sendnrw/netbird-docs
2
0
Fork 0
mirror of https://github.com/netbirdio/docs.git synced 2026-04-15 23:16:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
80f49501d4609173df46c875e56b053cf88c1f93
netbird-docs/src/pages/ipa/resources/policies.mdx
Eduard Gert 80f49501d4 Update nextjs (#550)
2026-01-14 16:20:02 +01:00

2379 lines
53 KiB
Plaintext
Raw Blame History

export const title = 'Policies'
## List all Policies {{ tag: 'GET' , label: '/api/policies' }}
<Row>
<Col>
Returns a list of all policies
</Col>
<Col sticky>
<CodeGroup title="Request" tag="GET" label="/api/policies">
```bash {{ title: 'cURL' }}
curl -X GET https://api.netbird.io/api/policies \
-H 'Accept: application/json' \
-H 'Authorization: Token <TOKEN>'
```
```js
const axios = require('axios');
let config = {
method: 'get',
maxBodyLength: Infinity,
url: '/api/policies',
headers: {
'Accept': 'application/json',
'Authorization': 'Token <TOKEN>'
}
};
axios(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
```
```python
import requests
import json
url = "https://api.netbird.io/api/policies"
headers = {
'Accept': 'application/json',
'Authorization': 'Token <TOKEN>'
}
response = requests.request("GET", url, headers=headers)
print(response.text)
```
```go
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.netbird.io/api/policies"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
{
req.Header.Add("Accept", "application/json")
req.Header.Add("Authorization", "Token <TOKEN>")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
```
```ruby
require "uri"
require "json"
require "net/http"
url = URI("https://api.netbird.io/api/policies")
https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Accept"] = "application/json"
request["Authorization"] = "Token <TOKEN>"
response = https.request(request)
puts response.read_body
```
```java
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
Request request = new Request.Builder()
.url("https://api.netbird.io/api/policies")
.method("GET")
.addHeader("Accept", "application/json")
.addHeader("Authorization: Token <TOKEN>")
.build();
Response response = client.newCall(request).execute();
```
```php
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.netbird.io/api/policies',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Accept: application/json',
'Authorization: Token <TOKEN>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
```
</CodeGroup>
<CodeGroup title="Response">
```json {{ title: 'Example' }}
[
{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"id": "ch8i4ug6lnn4g9hqv7mg",
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}
]
```
```json {{ title: 'Schema' }}
[
{
"name": "string",
"description": "string",
"enabled": "boolean",
"id": "string",
"source_posture_checks": [
"string"
],
"rules": [
{
"name": "string",
"description": "string",
"enabled": "boolean",
"action": "string",
"bidirectional": "boolean",
"protocol": "string",
"ports": [
"string"
],
"port_ranges": [
{
"start": "integer",
"end": "integer"
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"string"
]
},
"id": "string",
"sources": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"sourceResource": {
"id": "string",
"type": "string"
},
"destinations": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"destinationResource": {
"id": "string",
"type": "string"
}
}
]
}
]
```
</CodeGroup>
</Col>
</Row>
---
## Create a Policy {{ tag: 'POST' , label: '/api/policies' }}
<Row>
<Col>
Creates a policy
### Request-Body Parameters
<Properties><Property name="name" type="string" required={true}>
Policy name identifier
</Property>
<Property name="description" type="string" required={false}>
Policy friendly description
</Property>
<Property name="enabled" type="boolean" required={true}>
Policy status
</Property>
<Property name="source_posture_checks" type="string[]" required={false}>
Posture checks ID's applied to policy source groups
</Property>
<Property name="rules" type="object[]" required={true}>
<details className="custom-details" open>
<summary>Policy rule object for policy UI editor</summary>
<Properties>
<Properties><Property name="name" type="string" required={true}>
Policy rule name identifier
</Property>
<Property name="description" type="string" required={false}>
Policy rule friendly description
</Property>
<Property name="enabled" type="boolean" required={true}>
Policy rule status
</Property>
<Property name="action" type="string" required={true} enumList={["accept","drop"]}>
Policy rule accept or drops packets
</Property>
<Property name="bidirectional" type="boolean" required={true}>
Define if the rule is applicable in both directions, sources, and destinations.
