IBM Cloud API Docs

Introduction

With the IBM Cloud® Context-based restrictions Management API, you can create, update, view, and delete context-based restriction rules and contexts, and view account settings. You can define ingress rules for IBM Cloud® resources based on the context of access requests by using context-based restrictions.

Contexts and rules are the main components that make up context-based restrictions.

Rules are used in access decisions when you call service APIs. Contexts can be made up of one or more endpoint types, which are the connection over which an access request is received, and network zones, which are an allowlist of IP addresses and VPCs. For more information about how restrictions work, see What are context-based restrictions?.

The following shows an example of a context-based restrictions rule:

Resource Contexts
All COS buckets in instance XYZ
  1. Zone: A.

  2. Zone: B or C, Type: "private"

A context allows access only if all its conditions are satisfied. That is, the request must originate from at least one of the specified network zones if any, and be received over a connection that matches one of the specified endpoint types, if any.

If no rules are applicable to the request, access is not restricted based on context, and is determined exclusively by Identity and Access Management (IAM) access policies.

Installing the Java SDK

Maven

<dependency>
	<groupId>com.ibm.cloud</groupId>
	<artifactId>context-based-restrictions</artifactId>
	<version>{version}</version>
</dependency>

Gradle

compile 'com.ibm.cloud:context-based-restrictions:{version}'

Replace {version} in these examples with the release version.

View on GitHub

Installing the Node SDK

npm install @ibm-cloud/platform-services

View on GitHub

Installing the Python SDK

pip install --upgrade "ibm-platform-services"

View on GitHub

Installing the Go SDK

Go modules (recommended): Add the following import to your code and then run go build or go mod tidy

import (
	"github.com/IBM/platform-services-go-sdk/contextbasedrestrictionsv1"
)

Go get

go get -u github.com/IBM/platform-services-go-sdk/contextbasedrestrictionsv1

View on GitHub

Network Zones

A network zone is an allowlist of IP addresses, VPCs, and service references that represents the location from which an access request originates. Network zones can be shared among any number of context-based restrictions in the account. These zones contain a unique name, description, and an account ID.

A set of one or more network locations in a network zone can be specified by using the following constructs:

  • IP addresses, which include individual addresses, ranges, or subnets. IPv4 and IPv6 are supported.
  • VPCs (to allow access from the VPC over the private network)
  • Service references, which allow access from other IBM Cloud® services.

Rules

Rules apply access restrictions to resources based on the originating context of the access request. For example, a network zone and an endpoint type can make up a context.

If multiple rules are applicable to a particular request, access is allowed only if all applicable rules allow access. This might be the case if rules are defined at different granularities. For example, a rule applicable to the Users service that allows access only from a private endpoint, and another rule applicable to the Users service only from a specific set of IP addresses.

Endpoint URLs

The Context-based restrictions Management API uses the following public global endpoint URL. When you call the API, add the path for each method to form the complete API endpoint for your requests.

https://cbr.cloud.ibm.com

Virtual Private Cloud (VPC) based access requires a virtual private endpoint (VPE) gateway. For more information , see Creating an endpoint gateway.

  • Private endpoint URL for VPC infrastructure: https://private.cbr.cloud.ibm.com. VPE gateway creation is supported in following datacenters:
    • Dallas
    • Washington
    • Frankfurt

If you enabled service endpoints in your account, you can send API requests over the IBM Cloud private network at the following base endpoint URLs. For more information, see Enabling VRF and service endpoints.

  • Private endpoint URLs for classic infrastructure. Supported datacenters and urls:
    • Dallas: https://private.us-south.cbr.cloud.ibm.com
    • Washington DC: https://private.us-east.cbr.cloud.ibm.com
    • Frankfurt: https://private.eu-de.cbr.cloud.ibm.com

Authentication

Authorization to this API is enforced by using an IBM Cloud IAM access token. The token is used to determine the actions that a user or service ID has access to when they use the API.

Obtaining an IAM token for an authenticated user or service ID is described in the IAM Identity Services API documentation.

Auditing

You can monitor API activity within your account by using the IBM Cloud Activity Tracker service. When an API method is called, an event is generated that you can then track and audit from within Activity Tracker. Methods that generate events include administrator operations on Context-based restriction rules and network zones only, such as create, delete, and list. For methods that generate these events, the specific event type is listed with each individual method.

Error handling

This API uses standard HTTP response codes to indicate whether a method completed successfully. A 200 response indicates success. A 400 type response indicates a failure, and a 500 type response indicates an internal system error.

Table 1. Error handling table.
HTTP Error Code Description Recovery
200 Success The request was successful.
201 Created The resource was successfully created.
204 No Content The request was successful. No response body is provided.
400 Bad Request The input parameters in the request body are either incomplete or in the wrong format. Be sure to include all required parameters in your request.
401 Unauthorized You are not authorized to make this request.
403 Forbidden The supplied authentication is not authorized to access the endpoint.
404 Not Found The requested resource can't be found.
409 Conflict The entity is already in the requested state.
500 Service Unavailable Context-based restrictions are currently unavailable. Your request can't be processed. Wait a few minutes and try again.

Transaction-Id

An optional transaction ID can be passed to your request, which can be useful for tracking calls through multiple services by using one identifier. The header key must be set to Transaction-Id and the value is anything that you choose.

If no transaction ID is passed in, then a random ID is generated.

When you work with the context-based restrictions management API, you might need to work with other IAM services. For example, the following APIs:

Methods

Create a network zone

This operation creates a network zone for the specified account.

This operation creates a network zone for the specified account.

This operation creates a network zone for the specified account.

This operation creates a network zone for the specified account.

This operation creates a network zone for the specified account.

POST /v1/zones
(contextBasedRestrictions *ContextBasedRestrictionsV1) CreateZone(createZoneOptions *CreateZoneOptions) (result *Zone, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) CreateZoneWithContext(ctx context.Context, createZoneOptions *CreateZoneOptions) (result *Zone, response *core.DetailedResponse, err error)
ServiceCall<Zone> createZone(CreateZoneOptions createZoneOptions)
createZone(params)
create_zone(
        self,
        *,
        name: Optional[str] = None,
        account_id: Optional[str] = None,
        addresses: Optional[List['Address']] = None,
        description: Optional[str] = None,
        excluded: Optional[List['Address']] = None,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • context-based-restrictions.zone.create

Request

Instantiate the CreateZoneOptions struct and set the fields to provide parameter values for the CreateZone method.

Use the CreateZoneOptions.Builder to create a CreateZoneOptions object that contains the parameter values for the createZone method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

The network zone to create.

Examples:
{
  "name": "an example of zone",
  "description": "this is an example of zone",
  "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
  "addresses": [
    {
      "type": "ipAddress",
      "value": "169.23.56.234"
    },
    {
      "type": "ipAddress",
      "value": "3ffe:1900:fe21:4545::"
    },
    {
      "type": "ipRange",
      "value": "169.23.22.0-169.23.22.255"
    },
    {
      "type": "ipRange",
      "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
    },
    {
      "type": "subnet",
      "value": "192.0.2.0/24"
    },
    {
      "type": "vpc",
      "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
    },
    {
      "type": "serviceRef",
      "ref": {
        "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
        "service_name": "cloud-object-storage"
      }
    }
  ],
  "excluded": [
    {
      "type": "ipAddress",
      "value": "169.23.22.127"
    }
  ]
}

WithContext method only

The CreateZone options.

The createZone options.

parameters

  • The name of the zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[^-!-,.-\/:-@[-^`{-€-Ÿ]+$/

    Examples:
  • The id of the account owning this zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

    Examples:
  • The list of addresses in the zone.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The description of the zone.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The list of excluded addresses in the zone. Only addresses of type ipAddress, ipRange, and subnet can be excluded.

    Possible values: number of items ≤ 1000

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The name of the zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[^-!-,.-\/:-@[-^`{-€-Ÿ]+$/

    Examples:
  • The id of the account owning this zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

    Examples:
  • The list of addresses in the zone.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The description of the zone.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The list of excluded addresses in the zone. Only addresses of type ipAddress, ipRange, and subnet can be excluded.

    Possible values: number of items ≤ 1000

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X POST --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   --header "Content-Type: application/json"   --data '{ "name": "an example of zone", "description": "this is an example of zone", "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd", "addresses": [ { "type": "ipAddress", "value": "169.23.56.234" }, { "type": "ipAddress", "value": "3ffe:1900:fe21:4545::" }, { "type": "ipRange", "value": "169.23.22.0-169.23.22.255" }, { "type": "ipRange", "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::" }, { "type": "subnet", "value": "192.0.2.0/24" }, { "type": "vpc", "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e" }, { "type": "serviceRef", "ref": { "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd", "service_name": "cloud-object-storage" } } ], "excluded": [ { "type": "ipAddress", "value": "169.23.22.127" } ] }'   "https://cbr.cloud.ibm.com/v1/zones"
  • ipAddressModel := &contextbasedrestrictionsv1.AddressIPAddress{
      Type:  core.StringPtr("ipAddress"),
      Value: core.StringPtr("169.23.56.234"),
    }
    ipAddressV6Model := &contextbasedrestrictionsv1.AddressIPAddress{
      Type:  core.StringPtr("ipAddress"),
      Value: core.StringPtr("3ffe:1900:fe21:4545::"),
    }
    ipRangeAddressModel := &contextbasedrestrictionsv1.AddressIPAddressRange{
      Type:  core.StringPtr("ipRange"),
      Value: core.StringPtr("169.23.22.0-169.23.22.255"),
    }
    ipRangeAddressV6Model := &contextbasedrestrictionsv1.AddressIPAddressRange{
      Type:  core.StringPtr("ipRange"),
      Value: core.StringPtr("3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"),
    }
    subnetAddressModel := &contextbasedrestrictionsv1.AddressSubnet{
      Type:  core.StringPtr("subnet"),
      Value: core.StringPtr("192.0.2.0/24"),
    }
    vpcAddressModel := &contextbasedrestrictionsv1.AddressVPC{
      Type:  core.StringPtr("vpc"),
      Value: core.StringPtr(vpcCRN),
    }
    serviceRefAddressModel := &contextbasedrestrictionsv1.AddressServiceRef{
      Type: core.StringPtr("serviceRef"),
      Ref: &contextbasedrestrictionsv1.ServiceRefValue{
        AccountID:   core.StringPtr(accountID),
        ServiceName: core.StringPtr("cloud-object-storage"),
      },
    }
    excludedIPAddressModel := &contextbasedrestrictionsv1.AddressIPAddress{
      Type:  core.StringPtr("ipAddress"),
      Value: core.StringPtr("169.23.22.127"),
    }
    
    createZoneOptions := contextBasedRestrictionsService.NewCreateZoneOptions()
    createZoneOptions.SetName("an example of zone")
    createZoneOptions.SetAccountID(accountID)
    createZoneOptions.SetDescription("this is an example of zone")
    createZoneOptions.SetAddresses([]contextbasedrestrictionsv1.AddressIntf{ipAddressModel, ipAddressV6Model, ipRangeAddressModel, ipRangeAddressV6Model, subnetAddressModel, vpcAddressModel, serviceRefAddressModel})
    createZoneOptions.SetExcluded([]contextbasedrestrictionsv1.AddressIntf{excludedIPAddressModel})
    
    zone, response, err := contextBasedRestrictionsService.CreateZone(createZoneOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(zone, "", "  ")
    fmt.Println(string(b))
  • AddressIPAddress ipAddressModel = new AddressIPAddress.Builder()
      .type("ipAddress")
      .value("169.23.56.234")
      .build();
    AddressIPAddress ipAddressV6Model = new AddressIPAddress.Builder()
      .type("ipAddress")
      .value("3ffe:1900:fe21:4545::")
      .build();
    AddressIPAddressRange ipRangeAddressModel = new AddressIPAddressRange.Builder()
      .type("ipRange")
      .value("169.23.22.0-169.23.22.255")
      .build();
    AddressIPAddressRange ipRangeAddressV6Model = new AddressIPAddressRange.Builder()
      .type("ipRange")
      .value("3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::")
      .build();
    AddressSubnet subnetAddressModel = new AddressSubnet.Builder()
      .type("subnet")
      .value("192.0.2.0/24")
      .build();
    AddressVPC vpcAddressModel = new AddressVPC.Builder()
      .type("vpc")
      .value(vpcCRN)
      .build();
    ServiceRefValue serviceRefValueModel = new ServiceRefValue.Builder()
      .accountId(accountID)
      .serviceName("cloud-object-storage")
      .build();
    AddressServiceRef serviceRefAddressModel = new AddressServiceRef.Builder()
      .type("serviceRef")
      .ref(serviceRefValueModel)
      .build();
    AddressIPAddress excludedIPAddressModel = new AddressIPAddress.Builder()
      .type("ipAddress")
      .value("169.23.22.127")
      .build();
    CreateZoneOptions createZoneOptions = new CreateZoneOptions.Builder()
      .name("an example of zone")
      .accountId(accountID)
      .description("this is an example of zone")
      .addresses(java.util.Arrays.asList(ipAddressModel, ipAddressV6Model, ipRangeAddressModel, ipRangeAddressV6Model, subnetAddressModel, vpcAddressModel, serviceRefAddressModel))
      .excluded(java.util.Arrays.asList(excludedIPAddressModel))
      .build();
    
    Response<Zone> response = contextBasedRestrictionsService.createZone(createZoneOptions).execute();
    Zone zone = response.getResult();
    
    System.out.println(zone);
  • // Request models needed by this operation.
    
