SmartWebSecurity API, gRPC: SecurityProfileService.Get
Returns the specified SecurityProfile resource.
gRPC request
rpc Get (GetSecurityProfileRequest) returns (SecurityProfile)
GetSecurityProfileRequest
{
"security_profile_id": "string"
}
|
Field |
Description |
|
security_profile_id |
string Required field. ID of the SecurityProfile resource to return. |
SecurityProfile
{
"id": "string",
"folder_id": "string",
"labels": "map<string, string>",
"name": "string",
"description": "string",
"default_action": "DefaultAction",
"security_rules": [
{
"name": "string",
"priority": "int64",
"dry_run": "bool",
// Includes only one of the fields `rule_condition`, `smart_protection`, `waf`
"rule_condition": {
"action": "Action",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
]
},
"http_method": {
"http_methods": [
{
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
]
},
"request_uri": {
"path": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
}
],
"source_ip": {
"ip_ranges_match": {
"ip_ranges": [
"string"
]
},
"ip_ranges_not_match": {
"ip_ranges": [
"string"
]
},
"geo_ip_match": {
"locations": [
"string"
]
},
"geo_ip_not_match": {
"locations": [
"string"
]
}
}
}
},
"smart_protection": {
"mode": "Mode",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
]
},
"http_method": {
"http_methods": [
{
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
]
},
"request_uri": {
"path": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
}
],
"source_ip": {
"ip_ranges_match": {
"ip_ranges": [
"string"
]
},
"ip_ranges_not_match": {
"ip_ranges": [
"string"
]
},
"geo_ip_match": {
"locations": [
"string"
]
},
"geo_ip_not_match": {
"locations": [
"string"
]
}
}
}
},
"waf": {
"mode": "Mode",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
]
},
"http_method": {
"http_methods": [
{
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
]
},
"request_uri": {
"path": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exact_match`, `exact_not_match`, `prefix_match`, `prefix_not_match`, `pire_regex_match`, `pire_regex_not_match`
"exact_match": "string",
"exact_not_match": "string",
"prefix_match": "string",
"prefix_not_match": "string",
"pire_regex_match": "string",
"pire_regex_not_match": "string"
// end of the list of possible fields
}
}
],
"source_ip": {
"ip_ranges_match": {
"ip_ranges": [
"string"
]
},
"ip_ranges_not_match": {
"ip_ranges": [
"string"
]
},
"geo_ip_match": {
"locations": [
"string"
]
},
"geo_ip_not_match": {
"locations": [
"string"
]
}
}
},
"waf_profile_id": "string"
},
// end of the list of possible fields
"description": "string"
}
],
"created_at": "google.protobuf.Timestamp",
"cloud_id": "string",
"captcha_id": "string",
"advanced_rate_limiter_profile_id": "string",
"analyze_request_body": {
"size_limit": "int64",
"size_limit_action": "Action"
}
}
A SecurityProfile resource.
|
Field |
Description |
|
id |
string ID of the security profile. |
|
folder_id |
string ID of the folder that the security profile belongs to. |
|
labels |
object (map<string, string>) Labels as |
|
name |
string Required field. Name of the security profile. The name is unique within the folder. 1-50 characters long. |
|
description |
string Optional description of the security profile. |
|
default_action |
enum DefaultAction Required field. Action to perform if none of rules matched.
|
|
security_rules[] |
List of security rules. |
|
created_at |
Creation timestamp in RFC3339 text format. |
|
cloud_id |
string ID of the cloud that the security profile belongs to. |
|
captcha_id |
string Captcha ID to use with this security profile. Set empty to use default. |
|
advanced_rate_limiter_profile_id |
string Advanced rate limiter profile ID to use with this security profile. Set empty to use default. |
|
analyze_request_body |
Parameters for request body analyzer. |
SecurityRule
A SecurityRule object, see Rules.
|
Field |
Description |
|
name |
string Required field. Name of the rule. The name is unique within the security profile. 1-50 characters long. |
|
priority |
int64 Determines the priority for checking the incoming traffic. |
|
dry_run |
bool This mode allows you to test your security profile or a single rule. |
|
rule_condition |
Rule actions, see Rule actions. Includes only one of the fields |
|
smart_protection |
Smart Protection rule, see Smart Protection rules. Includes only one of the fields |
|
waf |
Web Application Firewall (WAF) rule, see WAF rules. Includes only one of the fields |
|
description |
string Optional description of the rule. 0-512 characters long. |
RuleCondition
RuleCondition object.
|
Field |
Description |
|
action |
enum Action Action to perform if this rule matched.
|
|
condition |
The condition for matching the rule. |
Condition
Condition object. AND semantics implied.
See documentation for matchers description.
|
Field |
Description |
|
authority |
Match authority (Host header). |
|
http_method |
Match HTTP method. |
|
request_uri |
Match Request URI. |
|
headers[] |
Match HTTP headers. |
|
source_ip |
Match IP. |
AuthorityMatcher
AuthorityMatcher object.
|
Field |
Description |
|
authorities[] |
List of authorities. OR semantics implied. |
StringMatcher
StringMatcher object.
|
Field |
Description |
|
exact_match |
string Includes only one of the fields |
|
exact_not_match |
string Includes only one of the fields |
|
prefix_match |
string Includes only one of the fields |
|
prefix_not_match |
string Includes only one of the fields |
|
pire_regex_match |
string Includes only one of the fields |
|
pire_regex_not_match |
string Includes only one of the fields |
HttpMethodMatcher
HttpMethodMatcher object.
|
Field |
Description |
|
http_methods[] |
List of HTTP methods. OR semantics implied. |
RequestUriMatcher
RequestUriMatcher object. AND semantics implied.
|
Field |
Description |
|
path |
Path of the URI RFC3986. |
|
queries[] |
List of query matchers. AND semantics implied. |
QueryMatcher
QueryMatcher object.
|
Field |
Description |
|
key |
string Required field. Key of the query parameter. |
|
value |
Required field. Value of the query parameter. |
HeaderMatcher
HeaderMatcher object.
|
Field |
Description |
|
name |
string Required field. Name of header (case insensitive). |
|
value |
Required field. Value of the header. |
IpMatcher
IpMatcher object. AND semantics implied.
|
Field |
Description |
|
ip_ranges_match |
|
|
ip_ranges_not_match |
|
|
geo_ip_match |
|
|
geo_ip_not_match |
IpRangesMatcher
IpRangesMatcher object.
|
Field |
Description |
|
ip_ranges[] |
string List of IP ranges. OR semantics implied. |
GeoIpMatcher
GeoIpMatcher object.
|
Field |
Description |
|
locations[] |
string ISO 3166-1 alpha 2. OR semantics implied. |
SmartProtection
SmartProtection object.
|
Field |
Description |
|
mode |
enum Mode Mode of protection.
|
|
condition |
The condition for matching the rule. |
Waf
Waf object.
|
Field |
Description |
|
mode |
enum Mode Mode of protection.
|
|
condition |
The condition for matching the rule. |
|
waf_profile_id |
string Required field. ID of WAF profile to use in this rule. |
AnalyzeRequestBody
|
Field |
Description |
|
size_limit |
int64 Maximum size of body to pass to analyzer. In kilobytes. |
|
size_limit_action |
enum Action Action to perform if maximum size of body exceeded.
|