Styra API (2.0.0)
Download OpenAPI specification:Download
Styra DAS is entirely API-driven.
Access to the APIs requires authentication that should be provided as an Authorization HTTP header including a Styra DAS-issued token:
Authorization: Bearer <YOURTOKENHERE>
To request a token you need to have an Styra account, and create a token via the API Tokens menu.
Retrieve activity log
At most 256 entries returned per request. If only start_time or end_time is provided by the caller then the request defaults to 1 hour range
Request Body schema: application/jsonrequired
| class_type | string audit or activity |
| count | integer <int32> Default: 256 max count of records to return: max(4096) |
| end_time | string <date-time> filter time range end_time |
| forward | boolean Default: false search from start(true) or end(false) of table |
| request_id | string filter on matching request_id |
| start_time | string <date-time> filter time range start_time |
Responses
Request samples
- Payload
{- "class_type": "string",
- "count": 256,
- "end_time": "2019-08-24T14:15:22Z",
- "forward": false,
- "request_id": "string",
- "start_time": "2019-08-24T14:15:22Z"
}Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "data": [
- {
- "decision": {
- "input": {
- "body": { },
- "method": "string",
- "path": "string",
- "user": "string",
- "user_claims": { }
}, - "output": {
- "allow": true,
- "status": {
- "reason": "string"
}
}
}, - "duration": 0,
- "request": {
- "class": "string",
- "errors": {
- "evaluation": "string"
}, - "host": "string",
- "id": "string",
- "method": "string",
- "path": "string",
- "request_body": "string",
- "requested_by": "string",
- "requested_through": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "response": {
- "errors": {
- "processing": "string"
}, - "status_code": 0,
- "timestamp": "2019-08-24T14:15:22Z"
}
}
]
}
}Retrieve activity records
query Parameters
| cursor | string continue from cursor position of previous query |
| start_time | string minimum request time |
| end_time | string maximum request time |
| query | string search query |
| limit | integer maximum number of activity records to return |
| class | string filter response to given activity class |
| outcome | string filter by outcome type. One of (all, allowed, denied, error) |
| order | string ASC, DESC (default) |
| default_timezone | string client time zone offset e.g. -07:00, +3:00, Z. Local time expressions in query are adjusted with this offset |
| compact | boolean return only essential decision fields |
Responses
Response samples
- 200
- 400
{- "cursor": "string",
- "request_id": "string",
- "results": [
- {
- "decision": {
- "input": {
- "body": { },
- "method": "string",
- "path": "string",
- "user": "string",
- "user_claims": { }
}, - "output": {
- "allow": true,
- "status": {
- "reason": "string"
}
}
}, - "duration": 0,
- "request": {
- "class": "string",
- "errors": {
- "evaluation": "string"
}, - "host": "string",
- "id": "string",
- "method": "string",
- "path": "string",
- "request_body": "string",
- "requested_by": "string",
- "requested_through": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "response": {
- "errors": {
- "processing": "string"
}, - "status_code": 0,
- "timestamp": "2019-08-24T14:15:22Z"
}
}
]
}Retrieve activity record for given request UD
path Parameters
| id required | string.* request ID |
Responses
Response samples
- 200
- 400
{- "request_id": "string",
- "results": {
- "decision": {
- "input": {
- "body": { },
- "method": "string",
- "path": "string",
- "user": "string",
- "user_claims": { }
}, - "output": {
- "allow": true,
- "status": {
- "reason": "string"
}
}
}, - "duration": 0,
- "request": {
- "class": "string",
- "errors": {
- "evaluation": "string"
}, - "host": "string",
- "id": "string",
- "method": "string",
- "path": "string",
- "request_body": "string",
- "requested_by": "string",
- "requested_through": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "response": {
- "errors": {
- "processing": "string"
}, - "status_code": 0,
- "timestamp": "2019-08-24T14:15:22Z"
}
}
}Get current agent statuses
path Parameters
| kind required | string agent kind such as "agents", "datasources", "slps", "exporters" |
query Parameters
| system | string return only statuses for one or more system ID |
| id | string return only statuses for one or more agent ID |
| excludes | string filters keys from agent statuses (separate keys by comma, nest keys using dot notation (e.g. parentKey.nestedKey,parentKey2). lists unsupported |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": {
- "property1": { },
- "property2": { }
}
}Post agent status
path Parameters
| kind required | string agent kind such as "agents", "datasources", "slps", "exporters" |
Request Body schema: application/jsonrequired
Responses
Request samples
- Payload
{ }Response samples
- 200
{- "request_id": "string"
}Update agent status
path Parameters
| kind required | string agent kind such as "agents", "datasources", "slps", "exporters" |
| id required | string.* agent id |
Request Body schema: application/jsonrequired
Responses
Request samples
- Payload
{ }Response samples
- 200