    // AddressIPAddress
    const ipAddressModel = {
      type: 'ipAddress',
      value: '169.23.56.234',
    };
    const ipAddressV6Model = {
      type: 'ipAddress',
      value: '3ffe:1900:fe21:4545::',
    };
    // AddressIPAddressRange
    const ipRangeAddressModel = {
      type: 'ipRange',
      value: '169.23.22.0-169.23.22.255',
    };
    const ipRangeAddressV6Model = {
      type: 'ipRange',
      value: '3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::',
    };
    // AddressSubnet
    const subnetAddressModel = {
      type: 'subnet',
      value: '192.0.2.0/24',
    };
    // AddressVPC
    const vpcAddressModel = {
      type: 'vpc',
      value: vpcCRN,
    };
    // AddressServiceRef
    const serviceRefAddressModel = {
      type: 'serviceRef',
      ref: {
        account_id: accountId,
        service_name: 'cloud-object-storage',
      },
    };
    // AddressIPAddress
    const excludedIPAddressModel = {
      type: 'ipAddress',
      value: '169.23.22.127',
    };
    
    const params = {
      name: 'an example of zone',
      accountId,
      addresses: [ipAddressModel, ipAddressV6Model, ipRangeAddressModel, ipRangeAddressV6Model, subnetAddressModel, vpcAddressModel, serviceRefAddressModel],
      excluded: [excludedIPAddressModel],
      description: 'this is an example of zone',
    };
    
    try {
      const res = await contextBasedRestrictionsService.createZone(params);
      zoneId = res.result.id;
      zoneRev = res.headers.etag;
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • ip_address_model = {
      'type': 'ipAddress',
      'value': '169.23.56.234',
    }
    ip_address_v6_model = {
      'type': 'ipAddress',
      'value': '3ffe:1900:fe21:4545::',
    }
    ip_range_address_model = {
      'type': 'ipRange',
      'value': '169.23.22.0-169.23.22.255',
    }
    ip_range_address_v6_model = {
      'type': 'ipRange',
      'value': '3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::',
    }
    subnet_address_model = {
      'type': 'subnet',
      'value': '192.0.2.0/24',
    }
    vpc_address_model = {
      'type': 'vpc',
      'value': vpc_crn,
    }
    service_ref_address_model = {
      'type': 'serviceRef',
      'ref': {
        'account_id': account_id,
        'service_name': 'cloud-object-storage',
      },
    }
    excluded_ip_address_model = {
      'type': 'ipAddress',
      'value': '169.23.22.127',
    }
    
    response = context_based_restrictions_service.create_zone(
      name='an example of zone',
      account_id=account_id,
      addresses=[
        ip_address_model,
        ip_address_v6_model,
        ip_range_address_model,
        ip_range_address_v6_model,
        subnet_address_model,
        vpc_address_model,
        service_ref_address_model,
      ],
      description='this is an example of zone',
      excluded=[excluded_ip_address_model],
    )
    zone = response.get_result()
    
    print(json.dumps(zone, indent=2))

Response

An output zone

An output zone.

An output zone.

An output zone.

An output zone.

Status Code

  • Network zone created.

  • The network zone could not be created due to an invalid or missing input parameter or request body.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • The network zone could not be created due to an already existing zone with the same name.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "id": "65810ac762004f22ac19f8f8edf70a34",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
      "name": "an example of zone",
      "description": "this is an example of zone",
      "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
      "addresses": [
        {
          "type": "ipAddress",
          "value": "169.23.56.234"
        },
        {
          "type": "ipAddress",
          "value": "3ffe:1900:fe21:4545::"
        },
        {
          "type": "ipRange",
          "value": "169.23.22.0-169.23.22.255"
        },
        {
          "type": "ipRange",
          "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
        },
        {
          "type": "subnet",
          "value": "192.0.2.0/24"
        },
        {
          "type": "vpc",
          "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
        }
      ],
      "excluded": [
        {
          "type": "ipAddress",
          "value": "169.23.22.127"
        }
      ],
      "address_count": 6,
      "excluded_count": 1,
      "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
      "created_at": "2020-11-23T02:01:59Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-23T02:01:59Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "id": "65810ac762004f22ac19f8f8edf70a34",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
      "name": "an example of zone",
      "description": "this is an example of zone",
      "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
      "addresses": [
        {
          "type": "ipAddress",
          "value": "169.23.56.234"
        },
        {
          "type": "ipAddress",
          "value": "3ffe:1900:fe21:4545::"
        },
        {
          "type": "ipRange",
          "value": "169.23.22.0-169.23.22.255"
        },
        {
          "type": "ipRange",
          "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
        },
        {
          "type": "subnet",
          "value": "192.0.2.0/24"
        },
        {
          "type": "vpc",
          "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
        }
      ],
      "excluded": [
        {
          "type": "ipAddress",
          "value": "169.23.22.127"
        }
      ],
      "address_count": 6,
      "excluded_count": 1,
      "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
      "created_at": "2020-11-23T02:01:59Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-23T02:01:59Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "request_body_error",
          "message": "The request body has an error.",
          "cause": "property `account_id` is missing"
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "request_body_error",
          "message": "The request body has an error.",
          "cause": "property `account_id` is missing"
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 409,
      "errors": [
        {
          "code": "zone_already_exists_in_store",
          "message": "A zone with the same name already exists. Assign each zone a unique name.",
          "target": {
            "name": "name",
            "type": "field",
            "value": "an-already-existing-zone-name"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 409,
      "errors": [
        {
          "code": "zone_already_exists_in_store",
          "message": "A zone with the same name already exists. Assign each zone a unique name.",
          "target": {
            "name": "name",
            "type": "field",
            "value": "an-already-existing-zone-name"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

List network zones

This operation lists network zones in the specified account.

This operation lists network zones in the specified account.

This operation lists network zones in the specified account.

This operation lists network zones in the specified account.

This operation lists network zones in the specified account.

GET /v1/zones
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListZones(listZonesOptions *ListZonesOptions) (result *ZoneList, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListZonesWithContext(ctx context.Context, listZonesOptions *ListZonesOptions) (result *ZoneList, response *core.DetailedResponse, err error)
ServiceCall<ZoneList> listZones(ListZonesOptions listZonesOptions)
listZones(params)
list_zones(
        self,
        account_id: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        name: Optional[str] = None,
        sort: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • context-based-restrictions.zone.read

Request

Instantiate the ListZonesOptions struct and set the fields to provide parameter values for the ListZones method.

Use the ListZonesOptions.Builder to create a ListZonesOptions object that contains the parameter values for the listZones method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Query Parameters

  • The ID of the managing account.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[a-zA-Z0-9\-]+$

  • The name of the zone.

    Possible values: 1 ≤ length ≤ 100, Value must match regular expression ^\*?[a-zA-Z0-9 \-_]+\*?$

  • Sorts results by using a valid sort field. To learn more, see Sorting.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression ^[\-]?[a-z0-9_]+$

WithContext method only

The ListZones options.

The listZones options.

parameters

  • The ID of the managing account.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The name of the zone.

    Possible values: 1 ≤ length ≤ 100, Value must match regular expression /^\\*?[a-zA-Z0-9 \\-_]+\\*?$/

  • Sorts results by using a valid sort field. To learn more, see Sorting.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression /^[\\-]?[a-z0-9_]+$/

parameters

  • The ID of the managing account.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The name of the zone.

    Possible values: 1 ≤ length ≤ 100, Value must match regular expression /^\\*?[a-zA-Z0-9 \\-_]+\\*?$/

  • Sorts results by using a valid sort field. To learn more, see Sorting.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression /^[\\-]?[a-z0-9_]+$/

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/zones?account_id={account_id}"
  • listZonesOptions := contextBasedRestrictionsService.NewListZonesOptions(
      accountID,
    )
    
    zoneList, response, err := contextBasedRestrictionsService.ListZones(listZonesOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(zoneList, "", "  ")
    fmt.Println(string(b))
  • ListZonesOptions listZonesOptions = new ListZonesOptions.Builder()
      .accountId(accountID)
      .build();
    
    Response<ZoneList> response = contextBasedRestrictionsService.listZones(listZonesOptions).execute();
    ZoneList zoneList = response.getResult();
    
    System.out.println(zoneList);
  • const params = {
      accountId,
    };
    
    try {
      const res = await contextBasedRestrictionsService.listZones(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.list_zones(
      account_id=account_id,
    )
    zone_list = response.get_result()
    
    print(json.dumps(zone_list, indent=2))

Response

The response object of the ListZones operation.

The response object of the ListZones operation.

The response object of the ListZones operation.

The response object of the ListZones operation.

The response object of the ListZones operation.

Status Code

  • The network zones were successfully retrieved.

  • The network zones could not be retrieved due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "count": 1,
      "zones": [
        {
          "id": "65810ac762004f22ac19f8f8edf70a34",
          "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
          "name": "an example of zone",
          "description": "this is an example of zone",
          "addresses_preview": [
            {
              "type": "ipAddress",
              "value": "169.23.56.234"
            },
            {
              "type": "ipAddress",
              "value": "3ffe:1900:fe21:4545::"
            },
            {
              "type": "ipRange",
              "value": "169.23.22.0-169.23.22.255"
            }
          ],
          "address_count": 6,
          "excluded_count": 1,
          "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
          "created_at": "2020-11-23T02:01:59Z",
          "created_by_id": "IBMid-120000P1JM",
          "last_modified_at": "2020-11-23T02:01:59Z",
          "last_modified_by_id": "IBMid-120000P1JM"
        }
      ]
    }
  • {
      "count": 1,
      "zones": [
        {
          "id": "65810ac762004f22ac19f8f8edf70a34",
          "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
          "name": "an example of zone",
          "description": "this is an example of zone",
          "addresses_preview": [
            {
              "type": "ipAddress",
              "value": "169.23.56.234"
            },
            {
              "type": "ipAddress",
              "value": "3ffe:1900:fe21:4545::"
            },
            {
              "type": "ipRange",
              "value": "169.23.22.0-169.23.22.255"
            }
          ],
          "address_count": 6,
          "excluded_count": 1,
          "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
          "created_at": "2020-11-23T02:01:59Z",
          "created_by_id": "IBMid-120000P1JM",
          "last_modified_at": "2020-11-23T02:01:59Z",
          "last_modified_by_id": "IBMid-120000P1JM"
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"account_id\" in query has an error.",
          "target": {
            "name": "account_id",
            "type": "parameter",
            "value": "an-invalid-account-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"account_id\" in query has an error.",
          "target": {
            "name": "account_id",
            "type": "parameter",
            "value": "an-invalid-account-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Get a network zone

This operation retrieves the network zone identified by the specified zone ID.

This operation retrieves the network zone identified by the specified zone ID.

This operation retrieves the network zone identified by the specified zone ID.

This operation retrieves the network zone identified by the specified zone ID.

This operation retrieves the network zone identified by the specified zone ID.

GET /v1/zones/{zone_id}
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetZone(getZoneOptions *GetZoneOptions) (result *Zone, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetZoneWithContext(ctx context.Context, getZoneOptions *GetZoneOptions) (result *Zone, response *core.DetailedResponse, err error)
ServiceCall<Zone> getZone(GetZoneOptions getZoneOptions)
getZone(params)
get_zone(
        self,
        zone_id: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • context-based-restrictions.zone.read

Request

Instantiate the GetZoneOptions struct and set the fields to provide parameter values for the GetZone method.

Use the GetZoneOptions.Builder to create a GetZoneOptions object that contains the parameter values for the getZone method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression ^[a-fA-F0-9]{32}$

WithContext method only

The GetZone options.

The getZone options.

parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/zones/{zone_id}"
  • getZoneOptions := contextBasedRestrictionsService.NewGetZoneOptions(
      zoneID,
    )
    
    zone, response, err := contextBasedRestrictionsService.GetZone(getZoneOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(zone, "", "  ")
    fmt.Println(string(b))
  • GetZoneOptions getZoneOptions = new GetZoneOptions.Builder()
      .zoneId(zoneID)
      .build();
    
    Response<Zone> response = contextBasedRestrictionsService.getZone(getZoneOptions).execute();
    Zone zone = response.getResult();
    
    System.out.println(zone);
  • const params = {
      zoneId,
    };
    
    try {
      const res = await contextBasedRestrictionsService.getZone(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.get_zone(
      zone_id=zone_id,
    )
    zone = response.get_result()
    
    print(json.dumps(zone, indent=2))

Response

An output zone

An output zone.

An output zone.

An output zone.

An output zone.

Status Code

  • The network zone was successfully retrieved.

  • The network zone could not be retrieved due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • The network zone could not be found. Verify that the specified zone ID is valid.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "id": "65810ac762004f22ac19f8f8edf70a34",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
      "name": "an example of zone",
      "description": "this is an example of zone",
      "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
      "addresses": [
        {
          "type": "ipAddress",
          "value": "169.23.56.234"
        },
        {
          "type": "ipAddress",
          "value": "3ffe:1900:fe21:4545::"
        },
        {
          "type": "ipRange",
          "value": "169.23.22.0-169.23.22.255"
        },
        {
          "type": "ipRange",
          "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
        },
        {
          "type": "vpc",
          "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
        }
      ],
      "excluded": [
        {
          "type": "ipAddress",
          "value": "169.23.22.127"
        }
      ],
      "address_count": 5,
      "excluded_count": 1,
      "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
      "created_at": "2020-11-23T02:01:59Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-23T02:01:59Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "id": "65810ac762004f22ac19f8f8edf70a34",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
      "name": "an example of zone",
      "description": "this is an example of zone",
      "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
      "addresses": [
        {
          "type": "ipAddress",
          "value": "169.23.56.234"
        },
        {
          "type": "ipAddress",
          "value": "3ffe:1900:fe21:4545::"
        },
        {
          "type": "ipRange",
          "value": "169.23.22.0-169.23.22.255"
        },
        {
          "type": "ipRange",
          "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
        },
        {
          "type": "vpc",
          "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
        }
      ],
      "excluded": [
        {
          "type": "ipAddress",
          "value": "169.23.22.127"
        }
      ],
      "address_count": 5,
      "excluded_count": 1,
      "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
      "created_at": "2020-11-23T02:01:59Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-23T02:01:59Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"zone_id\" in path has an error.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "an-invalid-zone-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"zone_id\" in path has an error.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "an-invalid-zone-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "zone_not_found_in_store",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "65810ac762004f22ac19f8f8edf70a34"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "zone_not_found_in_store",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "65810ac762004f22ac19f8f8edf70a34"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Replace a network zone

This operation replaces the network zone identified by the specified zone ID. Partial updates are not supported. The entire network zone object must be replaced.

This operation replaces the network zone identified by the specified zone ID. Partial updates are not supported. The entire network zone object must be replaced.

This operation replaces the network zone identified by the specified zone ID. Partial updates are not supported. The entire network zone object must be replaced.

This operation replaces the network zone identified by the specified zone ID. Partial updates are not supported. The entire network zone object must be replaced.

This operation replaces the network zone identified by the specified zone ID. Partial updates are not supported. The entire network zone object must be replaced.

