ListSystemSecurityPolicies - Global Accelerator - Alibaba Cloud Documentation Center

Queries the TLS security policies that are supported by HTTPS listeners.

Operation description

You can select a TLS security policy when you create an HTTPS listener. This API operation is used to query the TLS security policies that are supported by HTTPS listeners.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
ga:ListSystemSecurityPolicies	List	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	No	The region ID of the Global Accelerator (GA) instance. Set the value to cn-hangzhou.	cn-hangzhou
PageNumber	integer	No	The page number. Default value: 1.	1
PageSize	integer	No	The number of entries per page. Maximum value: 100. Default value: 10.	10

Response parameters

Parameter	Type	Description	Example
	object	The response parameters.
RequestId	string	The request ID.	A9B4E54C-9CCD-4002-91A9-D38C6C209192
TotalCount	integer	The total number of entries returned.	2
PageSize	integer	The number of entries per page.	10
PageNumber	integer	The page number.	1
SecurityPolicies	object []	The list of TLS security policies.
SecurityPolicyId	string	The TLS security policy ID.	tls_cipher_policy_1_1
TlsVersions	array	The supported TLS protocol versions. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3.
	string	The supported TLS protocol versions. Valid values: TLSv1.0, TLSv1.1, TLSv1.2, and TLSv1.3.	["TLSv1.0","TLSv1.2"]
Ciphers	array	The supported cipher suites. The value of this parameter is determined by the value of TLSVersions. The specified cipher suites must be supported by at least one value of TLSVersions. For example, if you set TLSVersions to TLSv1.3, you must specify cipher suites that are supported by TLSv1.3. Valid values when TLSVersions is set to TLSv1.0 or TLSv1.1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA DES-CBC3-SHA Valid values when TLSVersions is set to TLSv1.2: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA DES-CBC3-SHA ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256 Valid values when TLSVersions is set to TLSv1.3: TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_CCM_SHA256 TLS_AES_128_CCM_8_SHA256
	string	The supported cipher suites, which are determined by the value of TLSVersions. The specified cipher suites must be supported by at least one TLSVersions. For example, if you set the TLSVersions parameter to TLSv1.3, you must specify cipher suites that are supported by TLSv1.3. The cipher suites that are supported by TLSv1.0 and TLSv1.1: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA DES-CBC3-SHA The cipher suites that are supported by TLSv1.2: ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA AES128-SHA AES256-SHA DES-CBC3-SHA ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256 The cipher suites that are supported by TLSv1.3: TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_CCM_SHA256 TLS_AES_128_CCM_8_SHA256	["ECDHE-ECDSA-AES128-SHA","ECDHE-RSA-AES128-GCM-SHA256"]

Examples

Sample success responses

JSONformat

{
  "RequestId": "A9B4E54C-9CCD-4002-91A9-D38C6C209192",
  "TotalCount": 2,
  "PageSize": 10,
  "PageNumber": 1,
  "SecurityPolicies": [
    {
      "SecurityPolicyId": "tls_cipher_policy_1_1",
      "TlsVersions": [
        "[\"TLSv1.0\",\"TLSv1.2\"]"
      ],
      "Ciphers": [
        "[\"ECDHE-ECDSA-AES128-SHA\",\"ECDHE-RSA-AES128-GCM-SHA256\"]"
      ]
    }
  ]
}

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change time

Summary of changes

Operation

2023-07-20

The internal configuration of the API is changed, but the call is not affected

see changesets

Change item	Change content
	The internal configuration of the API is changed, but the call is not affected.