{- "request_id": "string"
}Evaluate a list of permissions
Request Body schema: application/jsonrequired
| action required | string |
| body required | object |
| check_option required | string |
| operation required | string |
| path required | string |
Responses
Request samples
- Payload
[- {
- "action": "string",
- "body": { },
- "check_option": "string",
- "operation": "string",
- "path": "string"
}
]Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "allowed": true,
- "body": { },
- "check_option": "string",
- "eval_error": true,
- "operation": "string",
- "path": "string"
}
]
}Response samples
- 200
{- "request_id": "string",
- "result": {
- "property1": {
- "property1": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
], - "property2": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}, - "property2": {
- "property1": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
], - "property2": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}
}
}List role bindings
path Parameters
| resourcetype required | string.* resource type |
| resource required | string.* resource id |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}Delete a resource role binding
path Parameters
| resourcetype required | string.* resource type |
| resource required | string.* resource id |
| rolebinding required | string.* role binding id |
query Parameters
| recursive | string if set to 'false', only deletes the role binding configuration and does not delete associated objects |
Responses
Response samples
- 200
- 404
{- "request_id": "string"
}Get a role binding
path Parameters
| resourcetype required | string.* resource type |
| resource required | string.* resource id |
| rolebinding required | string.* role binding id |
Responses
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
}Update a role binding
path Parameters
| resourcetype required | string.* resource type |
| resource required | string.* resource id |
| rolebinding required | string.* role binding id |
Request Body schema: application/jsonrequired
| description required | string |
| id required | string |
| role_name required | string |
| subjects required | Array of strings |
Responses
Request samples
- Payload
{- "description": "string",
- "id": "string",
- "role_name": "string",
- "subjects": [
- "string"
]
}Response samples
- 200
- 404
{- "request_id": "string"
}List role bindings
query Parameters
| resource_kind | string if set returns only rolebindings involving the specified resource kind (if supplied multiple times will return rolebindings that match any of the specified resource kinds) |
| resource_id | string if set returns only rolebindings involving the specified resource id (if supplied multiple times will return rolebindings that match any of the specified resource ids) |
| role_id | string if set returns only rolebindings involving the specified role id (if supplied multiple times will return rolebindings that match any of the specified role ids) |
| subject_kind | string if set returns only rolebindings involving the specified subject kind (if supplied multiple times will return rolebindings that match any of the specified subject kinds) |
| subject_id | string if set returns only rolebindings involving the specified subject id (if supplied multiple times will return rolebindings that match any of the specified subject ids) |
| internal | boolean if set to 'true', returns only internal rolebindings |
Responses
Response samples
- 200
{- "request_id": "string",
- "rolebindings": [
- {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
]
}Create or update rolebinding
header Parameters
| If-None-Match | string if set to '*', will not update existing rolebinding |
Request Body schema: application/jsonrequired
| id | string if present, implies updating existing rolebinding in its entirety, otherwise create new |
required | object (authz.v2.ResourceFilter) |
| role_id required | string role ID e.g., SystemOwner |
required | Array of objects (authz.v2.Subject) list of subjects |
Responses
Request samples
- Payload
{- "id": "string",
- "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}Response samples
- 200
- 400
- 404
- 409
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}Response samples
- 200
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}Delete rolebinding subjects
path Parameters
| id required | string.* rolebinding ID |
Request Body schema: application/jsonrequired
required | Array of objects (authz.v2.Subject) | ||||||
Array
| |||||||
Responses
Request samples
- Payload
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}Response samples
- 200
- 400
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}Update rolebinding subjects
path Parameters
| id required | string.* rolebinding ID |
Request Body schema: application/jsonrequired
required | Array of objects (authz.v2.Subject) | ||||||
Array
| |||||||
Responses
Request samples
- Payload
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}Response samples
- 200
- 400
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}Merge rolebinding subjects
path Parameters
| id required | string.* rolebinding ID |
