Skip to main content

GET /compliancePolicies

Use this method to export a firmware-update compliance policy or retrieve basic or detailed information for a specified compliance policy or all policies. The basic information includes the name, last modified, and description. The detailed information includes the target versions and information about the firmware-update packages.

Authentication

Authentication with username and password is required.

Request URL

GET https://{management_server_IP}/compliancePolicies

Query parameters

ParametersRequired / OptionalDescription
basic_full={type}OptionalReturns the specified type of information. This can be one of the following values.
  • basic. Returns basic information for the compliance policy.
  • full. Returns detailed information for the compliance policy.
exportDownload={file_name}OptionalDownloads the specified compliance policy as a .zip file to your local system
policyname_all={policy_name}OptionalReturns information about the specified compliance policy. If the value is empty, information is returned for all compliance policies.
refresh={Boolean}OptionalIndicates whether to refresh the compliance-policy data before returning the results. This can be one of the following values.
  • true. Refreshes the compliance-policy data.
  • false. (default) Does not refresh the compliance policy data.
The following example refreshes the compliance-policy data and then returns basic information about all compliance policies.
GET https://{management_server_IP}/compliancePolicies?basic_full=basic
&policyname_all=&refresh=false

Response codes

CodeDescriptionComments
200OKThe request completed successfully.
400Bad RequestA query parameter or request attribute is missing or not valid, or the operation is not supported. A descriptive error message is returned in the response body.
403ForbiddenThe orchestrator server was prevented from fulfilling the request. A descriptive error message is returned in the response body. Ensure that you have privileges to perform the request.
409ConflictThere is a conflict with the current state of the resource. A descriptive error message is returned in the response body.
500Internal Server ErrorAn internal error occurred. A descriptive error message is returned in the response body.

Response body

Table 1. Basic information for compliance policies.
AttributesTypeDescription
policiesArrayInformation about the compliance policy
 idStringCompliance policy ID
 allPackageExistenceBooleanIndicates whether the firmware packages exist in the updates repository. This can be one of the following values.
  • true
  • false
 descriptionStringCompliance policy description
 deviceslistArray of stringsList of IDs of devices to which the policy is assigned
 inUseBooleanIdentifies whether the compliance policy is in use. This can be one of the following values.
  • true. The compliance policy is in use.
  • false. The compliance policy is not in use.
 filterTypeStringFilter type. This can be one of the following values.
  • all. All supported machine types

  • managed. Only managed machine types.

 lastActionStringLast action that was performed on the compliance policy. This can be one of the following values.
  • Predefined. The compliance policy is predefined.

  • Created by {user_name}. The user-defined compliance policy was created by the specified user.

  • Edited by <user_name}. The user-defined compliance policy was edited by the specified user.

 lastEditedStringTimestamp of the last change to the compliance policy
 lastModifiedStringTimestamp of the last change to the compliance policy
 nameStringCompliance policy name
 updateRuleStringInternal use only
 userDefinedStringIdentifies whether the compliance policy is user-defined. This can be one of the following values.
  • yes. The compliance policy is user-defined.
  • no. The compliance policy is predefined.
This example response is returned if the request is successful when the basic_full=basic query parameter is specified and the policyname_all query parameter is not specified.
{
"policies": [{
"id": "1724142913994",
"allPackageExistence": false,
"description": "",
"deviceslist": [],
"filterType": "all",
"inUse": "false",
"lastAction": "Edited by USERID",
"lastEdited": "2024-08-20T08:35:13Z",
"lastModified": "This policy was edited by USERID on 2024-08-20T08:35:13Z",
"name": "test",
"updateRule": "",
"userDefined": "yes"
}]
}
Table 2. Detailed information for compliance policies.
AttributesTypeDescription
policiesArrayInformation about the compliance policy
 idStringCompliance policy ID
 allPackageExistenceBooleanIndicates whether the firmware packages exist in the updates repository. This can be one of the following values.
  • true
  • false
 descriptionStringCompliance policy description
 detailsArrayDetails about each compliance policy
  idStringSystem type used to identify the CMM. Internal use only
  baseVersionStringFor CMMs or switches, this is the fix ID of the package. For servers, the following is returned.
xxxx_utl_uxsp_xxxxxx-1.00_xxxx_32-64
  buildStringFirmware update build number
  componentsArrayInformation about each component in the firmware update package
   buildStringComponent firmware update build number.
   isDefaultStringIndicates whether the component update is the default component (the latest component update). If so, yes is returned.
   isGAStringIndicates whether the component update is the GA level version of the update. This can be one of the following values.
  • yes. Component update is the GA level

   nameStringComponent name
   packageExistenceStringIndicates whether the update exists in the firmware-updates repository. This can be one of the following values.
  • yes. Update package exists.
  • no. Update package does not exist.
   releaseDateStringRelease date of the component update
   ruleStringRule for raising a non-compliant alert. This can be one of the following values.
  • alertIfNotExactMatch. Show non-compliance when the installed version on device does not exactly match the compliance target.
  • alertIfDownlevel. Show non-compliance when the installed version on device is earlier than the compliance target.
  • noAlerting. Never show non-compliance.
   targetVersionStringFirmware level that is considered to be the baseline for the specified system type
   typeStringFor CMMs or switches, this attribute is empty. For servers, specifies the type of package. This can be one of the following values.
  • IMM
  • IMM-Backup
  • UEFI
  • UEFI-Backup
   versionStringComponent firmware update version
  isDefaultStringIndicates whether the update package is the default package (the latest package). This can be one of the following values.
  • yes. This is the default update package

