您在购买公网 IP 实例时,可以将 EIP 资源绑定到已有的 DDoS 原生防护实例上,快速为实例添加防护。本文为您介绍如何通过 API 调用实现 DDoS 原生防护实例的购买和公网 IP 的绑定。
您可以参考PurchaseInstanceInOneStep-购买原生防护实例,购买符合您实际需求的 DDoS 原生防护实例。购买前,请确保您的账户余额充足。
例如,通过以下请求在华北2(北京)地域创建一个 DDoS 原生防护企业版实例。
POST https://open.volcengineapi.com/?Action=PurchaseInstanceInOneStep&Version=2022-01-01 X-Date: 20230711T035055Z Authorization: HMAC-SHA256 Credential=AKLTNGU0OGEyMT***/20230711/cn-beijing/origin_defence/request, SignedHeaders=content-type;x-content-sha256;x-date, Signature=da4fac562d00f41ad8*** { "DefBand": 300, "IpNum": 10, "BizBand": 100, "ElaBand": 500, "PurchaseNum": 1, "MonthNum": 12, "AutoRenew": "on", "AccessMode": 2, "BandwidthType": 1, "Region": "cn-beijing", "Spec": "Enterprise", }
由于 EIP 通过 DDoS 原生防护实例的 ID 完成绑定,因此需要先获取对应实例的 ID。您可以调用DescInstanceList-查询原生防护实例列表,直接查询已创建的防护实例信息。
GET https://open.volcengineapi.com/?Action=DescInstanceList&Version=2022-01-01 X-Date: 20230711T035055Z Authorization: HMAC-SHA256 Credential=AKLTNGU0OGEyMT***/20230711/cn-beijing/origin_defence/request, SignedHeaders=content-type;x-content-sha256;x-date, Signature=da4fac562d00f41ad8***
以下返回示例中可以得出,名称为ddos-test1的实例对应的 ID 为20。
{ "ResponseMetadata": { "RequestId": "202311162124068D795C2273F41FA0****", "Action": "DescInstanceList", "Version": "2022-01-01", "Service": "origin_defence", "Region": "cn-beijing" }, "Result": { "InsList": [ { "Id": 20, "AttackCount": 0, "AutoRenew": true, "DefBand": 300, "ElaBand": 500, "UsedIpNum": 2, "IpNum": 10, "BizBand": 50, "Name": "ddos-test1", "PeakAttackBand": 0, "Status": 1, "StartAt": 1681462614, "StopAt": 1702569599, "Region": "cn-beijing", "Spec": "Enterprise", "ElaBandStatus": 1, "IsDemoted": false } ] }, "PageInfo": { "TotalCount": 2, "PageSize": 10, "CurrentPage": 1, "Count": 2 } }
如果您希望在购买 EIP 实例时,直接绑定步骤二中 ID 为20的实例,在申请公网 IP 时将SecurityProtectionInstanceId参数的值设置为20即可。更多 EIP 购买操作,可参考 EIP 的接口调用说明AllocateEipAddress。
在 EIP 与原生防护实例绑定一段时间后,您可以参考DescAttackEvent-查询攻击事件列表,查看相关资产的攻击事件信息。
例如,您可以通过以下示例查看 ID 为44的防护实例攻击事件列表信息。
POST https://open.volcengineapi.com/?Action=DescAttackEvent&Version=2022-01-01 X-Date: 20230711T035055Z Authorization: HMAC-SHA256 Credential=AKLTNGU0OGEyMT***/20230711/cn-beijing/origin_defence/request, SignedHeaders=content-type;x-content-sha256;x-date, Signature=da4fac562d00f41ad8*** { "CurrPage": 1, "PageSize": 10, "InsId": 44, "BeginTime": 1693560540, "EndTime": 1698744600, "IpList": [ "1.1.1.1" ] }
{ "ResponseMetadata": { "RequestId": "202311161734246BEE1DD4ED914596****", "Action": "DescAttackEvent", "Version": "2022-01-01", "Service": "origin_defence", "Region": "cn-beijing" }, "Result": { "AttackedIpNum": 1, "TotalIpNum": 3, "AttackCount": 3, "Attacks": [ { "Id": 606, "AttackType": "SYN Flood", "Ip": "1.1.1.1", "Status": 2, "PeakDropKbps": 80817, "PeakDropPps": 152646, "Duration": 4269, "StartTime": 1693920180, "EndTime": 1693924449 }, { "Id": 604, "AttackType": "SYN Flood", "Ip": "1.1.1.1", "Status": 2, "PeakDropKbps": 32796, "PeakDropPps": 61950, "Duration": 1869, "StartTime": 1693915020, "EndTime": 1693916890 }, { "Id": 603, "AttackType": "SYN Flood", "Ip": "1.1.1.1", "Status": 2, "PeakDropKbps": 32998, "PeakDropPps": 62005, "Duration": 14319, "StartTime": 1693832970, "EndTime": 1693847290 } ] }, "PageInfo": { "TotalCount": 3, "PageSize": 10, "CurrentPage": 1, "Count": 3 } }