Create or update a configuration policy

Purpose

Creates or updates a configuration policy. Configuration policies define which users can perform which administrative and monitoring operations.

URI

Use the Eclipse Amlen REST API POST method with the following Eclipse Amlen configuration URI:

http://<admin-endpoint-IP:Port>/ima/v1/configuration/

Object configuration data

Provide ConfigurationPolicy object configuration data in the payload of the POST method by using the following schema. Content-type is set to application/json.


{    
  "ConfigurationPolicy": {
    "<NameOfConfigurationPolicy>": {
       "Description": "string",
       "ActionList": "string",
       "GroupID": "string",
       "ClientAddress": "string",
       "UserID": "string",
       "CommonNames": "string"
     }
   }
}

Where:

NameOfConfigurationPolicy

Required.

Specifies the name of the configuration policy.

The name must not have leading or trailing spaces and cannot contain control characters, commas, double quotation marks, backslashes, or equal signs. The first character must not be a number or any of the following special characters:

! # $ % & ' ( ) * + - . / : ; < > ? @

After the configuration policy is created, you cannot change this name.

Description

Optional.

Specifies a description for the configuration policy.

If you do not want a description, omit "Description":"description".

ActionList

Required if you are creating a configuration policy.

Specifies the level of authority that is granted to the user, or users, authorized by the configuration policy to perform administrative or monitoring tasks. You must specify at least one of the following levels of authority:

Configure
Grants authority to modify the server configuration.
View
Grants authority to view the server configuration.
Monitor
Grants authority to view monitoring data.
Manage
Grants authority to issue service requests, such as restarting the server

You must specify at least one of the following filters:

ClientAddress: Specifies the client IP addresses that are allowed to connect to Eclipse Amlen.; The IP address can contain an asterisk (*), or a comma-separated list of IPv4 or IPv6 addresses or ranges. For example, 192.0.2.32, 192.0.0.0, 192.0.2.0-192.0.2.100. The range must be specified from low to high.; However, each IPv6 address must be enclosed in brackets [ ] either when expressed singly or in a range of addresses. IPv6 addresses cannot contain asterisks.; The maximum number of client addresses that you can specify is 20.; To use the default value, where all client IP addresses are allowed to connect, omit "ClientAddress":"IP_Address" or specify "ClientAddress":"*".
UserID: Specifies the messaging user ID that is allowed to connect to Eclipse Amlen.; You can use an asterisk (*) at the end of the value to match 0 or more characters.; To use the default value, where all user ID values are allowed to connect, omit "UserID": "UserID".
GroupID: Specifies the messaging group that is allowed to connect to Eclipse Amlen.; You can use an asterisk (*) at the end of the value to match 0 or more characters.; To use the default value, where all user ID values are allowed to connect, omit "GroupID":"GroupID".
CommonNames: Specifies the client certificate common name that must be used to connect to Eclipse Amlen.; You can use an asterisk (*) at the end of the value to match 0 or more characters.; To use the default value, where all user ID values are allowed to connect, omit "CommonNames": "CommonNames".

Usage Notes®

Capitalization and double quotation marks must be used as shown.

Related REST Administration APIs

Update the admin endpoint

Example

Creates a configuration policy called "MyConfigurationPolicy" by using cURL:


curl -X POST  \
   -H 'Content-Type: application/json'  \
   -d  '{    
         "ConfigurationPolicy": {       
           "MyConfigurationPolicy": {
             "Description": "Demonstration configuration policy ",            
             "ActionList":  "Configure,View,Monitor,Manage",
             "GroupID": "Group1",
             "ClientAddress": "9.3.179.*",            
             "UserID": "IMAUser"
            }
          }
        }
      '  \
http://127.0.0.1:9089/ima/v1/configuration/

An example response to the POST method:


{        
  "Version": "v1",
  "Code": "CWLNA6011",
  "Message": "The requested configuration change has completed successfully."
}