SHOW NETWORK POLICIES
PREVIEW
This feature is in
private preview.
It is under active development and may have stability or performance issues.
It isn't subject to our backwards compatibility guarantees.
To enable this feature in your Materialize region, contact our team.
To enable this feature in your Materialize region, contact our team.
SHOW NETWORK POLICIES returns a list of all network policies configured in
Materialize. Network policies are part of Materialize’s framework for
access control.
Syntax
SHOW NETWORK POLICIES [ LIKE <pattern> ]
| Option | Description |
|---|---|
| LIKE <pattern> | If specified, only show network policies whose name matches the pattern. |
Pre-installed network policy
When you enable a Materialize region, a default network policy named default
will be pre-installed. This policy has a wide open ingress rule allow 0.0.0.0/0. You can modify or drop this network policy at any time.
NOTE: The default value for the
network_policy session parameter is default.
Before dropping the default network policy, a superuser (i.e. Organization Admin) must run ALTER SYSTEM SET network_policy to
change the default value.
Examples
SHOW NETWORK POLICIES;
| name | rules | comment |
| -------------------- | ------------------ | ------- |
| default | open_ingress | |
| office_access_policy | minnesota,new_york | |
To see details for each rule in a network policy, you can query the
mz_internal.mz_network_policy_rules
system catalog table.
SELECT * FROM mz_internal.mz_network_policy_rules;
| name | policy_id | action | address | direction |
| ------------ | --------- | ------ | ---------- | --------- |
| new_york | u3 | allow | 1.2.3.4/28 | ingress |
| minnesota | u3 | allow | 2.3.4.5/32 | ingress |
| open_ingress | u1 | allow | 0.0.0.0/0 | ingress |