Search
K
Cipherscale API

CreatePolicy

object

Data required to create a new access policy

groupsarray[string]

Array of group IDs to apply this policy to

Example:550e8400-e29b-41d4-a716-446655440000

usersarray[string]

Array of user IDs to apply this policy to

Example:550e8400-e29b-41d4-a716-446655440001

devicesarray[string]

Array of device IDs to apply this policy to

Example:550e8400-e29b-41d4-a716-446655440002

resourcesarray[string]

Array of resource IDs to apply this policy to

Example:550e8400-e29b-41d4-a716-446655440003

gatewaysarray[string]

Array of gateway IDs to apply this policy to

Example:550e8400-e29b-41d4-a716-446655440004

rulestring

Admission rule ID for this policy

Example:550e8400-e29b-41d4-a716-446655440005

namestringrequired

Human-readable name for the policy

Example:Engineering Team Access

descriptionstring

Detailed description of the policy’s purpose and scope

Example:Allows engineering team to access development resources

allGroupsbooleanrequired

Whether this policy applies to all groups

Default:false

allUsersbooleanrequired

Whether this policy applies to all users

Default:false

allDevicesbooleanrequired

Whether this policy applies to all devices

Default:false

allResourcesbooleanrequired

Whether this policy applies to all resources

Default:false

sourceIpsarray[string]

Array of source IP addresses or ranges

Example:192.168.1.0/24, 10.0.0.0/8

typestringrequired

Type of resources this policy applies to

Allowed values:PRIVATESAASINTERNETSITETOSITE

Example:PRIVATE

modestring

Access mode for this policy

Allowed values:LOCALRESTRICTEDREMOTE

Example:LOCAL

actionbooleanrequired

Whether this policy allows (true) or denies (false) access

Example:true

Example

PolicyGroup

object

Group information within a policy context

idstring(uuid)required

Unique identifier for the group

Example:550e8400-e29b-41d4-a716-446655440000

createdAtstring(date-time)required

Timestamp when the group was created

Example:2023-01-15T14:30:00Z

updatedAtstring(date-time)required

Timestamp when the group was last updated

Example:2023-01-15T14:30:00Z

namestringrequired

Human-readable name for the group

Example:Engineering Team

descriptionstring

Detailed description of the group’s purpose

Example:Team responsible for software development and engineering

maxDevicesnumberrequired

Maximum number of devices allowed for this group

Example:10

isSamlDefaultGroupboolean

Whether this is the default group for SAML users

idpMappingarray[string]

Array of identity provider mapping identifiers

Example:engineering-team, dev-team

Example

PolicyUser

object

User information within a policy context

idstring(uuid)required

Unique identifier for the user

Example:550e8400-e29b-41d4-a716-446655440000

createdAtstring(date-time)required

Timestamp when the user was created

Example:2023-01-15T14:30:00Z

updatedAtstring(date-time)required

Timestamp when the user was last updated

Example:2023-01-15T14:30:00Z

lastConnectionstring(date-time)

Timestamp of the user’s last network connection

Example:2023-01-15T14:30:00Z

emailstring

User’s email address

Example:jane.smith@company.com

statusstringrequired

Current status of the user account

Example:ACTIVE

firstNamestring

User’s first name

Example:Jane

lastNamestring

User’s last name

Example:Smith

isOwnerbooleanrequired

Whether this user is the owner of the account

maxDevicesnumberrequired

Maximum number of devices allowed for this user

Example:5

imagestring

URL or path to the user’s profile image

Example:https://example.com/avatars/jane-smith.jpg

Example

PolicyDevice

object

Device information within a policy context

idstring(uuid)required

Unique identifier for the device

Example:550e8400-e29b-41d4-a716-446655440000

createdAtstring(date-time)required

Timestamp when the device was created

Example:2023-01-15T14:30:00Z

updatedAtstring(date-time)required

Timestamp when the device was last updated

Example:2023-01-15T14:30:00Z

namestringrequired

Human-readable name for the device

Example:John's MacBook Pro

activebooleanrequired

Whether the device is currently active

Example:true

lastConnectionstring(date-time)

Timestamp of the device’s last network connection

Example:2023-01-15T14:30:00Z

statusstringrequired

Current operational status of the device

Allowed values:OnlineOfflineDeactivated

Example:Online

hardwareIdstringrequired

Unique hardware identifier for the device

Example:MAC-001122334455

postureobject

Device posture information and compliance status

Example:{"compliant":true,"lastCheck":"2023-01-15T14:30:00Z"}

appVersionstring

Version of the client application running on the device

Example:1.2.3

Example

PolicyResource

object

Resource information within a policy context

idstring(uuid)required

Unique identifier for the resource

Example:550e8400-e29b-41d4-a716-446655440000

createdAtstring(date-time)required

Timestamp when the resource was created

Example:2023-01-15T14:30:00Z

updatedAtstring(date-time)required

Timestamp when the resource was last updated

Example:2023-01-15T14:30:00Z

namestringrequired

Human-readable name for the resource

Example:Internal Web Server

typestringrequired

Type of the network resource

Allowed values:PRIVATESAASINTERNET

Example:PRIVATE

loadBalancingModestringrequired

Load balancing configuration for this resource

Allowed values:MANUALAUTOMATIC

Default:MANUAL

Example:MANUAL

descriptionstring

Detailed description of the resource’s purpose

Example:Internal web server for company applications

Example