post
/public_api/v1/cwp/policies
Add CWP policy instances.
Required license: Requires the Cortex Cloud Runtime Security add-on. Not available in Cortex XSIAM Enterprise Plus.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
241
CLIENT REQUEST
curl -X 'POST'
-H
'Accept: application/json; charset=UTF-8'
-H
'Content-Type: application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/v1/cwp/policies'
-d
'{
"id" : "1",
"revision" : 3,
"createdAt" : "2024-07-28T18:50:44Z",
"modifiedAt" : "2024-07-28T18:50:55Z",
"type" : "COMPLIANCE",
"createdBy" : "admin",
"disabled" : false,
"name" : "some policy",
"description" : "some policy description",
"evaluationModes" : [ "PERIODIC" ],
"evaluationStage" : "CI",
"rulesIds" : [ ],
"condition" : "U29tZUJhc1U2NERhdGE=",
"exception" : "U29tZUJhc5U2NERhdGE=",
"assetScope" : "U29tZUJh72U2NERhdGE=",
"assetGroupsIDs" : [ 1, 2 ],
"assetGroups" : [ "group1", "group2" ],
"action" : "ISSUE",
"severity" : "CRITICAL",
"missingInformationAction" : "ISSUE",
"remediationGuidance" : "some remediation guidance"
}'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
payload = "{\"id\":\"1\",\"revision\":3,\"createdAt\":\"2024-07-28T18:50:44Z\",\"modifiedAt\":\"2024-07-28T18:50:55Z\",\"type\":\"COMPLIANCE\",\"createdBy\":\"admin\",\"disabled\":false,\"name\":\"some policy\",\"description\":\"some policy description\",\"evaluationModes\":[\"PERIODIC\"],\"evaluationStage\":\"CI\",\"rulesIds\":[],\"condition\":\"U29tZUJhc1U2NERhdGE=\",\"exception\":\"U29tZUJhc5U2NERhdGE=\",\"assetScope\":\"U29tZUJh72U2NERhdGE=\",\"assetGroupsIDs\":[1,2],\"assetGroups\":[\"group1\",\"group2\"],\"action\":\"ISSUE\",\"severity\":\"CRITICAL\",\"missingInformationAction\":\"ISSUE\",\"remediationGuidance\":\"some remediation guidance\"}"
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241",
'content-type': "application/json"
}
conn.request("POST", "/public_api/v1/cwp/policies", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/v1/cwp/policies")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
request["content-type"] = 'application/json'
request.body = "{\"id\":\"1\",\"revision\":3,\"createdAt\":\"2024-07-28T18:50:44Z\",\"modifiedAt\":\"2024-07-28T18:50:55Z\",\"type\":\"COMPLIANCE\",\"createdBy\":\"admin\",\"disabled\":false,\"name\":\"some policy\",\"description\":\"some policy description\",\"evaluationModes\":[\"PERIODIC\"],\"evaluationStage\":\"CI\",\"rulesIds\":[],\"condition\":\"U29tZUJhc1U2NERhdGE=\",\"exception\":\"U29tZUJhc5U2NERhdGE=\",\"assetScope\":\"U29tZUJh72U2NERhdGE=\",\"assetGroupsIDs\":[1,2],\"assetGroups\":[\"group1\",\"group2\"],\"action\":\"ISSUE\",\"severity\":\"CRITICAL\",\"missingInformationAction\":\"ISSUE\",\"remediationGuidance\":\"some remediation guidance\"}"
response = http.request(request)
puts response.read_bodyconst data = JSON.stringify({
"id": "1",
"revision": 3,
"createdAt": "2024-07-28T18:50:44Z",
"modifiedAt": "2024-07-28T18:50:55Z",
"type": "COMPLIANCE",
"createdBy": "admin",
"disabled": false,
"name": "some policy",
"description": "some policy description",
"evaluationModes": [
"PERIODIC"
],
"evaluationStage": "CI",
"rulesIds": [],
"condition": "U29tZUJhc1U2NERhdGE=",
"exception": "U29tZUJhc5U2NERhdGE=",
"assetScope": "U29tZUJh72U2NERhdGE=",
"assetGroupsIDs": [
1,
2
],
"assetGroups": [
"group1",
"group2"
],
"action": "ISSUE",
"severity": "CRITICAL",
"missingInformationAction": "ISSUE",
"remediationGuidance": "some remediation guidance"
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-yourfqdn/public_api/v1/cwp/policies");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);HttpResponse<String> response = Unirest.post("https://api-yourfqdn/public_api/v1/cwp/policies")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.header("content-type", "application/json")