Request Body schema: application/jsonrequired
required | Array of objects (authz.v2.Subject) | ||||||
Array
| |||||||
Responses
Request samples
- Payload
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}Response samples
- 200
- 400
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}List roles
query Parameters
| resource_kind | string if set returns only roles applicable to specific resource kind |
Responses
Response samples
- 200
{- "request_id": "string",
- "roles": [
- {
- "description": "string",
- "id": "string",
- "inherit_roles": [
- {
- "action": "string",
- "resource_kind": "string",
- "role": "string"
}
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_kind": "string"
}
]
}Execute a blueprint.
path Parameters
| name required | string.* The blueprint name. |
Request Body schema: */*required
Responses
Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "blueprint": "string",
- "resources": [
- {
- "id": "string",
- "type": "string"
}
]
}
}Get a policy bundle
query Parameters
| policy | string policy name |
| eval_path | string path to partial evaluation |
| kind | string Default: "Plain" Enum: "Plain" "BJson" Kind of a bundle |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 200
Get a policy bundle
path Parameters
| policy required | string.* policy name |
query Parameters
| eval_path | string path to partial evaluation |
| kind | string Default: "Plain" Enum: "Plain" "BJson" Kind of a bundle |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 200
- 404
List data
Data (whether the result of evaluating policy or the data gathered by datasources) is arranged into a tree. List the locations within the tree that data exists.
query Parameters
| rego | string Rego query to be executed for the documents |
| jsonpath | string Json Path expression to extract portions of documents |
| sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
| strict | boolean Enable strict Rego compilation mode |
| data | string Initial data object in JSON format |
| download | boolean Default: false Download data as data.json file |
| limit | string Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 200
- 404
- 413
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}Check size of data
query Parameters
| rego | string Rego query to be executed for the documents |
| jsonpath | string Json Path expression to extract portions of documents |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 404
{- "code": "string",
- "errors": [
- "string"
], - "message": "string",
- "request_id": "string"
}Show all data
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Request Body schema: required
| data | object Initial data object |
| input | object |
| jsonpath | string Json Path expression to extract portions of documents |
object (data.v1.BuiltinMocks) | |
object Cache containing results of non-deterministic built-in functions | |
| query_package | string The package name to be used with query in case of multiple rego modules |
| rego | string Rego query to be executed for the documents |
object List of rego modules to be loaded and executed for the documents | |
| replay | boolean Inject STYRA_DAS_REPLAY environment variable into opa.runtime().env |
| sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
| strict | boolean Enable strict Rego compilation mode |
Responses
Request samples
- Payload
{- "data": { },
- "input": { },
- "jsonpath": "string",
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "sql.send": {
- "data": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}
}, - "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "query_package": "string",
- "rego": "string",
- "rego_modules": {
- "property1": "string",
- "property2": "string"
}, - "replay": true,
- "sandbox": true,
- "strict": true
}Response samples
- 200
- 404
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}Get data
Show data at the given name. The name must be an extension of one of the locations of data as returned by GET v1/data
path Parameters
| name required | string.* Data name |
query Parameters
| rego | string Rego query to be executed for the documents |
| jsonpath | string JSONPath expression to extract portions of documents |
| sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
| strict | boolean Enable strict Rego compilation mode |
| data | string Initial data object in JSON format |
| download | boolean Default: false Download data as |
| limit | string Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 200
- 404
- 413
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}Check the size of the data
path Parameters
| name required | string.* data name |
query Parameters
| rego | string Rego query to be executed for the documents |
| jsonpath | string Json Path expression to extract portions of documents |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 404
{- "code": "string",
- "errors": [
- "string"
], - "message": "string",
- "request_id": "string"
}Patch data
Modify the data of the push datasource registered at <path> by applying a JSON patch to the JSON document. The content type for the patch is application/json-patch+json. The operation returns the modified data.
