/v5/api/policies/{policyId} (PUT) - BlueCat Edge - Service Point v3.x.x

BlueCat Edge API Guide

Locale
English
Product name
BlueCat Edge
Version
Service Point v3.x.x

Updates the policy specified by policy ID. Note that all parameters are updated with this action, whether you specify values or not. If you leave a parameter out, its value will be overwritten with no data.

PUT https://api-<BlueCat.edge.url>/v5/api/policies/<policyId>
Authorization: Bearer token
Content-Type: application/JSON
 { 
  "name": "name",
  "description": "description",
  "appliedTo": [{ 
         "type": "siteName | siteGroupID | AllSites",
         "name": "value"
    }],
   "domain": [ { 
          "type": "list",
          "listId": "dns-list-id"
    }],
    "action": { 
           "type":"trust | block | monitor | allow"
    },  
    "exceptionDomainLists":[{ 
            "type": "list",
            "listId": "dns-list-id"
    }],
    "active": "true | false",
    "sourceIps": {
            "type": "INCLUDE | EXCLUDE",
            "ranges": [
                "192.168.0.1",
                "1.2.3.4"
            ]
    ],
    "timeRanges":[{
            "start": "01:00",
            "end": "20:00",
            "days": ["Monday", "Tuesday", "Wednesday"],
    }],
    "queryTypes": ["15", "A"]
    "redirectTarget": "valid FQDN domain",
    "threats": {[
             "type": "DGA"
     }, {
             "type": "DNS_Tunneling"
     }],
    "matchAnswer": "true |  false",
    "matchAuthority": "true | false"
    "matchResponseIpListIds": [
        "IPList1"
    ],
    "exceptionResponseIpListIds": [
        "IPList2"
    ]
  }
When updating an existing policy, the JSON body must contain the following fields:
  • name
  • description
  • action
  • active
  • appliedTo
  • matchAnswer
  • matchAuthority
  • domain
  • exceptionDomainLists
Note: If you are not updating any values within the required JSON body fields, enter the value as the current value.
Notes
  • Redirect policies: You can only use redirect to another DN with a block policy.
  • Threats: Valid threat types are DGA and DNS_Tunneling. Threat types are only allowed for Monitor and Block policies.
  • Source IPs: The include/exclude parameter is optional. Excluding source IPs is only applicable to Block and Monitor policies, and isn't applicable to Allow policies. When this parameter isn't specified, the default value is Include.
  • Match Answer: Only applicable to Monitor and Block policies. You must configure at least one criteria to block or monitor domain lists.
  • Match Authority: Only applicable to Monitor and Block policies. You must configure at least one criteria to block or monitor domain lists.
  • Match Response IP List IDs (optional): A list of IP lists that matches to a policy based on the IP response of a DNS query.
  • Exception Response IP List IDs (optional): A list of IP lists that unmatches to a policy based on the IP response of a DNS query.
    Note: If exceptionResponseIpListIds is specified, you must also specify matchResponseIpListIds.

Successful response

200 - OK
Possible error codes
  • 400 Invalid Input - Invalid body content
  • 401 Unauthorized - Missing or invalid token
  • 403 Forbidden - You are not authorized to perform this action