Update Rule - Cloud Security API

{"type":"api","title":"Update Rule","meta":{"id":"/apps/pubhub/media/cloud-security-apis-in-eft/d2a1854d5c0ed9069a7f0bc54a9b813f3075ddc9/1416204d-a3eb-3b4d-a1fc-4d01aedf1895","info":{"title":"Cisco Secure Access Rules, Rule Settings, and Application Lists APIs","version":"1.0.1","description":"Create and manage the access rules, rule settings, and application lists.","contact":{"name":"Cloud Security Developer Community"}},"security":[{"oauthFlow":[]}],"tags":[{"name":"Access Rules","description":"The API endpoints that manage the access rules for the organization."},{"name":"Rule Settings and Defaults","description":"The API endpoints that manage the rule settings and defaults on the access rules."},{"name":"Application Lists","description":"The API endpoints that manage the internet application lists for the organization."},{"name":"Secure Access"}],"x-parser-conf":{"overview":{"markdownPath":"secure-access/reference/policies/policy-rules-overview.md","uri":"secure-access-api-reference-policy-rules-overview"}},"openapi":"3.0.1","servers":[{"url":"https://api.sse.cisco.com/{basePath}","variables":{"basePath":{"default":"policies/v2"}}}],"securitySchemes":{"oauthFlow":{"type":"oauth2","description":"client credential flow","flows":{"clientCredentials":{"tokenUrl":"https://api.sse.cisco.com/auth/v2/token","scopes":{"policies.applicationlists:write":"Write policies application lists","policies.applicationlists:read":"Read policies application lists","policies.settings:write":"Write policies global rule settings","policies.settings:read":"Read policies global rule settings","policies.rules:read":"Read policies access rules","policies.rules:write":"Write policies access rules"}}}}}},"spec":{"tags":["Access Rules","Secure Access"],"summary":"Update Rule","description":"Update the properties on the rule.","operationId":"putRule","parameters":[{"name":"ruleId","in":"path","description":"The ID of the rule.","required":true,"schema":{"type":"integer"},"example":2456,"$$ref":"#/components/parameters/ruleId"}],"security":[{"oauthFlow":["policies.rules:write"]}],"requestBody":{"description":"Create the rule with the specific properties.","required":true,"content":{"application/json":{"schema":{"type":"object","description":"The properties of the rule.","required":["ruleName","ruleConditions","ruleAction","ruleSettings","rulePriority"],"properties":{"ruleName":{"type":"string","maxLength":256,"description":"The name of the rule. The name must be unique across all rules for the organization's policy.\nThe name can have no more than 256 characters.","example":"SSE Rule 1","$$ref":"#/components/schemas/ruleName"},"ruleDescription":{"type":"string","maxLength":256,"description":"The meaningful information about the rule. The description can have no more than 256 characters.","example":"The rule for the London office.","$$ref":"#/components/schemas/ruleDescription"},"ruleAction":{"type":"string","enum":["allow","block"],"description":"The action set on the rule.","example":"allow","$$ref":"#/components/schemas/ruleAction"},"rulePriority":{"type":"integer","description":"The positive integer that represents the priority of the rule.\nThe priority is unique across all rules on the policy for the organization.","example":1,"$$ref":"#/components/schemas/rulePriority"},"ruleIsEnabled":{"type":"boolean","description":"Specifies whether the rule is enabled.","example":true,"$$ref":"#/components/schemas/ruleIsEnabled"},"ruleConditions":{"type":"array","description":"The list of conditions that are set on the rule. Updates to \"ReadOnly\" attributes are ignored.","items":{"type":"object","description":"The attributes created on the rule. The conditions include the name of the attribute, the value of the attribute, and the operator\nthat is applied to the rule condition.","properties":{"attributeName":{"anyOf":[{"type":"string","description":"The name of the attributes for the source components.","enum":["umbrella.source.all","umbrella.source.networkObjectIds","umbrella.source.networkObjectGroupIds","umbrella.source.identity_type_ids","umbrella.source.ip_address","umbrella.source.identity_ids"],"example":"umbrella.source.ip_address","$$ref":"#/components/schemas/attributeNameSource"},{"type":"string","description":"The