Skip to main content
POST
/
organization
/
{organizationId}
/
policies
Create a new security policy
curl --request POST \
  --url https://api-eu.cybedefend.com/organization/{organizationId}/policies \
  --header 'Content-Type: application/json' \
  --data @- <<EOF
{
  "yamlContent": "version: '1.0'\nname: Production Security Policy\nscope: PROJECT\npriority: 10\nenabled: true\nprojectIds:\n  - 550e8400-e29b-41d4-a716-446655440000\nrules:\n  - name: Block Critical\n    type: severity\n    operator: eq\n    value: CRITICAL\n    action: block"
}
EOF
{
  "id": "550e8400-e29b-41d4-a716-446655440000",
  "scope": "PROJECT",
  "organizationId": "550e8400-e29b-41d4-a716-446655440001",
  "name": "Production Security Policy",
  "priority": 10,
  "config": {
    "rules": [],
    "exclusions": []
  },
  "isEnabled": true,
  "createdAt": "2024-01-15T10:30:00Z",
  "updatedAt": "2024-01-15T10:30:00Z",
  "projectIds": [
    "550e8400-e29b-41d4-a716-446655440002"
  ],
  "teamIds": [
    "550e8400-e29b-41d4-a716-446655440003"
  ],
  "description": "Security policy for production environment",
  "createdBy": "<string>",
  "updatedBy": "<string>"
}

Path Parameters

organizationId
string<uuid>
required

Body

application/json
yamlContent
string
required

Full YAML policy definition. Example:

version: '1.0'
name: Production Security Policy
description: Block critical vulnerabilities
scope: PROJECT
priority: 10
enabled: true
projectIds:
  - 550e8400-e29b-41d4-a716-446655440000
rules:
  - name: Block Critical
    type: severity
    operator: eq
    value: CRITICAL
    action: block
Example:

"version: '1.0'\nname: Production Security Policy\nscope: PROJECT\npriority: 10\nenabled: true\nprojectIds:\n - 550e8400-e29b-41d4-a716-446655440000\nrules:\n - name: Block Critical\n type: severity\n operator: eq\n value: CRITICAL\n action: block"

Response

Policy created

id
string
required

Policy ID

Example:

"550e8400-e29b-41d4-a716-446655440000"

scope
enum<string>
required

Policy scope

Available options:
ORGANIZATION,
TEAM,
PROJECT
Example:

"PROJECT"

organizationId
string
required

Organization ID the policy belongs to

Example:

"550e8400-e29b-41d4-a716-446655440001"

name
string
required

Policy name

Example:

"Production Security Policy"

priority
number
required

Priority (lower = higher priority)

Example:

10

config
object
required

Policy configuration

Example:
{ "rules": [], "exclusions": [] }
isEnabled
boolean
required

Whether the policy is enabled

Example:

true

createdAt
string
required

Creation timestamp

Example:

"2024-01-15T10:30:00Z"

updatedAt
string
required

Last update timestamp

Example:

"2024-01-15T10:30:00Z"

projectIds
string[]

Project IDs targeted by this policy (for PROJECT scope)

Example:
["550e8400-e29b-41d4-a716-446655440002"]
teamIds
string[]

Team IDs targeted by this policy (for TEAM scope)

Example:
["550e8400-e29b-41d4-a716-446655440003"]
description
string

Policy description

Example:

"Security policy for production environment"

createdBy
string

User ID who created the policy

updatedBy
string

User ID who last updated the policy