{"type":"model","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/9d37d008417d562ab46d4b67547a68457ce288d2/1416204d-a3eb-3b4d-a1fc-4d01aedf1895","info":{"title":"Cisco Secure Access Policy Rules and Rule Settings APIs","version":"1.0.1","description":"Create and manage the access rules and rule settings in the Access policy.","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Access Rules","description":"The API endpoints that manage the access rules for the organization."},{"name":"Rule Settings and Defaults","description":"The API endpoints that manage the rule settings and defaults on the access rules."},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/policies/policy-rules-overview.md","uri":"secure-access-api-reference-policy-rules-overview"}},"openapi":"3.0.1","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"policies/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"The client credential flow.","flows":{"clientCredentials":{"tokenUrl":"https://api.sse.cisco.com/auth/v2/token","scopes":{"policies.settings:write":"Write policies global rule settings","policies.settings:read":"Read policies global rule settings","policies.rules:read":"Read policies access rules","policies.rules:write":"Write policies access rules"}}}}}},"spec":{"type":"array","description":"The list of conditions that are set on the rule. Updates to \"ReadOnly\" attributes are ignored.","items":{"type":"object","description":"The attributes created on the rule. The conditions include the name of the attribute, the value of the attribute, and the operator\nthat is applied to the rule condition.","properties":{"attributeName":{"anyOf":[{"type":"string","description":"The name of the attributes for the source components.","enum":["umbrella.source.all","umbrella.source.networkObjectIds","umbrella.source.networkObjectGroupIds","umbrella.source.identity_type_ids","umbrella.source.ip_address","umbrella.source.identity_ids"],"example":"umbrella.source.ip_address","$$ref":"#/components/schemas/attributeNameSource"},{"type":"string","description":"The name of the attributes for the composite source components.","enum":["umbrella.source.ip_address"],"example":"umbrella.source.ip_address","$$ref":"#/components/schemas/attributeNameSourceComposite"},{"type":"string","description":"The name of the attribute for the source components.","enum":["umbrella.destination.all","umbrella.destination.networkObjectIds","umbrella.destination.networkObjectGroupIds","umbrella.destination.serviceObjectIds","umbrella.destination.serviceObjectGroupIds","umbrella.destination.application_ids","umbrella.destination.application_list_ids","umbrella.destination.private_application_ids","umbrella.destination.private_application_group_ids","umbrella.destination.category_ids","umbrella.destination.category_list_ids","umbrella.destination.destination_list_ids","umbrella.destination.logical_operator","umbrella.destination.geolocations","umbrella.destination.private_resource_ids"],"example":"umbrella.destination.private_application_ids","$$ref":"#/components/schemas/attributeNameDestination"},{"type":"string","description":"The name of the attribute for the source components.","enum":["umbrella.destination.ip_address","umbrella.destination.port","umbrella.destination.network_protocol"],"example":"umbrella.destination.ip_address","$$ref":"#/components/schemas/attributeNameDestinationComposite"}],"description":"The name of the attribute.","example":"umbrella.destination.private_application_ids","$$ref":"#/components/schemas/attributeName"},"attributeValue":{"oneOf":[{"type":"string"},{"type":"boolean"},{"type":"array","description":"The list of integers that represent the attribute values.","items":{"type":"integer","description":"An integer that represents the attribute value."},"example":[235,355],"$$ref":"#/components/schemas/attributeValueArrayIntegers"},{"type":"string","description":"To use these specific attribute values in a rule condition, you must:\n* set the `attributeOperator` to `AND`.\n* set the `attributeName` to `umbrella.destination.logical_operator`.","enum":["(umbrella.destination.networkObjectIds && umbrella.destination.serviceObjectIds)","(umbrella.destination.networkObjectGroupIds && umbrella.destination.serviceObjectGroupIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && (umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds))","(umbrella.destination.networkObjectIds && umbrella.destination.serviceObjectGroupIds)","(umbrella.destination.networkObjectGroupIds && umbrella.destination.serviceObjectIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && umbrella.destination.serviceObjectIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && umbrella.destination.serviceObjectGroupIds)","((umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds) && umbrella.destination.networkObjectIds)","(umbrella.destination.networkObjectGroupIds && (umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds))"],"$$ref":"#/components/schemas/attributeValueNetworkServiceObjects"}],"description":"The value of the attribute.","example":123,"$$ref":"#/components/schemas/attributeValue"},"attributeOperator":{"type":"string","description":"The operator that can act on the attribute.","enum":["=","INTERSECT","AND","IN"],"example":"INTERSECT","$$ref":"#/components/schemas/attributeOperator"}}},"example":[{"attributeName":"umbrella.destination.private_application_ids","attributeValue":[12345,34],"attributeOperator":"INTERSECT"}],"$$ref":"#/components/schemas/ruleConditions","title":"ruleConditions"}}