调用DescribePolicies列举策略治理规则库列表。

调试

您可以在OpenAPI Explorer中直接运行该接口,免去您计算签名的困扰。运行成功后,OpenAPI Explorer可以自动生成SDK代码示例。

请求语法

GET /policies HTTP/1.1
Content-Type:application/json

公共请求参数

请求参数

无请求参数

响应体语法

响应参数

表 1. 响应Body参数
参数名称 类型 示例 说明
Map

规则库列表,key为策略类型,value为该策略类型下的所有策略名称。
Array of String ACKNoEnvVarSecrets

更多策略规则,请参见容器安全策略规则库说明

请求示例

根据以下示例调用DescribePolicies列举策略治理规则库列表:

GET /policies HTTP/1.1
Host:cs.aliyuncs.com
Content-Type:application/json

公共请求参数

正常返回示例

XML格式 

HTTP/1.1 200 OK
Content-Type:application/xml

<DescribePoliciesResponse>
    <cis-k8s>ACKNoEnvVarSecrets</cis-k8s>
    <cis-k8s>ACKPodsRequireSecurityContext</cis-k8s>
    <cis-k8s>ACKRestrictNamespaces</cis-k8s>
    <cis-k8s>ACKRestrictRoleBindings</cis-k8s>
    <infra>ACKBlockProcessNamespaceSharing</infra>
    <infra>ACKEmptyDirHasSizeLimit</infra>
    <infra>ACKLocalStorageRequireSafeToEvict</infra>
    <infra>ACKOSSStorageLocationConstraint</infra>
    <k8s-general>ACKBlockAutoinjectServiceEnv</k8s-general>
    <k8s-general>ACKBlockAutomountToken</k8s-general>
    <k8s-general>ACKBlockLoadBalancer</k8s-general>
    <k8s-general>ACKBlockNodePort</k8s-general>
    <k8s-general>ACKContainerLimits</k8s-general>
    <k8s-general>ACKExternalIPs</k8s-general>
    <k8s-general>ACKImageDigests</k8s-general>
    <k8s-general>ACKRequiredLabels</k8s-general>
    <k8s-general>ACKRequiredProbes</k8s-general>
    <k8s-general>ACKAllowedRepos</k8s-general>
    <psp>ACKPSPAllowPrivilegeEscalationContainer</psp>
    <psp>ACKPSPAllowedUsers</psp>
    <psp>ACKPSPAppArmor</psp>
    <psp>ACKPSPCapabilities</psp>
    <psp>ACKPSPFSGroup</psp>
    <psp>ACKPSPFlexVolumes</psp>
    <psp>ACKPSPForbiddenSysctls</psp>
    <psp>ACKPSPHostFilesystem</psp>
    <psp>ACKPSPHostNamespace</psp>
    <psp>ACKPSPHostNetworkingPorts</psp>
    <psp>ACKPSPPrivilegedContainer</psp>
    <psp>ACKPSPProcMount</psp>
    <psp>ACKPSPReadOnlyRootFilesystem</psp>
    <psp>ACKPSPSELinuxV2</psp>
    <psp>ACKPSPSeccomp</psp>
    <psp>ACKPSPVolumeTypes</psp>
</DescribePoliciesResponse>

JSON格式 

HTTP/1.1 200 OK
Content-Type:application/json

{
  "cis-k8s" : [ "ACKNoEnvVarSecrets", "ACKPodsRequireSecurityContext", "ACKRestrictNamespaces", "ACKRestrictRoleBindings" ],
  "infra" : [ "ACKBlockProcessNamespaceSharing", "ACKEmptyDirHasSizeLimit", "ACKLocalStorageRequireSafeToEvict", "ACKOSSStorageLocationConstraint" ],
  "k8s-general" : [ "ACKBlockAutoinjectServiceEnv", "ACKBlockAutomountToken", "ACKBlockLoadBalancer", "ACKBlockNodePort", "ACKContainerLimits", "ACKExternalIPs", "ACKImageDigests", "ACKRequiredLabels", "ACKRequiredProbes", "ACKAllowedRepos" ],
  "psp" : [ "ACKPSPAllowPrivilegeEscalationContainer", "ACKPSPAllowedUsers", "ACKPSPAppArmor", "ACKPSPCapabilities", "ACKPSPFSGroup", "ACKPSPFlexVolumes", "ACKPSPForbiddenSysctls", "ACKPSPHostFilesystem", "ACKPSPHostNamespace", "ACKPSPHostNetworkingPorts", "ACKPSPPrivilegedContainer", "ACKPSPProcMount", "ACKPSPReadOnlyRootFilesystem", "ACKPSPSELinuxV2", "ACKPSPSeccomp", "ACKPSPVolumeTypes" ]
}

错误码

访问错误中心查看更多错误码。