Help Center/ Database Security Service/ API Reference/ API/ Audit Rules/ Querying the Policy List of an Audit Scope

Updated on 2024-11-01 GMT+08:00

Online Debugging

CLI Examples

View PDF

Querying the Policy List of an Audit Scope

Function

This API is used to query the audit scope policy list.

Calling Method

For details, see Calling APIs.

URI

GET /v1/{project_id}/{instance_id}/dbss/audit/rule/scopes

**Table 1** URI parameter
Parameter	Mandatory	Parameter Type	Description
project_id	Yes	String	Project ID.
instance_id	Yes	String	Instance ID. You can obtain the value from the ID field in the API for querying the instance list.

**Table 2** Query parameters
Parameter	Mandatory	Parameter Type	Description
offset	No	String	Offset
limit	No	String	Number of query records.

Request Parameter

**Table 3** Request header parameter
Parameter	Mandatory	Parameter Type	Description
X-Auth-Token	Yes	String	User token. The token can be queried by calling the IAM API. (The token is the value of X-Subject-Token in the response header.)

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Parameter Type	Description
scopes	Array of RuleScopeInfo objects	Audit scope rule list
total	Integer	Total number

**Table 5** RuleScopeInfo
Parameter	Parameter Type	Description
id	String	Audit scope rule ID
name	String	Audit scope name
action	String	Actions in the audit scope
status	String	Audit scope rule status
exception_ips	String	Exception IP address of the audit scope
source_ips	String	Source IP address of the audit scope rule
source_ports	String	Port of the audit scope rule
db_ids	String	Database ID
db_names	String	Database name
db_users	String	Database user
all_audit	Boolean	Full audit or not

Status code: 400

**Table 6** Response body parameter
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 7** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 403

**Table 8** Response body parameter
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 9** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Status code: 500

**Table 10** Response body parameters
Parameter	Parameter Type	Description
error	Object	Error message.

**Table 11** ErrorDetail
Parameter	Parameter Type	Description
error_code	String	Error code
error_msg	String	Error message

Example Request

/v1/{project_id}/{instance_id}/dbss/audit/rule/scopes

Example Response

Status code: 200

Succeeded

{
  "scopes" : [ {
    "id" : "zX4W2ngBo47GiyUSBuNs",
    "name": "Full Audit Rule,
    "action" : "",
    "status" : "ON",
    "exception_ips" : "",
    "source_ips" : "",
    "source_ports" : "",
    "db_ids" : "",
    "db_names" : "",
    "db_users" : "",
    "all_audit" : true
  } ],
  "total" : 1
}

Status code: 400

Request Parameter Error

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status code: 500

Internal Server Error

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Example SDK Code

The sample code is as follows.

Java

    
     
       
       
         package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.dbss.v1.region.DbssRegion;
import com.huaweicloud.sdk.dbss.v1.*;
import com.huaweicloud.sdk.dbss.v1.model.*;


public class ListAuditRuleScopesSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        DbssClient client = DbssClient.newBuilder()
                .withCredential(auth)
                .withRegion(DbssRegion.valueOf("<YOUR REGION>"))
                .build();
        ListAuditRuleScopesRequest request = new ListAuditRuleScopesRequest();
        request.withInstanceId("{instance_id}");
        try {
            ListAuditRuleScopesResponse response = client.listAuditRuleScopes(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

        

      

    
   

Python

    
     
       
       
         # coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkdbss.v1.region.dbss_region import DbssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkdbss.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = DbssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(DbssRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListAuditRuleScopesRequest()
        request.instance_id = "{instance_id}"
        response = client.list_audit_rule_scopes(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

        

      

    
   

Go

    
     
       
       
         package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    dbss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := dbss.NewDbssClient(
        dbss.DbssClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListAuditRuleScopesRequest{}
	request.InstanceId = "{instance_id}"
	response, err := client.ListAuditRuleScopes(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

        

      

    
   

For more SDK code examples in various programming languages, see the Sample Code tab on the right of the API Explorer page, which can automatically generate the corresponding SDK code examples.

Status Code

Status Code	Description
200	Success
400	Incorrect request parameter.
403	Authentication failed.
500	Internal server error.

Error Codes

For details, see Error Codes.

Parent topic: Audit Rules

Previous topic: Enabling or Disabling a Risk Rule

Next topic: Querying SQL Injection Rule Policies

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot