Create a Policy
Click here to see this page in full context


Create a Policy

Creates a new policy.

POST/csapi/v1.3/centralizedPolicy

Input ParametersInput Parameters

Parameter Mandatory/Optional Data Type Description
policyName Mandatory string Enter a policy name of up to 150 characters.
description Mandatory string Enter a description for the policy of up to 250 characters.
policyType Mandatory string  Specify the policy type. Currently, the only available value is: IMAGESCAN
policyMode Mandatory string Specify the policy mode as active to enforce the policy or inactive to keep the policy deactivated.
assetType Mandatory string Specify the asset type. Currently, only "CICD" is supported.
isDefault Mandatory string Specify whether to make it a default policy. The valid values are: true or false.
centralizedPolicyRules At least one active rule is mandatory -

Provide rules as part of the policy evaluation.

[
    {
        "name": "Rule123",
        "type": "IMAGESCAN_VULN_SEVERITYCOUNT",
        "action": "DENY",
        "isEnabled": true,
        "stopProcessing": false,
        "sortOrder": 0,
        "metaData": {
            "operator": "GREATER_THAN",
            "severityLevel": 1,
            "threshold": 1
        }
    }
]

This rule reads: If the count of vulnerabilities with severity level 1 is greater than 1, deny/fail the CICD build.

Where,

  • name: Specify the name of the rule.
  • type: Specify the type of the rule. Currently, you can create rules related to only the count of vulnerabilities of specific severity and the valid value is: "IMAGESCAN_VULN_SEVERITYCOUNT".
  • action: Specify ALLOW or DENY to pass or fail the CICD pipeline build.
  • isEnabled: Specify whether enforce the rule or keep it deactivated. The valid values are: true or false.
  • operator: Specify the operator of the equation. The valid values are GREATER_THAN and GREATER_THAN_EQUAL_TO.
  • threshold: Specify the maximum number of vulnerabilities allowed.
  • severityLevel: Specify the severity level of vulnerabilities.

Sample: Create a New PolicySample: Create a New Policy

API Request

curl -X "POST"
"<qualys_base_url>/csapi/v1.3/centralizedPolicy"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
-H "Content-Type: application/json"

Request Body

{
    "policyName": "Policy1214",
    "policyType": "IMAGESCAN",
    "policyMode": "ACTIVE",
    "description": "Policy1214",
    "createdBy": "user1",
    "updatedBy": "user1",
    "centralizedPolicyRules": [
        {
            "name": "Rule123",
            "type": "IMAGESCAN_VULN_SEVERITYCOUNT",
            "action": "DENY",
            "isEnabled": true,
            "stopProcessing": false,
            "sortOrder": 0,
            "metaData": {
                "operator": "GREATER_THAN",
                "severityLevel": 1,
                "threshold": 1
            }
        }
    ],
    "assetType": "CICD",
    "isDefault": false,
    "tagIds": [
        "095a966f-fb5f-4eb5-8d43-b77d1a740876"
    ]
}

Response

{
    "uuid": "d967073a-28d8-414d-b96d-3d19eaa20935"
}