/v5/api/policies/{policyId} (PUT) - BlueCat DNS Edge

DNS Edge API Guide

Locale
English (United States)
Product name
BlueCat DNS Edge

Updates the policy specified by policy ID. Note that all parameters are updated with this action, whether you specify values or not. If you leave a parameter out, its value will be overwritten with no data.

PUT https://api-<DNS.Edge.URL>/v5/api/policies/<policyId>
Authorization: Bearer token
Content-Type: application/JSON
 { 
  "name": "name",
  "description": "description",
  "appliedTo": [{ 
         "type": "siteName | siteGroupID | AllSites",
         "name": "value"
    }],
   "domain": [ { 
          "type": "list",
          "listId": "dns-list-id"
    }],
    "action": { 
           "type":"block | monitor | allow"
    },  
    "exceptionDomainLists":[{ 
            "type": "list",
            "listId": "dns-list-id"
    }],
    "active": "true | false",
    "sourceIps": {
            "type": "INCLUDE | EXCLUDE",
            "ranges": [
                "192.168.0.1",
                "1.2.3.4"
            ]
    ],
    "timeRanges":[{
            "start": "01:00",
            "end": "20:00",
            "days": ["Monday", "Tuesday", "Wednesday"],
    }],
    "queryTypes": ["15", "A"]
    "redirectTarget": "valid FQDN domain",
    "threats": {[
             "type": "DGA"
     }, {
             "type": "DNS_Tunneling"
     }],
    "matchAnswer": "true |  false",
    "matchAuthority": "true | false"
    "matchResponseIpListIds": [
        "IPList1"
    ],
    "exceptionResponseIpListIds": [
        "IPList2"
    ]
  }
Notes
  • Redirect policies: You can only use redirect to another DN with a block policy.
  • Threats: Valid threat types are DGA and DNS_Tunneling. Threat types are only allowed for Monitor and Block policies.
  • Source IPs: The include/exclude parameter is optional. Excluding source IPs is only applicable to Block and Monitory policies, and isn't applicable to Allow policies. When this parameter isn't specified, the default value is Include.
  • Match Answer: Only applicable to Monitor and Block policies. You must configure at least one criteria to block or monitor domain lists.
  • Match Authority: Only applicable to Monitor and Block policies. You must configure at least one criteria to block or monitor domain lists.
  • Match Response IP List IDs (optional): A list of IP lists that matches to a policy based on the IP response of a DNS query.
  • Exception Response IP List IDs (optional): A list of IP lists that unmatches to a policy based on the IP response of a DNS query.
    Note: If exceptionResponseIpListIds is specified, you must also specify matchResponseIpListIds.

Successful response

200 - OK

Other responses

204 - No content