getPolicy

Article summary

Did you find this summary helpful?

Thank you for your feedback

Available in Classic

Get information about the selected firewall policy among the firewall policies.

Request

The following describes the request format for the endpoint. The request format is as follows:

Method	URI
POST	/{type}/{zone}/getPolicy

Request headers

For headers common to Secure Zone APIs, see Secure Zone request headers.

Request path parameters

The following describes the parameters.

Field	Type	Required	Description
`type`	String	Required	firewall type provided by Secure Zone `szfw` \| `psfw` `szfw`: Secure Zone Standard `psfw`: Secure Zone Advanced
`zone`	String	Required	Zone in which Secure Zone is configured `kr1` \| `kr2` `kr1`: KR-1 zone `kr2`: KR-2 zone

Request body

The following describes the request body.

Field	Type	Required	Description
`policyName`	String	Conditional	Name of the policy to view Check through getPolicyList Required if `policyNo` is not specified
`policyNo`	String	Conditional	Unique number assigned to the policy Check through getPolicyList Required if `policyName` is not specified Get the lowest priority policy when 0 is entered

Request example

The following is a sample request.

curl --location --request POST 'https://securezonefirewall.apigw.ntruss.com/api/v2/szfw/kr2/getPolicy'
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'x-ncp-mbr_no: {User number}' \
--header 'Content-Type: application/json' \
--data '{
  "policyName": "pol1",
  "policyNo": 0
}'

Response

The following describes the response format.

Response body

The following describes the response body.

Field	Type	Required	Description
`action`	String	-	Request type
`returnCode`	Integer	-	Response code
`returnMessage`	String	-	Response message
`policy`	List<String>	-	Information of the policy to view
`policy.policyNo`	Integer	-	Unique number assigned to the policy
`policy.policyName`	String	-	Policy name
`policy.description`	String	-	Policy description
`policy.action`	String	-	Allow/deny `allow` \| `deny`
`policy.memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.instanceNo`	String	-	Contract number assigned when creating the instance
`policy.sourceAddressList[]`	Array	-	Origin address information
`policy.sourceAddressList[].addressNo`	Integer	-	Unique number assigned to the address
`policy.sourceAddressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.sourceAddressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policy.sourceAddressList[].name`	String	-	Address name
`policy.sourceAddressList[].ip`	String	-	IP address
`policy.sourceAddressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policy.sourceAddressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policy.sourceAddressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.sourceAddressList[].fqdn`	String	-	Full domain name (FQDN)
`policy.sourceAddressList[].dbAddressZone`	Boolean	-	DB address zone status
`policy.sourceAddressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policy.sourceAddressGroupList[]`	Array	-	Origin address group information
`policy.sourceAddressGroupList[].addressGroupNo`	Integer	-	Unique number assigned to the address group
`policy.sourceAddressGroupList[].addressGroupName`	String	-	Address group name
`policy.sourceAddressGroupList[].description`	String	-	Address group description
`policy.sourceAddressGroupList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.sourceAddressGroupList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policy.sourceAddressGroupList[].addressList[].addressNo`	Integer	-	Unique number assigned to the address
`policy.sourceAddressGroupList[].addressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.sourceAddressGroupList[].addressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policy.sourceAddressGroupList[].addressList[].name`	String	-	Address name
`policy.sourceAddressGroupList[].addressList[].ip`	String	-	IP address
`policy.sourceAddressGroupList[].addressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policy.sourceAddressGroupList[].addressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policy.sourceAddressGroupList[].addressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.sourceAddressGroupList[].addressList[].fqdn`	String	-	Full domain name (FQDN)
`policy.sourceAddressGroupList[].addressList[].dbAddressZone`	Boolean	-	DB address zone status
`policy.sourceAddressGroupList[].addressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policy.sourceAddressGroupList[].addressZone`	String	-	Information for the zone the origin address group belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.sourceAddressGroupList[].associatedPoliciesCount`	Integer	-	Not use
`policy.sourceAddressGroupList[].objectStorage`	Boolean	-	Whether to use Object Storage `true` \| `false` `true`: Object Storage is used `false`: Object Storage is not used
`policy.destinationAddressList[]`	Array	-	Destination address information
`policy.destinationAddressList[].addressNo`	Integer	-	Unique number assigned to the address
`policy.destinationAddressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.destinationAddressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policy.destinationAddressList[].name`	String	-	Address name
`policy.destinationAddressList[].ip`	String	-	IP address
`policy.destinationAddressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policy.destinationAddressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policy.destinationAddressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.destinationAddressList[].fqdn`	String	-	Full domain name (FQDN)
`policy.destinationAddressList[].dbAddressZone`	Boolean	-	DB address zone status
`policy.destinationAddressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policy.destinationAddressGroupList[]`	Array	-	Destination address group information
`policy.destinationAddressGroupList[].addressGroupNo`	Integer	-	Unique number assigned to the address group
`policy.destinationAddressGroupList[].addressGroupName`	String	-	Address group name
`policy.destinationAddressGroupList[].description`	String	-	Address group description
`policy.destinationAddressGroupList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.destinationAddressGroupList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policy.destinationAddressGroupList[].addressList[].addressNo`	Integer	-	Unique number assigned to the address
`policy.destinationAddressGroupList[].addressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.destinationAddressGroupList[].addressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policy.destinationAddressGroupList[].addressList[].name`	String	-	Address name
`policy.destinationAddressGroupList[].addressList[].ip`	String	-	IP address
`policy.destinationAddressGroupList[].addressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policy.destinationAddressGroupList[].addressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policy.destinationAddressGroupList[].addressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.destinationAddressGroupList[].addressList[].fqdn`	String	-	Full domain name (FQDN)
`policy.destinationAddressGroupList[].addressList[].dbAddressZone`	Boolean	-	DB address zone status
`policy.destinationAddressGroupList[].addressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policy.destinationAddressGroupList[].addressZone`	String	-	Information for the zone the destination address group belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.destinationAddressGroupList[].associatedPoliciesCount`	Integer	-	Not use
`policy.destinationAddressGroupList[].objectStorage`	Boolean	-	Whether to use Object Storage `true` \| `false` `true`: Object Storage is used `false`: Object Storage is not used
`policy.sourceAddressZone`	String	-	Information for the zone of the origin address `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.destinationAddressZone`	String	-	Information for the zone of the destination address `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policy.serviceList[]`	Array	-	Service information of the policy to view
`policy.serviceList[].serviceNo`	Integer	-	Firewall service number
`policy.serviceList[].serviceName`	String	-	Firewall service name
`policy.serviceList[].protocol`	String	-	Firewall service protocol
`policy.serviceList[].port`	String	-	Firewall service port number
`policy.serviceList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policy.serviceList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policy.firewallPolicyId`	Integer	-	ID assigned to the firewall policy
`policy.firewallOrder`	Integer	-	Firewall policy order