name of the attributes for the composite source components.","enum":["umbrella.source.ip_address"],"example":"umbrella.source.ip_address","$$ref":"#/components/schemas/attributeNameSourceComposite"},{"type":"string","description":"The name of the attribute for the source components.","enum":["umbrella.destination.all","umbrella.destination.networkObjectIds","umbrella.destination.networkObjectGroupIds","umbrella.destination.serviceObjectIds","umbrella.destination.serviceObjectGroupIds","umbrella.destination.application_ids","umbrella.destination.application_list_ids","umbrella.destination.private_application_ids","umbrella.destination.private_application_group_ids","umbrella.destination.category_ids","umbrella.destination.category_list_ids","umbrella.destination.destination_list_ids","umbrella.destination.logical_operator","umbrella.destination.geolocations","umbrella.destination.private_resource_ids"],"example":"umbrella.destination.private_application_ids","$$ref":"#/components/schemas/attributeNameDestination"},{"type":"string","description":"The name of the attribute for the source components.","enum":["umbrella.destination.ip_address","umbrella.destination.port","umbrella.destination.network_protocol"],"example":"umbrella.destination.ip_address","$$ref":"#/components/schemas/attributeNameDestinationComposite"}],"description":"The name of the attribute.","example":"umbrella.destination.private_application_ids","$$ref":"#/components/schemas/attributeName"},"attributeValue":{"oneOf":[{"type":"string"},{"type":"boolean"},{"type":"array","description":"The list of integers that represent the attribute values.","items":{"type":"integer","description":"An integer that represents the attribute value."},"example":[235,355],"$$ref":"#/components/schemas/attributeValueArrayIntegers"},{"type":"string","description":"To use these specific attribute values in a rule condition, you must:\n* set the `attributeOperator` to `AND`.\n* set the `attributeName` to `umbrella.destination.logical_operator`.","enum":["(umbrella.destination.networkObjectIds && umbrella.destination.serviceObjectIds)","(umbrella.destination.networkObjectGroupIds && umbrella.destination.serviceObjectGroupIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && (umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds))","(umbrella.destination.networkObjectIds && umbrella.destination.serviceObjectGroupIds)","(umbrella.destination.networkObjectGroupIds && umbrella.destination.serviceObjectIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && umbrella.destination.serviceObjectIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && umbrella.destination.serviceObjectGroupIds)","((umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds) && umbrella.destination.networkObjectIds)","(umbrella.destination.networkObjectGroupIds && (umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds))"],"$$ref":"#/components/schemas/attributeValueNetworkServiceObjects"}],"description":"The value of the attribute.","example":123,"$$ref":"#/components/schemas/attributeValue"},"attributeOperator":{"type":"string","description":"The operator that can act on the attribute.","enum":["=","INTERSECT","AND","IN"],"example":"INTERSECT","$$ref":"#/components/schemas/attributeOperator"}}},"example":[{"attributeName":"umbrella.destination.private_application_ids","attributeValue":[12345,34],"attributeOperator":"INTERSECT"}],"$$ref":"#/components/schemas/ruleConditions"},"ruleSettings":{"type":"array","description":"The list of settings on a rule.","items":{"type":"object","properties":{"settingName":{"type":"string","description":"The name of the rule setting.","enum":["sse.decryption.logInternet","sse.decryption.logPrivate","sse.globalIPSEnabled","sse.ztaAuthnTimeoutEnabled","sse.tenantControlProfileId","sse.ztaAuthnTimeoutMinutes","sse.ztnaSessionTimeoutMinutes","umbrella.m365Compatibility","umbrella.posture.webProfileId","umbrella.posture.ipsProfileId","umbrella.posture.profileIdClientbased","umbrella.logLevel","umbrella.default.traffic"],"example":"umbrella.logLevel","$$ref":"#/components/schemas/settingName"},"settingValue":{"description":"The