Altostrat Studio is here — the AI-native network operations IDE for engineers running production. Terminal, diagrams, runbooks, and Copilot in one workspace. Get started →
Getting Started
Platform & Identity
Device Management & Orchestration
Automation & AI
Network Services & Connectivity
Security & Threat Management
Monitoring & Analytics
Core Services & Utilities
curl --request POST \
--url https://v1.api.altostrat.io/control-plane/policies \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"name": "Branch Office Policy",
"trusted_networks": [
"10.100.0.0/16"
],
"winbox": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ssh": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"http": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"https": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"telnet": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ftp": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api_ssl": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"custom_input_rules": true,
"sites": [
"d290f1ee-6c54-4b01-90e6-d701748f0851"
]
}
'{
"id": "a1b2c3d4-e5f6-7890-1234-567890abcdef",
"name": "Default Corporate Policy",
"slug": "default-corporate-policy-a1b2c3d4e5",
"default": true,
"custom_input_rules": true,
"trusted_networks": [
"10.0.0.0/8"
],
"winbox": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ssh": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"http": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"https": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"telnet": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ftp": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api_ssl": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"sites": [
"d290f1ee-6c54-4b01-90e6-d701748f0851"
],
"created_at": "2025-10-29T01:00:00Z",
"updated_at": "2025-10-29T02:30:00Z"
}Create a policy
Creates a new security policy. You can define rules for services like Winbox, SSH, and HTTP/S, including which networks are allowed to access them.
curl --request POST \
--url https://v1.api.altostrat.io/control-plane/policies \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"name": "Branch Office Policy",
"trusted_networks": [
"10.100.0.0/16"
],
"winbox": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ssh": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"http": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"https": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"telnet": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ftp": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api_ssl": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"custom_input_rules": true,
"sites": [
"d290f1ee-6c54-4b01-90e6-d701748f0851"
]
}
'{
"id": "a1b2c3d4-e5f6-7890-1234-567890abcdef",
"name": "Default Corporate Policy",
"slug": "default-corporate-policy-a1b2c3d4e5",
"default": true,
"custom_input_rules": true,
"trusted_networks": [
"10.0.0.0/8"
],
"winbox": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ssh": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"http": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"https": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"telnet": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"ftp": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"api_ssl": {
"enabled": true,
"port": 8291,
"networks": [
"198.51.100.0/24"
]
},
"sites": [
"d290f1ee-6c54-4b01-90e6-d701748f0851"
],
"created_at": "2025-10-29T01:00:00Z",
"updated_at": "2025-10-29T02:30:00Z"
}Documentation Index
Fetch the complete documentation index at: https://altostrat.io/docs/llms.txt
Use this file to discover all available pages before exploring further.
Authorizations
Enter your JWT bearer token.
Body
A human-readable name for the policy.
100"Branch Office Policy"
A list of CIDR networks that are considered trusted across all services in this policy.
A valid IPv4 CIDR notation.
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Whether custom input rules are being used.
true
An array of Site UUIDs to apply this policy to upon creation or update.
["d290f1ee-6c54-4b01-90e6-d701748f0851"]
Response
The newly created policy object.
The unique identifier for the policy.
"a1b2c3d4-e5f6-7890-1234-567890abcdef"
A human-readable name for the policy.
"Default Corporate Policy"
A unique, URL-friendly identifier for the policy.
"default-corporate-policy-a1b2c3d4e5"
Whether this is the default policy for the workspace.
true
Whether custom input rules are being used.
true
A list of CIDR networks that are considered trusted across all services in this policy.
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
Show child attributes
A list of Site UUIDs that this policy is applied to.
["d290f1ee-6c54-4b01-90e6-d701748f0851"]
The timestamp when the policy was created.
"2025-10-29T01:00:00Z"
The timestamp when the policy was last updated.
"2025-10-29T02:30:00Z"
Was this page helpful?