SmartWebSecurity ARL API, REST: AdvancedRateLimiterProfile.Create
- HTTP request
- Body parameters
- AdvancedRateLimiterRule
- StaticQuota
- Condition
- AuthorityMatcher
- StringMatcher
- HttpMethodMatcher
- RequestUriMatcher
- QueryMatcher
- HeaderMatcher
- IpMatcher
- IpRangesMatcher
- GeoIpMatcher
- DynamicQuota
- Characteristic
- SimpleCharacteristic
- KeyCharacteristic
- Response
- CreateAdvancedRateLimiterProfileMetadata
- Status
- AdvancedRateLimiterProfile
- AdvancedRateLimiterRule
- StaticQuota
- Condition
- AuthorityMatcher
- StringMatcher
- HttpMethodMatcher
- RequestUriMatcher
- QueryMatcher
- HeaderMatcher
- IpMatcher
- IpRangesMatcher
- GeoIpMatcher
- DynamicQuota
- Characteristic
- SimpleCharacteristic
- KeyCharacteristic
Creates a ARL profile in the specified folder using the data specified in the request.
HTTP request
POST https://smartwebsecurity.api.cloud.yandex.net/smartwebsecurity/v1/advancedRateLimiterProfiles
Body parameters
{
"folderId": "string",
"labels": "object",
"name": "string",
"description": "string",
"advancedRateLimiterRules": [
{
"name": "string",
"priority": "string",
"description": "string",
"dryRun": "boolean",
// Includes only one of the fields `staticQuota`, `dynamicQuota`
"staticQuota": {
"action": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
},
"limit": "string",
"period": "string"
},
"dynamicQuota": {
"action": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
},
"limit": "string",
"period": "string",
"characteristics": [
{
// Includes only one of the fields `simpleCharacteristic`, `keyCharacteristic`
"simpleCharacteristic": {
"type": "string"
},
"keyCharacteristic": {
"type": "string",
"value": "string"
},
// end of the list of possible fields
"caseInsensitive": "boolean"
}
]
}
// end of the list of possible fields
}
]
}
Field |
Description |
folderId |
string Required field. ID of the folder to create a ARL profile in. |
labels |
object (map<string, string>) Labels as |
name |
string Name of the ARL profile. The name is unique within the folder. 1-50 characters long. |
description |
string Optional description of the ARL profile. |
advancedRateLimiterRules[] |
List of rules. |
AdvancedRateLimiterRule
A AdvancedRateLimiterRule object, see Rules.
Field |
Description |
name |
string Required field. Name of the rule. The name is unique within the ARL profile. 1-50 characters long. |
priority |
string (int64) Determines the priority in case there are several matched rules. |
description |
string Optional description of the rule. 0-512 characters long. |
dryRun |
boolean This allows you to evaluate backend capabilities and find the optimum limit values. |
staticQuota |
Static quota. Counting each request individually. Includes only one of the fields |
dynamicQuota |
Dynamic quota. Grouping requests by a certain attribute and limiting the number of groups. Includes only one of the fields |
StaticQuota
StaticQuota object.
Field |
Description |
action |
enum (Action) Action in case of exceeding this quota.
|
condition |
The condition for matching the quota. |
limit |
string (int64) Desired maximum number of requests per period. |
period |
string (int64) Period of time in seconds. |
Condition
Condition object. AND semantics implied.
See documentation for matchers description.
Field |
Description |
authority |
Match authority (Host header). |
httpMethod |
Match HTTP method. |
requestUri |
Match Request URI. |
headers[] |
Match HTTP headers. |
sourceIp |
Match IP. |
AuthorityMatcher
AuthorityMatcher object.
Field |
Description |
authorities[] |
List of authorities. OR semantics implied. |
StringMatcher
StringMatcher object.
Field |
Description |
exactMatch |
string Includes only one of the fields |
exactNotMatch |
string Includes only one of the fields |
prefixMatch |
string Includes only one of the fields |
prefixNotMatch |
string Includes only one of the fields |
pireRegexMatch |
string Includes only one of the fields |
pireRegexNotMatch |
string Includes only one of the fields |
HttpMethodMatcher
HttpMethodMatcher object.
Field |
Description |
httpMethods[] |
List of HTTP methods. OR semantics implied. |
RequestUriMatcher
RequestUriMatcher object. AND semantics implied.