PUT /v1/zones/{zone_id}
(contextBasedRestrictions *ContextBasedRestrictionsV1) ReplaceZone(replaceZoneOptions *ReplaceZoneOptions) (result *Zone, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) ReplaceZoneWithContext(ctx context.Context, replaceZoneOptions *ReplaceZoneOptions) (result *Zone, response *core.DetailedResponse, err error)
ServiceCall<Zone> replaceZone(ReplaceZoneOptions replaceZoneOptions)
replaceZone(params)
replace_zone(
        self,
        zone_id: str,
        if_match: str,
        *,
        name: Optional[str] = None,
        account_id: Optional[str] = None,
        addresses: Optional[List['Address']] = None,
        description: Optional[str] = None,
        excluded: Optional[List['Address']] = None,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • context-based-restrictions.zone.update

Request

Instantiate the ReplaceZoneOptions struct and set the fields to provide parameter values for the ReplaceZone method.

Use the ReplaceZoneOptions.Builder to create a ReplaceZoneOptions object that contains the parameter values for the replaceZone method.

Custom Headers

  • The current revision of the resource being updated. This can be found in the Create/Get/Update resource response ETag header.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[a-fA-F0-9\-]+$

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression ^[a-fA-F0-9]{32}$

The network zone to replace.

Examples:
{
  "name": "an example of zone",
  "description": "this is an example of zone",
  "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
  "addresses": [
    {
      "type": "ipAddress",
      "value": "169.23.56.234"
    },
    {
      "type": "ipAddress",
      "value": "3ffe:1900:fe21:4545::"
    },
    {
      "type": "ipRange",
      "value": "169.23.22.0-169.23.22.255"
    },
    {
      "type": "ipRange",
      "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
    },
    {
      "type": "vpc",
      "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
    }
  ],
  "excluded": [
    {
      "type": "ipAddress",
      "value": "169.23.22.128"
    }
  ]
}

WithContext method only

The ReplaceZone options.

The replaceZone options.

parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The current revision of the resource being updated. This can be found in the Create/Get/Update resource response ETag header.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-fA-F0-9\\-]+$/

  • The name of the zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[^-!-,.-\/:-@[-^`{-€-Ÿ]+$/

    Examples:
  • The id of the account owning this zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

    Examples:
  • The list of addresses in the zone.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The description of the zone.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The list of excluded addresses in the zone. Only addresses of type ipAddress, ipRange, and subnet can be excluded.

    Possible values: number of items ≤ 1000

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The current revision of the resource being updated. This can be found in the Create/Get/Update resource response ETag header.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-fA-F0-9\\-]+$/

  • The name of the zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[^-!-,.-\/:-@[-^`{-€-Ÿ]+$/

    Examples:
  • The id of the account owning this zone.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

    Examples:
  • The list of addresses in the zone.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The description of the zone.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The list of excluded addresses in the zone. Only addresses of type ipAddress, ipRange, and subnet can be excluded.

    Possible values: number of items ≤ 1000

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X PUT --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   --header "If-Match: {if_match}"   --header "Content-Type: application/json"   --data '{ "name": "an example of zone", "description": "this is an example of zone", "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd", "addresses": [ { "type": "ipAddress", "value": "169.23.56.234" }, { "type": "ipAddress", "value": "3ffe:1900:fe21:4545::" }, { "type": "ipRange", "value": "169.23.22.0-169.23.22.255" }, { "type": "ipRange", "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::" }, { "type": "vpc", "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e" } ], "excluded": [ { "type": "ipAddress", "value": "169.23.22.128" } ] }'   "https://cbr.cloud.ibm.com/v1/zones/{zone_id}"
  • addressModel := &contextbasedrestrictionsv1.AddressIPAddress{
      Type:  core.StringPtr("ipAddress"),
      Value: core.StringPtr("169.23.56.234"),
    }
    
    replaceZoneOptions := contextBasedRestrictionsService.NewReplaceZoneOptions(
      zoneID,
      zoneRev,
    )
    replaceZoneOptions.SetName("an example of updated zone")
    replaceZoneOptions.SetAccountID(accountID)
    replaceZoneOptions.SetDescription("this is an example of updated zone")
    replaceZoneOptions.SetAddresses([]contextbasedrestrictionsv1.AddressIntf{addressModel})
    
    zone, response, err := contextBasedRestrictionsService.ReplaceZone(replaceZoneOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(zone, "", "  ")
    fmt.Println(string(b))
  • AddressIPAddress addressModel = new AddressIPAddress.Builder()
      .type("ipAddress")
      .value("169.23.56.234")
      .build();
    ReplaceZoneOptions replaceZoneOptions = new ReplaceZoneOptions.Builder()
      .zoneId(zoneID)
      .ifMatch(zoneRev)
      .name("an example of zone")
      .accountId(accountID)
      .description("this is an example of updated zone")
      .addresses(java.util.Arrays.asList(addressModel))
      .build();
    
    Response<Zone> response = contextBasedRestrictionsService.replaceZone(replaceZoneOptions).execute();
    Zone zone = response.getResult();
    
    System.out.println(zone);
  • // Request models needed by this operation.
    
    // AddressIPAddress
    const addressModel = {
      type: 'ipAddress',
      value: '169.23.56.234',
    };
    
    const params = {
      zoneId,
      ifMatch: zoneRev,
      name: 'an example of updated zone',
      accountId,
      addresses: [addressModel],
      description: 'this is an example of updated zone',
    };
    
    try {
      const res = await contextBasedRestrictionsService.replaceZone(params);
      zoneId = res.result.id;
      zoneRev = res.headers.etag;
    
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • address_model = {
      'type': 'ipAddress',
      'value': '169.23.56.234',
    }
    
    response = context_based_restrictions_service.replace_zone(
      zone_id=zone_id,
      if_match=zone_rev,
      name='an example of zone',
      account_id=account_id,
      addresses=[address_model],
      description='this is an example of zone',
    )
    zone = response.get_result()
    
    print(json.dumps(zone, indent=2))

Response

An output zone

An output zone.

An output zone.

An output zone.

An output zone.

Status Code

  • The network zone was successfully replaced.

  • The network zone could not be replaced due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • The network zone could not be found. Verify that the specified zone ID is valid.

  • The network zone revision is missing or invalid.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "id": "65810ac762004f22ac19f8f8edf70a34",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
      "name": "an example of zone",
      "description": "this is an example of zone",
      "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
      "addresses": [
        {
          "type": "ipAddress",
          "value": "169.23.56.234"
        },
        {
          "type": "ipAddress",
          "value": "3ffe:1900:fe21:4545::"
        },
        {
          "type": "ipRange",
          "value": "169.23.22.0-169.23.22.255"
        },
        {
          "type": "ipRange",
          "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
        },
        {
          "type": "vpc",
          "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
        }
      ],
      "excluded": [
        {
          "type": "ipAddress",
          "value": "169.23.22.128"
        }
      ],
      "address_count": 5,
      "excluded_count": 1,
      "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
      "created_at": "2020-11-23T02:01:59Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-23T02:05:00Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "id": "65810ac762004f22ac19f8f8edf70a34",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::zone:65810ac762004f22ac19f8f8edf70a34",
      "name": "an example of zone",
      "description": "this is an example of zone",
      "account_id": "12ab34cd56ef78ab90cd12ef34ab56cd",
      "addresses": [
        {
          "type": "ipAddress",
          "value": "169.23.56.234"
        },
        {
          "type": "ipAddress",
          "value": "3ffe:1900:fe21:4545::"
        },
        {
          "type": "ipRange",
          "value": "169.23.22.0-169.23.22.255"
        },
        {
          "type": "ipRange",
          "value": "3ffe:1900:fe21:4545::-3ffe:1900:fe21:6767::"
        },
        {
          "type": "vpc",
          "value": "crn:v1:bluemix:public:is:us-south:a/12ab34cd56ef78ab90cd12ef34ab56cd::vpc:r134-d98a1702-b39a-449a-86d4-ef8dbacf281e"
        }
      ],
      "excluded": [
        {
          "type": "ipAddress",
          "value": "169.23.22.128"
        }
      ],
      "address_count": 5,
      "excluded_count": 1,
      "href": "https://cbr.cloud.ibm.com/v1/zones/65810ac762004f22ac19f8f8edf70a34",
      "created_at": "2020-11-23T02:01:59Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-23T02:05:00Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "invalid_ip_range_value_first_ip_greater_than_last_ip",
          "message": "Invalid `ipRange` value: the first IP address is greater than last IP address.",
          "target": {
            "name": "value",
            "type": "field",
            "value": "169.25.27.0-169.25.26.255"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "invalid_ip_range_value_first_ip_greater_than_last_ip",
          "message": "Invalid `ipRange` value: the first IP address is greater than last IP address.",
          "target": {
            "name": "value",
            "type": "field",
            "value": "169.25.27.0-169.25.26.255"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "zone_not_found_in_store",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "65810ac762004f22ac19f8f8edf70a34"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "zone_not_found_in_store",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "65810ac762004f22ac19f8f8edf70a34"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 412,
      "errors": [
        {
          "code": "invalid_zone_revision",
          "message": "The zone revision is missing or invalid.",
          "target": {
            "name": "If-Match",
            "type": "header",
            "value": "an-invalid-revision"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 412,
      "errors": [
        {
          "code": "invalid_zone_revision",
          "message": "The zone revision is missing or invalid.",
          "target": {
            "name": "If-Match",
            "type": "header",
            "value": "an-invalid-revision"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Delete a network zone

This operation deletes the network zone identified by the specified zone ID.

This operation deletes the network zone identified by the specified zone ID.

This operation deletes the network zone identified by the specified zone ID.

This operation deletes the network zone identified by the specified zone ID.

This operation deletes the network zone identified by the specified zone ID.

DELETE /v1/zones/{zone_id}
(contextBasedRestrictions *ContextBasedRestrictionsV1) DeleteZone(deleteZoneOptions *DeleteZoneOptions) (response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) DeleteZoneWithContext(ctx context.Context, deleteZoneOptions *DeleteZoneOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> deleteZone(DeleteZoneOptions deleteZoneOptions)
deleteZone(params)
delete_zone(
        self,
        zone_id: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • context-based-restrictions.zone.delete

Request

Instantiate the DeleteZoneOptions struct and set the fields to provide parameter values for the DeleteZone method.

Use the DeleteZoneOptions.Builder to create a DeleteZoneOptions object that contains the parameter values for the deleteZone method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression ^[a-fA-F0-9]{32}$

WithContext method only

The DeleteZone options.

The deleteZone options.

parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The ID of a zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X DELETE --location --header "Authorization: Bearer {iam_token}"   "https://cbr.cloud.ibm.com/v1/zones/{zone_id}"
  • deleteZoneOptions := contextBasedRestrictionsService.NewDeleteZoneOptions(
      zoneID,
    )
    
    response, err := contextBasedRestrictionsService.DeleteZone(deleteZoneOptions)
    if err != nil {
      panic(err)
    }
    if response.StatusCode != 204 {
      fmt.Printf("\nUnexpected response status code received from DeleteZone(): %d\n", response.StatusCode)
    }
  • DeleteZoneOptions deleteZoneOptions = new DeleteZoneOptions.Builder()
      .zoneId(zoneID)
      .build();
    
    Response<Void> response = contextBasedRestrictionsService.deleteZone(deleteZoneOptions).execute();
  • const params = {
      zoneId,
    };
    
    try {
      await contextBasedRestrictionsService.deleteZone(params);
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.delete_zone(
      zone_id=zone_id,
    )

Response

Status Code

  • The network zone was successfully deleted.

  • The network zone could not be deleted due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • The network zone could not be found. Verify that the specified zone ID is valid.

  • Precondition not satisfied. A network zone cannot be deleted if it is referenced by one or more rules.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"zone_id\" in path has an error.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "an-invalid-zone-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"zone_id\" in path has an error.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "an-invalid-zone-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "zone_not_found_in_store",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "65810ac762004f22ac19f8f8edf70a34"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "zone_not_found_in_store",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "65810ac762004f22ac19f8f8edf70a34"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 412,
      "errors": [
        {
          "code": "zone_used_by_rule",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is referenced by one or more rules and cannot be deleted."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 412,
      "errors": [
        {
          "code": "zone_used_by_rule",
          "message": "The zone '65810ac762004f22ac19f8f8edf70a34' is referenced by one or more rules and cannot be deleted."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

List available service reference targets

This operation lists all available service reference targets.

This operation lists all available service reference targets.

This operation lists all available service reference targets.

This operation lists all available service reference targets.

This operation lists all available service reference targets.

GET /v1/zones/serviceref_targets
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListAvailableServicerefTargets(listAvailableServicerefTargetsOptions *ListAvailableServicerefTargetsOptions) (result *ServiceRefTargetList, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListAvailableServicerefTargetsWithContext(ctx context.Context, listAvailableServicerefTargetsOptions *ListAvailableServicerefTargetsOptions) (result *ServiceRefTargetList, response *core.DetailedResponse, err error)
ServiceCall<ServiceRefTargetList> listAvailableServicerefTargets(ListAvailableServicerefTargetsOptions listAvailableServicerefTargetsOptions)
listAvailableServicerefTargets(params)
list_available_serviceref_targets(
        self,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        type: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

This operation does not require you to be assigned an IAM access role.

  • N/A

Request

Instantiate the ListAvailableServicerefTargetsOptions struct and set the fields to provide parameter values for the ListAvailableServicerefTargets method.

Use the ListAvailableServicerefTargetsOptions.Builder to create a ListAvailableServicerefTargetsOptions object that contains the parameter values for the listAvailableServicerefTargets method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Query Parameters

  • Specifies the types of services to retrieve

    Allowable values: [all,platform_service]

    Default: all

WithContext method only

The ListAvailableServicerefTargets options.

The listAvailableServicerefTargets options.

parameters

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • Specifies the types of services to retrieve.

    Allowable values: [all,platform_service]

    Default: all

parameters

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • Specifies the types of services to retrieve.

