Adding a Security Policy
Function
This API is used to create a security policy configuration.
Calling Method
For details, see Calling APIs.
URI
POST /v1/{project_id}/security-policies
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Unique project ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
config |
Yes |
ConfigInfo object |
Policy configuration. |
|
datasource_id |
Yes |
String |
Database ID. |
|
datasource_name |
Yes |
String |
Database name. |
|
datasource_type |
Yes |
String |
Database type. |
|
instance_id |
Yes |
String |
Instance ID. |
|
instance_name |
No |
String |
Instance name. |
|
name |
Yes |
String |
Policy name. |
|
policy |
Yes |
Array of PolicyInfo objects |
Policy information list. |
|
resource |
No |
ResourceInfo object |
Data source information. |
|
type |
Yes |
String |
Policy type. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
ddm_config |
No |
DdmConfig object |
Dynamic data masking policy. |
|
dom_config |
No |
DomConfig object |
Database O&M policy (not supported currently). |
|
gde_config |
No |
GdeConfig object |
Database encryption policy. |
|
sdm_config |
No |
SdmConfig object |
Static data masking policy. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
proxy_port |
No |
Integer |
Agent port. |
|
zk_election_port |
No |
Integer |
User-defined ZooKeeper election port, which is available only for big data (HBase and Hive). |
|
zk_port |
No |
Integer |
User-defined ZooKeeper port, which is available only for big data (HBase and Hive). |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
enc_mode |
No |
Integer |
Encryption mode. 1: encryption, 2: decryption. |
|
proxy_port |
No |
Integer |
Agent port. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
auto_rebuild_target |
No |
Boolean |
Whether to rebuild the table. |
|
clear_target |
No |
Boolean |
Whether to clear the target table. |
|
select_param |
No |
String |
Value of the extraction mode. |
|
select_type |
No |
String |
Extraction type. |
|
skip_dirty_data |
No |
Boolean |
Whether to skip dirty data. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
dbss_policy |
No |
DbssPolicy object |
Database audit policy. |
|
ddm_policy |
No |
DdmPolicy object |
Dynamic data masking policy. |
|
dom_policy |
No |
DomPolicy object |
Database O&M policy information. |
|
gde_policy |
No |
GdePolicy object |
Encryption policy. |
|
sdm_policy |
No |
SdmPolicy object |
Static data masking policy. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
data_mask |
No |
Boolean |
Privacy data masking. |
|
show_result |
No |
Boolean |
Whether to display the result set. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
columns |
No |
Array of Column objects |
Columns configured for the policy. |
|
namespace |
No |
String |
Namespace name. |
|
table |
No |
String |
Table name. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
custom_policy |
No |
Boolean |
Whether to use a custom policy. |
|
data_audit |
No |
Boolean |
Whether to perform data audit. |
|
default_action |
No |
String |
Default action of a policy, such as pass, block, and audit. |
|
intelligent_protection_baseline |
No |
Boolean |
Whether to enable the intelligent protection baseline. |
|
virtual_patch |
No |
Boolean |
Whether to use virtual patches. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
action |
No |
Integer |
1: encryption, 2: decryption. |
|
alg |
No |
String |
Encryption algorithm, which can be sm4, aes-128, or aes-256. |
|
columns |
No |
Array of Column objects |
Column information to be encrypted. |
|
table |
No |
String |
Table name. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
columns |
No |
Array of Column objects |
Column information. |
|
do_mask |
No |
Boolean |
Whether to mask data. |
|
do_move |
No |
Boolean |
Whether to migrate data. |
|
namespace |
No |
String |
Namespace, which is only available for HBase. |
|
table |
No |
String |
Table name. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
mask |
No |
Integer |
Masking algorithm name or ID. |
|
name |
No |
String |
Column name. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
account |
No |
String |
Database username. |
|
address |
No |
String |
Database address. |
|
address_type |
No |
String |
Address type (IPv4 or IPv6). |
|
case_sensitive |
No |
Boolean |
boolean |
|
database_name |
No |
String |
Database name. |
|
extra_params |
No |
String |
Reserved field. |
|
password |
No |
String |
Database password. |
|
port |
No |
Integer |
Database port. |
|
res_id |
No |
String |
Database ID. |
|
res_type |
No |
String |
Database type. |
|
res_version |
No |
String |
Database version. |
Response Parameters
Status code: 200
Created.
None
Example Requests
POST /v1/{project_id}/security-policies
{
"config" : { },
"datasource_id" : "string",
"datasource_name" : "string",
"datasource_type" : "string",
"instance_id" : "string",
"instance_name" : "string",
"name" : "string",
"policy" : [ { } ],
"resource" : { },
"type" : "string"
}
Example Responses
None
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Created. |
|
401 |
Unauthorized. The user is not logged in or the token is invalid. |
|
403 |
Unauthorized to access the resource. |
|
404 |
The specified project does not exist. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
