SmartWebSecurity API, REST: SecurityProfile.Get
Returns the specified SecurityProfile resource.
HTTP request
GET https://smartwebsecurity.api.cloud.yandex.net/smartwebsecurity/v1/securityProfiles/{securityProfileId}
Path parameters
|
Field |
Description |
|
securityProfileId |
string Required field. ID of the SecurityProfile resource to return. |
Response
HTTP Code: 200 - OK
{
"id": "string",
"folderId": "string",
"labels": "object",
"name": "string",
"description": "string",
"defaultAction": "string",
"securityRules": [
{
"name": "string",
"priority": "string",
"dryRun": "boolean",
// Includes only one of the fields `ruleCondition`, `smartProtection`, `waf`
"ruleCondition": {
"action": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
}
},
"smartProtection": {
"mode": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
}
},
"waf": {
"mode": "string",
"condition": {
"authority": {
"authorities": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"httpMethod": {
"httpMethods": [
{
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
]
},
"requestUri": {
"path": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
},
"queries": [
{
"key": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
]
},
"headers": [
{
"name": "string",
"value": {
// Includes only one of the fields `exactMatch`, `exactNotMatch`, `prefixMatch`, `prefixNotMatch`, `pireRegexMatch`, `pireRegexNotMatch`
"exactMatch": "string",
"exactNotMatch": "string",
"prefixMatch": "string",
"prefixNotMatch": "string",
"pireRegexMatch": "string",
"pireRegexNotMatch": "string"
// end of the list of possible fields
}
}
],
"sourceIp": {
"ipRangesMatch": {
"ipRanges": [
"string"
]
},
"ipRangesNotMatch": {
"ipRanges": [
"string"
]
},
"geoIpMatch": {
"locations": [
"string"
]
},
"geoIpNotMatch": {
"locations": [
"string"
]
}
}
},
"wafProfileId": "string"
},
// end of the list of possible fields
"description": "string"
}
],
"createdAt": "string",
"cloudId": "string",
"captchaId": "string",
"advancedRateLimiterProfileId": "string",
"analyzeRequestBody": {
"sizeLimit": "string",
"sizeLimitAction": "string"
}
}
A SecurityProfile resource.
|
Field |
Description |
|
id |
string ID of the security profile. |
|
folderId |
string ID of the folder that the security profile belongs to. |
|
labels |
object (map<string, string>) Labels as |
|
name |
string Required field. Name of the security profile. The name is unique within the folder. 1-50 characters long. |
|
description |
string Optional description of the security profile. |
|
defaultAction |
enum (DefaultAction) Required field. Action to perform if none of rules matched.
|
|
securityRules[] |
List of security rules. |
|
createdAt |
string (date-time) Creation timestamp in RFC3339 text format. String in RFC3339 text format. The range of possible values is from To work with values in this field, use the APIs described in the |
|
cloudId |
string ID of the cloud that the security profile belongs to. |
|
captchaId |
string Captcha ID to use with this security profile. Set empty to use default. |
|
advancedRateLimiterProfileId |
string Advanced rate limiter profile ID to use with this security profile. Set empty to use default. |
|
analyzeRequestBody |
Parameters for request body analyzer. |
SecurityRule
A SecurityRule object, see Rules.
|
Field |
Description |
|
name |
string Required field. Name of the rule. The name is unique within the security profile. 1-50 characters long. |
|
priority |
string (int64) Determines the priority for checking the incoming traffic. |
|
dryRun |
boolean This mode allows you to test your security profile or a single rule. |
|
ruleCondition |
Rule actions, see Rule actions. Includes only one of the fields |
|
smartProtection |
Smart Protection rule, see Smart Protection rules. Includes only one of the fields |
|
waf |
Web Application Firewall (WAF) rule, see WAF rules. Includes only one of the fields |
|
description |
string Optional description of the rule. 0-512 characters long. |
RuleCondition
RuleCondition object.
|
Field |
Description |
|
action |
enum (Action) Action to perform if this rule matched.
|
|
condition |
The condition for matching the rule. |
Condition
Condition object. AND semantics implied.
See documentation for matchers description.
|
Field |
Description |
|
authority |
Match authority (Host header). |
|
httpMethod |
Match HTTP method. |
|
requestUri |
Match Request URI. |
|
headers[] |
Match HTTP headers. |
|
sourceIp |
Match IP. |
AuthorityMatcher
AuthorityMatcher object.
|
Field |
Description |
|
authorities[] |
List of authorities. OR semantics implied. |
StringMatcher
StringMatcher object.
|
Field |
Description |
|
exactMatch |
string Includes only one of the fields |
|
exactNotMatch |
string Includes only one of the fields |
|
prefixMatch |
string Includes only one of the fields |
|
prefixNotMatch |
string Includes only one of the fields |
|
pireRegexMatch |
string Includes only one of the fields |
|
pireRegexNotMatch |
string Includes only one of the fields |
HttpMethodMatcher
HttpMethodMatcher object.
|
Field |
Description |
|
httpMethods[] |
List of HTTP methods. OR semantics implied. |
RequestUriMatcher
RequestUriMatcher object. AND semantics implied.
|
Field |
Description |
|
path |
Path of the URI RFC3986. |
|
queries[] |
List of query matchers. AND semantics implied. |
QueryMatcher
QueryMatcher object.
|
Field |
Description |
|
key |
string Required field. Key of the query parameter. |
|
value |
Required field. Value of the query parameter. |
HeaderMatcher
HeaderMatcher object.
|
Field |
Description |
|
name |
string Required field. Name of header (case insensitive). |
|
value |
Required field. Value of the header. |
IpMatcher
IpMatcher object. AND semantics implied.
|
Field |
Description |
|
ipRangesMatch |
|
|
ipRangesNotMatch |
|
|
geoIpMatch |
|
|
geoIpNotMatch |
IpRangesMatcher
IpRangesMatcher object.
|
Field |
Description |
|
ipRanges[] |
string List of IP ranges. OR semantics implied. |
GeoIpMatcher
GeoIpMatcher object.
|
Field |
Description |
|
locations[] |
string ISO 3166-1 alpha 2. OR semantics implied. |
SmartProtection
SmartProtection object.
|
Field |
Description |
|
mode |
enum (Mode) Mode of protection.
|
|
condition |
The condition for matching the rule. |
Waf
Waf object.
|
Field |
Description |
|
mode |
enum (Mode) Mode of protection.
|
|
condition |
The condition for matching the rule. |
|
wafProfileId |
string Required field. ID of WAF profile to use in this rule. |
AnalyzeRequestBody
|
Field |
Description |
|
sizeLimit |
string (int64) Maximum size of body to pass to analyzer. In kilobytes. |
|
sizeLimitAction |
enum (Action) Action to perform if maximum size of body exceeded.
|