Create or Update Policy

PUT {{cb_url}}/containers/v1/orgs/{{cb_org_key}}/guardrails/management/policies

This request enables the user to create or update a policy.
Policies are used to in order to define the misconfigurations or rules we want to enforce on resources in the selected scope.

RBAC Permissions Required

Permission (.notation name)Operation(s)
kubernetes.securityCREATE, READ, UPDATE, DELETE

API Documentation

Request Schema

{
    "name": "<string>",
    "scope_id": "<uuid>",
    "status": "<string>",
    "rules": [
        {
            "id": "<string>",
            "action": "<string>",
            "is_enabled": <boolean>,
            "preset_id": "<string>",
            "preset_name": "<string>"
        }
    ],
    "exceptions": {
        "ruleId1": [
            {
                "name": "<string>",
                "username": "<string>",
                "labels": [
                    {
                        "key": "<string>",
                        "value": "<string>"
                    }
                ]
            }
        ]
    },
    "include_init_containers": <boolean>,
    "include_ephemeral_containers": <boolean>,
    "policy_id": "<uuid>"
}

Request Body

{"name"=>"Demo-Policy", "include_init_containers"=>false, "include_ephemeral_containers"=>true, "scope_id"=>"ee58a110-62f4-482b-9fb4-09f6ef8b1994", "rules"=>[{"id"=>"deny-ephemeral-containers", "action"=>"alert", "is_enabled"=>true}], "exceptions"=>{}, "status"=>"enabled"}

HEADERS

KeyDatatypeRequiredDescription
X-AUTH-TOKENstring(Required) Carbon Black Access Key
Content-Typestring
Acceptstring

RESPONSES

status: OK

{&quot;policy_id&quot;:&quot;0e58ef37-15e5-482b-a4a1-68a84e179845&quot;}