All Products
Search
Document Center

Global Accelerator:ListSystemSecurityPolicies

Last Updated:Jul 31, 2024

Queries the TLS security policies that are supported by HTTPS listeners.

Operation description

You can select a TLS security policy when you create an HTTPS listener. This API operation is used to query the TLS security policies that are supported by HTTPS listeners.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
ga:ListSystemSecurityPolicieslist
  • SystemSecurityPolicy
    acs:ga:{#regionId}:{#accountId}:ga/*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIdstringNo

The region ID of the Global Accelerator (GA) instance. Set the value to cn-hangzhou.

cn-hangzhou
PageNumberintegerNo

The page number. Default value: 1.

1
PageSizeintegerNo

The number of entries per page. Valid values: 1 to 100. Default value: 10.

10

Response parameters

ParameterTypeDescriptionExample
object

The response parameters.

RequestIdstring

The request ID.

A9B4E54C-9CCD-4002-91A9-D38C6C209192
TotalCountinteger

The total number of entries returned.

2
PageSizeinteger

The number of entries per page.

10
PageNumberinteger

The page number.

1
SecurityPoliciesarray<object>

The list of TLS security policies.

object
SecurityPolicyIdstring

The ID of the TLS security policy.

tls_cipher_policy_1_1
TlsVersionsarray

The supported TLS versions. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3.

string

The supported TLS versions. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3.

["TLSv1.0","TLSv1.2"]
Ciphersarray

The supported cipher suites. The value of this parameter is determined by the value of TLSVersions.

The specified cipher suites must be supported by at least one value of TLSVersions. For example, if you set TLSVersions to TLSv1.3, you must specify cipher suites that are supported by TLSv1.3.

  • Valid values when TLSVersions is set to TLSv1.0 or TLSv1.1:

    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
  • Valid values when TLSVersions is set to TLSv1.2:

    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
    • ECDHE-ECDSA-AES128-GCM-SHA256
    • ECDHE-ECDSA-AES256-GCM-SHA384
    • ECDHE-ECDSA-AES128-SHA256
    • ECDHE-ECDSA-AES256-SHA384
    • ECDHE-RSA-AES128-GCM-SHA256
    • ECDHE-RSA-AES256-GCM-SHA384
    • ECDHE-RSA-AES128-SHA256
    • ECDHE-RSA-AES256-SHA384
    • AES128-GCM-SHA256
    • AES256-GCM-SHA384
    • AES128-SHA256
    • AES256-SHA256
  • Valid values when TLSVersions is set to TLSv1.3:

    • TLS_AES_128_GCM_SHA256
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
    • TLS_AES_128_CCM_SHA256
    • TLS_AES_128_CCM_8_SHA256
string

The supported cipher suites. The value of this parameter is determined by the value of TLSVersions.

The specified cipher suites must be supported by at least one value of TLSVersions. For example, if you set TLSVersions to TLSv1.3, you must specify cipher suites that are supported by TLSv1.3.

  • The cipher suites that are supported by TLSv1.0 and TLSv1.1:

    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
  • The cipher suites that are supported by TLSv1.2:

    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
    • ECDHE-ECDSA-AES128-GCM-SHA256
    • ECDHE-ECDSA-AES256-GCM-SHA384
    • ECDHE-ECDSA-AES128-SHA256
    • ECDHE-ECDSA-AES256-SHA384
    • ECDHE-RSA-AES128-GCM-SHA256
    • ECDHE-RSA-AES256-GCM-SHA384
    • ECDHE-RSA-AES128-SHA256
    • ECDHE-RSA-AES256-SHA384
    • AES128-GCM-SHA256
    • AES256-GCM-SHA384
    • AES128-SHA256
    • AES256-SHA256
  • The cipher suites that are supported by TLSv1.3:

    • TLS_AES_128_GCM_SHA256
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
    • TLS_AES_128_CCM_SHA256
    • TLS_AES_128_CCM_8_SHA256
["ECDHE-ECDSA-AES128-SHA","ECDHE-RSA-AES128-GCM-SHA256"]

Examples

Sample success responses

JSONformat

{
  "RequestId": "A9B4E54C-9CCD-4002-91A9-D38C6C209192",
  "TotalCount": 2,
  "PageSize": 10,
  "PageNumber": 1,
  "SecurityPolicies": [
    {
      "SecurityPolicyId": "tls_cipher_policy_1_1",
      "TlsVersions": [
        "[\"TLSv1.0\",\"TLSv1.2\"]"
      ],
      "Ciphers": [
        "[\"ECDHE-ECDSA-AES128-SHA\",\"ECDHE-RSA-AES128-GCM-SHA256\"]"
      ]
    }
  ]
}

Error codes

HTTP status codeError codeError messageDescription
400NoPermissionNo permissions.No permissions.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-07-23The Error code has changedView Change Details
2023-07-20The internal configuration of the API is changed, but the call is not affectedView Change Details