# ModifyPolicy
## 1. API Description
This API (ModifyPolicy) is used to modify a protection strategy.
## 2. Input Parameters
The following request parameter list only provides API request parameters.
| Parameter Name | Required | Type | Description |
| -------------- | -------- | ------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| policyId | Yes | String | Protection strategy ID. |
| policyName | No | String | The name of the protection strategy.
The length is 2 to 63 characters.
Only letters, numbers, - and periods (.) are supported.
The name must start and end with a number or a letter.
|
| configType | No | [PolicyUpdateType](https://docs.console.zenlayer.com/api-reference/compute/datastructure#policyupdatetype) | Configuration type. |
| blackIpList | No | Array of String | IP deny list. |
| whiteIpList | No | Array of String | IP allow list. |
| ipBlackTimeout | No | Integer | IP deny timeout. Unit: minutes.
Available range: \[1, 10080].
Value range: \[1, 10080]
|
| ports | No | Array of [DdosPolicyPort](https://docs.console.zenlayer.com/api-reference/compute/datastructure#ddospolicyport) | Port blocking, supports TCP and UDP. |
| blockProtocol | No | Array of [Protocol](https://docs.console.zenlayer.com/api-reference/compute/datastructure#protocol) | Enabled protocol blocking.
UDP and TCP cannot be enabled at the same time.
|
| blockRegions | No | Array of String | Regions blocked. |
| finger | No | Array of [DdosFingerprintRule](https://docs.console.zenlayer.com/api-reference/compute/datastructure#ddosfingerprintrule) | Fingerprint filtering configurations. |
| reflectUdpPort | No | Array of [DdosReflectUdpPort](https://docs.console.zenlayer.com/api-reference/compute/datastructure#ddosreflectudpport) | Port list for reflection attack filtering. |
| trafficControl | No | [DdosTrafficControl](https://docs.console.zenlayer.com/api-reference/compute/datastructure#ddostrafficcontrol) | Source IP rate limiting configurations. |
| tags | No | [TagAssociation](https://docs.console.zenlayer.com/api-reference/compute/datastructure#tagassociation) | The tags associated when creating resources.
Note: The associated tag key cannot be duplicated.
|
## 3. Output Parameters
| Parameter Name | Type | Description |
| -------------- | ------ | --------------------------------------------------------------------------------------------------------------------- |
| requestId | String | The unique request ID, which is returned for each request.
RequestId is required for locating a problem.
|
## 4. Code Example
{% tabs %}
{% tab title="Example" %}
**Modify a protection strategy.**
```json
POST /api/v2/zec HTTP/1.1
Host: console.zenlayer.com
Content-Type: application/json
X-ZC-Action: ModifyPolicy
Request:
{
"policyId": "",
"configType": "UdpReflect",
"policyName": "policyName",
"reflectUdpPort": [
{"port": 22},
{"port": 34}
]
}
Response:
{
"requestId": "T05992D0C-7E8B-4047-B0C0-780F2CD549D3",
"response": {
"requestId": "T05992D0C-7E8B-4047-B0C0-780F2CD549D3"
}
}
```
{% endtab %}
{% endtabs %}
## 5. Developer Resources
Zenlayer Cloud API 2.0 integrates [SDKs](https://docs.console.zenlayer.com/api-reference/api-introduction/toolkit/api-sdk),to make it easier for you to call APIs. More programming languages will be supported.
## 6. Error Codes
The following only lists the error codes related to the API business logic. For other error codes, see [Common Error Codes](https://docs.console.zenlayer.com/api-reference/api-introduction/instruction/commonerrorcode).
| HTTP Status Code | Error Code | Description |
| ---------------- | ----------------------------------------------------------------- | -------------------------------------------------------------------------------------- |
| 404 | INVALID\_DDOS\_POLICY\_NOT\_FOUND | The protection strategy does not exist. |
| 404 | INVALID\_DDOS\_POLICY\_REGION\_NOT\_FOUND | The Geo-Blocking region does not exist. |
| 400 | INVALID\_IP\_FORMAT | Invalid IP format. |
| 400 | INVALID\_POLICY\_PACKET\_LENGTH\_RANGE\_OF\_FINGERPRINT | Invalid port range for fingerprint filtering. |
| 400 | INVALID\_POLICY\_PORT\_OVERLAP | The port range overlaps. |
| 400 | INVALID\_POLICY\_PORT\_RANGE\_OF\_BLOCKING | The port range of the port blocking is incorrect. |
| 400 | INVALID\_POLICY\_PORT\_RANGE\_OF\_FINGERPRINT | Invalid port range for fingerprint filtering. |
| 400 | INVALID\_POLICY\_PROTOCOL\_CONFLICT | Protocol blocking conflict. UDP and TCP cannot be enabled at the same time. |
| 409 | INVALID\_POLICY\_TRAFFIC\_CONTROL\_VALUE | The source IP rate limiting value is not set. |
| 409 | INVALID\_REFLECT\_UDP\_PORT\_CONFLICT\_DEFAULT | The custom UDP reflection source port already exists in the default and cannot be set. |
| 400 | OPERATION\_DENIED\_POLICY\_ACTION\_AFTER\_MATCHING | Traffic can only be dropped based on packet fingerprint rules. |
| 400 | OPERATION\_DENIED\_POLICY\_FINGERPRINT\_FILTER\_LIMITED | The number of fingerprint rules exceeds the limit. |
| 400 | OPERATION\_DENIED\_POLICY\_PORT\_BLOCKING\_LIMITED | The number of port blocked exceeds the limit. |
| 400 | OPERATION\_DENIED\_POLICY\_REFLECTION\_ATTACK\_FILTERING\_LIMITED | The number of UDP reflection source ports exceeds the limit. |
| 400 | OPERATION\_DENIED\_POLICY\_WHITE\_BLACK\_IP\_LIMITED | The number of IP allow and deny lists exceeds the limit. |