.body("{\"id\":\"1\",\"revision\":3,\"createdAt\":\"2024-07-28T18:50:44Z\",\"modifiedAt\":\"2024-07-28T18:50:55Z\",\"type\":\"COMPLIANCE\",\"createdBy\":\"admin\",\"disabled\":false,\"name\":\"some policy\",\"description\":\"some policy description\",\"evaluationModes\":[\"PERIODIC\"],\"evaluationStage\":\"CI\",\"rulesIds\":[],\"condition\":\"U29tZUJhc1U2NERhdGE=\",\"exception\":\"U29tZUJhc5U2NERhdGE=\",\"assetScope\":\"U29tZUJh72U2NERhdGE=\",\"assetGroupsIDs\":[1,2],\"assetGroups\":[\"group1\",\"group2\"],\"action\":\"ISSUE\",\"severity\":\"CRITICAL\",\"missingInformationAction\":\"ISSUE\",\"remediationGuidance\":\"some remediation guidance\"}")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241",
"content-type": "application/json"
]
let parameters = [
"id": "1",
"revision": 3,
"createdAt": "2024-07-28T18:50:44Z",
"modifiedAt": "2024-07-28T18:50:55Z",
"type": "COMPLIANCE",
"createdBy": "admin",
"disabled": false,
"name": "some policy",
"description": "some policy description",
"evaluationModes": ["PERIODIC"],
"evaluationStage": "CI",
"rulesIds": [],
"condition": "U29tZUJhc1U2NERhdGE=",
"exception": "U29tZUJhc5U2NERhdGE=",
"assetScope": "U29tZUJh72U2NERhdGE=",
"assetGroupsIDs": [1, 2],
"assetGroups": ["group1", "group2"],
"action": "ISSUE",
"severity": "CRITICAL",
"missingInformationAction": "ISSUE",
"remediationGuidance": "some remediation guidance"
] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/v1/cwp/policies")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/v1/cwp/policies",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"id\":\"1\",\"revision\":3,\"createdAt\":\"2024-07-28T18:50:44Z\",\"modifiedAt\":\"2024-07-28T18:50:55Z\",\"type\":\"COMPLIANCE\",\"createdBy\":\"admin\",\"disabled\":false,\"name\":\"some policy\",\"description\":\"some policy description\",\"evaluationModes\":[\"PERIODIC\"],\"evaluationStage\":\"CI\",\"rulesIds\":[],\"condition\":\"U29tZUJhc1U2NERhdGE=\",\"exception\":\"U29tZUJhc5U2NERhdGE=\",\"assetScope\":\"U29tZUJh72U2NERhdGE=\",\"assetGroupsIDs\":[1,2],\"assetGroups\":[\"group1\",\"group2\"],\"action\":\"ISSUE\",\"severity\":\"CRITICAL\",\"missingInformationAction\":\"ISSUE\",\"remediationGuidance\":\"some remediation guidance\"}",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"content-type: application/json",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/v1/cwp/policies");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"id\":\"1\",\"revision\":3,\"createdAt\":\"2024-07-28T18:50:44Z\",\"modifiedAt\":\"2024-07-28T18:50:55Z\",\"type\":\"COMPLIANCE\",\"createdBy\":\"admin\",\"disabled\":false,\"name\":\"some policy\",\"description\":\"some policy description\",\"evaluationModes\":[\"PERIODIC\"],\"evaluationStage\":\"CI\",\"rulesIds\":[],\"condition\":\"U29tZUJhc1U2NERhdGE=\",\"exception\":\"U29tZUJhc5U2NERhdGE=\",\"assetScope\":\"U29tZUJh72U2NERhdGE=\",\"assetGroupsIDs\":[1,2],\"assetGroups\":[\"group1\",\"group2\"],\"action\":\"ISSUE\",\"severity\":\"CRITICAL\",\"missingInformationAction\":\"ISSUE\",\"remediationGuidance\":\"some remediation guidance\"}");
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/v1/cwp/policies");
var request = new RestRequest(Method.POST);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"id\":\"1\",\"revision\":3,\"createdAt\":\"2024-07-28T18:50:44Z\",\"modifiedAt\":\"2024-07-28T18:50:55Z\",\"type\":\"COMPLIANCE\",\"createdBy\":\"admin\",\"disabled\":false,\"name\":\"some policy\",\"description\":\"some policy description\",\"evaluationModes\":[\"PERIODIC\"],\"evaluationStage\":\"CI\",\"rulesIds\":[],\"condition\":\"U29tZUJhc1U2NERhdGE=\",\"exception\":\"U29tZUJhc5U2NERhdGE=\",\"assetScope\":\"U29tZUJh72U2NERhdGE=\",\"assetGroupsIDs\":[1,2],\"assetGroups\":[\"group1\",\"group2\"],\"action\":\"ISSUE\",\"severity\":\"CRITICAL\",\"missingInformationAction\":\"ISSUE\",\"remediationGuidance\":\"some remediation guidance\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);Body parameters
required
idstring
