Import and Export CSA Custom Rules

Import and Export CSA Custom Rules

Use this endpoint to manage the custom rules for CSA. Custom rules are the rules defined by domain specific language (DSL) specifications. This endpoint enables you to import and export your custom rules to and from the Netskope UI for use in profiles and policies. Whenever you change a rule, be sure to click Apply Changes in the Netskope UI. You can import or export up to 500 custom rules in one API call.

Request Endpoint

https://<tenant-URL>/api/v1/public_cloud/rules?token=<token>&<parameters>

Import Custom Rules

Valid parameters include:

KeyTypeValueDescription
opstringimportOperation performed.
rulesJSON array of object
{
"rule_name": "<rule_name>",
"description": "<description_optional>",
"remediation_steps": "<remediation_optional>",
"severity": "<Critical|High|Medium|Low>",
"code": "<code>",
"cloud_provider": "<aws|googlecloud|azure>"
}
List of rules to import.
cloud_providerstringazure | aws | googlecloudThe IaaS platform provider.
rule_namestringRequiredName of the custom rule.
descriptionstringOptionalDescription of the custom rule.
remediation_stepsstringOptionalRemediation text for the rule.
severitystringCritical | High | Low | MediumSeverity of the custom rule.
codestringEx: RedShiftCluster should have LoggingEnabled eq trueDSL specification code.
modify_bystringEx: admin@netskope.comEmail address

Example Import Request

POST 'https://<tenant-URL>/api/v1/public_cloud/rules?token=f39866cb86ab84a0208e9e1ee&op=import' --header 'Content-Type: application/json' --data-raw '{
    "rules": [
        {
            "rule_name": "AWS_C3",
            "description": "",
            "remediation_steps": "",
            "severity": "High",
            "code": "RedShiftCluster should have LoggingEnabled eq true",
            "cloud_provider": "aws"
        },
        {
            "rule_name": "AWS_C4",
            "description": "",
            "remediation_steps": "",
            "severity": "High",
            "code": "RedShiftCluster should have LoggingEnabled eq true",
            "cloud_provider": "aws"
        }
    ],
    "modify_by": "admin@netskope.com"
}'

Export Custom Rules

Valid parameters include:

KeyTypeValueDescription
opstringexportOperation performed.
cloud_providerstringazure | aws | googlecloudThe IaaS platform provider.
severitystringCritical | High | Low | MediumSeverity of the custom rule.
statestringEx: deployedFilter with deployed rules.

Example Export Request

GET 'https://<tenant-URL>/api/v1/public_cloud/rules?token=f39866cb86ab84a0208e9e1ee&op=export&severity=Critical|High&cloud_provider=aws'
Share this Doc

Import and Export CSA Custom Rules

Or copy link

In this topic ...