All Products
Search
Document Center

Security Center:GetStrategyTemplateDetail

Last Updated:Nov 25, 2024

Queries the usage details of templates provided in the feature of proactive defense for containers for rules.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
yundun-sas:GetStrategyTemplateDetailget
*All Resources
*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
StrategyIdlongNo

The ID of the template.

Note You can call the GetOpaStrategyTemplateSummary operation to query the IDs of templates.
2

Response parameters

ParameterTypeDescriptionExample
object

The response parameters.

Dataobject

The details of the template.

StrategyIdlong

The ID of the rule.

1005
StrategyTemplateIdlong

The ID of the template.

1204
ClusterIdstring

The cluster ID.

c8ca91e0907d94efaba7fb0827eb9****
StrategyNamestring

The name of the rule.

Blank template
Descriptionstring

The description of the rule.

Custom defense configuration
ClusterNamestring

The name of the cluster.

hhht-cluster-02
UnScanedImageboolean

Indicates whether the rule supports unscanned images. Valid values:

  • true
  • false
false
MaliciousImageboolean

Indicates whether the rule supports malicious Internet images. Valid values:

  • true
  • false
false
Namespacearray

The namespaces.

Namespacestring

The namespace.

default
ImageNamearray

The names of images.

ImageNamestring

The name of the image.

test
Labelarray

The tags that are added to the containers.

Labelstring

The tag that is added to the container.

test
RuleActioninteger

The action on requests. Valid values:

  • 1: trigger alerts
  • 2: block
  • 3: allow
1
WhiteListarray

The whitelists of tags that are added to images.

WhiteListstring

The whitelist of tags that are added to the image.

test-tag
AlarmDetailobject

The configuration of the rule.

Baselineobject

The configuration of the baseline.

RiskLevelarray

The severities of the baselines. Valid values:

  • high
  • medium
  • low
RiskLevelstring

The severity of the baseline. Valid values:

  • high
  • medium
  • low
low
Itemarray<object>

The baseline items.

Itemobject
Idstring

The unique identifier of the baseline check item.

ak_leak
Namestring

The name of the baseline check item.

Access Key plaintext storage
Vulobject

The configuration of the vulnerability detection rule.

RiskLevelarray

The severities of the vulnerabilities.

RiskLevelstring

The severity of the vulnerability. Valid values:

  • high
  • medium
  • low
low
Itemarray<object>

The items on which vulnerabilities are detected.

Itemobject
Idstring

The ID of the vulnerability.

AVD-2023-1680169
Namestring

The alias of the vulnerability.

ezOffice evoInterfaceServlet Info Leak
MaliciousFileobject

The configuration of the alert rule for the malicious sample.

RiskLevelarray

The severities of the malicious samples.

RiskLevelstring

The severity of the malicious sample. Valid values:

  • high
  • medium
  • low
low
Itemarray<object>

The items on which malicious samples are detected.

Itemobject
Idstring

The unique identifier of the malicious sample.

test
Namestring

The name of the malicious sample.

test
Successboolean

Indicates whether the request was successful. Valid values:

  • true
  • false
true
Codestring

The response code. The status code 200 indicates that the request was successful. Other status codes indicate that the request failed. You can identify the cause of the failure based on the status code.

200
Messagestring

The returned message.

successful
RequestIdstring

The request ID.

1E36BEEA-0B27-58CC-8319-50279203B048

Examples

Sample success responses

JSONformat

{
  "Data": {
    "StrategyId": 1005,
    "StrategyTemplateId": 1204,
    "ClusterId": "c8ca91e0907d94efaba7fb0827eb9****",
    "StrategyName": "Blank template",
    "Description": "Custom defense configuration",
    "ClusterName": "hhht-cluster-02",
    "UnScanedImage": false,
    "MaliciousImage": false,
    "Namespace": [
      "default"
    ],
    "ImageName": [
      "test"
    ],
    "Label": [
      "test"
    ],
    "RuleAction": 1,
    "WhiteList": [
      "test-tag"
    ],
    "AlarmDetail": {
      "Baseline": {
        "RiskLevel": [
          "low"
        ],
        "Item": [
          {
            "Id": "ak_leak",
            "Name": "Access Key plaintext storage"
          }
        ]
      },
      "Vul": {
        "RiskLevel": [
          "low"
        ],
        "Item": [
          {
            "Id": "AVD-2023-1680169",
            "Name": "ezOffice evoInterfaceServlet Info Leak"
          }
        ]
      },
      "MaliciousFile": {
        "RiskLevel": [
          "low"
        ],
        "Item": [
          {
            "Id": "test",
            "Name": "test"
          }
        ]
      }
    }
  },
  "Success": true,
  "Code": "200",
  "Message": "successful",
  "RequestId": "1E36BEEA-0B27-58CC-8319-50279203B048"
}

Error codes

HTTP status codeError codeError messageDescription
403NoPermissioncaller has no permissionYou are not authorized to do this operation.
500ServerErrorServerError-

For a list of error codes, visit the Service error codes.