Modifying Ransomware Protection Policies

Function

This API is used to modify ransomware protection policies.

URI

PUT /v5/{project_id}/ransomware/protection/policy

Table 1 Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID

Table 2 Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Enterprise project ID. To query all enterprise projects, set this parameter to all_granted_eps.

Request Parameters

Table 3 Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token.
region	Yes	String	Region ID

Table 4 Request body parameters
Parameter	Mandatory	Type	Description
policy_id	Yes	String	Policy ID
policy_name	Yes	String	Policy name
protection_mode	Yes	String	Action. Its value can be: alarm_and_isolation: Report an alarm and isolate. alarm_only: Only report alarms.
bait_protection_status	No	String	Whether to enable honeypot protection. By default, the protection is enabled. Its value can be: opened closed
protection_directory	Yes	String	Protected directory. Separate multiple directories with semicolons (;). You can configure up to 20 directories.
protection_type	Yes	String	Protected file type, for example, .docx, .txt, and .avi.
exclude_directory	No	String	(Optional) Excluded directory. Separate multiple directories with semicolons (;). You can configure up to 20 directories.
agent_id_list	No	Array of strings	Specifies the IDs of agents for which the ransomware protection policy is enabled.
operating_system	Yes	String	OSs supported by the policy. The options are as follows: Windows Linux
runtime_detection_status	No	String	Whether to perform runtime checks. The options are as follows. Currently, it can only be disabled. This field is reserved. opened closed
process_whitelist	No	Array of TrustProcessInfo objects	Process whitelist

Table 5 TrustProcessInfo
Parameter	Mandatory	Type	Description
path	No	String	Indicates the process path.
hash	No	String	Process hash

Response Parameters

None

Example Requests

Modify the ransomware protection policy. Set the OS type to Linux, protection policy ID to 0253edfd-30e7-439d-8f3f-17c54c997064, and protection action to alert only.

PUT https://{endpoint}/v5/{project_id}/ransomware/protection/policy

{
  "bait_protection_status" : "opened",
  "protection_type" : "docx",
  "exclude_directory" : "",
  "operating_system" : "Linux",
  "policy_id" : "0253edfd-30e7-439d-8f3f-17c54c997064",
  "policy_name" : "aaa",
  "protection_mode" : "alarm_only",
  "protection_directory" : "/root",
  "runtime_detection_status" : "closed",
  "agent_id_list" : [ "" ]
}

Example Responses

None

Status Codes

Status Code	Description
200	Request succeeded.

Error Codes

See Error Codes.

Parent topic: Ransomware Prevention

Предыдущая статья

Querying the Protection Policy List of Ransomware

Следующая статья

Enabling Ransomware Prevention

Была ли эта статья полезна?

Поддержка Юридические документы