Import and Export CSA Custom Rules

Use this endpoint to manage the custom rules for CSA. Custom rules are the rules defined by domain specific language (DSL) specifications. This endpoint enables you to import and export your custom rules to and from the Netskope UI for use in profiles and policies. Whenever you change a rule, be sure to click Apply Changes in the Netskope UI. You can import or export up to 500 custom rules in one API call.

Request Endpoint

https://<tenant-name>.goskope.com/api/v1/public_cloud/rules?token=<token>&<parameters>

Import Custom Rules

Valid parameters include:

Key	Type	Value	Description
`op`	string	`import`	Operation performed.
`rules`	JSON array of object	{ "rule_name": "<rule_name>", "description": "<description_optional>", "remediation_steps": "<remediation_optional>", "severity": "<Critical\|High\|Medium\|Low>", "code": "<code>", "cloud_provider": "<aws\|googlecloud\|azure>" }	List of rules to import.
`cloud_provider`	string	`azure \| aws \| googlecloud`	The IaaS platform provider.
`rule_name`	string	Required	Name of the custom rule.
`description`	string	Optional	Description of the custom rule.
`remediation_steps`	string	Optional	Remediation text for the rule.
`severity`	string	`Critical \| High \| Low \| Medium`	Severity of the custom rule.
`code`	string	Ex: `RedShiftCluster should have LoggingEnabled eq true`	DSL specification code.
`modify_by`	string	Ex: `admin@netskope.com`	Email address

Example Import Request

POST 'https://<tenant-name>.goskope.com/api/v1/public_cloud/rules?token=f39866cb86ab84a0208e9e1ee&op=import' --header 'Content-Type: application/json' --data-raw '{
    "rules": [
        {
            "rule_name": "AWS_C3",
            "description": "",
            "remediation_steps": "",
            "severity": "High",
            "code": "RedShiftCluster should have LoggingEnabled eq true",
            "cloud_provider": "aws"
        },
        {
            "rule_name": "AWS_C4",
            "description": "",
            "remediation_steps": "",
            "severity": "High",
            "code": "RedShiftCluster should have LoggingEnabled eq true",
            "cloud_provider": "aws"
        }
    ],
    "modify_by": "admin@netskope.com"
}'

Export Custom Rules

Valid parameters include:

Key	Type	Value	Description
`op`	string	`export`	Operation performed.
`cloud_provider`	string	`azure \| aws \| googlecloud`	The IaaS platform provider.
`severity`	string	`Critical \| High \| Low \| Medium`	Severity of the custom rule.
`state`	string	Ex: `deployed`	Filter with deployed rules.

Example Export Request

GET 'https://<tenant-name>.goskope.com/api/v1/public_cloud/rules?token=f39866cb86ab84a0208e9e1ee&op=export&severity=Critical|High&cloud_provider=aws'

In this section:

Netskope Help