editIntrusionPolicyRuleUpdate - Firepower Threat Defense API v6.2 (FTD v7.2)

Description

The editIntrusionPolicyRuleUpdate operation handles configuration related to IntrusionPolicyRuleUpdate model.
This API call is not allowed on the standby unit in an HA pair.

This API will allow the update of override state of Intrusion Rules and security level of Intrusion Rule Groups for an Intrusion Policy.

HTTP request

PUT /api/fdm/v6/policy/intrusionpolicies/{objId}/ruleupdates

Data Parameters

Parameter	Required	Type	Description
version	False	string	The version of the IntrusionPolicy to be updated.
name	False	string	A string that represents the name of the object
ruleConfigs	False	[object]	A set of RuleConfigs representing the IntrusionRule and IntrusionRuleState to be updated.
ruleGroupConfigs	False	[object]	A set of RuleGroupConfigs representing the Intrusion Rule Group and Security Level to be updated
id	False	string	The UUID of the IntrusionPolicy to be updated. Field level constraints: must match pattern ^((?!;).)*$. (Note: Additional constraints might exist)
type	True	string	A UTF8 string, all letters lower-case, that represents the class-type. This corresponds to the class name.

Path Parameters

Parameter	Required	Type	Description
objId	True	string

Example

curl -X PUT \
    --header "Accept: application/json" \
    --header "Authorization: Bearer ${ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    -d '{
        "id": "string",
        "name": "string",
        "ruleConfigs": [],
        "ruleGroupConfigs": [],
        "type": "intrusionpolicyruleupdate",
        "version": "string"
    }' \
    "https://${HOST}:${PORT}/api/fdm/v6/policy/intrusionpolicies/{objId}/ruleupdates"

from bravado.requests_client import RequestsClient
from bravado.client import SwaggerClient


def get_client(host, token):
    http_client = RequestsClient()
    http_client.ssl_verify = False
    http_client.set_api_key(
        host,
        "Bearer {}".format(token),
        param_name="Authorization",
        param_in="header"
    )
    return SwaggerClient.from_url(
        "https://{}/apispec/ngfw.json".format(host),
        http_client=http_client,
        config={
            "validate_responses": False,
            "validate_swagger_spec": False
        }
    )


def edit_intrusion_policy_rule_update(client, obj_id, body):
    return client.IntrusionPolicy.editIntrusionPolicyRuleUpdate(
        objId=obj_id,
        body=body
    ).response().result


if __name__ == "__main__":
    host = "ftd.example.com"
    token = "access_token"
    client = get_client(host, token)

    obj_id = "string"
    body = {'id': 'string',
 'name': 'string',
 'ruleConfigs': [],
 'ruleGroupConfigs': [],
 'type': 'intrusionpolicyruleupdate',
 'version': 'string'}

    edit_intrusion_policy_rule_update(client, obj_id, body)