    Allowable values: [all,platform_service]

    Default: all

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/zones/serviceref_targets"
  • listAvailableServiceRefTargetsOptions := contextBasedRestrictionsService.NewListAvailableServicerefTargetsOptions()
    
    serviceRefTargetList, response, err := contextBasedRestrictionsService.ListAvailableServicerefTargets(listAvailableServiceRefTargetsOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(serviceRefTargetList, "", "  ")
    fmt.Println(string(b))
  • ListAvailableServicerefTargetsOptions listAvailableServicerefTargetsOptions = new ListAvailableServicerefTargetsOptions.Builder()
      .build();
    
    Response<ServiceRefTargetList> response = contextBasedRestrictionsService.listAvailableServicerefTargets(listAvailableServicerefTargetsOptions).execute();
    ServiceRefTargetList serviceRefTargetList = response.getResult();
    
    System.out.println(serviceRefTargetList);
  • try {
      const res = await contextBasedRestrictionsService.listAvailableServicerefTargets({});
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.list_available_serviceref_targets()
    service_ref_target_list = response.get_result()
    
    print(json.dumps(service_ref_target_list, indent=2))

Response

A list of service reference targets

A list of service reference targets.

A list of service reference targets.

A list of service reference targets.

A list of service reference targets.

Status Code

  • The service reference targets were successfully retrieved.

  • The service reference targets could not be retrieved due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "count": 2,
      "targets": [
        {
          "service_name": "iam-groups",
          "service_type": "platform_service"
        },
        {
          "service_name": "is",
          "locations": [
            {
              "display_name": "Europe",
              "kind": "geography",
              "name": "eu"
            },
            {
              "display_name": "Spain",
              "kind": "country",
              "name": "es"
            },
            {
              "display_name": "Madrid",
              "kind": "metro",
              "name": "mad"
            },
            {
              "display_name": "North America",
              "kind": "geography",
              "name": "na"
            },
            {
              "display_name": "United States",
              "kind": "country",
              "name": "us"
            },
            {
              "display_name": "Dallas",
              "kind": "metro",
              "name": "dal"
            },
            {
              "display_name": "Washington DC",
              "kind": "metro",
              "name": "wdc"
            }
          ]
        }
      ]
    }
  • {
      "count": 2,
      "targets": [
        {
          "service_name": "iam-groups",
          "service_type": "platform_service"
        },
        {
          "service_name": "is",
          "locations": [
            {
              "display_name": "Europe",
              "kind": "geography",
              "name": "eu"
            },
            {
              "display_name": "Spain",
              "kind": "country",
              "name": "es"
            },
            {
              "display_name": "Madrid",
              "kind": "metro",
              "name": "mad"
            },
            {
              "display_name": "North America",
              "kind": "geography",
              "name": "na"
            },
            {
              "display_name": "United States",
              "kind": "country",
              "name": "us"
            },
            {
              "display_name": "Dallas",
              "kind": "metro",
              "name": "dal"
            },
            {
              "display_name": "Washington DC",
              "kind": "metro",
              "name": "wdc"
            }
          ]
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"type\" in query has an error.",
          "target": {
            "name": "type",
            "type": "parameter",
            "value": "an-invalid-type"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"type\" in query has an error.",
          "target": {
            "name": "type",
            "type": "parameter",
            "value": "an-invalid-type"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Get service reference target for a specified service name

This operation gets the service reference target for a specified service name

This operation gets the service reference target for a specified service name.

This operation gets the service reference target for a specified service name.

This operation gets the service reference target for a specified service name.

This operation gets the service reference target for a specified service name.

GET /v1/zones/serviceref_targets/{service_name}
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetServicerefTarget(getServicerefTargetOptions *GetServicerefTargetOptions) (result *ServiceRefTarget, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetServicerefTargetWithContext(ctx context.Context, getServicerefTargetOptions *GetServicerefTargetOptions) (result *ServiceRefTarget, response *core.DetailedResponse, err error)
ServiceCall<ServiceRefTarget> getServicerefTarget(GetServicerefTargetOptions getServicerefTargetOptions)
getServicerefTarget(params)
get_serviceref_target(
        self,
        service_name: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

This operation does not require you to be assigned an IAM access role.

  • N/A

Request

Instantiate the GetServicerefTargetOptions struct and set the fields to provide parameter values for the GetServicerefTarget method.

Use the GetServicerefTargetOptions.Builder to create a GetServicerefTargetOptions object that contains the parameter values for the getServicerefTarget method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The name of a service.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[0-9a-z\-]+$

WithContext method only

The GetServicerefTarget options.

The getServicerefTarget options.

parameters

  • The name of a service.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The name of a service.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/zones/serviceref_targets/{service_name}"
  • getServicerefTargetOptions := contextBasedRestrictionsService.NewGetServicerefTargetOptions(
      serviceName,
    )
    
    serviceRefTarget, response, err := contextBasedRestrictionsService.GetServicerefTarget(getServicerefTargetOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(serviceRefTarget, "", "  ")
    fmt.Println(string(b))
  • GetServicerefTargetOptions getServicerefTargetOptions = new GetServicerefTargetOptions.Builder()
      .serviceName(serviceName)
      .build();
    
    Response<ServiceRefTarget> response = contextBasedRestrictionsService.getServicerefTarget(getServicerefTargetOptions).execute();
    ServiceRefTarget serviceRefTarget = response.getResult();
    
    System.out.println(serviceRefTarget);
  • const params = {
      serviceName: exampleServiceName,
    };
    
    let res;
    try {
      res = await contextBasedRestrictionsService.getServicerefTarget(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.get_serviceref_target(
      service_name=service_name,
    )
    service_ref_target = response.get_result()
    
    print(json.dumps(service_ref_target, indent=2))

Response

Summary information about a service reference target

Summary information about a service reference target.

Summary information about a service reference target.

Summary information about a service reference target.

Summary information about a service reference target.

Status Code

  • The service reference target was successfully retrieved.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • No service reference target found for specified service name.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "service_name": "is",
      "locations": [
        {
          "display_name": "Europe",
          "kind": "geography",
          "name": "eu"
        },
        {
          "display_name": "Spain",
          "kind": "country",
          "name": "es"
        },
        {
          "display_name": "Madrid",
          "kind": "metro",
          "name": "mad"
        },
        {
          "display_name": "North America",
          "kind": "geography",
          "name": "na"
        },
        {
          "display_name": "United States",
          "kind": "country",
          "name": "us"
        },
        {
          "display_name": "Dallas",
          "kind": "metro",
          "name": "dal"
        },
        {
          "display_name": "Washington DC",
          "kind": "metro",
          "name": "wdc"
        }
      ]
    }
  • {
      "service_name": "is",
      "locations": [
        {
          "display_name": "Europe",
          "kind": "geography",
          "name": "eu"
        },
        {
          "display_name": "Spain",
          "kind": "country",
          "name": "es"
        },
        {
          "display_name": "Madrid",
          "kind": "metro",
          "name": "mad"
        },
        {
          "display_name": "North America",
          "kind": "geography",
          "name": "na"
        },
        {
          "display_name": "United States",
          "kind": "country",
          "name": "us"
        },
        {
          "display_name": "Dallas",
          "kind": "metro",
          "name": "dal"
        },
        {
          "display_name": "Washington DC",
          "kind": "metro",
          "name": "wdc"
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "service_ref_target_not_found",
          "message": "The service reference target for service name test-service-name is not found.",
          "target": {
            "name": "service_name",
            "type": "parameter",
            "value": "test-service-name"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "service_ref_target_not_found",
          "message": "The service reference target for service name test-service-name is not found.",
          "target": {
            "name": "service_name",
            "type": "parameter",
            "value": "test-service-name"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Create a rule

This operation creates a rule for the specified account.

This operation creates a rule for the specified account.

This operation creates a rule for the specified account.

This operation creates a rule for the specified account.

This operation creates a rule for the specified account.

POST /v1/rules
(contextBasedRestrictions *ContextBasedRestrictionsV1) CreateRule(createRuleOptions *CreateRuleOptions) (result *Rule, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) CreateRuleWithContext(ctx context.Context, createRuleOptions *CreateRuleOptions) (result *Rule, response *core.DetailedResponse, err error)
ServiceCall<Rule> createRule(CreateRuleOptions createRuleOptions)
createRule(params)
create_rule(
        self,
        *,
        contexts: Optional[List['RuleContext']] = None,
        resources: Optional[List['Resource']] = None,
        description: Optional[str] = None,
        operations: Optional['NewRuleOperations'] = None,
        enforcement_mode: Optional[str] = None,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • cbr.rule.create

Request

Instantiate the CreateRuleOptions struct and set the fields to provide parameter values for the CreateRule method.

Use the CreateRuleOptions.Builder to create a CreateRuleOptions object that contains the parameter values for the createRule method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

The rule to create.

Examples:
{
  "description": "this is an example of rule",
  "resources": [
    {
      "attributes": [
        {
          "name": "accountId",
          "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
        },
        {
          "name": "serviceName",
          "value": "kms"
        }
      ]
    }
  ],
  "contexts": [
    {
      "attributes": [
        {
          "name": "networkZoneId",
          "value": "65810ac762004f22ac19f8f8edf70a34"
        }
      ]
    }
  ],
  "enforcement_mode": "enabled"
}

WithContext method only

The CreateRule options.

The createRule options.

parameters

  • The contexts this rule applies to.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The resources this rule apply to.

    Possible values: number of items = 1

    Examples:
  • The description of the rule.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The operations this rule applies to.

  • The rule enforcement mode:

    • enabled - The restrictions are enforced and reported. This is the default.
    • disabled - The restrictions are disabled. Nothing is enforced or reported.
    • report - The restrictions are evaluated and reported, but not enforced.

    Allowable values: [enabled,disabled,report]

    Default: enabled

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The contexts this rule applies to.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The resources this rule apply to.

    Possible values: number of items = 1

    Examples:
  • The description of the rule.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The operations this rule applies to.

  • The rule enforcement mode:

    • enabled - The restrictions are enforced and reported. This is the default.
    • disabled - The restrictions are disabled. Nothing is enforced or reported.
    • report - The restrictions are evaluated and reported, but not enforced.

    Allowable values: [enabled,disabled,report]

    Default: enabled

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X POST --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   --header "Content-Type: application/json"   --data '{ "description": "this is an example of rule", "resources": [ { "attributes": [ { "name": "accountId", "value": "12ab34cd56ef78ab90cd12ef34ab56cd" }, { "name": "serviceName", "value": "kms" } ] } ], "contexts": [ { "attributes": [ { "name": "networkZoneId", "value": "65810ac762004f22ac19f8f8edf70a34" } ] } ], "enforcement_mode": "enabled" }'   "https://cbr.cloud.ibm.com/v1/rules"
  • ruleContextAttributeModel := &contextbasedrestrictionsv1.RuleContextAttribute{
      Name:  core.StringPtr("networkZoneId"),
      Value: core.StringPtr(zoneID),
    }
    
    ruleContextModel := &contextbasedrestrictionsv1.RuleContext{
      Attributes: []contextbasedrestrictionsv1.RuleContextAttribute{*ruleContextAttributeModel},
    }
    
    resourceModel := &contextbasedrestrictionsv1.Resource{
      Attributes: []contextbasedrestrictionsv1.ResourceAttribute{
        {
          Name:  core.StringPtr("accountId"),
          Value: core.StringPtr(accountID),
        },
        {
          Name:  core.StringPtr("serviceName"),
          Value: core.StringPtr(serviceName),
        },
      },
      Tags: []contextbasedrestrictionsv1.ResourceTagAttribute{
        {
          Name:  core.StringPtr("tagName"),
          Value: core.StringPtr("tagValue"),
        },
      },
    }
    
    createRuleOptions := contextBasedRestrictionsService.NewCreateRuleOptions()
    createRuleOptions.SetDescription("this is an example of rule")
    createRuleOptions.SetContexts([]contextbasedrestrictionsv1.RuleContext{*ruleContextModel})
    createRuleOptions.SetResources([]contextbasedrestrictionsv1.Resource{*resourceModel})
    createRuleOptions.SetEnforcementMode(contextbasedrestrictionsv1.CreateRuleOptionsEnforcementModeEnabledConst)
    rule, response, err := contextBasedRestrictionsService.CreateRule(createRuleOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(rule, "", "  ")
    fmt.Println(string(b))
  • RuleContextAttribute ruleContextAttributeModel = new RuleContextAttribute.Builder()
      .name("networkZoneId")
      .value(zoneID)
      .build();
    RuleContext ruleContextModel = new RuleContext.Builder()
      .attributes(java.util.Arrays.asList(ruleContextAttributeModel))
      .build();
    ResourceAttribute resourceAttributeModelAccountID = new ResourceAttribute.Builder()
      .name("accountId")
      .value(accountID)
      .build();
    ResourceAttribute resourceAttributeModelServiceName = new ResourceAttribute.Builder()
      .name("serviceName")
      .value(serviceName)
      .build();
    ResourceTagAttribute resourceTagAttributeModel = new ResourceTagAttribute.Builder()
      .name("tagName")
      .value("tagValue")
      .build();
    Resource resourceModel = new Resource.Builder()
      .addAttributes(resourceAttributeModelAccountID)
      .addAttributes(resourceAttributeModelServiceName)
      .tags(java.util.Arrays.asList(resourceTagAttributeModel))
      .build();
    CreateRuleOptions createRuleOptions = new CreateRuleOptions.Builder()
      .description("this is an example of rule")
      .addContexts(ruleContextModel)
      .addResources(resourceModel)
      .enforcementMode("enabled")
      .build();
    
    Response<Rule> response = contextBasedRestrictionsService.createRule(createRuleOptions).execute();
    Rule rule = response.getResult();
    
    System.out.println(rule);
    ruleID = rule.getId();
    ruleRev = response.getHeaders().values("Etag").get(0);
  • // Request models needed by this operation.
    
