Policy management APIs - BlueCat DNS Edge

DNS Edge User Guide

Locale
English (United States)
Product name
BlueCat DNS Edge
Resource URL Authorization Description
/v5/api/policies (GET) Admin, Policy Admin, Analyst List all of the policies, or search for policies associated with a site, site group, or domain list
/v5/api/policies (POST) Admin, Policy Admin Create a new policy from a domain list
/v5/api/policies/{policyId} (GET) Admin, Policy Admin, Analyst Search for a policy by policy ID
/v5/api/policies/{policyId} (DELETE) Admin, Policy Admin Delete the policy specified by policy ID
/v5/api/policies/{policyId} (PUT) Admin, Policy Admin Update the policy specified by policy ID

Policy parameters

Name Type Example Notes
action JSON { "type" : "block" } One of "block", "allow", "monitor", or "redirect".
active boolean false If true, the policy is active, if false it's inactive.
appliedTo List of JSON [ { "name" : " 1b9874b1-9a6b-4347-92f1-7c33bb47c66b", "type" : "siteId" } ] The list of sites and site groups that this policy applies to.
description String "This is a description" The human-readable description of the policy.
domain List of JSON [ { "listId" : " f5d03dec-bdd8-435b-af71-97ddd2d27690", "type": "list" } ] The list of domain lists that the policy should match on.
exceptionDomainLists List of JSON [ { "listId" : " f5d03dec-bdd8-435b-af71-97ddd2d27690", "type": "list" } ] A list of exception domain lists that the policy shouldn't match on.
id String (UUID) " 1509980672880-b6aca992-7ef0-4e67-88fe-ff5c44f5cfea " Unique identifier for the policy.
name String "Name" A human readable name for the policy. This must be unique.
policyVersionId String (UUID) " 9722af80-ff82-4d38-9f87-f13e6567defa" The version number changes each time a policy is updated. This will be used to determine if an applied policy is out-of-date.
queryTypes List of Strings [ "TXT", "PTR", "A" ] The list of query types this policy should match on.
sourceIps JSON { ranges [ "1.1.1.1" ], "type": "INCLUDE" } The source IPs to match on (if type is "INCLUDE") or to explicitly not match on ("EXCLUDE"). The include/exclude parameter is optional. Excluding source IPs is only applicable to Block and Monitor policies, and isn't applicable to Allow policies. When this parameter isn't specified, the default value is Include.
threats List of JSON [{ "type" : "DGA" }] The list of threats to match on.
timeRanges List of JSON [{ "start": "00:00", "end": "23:59" "days": ["Monday"] }] The list of time periods during which the policy applies.
timestamp long 1532095137993 The timestamp of when the policy was last updated (as milliseconds since Jan. 1, 1970).
matchAnswer boolean true The criteria on which policies act on domains. This is only applicable to Block and Monitor policies. If you set matchAnswer to "true", domains listed will be blocked or monitored based on the domain found in the query or answer section of the DNS response.
Note: You must select at least one criteria to block or monitor domain lists (matchAnswer or matchAuthority).
matchAuthority boolean true The criteria on which policies act on domains. This is only applicable to Block and Monitor policies. If you set matchAuthority to "true", domains listed will be blocked or monitored based on the domain found in the authoritative nameserver section of the DNS response.
Note: You must select at least one criteria to block or monitor domain lists (matchAnswer or matchAuthority).