value of the rule setting.","oneOf":[{"type":"string"},{"type":"integer"},{"type":"boolean"}],"example":"LOG_NONE","$$ref":"#/components/schemas/settingValue"}},"example":{"settingName":"sse.decryption.logInternet","settingValue":false}},"example":[{"settingName":"sse.decryption.logInternet","settingValue":false}],"$$ref":"#/components/schemas/ruleSettings"}}},"example":{"ruleName":"Test rule","ruleDescription":"The description for the rule.","ruleAction":"allow","rulePriority":25,"ruleConditions":[{"attributeName":"umbrella.destination.all","attributeValue":true,"attributeOperator":"="},{"attributeName":"umbrella.source.all","attributeValue":true,"attributeOperator":"="}],"ruleSettings":[{"settingName":"umbrella.default.traffic","settingValue":"PUBLIC_INTERNET"}]}}},"$$ref":"#/components/requestBodies/RuleRequestUpdate"},"responses":{"200":{"description":"OK","headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"content":{"application/json":{"schema":{"type":"object","description":"The properties of the access rule that enables security for the traffic that is described on the rule.\nThe rule includes the actions, settings, and conditions configured on the rule and when these attributes\nwere created or modified.","properties":{"organizationId":{"type":"integer","description":"The ID of the organization.","readOnly":true,"example":987456,"$$ref":"#/components/schemas/organizationId"},"ruleId":{"type":"integer","description":"The ID of the rule.","readOnly":true,"example":183456,"$$ref":"#/components/schemas/ruleId"},"ruleName":{"type":"string","maxLength":256,"description":"The name of the rule. The name must be unique across all rules for the organization's policy.\nThe name can have no more than 256 characters.","example":"SSE Rule 1","$$ref":"#/components/schemas/ruleName"},"ruleDescription":{"type":"string","maxLength":256,"description":"The meaningful information about the rule. The description can have no more than 256 characters.","example":"The rule for the London office.","$$ref":"#/components/schemas/ruleDescription"},"ruleAction":{"type":"string","enum":["allow","block"],"description":"The action set on the rule.","example":"allow","$$ref":"#/components/schemas/ruleAction"},"rulePriority":{"type":"integer","description":"The positive integer that represents the priority of the rule.\nThe priority is unique across all rules on the policy for the organization.","example":1,"$$ref":"#/components/schemas/rulePriority"},"ruleIsDefault":{"type":"boolean","description":"Specifies whether the rule is the default rule.","example":true,"$$ref":"#/components/schemas/ruleIsDefault"},"ruleIsEnabled":{"type":"boolean","description":"Specifies whether the rule is enabled.","example":true,"$$ref":"#/components/schemas/ruleIsEnabled"},"ruleConditions":{"type":"array","description":"The list of conditions that are set on the rule. Updates to \"ReadOnly\" attributes are ignored.","items":{"type":"object","description":"The attributes created on the rule. The conditions include the name of the attribute, the value of the attribute, and the operator\nthat is applied to the rule condition.","properties":{"attributeName":{"anyOf":[{"type":"string","description":"The name of the attributes for the source components.","enum":["umbrella.source.all","umbrella.source.networkObjectIds","umbrella.source.networkObjectGroupIds","umbrella.source.identity_type_ids","umbrella.source.ip_address","umbrella.source.identity_ids"],"example":"umbrella.source.ip_address","$$ref":"#/components/schemas/attributeNameSource"},{"type":"string","description":"The name of the attributes for the composite source components.","enum":["umbrella.source.ip_address"],"example":"umbrella.source.ip_address","$$ref":"#/components/schemas/attributeNameSourceComposite"},{"type":"string","description":"The name of the attribute for the source