    // RuleContextAttribute
    const ruleContextAttributeModel = {
      name: 'networkZoneId',
      value: zoneId,
    };
    
    // RuleContext
    const ruleContextModel = {
      attributes: [ruleContextAttributeModel],
    };
    
    // ResourceAttribute
    const resourceAttributeAccountIdModel = {
      name: 'accountId',
      value: accountId,
    };
    
    // Resource Attribute
    const resourceAttributeServiceNameModel = {
      name: 'serviceName',
      value: serviceName,
      operator: 'stringEquals',
    };
    
    // Resource
    const resourceModel = {
      attributes: [resourceAttributeAccountIdModel, resourceAttributeServiceNameModel],
    };
    
    const params = {
      contexts: [ruleContextModel],
      resources: [resourceModel],
      description: 'this is an example of rule',
      enforcementMode: 'enabled',
    };
    
    try {
      const res = await contextBasedRestrictionsService.createRule(params);
      ruleId = res.result.id;
      ruleRev = res.headers.etag;
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • rule_context_attribute_model = {
      'name': 'networkZoneId',
      'value': zone_id,
    }
    
    rule_context_model = {
      'attributes': [rule_context_attribute_model],
    }
    
    resource_attribute_model = {
      'name': 'accountId',
      'value': account_id,
    }
    
    resource_attribute_service_name_model = {
      'name': 'serviceName',
      'value': service_name,
    }
    
    resource_model = {
      'attributes': [resource_attribute_model, resource_attribute_service_name_model],
    }
    
    response = context_based_restrictions_service.create_rule(
      contexts=[rule_context_model],
      resources=[resource_model],
      description='this is an example of rule',
      enforcement_mode='enabled',
    )
    rule = response.get_result()
    
    print(json.dumps(rule, indent=2))

Response

An output rule

An output rule.

An output rule.

An output rule.

An output rule.

Status Code

  • Rule created.

  • The rule could not be created due to an invalid or missing input parameter or request body.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "id": "fb988c9387e84390ba98bce4744c0a9c",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
      "description": "this is an example of rule",
      "resources": [
        {
          "attributes": [
            {
              "name": "accountId",
              "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
            },
            {
              "name": "serviceName",
              "value": "kms"
            }
          ]
        }
      ],
      "contexts": [
        {
          "attributes": [
            {
              "name": "networkZoneId",
              "value": "65810ac762004f22ac19f8f8edf70a34"
            }
          ]
        }
      ],
      "operations": {
        "api_types": [
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
            "description": "Protects all service APIs.",
            "display_name": "All"
          },
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
            "description": "Protects all platform APIs.",
            "display_name": "All"
          }
        ]
      },
      "enforcement_mode": "enabled",
      "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
      "created_at": "2020-11-24T16:35:17Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-24T16:35:17Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "id": "fb988c9387e84390ba98bce4744c0a9c",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
      "description": "this is an example of rule",
      "resources": [
        {
          "attributes": [
            {
              "name": "accountId",
              "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
            },
            {
              "name": "serviceName",
              "value": "kms"
            }
          ]
        }
      ],
      "contexts": [
        {
          "attributes": [
            {
              "name": "networkZoneId",
              "value": "65810ac762004f22ac19f8f8edf70a34"
            }
          ]
        }
      ],
      "operations": {
        "api_types": [
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
            "description": "Protects all service APIs.",
            "display_name": "All"
          },
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
            "description": "Protects all platform APIs.",
            "display_name": "All"
          }
        ]
      },
      "enforcement_mode": "enabled",
      "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
      "created_at": "2020-11-24T16:35:17Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-24T16:35:17Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "service_def_not_found",
          "message": "The definition of service 'a-service-that-does-not-exist' is not found.",
          "target": {
            "name": "serviceName",
            "type": "field",
            "value": "a-service-that-does-not-exist"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "service_def_not_found",
          "message": "The definition of service 'a-service-that-does-not-exist' is not found.",
          "target": {
            "name": "serviceName",
            "type": "field",
            "value": "a-service-that-does-not-exist"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

List rules

This operation lists rules in the specified account.

This operation lists rules in the specified account.

This operation lists rules in the specified account.

This operation lists rules in the specified account.

This operation lists rules in the specified account.

GET /v1/rules
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListRules(listRulesOptions *ListRulesOptions) (result *RuleList, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListRulesWithContext(ctx context.Context, listRulesOptions *ListRulesOptions) (result *RuleList, response *core.DetailedResponse, err error)
ServiceCall<RuleList> listRules(ListRulesOptions listRulesOptions)
listRules(params)
list_rules(
        self,
        account_id: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        region: Optional[str] = None,
        resource: Optional[str] = None,
        resource_type: Optional[str] = None,
        service_instance: Optional[str] = None,
        service_name: Optional[str] = None,
        service_type: Optional[str] = None,
        service_group_id: Optional[str] = None,
        zone_id: Optional[str] = None,
        sort: Optional[str] = None,
        enforcement_mode: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • cbr.rule.read

Request

Instantiate the ListRulesOptions struct and set the fields to provide parameter values for the ListRules method.

Use the ListRulesOptions.Builder to create a ListRulesOptions object that contains the parameter values for the listRules method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Query Parameters

  • The ID of the managing account.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[a-zA-Z0-9\-]+$

  • The region resource attribute.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression ^[a-zA-Z0-9\-]+$

  • The resource resource attribute.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[\S\s]+$

  • The resourceType resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[\S\s]+$

  • The serviceInstance resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[0-9a-z\-/]+$

  • The serviceName resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[0-9a-z\-]+$

  • The rule's serviceType resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[0-9a-z_]+$

  • The rule's service_group_id resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[a-zA-Z0-9]+$

  • The globally unique ID of the zone.

    Possible values: length = 32, Value must match regular expression ^[a-fA-F0-9]{32}$

  • Sorts results by using a valid sort field. To learn more, see Sorting.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression ^[\-]?[a-z0-9_]+$

  • The rule's enforcement_mode attribute.

    Allowable values: [enabled,disabled,report]

WithContext method only

The ListRules options.

The listRules options.

parameters

  • The ID of the managing account.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The region resource attribute.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The resource resource attribute.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[\\S\\s]+$/

  • The resourceType resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[\\S\\s]+$/

  • The serviceInstance resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z\\-\/]+$/

  • The serviceName resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z\\-]+$/

  • The rule's serviceType resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z_]+$/

  • The rule's service_group_id resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9]+$/

  • The globally unique ID of the zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • Sorts results by using a valid sort field. To learn more, see Sorting.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression /^[\\-]?[a-z0-9_]+$/

  • The rule's enforcement_mode attribute.

    Allowable values: [enabled,disabled,report]

parameters

  • The ID of the managing account.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The region resource attribute.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The resource resource attribute.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[\\S\\s]+$/

  • The resourceType resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[\\S\\s]+$/

  • The serviceInstance resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z\\-\/]+$/

  • The serviceName resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z\\-]+$/

  • The rule's serviceType resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[0-9a-z_]+$/

  • The rule's service_group_id resource attribute.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9]+$/

  • The globally unique ID of the zone.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • Sorts results by using a valid sort field. To learn more, see Sorting.

    Possible values: 1 ≤ length ≤ 32, Value must match regular expression /^[\\-]?[a-z0-9_]+$/

  • The rule's enforcement_mode attribute.

    Allowable values: [enabled,disabled,report]

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/rules?account_id={account_id}"
  • listRulesOptions := contextBasedRestrictionsService.NewListRulesOptions(
      accountID,
    )
    
    ruleList, response, err := contextBasedRestrictionsService.ListRules(listRulesOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(ruleList, "", "  ")
    fmt.Println(string(b))
  • ListRulesOptions listRulesOptions = new ListRulesOptions.Builder()
      .accountId(accountID)
      .build();
    
    Response<RuleList> response = contextBasedRestrictionsService.listRules(listRulesOptions).execute();
    RuleList ruleList = response.getResult();
    
    System.out.println(ruleList);
  • const params = {
      accountId,
    };
    
    try {
      const res = await contextBasedRestrictionsService.listRules(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.list_rules(
      account_id=account_id,
    )
    rule_list = response.get_result()
    
    print(json.dumps(rule_list, indent=2))

Response

The response object of the ListRules operation.

The response object of the ListRules operation.

The response object of the ListRules operation.

The response object of the ListRules operation.

The response object of the ListRules operation.

Status Code

  • The rules were successfully retrieved.

  • The rules could not be retrieved due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "count": 1,
      "rules": [
        {
          "id": "fb988c9387e84390ba98bce4744c0a9c",
          "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
          "description": "this is an example of rule",
          "resources": [
            {
              "attributes": [
                {
                  "name": "accountId",
                  "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
                },
                {
                  "name": "serviceName",
                  "value": "kms"
                }
              ]
            }
          ],
          "contexts": [
            {
              "attributes": [
                {
                  "name": "networkZoneId",
                  "value": "65810ac762004f22ac19f8f8edf70a34"
                }
              ]
            }
          ],
          "operations": {
            "api_types": [
              {
                "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
                "description": "Protects all service APIs.",
                "display_name": "All"
              },
              {
                "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
                "description": "Protects all platform APIs.",
                "display_name": "All"
              }
            ]
          },
          "enforcement_mode": "enabled",
          "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
          "created_at": "2020-11-24T16:35:17Z",
          "created_by_id": "IBMid-120000P1JM",
          "last_modified_at": "2020-11-24T16:35:17Z",
          "last_modified_by_id": "IBMid-120000P1JM"
        }
      ]
    }
  • {
      "count": 1,
      "rules": [
        {
          "id": "fb988c9387e84390ba98bce4744c0a9c",
          "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
          "description": "this is an example of rule",
          "resources": [
            {
              "attributes": [
                {
                  "name": "accountId",
                  "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
                },
                {
                  "name": "serviceName",
                  "value": "kms"
                }
              ]
            }
          ],
          "contexts": [
            {
              "attributes": [
                {
                  "name": "networkZoneId",
                  "value": "65810ac762004f22ac19f8f8edf70a34"
                }
              ]
            }
          ],
          "operations": {
            "api_types": [
              {
                "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
                "description": "Protects all service APIs.",
                "display_name": "All"
              },
              {
                "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
                "description": "Protects all platform APIs.",
                "display_name": "All"
              }
            ]
          },
          "enforcement_mode": "enabled",
          "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
          "created_at": "2020-11-24T16:35:17Z",
          "created_by_id": "IBMid-120000P1JM",
          "last_modified_at": "2020-11-24T16:35:17Z",
          "last_modified_by_id": "IBMid-120000P1JM"
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"account_id\" in query has an error.",
          "target": {
            "name": "account_id",
            "type": "parameter",
            "value": "an-invalid-account-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"account_id\" in query has an error.",
          "target": {
            "name": "account_id",
            "type": "parameter",
            "value": "an-invalid-account-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Get a rule

This operation retrieves the rule identified by the specified rule ID.

This operation retrieves the rule identified by the specified rule ID.

This operation retrieves the rule identified by the specified rule ID.

This operation retrieves the rule identified by the specified rule ID.

This operation retrieves the rule identified by the specified rule ID.

GET /v1/rules/{rule_id}
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetRule(getRuleOptions *GetRuleOptions) (result *Rule, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetRuleWithContext(ctx context.Context, getRuleOptions *GetRuleOptions) (result *Rule, response *core.DetailedResponse, err error)
ServiceCall<Rule> getRule(GetRuleOptions getRuleOptions)
getRule(params)
get_rule(
        self,
        rule_id: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • cbr.rule.read

Request

Instantiate the GetRuleOptions struct and set the fields to provide parameter values for the GetRule method.

Use the GetRuleOptions.Builder to create a GetRuleOptions object that contains the parameter values for the getRule method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression ^[a-fA-F0-9]{32}$

WithContext method only

The GetRule options.

The getRule options.

parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/rules/{rule_id}"
  • getRuleOptions := contextBasedRestrictionsService.NewGetRuleOptions(
      ruleID,
    )
    
    rule, response, err := contextBasedRestrictionsService.GetRule(getRuleOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(rule, "", "  ")
    fmt.Println(string(b))
  • GetRuleOptions getRuleOptions = new GetRuleOptions.Builder()
        .ruleId(ruleID)
        .build();
    
    Response<Rule> response = contextBasedRestrictionsService.getRule(getRuleOptions).execute();
    Rule rule = response.getResult();
    
    System.out.println(rule);
  • const params = {
      ruleId,
    };
    
    try {
      const res = await contextBasedRestrictionsService.getRule(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.get_rule(
      rule_id=rule_id,
    )
    rule = response.get_result()
    
    print(json.dumps(rule, indent=2))

Response

An output rule

An output rule.

An output rule.

An output rule.

An output rule.

Status Code

  • The rule was successfully retrieved.

  • The rule could not be retrieved due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • The rule could not be found. Verify that the specified rule ID is valid.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "id": "fb988c9387e84390ba98bce4744c0a9c",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
      "description": "this is an example of rule",
      "resources": [
        {
          "attributes": [
            {
              "name": "accountId",
              "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
            },
            {
              "name": "serviceName",
              "value": "kms"
            }
          ]
        }
      ],
      "contexts": [
        {
          "attributes": [
            {
              "name": "networkZoneId",
              "value": "65810ac762004f22ac19f8f8edf70a34"
            }
          ]
        }
      ],
      "operations": {
        "api_types": [
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
            "description": "Protects all service APIs.",
            "display_name": "All"
          },
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
            "description": "Protects all platform APIs.",
            "display_name": "All"
          }
        ]
      },
      "enforcement_mode": "enabled",
      "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
      "created_at": "2020-11-24T16:35:17Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-24T16:35:17Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "id": "fb988c9387e84390ba98bce4744c0a9c",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
      "description": "this is an example of rule",
      "resources": [
        {
          "attributes": [
            {
              "name": "accountId",
              "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
            },
            {
              "name": "serviceName",
              "value": "kms"
            }
          ]
        }
      ],
      "contexts": [
        {
          "attributes": [
            {
              "name": "networkZoneId",
              "value": "65810ac762004f22ac19f8f8edf70a34"
            }
          ]
        }
      ],
      "operations": {
        "api_types": [
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
            "description": "Protects all service APIs.",
            "display_name": "All"
          },
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
            "description": "Protects all platform APIs.",
            "display_name": "All"
          }
        ]
      },
      "enforcement_mode": "enabled",
      "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
      "created_at": "2020-11-24T16:35:17Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-24T16:35:17Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"rule_id\" in path has an error.",
          "target": {
            "name": "rule_id",
            "type": "parameter",
            "value": "an-invalid-rule-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"rule_id\" in path has an error.",
          "target": {
            "name": "rule_id",
            "type": "parameter",
            "value": "an-invalid-rule-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "rule_not_found_in_store",
          "message": "The rule 'fb988c9387e84390ba98bce4744c0a9c' is not found.",
          "target": {
            "name": "rule_id",
            "type": "parameter",
            "value": "fb988c9387e84390ba98bce4744c0a9c"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "rule_not_found_in_store",
          "message": "The rule 'fb988c9387e84390ba98bce4744c0a9c' is not found.",
          "target": {
            "name": "rule_id",
            "type": "parameter",
            "value": "fb988c9387e84390ba98bce4744c0a9c"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Replace a rule

This operation replaces the rule identified by the specified rule ID. Partial updates are not supported. The entire rule object must be replaced.

