MENU
      updatePolicy

        updatePolicy


        Article summary

        Available in Classic

        Edit a firewall policy to be applied to Secure Zone.

        Request

        The following describes the request format for the endpoint. The request format is as follows:

        MethodURI
        POST/{type}/{zone}/updatePolicy

        Request headers

        For headers common to Secure Zone APIs, see Secure Zone request headers.

        Request path parameters

        The following describes the parameters.

        FieldTypeRequiredDescription
        typeStringRequiredfirewall type provided by Secure Zone
        • szfw | psfw
          • szfw: Secure Zone Standard
          • psfw: Secure Zone Advanced
        zoneStringRequiredZone in which Secure Zone is configured
        • kr1 | kr2
          • kr1: KR-1 zone
          • kr2: KR-2 zone

        Request body

        The following describes the request body.

        FieldTypeRequiredDescription
        newPolicyNameStringOptionalPolicy name to edit
        • Maintain existing name if not entered
        actionStringRequiredAllow/deny
        • allow | deny
        descriptionStringOptionalPolicy description
        destinationAddressGroupList[]ArrayRequiredInformation for the address group you want to target as a destination
        • Select an address group from those created in advance
        • Check through getAddressGroupList
        • Enter a blank parameter even if there are no address groups to add
        destinationAddressGroupList[].memberNoStringRequiredUser's NAVER Cloud Platform member ID
        destinationAddressGroupList[].instanceNoStringRequiredContract number assigned when creating the instance
        destinationAddressGroupList[].addressGroupNoIntegerRequiredUnique number assigned to the address group
        destinationAddressGroupList[].addressGroupNameStringRequiredDestination address group name
        destinationAddressGroupList[].addressList[]ArrayOptionalInformation about addresses that belong to the address group
        destinationAddressGroupList[].addressList[].memberNoStringOptionalUser's NAVER Cloud Platform member ID
        destinationAddressGroupList[].addressList[].instanceNoStringOptionalContract number assigned when creating the instance
        destinationAddressGroupList[].addressList[].addressNoIntegerRequiredUnique number assigned to the address
        destinationAddressGroupList[].addressList[].addressZoneStringRequiredInformation for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        destinationAddressGroupList[].addressList[].fqdnStringConditionalFull domain name (FQDN)
        • Required if type is fqdn
        destinationAddressGroupList[].addressList[].ipStringConditionalIP address
        • Required if type is ipmask
        destinationAddressGroupList[].addressList[].maskBitIntegerOptionalSubnet mask bit value
        • Available in the Secure Zone Advanced type
        destinationAddressGroupList[].addressList[].nameStringRequiredDestination address name
        destinationAddressGroupList[].addressList[].portStringOptionalPort number
        • Enter if addressZone is db and type is fqdn
        destinationAddressGroupList[].addressList[].typeStringOptionalAddress type information
        • ipmask (default) | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        destinationAddressGroupList[].addressZoneStringRequiredInformation about the zone the destination address group belongs to
        destinationAddressGroupList[].descriptionStringOptionalDestination address group description
        destinationAddressGroupList[].objectStorageBooleanOptionalWhether to use Object Storage
        • true | false (default)
          • true: Object Storage is used
          • false: Object Storage is not used
        destinationAddressList[]ArrayRequiredInformation for the individual addresses you want to target as destinations
        • Enter a blank parameter even if there is no address to add
        destinationAddressList[].memberNoStringOptionalUser's NAVER Cloud Platform member ID
        destinationAddressList[].instanceNoStringOptionalContract number assigned when creating the instance
        destinationAddressList[].addressNoIntegerOptionalUnique number assigned to the address
        destinationAddressList[].addressZoneStringRequiredInformation for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        destinationAddressList[].fqdnStringConditionalFull domain name (FQDN)
        • Required if type is fqdn
        destinationAddressList[].ipStringConditionalIP address
        • Required if type is ipmask
        destinationAddressList[].maskBitIntegerOptionalSubnet mask bit value
        • Available in the Secure Zone Advanced type
        destinationAddressList[].nameStringRequiredDestination address name
        destinationAddressList[].portStringOptionalPort number
        • Enter if addressZone is db and type is fqdn
        destinationAddressList[].typeStringOptionalAddress type information
        • ipmask (default) | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        destinationAddressZoneStringOptionalInformation about the zone to which the address belongs
        • Automatically set via child information, such as address group or address, when not entered
        memberNoStringRequiredUser's NAVER Cloud Platform member ID
        instanceNoStringRequiredContract number assigned when creating the instance
        policyNoStringRequiredUnique number assigned to the policy
        policyNameStringRequiredExisting policy name
        portStringOptionalFirewall service port number
        protocolStringRequiredFirewall service protocol
        sourceAddressGroupList[]ArrayRequiredInformation for the address group you want to target as an origin
        • Select an address group from those created in advance
        • Check through getAddressGroupList
        • Enter a blank parameter even if there are no address groups to add
        sourceAddressGroupList[].memberNoStringRequiredUser's NAVER Cloud Platform member ID
        sourceAddressGroupList[].instanceNoStringRequiredContract number assigned when creating the instance
        sourceAddressGroupList[].addressGroupNoIntegerRequiredUnique number assigned to the address group
        sourceAddressGroupList[].addressGroupNameStringRequiredOrigin address group name
        sourceAddressGroupList[].addressList[]ArrayOptionalInformation about addresses that belong to the address group
        sourceAddressGroupList[].addressList[].memberNoStringOptionalUser's NAVER Cloud Platform member ID
        sourceAddressGroupList[].addressList[].instanceNoStringOptionalContract number assigned when creating the instance
        sourceAddressGroupList[].addressList[].addressNoIntegerRequiredUnique number assigned to the address
        sourceAddressGroupList[].addressList[].addressZoneStringRequiredInformation for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        sourceAddressGroupList[].addressList[].fqdnStringConditionalFull domain name (FQDN)
        • Required if type is fqdn
        sourceAddressGroupList[].addressList[].ipStringConditionalIP address
        • Required if type is ipmask
        sourceAddressGroupList[].addressList[].maskBitIntegerOptionalSubnet mask bit value
        • Available in the Secure Zone Advanced type
        sourceAddressGroupList[].addressList[].nameStringRequiredOrigin address name
        sourceAddressGroupList[].addressList[].portStringOptionalPort number
        • Enter if addressZone is db and type is fqdn
        sourceAddressGroupList[].addressList[].typeStringOptionalAddress type information
        • ipmask (default) | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        sourceAddressGroupList[].addressZoneStringRequiredInformation about the zone the origin address group belongs to
        sourceAddressGroupList[].descriptionStringOptionalOrigin address group description
        sourceAddressGroupList[].objectStorageBooleanOptionalWhether to use Object Storage
        • true | false (default)
          • true: Object Storage is used
          • false: Object Storage is not used
        sourceAddressList[]ArrayRequiredInformation for the individual addresses you want to target as origins
        • Enter a blank parameter even if there is no address to add
        sourceAddressList[].memberNoStringOptionalUser's NAVER Cloud Platform member ID
        sourceAddressList[].instanceNoStringOptionalContract number assigned when creating the instance
        sourceAddressList[].addressNoIntegerOptionalUnique number assigned to the address
        sourceAddressList[].addressZoneStringRequiredInformation for the zone the address belongs to
        • sz | os | vm | db | vpn | lb | kr1
          • sz: Secure Zone
          • os: Object Storage
          • vm: VM
          • db: Cloud DB
          • vpn: SSL VPN or IPsec VPN
          • lb: Load Balancer
          • kr1: KR-1 zone
        sourceAddressList[].fqdnStringConditionalFull domain name (FQDN)
        • Required if type is fqdn
        sourceAddressList[].ipStringConditionalIP address
        • Required if type is ipmask
        sourceAddressList[].maskBitIntegerOptionalSubnet mask bit value
        • Available in the Secure Zone Advanced type
        sourceAddressList[].nameStringRequiredOrigin address name
        sourceAddressList[].portStringOptionalPort number
        • Enter if addressZone is db and type is fqdn
        sourceAddressList[].typeStringOptionalAddress type information
        • ipmask (default) | fqdn
          • ipmask: address defined by IP address and subnet mask
          • fqdn: fully qualified domain name (full domain name)
        sourceAddressZoneStringOptionalInformation about the zone to which the address belongs
        • Automatically set via child information, such as address group or address, when not entered