components.","enum":["umbrella.destination.all","umbrella.destination.networkObjectIds","umbrella.destination.networkObjectGroupIds","umbrella.destination.serviceObjectIds","umbrella.destination.serviceObjectGroupIds","umbrella.destination.application_ids","umbrella.destination.application_list_ids","umbrella.destination.private_application_ids","umbrella.destination.private_application_group_ids","umbrella.destination.category_ids","umbrella.destination.category_list_ids","umbrella.destination.destination_list_ids","umbrella.destination.logical_operator","umbrella.destination.geolocations","umbrella.destination.private_resource_ids"],"example":"umbrella.destination.private_application_ids","$$ref":"#/components/schemas/attributeNameDestination"},{"type":"string","description":"The name of the attribute for the source components.","enum":["umbrella.destination.ip_address","umbrella.destination.port","umbrella.destination.network_protocol"],"example":"umbrella.destination.ip_address","$$ref":"#/components/schemas/attributeNameDestinationComposite"}],"description":"The name of the attribute.","example":"umbrella.destination.private_application_ids","$$ref":"#/components/schemas/attributeName"},"attributeValue":{"oneOf":[{"type":"string"},{"type":"boolean"},{"type":"array","description":"The list of integers that represent the attribute values.","items":{"type":"integer","description":"An integer that represents the attribute value."},"example":[235,355],"$$ref":"#/components/schemas/attributeValueArrayIntegers"},{"type":"string","description":"To use these specific attribute values in a rule condition, you must:\n* set the `attributeOperator` to `AND`.\n* set the `attributeName` to `umbrella.destination.logical_operator`.","enum":["(umbrella.destination.networkObjectIds && umbrella.destination.serviceObjectIds)","(umbrella.destination.networkObjectGroupIds && umbrella.destination.serviceObjectGroupIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && (umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds))","(umbrella.destination.networkObjectIds && umbrella.destination.serviceObjectGroupIds)","(umbrella.destination.networkObjectGroupIds && umbrella.destination.serviceObjectIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && umbrella.destination.serviceObjectIds)","((umbrella.destination.networkObjectIds || umbrella.destination.networkObjectGroupIds) && umbrella.destination.serviceObjectGroupIds)","((umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds) && umbrella.destination.networkObjectIds)","(umbrella.destination.networkObjectGroupIds && (umbrella.destination.serviceObjectIds || umbrella.destination.serviceObjectGroupIds))"],"$$ref":"#/components/schemas/attributeValueNetworkServiceObjects"}],"description":"The value of the attribute.","example":123,"$$ref":"#/components/schemas/attributeValue"},"attributeOperator":{"type":"string","description":"The operator that can act on the attribute.","enum":["=","INTERSECT","AND","IN"],"example":"INTERSECT","$$ref":"#/components/schemas/attributeOperator"}}},"example":[{"attributeName":"umbrella.destination.private_application_ids","attributeValue":[12345,34],"attributeOperator":"INTERSECT"}],"$$ref":"#/components/schemas/ruleConditions"},"ruleSettings":{"type":"array","description":"The properties of the policy settings.","items":{"type":"object","properties":{"settingValue":{"description":"The value of the rule setting.","oneOf":[{"type":"string"},{"type":"integer"},{"type":"boolean"}],"example":"LOG_NONE","$$ref":"#/components/schemas/settingValue"},"settingName":{"type":"string","description":"The name of the rule setting.","enum":["sse.decryption.logInternet","sse.decryption.logPrivate","sse.globalIPSEnabled","sse.ztaAuthnTimeoutEnabled","sse.tenantControlProfileId","sse.ztaAuthnTimeoutMinutes","sse.ztnaSessionTimeoutMinutes","umbrella.m365Compatibility","umbrella.posture.webProfileId","umbrella.posture.ipsProfileId","umbrella.posture.profileIdClientbased","umbrella.logLevel","umbrella.default.traffic"],"example":"umbrella.logLevel","$$ref":"#/components/schemas/settingName"},"createdAt":{"type":"string","description":"The date and time that the rule setting was created.","format":"date-time","readOnly":true,"example":"2021-12-13T16:07:07.222Z","$$ref":"#/components/schemas/createdAtRuleSetting"},"modifiedAt":{"type":"string","description":"The date and time that the rule setting was