</Property>
<Property name="protocol" type="string" required={true} enumList={["all","tcp","udp","icmp","netbird-ssh"]}>
Policy rule type of the traffic
</Property>
<Property name="ports" type="string[]" required={false}>
Policy rule affected ports
</Property>
<Property name="port_ranges" type="object[]" required={false}>
<details className="custom-details" open>
<summary>Policy rule affected ports ranges list</summary>
<Properties>
<Properties><Property name="start" type="integer" required={true}>
The starting port of the range
</Property>
<Property name="end" type="integer" required={true}>
The ending port of the range
</Property>
</Properties>
</Properties>
</details>
</Property>
<Property name="authorized_groups" type="object" required={false}>
Map of user group ids to a list of local users
</Property>
<Property name="id" type="string" required={false}>
Policy rule ID
</Property>
<Property name="sources" type="string[]" required={false}>
Policy rule source group IDs
</Property>
<Property name="sourceResource" type="object" required={false}>
<details className="custom-details" open>
<summary>More Information</summary>
<Properties>
<Properties><Property name="id" type="string" required={true}>
ID of the resource
</Property>
<Property name="type" type="string" required={true} enumList={["host","subnet","domain","peer"]}>
Network resource type based of the address
</Property>
</Properties>
</Properties>
</details>
</Property>
<Property name="destinations" type="string[]" required={false}>
Policy rule destination group IDs
</Property>
<Property name="destinationResource" type="object" required={false}>
<details className="custom-details" open>
<summary>More Information</summary>
<Properties>
<Properties><Property name="id" type="string" required={true}>
ID of the resource
</Property>
<Property name="type" type="string" required={true} enumList={["host","subnet","domain","peer"]}>
Network resource type based of the address
</Property>
</Properties>
</Properties>
</details>
</Property>
</Properties>
</Properties>
</details>
</Property>
</Properties>
</Col>
<Col sticky>
<CodeGroup title="Request" tag="POST" label="/api/policies">
```bash {{ title: 'cURL' }}
curl -X POST https://api.netbird.io/api/policies \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'Authorization: Token <TOKEN>' \
--data-raw '{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}'
```
```js
const axios = require('axios');
let data = JSON.stringify({
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
});
let config = {
method: 'post',
maxBodyLength: Infinity,
url: '/api/policies',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Authorization': 'Token <TOKEN>'
},
data : data
};
axios(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
```
```python
import requests
import json
url = "https://api.netbird.io/api/policies"
payload = json.dumps({
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
})
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Token <TOKEN>'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
```
```go
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.netbird.io/api/policies"
method := "POST"
payload := strings.NewReader(`{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
{
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Accept", "application/json")
req.Header.Add("Authorization", "Token <TOKEN>")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
```
```ruby
require "uri"
require "json"
require "net/http"
url = URI("https://api.netbird.io/api/policies")
https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/json"
request["Accept"] = "application/json"
request["Authorization"] = "Token <TOKEN>"
request.body = JSON.dump({
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
})
response = https.request(request)
puts response.read_body
```
```java
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, '{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}');
Request request = new Request.Builder()
.url("https://api.netbird.io/api/policies")
.method("POST", body)
.addHeader("Content-Type", "application/json")
.addHeader("Accept", "application/json")
.addHeader("Authorization: Token <TOKEN>")
.build();
Response response = client.newCall(request).execute();
```
```php
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.netbird.io/api/policies',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'POST',
CURLOPT_POSTFIELDS => '{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}',
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Accept: application/json',
'Authorization: Token <TOKEN>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
```
</CodeGroup>
<CodeGroup title="Response">
```json {{ title: 'Example' }}
{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"id": "ch8i4ug6lnn4g9hqv7mg",
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}
```
```json {{ title: 'Schema' }}
{
"name": "string",
"description": "string",
"enabled": "boolean",
"id": "string",
"source_posture_checks": [
"string"
],
"rules": [
{
"name": "string",
"description": "string",
"enabled": "boolean",
"action": "string",
"bidirectional": "boolean",
