Create Cloud Security Policy

post /public_api/v1/policy

Create a new cloud security policy.

CLIENT REQUEST

          curl -X 'POST'

        -H
        'Accept: application/json'
      

        -H
        'Content-Type: application/json'
      

      'http://localhost/public_api/v1/policy'
    

      -d
      '{
  "associated_cloud_account_ids" : [ "", "" ],
  "name" : "",
  "description" : "",
  "associated_rule_ids" : [ "", "", "", "", "" ],
  "associated_rule_filter" : {
    "AND" : [ null, null ]
  },
  "associated_asset_group_ids" : [ "", "", "", "", "" ],
  "enabled" : "",
  "labels" : [ "", "" ]
}'
    


      

import http.client

conn = http.client.HTTPSConnection("example.com")

payload = "{\"name\":\"string\",\"description\":\"string\",\"labels\":[\"string\"],\"rule_matching_type\":\"ALL_RULES\",\"associated_rule_filter\":{\"AND\":[{\"AND\":[{}]}]},\"associated_rule_ids\":[\"497f6eca-6276-4993-bfeb-53cbbbba6f08\"],\"asset_matching_type\":\"ALL_ASSETS\",\"associated_asset_group_ids\":[0],\"associated_cloud_account_ids\":[\"string\"],\"enabled\":true}"

headers = { 'content-type': "application/json" }

conn.request("POST", "//public_api/v1/policy", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))

require 'uri'
require 'net/http'
require 'openssl'

url = URI("https://example.com//public_api/v1/policy")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE

request = Net::HTTP::Post.new(url)
request["content-type"] = 'application/json'
request.body = "{\"name\":\"string\",\"description\":\"string\",\"labels\":[\"string\"],\"rule_matching_type\":\"ALL_RULES\",\"associated_rule_filter\":{\"AND\":[{\"AND\":[{}]}]},\"associated_rule_ids\":[\"497f6eca-6276-4993-bfeb-53cbbbba6f08\"],\"asset_matching_type\":\"ALL_ASSETS\",\"associated_asset_group_ids\":[0],\"associated_cloud_account_ids\":[\"string\"],\"enabled\":true}"

response = http.request(request)
puts response.read_body

const data = JSON.stringify({
  "name": "string",
  "description": "string",
  "labels": [
    "string"
  ],
  "rule_matching_type": "ALL_RULES",
  "associated_rule_filter": {
    "AND": [
      {
        "AND": [
          {}
        ]
      }
    ]
  },
  "associated_rule_ids": [
    "497f6eca-6276-4993-bfeb-53cbbbba6f08"
  ],
  "asset_matching_type": "ALL_ASSETS",
  "associated_asset_group_ids": [
    0
  ],
  "associated_cloud_account_ids": [
    "string"
  ],
  "enabled": true
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
  if (this.readyState === this.DONE) {
    console.log(this.responseText);
  }
});

xhr.open("POST", "https://example.com//public_api/v1/policy");
xhr.setRequestHeader("content-type", "application/json");

xhr.send(data);

HttpResponse<String> response = Unirest.post("https://example.com//public_api/v1/policy")
  .header("content-type", "application/json")
  .body("{\"name\":\"string\",\"description\":\"string\",\"labels\":[\"string\"],\"rule_matching_type\":\"ALL_RULES\",\"associated_rule_filter\":{\"AND\":[{\"AND\":[{}]}]},\"associated_rule_ids\":[\"497f6eca-6276-4993-bfeb-53cbbbba6f08\"],\"asset_matching_type\":\"ALL_ASSETS\",\"associated_asset_group_ids\":[0],\"associated_cloud_account_ids\":[\"string\"],\"enabled\":true}")
  .asString();

import Foundation

let headers = ["content-type": "application/json"]
let parameters = [
  "name": "string",
  "description": "string",
  "labels": ["string"],
  "rule_matching_type": "ALL_RULES",
  "associated_rule_filter": ["AND": [["AND": [[]]]]],
  "associated_rule_ids": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"],
  "asset_matching_type": "ALL_ASSETS",
  "associated_asset_group_ids": [0],
  "associated_cloud_account_ids": ["string"],
  "enabled": true
] as [String : Any]

let postData = JSONSerialization.data(withJSONObject: parameters, options: [])

let request = NSMutableURLRequest(url: NSURL(string: "https://example.com//public_api/v1/policy")! as URL,
                                        cachePolicy: .useProtocolCachePolicy,
                                    timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data

let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
  if (error != nil) {
    print(error)
  } else {
    let httpResponse = response as? HTTPURLResponse
    print(httpResponse)
  }
})

dataTask.resume()

