Update a Centralized Policy
Lets you update the specified policy.
Input ParametersInput Parameters
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| policyName | Mandatory | string | Enter a policy name of up to 150 characters. |
| description | Mandatory | string | Enter a description for the policy of up to 250 characters. |
| policyType | Mandatory | string | Specify the policy type. Currently, the only available value is: CICD or K8S_ADMISSION_CONTROLLER |
| policyMode | Mandatory | string | Specify the policy mode as active to enforce the policy or inactive to keep the policy deactivated. |
| assetType | Mandatory | string | Specify the asset type. Currently, only "CICD" is supported. |
| isDefault | Mandatory | string | Specify whether to make it a default policy. The valid values are: true or false. |
| centralizedPolicyRules | At least one active rule is mandatory | - |
Provide rules as part of the policy evaluation. This rule reads: If the count of vulnerabilities with severity level 1 is greater than 1, deny/fail the CICD build. Where,
|
| name |
Mandatory |
array |
Indicates array for the centralized policy rules to be included. New rule sub-type: - Block Images with Malware |
| type |
Mandatory |
string |
A part of 'centralized PolicyRules' array. Indicates policy rule type. Is available only if the particular rule is set and enabled for the policy. New value: - IMAGESCAN_VULN_RESTRICTED_malware_IMAGES |
Sample: Update a PolicySample: Update a Policy
API Request
curl -X "PUT"
"<qualys_base_url>/csapi/v1.3/centralizedPolicy/{policyId}"
-H "accept: application/json"
-H "Authorization: Bearer <Token>"
-H "Content-Type: application/json"Request Body
{
"policyName": "Policy1214",
"policyType": "CICD",
"policyMode": "ACTIVE",
"description": "Policy1234",
"createdBy": "quays_ab6",
"updatedBy": "quays_ab6",
"centralizedPolicyRules": [
{
"name": "RuleTest",
"type": "IMAGESCAN_VULN_SEVERITYCOUNT",
"action": "DENY",
"isEnabled": true,
"stopProcessing": false,
"sortOrder": 0,
"metaData": {
"operator": "GREATER_THAN",
"severityLevel": 3,
"threshold": 5
}
}
],
"assetType": "CICD",
"isDefault": false,
"tagIds": [
"095a966f-fb5f-4eb5-8d43-b77d1a740876"
]
}Response
{
"uuid": "d967073a-28d8-414d-b96d-3d19eaa20935"
}Sample: Update a Centralized Image Assessment (CICD) PolicySample: Update a Centralized Image Assessment (CICD) Policy
API Request
curl -X 'PUT' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy/9b5f6954-3bf5-4819-b96c-4fffb1d28b9f' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \Request Body
-d' {
"policyName": "Restricted author and old vul rule test",
"description": "Test",
"centralizedPolicyRules": [
{
"name": "Block Unauthorized Author",
"type": "IMAGESCAN_VULN_RESTRICTED_AUTHORS",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"values": [
"John Doe"
]
},
"action": "FAIL"
},
{
"name": "Block Older Vulnerability",
"type": "IMAGESCAN_VULN_RESTRICTED_OLDER_VULNERABILITY",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"value": 60
},
"action": "FAIL"
}
],
"exclusionPolicyRules": [],
"policyMode": "ACTIVE",
"policyType": "CICD",
"isDefault": false,
"tagIds": [
"7e538fcd-aae2-4d6e-a2cf-953a799b80b3"
],
"k8sFilters": []
}'Response
{
"policyUUID ": "d296f6a2-dd15-4700-b2b1-be29a06cbee2"
} Sample: Update a Centralized Admission Controller PolicySample: Update a Centralized Admission Controller Policy
API Request
curl -X 'PUT' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy/1eb0defd-776f-4fd6-a054-d477a5b160d7' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <Token>' \
-H 'Content-Type: application/json' \ Request Body
-d '{
"policyName": "Restricted author and old vul rule test",
"description": "test",
"centralizedPolicyRules": [
{
"name": "Block Unauthorized Author",
"type": "IMAGESCAN_VULN_RESTRICTED_AUTHORS",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"values": [
"john Doe"
]
},
"action": "FAIL"
},
{
"name": "Block Older Vulnerability",
"type": "IMAGESCAN_VULN_RESTRICTED_OLDER_VULNERABILITY",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"value": 60
},
"action": "FAIL"
}
],
"exclusionPolicyRules": [],
"policyMode": "ACTIVE",
"policyType": "K8S_ADMISSION_CONTROLLER",
"isDefault": false,
"tagIds": [],
"k8sFilters": [
{
"cluster": null,
"namespace": null,
"deployment": {
"clusterUid": "618c60ba-6f2d-470a-a9e2-868c36ba7c48",
"namespaceValue": "default",
"deploymentValue": "cal-nginx-deployment"
}
}
]
}'
Response
{
"policyUUID ": "1eb0defd-776f-4fd6-a054-d477a5b160d7"
}