Field |
Description |
path |
Path of the URI RFC3986 |
queries[] |
List of query matchers. AND semantics implied. |
QueryMatcher
QueryMatcher object.
Field |
Description |
key |
string Required field. Key of the query parameter. |
value |
Required field. Value of the query parameter. |
HeaderMatcher
HeaderMatcher object.
Field |
Description |
name |
string Required field. Name of header (case insensitive). |
value |
Required field. Value of the header. |
IpMatcher
IpMatcher object. AND semantics implied.
Field |
Description |
ipRangesMatch |
|
ipRangesNotMatch |
|
geoIpMatch |
|
geoIpNotMatch |
IpRangesMatcher
IpRangesMatcher object.
Field |
Description |
ipRanges[] |
string List of IP ranges. OR semantics implied. |
GeoIpMatcher
GeoIpMatcher object.
Field |
Description |
locations[] |
string ISO 3166-1 alpha 2. OR semantics implied. |
DynamicQuota
DynamicQuota object.
Field |
Description |
action |
enum (Action) Action in case of exceeding this quota.
|
condition |
The condition for matching the quota. |
limit |
string (int64) Desired maximum number of requests per period. |
period |
string (int64) Period of time in seconds. |
characteristics[] |
List of characteristics. |
Characteristic
Field |
Description |
simpleCharacteristic |
Characteristic automatically based on the Request path, HTTP method, IP address, Region, and Host attributes. Includes only one of the fields |
keyCharacteristic |
Characteristic based on key match in the Query params, HTTP header, and HTTP cookie attributes. Includes only one of the fields |
caseInsensitive |
boolean Determines case-sensitive or case-insensitive keys matching. |
SimpleCharacteristic
Field |
Description |
type |
enum (Type) Type of simple characteristic.
|
KeyCharacteristic
Field |
Description |
type |
enum (Type) Type of key characteristic.
|
value |
string String value of the key. |
Response
HTTP Code: 200 - OK
{
"id": "string",
"description": "string",
"createdAt": "string",
"createdBy": "string",
"modifiedAt": "string",
"done": "boolean",
"metadata": {
"advancedRateLimiterProfileId": "string"
},
// Includes only one of the fields `error`, `response`
"error": {
"code": "integer",
"message": "string",
"details": [
"object"
]
},
"response": {
"id": "string",
"folderId": "string",
"labels": "object",
"name": "string",
"description": "string",
"advancedRateLimiterRules": [
{
"name": "string",
"priority": "string",
"description": "string",
"dryRun": "boolean",
// Includes only one of the fields `staticQuota`, `dynamicQuota`
"staticQuota": {
"action": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
},
"limit": "string",
"period": "string"
},
"dynamicQuota": {
"action": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
},
"limit": "string",
"period": "string",
"characteristics": [
{
// Includes only one of the fields `simpleCharacteristic`, `keyCharacteristic`
"simpleCharacteristic": {
"type": "string"
},
"keyCharacteristic": {
"type": "string",
"value": "string"
},
// end of the list of possible fields
"caseInsensitive": "boolean"
}
]
}
// end of the list of possible fields
}
],
"createdAt": "string",
"cloudId": "string"
}
// end of the list of possible fields
}
An Operation resource. For more information, see Operation.
Field |
Description |
id |
string ID of the operation. |
description |
string Description of the operation. 0-256 characters long. |
createdAt |
string (date-time) Creation timestamp. String in RFC3339 To work with values in this field, use the APIs described in the |
createdBy |
string ID of the user or service account who initiated the operation. |
modifiedAt |
string (date-time) The time when the Operation resource was last modified. String in RFC3339 To work with values in this field, use the APIs described in the |
done |
boolean If the value is |
metadata |
CreateAdvancedRateLimiterProfileMetadata Service-specific metadata associated with the operation. |
error |
The error result of the operation in case of failure or cancellation. Includes only one of the fields The operation result. |
response |
The normal response of the operation in case of success. Includes only one of the fields The operation result. |
CreateAdvancedRateLimiterProfileMetadata
Field |
Description |
advancedRateLimiterProfileId |
string ID of the ARL profile that is being created. |
Status
The error result of the operation in case of failure or cancellation.
Field |
Description |
code |
integer (int32) Error code. An enum value of google.rpc.Code |
message |
string An error message. |
details[] |
object A list of messages that carry the error details. |
AdvancedRateLimiterProfile
A AdvancedRateLimiterProfile (ARL) resource.
