Create or Update Policy
PUT {{cb_url}}/containers/v1/orgs/{{cb_org_key}}/guardrails/management/policies
This request enables the user to create or update a policy.
Policies are used to in order to define the misconfigurations or rules we want to enforce on resources in the selected scope.
RBAC Permissions Required
| Permission (.notation name) | Operation(s) |
|---|---|
| kubernetes.security | CREATE, READ, UPDATE, DELETE |
Request Schema
{
"name": "<string>",
"scope_id": "<uuid>",
"status": "<string>",
"rules": [
{
"id": "<string>",
"action": "<string>",
"is_enabled": <boolean>,
"preset_id": "<string>",
"preset_name": "<string>"
}
],
"exceptions": {
"ruleId1": [
{
"name": "<string>",
"username": "<string>",
"labels": [
{
"key": "<string>",
"value": "<string>"
}
]
}
]
},
"include_init_containers": <boolean>,
"include_ephemeral_containers": <boolean>,
"policy_id": "<uuid>"
}
Request Body
{"name"=>"Demo-Policy", "include_init_containers"=>false, "include_ephemeral_containers"=>true, "scope_id"=>"ee58a110-62f4-482b-9fb4-09f6ef8b1994", "rules"=>[{"id"=>"deny-ephemeral-containers", "action"=>"alert", "is_enabled"=>true}], "exceptions"=>{}, "status"=>"enabled"}
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
X-AUTH-TOKEN | string | (Required) Carbon Black Access Key | |
Content-Type | string | ||
Accept | string |
RESPONSES
status: OK
{"policy_id":"0e58ef37-15e5-482b-a4a1-68a84e179845"}