This operation replaces the rule identified by the specified rule ID. Partial updates are not supported. The entire rule object must be replaced.

This operation replaces the rule identified by the specified rule ID. Partial updates are not supported. The entire rule object must be replaced.

This operation replaces the rule identified by the specified rule ID. Partial updates are not supported. The entire rule object must be replaced.

This operation replaces the rule identified by the specified rule ID. Partial updates are not supported. The entire rule object must be replaced.

PUT /v1/rules/{rule_id}
(contextBasedRestrictions *ContextBasedRestrictionsV1) ReplaceRule(replaceRuleOptions *ReplaceRuleOptions) (result *Rule, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) ReplaceRuleWithContext(ctx context.Context, replaceRuleOptions *ReplaceRuleOptions) (result *Rule, response *core.DetailedResponse, err error)
ServiceCall<Rule> replaceRule(ReplaceRuleOptions replaceRuleOptions)
replaceRule(params)
replace_rule(
        self,
        rule_id: str,
        if_match: str,
        *,
        contexts: Optional[List['RuleContext']] = None,
        resources: Optional[List['Resource']] = None,
        description: Optional[str] = None,
        operations: Optional['NewRuleOperations'] = None,
        enforcement_mode: Optional[str] = None,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • cbr.rule.update

Request

Instantiate the ReplaceRuleOptions struct and set the fields to provide parameter values for the ReplaceRule method.

Use the ReplaceRuleOptions.Builder to create a ReplaceRuleOptions object that contains the parameter values for the replaceRule method.

Custom Headers

  • The current revision of the resource being updated. This can be found in the Create/Get/Update resource response ETag header.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[a-fA-F0-9\-]+$

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression ^[a-fA-F0-9]{32}$

The rule to replace.

Examples:
{
  "description": "this is an example of rule",
  "resources": [
    {
      "attributes": [
        {
          "name": "accountId",
          "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
        },
        {
          "name": "serviceName",
          "value": "kms"
        }
      ]
    }
  ],
  "contexts": [
    {
      "attributes": [
        {
          "name": "networkZoneId",
          "value": "76921bd873115033bd2a0909fe081b45"
        }
      ]
    }
  ],
  "enforcement_mode": "disabled"
}

WithContext method only

The ReplaceRule options.

The replaceRule options.

parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The current revision of the resource being updated. This can be found in the Create/Get/Update resource response ETag header.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-fA-F0-9\\-]+$/

  • The contexts this rule applies to.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The resources this rule apply to.

    Possible values: number of items = 1

    Examples:
  • The description of the rule.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The operations this rule applies to.

  • The rule enforcement mode:

    • enabled - The restrictions are enforced and reported. This is the default.
    • disabled - The restrictions are disabled. Nothing is enforced or reported.
    • report - The restrictions are evaluated and reported, but not enforced.

    Allowable values: [enabled,disabled,report]

    Default: enabled

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The current revision of the resource being updated. This can be found in the Create/Get/Update resource response ETag header.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-fA-F0-9\\-]+$/

  • The contexts this rule applies to.

    Possible values: 0 ≤ number of items ≤ 1000

    Examples:
  • The resources this rule apply to.

    Possible values: number of items = 1

    Examples:
  • The description of the rule.

    Possible values: 0 ≤ length ≤ 300, Value must match regular expression /^[^-€-Ÿ]*$/

    Examples:
  • The operations this rule applies to.

  • The rule enforcement mode:

    • enabled - The restrictions are enforced and reported. This is the default.
    • disabled - The restrictions are disabled. Nothing is enforced or reported.
    • report - The restrictions are evaluated and reported, but not enforced.

    Allowable values: [enabled,disabled,report]

    Default: enabled

    Examples:
  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X PUT --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   --header "If-Match: {if_match}"   --header "Content-Type: application/json"   --data '{ "description": "this is an example of rule", "resources": [ { "attributes": [ { "name": "accountId", "value": "12ab34cd56ef78ab90cd12ef34ab56cd" }, { "name": "serviceName", "value": "kms" } ] } ], "contexts": [ { "attributes": [ { "name": "networkZoneId", "value": "76921bd873115033bd2a0909fe081b45" } ] } ], "enforcement_mode": "disabled" }'   "https://cbr.cloud.ibm.com/v1/rules/{rule_id}"
  • ruleContextAttributeModel := &contextbasedrestrictionsv1.RuleContextAttribute{
      Name:  core.StringPtr("networkZoneId"),
      Value: core.StringPtr(zoneID),
    }
    
    ruleContextModel := &contextbasedrestrictionsv1.RuleContext{
      Attributes: []contextbasedrestrictionsv1.RuleContextAttribute{*ruleContextAttributeModel},
    }
    
    resourceModel := &contextbasedrestrictionsv1.Resource{
      Attributes: []contextbasedrestrictionsv1.ResourceAttribute{
        {
          Name:  core.StringPtr("accountId"),
          Value: core.StringPtr(accountID),
        },
        {
          Name:  core.StringPtr("serviceName"),
          Value: core.StringPtr(serviceName),
        },
      },
      Tags: []contextbasedrestrictionsv1.ResourceTagAttribute{
        {
          Name:  core.StringPtr("tagName"),
          Value: core.StringPtr("updatedTagValue"),
        },
      },
    }
    
    replaceRuleOptions := contextBasedRestrictionsService.NewReplaceRuleOptions(
      ruleID,
      ruleRev,
    )
    replaceRuleOptions.SetDescription("this is an example of rule")
    replaceRuleOptions.SetContexts([]contextbasedrestrictionsv1.RuleContext{*ruleContextModel})
    replaceRuleOptions.SetResources([]contextbasedrestrictionsv1.Resource{*resourceModel})
    replaceRuleOptions.SetEnforcementMode(contextbasedrestrictionsv1.ReplaceRuleOptionsEnforcementModeDisabledConst)
    
    rule, response, err := contextBasedRestrictionsService.ReplaceRule(replaceRuleOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(rule, "", "  ")
    fmt.Println(string(b))
  • RuleContextAttribute ruleContextAttributeModel = new RuleContextAttribute.Builder()
      .name("networkZoneId")
      .value(zoneID)
      .build();
    RuleContext ruleContextModel = new RuleContext.Builder()
      .attributes(java.util.Arrays.asList(ruleContextAttributeModel))
      .build();
    ResourceAttribute resourceAttributeModelAccountID = new ResourceAttribute.Builder()
      .name("accountId")
      .value(accountID)
      .build();
    ResourceAttribute resourceAttributeModelServiceName = new ResourceAttribute.Builder()
      .name("serviceName")
      .value(serviceName)
      .build();
    ResourceTagAttribute resourceTagAttributeModel = new ResourceTagAttribute.Builder()
      .name("tagName")
      .value("updatedTagValue")
      .build();
    Resource resourceModel = new Resource.Builder()
      .addAttributes(resourceAttributeModelAccountID)
      .addAttributes(resourceAttributeModelServiceName)
      .addTags(resourceTagAttributeModel)
      .build();
    ReplaceRuleOptions replaceRuleOptions = new ReplaceRuleOptions.Builder()
      .ruleId(ruleID)
      .ifMatch(ruleRev)
      .description("this is an example of updated rule")
      .addContexts(ruleContextModel)
      .addResources(resourceModel)
      .enforcementMode("disabled")
      .build();
    
    Response<Rule> response = contextBasedRestrictionsService.replaceRule(replaceRuleOptions).execute();
    Rule rule = response.getResult();
    
    System.out.println(rule);
  • // Request models needed by this operation.
    
    // RuleContextAttribute
    const ruleContextAttributeModel = {
      name: 'networkZoneId',
      value: zoneId,
    };
    
    // RuleContext
    const ruleContextModel = {
      attributes: [ruleContextAttributeModel],
    };
    
    // ResourceAttribute
    const resourceAttributeAccountIdModel = {
      name: 'accountId',
      value: accountId,
    };
    
    // ResourceAttribute
    const resourceAttributeServiceNameModel = {
      name: 'serviceName',
      value: serviceName,
    };
    
    const resourceTagAttributeModel = {
      name: 'TagName',
      value: 'aTagValue',
    };
    
    // Resource
    const resourceModel = {
      attributes: [resourceAttributeAccountIdModel, resourceAttributeServiceNameModel],
      tags: [resourceTagAttributeModel],
    };
    
    const params = {
      ruleId,
      ifMatch: ruleRev,
      contexts: [ruleContextModel],
      resources: [resourceModel],
      description: 'this is an example of updated rule',
      enforcementMode: 'disabled',
    };
    
    try {
      const res = await contextBasedRestrictionsService.replaceRule(params);
      ruleId = res.result.id;
      ruleRev = res.headers.etag;
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • rule_context_attribute_model = {
      'name': 'networkZoneId',
      'value': zone_id,
    }
    
    rule_context_model = {
      'attributes': [rule_context_attribute_model],
    }
    
    resource_attribute_model = {
      'name': 'accountId',
      'value': account_id,
    }
    
    resource_attribute_service_name_model = {
      'name': 'serviceName',
      'value': service_name,
    }
    
    resource_tag_attribute_model = {
      'name': 'tagName',
      'value': 'tagValue',
    }
    
    resource_model = {
      'attributes': [resource_attribute_model, resource_attribute_service_name_model],
      'tags': [resource_tag_attribute_model],
    }
    
    response = context_based_restrictions_service.replace_rule(
      rule_id=rule_id,
      if_match=rule_rev,
      contexts=[rule_context_model],
      resources=[resource_model],
      description='this is an example of updated rule',
      enforcement_mode='disabled',
    )
    rule = response.get_result()
    
    print(json.dumps(rule, indent=2))

Response

An output rule

An output rule.

An output rule.

An output rule.

An output rule.

Status Code

  • The rule was successfully replaced.

  • The rule could not be replaced due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • The rule could not be found. Verify that the specified rule ID is valid.

  • The rule revision is missing or invalid.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "id": "fb988c9387e84390ba98bce4744c0a9c",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
      "description": "this is an example of rule",
      "resources": [
        {
          "attributes": [
            {
              "name": "accountId",
              "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
            },
            {
              "name": "serviceName",
              "value": "kms"
            }
          ]
        }
      ],
      "contexts": [
        {
          "attributes": [
            {
              "name": "networkZoneId",
              "value": "76921bd873115033bd2a0909fe081b45"
            }
          ]
        }
      ],
      "operations": {
        "api_types": [
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
            "description": "Protects all service APIs.",
            "display_name": "All"
          },
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
            "description": "Protects all platform APIs.",
            "display_name": "All"
          }
        ]
      },
      "enforcement_mode": "disabled",
      "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
      "created_at": "2020-11-24T16:35:17Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-24T16:55:01Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "id": "fb988c9387e84390ba98bce4744c0a9c",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::rule:fb988c9387e84390ba98bce4744c0a9c",
      "description": "this is an example of rule",
      "resources": [
        {
          "attributes": [
            {
              "name": "accountId",
              "value": "12ab34cd56ef78ab90cd12ef34ab56cd"
            },
            {
              "name": "serviceName",
              "value": "kms"
            }
          ]
        }
      ],
      "contexts": [
        {
          "attributes": [
            {
              "name": "networkZoneId",
              "value": "76921bd873115033bd2a0909fe081b45"
            }
          ]
        }
      ],
      "operations": {
        "api_types": [
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
            "description": "Protects all service APIs.",
            "display_name": "All"
          },
          {
            "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
            "description": "Protects all platform APIs.",
            "display_name": "All"
          }
        ]
      },
      "enforcement_mode": "disabled",
      "href": "https://cbr.cloud.ibm.com/v1/rules/fb988c9387e84390ba98bce4744c0a9c",
      "created_at": "2020-11-24T16:35:17Z",
      "created_by_id": "IBMid-120000P1JM",
      "last_modified_at": "2020-11-24T16:55:01Z",
      "last_modified_by_id": "IBMid-120000P1JM"
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "service_not_context-based-restrictions_enabled",
          "message": "The service 'a-service-that-is-not-cbr-enabled' is not supported for context-based-restrictions control.",
          "target": {
            "name": "serviceName",
            "type": "field",
            "value": "a-service-that-is-not-cbr-enabled"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "service_not_context-based-restrictions_enabled",
          "message": "The service 'a-service-that-is-not-cbr-enabled' is not supported for context-based-restrictions control.",
          "target": {
            "name": "serviceName",
            "type": "field",
            "value": "a-service-that-is-not-cbr-enabled"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "rule_not_found_in_store",
          "message": "The rule 'fb988c9387e84390ba98bce4744c0a9c' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "fb988c9387e84390ba98bce4744c0a9c"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "rule_not_found_in_store",
          "message": "The rule 'fb988c9387e84390ba98bce4744c0a9c' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "fb988c9387e84390ba98bce4744c0a9c"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 412,
      "errors": [
        {
          "code": "invalid_rule_revision",
          "message": "The rule revision is missing or invalid.",
          "target": {
            "name": "If-Match",
            "type": "header",
            "value": "an-invalid-revision"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 412,
      "errors": [
        {
          "code": "invalid_rule_revision",
          "message": "The rule revision is missing or invalid.",
          "target": {
            "name": "If-Match",
            "type": "header",
            "value": "an-invalid-revision"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Delete a rule

This operation deletes the rule identified by the specified rule ID.

This operation deletes the rule identified by the specified rule ID.

This operation deletes the rule identified by the specified rule ID.

This operation deletes the rule identified by the specified rule ID.

This operation deletes the rule identified by the specified rule ID.

DELETE /v1/rules/{rule_id}
(contextBasedRestrictions *ContextBasedRestrictionsV1) DeleteRule(deleteRuleOptions *DeleteRuleOptions) (response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) DeleteRuleWithContext(ctx context.Context, deleteRuleOptions *DeleteRuleOptions) (response *core.DetailedResponse, err error)
ServiceCall<Void> deleteRule(DeleteRuleOptions deleteRuleOptions)
deleteRule(params)
delete_rule(
        self,
        rule_id: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • cbr.rule.delete

Request

Instantiate the DeleteRuleOptions struct and set the fields to provide parameter values for the DeleteRule method.

