All Products
Search
Document Center

Server Load Balancer:ListSecurityPolicies

Last Updated:Aug 22, 2024

Queries custom security policies in a region.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
alb:ListSecurityPolicieslist
  • SecurityPolicy
    acs:alb:{#regionId}:{#accountId}:securitypolicy/*
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
ResourceGroupIdstringNo

The resource group ID.

rg-atstuj3rtop****
NextTokenstringNo

The pagination token that is used in the next request to retrieve a new page of results. Valid values:

  • You do not need to specify this parameter for the first request.
  • You must specify the token that is obtained from the previous query as the value of NextToken.
FFmyTO70tTpLG6I3FmYAXGKPd****
MaxResultsintegerNo

The number of entries per page. Valid values: 1 to 100. Default value: 20.

50
SecurityPolicyNamesarrayNo

The names of the security policies. You can specify up to 10 names.

stringNo

The name of the security policy. You can specify up to 10 names.

test-secrity
SecurityPolicyIdsarrayNo

The security policy IDs. You can specify at most 20 security policies.

stringNo

The ID of the security policy that you want to query. You can specify at most 20 security policy IDs.

scp-bp1bpn0kn9****
Tagarray<object>No

The tags.

objectNo

The tags.

KeystringNo

The tag key. The tag key can be up to 128 characters in length and cannot start with acs: or aliyun. It cannot contain http:// or https://.

env
ValuestringNo

The tag value. The tag value can be up to 128 characters in length and cannot start with acs: or aliyun. It cannot contain http:// or https://.

product

Response parameters

ParameterTypeDescriptionExample
object

The response parameters.

MaxResultsinteger

The number of entries per page.

50
NextTokenstring

A pagination token. It can be used in the next request to retrieve a new page of results. Valid values:

  • If NextToken is empty, no next page exists.
  • If a value is returned for NextToken, the value is the token that determines the start point of the next query.
FFmyTO70tTpLG6I3FmYAXGKPd****
RequestIdstring

The request ID.

593B0448-D13E-4C56-AC0D-FDF0FDE0E9A3
SecurityPoliciesarray<object>

The supported security policies.

object

The supported security policy.

Ciphersarray

The supported cipher suites.

string

The supported cipher suites are determined by the value of TLSVersions.

  • TLSv1.0 and TLSv1.1 support the following cipher suites:

    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
  • TLSv1.2 supports the following cipher suites:

    • ECDHE-ECDSA-AES128-SHA
    • ECDHE-ECDSA-AES256-SHA
    • ECDHE-RSA-AES128-SHA
    • ECDHE-RSA-AES256-SHA
    • AES128-SHA
    • AES256-SHA
    • DES-CBC3-SHA
    • ECDHE-ECDSA-AES128-GCM-SHA256
    • ECDHE-ECDSA-AES256-GCM-SHA384
    • ECDHE-ECDSA-AES128-SHA256
    • ECDHE-ECDSA-AES256-SHA384
    • ECDHE-RSA-AES128-GCM-SHA256
    • ECDHE-RSA-AES256-GCM-SHA384
    • ECDHE-RSA-AES128-SHA256
    • ECDHE-RSA-AES256-SHA384
    • AES128-GCM-SHA256
    • AES256-GCM-SHA384
    • AES128-SHA256
    • AES256-SHA256
  • TLSv1.3 supports the following cipher suites:

    • TLS_AES_128_GCM_SHA256
    • TLS_AES_256_GCM_SHA384
    • TLS_CHACHA20_POLY1305_SHA256
    • TLS_AES_128_CCM_SHA256
    • TLS_AES_128_CCM_8_SHA256
ECDHE-ECDSA-AES128-SHA
ResourceGroupIdstring

The ID of the resource group.

rg-atstuj3rtop****
SecurityPolicyIdstring

The ID of the security policy.

rg-atstuj3rtop****
SecurityPolicyNamestring

The name of the security policy.

test-secrity
SecurityPolicyStatusstring

The status of the security policy. Valid values:

  • Configuring
  • Available
Available
TLSVersionsarray

The supported TLS protocol versions.

string

The supported TLS versions. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3.

TLSv1.1
CreateTimestring

The time when the ACL was created. The time follows the YYYY-MM-DDThh:mm:ssZ format.

2023-02-15T07:37:33Z
Tagsarray<object>

The tags.

object

The tags.

Keystring

The tag key. The tag key can be up to 128 characters in length. It cannot start with aliyun or acs: and cannot contain http:// or https://.

env
Valuestring

The tag value. The tag value can be up to 128 characters in length. It cannot start with aliyun or acs: and cannot contain http:// or https://.

product
TotalCountinteger

The total number of entries returned.

1000

Examples

Sample success responses

JSONformat

{
  "MaxResults": 50,
  "NextToken": "FFmyTO70tTpLG6I3FmYAXGKPd****",
  "RequestId": "593B0448-D13E-4C56-AC0D-FDF0FDE0E9A3",
  "SecurityPolicies": [
    {
      "Ciphers": [
        "ECDHE-ECDSA-AES128-SHA"
      ],
      "ResourceGroupId": "rg-atstuj3rtop****",
      "SecurityPolicyId": "rg-atstuj3rtop****",
      "SecurityPolicyName": "test-secrity",
      "SecurityPolicyStatus": "Available",
      "TLSVersions": [
        "TLSv1.1"
      ],
      "CreateTime": "2023-02-15T07:37:33Z",
      "Tags": [
        {
          "Key": "env",
          "Value": "product"
        }
      ]
    }
  ],
  "TotalCount": 1000
}

Error codes

HTTP status codeError codeError message
403Forbidden.SecurityPolicyAuthentication has failed for SecurityPolicy.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-01-17The Error code has changedView Change Details