"protocol": "string",
"ports": [
"string"
],
"port_ranges": [
{
"start": "integer",
"end": "integer"
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"string"
]
},
"id": "string",
"sources": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"sourceResource": {
"id": "string",
"type": "string"
},
"destinations": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"destinationResource": {
"id": "string",
"type": "string"
}
}
]
}
```
</CodeGroup>
</Col>
</Row>
---
## Retrieve a Policy {{ tag: 'GET' , label: '/api/policies/{policyId}' }}
<Row>
<Col>
Get information about a Policies
### Path Parameters
<Properties>
<Property name="policyId" type="string" required={true}>
The unique identifier of a policy
</Property>
</Properties>
</Col>
<Col sticky>
<CodeGroup title="Request" tag="GET" label="/api/policies/{policyId}">
```bash {{ title: 'cURL' }}
curl -X GET https://api.netbird.io/api/policies/{policyId} \
-H 'Accept: application/json' \
-H 'Authorization: Token <TOKEN>'
```
```js
const axios = require('axios');
let config = {
method: 'get',
maxBodyLength: Infinity,
url: '/api/policies/{policyId}',
headers: {
'Accept': 'application/json',
'Authorization': 'Token <TOKEN>'
}
};
axios(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
```
```python
import requests
import json
url = "https://api.netbird.io/api/policies/{policyId}"
headers = {
'Accept': 'application/json',
'Authorization': 'Token <TOKEN>'
}
response = requests.request("GET", url, headers=headers)
print(response.text)
```
```go
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.netbird.io/api/policies/{policyId}"
method := "GET"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
{
req.Header.Add("Accept", "application/json")
req.Header.Add("Authorization", "Token <TOKEN>")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
```
```ruby
require "uri"
require "json"
require "net/http"
url = URI("https://api.netbird.io/api/policies/{policyId}")
https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Accept"] = "application/json"
request["Authorization"] = "Token <TOKEN>"
response = https.request(request)
puts response.read_body
```
```java
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
Request request = new Request.Builder()
.url("https://api.netbird.io/api/policies/{policyId}")
.method("GET")
.addHeader("Accept", "application/json")
.addHeader("Authorization: Token <TOKEN>")
.build();
Response response = client.newCall(request).execute();
```
```php
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.netbird.io/api/policies/{policyId}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Accept: application/json',
'Authorization: Token <TOKEN>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
```
</CodeGroup>
<CodeGroup title="Response">
```json {{ title: 'Example' }}
{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"id": "ch8i4ug6lnn4g9hqv7mg",
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}
```
```json {{ title: 'Schema' }}
{
"name": "string",
"description": "string",
"enabled": "boolean",
"id": "string",
"source_posture_checks": [
"string"
],
"rules": [
{
"name": "string",
"description": "string",
"enabled": "boolean",
"action": "string",
"bidirectional": "boolean",
"protocol": "string",
"ports": [
"string"
],
"port_ranges": [
{
"start": "integer",
"end": "integer"
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"string"
]
},
"id": "string",
"sources": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"sourceResource": {
"id": "string",
"type": "string"
},
"destinations": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"destinationResource": {
"id": "string",
"type": "string"
}
}
]
}
```
</CodeGroup>
</Col>
</Row>
---
## Update a Policy {{ tag: 'PUT' , label: '/api/policies/{policyId}' }}
<Row>
<Col>
Update/Replace a Policy
### Path Parameters
<Properties>
<Property name="policyId" type="string" required={true}>
The unique identifier of a policy
</Property>
</Properties>
### Request-Body Parameters
<Properties><Property name="name" type="string" required={true}>
Policy name identifier
</Property>
<Property name="description" type="string" required={false}>
Policy friendly description
</Property>
<Property name="enabled" type="boolean" required={true}>
Policy status
</Property>
<Property name="source_posture_checks" type="string[]" required={false}>
Posture checks ID's applied to policy source groups
</Property>
<Property name="rules" type="object[]" required={true}>
<details className="custom-details" open>
<summary>Policy rule object for policy UI editor</summary>
<Properties>
<Properties><Property name="name" type="string" required={true}>
Policy rule name identifier
</Property>
<Property name="description" type="string" required={false}>
Policy rule friendly description
</Property>
<Property name="enabled" type="boolean" required={true}>
Policy rule status
</Property>
<Property name="action" type="string" required={true} enumList={["accept","drop"]}>
Policy rule accept or drops packets
</Property>
<Property name="bidirectional" type="boolean" required={true}>
Define if the rule is applicable in both directions, sources, and destinations.