Use the DeleteRuleOptions.Builder to create a DeleteRuleOptions object that contains the parameter values for the deleteRule method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression ^[a-fA-F0-9]{32}$

WithContext method only

The DeleteRule options.

The deleteRule options.

parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The ID of a rule.

    Possible values: length = 32, Value must match regular expression /^[a-fA-F0-9]{32}$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X DELETE --location --header "Authorization: Bearer {iam_token}"   "https://cbr.cloud.ibm.com/v1/rules/{rule_id}"
  • deleteRuleOptions := contextBasedRestrictionsService.NewDeleteRuleOptions(
      ruleID,
    )
    
    response, err := contextBasedRestrictionsService.DeleteRule(deleteRuleOptions)
    if err != nil {
      panic(err)
    }
    if response.StatusCode != 204 {
      fmt.Printf("\nUnexpected response status code received from DeleteRule(): %d\n", response.StatusCode)
    }
  • DeleteRuleOptions deleteRuleOptions = new DeleteRuleOptions.Builder()
      .ruleId(ruleID)
      .build();
    
    Response<Void> response = contextBasedRestrictionsService.deleteRule(deleteRuleOptions).execute();
  • const params = {
      ruleId,
    };
    
    try {
      await contextBasedRestrictionsService.deleteRule(params);
    } catch (err) {
      console.warn(err);
    }
  • response = context_based_restrictions_service.delete_rule(
      rule_id=rule_id,
    )

Response

Status Code

  • The rule was successfully deleted.

  • The rule could not be deleted due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • The rule could not be found. Verify that the specified rule ID is valid.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"rule_id\" in path has an error.",
          "target": {
            "name": "rule_id",
            "type": "parameter",
            "value": "an-invalid-rule-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"rule_id\" in path has an error.",
          "target": {
            "name": "rule_id",
            "type": "parameter",
            "value": "an-invalid-rule-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "rule_not_found_in_store",
          "message": "The rule 'fb988c9387e84390ba98bce4744c0a9c' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "fb988c9387e84390ba98bce4744c0a9c"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 404,
      "errors": [
        {
          "code": "rule_not_found_in_store",
          "message": "The rule 'fb988c9387e84390ba98bce4744c0a9c' is not found.",
          "target": {
            "name": "zone_id",
            "type": "parameter",
            "value": "fb988c9387e84390ba98bce4744c0a9c"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

Get account settings

This operation retrieves the settings for the specified account ID.

This operation retrieves the settings for the specified account ID.

This operation retrieves the settings for the specified account ID.

This operation retrieves the settings for the specified account ID.

This operation retrieves the settings for the specified account ID.

GET /v1/account_settings/{account_id}
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetAccountSettings(getAccountSettingsOptions *GetAccountSettingsOptions) (result *AccountSettings, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) GetAccountSettingsWithContext(ctx context.Context, getAccountSettingsOptions *GetAccountSettingsOptions) (result *AccountSettings, response *core.DetailedResponse, err error)
ServiceCall<AccountSettings> getAccountSettings(GetAccountSettingsOptions getAccountSettingsOptions)
getAccountSettings(params)
get_account_settings(
        self,
        account_id: str,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Authorization

To call this method, you must be assigned one or more IAM access roles that include the following action. You can check your access by going to Users > User > Access.

  • context-based-restrictions.account-settings.read

Request

Instantiate the GetAccountSettingsOptions struct and set the fields to provide parameter values for the GetAccountSettings method.

Use the GetAccountSettingsOptions.Builder to create a GetAccountSettingsOptions object that contains the parameter values for the getAccountSettings method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Path Parameters

  • The ID of the account the settings are for.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[a-zA-Z0-9\-]+$

WithContext method only

The GetAccountSettings options.

The getAccountSettings options.

parameters

  • The ID of the account the settings are for.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

parameters

  • The ID of the account the settings are for.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9\\-]+$/

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/account_settings/{account_id}"
  • getAccountSettingsOptions := contextBasedRestrictionsService.NewGetAccountSettingsOptions(
      accountID,
    )
    
    accountSettings, response, err := contextBasedRestrictionsService.GetAccountSettings(getAccountSettingsOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(accountSettings, "", "  ")
    fmt.Println(string(b))
  •       GetAccountSettingsOptions getAccountSettingsOptions = new GetAccountSettingsOptions.Builder()
              .accountId(accountID)
              .build();
    
          Response<AccountSettings> response = contextBasedRestrictionsService.getAccountSettings(getAccountSettingsOptions).execute();
          AccountSettings accountSettings = response.getResult();
    
          System.out.println(accountSettings);
    GetAccountSettingsOptions getAccountSettingsOptions = new GetAccountSettingsOptions.Builder()
      .accountId(accountId)
      .build();
    
    Response<AccountSettings> response = ibmCloudShellService.getAccountSettings(getAccountSettingsOptions).execute();
    AccountSettings accountSettings = response.getResult();
    
    System.out.println(accountSettings);
    
    GetAccountSettingsOptions getAccountSettingsOptions = new GetAccountSettingsOptions.Builder()
      .accountId(testAccountId)
      .build();
    
    Response<AccountSettings> response = iamAccessGroupsService.getAccountSettings(getAccountSettingsOptions).execute();
    AccountSettings accountSettings = response.getResult();
    
    System.out.println(accountSettings);
  • const params = {
      accountId: testAccountId,
    };
    
    try {
      const res = await iamAccessGroupsService.getAccountSettings(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
    
    
    const params = {
      accountId: accountId,
    };
    
    try {
      const res = await ibmCloudShellService.getAccountSettings(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err)
    }
    
    
    const params = {
      accountId,
    };
    
    try {
      const res = await contextBasedRestrictionsService.getAccountSettings(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • response = iam_access_groups_service.get_account_settings(
      account_id=test_account_id,
    )
    account_settings = response.get_result()
    
    print(json.dumps(account_settings, indent=2))
    
    
    response = context_based_restrictions_service.get_account_settings(
      account_id=account_id,
    )
    account_settings = response.get_result()
    
    print(json.dumps(account_settings, indent=2))
    
    
    account_settings = ibm_cloud_shell_service.get_account_settings(account_id=account_id).get_result()
    
    print(json.dumps(account_settings, indent=2))

Response

An output account settings

An output account settings.

An output account settings.

An output account settings.

An output account settings.

Status Code

  • The account settings were successfully retrieved.

  • The account settings could not be retrieved due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • The supplied authentication is not authorized to perform the operation.

  • Too Many Requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "id": "cbrAccountSettings-12ab34cd56ef78ab90cd12ef34ab56cd",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::account-settings:",
      "zone_count_limit": 500,
      "rule_count_limit": 4020,
      "tags_rule_count_limit": 500,
      "current_zone_count": 123,
      "current_rule_count": 234,
      "current_tags_rule_count": 45,
      "href": "https://cbr.cloud.ibm.com/v1/account_settings/12ab34cd56ef78ab90cd12ef34ab56cd"
    }
  • {
      "id": "cbrAccountSettings-12ab34cd56ef78ab90cd12ef34ab56cd",
      "crn": "crn:v1:bluemix:public:context-based-restrictions:global:a/12ab34cd56ef78ab90cd12ef34ab56cd::account-settings:",
      "zone_count_limit": 500,
      "rule_count_limit": 4020,
      "tags_rule_count_limit": 500,
      "current_zone_count": 123,
      "current_rule_count": 234,
      "current_tags_rule_count": 45,
      "href": "https://cbr.cloud.ibm.com/v1/account_settings/12ab34cd56ef78ab90cd12ef34ab56cd"
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"account_id\" in path has an error.",
          "target": {
            "name": "account_id",
            "type": "parameter",
            "value": "an-invalid-account-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"account_id\" in path has an error.",
          "target": {
            "name": "account_id",
            "type": "parameter",
            "value": "an-invalid-account-id"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 403,
      "errors": [
        {
          "code": "request_not_authorized",
          "message": "The request could not be authorized."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "store_unavailable_error",
          "message": "The store is currently unavailable. Try again later."
        }
      ]
    }

List available service operations

This operation lists all available service operations.

This operation lists all available service operations.

This operation lists all available service operations.

This operation lists all available service operations.

This operation lists all available service operations.

GET /v1/operations
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListAvailableServiceOperations(listAvailableServiceOperationsOptions *ListAvailableServiceOperationsOptions) (result *OperationsList, response *core.DetailedResponse, err error)
(contextBasedRestrictions *ContextBasedRestrictionsV1) ListAvailableServiceOperationsWithContext(ctx context.Context, listAvailableServiceOperationsOptions *ListAvailableServiceOperationsOptions) (result *OperationsList, response *core.DetailedResponse, err error)
ServiceCall<OperationsList> listAvailableServiceOperations(ListAvailableServiceOperationsOptions listAvailableServiceOperationsOptions)
listAvailableServiceOperations(params)
list_available_service_operations(
        self,
        *,
        x_correlation_id: Optional[str] = None,
        transaction_id: Optional[str] = None,
        service_name: Optional[str] = None,
        service_group_id: Optional[str] = None,
        resource_type: Optional[str] = None,
        **kwargs,
    ) -> DetailedResponse

Request

Instantiate the ListAvailableServiceOperationsOptions struct and set the fields to provide parameter values for the ListAvailableServiceOperations method.

Use the ListAvailableServiceOperationsOptions.Builder to create a ListAvailableServiceOperationsOptions object that contains the parameter values for the listAvailableServiceOperations method.

Custom Headers

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression ^[a-zA-Z0-9 ,\-_]+$

Query Parameters

  • The name of the service.

    Possible values: Value must match regular expression ^[-0-9a-z]+$

  • The id of the service group.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[a-zA-Z0-9]+$

  • The type of resource.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression ^[\S\s]+$

WithContext method only

The ListAvailableServiceOperations options.

The listAvailableServiceOperations options.

parameters

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The name of the service.

    Possible values: Value must match regular expression /^[-0-9a-z]+$/

  • The id of the service group.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9]+$/

  • The type of resource.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[\\S\\s]+$/

parameters

  • The supplied or generated value of this header is logged for a request and repeated in a response header for the corresponding response. The same value is used for downstream requests and retries of those requests. If a value of this headers is not supplied in a request, the service generates a random (version 4) UUID.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The Transaction-Id header behaves as the X-Correlation-Id header. It is supported for backward compatibility with other IBM platform services that support the Transaction-Id header only. If both X-Correlation-Id and Transaction-Id are provided, X-Correlation-Id has the precedence over Transaction-Id.

    Possible values: 1 ≤ length ≤ 1024, Value must match regular expression /^[a-zA-Z0-9 ,\\-_]+$/

  • The name of the service.

    Possible values: Value must match regular expression /^[-0-9a-z]+$/

  • The id of the service group.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[a-zA-Z0-9]+$/

  • The type of resource.

    Possible values: 1 ≤ length ≤ 128, Value must match regular expression /^[\\S\\s]+$/

  • curl -X GET --location --header "Authorization: Bearer {iam_token}"   --header "Accept: application/json"   "https://cbr.cloud.ibm.com/v1/operations?service_name={service_name}"
  • listAvailableServiceOperationsOptions := contextBasedRestrictionsService.NewListAvailableServiceOperationsOptions()
    listAvailableServiceOperationsOptions.SetServiceName("containers-kubernetes")
    
    operationsList, response, err := contextBasedRestrictionsService.ListAvailableServiceOperations(listAvailableServiceOperationsOptions)
    if err != nil {
      panic(err)
    }
    b, _ := json.MarshalIndent(operationsList, "", "  ")
    fmt.Println(string(b))
  • ListAvailableServiceOperationsOptions listAvailableServiceOperationsOptions = new ListAvailableServiceOperationsOptions.Builder()
      .serviceName("containers-kubernetes")
      .build();
    
    Response<OperationsList> response = contextBasedRestrictionsService.listAvailableServiceOperations(listAvailableServiceOperationsOptions).execute();
    OperationsList operationsList = response.getResult();
    
    System.out.println(operationsList);
  • const params = {
      serviceName: 'containers-kubernetes',
    };
    
    let res;
    try {
      res = await contextBasedRestrictionsService.listAvailableServiceOperations(params);
      console.log(JSON.stringify(res.result, null, 2));
    } catch (err) {
      console.warn(err);
    }
  • operations_list = context_based_restrictions_service.list_available_service_operations(
      service_name='containers-kubernetes'
    ).get_result()
    
    print(json.dumps(operations_list, indent=2))

Response

The response object of the list_available_service_operations operation.

The response object of the list_available_service_operations operation.

The response object of the list_available_service_operations operation.

The response object of the list_available_service_operations operation.

The response object of the list_available_service_operations operation.

Status Code

  • The service operations were successfully retrieved.

  • The service operations could not be retrieved due to an invalid or missing input parameter.

  • You are not authorized to make this request. The token is either missing, invalid, or expired.

  • Too many requests.

  • A backend service required to complete the operation is unavailable. Try again later.

