getPolicyList

Available in Classic

Get the list of firewall policies.

Request

The following describes the request format for the endpoint. The request format is as follows:

Method	URI
POST	/{type}/{zone}/getPolicyList

Request headers

For headers common to Secure Zone APIs, see Secure Zone request headers.

Request path parameters

The following describes the parameters.

Field	Type	Required	Description
`type`	String	Required	firewall type provided by Secure Zone `szfw` \| `psfw` `szfw`: Secure Zone Standard `psfw`: Secure Zone Advanced
`zone`	String	Required	Zone in which Secure Zone is configured `kr1` \| `kr2` `kr1`: KR-1 zone `kr2`: KR-2 zone

Request body

The following describes the request body.

Field	Type	Required	Description
`page`	Integer	Optional	Page index 0 (default)
`countPerPage`	Integer	Optional	Number of items per page 0 (default)

Request example

The following is a sample request.

curl --location --request POST 'https://securezonefirewall.apigw.ntruss.com/api/v2/szfw/kr2/getPolicyList'
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'x-ncp-mbr_no: {User number}' \
--header 'Content-Type: application/json' \
--data '{
  "countPerPage": 0,
  "page": 0
}'

Response

The following describes the response format.

Response body

The following describes the response body.

Field	Type	Required	Description
`action`	String	-	Request type
`returnCode`	Integer	-	Response code
`returnMessage`	String	-	Response message
`totalCount`	Integer	-	Total number of policies
`policyList[]`	Array	-	List of policies to view
`policyList[].policyNo`	Integer	-	Unique number assigned to the policy
`policyList[].policyName`	String	-	Policy name
`policyList[].description`	String	-	Policy description
`policyList[].action`	String	-	Allow/deny `allow` \| `deny`
`policyList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].sourceAddressList[]`	Array	-	Origin address information
`policyList[].sourceAddressList[].addressNo`	Integer	-	Unique number assigned to the address
`policyList[].sourceAddressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].sourceAddressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].sourceAddressList[].name`	String	-	Address name
`policyList[].sourceAddressList[].ip`	String	-	IP address
`policyList[].sourceAddressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policyList[].sourceAddressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policyList[].sourceAddressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].sourceAddressList[].fqdn`	String	-	Full domain name (FQDN)
`policyList[].sourceAddressList[].dbAddressZone`	Boolean	-	DB address zone status
`policyList[].sourceAddressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policyList[].sourceAddressGroupList[]`	Array	-	Origin address group information
`policyList[].sourceAddressGroupList[].addressGroupNo`	Integer	-	Unique number assigned to the address group
`policyList[].sourceAddressGroupList[].addressGroupName`	String	-	Address group name
`policyList[].sourceAddressGroupList[].description`	String	-	Address group description
`policyList[].sourceAddressGroupList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].sourceAddressGroupList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].sourceAddressGroupList[].addressList[].addressNo`	Integer	-	Unique number assigned to the address
`policyList[].sourceAddressGroupList[].addressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].sourceAddressGroupList[].addressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].sourceAddressGroupList[].addressList[].name`	String	-	Address name
`policyList[].sourceAddressGroupList[].addressList[].ip`	String	-	IP address
`policyList[].sourceAddressGroupList[].addressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policyList[].sourceAddressGroupList[].addressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policyList[].sourceAddressGroupList[].addressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].sourceAddressGroupList[].addressList[].fqdn`	String	-	Full domain name (FQDN)
`policyList[].sourceAddressGroupList[].addressList[].dbAddressZone`	Boolean	-	DB address zone status
`policyList[].sourceAddressGroupList[].addressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policyList[].sourceAddressGroupList[].addressZone`	String	-	Information for the zone the origin address group belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].sourceAddressGroupList[].associatedPoliciesCount`	Integer	-	Not use
`policyList[].sourceAddressGroupList[].objectStorage`	Boolean	-	Whether to use Object Storage `true` \| `false` `true`: Object Storage is used `false`: Object Storage is not used
`policyList[].destinationAddressList[]`	Array	-	Destination address information
`policyList[].destinationAddressList[].addressNo`	Integer	-	Unique number assigned to the address
`policyList[].destinationAddressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].destinationAddressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].destinationAddressList[].name`	String	-	Address name
`policyList[].destinationAddressList[].ip`	String	-	IP address
`policyList[].destinationAddressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policyList[].destinationAddressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policyList[].destinationAddressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].destinationAddressList[].fqdn`	String	-	Full domain name (FQDN)
`policyList[].destinationAddressList[].dbAddressZone`	Boolean	-	DB address zone status
`policyList[].destinationAddressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policyList[].destinationAddressGroupList[]`	Array	-	Destination address group information
`policyList[].destinationAddressGroupList[].addressGroupNo`	Integer	-	Unique number assigned to the address group
`policyList[].destinationAddressGroupList[].addressGroupName`	String	-	Address group name
`policyList[].destinationAddressGroupList[].description`	String	-	Address group description
`policyList[].destinationAddressGroupList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].destinationAddressGroupList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].destinationAddressGroupList[].addressList[].addressNo`	Integer	-	Unique number assigned to the address
`policyList[].destinationAddressGroupList[].addressList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].destinationAddressGroupList[].addressList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].destinationAddressGroupList[].addressList[].name`	String	-	Address name
`policyList[].destinationAddressGroupList[].addressList[].ip`	String	-	IP address
`policyList[].destinationAddressGroupList[].addressList[].port`	String	-	Port number It is displayed if `addressZone` is `db` and `type` is `fqdn`
`policyList[].destinationAddressGroupList[].addressList[].type`	String	-	Address type information `ipmask` \| `fqdn` `ipmask`: address defined by IP address and subnet mask `fqdn`: fully qualified domain name (full domain name)
`policyList[].destinationAddressGroupList[].addressList[].addressZone`	String	-	Information for the zone the address belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].destinationAddressGroupList[].addressList[].fqdn`	String	-	Full domain name (FQDN)
`policyList[].destinationAddressGroupList[].addressList[].dbAddressZone`	Boolean	-	DB address zone status
`policyList[].destinationAddressGroupList[].addressList[].maskBit`	Integer	-	Subnet mask bit value It is displayed for the Secure Zone Advanced type
`policyList[].destinationAddressGroupList[].addressZone`	String	-	Information for the zone the destination address group belongs to `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].destinationAddressGroupList[].associatedPoliciesCount`	Integer	-	Not use
`policyList[].destinationAddressGroupList[].objectStorage`	Boolean	-	Whether to use Object Storage `true` \| `false` `true`: Object Storage is used `false`: Object Storage is not used
`policyList[].sourceAddressZone`	String	-	Information for the zone of the origin address `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].destinationAddressZone`	String	-	Information for the zone of the destination address `sz` \| `os` \| `vm` \| `db` \| `vpn` \| `lb` \| `kr1` `sz`: Secure Zone `os`: Object Storage `vm`: VM `db`: Cloud DB `vpn`: SSL VPN or IPsec VPN `lb`: Load Balancer `kr1`: KR-1 zone
`policyList[].serviceList[]`	Array	-	Service information of the policy to view
`policyList[].serviceList[].serviceNo`	Integer	-	Firewall service number
`policyList[].serviceList[].serviceName`	String	-	Firewall service name
`policyList[].serviceList[].protocol`	String	-	Firewall service protocol
`policyList[].serviceList[].port`	String	-	Firewall service port number
`policyList[].serviceList[].memberNo`	String	-	User's NAVER Cloud Platform member ID
`policyList[].serviceList[].instanceNo`	String	-	Contract number assigned when creating the instance
`policyList[].firewallPolicyId`	Integer	-	ID assigned to the firewall policy
`policyList[].firewallOrder`	Integer	-	Firewall policy order

