POST /organizations/{organizationId}/policyObjects

SOLVED
Austin_Campbell
Getting noticed

POST /organizations/{organizationId}/policyObjects

I am creating a script to move policy objects from one org to another but I am receiving this error {"errors":["The following required parameters are missing: 'name', 'category' and 'type'"]} I am able to move one policy object at a time successfully but I receive the error when moving multiple. I have added a sample of my json file below. I believe my issue is that "objects" is not the right syntax for posting multiple policy objects. I was  able to find documentation from the 1.8.0 beta changelog but it only shows an example for posting one policy object at a time. Any additional information is much appreciated.

 

{
"objects": [
{
"id": "24",
"name": "xx-ISE-26",
"type": "cidr",
"category": "network",
"createdAt": "2020-09-11T20:26:34Z",
"updatedAt": "2021-03-08T16:25:35Z",
"cidr": "x.x.x.x",
"groupIds": [],
"networkIds": []
},
{
"id": "25",
"name": "xxx-ISE-26",
"type": "cidr",
"category": "network",
"createdAt": "2020-09-11T20:26:41Z",
"updatedAt": "2021-03-08T16:26:00Z",
"cidr": "x.x.x.x",
"groupIds": [],
"networkIds": []

 

1 ACCEPTED SOLUTION

I moved the policy objects one at a time to the other org per the existing documentation. Please update the documentation to reflect the method of posting multiple policy objects at once or if this is not possible please let the dev team know this is something that needs to be looked into. Moving 100+ policy objects one at a time is not ideal.  

View solution in original post

5 REPLIES 5
Inderdeep
Kind of a big deal

@Austin_Campbell : This is what you see ?

Inderdeep_0-1620848696215.png

 

Regards
Inderdeep Singh
www.thenetworkdna.com ( Awarded by Cisco IT Blogs award 2020)

I have seen the documentation you have listed above but the specific documentation I was referring to was this. I could not find this endpoint in postman or the python sdk I am guessing because it is in beta.

Austin_Campbell_0-1620848854812.png

 

PhilipDAth
Kind of a big deal

Whatever format the json is in when you retrieve the objects from the source organisation should be the same for adding it to the destination domain.

I used a get from one of our orgs cleaned it up so we did not have any overlapping ids or names and then tried to post it. Only the first policy object in the list is created in the org. I know for other endpoints such as l3 firewalls you have to add "rules" : in front of the rest of the .json or only the first rule is added. For example. 

{
"rules": [

{
"comment": "Deny DNS",
"policy": "deny",
"protocol": "any",
"srcPort": "Any",
"srcCidr": "Any",
"destPort": "Any",
"destCidr": "GRP(85)",
"syslogEnabled": true
},
{
"comment": "NTP",
"policy": "allow",
"protocol": "udp",
"srcPort": "Any",
"srcCidr": "Any",
"destPort": "123",
"destCidr": "Any",
"syslogEnabled": true
},

 This will add all rules in my .json file. 

 

[
{
"comment": "Deny DNS",
"policy": "deny",
"protocol": "any",
"srcPort": "Any",
"srcCidr": "Any",
"destPort": "Any",
"destCidr": "GRP(85)",
"syslogEnabled": true
},
{
"comment": "NTP",
"policy": "allow",
"protocol": "udp",
"srcPort": "Any",
"srcCidr": "Any",
"destPort": "123",
"destCidr": "Any",
"syslogEnabled": true
},  

This will only add the rule at the top of the list.

 

Is there a qualifier such as "rules" for the post policyObjects endpoint? I am able to obtain the correct syntax for most calls through meraki postman but since policy objects is in beta as well as the endpoints for it this documentation is not readily available.

I moved the policy objects one at a time to the other org per the existing documentation. Please update the documentation to reflect the method of posting multiple policy objects at once or if this is not possible please let the dev team know this is something that needs to be looked into. Moving 100+ policy objects one at a time is not ideal.  

View solution in original post

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.