Response status codes

For response status codes common to NAVER Cloud Platform, see Ncloud API response status codes.

Response example

The following is a sample example.

{
    "action": "getPolicy",
    "returnCode": 0,
    "returnMessage": "success",
    "policy": {
        "policyNo": 11787,
        "policyName": "pol1",
        "description": "policy1",
        "action": "allow",
        "memberNo": "27***85",
        "instanceNo": "25****11",
        "sourceAddressList": [
            {
                "addressNo": 3643,
                "memberNo": "27***85",
                "instanceNo": "25****11",
                "name": "sv-securezone",
                "ip": "***.***.***.***",
                "type": "ipmask",
                "addressZone": "sz"
            }
        ],
        "sourceAddressGroupList": [],
        "destinationAddressList": [],
        "destinationAddressGroupList": [
            {
                "addressGroupNo": 5432,
                "addressGroupName": "Object Storage",
                "description": "object storage address group",
                "memberNo": "27***85",
                "instanceNo": "25****11",
                "addressList": [],
                "addressZone": "vm",
                "associatedPoliciesCount": 0,
                "objectStorage": true
            }
        ],
        "sourceAddressZone": "sz",
        "destinationAddressZone": "os",
        "serviceList": [
            {
                "serviceNo": 1371,
                "serviceName": "TCP_443",
                "protocol": "TCP",
                "port": "443",
                "memberNo": "27***85",
                "instanceNo": "25****11"
            }
        ],
        "firewallPolicyId": 1,
        "firewallOrder": 1
    }
}

Was this article helpful?

What's Next

getPolicyList

Table of contents

Request
Response