  • no. This is not the default update package

  isDoNotUpdateStringIndicates whether to not update the firmware for this component. This can be one of the following values.
  • Yes. Do not update firmware on this component.
  • No. Update firmware on this component.
  isGAStringIndicates whether the package is the GA level version of the update
  isUXSPStringIndicates whether this update package is an UpdateXpress System Pack (UXSP). This can be one of the following values.
  • yes. This is a UXSP.

  • no. This is not a UXSP.

  nameStringCompliance policy name
  packageExistenceStringIndicates whether the update package exists in the firmware-updates repository. This can be one of the following values.
  • yes. Update package exists.
  • no. Update package does not exist.
  releaseDateStringFor CMMs or switches, the release date of the update package. If so, yes is returned.

For servers, this attribute is empty.

  ruleStringRule for raising a non-compliant alert. This can be one of the following values.
  • alertIfNotExactMatch. Show non-compliance when the installed version on device does not exactly match the compliance target.
  • alertIfDownlevel. Show non-compliance when the installed version on device is earlier than the compliance target.
  • noAlerting. Never show non-compliance.
  • custom. Follow the detailed rules of each firmware component.
  systemTypeStringType of device for which the policy applies
  versionStringFirmware update version
 deviceslistArray of stringsList of IDs of devices to which the policy is assigned
 filterTypeStringFilter type. This can be one of the following values.
  • all. All supported machine types

  • managed. Only managed machine types.

 inUseBooleanIdentifies whether the compliance policy is in use. This can be one of the following values.
  • true. The compliance policy is in use.
  • false. The compliance policy is not in use.
 lastActionStringLast action that was performed on the compliance policy. This can be one of the following values.
  • Predefined. The compliance policy is predefined.

  • Created by {user_name}. The user-defined compliance policy was created by the specified user.

  • Edited by {user_name}. The user-defined compliance policy was edited by the specified user.

 lastEditedStringTimestamp of the last change to the compliance policy
 lastModifiedStringTimestamp of the last change to the compliance policy
 nameStringCompliance policy name
 updateRuleStringInternal use only
 userDefinedStringIdentifies whether the compliance policy is user-defined. This can be one of the following values.
  • yes. The compliance policy is user-defined.
  • no. The compliance policy is predefined.
This example response is returned if the request is successful when the basic_full=full query parameter is not specified and the policyname_all query parameter is specified.
{
"policies": [{
"id": "1724142913994",
"allPackageExistence": false,
"description": "",
"details": [{
"id": "7162",
"baseVersion": "xxxx_utl_uxsp_xxxxxx-1.00_xxxx_32-64",
"build": "",
"components": [{
"build": "",
"isDefault": "yes",
"isGA": "no",
"name": "Integrated Management Module 2 (IMM2) Update (Backup)",
"packageExistence": "yes",
"releaseDate": "",
"rule": "alertIfDownlevel",
"targetVersion": "DoNotUpdate_SERVER_IMM2-BACKUP",
"type": "IMM-Backup",
"version": ""
},
{
"build": "TCOO75J",
"isDefault": "yes",
"isGA": "no",
"name": "Integrated Management Module 2 (IMM2) Update",
"packageExistence": "yes",
"releaseDate": "2020-12-30",
"rule": "alertIfDownlevel",
"size": 90447000,
"targetVersion": "lnvgy_fw_imm2_tcoo75j-9.00_anyos_noarch",
"type": "IMM",
"version": "9.00"
},
{
"build": "DSALB5S",
"isDefault": "yes",
"isGA": "no",
"name": "Lenovo Dynamic System Analysis (DSA) - Preboot Embedded (For AnyOS)",
"packageExistence": "yes",
"releaseDate": "2020-10-13",
"rule": "alertIfDownlevel",
"size": 241505000,
"targetVersion": "lnvgy_fw_dsa_dsalb5s-10.8_anyos_32-64",
"type": "Diagnostics",
"version": "10.8"
}],
"isDefault": "yes",
"isDoNotUpdate": "no",
"isGA": "yes",
"isUXSP": "yes",
"packageExistence": "yes"
"name": "Lenovo Flex System x240 Compute Node-7162",
"releaseDate": "",
"rule": "alertIfDownlevel",
"systemType": "7162",
"version": "",
}],
"deviceslist": [],
"filterType": "all",
"inUse": "false",
"lastAction": "Edited by USERID",
"lastEdited": "2024-08-20T08:35:13Z",
"lastModified": "This policy was edited by USERID on 2024-08-20T08:35:13Z",
"name": "test",
"updateRule": "",
"userDefined": "yes"
}]
}