Update Security Policy

Details

API DetailsRelease-Specific Information
CloudCenter Platform 4xCloudCenter Suite 5x
NameUpdate SecurityPolicy
Description

Update configurations for an existing security policy

Allowed Role(s)WM_USER
MethodPUT
URI

v1/securityProfiles/securityProfileId

cloudcenter-ccm-backend/api/v1/securityProfiles/securityProfileId

Sample Request
curl -k -X PUT -H "Accept: application/json" -H "Content-Type: application/json" -u cliqradmin:40E45DBE57E35ECB "https://<HOST>:<PORT>/v1/securityProfiles/6"
curl -k -X PUT -H "Accept: application/json" -H "Content-Type: application/json" -u cliqradmin:40E45DBE57E35ECB "https://<HOST>:<PORT>/cloudcenter-ccm-backend/api/v1/securityProfiles/6"
Release
  • Introduced in CloudCenter 4.5
  • Modified in CloudCenter 4.10
    • The Security Profiles function is renamed to Security Policies but the API continues to use securityProfiles 
    • Policies can no longer be assigned a priority

Modified in CloudCenter Suite 5.0.0

Notes
  • Only resource owners and users with WRITE perms can view all the fields for this resource.
  • Other users can only view common fields like name, description, and so forth. See Permission Control for additional context.
Back To LinksCloudCenter Platform 4x APIWorkload Manager API

ESB Header

action: update.securityProfiles.securityProfileId

See the Enterprise Service Bus (ESB) section for additional context.

Not applicable

Sample Request Body

{
   "description":"Security Policy API documentation",
   "enabled":"true",
   "name":"DocSecurityPolicy",
   "securityProfileRules":[
      {
         "comment":"null",
         "fromPort":"443",
         "protocol":"TCP",
         "ruleType":"INBOUND",
         "sourceIps":[
            "10.0.0.1/0"
         ],
         "toPort":"443"
      }
   ]
}

Response

{
   "id":"6",
   "resource":"https://<HOST>:<PORT>/cloudcenter-ccm-backendv1/securityProfiles/6",
   "perms":[
      "administration"
   ],
   "name":"DocSecurityPolicy",
   "description":"Security Policy API documentation",
   "vendorName":"cisco",
   "tenantId":"1",
   "lastUpdatedTime":1553208395792,
   "enabled":true,
   "sharedToSubTenants":false,
   "securityProfileRules":[
      {
         "fromPort":443,
         "toPort":443,
         "comment":"",
         "protocol":"TCP",
         "ruleType":"INBOUND",
         "remoteType":"CIDR",
         "sourceIps":[
            "10.0.0.1/0"
         ],
         "id":22
      }
   ]
}

Request Attributes

name
  • DescriptionThe name assigned for this CloudCenter ResourceValid characters are letters, numbers, underscores, and spaces.

  • Type: String

description
  • DescriptionA brief description for this CloudCenter Resource.

  • Type: String

securityProfileRules
  • Description: Identifies the firewall rule(s) for each security profile configuration.
  • Type: A sequence of configured rules

     fromPort 
    • Description: The initial port number of the port range to use for this inbound firewall rule (or security rule)
    • Type: String

    toPort 
    • Description: The final port number of the port range to use for this inbound firewall rule (or security rule)
    • Type: String

    comment
    • Description: A description that provides a commentary for each rule or resource.
    • Type: String

    protocol
    • Description: Defines the protocol to be used by VMs running this service.
    • Type: Enumeration:

      ProtocolDescription
      TCPTransmission Control Protocol
      UDPUser Datagram Protocol

    ruleType
    • Description: Lists the type of port configuration for each security policy.
    • Type: Enumeration

      EnumerationDescription
      INBOUND
      This is an inbound port configuration.
      OUTBOUND
      This is an outbound port configuration.

    remoteType
    • Description: Identifies if the type of firewall rule.
    • Type: Enumeration

      EnumerationDescription
      CIDR
      The Source CIDR for an inbound port configuration and a Target CIDR for an outbound configuration.
      SECURITY_GROUP
      The security communication security between nodes and external access) via Security Groups.
      TIER
      The firewall rules configured between tiers of an application or application profile.

    sourceIps
    • Description: The IP for firewall rule configuration defaults to 0.0.0.0/0. If you have configured a pool of IPs, these IPs are displayed in this section
    • Type: String

    id
    • DescriptionUnique, system-generated identifier for this CloudCenter Resource.

    • Type: String

Response Attributes

id
  • DescriptionUnique, system-generated identifier for this CloudCenter Resource.

  • Type: String
resource
  • Description: Unique URL to access this resource.
  • Type: String
perms (click for additional information)
name
  • DescriptionThe name assigned for this CloudCenter ResourceValid characters are letters, numbers, underscores, and spaces.

  • Type: String

description
  • DescriptionA brief description for this CloudCenter Resource.

  • Type: String

vendorName
  • DescriptionThe name of the tenant organization
  • Type: String

tenantId
  • DescriptionUnique, system-generated identifier for the tenant organization. A tenant admin must belong to this tenant to invoke any APIs for this tenant. See the Tenant ID and Tenant Name Dependency section for the relevant release for additional context.

  • Type: String

lastUpdatedTime
  • Description: Date that this resource was last updated. This attribute is the same as the lastUpdated attribute.

  • Type: Long

enabled
  • Description: Indicates that this resource has been enabled. The default differs based on the resource.

    • true = The resource has been enabled (v2 aging and suspension policies are enabled by default).

    • false = The resource has not been enabled.

  • Type: Boolean

sharedToSubTenants
  • Description: Identifies if the tenant firewall rule or security group or tier-based rules apply to all sub-tenants within the tenant.
  • Type: Boolean
    • true = The firewall rules are shared with sub-tenants.
    • false = The firewall rules are not shared with sub-tenants.

securityProfileRules
  • Description: Identifies the firewall rule(s) for each security profile configuration.
  • Type: A sequence of configured rules

     fromPort 
    • Description: The initial port number of the port range to use for this inbound firewall rule (or security rule)
    • Type: String

    toPort 
    • Description: The final port number of the port range to use for this inbound firewall rule (or security rule)
    • Type: String

    comment
    • Description: A description that provides a commentary for each rule or resource.
    • Type: String

    protocol
    • Description: Defines the protocol to be used by VMs running this service.
    • Type: Enumeration:

      ProtocolDescription
      TCPTransmission Control Protocol
      UDPUser Datagram Protocol

    ruleType
    • Description: Lists the type of port configuration for each security policy.
    • Type: Enumeration

      EnumerationDescription
      INBOUND
      This is an inbound port configuration.
      OUTBOUND
      This is an outbound port configuration.

    remoteType
    • Description: Identifies if the type of firewall rule.
    • Type: Enumeration

      EnumerationDescription
      CIDR
      The Source CIDR for an inbound port configuration and a Target CIDR for an outbound configuration.
      SECURITY_GROUP
      The security communication security between nodes and external access) via Security Groups.
      TIER
      The firewall rules configured between tiers of an application or application profile.

    sourceIps
    • Description: The IP for firewall rule configuration defaults to 0.0.0.0/0. If you have configured a pool of IPs, these IPs are displayed in this section
    • Type: String

    id
    • DescriptionUnique, system-generated identifier for this CloudCenter Resource.

    • Type: String

  • No labels
© 2017-2019 Cisco Systems, Inc. All rights reserved