Imperva

the imperva connector allows for automated policy management and enhanced security operations by integrating imperva's cybersecurity solutions with the swimlane platform imperva, a leading provider of cybersecurity solutions, offers an api for managing security policies and configurations the imperva connector for swimlane turbine allows users to seamlessly retrieve, modify, and update security policies, enhancing their security posture without the need for complex coding by integrating with imperva, swimlane turbine users can leverage advanced security settings, manage policy exceptions, and ensure consistent protection across their digital assets this connector empowers security teams to automate their policy management tasks, ensuring swift and accurate security responses the imperva connector integrates with imperva cloud services to manage and retrieve policies this integration allows users to automate policy management tasks, enhancing security and compliance workflows limitations none to date supported versions this connector supports the latest version of the imperva policies api additional docs links to third party vendor’s api documentation imperva policies api documentation https //docs imperva com/bundle/cloud application security/page/policies api definition htmauthentication link https //docs imperva com/bundle/api docs/page/api/authentication htm configuration prerequisites to effectively utilize the imperva connector with swimlane turbine, ensure you have the following prerequisites api key authentication url the endpoint url for the imperva api api key your unique identifier to authenticate with the imperva api api id the api id associated with your imperva account for identification authentication methods the following authentication methods are supported for this connector api key authentication setup instructions log in to your imperva cloud services account navigate to the api section and generate a new api key copy the api id and api key and use it in the connector configuration the url will be https //www api imperva com https //www api imperva com link for creating api keys https //docs imperva com/bundle/cloud application security/page/settings/api keys htm troubleshooting tips ensure the api key has the necessary permissions verify that the api key is not expired or revoked capabilities this connector provides the following capabilities get policy modify policy update policy get policy retrieve policy details modify policy modify an existing policy (partial update) when sending the content in the "data" attribute, it will be appended and not overwritten when updating an existing policy settings or exceptions, the relevant id (policy settings or exception id) must be provided update policy overwrite an existing policy(full update) configurations imperva api authentication authenticates using api key and api id configuration parameters parameter description type required url a url to the target host string required x api key api key string required x api id api id string required actions get policy retrieves the details of a specified policy in imperva using the policyid as a required path parameter endpoint url /policies/v2/policies/{{policyid}} method get input argument name type required description caid number optional by default, the policy is retrieved for the account (a) associated with the api credentials used for authentication to retrieve the policy for a different account (an account under the account (a)), specify the account id extended boolean optional optional to get full policy data default is false when set to false, the response returns basic policy details such as name, id, and policy type, according to getleanpoliciesresponse this is the default value if set to true, the response returns full policy details, including current configuration and settings, according to getpoliciesresponse policyid string required the policy id output parameter type description status code number http status code of the response reason string response reason phrase value object value for the parameter id number unique identifier policytype string type of the resource name string name of the resource description string output field description lastmodified string output field lastmodified lastmodifiedby number output field lastmodifiedby lastusermodified string output field lastusermodified numberofassets number output field numberofassets ismarkedasdefault boolean output field ismarkedasdefault iserror boolean error message if any example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "value" {}, "iserror" false } } ] modify policy appends content to an existing imperva policy without overwriting, using the 'data' attribute and requires a policyid endpoint url /policies/v2/policies/{{policyid}} method post input argument name type required description caid number optional by default, the policy is retrieved for the account (a) associated with the api credentials used for authentication to retrieve the policy for a different account (an account under the account (a)), specify the account id policyid string required the policy id name string optional the policy name description string optional the policy description enabled boolean optional enable or disable the policy a waf rules policy is always created in the enabled state, and cannot be disabled accountid number optional the account id of the policy policytype string optional the policy type defaultpolicyconfig array optional sets the specified policy as default for the account, or indicates that the policy is set as default a default policy is used by any new website added to the account id number optional the id of this default policy configuration accountid number optional the account id assettype string optional the type of asset on which the policy is applied policyid number optional the id of this policy policysettings array optional parameter for modify policy id number optional the policy settings id policyid number optional the policy id of this setting settingsaction string optional the action taken by imperva when a policy rule is triggered policysettingtype string optional the policysettings type data object optional response data geo object optional parameter for modify policy countries array optional country codes array continents array optional continent codes array ips array optional parameter for modify policy urls array optional url endpoint for the request pattern string optional url pattern for rule url string optional url value output parameter type description status code number http status code of the response reason string response reason phrase value object value for the parameter name string name of the resource description string output field description enabled boolean output field enabled accountid number unique identifier policytype string type of the resource defaultpolicyconfig array output field defaultpolicyconfig id number unique identifier accountid number unique identifier assettype string type of the resource policyid number unique identifier policysettings array output field policysettings id number unique identifier policyid number unique identifier settingsaction string output field settingsaction policysettingtype string type of the resource data object response data geo object output field geo countries array output field countries continents array output field continents ips array output field ips urls array url endpoint for the request pattern string output field pattern example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "value" {}, "iserror" false } } ] update policy overwrite an existing policy on imperva by providing the policy id and updated settings including name, status, type, and configuration endpoint url /policies/v2/policies/{{policyid}} method put input argument name type required description caid number optional by default, the policy is retrieved for the account (a) associated with the api credentials used for authentication to retrieve the policy for a different account (an account under the account (a)), specify the account id policyid string required the policy id name string required the policy name description string optional the policy description enabled boolean required enable or disable the policy a waf rules policy is always created in the enabled state, and cannot be disabled accountid number optional the account id of the policy policytype string required the policy type defaultpolicyconfig array optional sets the specified policy as default for the account, or indicates that the policy is set as default a default policy is used by any new website added to the account id number optional the id of this default policy configuration accountid number optional the account id assettype string optional the type of asset on which the policy is applied policyid number optional the id of this policy policysettings array required parameter for update policy id number optional the policy settings id policyid number optional the policy id of this setting settingsaction string optional the action taken by imperva when a policy rule is triggered policysettingtype string optional the policysettings type data object optional response data geo object optional parameter for update policy countries array optional country codes array continents array optional continent codes array ips array optional parameter for update policy urls array optional url endpoint for the request pattern string optional url pattern for rule url string optional url value output parameter type description status code number http status code of the response reason string response reason phrase name string name of the resource description string output field description enabled boolean output field enabled accountid number unique identifier policytype string type of the resource defaultpolicyconfig array output field defaultpolicyconfig id number the id of this default policy configuration accountid number unique identifier assettype string type of the resource policyid number unique identifier policysettings array output field policysettings id number unique identifier policyid number unique identifier settingsaction string output field settingsaction policysettingtype string type of the resource data object response data geo object output field geo countries array output field countries continents array output field continents ips array output field ips urls array url endpoint for the request pattern string output field pattern url string url endpoint for the request example \[ { "status code" 200, "response headers" {}, "reason" "ok", "json body" { "name" "block ip policy", "description" "this is policy blocks all requests from europe", "enabled" true, "accountid" 10, "policytype" "acl", "defaultpolicyconfig" \[], "policysettings" \[] } } ]