modified.","format":"date-time","readOnly":true,"example":"2023-11-13T21:28:54+00:00","$$ref":"#/components/schemas/modifiedAtRuleSetting"}}},"example":[{"createdAt":"2024-03-26T18:54:45+00:00","settingName":"sse.decryption.logInternet","settingValue":false,"modifiedAt":"2024-03-26T18:54:45+00:00"},{"createdAt":"2024-03-26T18:54:45+00:00","settingName":"sse.decryption.logPrivate","settingValue":false,"modifiedAt":"2024-03-26T18:54:45+00:00"},{"createdAt":"2024-03-26T18:54:45+00:00","settingName":"sse.globalIPSEnabled","settingValue":true,"modifiedAt":"2024-03-26T18:54:45+00:00"},{"createdAt":"2024-02-05T09:13:56+00:00","settingName":"sse.tenantControlProfileId","settingValue":19383,"modifiedAt":"2024-02-05T09:13:56+00:00"}],"$$ref":"#/components/schemas/SettingResponse"},"modifiedBy":{"type":"string","description":"A string that includes the organization ID and user ID for the account that modified the access rule.","example":"org/1234/user/123453","$$ref":"#/components/schemas/modifiedBy"},"modifiedAt":{"type":"string","description":"The date and time that the rule was modified.","format":"date-time","readOnly":true,"example":"2023-11-13T21:28:54+00:00","$$ref":"#/components/schemas/modifiedAtRule"},"createdAt":{"type":"string","description":"The date and time that the rule was created.","format":"date-time","readOnly":true,"example":"2021-12-13T16:07:07.222Z","$$ref":"#/components/schemas/createdAtRule"}},"$$ref":"#/components/schemas/Rule"},"example":{"modifiedAt":"2024-04-01T19:42:38","ruleIsDefault":false,"organizationId":8094936,"rulePriority":9,"ruleName":"Rule 31 Created by Cisco Assistant","ruleId":591710,"ruleConditions":[{"attributeOperator":"INTERSECT","attributeName":"umbrella.source.identity_type_ids","attributeValue":[7]},{"attributeOperator":"INTERSECT","attributeName":"umbrella.destination.private_resource_ids","attributeValue":[1640]}],"ruleIsEnabled":false,"ruleDescription":"Rule Created by Policy Assistant","ruleSettings":[{"settingValue":"LOG_ALL","settingName":"umbrella.logLevel","modifiedAt":"2024-03-26T18:54:45+00:00","createdAt":"2024-03-28T18:17:36"},{"settingValue":"PRIVATE_NETWORK","settingName":"umbrella.default.traffic","modifiedAt":"2024-03-26T18:54:45+00:00","createdAt":"2024-03-28T18:17:36"}],"modifiedBy":"service/chatgpt.policy-api/key/1","createdAt":"2024-03-28T18:17:36","ruleAction":"allow"}}}},"400":{"description":"Bad Request","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"The organization ID is a numeric value."},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}}}}},"headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"$$ref":"#/components/responses/400Error"},"401":{"description":"Unauthorized","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Authorization token is invalid."},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}}}}},"headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"$$ref":"#/components/responses/401Error"},"403":{"description":"Forbidden","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Not Authorized"},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}}}}},"headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"$$ref":"#/components/responses/403Error"},"404":{"description":"Not Found","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Not Found"},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}}}}},"headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"$$ref":"#/components/responses/404Error"},"500":{"description":"Internal Server Error","content":{"application/json":{"schema":{"type":"object","properties":{"error":{"type":"string","description":"Error message explaining the reason for failure.","example":"Internal Server Error"},"requestId":{"type":"string","description":"The ID of the request.","example":"7d318524-d5a4-4fd8-8b29-ad295b2f035b"}}}}},"headers":{"Content-Type":{"schema":{"type":"string"},"description":"The MIME content type of the response body.","example":"application/json","$$ref":"#/components/headers/Content-Type"},"Date":{"schema":{"type":"string","pattern":"^[0-90-90-90-9-0-90-9-0-90-9T0-90-9:0-90-9:0-90-9Z]+$"},"description":"The timestamp of the response.","example":"2023-03-14T18:34:25Z","$$ref":"#/components/headers/Date"}},"$$ref":"#/components/responses/500Error"}},"__originalOperationId":"putRule","method":"put","path":"/rules/{ruleId}"}}