Example responses
  • {
      "api_types": [
        {
          "actions": [
            {
              "action_id": "codeengine.computeenvironment.create",
              "description": "Allows you to create a Code Engine Compute Environment."
            },
            {
              "action_id": "codeengine.computeenvironment.delete",
              "description": "Allows you to delete compute environments."
            },
            {
              "action_id": "codeengine.computeenvironment.projects.create",
              "description": "Allows you to create projects in this compute environment."
            },
            {
              "action_id": "codeengine.computeenvironment.projects.delete",
              "description": "Allows you to delete projects in this compute environment."
            },
            {
              "action_id": "codeengine.config.read",
              "description": "Configuration Information Point API access"
            },
            {
              "action_id": "codeengine.dashboard.view",
              "description": "View Dashboard"
            },
            {
              "action_id": "codeengine.tenant.entities.create",
              "description": "Create project contents, such as applications, job definitions, and jobs"
            },
            {
              "action_id": "codeengine.tenant.entities.delete",
              "description": "Delete existing items from within a project"
            },
            {
              "action_id": "codeengine.tenant.entities.read",
              "description": "List and view existing items within a project"
            },
            {
              "action_id": "codeengine.tenant.entities.update",
              "description": "Modify existing items already contained by a project, such as applications, jobs, or job definitions.  This does not include the ability to create or delete these items."
            },
            {
              "action_id": "codeengine.tenant.read",
              "description": "View project details"
            }
          ],
          "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
          "description": "Protects all service APIs.",
          "display_name": "All",
          "enforcement_modes": [
            "disabled",
            "enabled",
            "report"
          ],
          "type": "service"
        },
        {
          "actions": [
            {
              "action_id": "global-search-tagging.tag.attach-access-tag",
              "description": "The ability to attach access management tags to a resource"
            },
            {
              "action_id": "global-search-tagging.tag.attach-user-tag",
              "description": "The ability to attach a user tag to the resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-access-tag",
              "description": "The ability to detach access management tags from a resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-user-tag",
              "description": "The ability to detach a user tag from the resource"
            },
            {
              "action_id": "resource-controller.alias.create",
              "description": "The ability to create aliases."
            },
            {
              "action_id": "resource-controller.alias.delete",
              "description": "The ability to delete existing aliases."
            },
            {
              "action_id": "resource-controller.alias.retrieve",
              "description": "The ability to see aliases."
            },
            {
              "action_id": "resource-controller.alias.update",
              "description": "The ability to update or edit existing aliases."
            },
            {
              "action_id": "resource-controller.binding.create",
              "description": "The ability to create bindings."
            },
            {
              "action_id": "resource-controller.binding.delete",
              "description": "The ability to delete existing bindings."
            },
            {
              "action_id": "resource-controller.binding.retrieve",
              "description": "The ability to see bindings."
            },
            {
              "action_id": "resource-controller.binding.update",
              "description": "The ability to update or edit existing bindings."
            },
            {
              "action_id": "resource-controller.credential.retrieve_all",
              "description": "The ability to retrieve all credentials for instances."
            },
            {
              "action_id": "resource-controller.instance.create",
              "description": "The ability to create instances."
            },
            {
              "action_id": "resource-controller.instance.delete",
              "description": "The ability to delete existing instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve",
              "description": "The ability to see instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve_history",
              "description": "The ability to see the history for instances."
            },
            {
              "action_id": "resource-controller.instance.update",
              "description": "The ability to update or edit existing instances."
            },
            {
              "action_id": "resource-controller.instance.update_plan",
              "description": "The ability to update the plan or configuration of existing instances."
            },
            {
              "action_id": "resource-controller.key.create",
              "description": "The ability to create keys."
            },
            {
              "action_id": "resource-controller.key.delete",
              "description": "The ability to delete existing keys."
            },
            {
              "action_id": "resource-controller.key.manager_create",
              "description": "The ability to create keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_delete",
              "description": "The ability to delete existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_retrieve",
              "description": "The ability to retrieve keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_update",
              "description": "The ability to update or edit existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.retrieve",
              "description": "The ability to retrieve keys."
            },
            {
              "action_id": "resource-controller.key.update",
              "description": "The ability to update or edit existing keys."
            }
          ],
          "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
          "description": "Protects all platform APIs.",
          "display_name": "All",
          "enforcement_modes": [
            "disabled",
            "enabled",
            "report"
          ],
          "type": "platform"
        },
        {
          "actions": [
            {
              "action_id": "global-search-tagging.tag.attach-access-tag",
              "description": "The ability to attach access management tags to a resource"
            },
            {
              "action_id": "global-search-tagging.tag.attach-user-tag",
              "description": "The ability to attach a user tag to the resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-access-tag",
              "description": "The ability to detach access management tags from a resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-user-tag",
              "description": "The ability to detach a user tag from the resource"
            },
            {
              "action_id": "resource-controller.alias.create",
              "description": "The ability to create aliases."
            },
            {
              "action_id": "resource-controller.alias.delete",
              "description": "The ability to delete existing aliases."
            },
            {
              "action_id": "resource-controller.alias.retrieve",
              "description": "The ability to see aliases."
            },
            {
              "action_id": "resource-controller.alias.update",
              "description": "The ability to update or edit existing aliases."
            },
            {
              "action_id": "resource-controller.binding.create",
              "description": "The ability to create bindings."
            },
            {
              "action_id": "resource-controller.binding.delete",
              "description": "The ability to delete existing bindings."
            },
            {
              "action_id": "resource-controller.binding.retrieve",
              "description": "The ability to see bindings."
            },
            {
              "action_id": "resource-controller.binding.update",
              "description": "The ability to update or edit existing bindings."
            },
            {
              "action_id": "resource-controller.credential.retrieve_all",
              "description": "The ability to retrieve all credentials for instances."
            },
            {
              "action_id": "resource-controller.instance.create",
              "description": "The ability to create instances."
            },
            {
              "action_id": "resource-controller.instance.delete",
              "description": "The ability to delete existing instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve",
              "description": "The ability to see instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve_history",
              "description": "The ability to see the history for instances."
            },
            {
              "action_id": "resource-controller.instance.update",
              "description": "The ability to update or edit existing instances."
            },
            {
              "action_id": "resource-controller.instance.update_plan",
              "description": "The ability to update the plan or configuration of existing instances."
            },
            {
              "action_id": "resource-controller.key.create",
              "description": "The ability to create keys."
            },
            {
              "action_id": "resource-controller.key.delete",
              "description": "The ability to delete existing keys."
            },
            {
              "action_id": "resource-controller.key.manager_create",
              "description": "The ability to create keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_delete",
              "description": "The ability to delete existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_retrieve",
              "description": "The ability to retrieve keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_update",
              "description": "The ability to update or edit existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.retrieve",
              "description": "The ability to retrieve keys."
            },
            {
              "action_id": "resource-controller.key.update",
              "description": "The ability to update or edit existing keys."
            }
          ],
          "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:resource-management",
          "description": "Protects access to platform APIs related to resource instances such as attaching tags and managing service credentials.",
          "display_name": "Resource Management",
          "enforcement_modes": [
            "disabled",
            "enabled",
            "report"
          ],
          "type": "platform"
        }
      ]
    }
  • {
      "api_types": [
        {
          "actions": [
            {
              "action_id": "codeengine.computeenvironment.create",
              "description": "Allows you to create a Code Engine Compute Environment."
            },
            {
              "action_id": "codeengine.computeenvironment.delete",
              "description": "Allows you to delete compute environments."
            },
            {
              "action_id": "codeengine.computeenvironment.projects.create",
              "description": "Allows you to create projects in this compute environment."
            },
            {
              "action_id": "codeengine.computeenvironment.projects.delete",
              "description": "Allows you to delete projects in this compute environment."
            },
            {
              "action_id": "codeengine.config.read",
              "description": "Configuration Information Point API access"
            },
            {
              "action_id": "codeengine.dashboard.view",
              "description": "View Dashboard"
            },
            {
              "action_id": "codeengine.tenant.entities.create",
              "description": "Create project contents, such as applications, job definitions, and jobs"
            },
            {
              "action_id": "codeengine.tenant.entities.delete",
              "description": "Delete existing items from within a project"
            },
            {
              "action_id": "codeengine.tenant.entities.read",
              "description": "List and view existing items within a project"
            },
            {
              "action_id": "codeengine.tenant.entities.update",
              "description": "Modify existing items already contained by a project, such as applications, jobs, or job definitions.  This does not include the ability to create or delete these items."
            },
            {
              "action_id": "codeengine.tenant.read",
              "description": "View project details"
            }
          ],
          "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::api-type:",
          "description": "Protects all service APIs.",
          "display_name": "All",
          "enforcement_modes": [
            "disabled",
            "enabled",
            "report"
          ],
          "type": "service"
        },
        {
          "actions": [
            {
              "action_id": "global-search-tagging.tag.attach-access-tag",
              "description": "The ability to attach access management tags to a resource"
            },
            {
              "action_id": "global-search-tagging.tag.attach-user-tag",
              "description": "The ability to attach a user tag to the resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-access-tag",
              "description": "The ability to detach access management tags from a resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-user-tag",
              "description": "The ability to detach a user tag from the resource"
            },
            {
              "action_id": "resource-controller.alias.create",
              "description": "The ability to create aliases."
            },
            {
              "action_id": "resource-controller.alias.delete",
              "description": "The ability to delete existing aliases."
            },
            {
              "action_id": "resource-controller.alias.retrieve",
              "description": "The ability to see aliases."
            },
            {
              "action_id": "resource-controller.alias.update",
              "description": "The ability to update or edit existing aliases."
            },
            {
              "action_id": "resource-controller.binding.create",
              "description": "The ability to create bindings."
            },
            {
              "action_id": "resource-controller.binding.delete",
              "description": "The ability to delete existing bindings."
            },
            {
              "action_id": "resource-controller.binding.retrieve",
              "description": "The ability to see bindings."
            },
            {
              "action_id": "resource-controller.binding.update",
              "description": "The ability to update or edit existing bindings."
            },
            {
              "action_id": "resource-controller.credential.retrieve_all",
              "description": "The ability to retrieve all credentials for instances."
            },
            {
              "action_id": "resource-controller.instance.create",
              "description": "The ability to create instances."
            },
            {
              "action_id": "resource-controller.instance.delete",
              "description": "The ability to delete existing instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve",
              "description": "The ability to see instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve_history",
              "description": "The ability to see the history for instances."
            },
            {
              "action_id": "resource-controller.instance.update",
              "description": "The ability to update or edit existing instances."
            },
            {
              "action_id": "resource-controller.instance.update_plan",
              "description": "The ability to update the plan or configuration of existing instances."
            },
            {
              "action_id": "resource-controller.key.create",
              "description": "The ability to create keys."
            },
            {
              "action_id": "resource-controller.key.delete",
              "description": "The ability to delete existing keys."
            },
            {
              "action_id": "resource-controller.key.manager_create",
              "description": "The ability to create keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_delete",
              "description": "The ability to delete existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_retrieve",
              "description": "The ability to retrieve keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_update",
              "description": "The ability to update or edit existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.retrieve",
              "description": "The ability to retrieve keys."
            },
            {
              "action_id": "resource-controller.key.update",
              "description": "The ability to update or edit existing keys."
            }
          ],
          "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:",
          "description": "Protects all platform APIs.",
          "display_name": "All",
          "enforcement_modes": [
            "disabled",
            "enabled",
            "report"
          ],
          "type": "platform"
        },
        {
          "actions": [
            {
              "action_id": "global-search-tagging.tag.attach-access-tag",
              "description": "The ability to attach access management tags to a resource"
            },
            {
              "action_id": "global-search-tagging.tag.attach-user-tag",
              "description": "The ability to attach a user tag to the resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-access-tag",
              "description": "The ability to detach access management tags from a resource"
            },
            {
              "action_id": "global-search-tagging.tag.detach-user-tag",
              "description": "The ability to detach a user tag from the resource"
            },
            {
              "action_id": "resource-controller.alias.create",
              "description": "The ability to create aliases."
            },
            {
              "action_id": "resource-controller.alias.delete",
              "description": "The ability to delete existing aliases."
            },
            {
              "action_id": "resource-controller.alias.retrieve",
              "description": "The ability to see aliases."
            },
            {
              "action_id": "resource-controller.alias.update",
              "description": "The ability to update or edit existing aliases."
            },
            {
              "action_id": "resource-controller.binding.create",
              "description": "The ability to create bindings."
            },
            {
              "action_id": "resource-controller.binding.delete",
              "description": "The ability to delete existing bindings."
            },
            {
              "action_id": "resource-controller.binding.retrieve",
              "description": "The ability to see bindings."
            },
            {
              "action_id": "resource-controller.binding.update",
              "description": "The ability to update or edit existing bindings."
            },
            {
              "action_id": "resource-controller.credential.retrieve_all",
              "description": "The ability to retrieve all credentials for instances."
            },
            {
              "action_id": "resource-controller.instance.create",
              "description": "The ability to create instances."
            },
            {
              "action_id": "resource-controller.instance.delete",
              "description": "The ability to delete existing instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve",
              "description": "The ability to see instances."
            },
            {
              "action_id": "resource-controller.instance.retrieve_history",
              "description": "The ability to see the history for instances."
            },
            {
              "action_id": "resource-controller.instance.update",
              "description": "The ability to update or edit existing instances."
            },
            {
              "action_id": "resource-controller.instance.update_plan",
              "description": "The ability to update the plan or configuration of existing instances."
            },
            {
              "action_id": "resource-controller.key.create",
              "description": "The ability to create keys."
            },
            {
              "action_id": "resource-controller.key.delete",
              "description": "The ability to delete existing keys."
            },
            {
              "action_id": "resource-controller.key.manager_create",
              "description": "The ability to create keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_delete",
              "description": "The ability to delete existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_retrieve",
              "description": "The ability to retrieve keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.manager_update",
              "description": "The ability to update or edit existing keys by KeyManager."
            },
            {
              "action_id": "resource-controller.key.retrieve",
              "description": "The ability to retrieve keys."
            },
            {
              "action_id": "resource-controller.key.update",
              "description": "The ability to update or edit existing keys."
            }
          ],
          "api_type_id": "crn:v1:bluemix:public:context-based-restrictions::::platform-api-type:resource-management",
          "description": "Protects access to platform APIs related to resource instances such as attaching tags and managing service credentials.",
          "display_name": "Resource Management",
          "enforcement_modes": [
            "disabled",
            "enabled",
            "report"
          ],
          "type": "platform"
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"service_name\" in query has an error.",
          "target": {
            "name": "service_name",
            "type": "parameter",
            "value": "an_invalid_service_name"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 400,
      "errors": [
        {
          "code": "parameter_error",
          "message": "The parameter \"service_name\" in query has an error.",
          "target": {
            "name": "service_name",
            "type": "parameter",
            "value": "an_invalid_service_name"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 401,
      "errors": [
        {
          "code": "invalid_auth_token",
          "message": "The token failed to validate.",
          "target": {
            "name": "Authorization",
            "type": "header"
          }
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 429,
      "errors": [
        {
          "code": "too_many_requests",
          "message": "The client has sent too many requests in a given amount of time."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "backend_service_unavailable",
          "message": "Unexpected error retrieving service definition."
        }
      ]
    }
  • {
      "trace": "b05ed07e-c4d9-4285-841c-1e954c0b4a0e",
      "status_code": 503,
      "errors": [
        {
          "code": "backend_service_unavailable",
          "message": "Unexpected error retrieving service definition."
        }
      ]
    }
id=javaclassName=tab-item-selected