Field |
Description |
id |
string ID of the ARL profile. |
folderId |
string ID of the folder that the ARL profile belongs to. |
labels |
object (map<string, string>) Labels as |
name |
string Required field. Name of the ARL profile. The name is unique within the folder. 1-50 characters long. |
description |
string Optional description of the ARL profile. |
advancedRateLimiterRules[] |
List of rules. |
createdAt |
string (date-time) Creation timestamp in RFC3339 String in RFC3339 To work with values in this field, use the APIs described in the |
cloudId |
string ID of the cloud that the ARL profile belongs to. |
AdvancedRateLimiterRule
A AdvancedRateLimiterRule object, see Rules.
Field |
Description |
name |
string Required field. Name of the rule. The name is unique within the ARL profile. 1-50 characters long. |
priority |
string (int64) Determines the priority in case there are several matched rules. |
description |
string Optional description of the rule. 0-512 characters long. |
dryRun |
boolean This allows you to evaluate backend capabilities and find the optimum limit values. |
staticQuota |
Static quota. Counting each request individually. Includes only one of the fields |
dynamicQuota |
Dynamic quota. Grouping requests by a certain attribute and limiting the number of groups. Includes only one of the fields |
StaticQuota
StaticQuota object.
Field |
Description |
action |
enum (Action) Action in case of exceeding this quota.
|
condition |
The condition for matching the quota. |
limit |
string (int64) Desired maximum number of requests per period. |
period |
string (int64) Period of time in seconds. |
Condition
Condition object. AND semantics implied.
See documentation for matchers description.
Field |
Description |
authority |
Match authority (Host header). |
httpMethod |
Match HTTP method. |
requestUri |
Match Request URI. |
headers[] |
Match HTTP headers. |
sourceIp |
Match IP. |
AuthorityMatcher
AuthorityMatcher object.
Field |
Description |
authorities[] |
List of authorities. OR semantics implied. |
StringMatcher
StringMatcher object.
Field |
Description |
exactMatch |
string Includes only one of the fields |
exactNotMatch |
string Includes only one of the fields |
prefixMatch |
string Includes only one of the fields |
prefixNotMatch |
string Includes only one of the fields |
pireRegexMatch |
string Includes only one of the fields |
pireRegexNotMatch |
string Includes only one of the fields |
HttpMethodMatcher
HttpMethodMatcher object.
Field |
Description |
httpMethods[] |
List of HTTP methods. OR semantics implied. |
RequestUriMatcher
RequestUriMatcher object. AND semantics implied.
Field |
Description |
path |
Path of the URI RFC3986 |
queries[] |
List of query matchers. AND semantics implied. |
QueryMatcher
QueryMatcher object.
Field |
Description |
key |
string Required field. Key of the query parameter. |
value |
Required field. Value of the query parameter. |
HeaderMatcher
HeaderMatcher object.
Field |
Description |
name |
string Required field. Name of header (case insensitive). |
value |
Required field. Value of the header. |
IpMatcher
IpMatcher object. AND semantics implied.
Field |
Description |
ipRangesMatch |
|
ipRangesNotMatch |
|
geoIpMatch |
|
geoIpNotMatch |
IpRangesMatcher
IpRangesMatcher object.
Field |
Description |
ipRanges[] |
string List of IP ranges. OR semantics implied. |
GeoIpMatcher
GeoIpMatcher object.
Field |
Description |
locations[] |
string ISO 3166-1 alpha 2. OR semantics implied. |
DynamicQuota
DynamicQuota object.
Field |
Description |
action |
enum (Action) Action in case of exceeding this quota.
|
condition |
The condition for matching the quota. |
limit |
string (int64) Desired maximum number of requests per period. |
period |
string (int64) Period of time in seconds. |
characteristics[] |
List of characteristics. |
Characteristic
Field |
Description |
simpleCharacteristic |
Characteristic automatically based on the Request path, HTTP method, IP address, Region, and Host attributes. Includes only one of the fields |
keyCharacteristic |
Characteristic based on key match in the Query params, HTTP header, and HTTP cookie attributes. Includes only one of the fields |
caseInsensitive |
boolean Determines case-sensitive or case-insensitive keys matching. |
SimpleCharacteristic
Field |
Description |
type |
enum (Type) Type of simple characteristic.
|
KeyCharacteristic
Field |
Description |
type |
enum (Type) Type of key characteristic.
|
value |
string String value of the key. |