Skip to main content

REST APIs for 23.5

Non-corporate Public IP Addresses

The API sec_policy/rule_coverage supports non-domain interfaces.

Security Policy Rule Coverage

Security Principals Methods

HTTP

URI

Get Security Principals

POST

[api_version][org_href]/sec_policy/rule_coverage

Query Parameters

The property network accepts network_href to correctly determine if the rule applies to a flow.

Parameter

Description

source

Source entity

Specify labels,such as

"href": "/orgs/14/labels/42"

"href": "/orgs/14/labels/43"

destination

Destination entity

Specify an IP list, such as "href": "/orgs/14/sec_policy/active/ip_lists/14"

network

The network that the source and destination are on

services

Port and protocol, and optional process or Windows service names, of matching rules

Response Properties

In the release 23.5, in sec_policy_rule_coverage_post_response a new array rule_edges was added, which provides a list with a placeholder for each requested source and destination pair.

The previous object rules is replaced with a reference to "$ref": "#/definitions/rule_href_mapping", and the previous array edges is replaced with a reference to "$ref": "#/definitions/rule_edges".

"rule_edges": {
	"type": "array",
	"description": "A list with a placeholder for each requested source and destination pair",
	"items": {
	   "type": "array",
	   "description": "A list with with a placeholder for each requested service 
                         (per source and destination pair)",
	"items": {
	   "type": "array",
	   "description": "A list of indexes of matching rules 
                         (for each service per source and destination pair)",
	"items": {
	   "type": "string",
	   "pattern": "^[0-9]+$"
	   }
     }
}

Before the release 23.5, the response was as follows:

Parameter

Description

rules

The rules returned in the API response are rules with network_type (such as non-brn) that apply to the given input, such as:

"0": { "href": "/orgs/14/sec_policy/draft/rule_sets/21/sec_rules/220" },

"1": { "href": "/orgs/14/sec_policy/draft/rule_sets/21/sec_rules/223" },

"2": { "href": "/orgs/14/sec_policy/draft/rule_sets/21/sec_rules/237" }

edges

[[["0", "1", "2"]]]