Category: service
Cloud Firewall
Use Alibaba Cloud OpenAPI (RPC) with official SDKs or OpenAPI Explorer to manage resources for Cloud Firewall.
Workflow
1) Confirm region, resource identifiers, and desired action.
2) Discover API list and required parameters (see references).
3) Call API with SDK or OpenAPI Explorer.
4) Verify results with describe/list APIs.
AccessKey priority (must follow)
1) Environment variables: ALICLOUD_ACCESS_KEY_ID / ALICLOUD_ACCESS_KEY_SECRET / ALICLOUD_REGION_ID
Region policy: ALICLOUD_REGION_ID is an optional default. If unset, decide the most reasonable region for the task; if unclear, ask the user.
2) Shared config file: �INLINECODE4
API discovery
- - Product code: �INLINECODE5
- Default API version: �INLINECODE6
- Use OpenAPI metadata endpoints to list APIs and get schemas (see references).
High-frequency operation patterns
1) Inventory/list: prefer List* / Describe* APIs to get current resources.
2) Change/configure: prefer Create* / Update* / Modify* / Set* APIs for mutations.
3) Status/troubleshoot: prefer Get* / Query* / Describe*Status APIs for diagnosis.
Minimal executable quickstart
Use metadata-first discovery before calling business APIs:
CODEBLOCK0
Optional overrides:
CODEBLOCK1
The script writes API inventory artifacts under the skill output directory.
Output policy
If you need to save responses or generated artifacts, write them under:
�INLINECODE16
Validation
CODEBLOCK2
Pass criteria: command exits 0 and output/aliyun-cloudfw-manage/validate.txt is generated.
Output And Evidence
- - Save artifacts, command outputs, and API response summaries under
output/aliyun-cloudfw-manage/. - Include key parameters (region/resource id/time range) in evidence files for reproducibility.
Prerequisites
- - Configure least-privilege Alibaba Cloud credentials before execution.
- Prefer environment variables:
ALICLOUD_ACCESS_KEY_ID, ALICLOUD_ACCESS_KEY_SECRET, optional ALICLOUD_REGION_ID. - If region is unclear, ask the user before running mutating operations.
References
技能名称:aliyun-cloudfw-manage
详细描述:
分类:服务
云防火墙
使用阿里云OpenAPI(RPC)配合官方SDK或OpenAPI Explorer,管理云防火墙资源。
工作流程
1) 确认区域、资源标识符及所需操作。
2) 发现API列表及所需参数(参见参考文档)。
3) 使用SDK或OpenAPI Explorer调用API。
4) 使用describe/list类API验证结果。
AccessKey优先级(必须遵守)
1) 环境变量:ALICLOUDACCESSKEYID / ALICLOUDACCESSKEYSECRET / ALICLOUDREGIONID
区域策略:ALICLOUDREGIONID为可选默认值。若未设置,则自行判断任务最合理的区域;若不明确,则询问用户。
2) 共享配置文件:~/.alibabacloud/credentials
API发现
- - 产品代码:Cloudfw
- 默认API版本:2017-12-07
- 使用OpenAPI元数据端点列出API并获取架构(参见参考文档)。
高频操作模式
1) 清单/列表:优先使用List / Describe类API获取当前资源。
2) 变更/配置:优先使用Create / Update / Modify / Set类API进行修改。
3) 状态/故障排查:优先使用Get / Query / Describe*Status类API进行诊断。
最小可执行快速入门
在调用业务API前,先使用元数据优先发现:
bash
python scripts/listopenapimeta_apis.py
可选覆盖参数:
bash
python scripts/listopenapimeta_apis.py --product-code --version
该脚本会在技能输出目录下生成API清单产物。
输出策略
如需保存响应或生成的产物,请写入以下目录:
output/aliyun-cloudfw-manage/
验证
bash
mkdir -p output/aliyun-cloudfw-manage
for f in skills/security/firewall/aliyun-cloudfw-manage/scripts/*.py; do
python3 -m py_compile $f
done
echo pycompileok > output/aliyun-cloudfw-manage/validate.txt
通过标准:命令退出码为0,且生成output/aliyun-cloudfw-manage/validate.txt文件。
输出与证据
- - 将产物、命令输出及API响应摘要保存至output/aliyun-cloudfw-manage/目录下。
- 在证据文件中包含关键参数(区域/资源ID/时间范围),以确保可复现性。
前置条件
- - 执行前配置最小权限的阿里云凭证。
- 优先使用环境变量:ALICLOUDACCESSKEYID、ALICLOUDACCESSKEYSECRET,可选ALICLOUDREGIONID。
- 若区域不明确,在执行变更操作前先询问用户。
参考文档
- - 来源:references/sources.md
