Creates a new policy.
Parameter | Mandatory/Optional | Data Type | Description |
---|---|---|---|
policyName | Mandatory | string | Enter a policy name of up to 150 characters. |
description | Mandatory | string | Enter a description for the policy of up to 250 characters. |
policyType | Mandatory | string | Specify the policy type. Currently, the only available value is: IMAGESCAN |
policyMode | Mandatory | string | Specify the policy mode as active to enforce the policy or inactive to keep the policy deactivated. |
assetType | Mandatory | string | Specify the asset type. Currently, only "CICD" is supported. |
isDefault | Mandatory | string | Specify whether to make it a default policy. The valid values are: true or false. |
centralizedPolicyRules | At least one active rule is mandatory | - |
Provide rules as part of the policy evaluation.
This rule reads: If the count of vulnerabilities with severity level 1 is greater than 1, deny/fail the CICD build. Where,
|
API Request
curl -X "POST"
"<qualys_base_url>/csapi/v1.3/centralizedPolicy"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
-H "Content-Type: application/json"
Request Body
{
"policyName": "Policy1214",
"policyType": "IMAGESCAN",
"policyMode": "ACTIVE",
"description": "Policy1234",
"createdBy": "quays_ab6",
"updatedBy": "quays_ab6",
"centralizedPolicyRules": [
{
"name": "Rule123",
"type": "IMAGESCAN_VULN_SEVERITYCOUNT",
"action": "DENY",
"isEnabled": true,
"stopProcessing": false,
"sortOrder": 0,
"metaData": {
"operator": "GREATER_THAN",
"severityLevel": 1,
"threshold": 1
}
}
],
"assetType": "CICD",
"isDefault": false,
"tagIds": [
"095a966f-fb5f-4eb5-8d43-b77d1a740876"
]
}
Response
{
"uuid": "d967073a-28d8-414d-b96d-3d19eaa20935"
}
Was this topic helpful?