<?php

$curl = curl_init();

curl_setopt_array($curl, [
  CURLOPT_URL => "https://example.com//public_api/v1/policy",
  CURLOPT_RETURNTRANSFER => true,
  CURLOPT_ENCODING => "",
  CURLOPT_MAXREDIRS => 10,
  CURLOPT_TIMEOUT => 30,
  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
  CURLOPT_CUSTOMREQUEST => "POST",
  CURLOPT_POSTFIELDS => "{\"name\":\"string\",\"description\":\"string\",\"labels\":[\"string\"],\"rule_matching_type\":\"ALL_RULES\",\"associated_rule_filter\":{\"AND\":[{\"AND\":[{}]}]},\"associated_rule_ids\":[\"497f6eca-6276-4993-bfeb-53cbbbba6f08\"],\"asset_matching_type\":\"ALL_ASSETS\",\"associated_asset_group_ids\":[0],\"associated_cloud_account_ids\":[\"string\"],\"enabled\":true}",
  CURLOPT_HTTPHEADER => [
    "content-type: application/json"
  ],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
  echo "cURL Error #:" . $err;
} else {
  echo $response;
}

CURL *hnd = curl_easy_init();

curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://example.com//public_api/v1/policy");

struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);

curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"name\":\"string\",\"description\":\"string\",\"labels\":[\"string\"],\"rule_matching_type\":\"ALL_RULES\",\"associated_rule_filter\":{\"AND\":[{\"AND\":[{}]}]},\"associated_rule_ids\":[\"497f6eca-6276-4993-bfeb-53cbbbba6f08\"],\"asset_matching_type\":\"ALL_ASSETS\",\"associated_asset_group_ids\":[0],\"associated_cloud_account_ids\":[\"string\"],\"enabled\":true}");

CURLcode ret = curl_easy_perform(hnd);

var client = new RestClient("https://example.com//public_api/v1/policy");
var request = new RestRequest(Method.POST);
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"name\":\"string\",\"description\":\"string\",\"labels\":[\"string\"],\"rule_matching_type\":\"ALL_RULES\",\"associated_rule_filter\":{\"AND\":[{\"AND\":[{}]}]},\"associated_rule_ids\":[\"497f6eca-6276-4993-bfeb-53cbbbba6f08\"],\"asset_matching_type\":\"ALL_ASSETS\",\"associated_asset_group_ids\":[0],\"associated_cloud_account_ids\":[\"string\"],\"enabled\":true}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);

Body parameters

required

application/json

namestringrequired

Name of the policy

descriptionstringrequired

Description of the policy

labelsobject

Labels associated with the policy

Any of

Array

rule_matching_typestring (Enum)required

Allowed values:"ALL_RULES""RULES""RULE_FILTER"

associated_rule_filterobject

Rule filter for the policy, required if rule_matching_type is RULE_FILTER

Any of

ANDarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ORarrayrequired

[

Any of

ORarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

Allowed values:"CONTAINS""NCONTAINS""CONTAINS_IN_LIST""NOT_CONTAINS_IN_LIST""WILDCARD""WILDCARD_NOT""EQ""NEQ""IS_EMPTY""NIS_EMPTY""RANGE""IN""NIN""RELATIVE_TIMESTAMP""JSON_WILDCARD""JSON_WILDCARD_NOT""ARRAY_CONTAINS""ARRAY_NOT_CONTAINS"

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ORarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ORarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ANDarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

associated_rule_idsobject

List of rule IDs, required if rule_matching_type is RULES

Any of

Array

asset_matching_typestring (Enum)required

Allowed values:"ALL_ASSETS""ASSET_GROUPS""CLOUD_ACCOUNTS"

associated_asset_group_idsobject

List of asset group IDs, required if asset_matching_type is ASSET_GROUPS

Any of

Array

associated_cloud_account_idsobject

List of cloud account IDs associated with the policy

Any of

Array

enabledboolean

Whether the policy is enabled or not

Default:true

REQUEST

{
  "name": "API Request with rule_matching_type RULE_FILTER",
  "description": "API Request with rule_matching_type RULE_FILTER",
  "labels": [
    "vm_automation"
  ],
  "rule_matching_type": "RULE_FILTER",
  "associated_rule_filter": {
    "AND": [
      {
        "OR": [
          {
            "SEARCH_FIELD": "severity",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "low"
          },
          {
            "SEARCH_FIELD": "severity",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "medium"
          }
        ]
      },
      {
        "OR": [
          {
            "SEARCH_FIELD": "cloudType",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "aws"
          },
          {
            "SEARCH_FIELD": "cloudType",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "azure"
          }
        ]
      },
      {
        "SEARCH_FIELD": "labels",
        "SEARCH_TYPE": "ARRAY_CONTAINS",
        "SEARCH_VALUE": "test"
      },
      {
        "SEARCH_FIELD": "complianceStandards",
        "SEARCH_TYPE": "ARRAY_CONTAINS",
        "SEARCH_VALUE": "Australian Energy Sector Cyber Security Framework (AESCSF)"
      }
    ]
  },
  "asset_matching_type": "ALL_ASSETS",
  "enabled": true
}

