SmartWebSecurity API, REST: SecurityProfile.List
Retrieves the list of SecurityProfile resources in the specified folder.
HTTP request
GET https://smartwebsecurity.api.cloud.yandex.net/smartwebsecurity/v1/securityProfiles
Query parameters
Field |
Description |
folderId |
string Required field. ID of the folder that the security profile belongs to. |
Response
HTTP Code: 200 - OK
{
"securityProfiles": [
{
"id": "string",
"folderId": "string",
"labels": "object",
"name": "string",
"description": "string",
"defaultAction": "string",
"securityRules": [
{
"name": "string",
"priority": "string",
"dryRun": "boolean",
// Includes only one of the fields `ruleCondition`, `smartProtection`, `waf`
"ruleCondition": {
"action": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
}
},
"smartProtection": {
"mode": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
}
},
"waf": {
"mode": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
},
"wafProfileId": "string"
},
// end of the list of possible fields
"description": "string"
}
],
"createdAt": "string",
"cloudId": "string",
"captchaId": "string",
"advancedRateLimiterProfileId": "string",
"analyzeRequestBody": {
"sizeLimit": "string",
"sizeLimitAction": "string"
}
}
]
}
Field |
Description |
securityProfiles[] |
List of SecurityProfile resources. |
SecurityProfile
A SecurityProfile resource.
Field |
Description |
id |
string ID of the security profile. |
folderId |
string ID of the folder that the security profile belongs to. |
labels |
object (map<string, string>) Labels as |
name |
string Required field. Name of the security profile. The name is unique within the folder. 1-50 characters long. |
description |
string Optional description of the security profile. |
defaultAction |
enum (DefaultAction) Required field. Action to perform if none of rules matched.
|
securityRules[] |
List of security rules. |
createdAt |
string (date-time) Creation timestamp in RFC3339 String in RFC3339 To work with values in this field, use the APIs described in the |
cloudId |
string ID of the cloud that the security profile belongs to. |
captchaId |
string Captcha ID to use with this security profile. Set empty to use default. |
advancedRateLimiterProfileId |
string Advanced rate limiter profile ID to use with this security profile. Set empty to use default. |
analyzeRequestBody |
Parameters for request body analyzer. |
SecurityRule
A SecurityRule object, see Rules.
Field |
Description |
name |
string Required field. Name of the rule. The name is unique within the security profile. 1-50 characters long. |
priority |
string (int64) Determines the priority for checking the incoming traffic. |
dryRun |
boolean This mode allows you to test your security profile or a single rule. |
ruleCondition |
Rule actions, see Rule actions. Includes only one of the fields |
smartProtection |
Smart Protection rule, see Smart Protection rules. Includes only one of the fields |
waf |
Web Application Firewall (WAF) rule, see WAF rules. Includes only one of the fields |
description |
string Optional description of the rule. 0-512 characters long. |
RuleCondition
RuleCondition object.
Field |
Description |
action |
enum (Action) Action to perform if this rule matched.
|
condition |
The condition for matching the rule. |
Condition
Condition object. AND semantics implied.
See documentation for matchers description.
Field |
Description |
authority |
Match authority (Host header). |
httpMethod |
Match HTTP method. |
requestUri |
Match Request URI. |
headers[] |
Match HTTP headers. |
sourceIp |
Match IP. |
AuthorityMatcher
AuthorityMatcher object.
Field |
Description |
authorities[] |
List of authorities. OR semantics implied. |
StringMatcher
StringMatcher object.
Field |
Description |
exactMatch |
string Includes only one of the fields |
exactNotMatch |
string Includes only one of the fields |
prefixMatch |
string Includes only one of the fields |
prefixNotMatch |
string Includes only one of the fields |
pireRegexMatch |
string Includes only one of the fields |
pireRegexNotMatch |
string Includes only one of the fields |
HttpMethodMatcher
HttpMethodMatcher object.
Field |
Description |
httpMethods[] |
List of HTTP methods. OR semantics implied. |
RequestUriMatcher
RequestUriMatcher object. AND semantics implied.
Field |
Description |
path |
Path of the URI RFC3986 |
queries[] |
List of query matchers. AND semantics implied. |
QueryMatcher
QueryMatcher object.
Field |
Description |
key |
string Required field. Key of the query parameter. |
value |
Required field. Value of the query parameter. |
HeaderMatcher
HeaderMatcher object.
Field |
Description |
name |
string Required field. Name of header (case insensitive). |
value |
Required field. Value of the header. |
IpMatcher
IpMatcher object. AND semantics implied.
Field |
Description |
ipRangesMatch |
|
ipRangesNotMatch |
|
geoIpMatch |
|
geoIpNotMatch |
IpRangesMatcher
IpRangesMatcher object.
Field |
Description |
ipRanges[] |
string List of IP ranges. OR semantics implied. |
GeoIpMatcher
GeoIpMatcher object.
Field |
Description |
locations[] |
string ISO 3166-1 alpha 2. OR semantics implied. |
SmartProtection
SmartProtection object.
Field |
Description |
mode |
enum (Mode) Mode of protection.
|
condition |
The condition for matching the rule. |
Waf
Waf object.
Field |
Description |
mode |
enum (Mode) Mode of protection.
|
condition |
The condition for matching the rule. |
wafProfileId |
string Required field. ID of WAF profile to use in this rule. |
AnalyzeRequestBody
Field |
Description |
sizeLimit |
string (int64) Maximum size of body to pass to analyzer. In kilobytes. |
sizeLimitAction |
enum (Action) Action to perform if maximum size of body exceeded.
|