Modifying Ransomware Protection Policies

Function

This API is used to modify ransomware protection policies.

URI

PUT /v5/{project_id}/ransomware/protection/policy

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
enterprise_project_id	No	String	Enterprise project ID. To query all enterprise projects, set this parameter to all_granted_eps.

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	IAM token. It can be obtained by calling the IAM API used to obtain an IAM token. The value of X-Subject-Token in the response header is a token.
region	Yes	String	Region ID

**Table 4** Request body parameters
Parameter	Mandatory	Type	Description
policy_id	Yes	String	Policy ID
policy_name	Yes	String	Policy name
protection_mode	Yes	String	Action. Its value can be: alarm_and_isolation: Report an alarm and isolate. alarm_only: Only report alarms.
bait_protection_status	Yes	String	Whether to enable honeypot protection. By default, the protection is enabled. Its value can be: opened closed
protection_directory	Yes	String	Protected directory. Separate multiple directories with semicolons (;). You can configure up to 20 directories.
protection_type	Yes	String	Protected file type, for example, .docx, .txt, and .avi.
exclude_directory	No	String	(Optional) Excluded directory. Separate multiple directories with semicolons (;). You can configure up to 20 directories.
agent_id_list	No	Array of strings	Specifies the IDs of agents for which the ransomware protection policy is enabled.
operating_system	Yes	String	OSs supported by the policy. The options are as follows: Windows Linux
runtime_detection_status	No	String	Whether to perform runtime checks. The options are as follows. Currently, it can only be disabled. This field is reserved. opened closed

Response Parameters

Status code: 200

success

None

Example Requests

Modify the ransomware protection policy. Set the OS type to Linux, protection policy ID to 0253edfd-30e7-439d-8f3f-17c54c997064, and protection action to alert only.

PUT https://{endpoint}/v5/{project_id}/ransomware/protection/policy

{
  "bait_protection_status" : "opened",
  "exclude_directory" : "",
  "operating_system" : "Linux",
  "policy_id" : "0253edfd-30e7-439d-8f3f-17c54c997064",
  "policy_name" : "aaa",
  "protection_mode" : "alarm_only",
  "protection_directory" : "/root",
  "runtime_detection_status" : "closed",
  "agent_id_list" : [ "" ]
}

Example Responses

None

Status Codes

Status Code	Description
200	success

Error Codes

See Error Codes.

Parent Topic: Ransomware Prevention

Previous topic: Querying the Protection Policy List of Ransomware

Next topic: Disabling Ransomware Prevention

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.

The system is busy. Please try again later.