revisioninteger
createdAtstringdate-time
modifiedAtstringdate-time
typestring (Enum)required
createdBystring
disabledboolean
namestringrequired
descriptionstringrequired
evaluationModesarray[string]
evaluationStagestring (Enum)required
rulesIdsarray[string]required
conditionstringrequiredbyte
exceptionstringbyte
assetScopestringbyte
assetGroupsIDsarray[integer]required
assetGroupsarray[string]
actionstring (Enum)required
severitystring (Enum)required
missingInformationActionstring (Enum)required
remediationGuidancestring
application/json
The schema of a policy
idstring
revisioninteger
createdAtstringdate-time
modifiedAtstringdate-time
typestring (Enum)requiredOne of the supported policy types
One of the supported policy types
Example:
"MALWARE"Allowed values:"COMPLIANCE""MALWARE""SECRET""TRUSTED_IMAGES"
createdBystring
disabledboolean
namestringrequired
descriptionstringrequired
evaluationModesarray[string]
evaluationStagestring (Enum)requiredOne of the supported evaluation stages
One of the supported evaluation stages
Example:
"CI"Allowed values:"CI""RUNTIME""DEPLOY"null
rulesIdsarray[string]requiredThe UUIDs of the rules that define the condition
The rulesIds field is only required for non-compliance policies.
The UUIDs of the rules that define the condition
The rulesIds field is only required for non-compliance policies.
conditionstringrequiredbyteThe condition field is only required for non-compliance policies.
The condition field is only required for non-compliance policies.
exceptionstringbyte
assetScopestringbyte
assetGroupsIDsarray[integer]required
assetGroupsarray[string]
actionstring (Enum)requiredOne of the supported policy actions
One of the supported policy actions
Example:
"ISSUE"Allowed values:"ISSUE""PREVENT"null
severitystring (Enum)requiredOne of the supported policy severities
One of the supported policy severities
Example:
"CRITICAL"Allowed values:"LOW""MEDIUM""HIGH""CRITICAL"null
missingInformationActionstring (Enum)requiredOne of the supported policy actions
One of the supported policy actions
Example:
"ISSUE"Allowed values:"ISSUE""PREVENT"null
remediationGuidancestring
REQUEST
{
"id": "1",
"revision": 3,
"createdAt": "2024-07-28T18:50:44Z",
"modifiedAt": "2024-07-28T18:50:55Z",
"type": "COMPLIANCE",
"createdBy": "admin",
"disabled": false,
"name": "some policy",
"description": "some policy description",
"evaluationModes": [
"PERIODIC"
],
"evaluationStage": "CI",
"rulesIds": [],
"condition": "U29tZUJhc1U2NERhdGE=",
"exception": "U29tZUJhc5U2NERhdGE=",
"assetScope": "U29tZUJh72U2NERhdGE=",
"assetGroupsIDs": [
1,
2
],
"assetGroups": [
"group1",
"group2"
],
"action": "ISSUE",
"severity": "CRITICAL",
"missingInformationAction": "ISSUE",
"remediationGuidance": "some remediation guidance"
}Responses
Success
Body
application/json; charset=UTF-8
idstring
RESPONSE
[application/json; charset=UTF-8 content]Client error
Body
application/json; charset=UTF-8
err_msgstringrequiredThe error message
The error message
metadataobjectDetails for the PublicAPIError
Details for the PublicAPIError
codestring (Enum)requiredA short, programmatically safe string indicating the error code reported
A short, programmatically safe string indicating the error code reported
Example:
"NOT_FOUND"Allowed values:"BAD_REQUEST""INTERNAL_ERROR""NOT_FOUND""FORBIDDEN"
RESPONSE
[application/json; charset=UTF-8 content]Service had unexpected internal error
Body
application/json; charset=UTF-8
err_msgstringrequiredThe error message
The error message
metadataobjectDetails for the PublicAPIError
Details for the PublicAPIError
codestring (Enum)requiredA short, programmatically safe string indicating the error code reported
A short, programmatically safe string indicating the error code reported
Example:
"NOT_FOUND"Allowed values:"BAD_REQUEST""INTERNAL_ERROR""NOT_FOUND""FORBIDDEN"
RESPONSE
[application/json; charset=UTF-8 content]