field may return null, which indicates a failure to obtain a valid value.
ClientIPCountry	ClientIPCountryParameters	No	Whether to carry the region information of the client ip during origin-pull. Note: this field may return null, which indicates a failure to obtain a valid value.
Grpc	GrpcParameters	No	Configuration of grpc support. Note: this field may return null, which indicates a failure to obtain a valid value.
NetworkErrorLogging	NetworkErrorLoggingParameters	No	Network Error Logging configuration. Note: This field may return null, which indicates a failure to obtain a valid value.
AccelerateMainland	AccelerateMainlandParameters	No	Accelerate optimization and configuration in mainland china. Note: this field may return null, which indicates a failure to obtain a valid value.
StandardDebug	StandardDebugParameters	No	Standard debugging configuration. . Note: this field may return null, which indicates a failure to obtain a valid value.

ZoneConfigParameters

Site configuration information.

Used by actions: DescribeL7AccSetting.

Name	Type	Description
ZoneName	String	The site name.
ZoneConfig	ZoneConfig	Site configuration information. Note: this field may return null, which indicates a failure to obtain a valid value.

ZoneInfo

Describes the returned site information.

Used by actions: DescribePlans.

Name	Type	Required	Description
ZoneId	String	No	Site id.
ZoneName	String	No	Site name.
Paused	Boolean	No	Whether to disable the site. valid values: false: not disabled; . true: disabled. .

ZoneSetting

The site configuration.

Used by actions: DescribeZoneSetting.

Name	Type	Description
ZoneName	String	Name of the site
Area	String	Site acceleration region. Values: `mainland`: Acceleration in the Chinese mainland. `overseas`: Acceleration outside the Chinese mainland.
CacheKey	CacheKey	Node cache key configuration Note: This field may return null, indicating that no valid values can be obtained.
Quic	Quic	The QUIC access configuration. Note: This field may return null, indicating that no valid values can be obtained.
PostMaxSize	PostMaxSize	The POST transport configuration. Note: This field may return null, indicating that no valid values can be obtained.
Compression	Compression	Smart compression configuration. Note: This field may return null, indicating that no valid values can be obtained.
UpstreamHttp2	UpstreamHttp2	HTTP2 origin-pull configuration Note: This field may return null, indicating that no valid values can be obtained.
ForceRedirect	ForceRedirect	Force HTTPS redirect configuration Note: This field may return null, indicating that no valid values can be obtained.
CacheConfig	CacheConfig	Cache expiration time configuration Note: This field may return null, indicating that no valid values can be obtained.
Origin	Origin	Origin server configuration. Note: This field may return null, indicating that no valid values can be obtained.
SmartRouting	SmartRouting	Smart acceleration configuration Note: This field may return null, indicating that no valid values can be obtained.
MaxAge	MaxAge	Browser cache configuration Note: This field may return null, indicating that no valid values can be obtained.
OfflineCache	OfflineCache	The offline cache configuration. Note: This field may return null, indicating that no valid values can be obtained.
WebSocket	WebSocket	WebSocket configuration. Note: This field may return null, indicating that no valid values can be obtained.
ClientIpHeader	ClientIpHeader	Origin-pull client IP header configuration Note: This field may return null, indicating that no valid values can be obtained.
CachePrefresh	CachePrefresh	Cache prefresh configuration Note: This field may return null, indicating that no valid values can be obtained.
Ipv6	Ipv6	IPv6 access configuration Note: This field may return null, indicating that no valid values can be obtained.
Https	Https	HTTPS acceleration configuration Note: This field may return null, indicating that no valid values can be obtained.
ClientIpCountry	ClientIpCountry	Whether to carry the location information of the client IP during origin-pull. Note: This field may return `null`, indicating that no valid value can be obtained.
Grpc	Grpc	Configuration of gRPC support Note: This field may return `null`, indicating that no valid value can be obtained.
NetworkErrorLogging	NetworkErrorLogging	Network Error Logging configuration. Note: This field may return `null`, indicating that no valid value can be obtained.
ImageOptimize	ImageOptimize	Image optimization configuration. Note: This field may return `null`, indicating that no valid value was found.
AccelerateMainland	AccelerateMainland	Cross-MLC-border acceleration. Note: This field may return `null`, indicating that no valid values can be obtained.
StandardDebug	StandardDebug	Standard debugging configuration. Note: This field may return null, indicating that no valid values can be obtained.
JITVideoProcess	JITVideoProcess	Just-in-time media processing configuration. Note: This field may return null, which indicates a failure to obtain a valid value.

Was this page helpful?

You can also Contact Sales or Submit a Ticket for help.

Yes

Feedback

tencent cloud

APIResource

APIService

AccelerateMainland

AccelerateMainlandParameters

AccelerateType

AccelerationDomain

AccelerationDomainCertificate

AccessURLRedirectParameters

AccessURLRedirectQueryString

AclCondition

AclConfig

AclUserRule

Action

AdaptiveFrequencyControl

Addresses

AdvancedFilter

AiRule

AlgDetectJS

AlgDetectResult

AlgDetectRule

AlgDetectSession

AliasDomain

AllowActionParameters

ApplicationProxy

ApplicationProxyRule

AscriptionInfo

AudioTemplateInfo

AuthenticationParameters

BandwidthAbuseDefense

BillingData

BillingDataFilter

BindDomainInfo

BindSharedCNAMEMap

BlockIPActionParameters

BotConfig

BotExtendAction

BotManagedRule

BotManagement

BotPortraitRule

BotUserRule

CC

CLSTopic

Cache

CacheConfig

CacheConfigCustomTime

CacheConfigParameters

CacheKey

CacheKeyConfigParameters

CacheKeyCookie

CacheKeyHeader

CacheKeyParameters

CacheKeyQueryString

CacheParameters

CachePrefresh

CachePrefreshParameters

CacheTag

CertificateInfo

ChallengeActionParameters

CheckRegionHealthStatus

ClientAttestationRule

ClientAttestationRules

ClientAttester

ClientFiltering

ClientIPCountryParameters

ClientIPHeaderParameters

ClientIpCountry

ClientIpHeader

CnameStatus

CodeAction

Compression

CompressionParameters

ConfigGroupVersionInfo

ContentIdentifier

CurrentOriginACL

CustomEndpoint

CustomErrorPage

CustomField

CustomRule

CustomRules