        Request example

        The following is a sample request.

        curl --location --request POST 'https://securezonefirewall.apigw.ntruss.com/api/v2/szfw/kr2/updatePolicy'
        --header 'x-ncp-apigw-timestamp: {Timestamp}' \
        --header 'x-ncp-iam-access-key: {Access Key}' \
        --header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
        --header 'x-ncp-mbr_no: {User number}' \
        --header 'Content-Type: application/json' \
        --data '{
          "newPolicyName": "testpolicy",
          "action": "deny",
          "description": "policy2",
          "destinationAddressGroupList": [
            {
              "addressGroupName": "Object Storage",
              "addressGroupNo": 5441,
              "description": "",
              "addressList": [],
              "addressZone": "vm",
              "objectStorage": true
            }
          ],
          "destinationAddressList": [],
          "destinationAddressZone": "os",
          "policyName": "pol2",
          "port": "443",
          "protocol": "TCP",
          "sourceAddressGroupList": [],
          "sourceAddressList": [
            {
              "addressNo": 3644,
              "addressZone": "sz",
              "ip": "***.***.***.***",
              "name": "s1906cf93f79",
              "type": "ipmask"
            }
          ],
          "sourceAddressZone": "sz"
        }'
        Curl

        Response

        The following describes the response format.

        Response body

        The following describes the response body.

        FieldTypeRequiredDescription
        actionString-Request type
        returnCodeInteger-Response code
        returnMessageString-Response message

        Response status codes

        For response status codes common to NAVER Cloud Platform, see Ncloud API response status codes.

        Response example

        The following is a sample example.

        {
            "action": "updatePolicy",
            "returnCode": 0,
            "returnMessage": "success"
        }
        JSON

        Was this article helpful?

        Changing your password will log you out immediately. Use the new password to log back in.
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.