View Security Policies

Details

API DetailsRelease-Specific Information
CloudCenter Platform 4xCloudCenter Suite 5x
NameView Security Policy or Policies
Description

View configurations for an existing security policy or for all configured policies

Allowed Role(s)WM_USER
MethodGET
URI
  • 1/securityProfiles
  • v1/securityProfiles/securityProfileId
  • cloudcenter-ccm-backend/api/v1/securityProfiles
  • cloudcenter-ccm-backend/api/v1/securityProfiles/securityProfileId
Sample Request
curl -k -X POST -H "Accept: application/json" -H "Content-Type: application/json" -u cliqradmin:40E45DBE57E35ECB "https://<HOST>:<PORT>/v1/securityProfiles/5"
curl -k -X POST -H "Accept: application/json" -H "Content-Type: application/json" -u cliqradmin:40E45DBE57E35ECB "https://<HOST>:<PORT>/cloudcenter-ccm-backend/api/v1/securityProfiles/5
Release
  • Introduced in CloudCenter 4.5
  • Modified in CloudCenter 4.10
    • The Security Profiles function is renamed to Security Policies but the API continues to use securityProfiles 
    • Policies can no longer be assigned a priority

Modified in CloudCenter Suite 5.0.0

Notes
  • Only resource owners and users with WRITE perms can view all the fields for this resource.
  • Other users can only view common fields like name, description, and so forth. See Permission Control for additional context.
Back To LinksCloudCenter Platform 4x APIWorkload Manager API

ESB Header

  • action: get.securityProfiles
  • action: get.securityProfiles.securityProfileId

See the Enterprise Service Bus (ESB) section for additional context.

Not applicable

Sample securityProfilesId Response

 {
   "id":"5",
   "resource":"https://<HOST>:<PORT>/cloudcenter-ccm-backend/api/v1/securityProfiles/5",
   "perms":[
      "administration"
   ],
   "name":"443",
   "description":"443 edited ",
   "vendorName":"cisco",
   "tenantId":"1",
   "lastUpdatedTime":1548739837670,
   "enabled":true,
   "sharedToSubTenants":false,
   "securityProfileRules":[
      {
         "fromPort":443,
         "toPort":443,
         "comment":"",
         "protocol":"TCP",
         "ruleType":"INBOUND",
         "remoteType":"CIDR",
         "sourceIps":[
            "0.0.0.0/0"
         ],
         "id":19
      },
      {
         "fromPort":443,
         "toPort":443,
         "comment":"",
         "protocol":"TCP",
         "ruleType":"OUTBOUND",
         "remoteType":"CIDR",
         "sourceIps":[
            "0.0.0.0/0"
         ],
         "id":20
      }
   ]
}

Sample securityProfiles Response

curl -k -X GET -H "Accept: application/json" -u cliqradmin:40E45DBE57E35ECB "https://<HOST>:<PORT>/v1/securityProfiles"

Response

{
   "resource":"https://<HOST>:<PORT>/cloudcenter-ccm-backend/api/v1/securityProfiles",
   "size":20,
   "pageNumber":0,
   "totalElements":5,
   "totalPages":1,
   "securityProfiles":[
      {
         "id":"2",
         "resource":"https://<HOST>:<PORT>/cloudcenter-ccm-backendv1/securityProfiles/2",
         "perms":[
            "administration"
         ],
         "name":"Jibin",
         "description":"",
         "vendorName":"cisco",
         "tenantId":"1",
         "lastUpdatedTime":1548144313943,
         "enabled":true,
         "sharedToSubTenants":false,
         "securityProfileRules":[
            {
               "fromPort":80,
               "toPort":80,
               "comment":"",
               "protocol":"TCP",
               "ruleType":"INBOUND",
               "remoteType":"CIDR",
               "sourceIps":[
                  "0.0.0.0/0"
               ],
               "id":11
            }
         ]
      },
      {
         "id":"3",
         "resource":"https://<HOST>:<PORT>/cloudcenter-ccm-backendv1/securityProfiles/3",
         "perms":[
            "administration"
         ],
         "name":"22",
         "description":"22",
         "vendorName":"cisco",
         "tenantId":"1",
         "lastUpdatedTime":1548739778339,
         "enabled":true,
         "sharedToSubTenants":false,
         "securityProfileRules":[
            {
               "fromPort":22,
               "toPort":22,
               "comment":"",
               "protocol":"TCP",
               "ruleType":"INBOUND",
               "remoteType":"CIDR",
               "sourceIps":[
                  "0.0.0.0/0"
               ],
               "id":13
            },
            {
               "fromPort":22,
               "toPort":22,
               "comment":"",
               "protocol":"TCP",
               "ruleType":"OUTBOUND",
               "remoteType":"CIDR",
               "sourceIps":[
                  "0.0.0.0/0"
               ],
               "id":14
            }
         ]
      },
      {
         "id":"4",
         "resource":"https://<HOST>:<PORT>/cloudcenter-ccm-backendv1/securityProfiles/4",
         "perms":[
            "administration"
         ],
         "name":"80",
         "description":"80",
         "vendorName":"cisco",
         "tenantId":"1",
         "lastUpdatedTime":1548739808699,
         "enabled":true,
         "sharedToSubTenants":false,
         "securityProfileRules":[
            {
               "fromPort":80,
               "toPort":80,
               "comment":"",
               "protocol":"TCP",
               "ruleType":"INBOUND",
               "remoteType":"CIDR",
               "sourceIps":[
                  "0.0.0.0/0"
               ],
               "id":15
            },
            {
               "fromPort":80,
               "toPort":80,
               "comment":"",
               "protocol":"TCP",
               "ruleType":"OUTBOUND",
               "remoteType":"CIDR",
               "sourceIps":[
                  "0.0.0.0/0"
               ],
               "id":16
            }
         ]
      },
      {
         "id":"5",
         "resource":"https://<HOST>:<PORT>/cloudcenter-ccm-backendv1/securityProfiles/5",
         "perms":[
            "administration"
         ],
         "name":"443",
         "description":"443 edited ",
         "vendorName":"cisco",
         "tenantId":"1",
         "lastUpdatedTime":1548739837670,
         "enabled":true,
         "sharedToSubTenants":false,
         "securityProfileRules":[
            {
               "fromPort":443,
               "toPort":443,
               "comment":"",
               "protocol":"TCP",
               "ruleType":"INBOUND",
               "remoteType":"CIDR",
               "sourceIps":[
                  "0.0.0.0/0"
               ],
               "id":19
            },
            {
               "fromPort":443,
               "toPort":443,
               "comment":"",
               "protocol":"TCP",
               "ruleType":"OUTBOUND",
               "remoteType":"CIDR",
               "sourceIps":[
                  "0.0.0.0/0"
               ],
               "id":20
            }
         ]
      }
   ]
}

