MENU
      getPolicy

        getPolicy


        Article summary

        Available in Classic

        Get information about the selected firewall policy among the firewall policies.

        Request

        The following describes the request format for the endpoint. The request format is as follows:

        MethodURI
        POST/{type}/{zone}/getPolicy

        Request headers

        For headers common to Secure Zone APIs, see Secure Zone request headers.

        Request path parameters

        The following describes the parameters.

        FieldTypeRequiredDescription
        typeStringRequiredfirewall type provided by Secure Zone
        • szfw | psfw
          • szfw: Secure Zone Standard
          • psfw: Secure Zone Advanced
        zoneStringRequiredZone in which Secure Zone is configured
        • kr1 | kr2
          • kr1: KR-1 zone
          • kr2: KR-2 zone

        Request body

        The following describes the request body.

        FieldTypeRequiredDescription
        policyNameStringConditionalName of the policy to view
        policyNoStringConditionalUnique number assigned to the policy
        • Check through getPolicyList
        • Required if policyName is not specified
        • Get the lowest priority policy when 0 is entered

        Request example

        The following is a sample request.

        curl --location --request POST 'https://securezonefirewall.apigw.ntruss.com/api/v2/szfw/kr2/getPolicy'
        --header 'x-ncp-apigw-timestamp: {Timestamp}' \
        --header 'x-ncp-iam-access-key: {Access Key}' \
        --header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
        --header 'x-ncp-mbr_no: {User number}' \
        --header 'Content-Type: application/json' \
        --data '{
          "policyName": "pol1",
          "policyNo": 0
        }'
        Curl

        Response

        The following describes the response format.

        Response body

        The following describes the response body.

        FieldTypeRequiredDescription
        actionString-Request type
        returnCodeInteger-Response code
        returnMessageString-Response message
        policyList<String>-Information of the policy to view
        policy.policyNoInteger-Unique number assigned to the policy
        policy.policyNameString-Policy name
        policy.descriptionString-Policy description
        policy.actionString-Allow/deny
        • allow | deny
        policy.memberNoString-User's NAVER Cloud Platform member ID
        policy.instanceNoString-Contract number assigned when creating the instance
        policy.sourceAddressList[]Array-Origin address information
        policy.sourceAddressList[].addressNoInteger-Unique number assigned to the address
        policy.sourceAddressList[].memberNoString-User's NAVER Cloud Platform member ID
        policy.sourceAddressList[].instanceNoString-Contract number assigned when creating the instance
        policy.sourceAddressList[].nameString-Address name
        policy.sourceAddressList[].ipString-IP address
        policy.sourceAddressList[].portString-Port number
        • It is displayed if addressZone is db and type is fqdn
        policy.sourceAddressList[].typeString-Address type information
        • ipmask | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        policy.sourceAddressList[].addressZoneString-Information for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.sourceAddressList[].fqdnString-Full domain name (FQDN)
        policy.sourceAddressList[].dbAddressZoneBoolean-DB address zone status
        policy.sourceAddressList[].maskBitInteger-Subnet mask bit value
        • It is displayed for the Secure Zone Advanced type
        policy.sourceAddressGroupList[]Array-Origin address group information
        policy.sourceAddressGroupList[].addressGroupNoInteger-Unique number assigned to the address group
        policy.sourceAddressGroupList[].addressGroupNameString-Address group name
        policy.sourceAddressGroupList[].descriptionString-Address group description
        policy.sourceAddressGroupList[].memberNoString-User's NAVER Cloud Platform member ID
        policy.sourceAddressGroupList[].instanceNoString-Contract number assigned when creating the instance
        policy.sourceAddressGroupList[].addressList[].addressNoInteger-Unique number assigned to the address
        policy.sourceAddressGroupList[].addressList[].memberNoString-User's NAVER Cloud Platform member ID
        policy.sourceAddressGroupList[].addressList[].instanceNoString-Contract number assigned when creating the instance
        policy.sourceAddressGroupList[].addressList[].nameString-Address name
        policy.sourceAddressGroupList[].addressList[].ipString-IP address
        policy.sourceAddressGroupList[].addressList[].portString-Port number
        • It is displayed if addressZone is db and type is fqdn
        policy.sourceAddressGroupList[].addressList[].typeString-Address type information
        • ipmask | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        policy.sourceAddressGroupList[].addressList[].addressZoneString-Information for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.sourceAddressGroupList[].addressList[].fqdnString-Full domain name (FQDN)
        policy.sourceAddressGroupList[].addressList[].dbAddressZoneBoolean-DB address zone status
        policy.sourceAddressGroupList[].addressList[].maskBitInteger-Subnet mask bit value
        • It is displayed for the Secure Zone Advanced type
        policy.sourceAddressGroupList[].addressZoneString-Information for the zone the origin address group belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.sourceAddressGroupList[].associatedPoliciesCountInteger-Not use
        policy.sourceAddressGroupList[].objectStorageBoolean-Whether to use Object Storage
        • true | false
          • true: Object Storage is used
          • false: Object Storage is not used
        policy.destinationAddressList[]Array-Destination address information
        policy.destinationAddressList[].addressNoInteger-Unique number assigned to the address
        policy.destinationAddressList[].memberNoString-User's NAVER Cloud Platform member ID
        policy.destinationAddressList[].instanceNoString-Contract number assigned when creating the instance
        policy.destinationAddressList[].nameString-Address name
        policy.destinationAddressList[].ipString-IP address
        policy.destinationAddressList[].portString-Port number
        • It is displayed if addressZone is db and type is fqdn
        policy.destinationAddressList[].typeString-Address type information
        • ipmask | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        policy.destinationAddressList[].addressZoneString-Information for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.destinationAddressList[].fqdnString-Full domain name (FQDN)
        policy.destinationAddressList[].dbAddressZoneBoolean-DB address zone status
        policy.destinationAddressList[].maskBitInteger-Subnet mask bit value
        • It is displayed for the Secure Zone Advanced type
        policy.destinationAddressGroupList[]Array-Destination address group information
        policy.destinationAddressGroupList[].addressGroupNoInteger-Unique number assigned to the address group
        policy.destinationAddressGroupList[].addressGroupNameString-Address group name
        policy.destinationAddressGroupList[].descriptionString-Address group description
        policy.destinationAddressGroupList[].memberNoString-User's NAVER Cloud Platform member ID
        policy.destinationAddressGroupList[].instanceNoString-Contract number assigned when creating the instance
        policy.destinationAddressGroupList[].addressList[].addressNoInteger-Unique number assigned to the address
        policy.destinationAddressGroupList[].addressList[].memberNoString-User's NAVER Cloud Platform member ID
        policy.destinationAddressGroupList[].addressList[].instanceNoString-Contract number assigned when creating the instance
        policy.destinationAddressGroupList[].addressList[].nameString-Address name
        policy.destinationAddressGroupList[].addressList[].ipString-IP address
        policy.destinationAddressGroupList[].addressList[].portString-Port number
        • It is displayed if addressZone is db and type is fqdn
        policy.destinationAddressGroupList[].addressList[].typeString-Address type information
        • ipmask | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        policy.destinationAddressGroupList[].addressList[].addressZoneString-Information for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.destinationAddressGroupList[].addressList[].fqdnString-Full domain name (FQDN)
        policy.destinationAddressGroupList[].addressList[].dbAddressZoneBoolean-DB address zone status
        policy.destinationAddressGroupList[].addressList[].maskBitInteger-Subnet mask bit value
        • It is displayed for the Secure Zone Advanced type
        policy.destinationAddressGroupList[].addressZoneString-Information for the zone the destination address group belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.destinationAddressGroupList[].associatedPoliciesCountInteger-Not use
        policy.destinationAddressGroupList[].objectStorageBoolean-Whether to use Object Storage
        • true | false
          • true: Object Storage is used
          • false: Object Storage is not used
        policy.sourceAddressZoneString-Information for the zone of the origin address
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.destinationAddressZoneString-Information for the zone of the destination address
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        policy.serviceList[]Array-Service information of the policy to view
        policy.serviceList[].serviceNoInteger-Firewall service number
        policy.serviceList[].serviceNameString-Firewall service name
        policy.serviceList[].protocolString-Firewall service protocol
        policy.serviceList[].portString-Firewall service port number
        policy.serviceList[].memberNoString-User's NAVER Cloud Platform member ID
        policy.serviceList[].instanceNoString-Contract number assigned when creating the instance
        policy.firewallPolicyIdInteger-ID assigned to the firewall policy
        policy.firewallOrderInteger-Firewall policy order