</Property>
<Property name="protocol" type="string" required={true} enumList={["all","tcp","udp","icmp","netbird-ssh"]}>
Policy rule type of the traffic
</Property>
<Property name="ports" type="string[]" required={false}>
Policy rule affected ports
</Property>
<Property name="port_ranges" type="object[]" required={false}>
<details className="custom-details" open>
<summary>Policy rule affected ports ranges list</summary>
<Properties>
<Properties><Property name="start" type="integer" required={true}>
The starting port of the range
</Property>
<Property name="end" type="integer" required={true}>
The ending port of the range
</Property>
</Properties>
</Properties>
</details>
</Property>
<Property name="authorized_groups" type="object" required={false}>
Map of user group ids to a list of local users
</Property>
<Property name="id" type="string" required={false}>
Policy rule ID
</Property>
<Property name="sources" type="string[]" required={false}>
Policy rule source group IDs
</Property>
<Property name="sourceResource" type="object" required={false}>
<details className="custom-details" open>
<summary>More Information</summary>
<Properties>
<Properties><Property name="id" type="string" required={true}>
ID of the resource
</Property>
<Property name="type" type="string" required={true} enumList={["host","subnet","domain","peer"]}>
Network resource type based of the address
</Property>
</Properties>
</Properties>
</details>
</Property>
<Property name="destinations" type="string[]" required={false}>
Policy rule destination group IDs
</Property>
<Property name="destinationResource" type="object" required={false}>
<details className="custom-details" open>
<summary>More Information</summary>
<Properties>
<Properties><Property name="id" type="string" required={true}>
ID of the resource
</Property>
<Property name="type" type="string" required={true} enumList={["host","subnet","domain","peer"]}>
Network resource type based of the address
</Property>
</Properties>
</Properties>
</details>
</Property>
</Properties>
</Properties>
</details>
</Property>
</Properties>
</Col>
<Col sticky>
<CodeGroup title="Request" tag="PUT" label="/api/policies/{policyId}">
```bash {{ title: 'cURL' }}
curl -X PUT https://api.netbird.io/api/policies/{policyId} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'Authorization: Token <TOKEN>' \
--data-raw '{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}'
```
```js
const axios = require('axios');
let data = JSON.stringify({
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
});
let config = {
method: 'put',
maxBodyLength: Infinity,
url: '/api/policies/{policyId}',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Authorization': 'Token <TOKEN>'
},
data : data
};
axios(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
```
```python
import requests
import json
url = "https://api.netbird.io/api/policies/{policyId}"
payload = json.dumps({
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
})
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Token <TOKEN>'
}
response = requests.request("PUT", url, headers=headers, data=payload)
print(response.text)
```
```go
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.netbird.io/api/policies/{policyId}"
method := "PUT"
payload := strings.NewReader(`{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
{
req.Header.Add("Content-Type", "application/json")
req.Header.Add("Accept", "application/json")
req.Header.Add("Authorization", "Token <TOKEN>")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
```
```ruby
require "uri"
require "json"
require "net/http"
url = URI("https://api.netbird.io/api/policies/{policyId}")
https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true
request = Net::HTTP::Put.new(url)
request["Content-Type"] = "application/json"
request["Accept"] = "application/json"
request["Authorization"] = "Token <TOKEN>"
request.body = JSON.dump({
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
})
response = https.request(request)
puts response.read_body
```
```java
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, '{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}');
Request request = new Request.Builder()
.url("https://api.netbird.io/api/policies/{policyId}")
.method("PUT", body)
.addHeader("Content-Type", "application/json")
.addHeader("Accept", "application/json")
.addHeader("Authorization: Token <TOKEN>")
.build();
Response response = client.newCall(request).execute();
```
```php
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.netbird.io/api/policies/{policyId}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'PUT',