Response status codes

For response status codes common to NAVER Cloud Platform, see Ncloud API response status codes.

Response example

The following is a sample example.

{
  "action": "getPolicyList",
  "returnCode": 0,
  "returnMessage": "success",
  "totalCount": 1,
  "policyList": [
    {
      "policyNo": 11787,
      "policyName": "pol1",
      "description": "policy1",
      "action": "allow",
      "memberNo": "27***85",
      "instanceNo": "25****11",
      "sourceAddressList": [
        {
          "addressNo": 3643,
          "memberNo": "27***85",
          "instanceNo": "25****11",
          "name": "sv-securezone",
          "ip": "***.***.***.***",
          "type": "ipmask",
          "addressZone": "sz"
        }
      ],
      "sourceAddressGroupList": [],
      "destinationAddressList": [],
      "destinationAddressGroupList": [
        {
          "addressGroupNo": 5432,
          "addressGroupName": "Object Storage",
          "description": "object storage address group",
          "memberNo": "27***85",
          "instanceNo": "25****11",
          "addressList": [],
          "addressZone": "vm",
          "associatedPoliciesCount": 0,
          "objectStorage": true
        }
      ],
      "sourceAddressZone": "sz",
      "destinationAddressZone": "os",
      "serviceList": [
        {
          "serviceNo": 1371,
          "serviceName": "TCP_443",
          "protocol": "TCP",
          "port": "443",
          "memberNo": "27***85",
          "instanceNo": "25****11"
        }
      ],
      "firewallPolicyId": 1,
      "firewallOrder": 1
    }
  ]
}