        Response status codes

        For response status codes common to NAVER Cloud Platform, see Ncloud API response status codes.

        Response example

        The following is a sample example.

        {
            "action": "getPolicy",
            "returnCode": 0,
            "returnMessage": "success",
            "policy": {
                "policyNo": 11787,
                "policyName": "pol1",
                "description": "policy1",
                "action": "allow",
                "memberNo": "27***85",
                "instanceNo": "25****11",
                "sourceAddressList": [
                    {
                        "addressNo": 3643,
                        "memberNo": "27***85",
                        "instanceNo": "25****11",
                        "name": "sv-securezone",
                        "ip": "***.***.***.***",
                        "type": "ipmask",
                        "addressZone": "sz"
                    }
                ],
                "sourceAddressGroupList": [],
                "destinationAddressList": [],
                "destinationAddressGroupList": [
                    {
                        "addressGroupNo": 5432,
                        "addressGroupName": "Object Storage",
                        "description": "object storage address group",
                        "memberNo": "27***85",
                        "instanceNo": "25****11",
                        "addressList": [],
                        "addressZone": "vm",
                        "associatedPoliciesCount": 0,
                        "objectStorage": true
                    }
                ],
                "sourceAddressZone": "sz",
                "destinationAddressZone": "os",
                "serviceList": [
                    {
                        "serviceNo": 1371,
                        "serviceName": "TCP_443",
                        "protocol": "TCP",
                        "port": "443",
                        "memberNo": "27***85",
                        "instanceNo": "25****11"
                    }
                ],
                "firewallPolicyId": 1,
                "firewallOrder": 1
            }
        }
        JSON

        Was this article helpful?

        Changing your password will log you out immediately. Use the new password to log back in.
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.