Request Attributes

securityPolicyId
  • Description: Unique, system-generated identifier for the security policy
  • Type: String


Response Attributes

id
  • DescriptionUnique, system-generated identifier for this CloudCenter Resource.

  • Type: String
resource
  • Description: Unique URL to access this resource.
  • Type: String
perms (click for additional information)
name
  • DescriptionThe name assigned for this CloudCenter ResourceValid characters are letters, numbers, underscores, and spaces.

  • Type: String

description
  • DescriptionA brief description for this CloudCenter Resource.

  • Type: String

vendorName
  • DescriptionThe name of the tenant organization
  • Type: String

tenantId
  • DescriptionUnique, system-generated identifier for the tenant organization. A tenant admin must belong to this tenant to invoke any APIs for this tenant. See the Tenant ID and Tenant Name Dependency section for the relevant release for additional context.

  • Type: String

lastUpdatedTime
  • Description: Date that this resource was last updated. This attribute is the same as the lastUpdated attribute.

  • Type: Long

enabled
  • Description: Indicates that this resource has been enabled. The default differs based on the resource.

    • true = The resource has been enabled (v2 aging and suspension policies are enabled by default).

    • false = The resource has not been enabled.

  • Type: Boolean

sharedToSubTenants
  • Description: Identifies if the tenant firewall rule or security group or tier-based rules apply to all sub-tenants within the tenant.
  • Type: Boolean
    • true = The firewall rules are shared with sub-tenants.
    • false = The firewall rules are not shared with sub-tenants.

securityProfileRules
  • Description: Identifies the firewall rule(s) for each security profile configuration.
  • Type: A sequence of configured rules

     fromPort 
    • Description: The initial port number of the port range to use for this inbound firewall rule (or security rule)
    • Type: String

    toPort 
    • Description: The final port number of the port range to use for this inbound firewall rule (or security rule)
    • Type: String

    comment
    • Description: A description that provides a commentary for each rule or resource.
    • Type: String

    protocol
    • Description: Defines the protocol to be used by VMs running this service.
    • Type: Enumeration:

      ProtocolDescription
      TCPTransmission Control Protocol
      UDPUser Datagram Protocol

    ruleType
    • Description: Lists the type of port configuration for each security policy.
    • Type: Enumeration

      EnumerationDescription
      INBOUND
      This is an inbound port configuration.
      OUTBOUND
      This is an outbound port configuration.

    remoteType
    • Description: Identifies if the type of firewall rule.
    • Type: Enumeration

      EnumerationDescription
      CIDR
      The Source CIDR for an inbound port configuration and a Target CIDR for an outbound configuration.
      SECURITY_GROUP
      The security communication security between nodes and external access) via Security Groups.
      TIER
      The firewall rules configured between tiers of an application or application profile.

    sourceIps
    • Description: The IP for firewall rule configuration defaults to 0.0.0.0/0. If you have configured a pool of IPs, these IPs are displayed in this section
    • Type: String

    id
    • DescriptionUnique, system-generated identifier for this CloudCenter Resource.

    • Type: String

  • No labels
© 2017-2019 Cisco Systems, Inc. All rights reserved