Adding command control rule via REST with 3.5

How do you add a command control rule in 3.5 with the REST API? According to the REST API documentation, the POST URL is "/rest/cmdctrl/rule/{name}".  However, regardless of what I use for {name}, I get back:

{
  "vrm": "3.5.0-3",
  "status": 400,
  "message": "REST ERROR, REFER MANUAL"
}

Or are we to use PUT on "/rest/cmdctrl/Policies" to add a new rule? Seems doubtful.

And, what if your have a hierarchy of rules (e.g. Rules->UNIX (ssh)->Test Servers)? How do you add the new rule under "Test Servers" in this hierarchy?

  • I now have a Python 3 script that can successfully create a Vault entry for a server and a corresponding Command Control SSH Rule. This makes it easier for us to deploy PAM. This is all against 3.6.

    However, I am unable to create the Command Control SSH Rule. Consider the following:

    clipboard_image_1.png

    How would I add a rule under Rules->UNIX (ssh)->Test Servers? I thought I should perform a GET of "/cmdctrl/Policies", modify the resulting JSON to move the recently-added Command Control SSH Rule from Rules->[new rule] to Rules->UNIX (ssh)->Test Servers->[new rule] and then perform a PUT of "/cmdctrl/Policies" with the updated JSON but that didn't work. Should it have?