{
  "name": "IBM-alert-rule-with-custom-and-default-policy-prisma_cloud_copy",
  "description": "",
  "labels": [
    "prisma_cloud_alert_rule_copy"
  ],
  "rule_matching_type": "RULES",
  "associated_rule_ids": [
    "67b8ea9e-1409-4c5a-9c56-1289b48acc1b",
    "20c1f067-447f-4d1a-af21-bc404ae66b94",
    "5a4fcc81-5481-4d37-b96b-eb87333d3b32",
    "f2d2945d-a509-44d8-abbc-12566ae7962d"
  ],
  "asset_matching_type": "ALL_ASSETS",
  "enabled": true
}

{
  "name": "test-all-policies-prisma_cloud_copy",
  "description": "Test policy rule filter with asset groups",
  "labels": [
    "prisma_cloud_alert_rule_copy"
  ],
  "rule_matching_type": "ALL_RULES",
  "asset_matching_type": "ASSET_GROUPS",
  "associated_asset_group_ids": [
    52
  ]
}

{
  "name": "Automation policy rule filter with all assets",
  "description": "Test policy rule filter with all assets",
  "labels": [
    "vm_automation"
  ],
  "rule_matching_type": "RULES",
  "associated_rule_ids": [
    "f1dd78f2-7667-4b69-8a3e-af257e5d4cf6"
  ],
  "asset_matching_type": "CLOUD_ACCOUNTS",
  "associated_cloud_account_ids": [
    "2866778037"
  ]
}

Responses

Policy created successfully

Body

application/json

idstringrequireduuid

namestringrequired

descriptionobject

Any of

string

labelsobject

Any of

Array

rule_matching_typestring (Enum)required

Allowed values:"RULE_FILTER""RULES""ALL_RULES"

associated_rule_filterobject

present if Rule Matching Type is RULE_FILTER

Any of

ANDarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ORarrayrequired

[

Any of

ORarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ORarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ORarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

ORarrayrequired

[

Any of

ANDarrayrequired

[

Any of

ANDarrayrequired

[

Any of

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

SEARCH_FIELDstringrequired

SEARCH_TYPEstring (Enum)required

SEARCH_VALUEobjectrequired

Any of

string

boolean

integer

Array

fromintegerrequired

tointegerrequired

keystringrequired

valuestringrequired

]

associated_rule_idsobject

present if Rule Matching Type is RULES

Any of

Array

asset_matching_typestring (Enum)required

Allowed values:"ASSET_GROUPS""ALL_ASSETS""CLOUD_ACCOUNTS"

associated_asset_group_idsobject

present if Asset Matching Type is ASSET_GROUPS

Any of

Array

associated_cloud_account_idsobject

present if Asset Matching Type is CLOUD_ACCOUNTS

Any of

Array

enabledbooleanrequired

modestring (Enum)required

Allowed values:"DEFAULT""CUSTOM"

creation_timeintegerrequired

in Unix epoch milliseconds

created_bystringrequired

modification_timeintegerrequired

in Unix epoch milliseconds

modified_bystringrequired

RESPONSE

{
  "id": "5988e7f2-ed6a-40cf-98b4-a05175f0db53",
  "name": "Automation policy rule filter with all assets",
  "description": "Test policy rule filter with all assets",
  "labels": [
    "vm_automation"
  ],
  "rule_matching_type": "RULE_FILTER",
  "associated_rule_filter": {
    "AND": [
      {
        "OR": [
          {
            "SEARCH_FIELD": "severity",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "low"
          },
          {
            "SEARCH_FIELD": "severity",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "medium"
          }
        ]
      },
      {
        "OR": [
          {
            "SEARCH_FIELD": "cloudType",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "aws"
          },
          {
            "SEARCH_FIELD": "cloudType",
            "SEARCH_TYPE": "EQ",
            "SEARCH_VALUE": "azure"
          }
        ]
      },
      {
        "SEARCH_FIELD": "labels",
        "SEARCH_TYPE": "ARRAY_CONTAINS",
        "SEARCH_VALUE": "test"
      }
    ]
  },
  "asset_matching_type": "ALL_ASSETS",
  "enabled": true,
  "mode": "CUSTOM",
  "creation_time": 1678886400000,
  "created_by": "mock_user",
  "modification_time": 1678886400000,
  "modified_by": "mock_user"
}

