Skip to main content

Illumio Core What's New and Release Notes 23.2

Illumio Core REST API in 23.2.20

The Illumio Core REST API v2 has changed in 23.2.20 in the following ways:

Changed APIs in this Release

Some existing Experimental APIs have been changed to facilitate creation of fully scripted integrations of endpoint management systems with the PCE using the Network Enforcement Nodes (NEN) Switch integration capabilities.

Changes involve the following:

  • Exposure changes from Public Experimental to Public Stable. With the exposure changes, the affected APIs are being made available to integrators.

  • Authorization changes to limit the type of user that can add, update, or delete network devices and network endpoints

  • Authorization changes to limit the type of user that can generate and acknowledge policy for network device(s)

Changes in release 23.2.20 include:

  • GET /api/v2/orgs/:xorg_id/network_enforcement_nodes: Exposure change

  • GET /PUT /api/v2/orgs/:xorg_id/network_enforcement_nodes/:uuid: Exposure change

  • POST /api/v2/orgs/:xorg_id/network_enforcement_nodes/:uuid: Exposure & Authorization change (Allow workload admins to add network device to Network Enforcement node)

  • GET /api/v2/orgs/:xorg_id/network_devices: Exposure change

  • GET /api/v2/orgs/:xorg_id/network_devices/:uuid: Exposure change

  • PUT/POST/DELETE /api/v2/orgs/:xorg_id/network_devices/:uuid: Exposure & Authorization change (Allow workload admins to update/delete network devices and add network endpoints to a network device)

  • POST /api/v2/orgs/:xorg_id/network_devices/:uuid/enforcement_instructions_request: Exposure & Authorization change (Allow provisioning admins to request policy generation for multiple network devices)

  • POST /api/v2/orgs/:xorg_id/network_devices/:uuid/enforcement_instructions_applied: Exposure & Authorization change (Allow provisioning admins to acknowledge policy applied to multiple network devices)

  • GET /api/v2/orgs/:xorg_id/network_devices/:uuid/network_endpoints: Exposure change

  • GET /api/v2/orgs/:xorg_id/network_devices/:uuid/network_endpoints/:ep_uuid: Exposure change

  • PUT/POST/DELETE /api/v2/orgs/:xorg_id/network_devices/:uuid/network_endpoints/:ep_uuid: Exposure & Authorization change (Allow workload admins to update/delete network endpoints and assign workloads to a network endpoint)

These changes are all captured in the file illumio.api.json, where you can see the following changes:

  • for network_endponts: change from end_user_experimental to end_user_public; authorization extended to workload manager

  • for network_endpoint: change from end_user_experimental to end_user_public; authorization extended to workload manager

  • for network_devices: change from end_user_experimental to end_user_public

    • for multi_enforcement_instructions_request: authorizatiin expanded to Global Policy Object Provisioner and Ruleset Provisioner

    • for multi_enforcement_instructions_applied: authorizatiin expanded to Global Policy Object Provisioner and Ruleset Provisioner

  • for network_enforcement_nodes: change from end_user_experimental to end_user_public

  • for network_enforcement_node: change from end_user_experimental to end_user_public