CURLOPT_POSTFIELDS => '{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
"ch8i4ug6lnn4g9hqv797"
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
"ch8i4ug6lnn4g9h7v7m0"
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}',
CURLOPT_HTTPHEADER => array(
'Content-Type: application/json',
'Accept: application/json',
'Authorization: Token <TOKEN>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
```
</CodeGroup>
<CodeGroup title="Response">
```json {{ title: 'Example' }}
{
"name": "ch8i4ug6lnn4g9hqv7mg",
"description": "This is a default policy that allows connections between all the resources",
"enabled": true,
"id": "ch8i4ug6lnn4g9hqv7mg",
"source_posture_checks": [
"chacdk86lnnboviihd70"
],
"rules": [
{
"name": "Default",
"description": "This is a default rule that allows connections between all the resources",
"enabled": true,
"action": "accept",
"bidirectional": true,
"protocol": "tcp",
"ports": [
"80"
],
"port_ranges": [
{
"start": 80,
"end": 320
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"group1"
]
},
"id": "ch8i4ug6lnn4g9hqv7mg",
"sources": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"sourceResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
},
"destinations": [
{
"id": "ch8i4ug6lnn4g9hqv7m0",
"name": "devs",
"peers_count": 2,
"resources_count": 5,
"issued": "api"
}
],
"destinationResource": {
"id": "chacdk86lnnboviihd7g",
"type": "host"
}
}
]
}
```
```json {{ title: 'Schema' }}
{
"name": "string",
"description": "string",
"enabled": "boolean",
"id": "string",
"source_posture_checks": [
"string"
],
"rules": [
{
"name": "string",
"description": "string",
"enabled": "boolean",
"action": "string",
"bidirectional": "boolean",
"protocol": "string",
"ports": [
"string"
],
"port_ranges": [
{
"start": "integer",
"end": "integer"
}
],
"authorized_groups": {
"description": "Map of user group ids to a list of local users",
"type": "object",
"additionalProperties": [
"string"
]
},
"id": "string",
"sources": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"sourceResource": {
"id": "string",
"type": "string"
},
"destinations": [
{
"id": "string",
"name": "string",
"peers_count": "integer",
"resources_count": "integer",
"issued": "string"
}
],
"destinationResource": {
"id": "string",
"type": "string"
}
}
]
}
```
</CodeGroup>
</Col>
</Row>
---
## Delete a Policy {{ tag: 'DELETE' , label: '/api/policies/{policyId}' }}
<Row>
<Col>
Delete a policy
### Path Parameters
<Properties>
<Property name="policyId" type="string" required={true}>
The unique identifier of a policy
</Property>
</Properties>
</Col>
<Col sticky>
<CodeGroup title="Request" tag="DELETE" label="/api/policies/{policyId}">
```bash {{ title: 'cURL' }}
curl -X DELETE https://api.netbird.io/api/policies/{policyId} \
-H 'Authorization: Token <TOKEN>'
```
```js
const axios = require('axios');
let config = {
method: 'delete',
maxBodyLength: Infinity,
url: '/api/policies/{policyId}',
headers: {
'Authorization': 'Token <TOKEN>'
}
};
axios(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
```
```python
import requests
import json
url = "https://api.netbird.io/api/policies/{policyId}"
headers = {
'Authorization': 'Token <TOKEN>'
}
response = requests.request("DELETE", url, headers=headers)
print(response.text)
```
```go
package main
import (
"fmt"
"strings"
"net/http"
"io/ioutil"
)
func main() {
url := "https://api.netbird.io/api/policies/{policyId}"
method := "DELETE"
client := &http.Client {
}
req, err := http.NewRequest(method, url, nil)
if err != nil {
fmt.Println(err)
return
{
req.Header.Add("Authorization", "Token <TOKEN>")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := ioutil.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}
```
```ruby
require "uri"
require "json"
require "net/http"
url = URI("https://api.netbird.io/api/policies/{policyId}")
https = Net::HTTP.new(url.host, url.port)
https.use_ssl = true
request = Net::HTTP::Delete.new(url)
request["Authorization"] = "Token <TOKEN>"
response = https.request(request)
puts response.read_body
```
```java
OkHttpClient client = new OkHttpClient().newBuilder()
.build();
Request request = new Request.Builder()
.url("https://api.netbird.io/api/policies/{policyId}")
.method("DELETE")
.addHeader("Authorization: Token <TOKEN>")
.build();
Response response = client.newCall(request).execute();
```
```php
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'https://api.netbird.io/api/policies/{policyId}',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: Token <TOKEN>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
```
</CodeGroup>
</Col>
</Row>
---
Reference in New Issue View Git Blame Copy Permalink