SHOW NETWORK POLICIES
SHOW NETWORK POLICIES returns a list of all network policies configured in
Materialize. Network policies are part of Materialize’s framework for
access control.
Syntax
SHOW NETWORK POLICIES [ LIKE <pattern> ]
| Option | Description |
|---|---|
| LIKE <pattern> | If specified, only show network policies whose name matches the pattern. |
Pre-installed network policy
When you enable a Materialize region, a default network policy named default
will be pre-installed. This policy has a wide open ingress rule allow 0.0.0.0/0. You can modify or drop this network policy at any time.
NOTE: The default value for the
network_policy session parameter is default.
Before dropping the default network policy, a superuser (i.e. Organization Admin) must run ALTER SYSTEM SET network_policy to
change the default value.
Examples
SHOW NETWORK POLICIES;
| name | rules | comment |
| -------------------- | ------------------ | ------- |
| default | open_ingress | |
| office_access_policy | minnesota,new_york | |
To see details for each rule in a network policy, you can query the
mz_internal.mz_network_policy_rules
system catalog table.
SELECT * FROM mz_internal.mz_network_policy_rules;
| name | policy_id | action | address | direction |
| ------------ | --------- | ------ | ---------- | --------- |
| new_york | u3 | allow | 1.2.3.4/28 | ingress |
| minnesota | u3 | allow | 2.3.4.5/32 | ingress |
| open_ingress | u1 | allow | 0.0.0.0/0 | ingress |