New and Changed APIs in 25.4
Here's a summary of the new and enhanced APIs in this release.
Runtime Parameter to Support More than 8 Labels for Rule Search
A new parameter has been added to the runtime environment:
max_rule_search_provider_consumer_entities
By default, the maximum number of rule search provider consumer entities is eight. However, this restriction is not rigid and can be tailored to specific needs.
This parameter constrains the overall count of labels (sum) spanning all dimensions.
{
"properties": {
"max_rule_search_provider_consumer_entities": {
"description": "Maximum number of rule search provider consumer entities",
"type": "integer",
"default": 8
}
}
}kubernetes_workload
A new property named kubernetes_workload was added to the API sec_policy_rule_coverage_post
It allows observing coverage of security policy rules for individual Kubernetes Workloads. This change allows the PCE to make a correct policy decision for traffic in draft view.
},
"kubernetes_workload": {
"description": "Source kubernetes workload",
"type": "object",
"additionalProperties": false,
"properties": {
"href": {
"description": "URI of kubernetes workload",
"type": "string"
}
}
},golden_image
The property golden_image has been added to two APIs:
GET /api/v2/orgs/:xorg_id/vens/:uuid
PUT /api/v2/orgs/:xorg_id/vens/:uuid
{
"properties": {
"golden_image": {
"description": "Indicates whether this VEN is a golden image",
"type": "boolean",
"default": false
}
}
}The golden_image flag is added to prevent accidental deletion of images that are kept offline and used for cloning.
Administrators now have the option to create a toggleable flag in the PCE interface to mark VEN as golden images. See the Golden Image Flag.