Help Center/ Database Security Service/ API Reference/ API/ Audit Rules/ Querying SQL Injection Rule Policies
Updated on 2024-11-01 GMT+08:00

Querying SQL Injection Rule Policies

Function

This API is used to query an SQL injection rule policy.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/{instance_id}/dbss/audit/rule/sql-injections

Table 1 URI parameter

Parameter

Mandatory

Parameter Type

Description

project_id

Yes

String

Project ID.

instance_id

Yes

String

Instance ID. You can obtain the value from the ID field in the API for querying the instance list.

Request Parameter

Table 2 Request header parameter

Parameter

Mandatory

Parameter Type

Description

X-Auth-Token

Yes

String

User token. The token can be queried by calling the IAM API. (The token is the value of X-Subject-Token in the response header.)

Table 3 Request body parameters

Parameter

Mandatory

Parameter Type

Description

risk_levels

No

String

Risk severity.

  • HIGH
  • MEDIUM
  • LOW
  • NO_RISK

Response Parameters

Status code: 200

Table 4 Response body parameter

Parameter

Parameter Type

Description

rules

Array of rules objects

SQL rule list

total

Integer

Total number

Table 5 rules

Parameter

Parameter Type

Description

id

String

SQL rule ID

name

String

SQL rule name

status

String

Rule status. The options are as follows:

  • ON
  • OFF

risk_level

String

Risk severity.

  • HIGH
  • MEDIUM
  • LOW

type

String

Risk type

rank

Integer

Priority. A smaller value indicates a higher priority.

feature

String

SQL command features

regex

String

Regular expression

Status code: 400

Table 6 Response body parameters

Parameter

Parameter Type

Description

error

Object

Error message.

Table 7 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 403

Table 8 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.

Table 9 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Status code: 500

Table 10 Response body parameter

Parameter

Parameter Type

Description

error

Object

Error message.

Table 11 ErrorDetail

Parameter

Parameter Type

Description

error_code

String

Error code

error_msg

String

Error message

Example Request

/v1/{project_id}/{instance_id}/dbss/audit/rule/sql-injections

{
  "risk_levels" : "HIGH"
}

Response Examples

Status code: 200

Succeeded

{
  "rules" : [ {
    "id" : "zX4W2ngBo47GiyUSBuNs",
    "name": "MySQL error based SQL injection",
    "status" : "ON",
    "type" : "SYSTEM",
    "risk_level" : "HIGH",
    "rank" : 1,
    "feature": "regular expression,
    "regex" : "((.*)?(select)\\s+[0-9]+\\s+from\\s+\\(\\s*select\\s+count(.*)?(concat)\\s*(.*)?(from)\\s*(information_schema.tables)(.*)?(group)\\s+(by)(.*)?)"
  } ],
  "total" : 1
}

Status code: 400

Incorrect request parameters.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Status code: 500

Internal server error.

{
  "error" : {
    "error_code" : "DBSS.XXXX",
    "error_msg" : "XXX"
  }
}

Example SDK Code

The sample code is as follows.

Java

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.dbss.v1.region.DbssRegion;
import com.huaweicloud.sdk.dbss.v1.*;
import com.huaweicloud.sdk.dbss.v1.model.*;


public class ListSqlInjectionRulesSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        DbssClient client = DbssClient.newBuilder()
                .withCredential(auth)
                .withRegion(DbssRegion.valueOf("<YOUR REGION>"))
                .build();
        ListSqlInjectionRulesRequest request = new ListSqlInjectionRulesRequest();
        request.withInstanceId("{instance_id}");
        SqlRuleRequest body = new SqlRuleRequest();
        body.withRiskLevels("HIGH");
        request.withBody(body);
        try {
            ListSqlInjectionRulesResponse response = client.listSqlInjectionRules(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Python

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkdbss.v1.region.dbss_region import DbssRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkdbss.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = DbssClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(DbssRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = ListSqlInjectionRulesRequest()
        request.instance_id = "{instance_id}"
        request.body = SqlRuleRequest(
            risk_levels="HIGH"
        )
        response = client.list_sql_injection_rules(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Go

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    dbss "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dbss/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := dbss.NewDbssClient(
        dbss.DbssClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.ListSqlInjectionRulesRequest{}
	request.InstanceId = "{instance_id}"
	riskLevelsSqlRuleRequest:= "HIGH"
	request.Body = &model.SqlRuleRequest{
		RiskLevels: &riskLevelsSqlRuleRequest,
	}
	response, err := client.ListSqlInjectionRules(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

More

For more SDK code examples in various programming languages, see the Sample Code tab on the right of the API Explorer page, which can automatically generate the corresponding SDK code examples.

Status Code

Status Code

Description

200

Request succeeded.

400

Incorrect request parameter.

403

Authentication failed.

500

Internal server error.

Error Codes

For details, see Error Codes.