{
  "id": "b98a6839-6215-42c8-bd1e-65b49d93e224",
  "name": "IBM-alert-rule-with-custom-and-default-policy-prisma_cloud_copy",
  "description": "",
  "labels": [
    "prisma_cloud_alert_rule_copy"
  ],
  "rule_matching_type": "RULES",
  "associated_rule_ids": [
    "67b8ea9e-1409-4c5a-9c56-1289b48acc1b",
    "20c1f067-447f-4d1a-af21-bc404ae66b94",
    "5a4fcc81-5481-4d37-b96b-eb87333d3b32",
    "f2d2945d-a509-44d8-abbc-12566ae7962d"
  ],
  "asset_matching_type": "ALL_ASSETS",
  "enabled": true,
  "mode": "CUSTOM",
  "creation_time": 1678886400000,
  "created_by": "mock_user",
  "modification_time": 1678886400000,
  "modified_by": "mock_user"
}

{
  "id": "569ce82b-f3b2-42d9-a6e8-1bc6339893d1",
  "name": "test-all-policies-prisma_cloud_copy",
  "description": "Test policy rule filter with asset groups",
  "labels": [
    "prisma_cloud_alert_rule_copy"
  ],
  "rule_matching_type": "ALL_RULES",
  "asset_matching_type": "ASSET_GROUPS",
  "associated_asset_group_ids": [
    52
  ],
  "mode": "CUSTOM",
  "creation_time": 1678886400000,
  "created_by": "mock_user",
  "modification_time": 1678886400000,
  "modified_by": "mock_user"
}

{
  "id": "002a7844-fe11-43af-876a-f9ad91b79f23",
  "name": "Automation policy rule filter with all assets",
  "description": "Test policy rule filter with all assets",
  "labels": [
    "vm_automation"
  ],
  "rule_matching_type": "RULES",
  "associated_rule_ids": [
    "f1dd78f2-7667-4b69-8a3e-af257e5d4cf6"
  ],
  "asset_matching_type": "CLOUD_ACCOUNTS",
  "associated_cloud_account_ids": [
    "286677803794946164413015306518444191290"
  ],
  "enabled": true,
  "mode": "CUSTOM",
  "creation_time": 1678886400000,
  "created_by": "mock_user",
  "modification_time": 1678886400000,
  "modified_by": "mock_user"
}

Unprocessable Content

Too Many Requests

Bad Request

Body

application/json

err_msgstringrequired

metadataobject

Any of

err_extraobject

Any of

[

fieldstringrequired

messagestringrequired

]

RESPONSE

{
  "err_msg": "The request contains invalid parameters",
  "metadata": {
    "err_extra": [
      {
        "field": "rule_matching_type",
        "message": "Input should be 'ALL_RULES', 'RULES' or 'RULE_FILTER'"
      },
      {
        "field": "associated_rule_filter",
        "message": "Value error, Invalid filter format: missing SEARCH_FIELD, SEARCH_TYPE, SEARCH_VALUE or logical operator (AND/OR)"
      },
      {
        "field": "asset_matching_type",
        "message": "Input should be 'ALL_ASSETS', 'ASSET_GROUPS' or 'CLOUD_ACCOUNTS'"
      }
    ]
  }
}

{
  "err_msg": "The request contains invalid parameters",
  "metadata": {
    "err_extra": [
      {
        "field": "asset_matching_type",
        "message": "Field required"
      },
      {
        "field": "body",
        "message": "Value error, associated_asset_group_ids is required when asset_matching_type is ASSET_GROUPS"
      },
      {
        "field": "body",
        "message": "Value error, associated_rule_filter is required when rule_matching_type is RULE_FILTER"
      }
    ]
  }
}

Unauthorized

Forbidden

Not Found

Conflict

Internal Server Error

Body

application/json

err_msgstringrequired

metadataobject

Any of

err_extraobject

Any of

[

fieldstringrequired

messagestringrequired

]

RESPONSEInternal Server Error
{
  "err_msg": "Internal Server Error",
  "metadata": {
    "err_extra": [
      {
        "message": "Internal Server Error"
      }
    ]
  }
}

Bad Gateway

Service Unavailable