path Parameters
| name required | string.* data name |
header Parameters
| If-Match | string etag |
Request Body schema: required
Responses
Request samples
- Payload
{ }Response samples
- 200
- 404
- 413
{- "request_id": "string",
- "result": null
}Show data
Show data at the given name. The name must be an extension of one of the locations of data as returned by GET v1/data.
path Parameters
| name required | string.* data name |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Request Body schema: required
| data | object Initial data object |
| input | object |
| jsonpath | string Json Path expression to extract portions of documents |
object (data.v1.BuiltinMocks) | |
object Cache containing results of non-deterministic built-in functions | |
| query_package | string The package name to be used with query in case of multiple rego modules |
| rego | string Rego query to be executed for the documents |
object List of rego modules to be loaded and executed for the documents | |
| replay | boolean Inject STYRA_DAS_REPLAY environment variable into opa.runtime().env |
| sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
| strict | boolean Enable strict Rego compilation mode |
Responses
Request samples
- Payload
{- "data": { },
- "input": { },
- "jsonpath": "string",
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "sql.send": {
- "data": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}
}, - "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "query_package": "string",
- "rego": "string",
- "rego_modules": {
- "property1": "string",
- "property2": "string"
}, - "replay": true,
- "sandbox": true,
- "strict": true
}Response samples
- 200
- 404
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}Publish data
Set the data for the datasource registered at <name> to an arbitrary JSON document. This data can be read by doing GET v1/data/<path>
path Parameters
| name required | string.* data name |
header Parameters
| If-Match | string etag |
Request Body schema: required
Responses
Request samples
- Payload
{ }Response samples
- 200
- 404
- 413
{- "request_id": "string"
}Execute or Preview a data source
path Parameters
| datasource required | string.* Data source ID |
query Parameters
| execute | boolean Execute data source |
| preview | boolean Preview data source |
| download | boolean Default: false This is part of preview workflow. Download preview data as data.json file. |
| limit | string This is part of preview workflow. Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
Request Body schema: */*required
| category required | string Must be |
| description | string |
| enabled | boolean Default: true |
| on_premises | boolean Default: false |
| rate_limit | number Default: 3 requests per second |
| polling_interval | string Default: "30s" |
| policy_filter | string Policy Filter (if set, then policy_query must be set as well) |
| policy_query | string Policy Query (if set, then policy_filter must be set as well) |
| credentials required | string Secret ID with AWS credentials |
| region required | string AWS region |
| RegistryId | string Registry ID |
Responses
Request samples
- Payload
{ "category": "aws/ecr", "credentials": "aws_creds", "on_premises": false, "region": "us-east-1" }
Response samples
- 200
- 404
{- "request_id": "string",
- "result": null
}Upsert a data source
path Parameters
| datasource required | string.* Data source ID |
header Parameters
| If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Request Body schema: */*required
| category required | string Must be |
| description | string |
| enabled | boolean Default: true |
| on_premises | boolean Default: false |
| rate_limit | number Default: 3 requests per second |
| polling_interval | string Default: "30s" |
| policy_filter | string Policy Filter (if set, then policy_query must be set as well) |
| policy_query | string Policy Query (if set, then policy_filter must be set as well) |
| credentials required | string Secret ID with AWS credentials |
| region required | string AWS region |
| RegistryId | string Registry ID |
Responses
Request samples
- Payload
{ "category": "aws/ecr", "credentials": "aws_creds", "on_premises": false, "region": "us-east-1" }
Response samples
- 200
{- "request_id": "string",
- "result": {
- "category": "aws/ecr",
- "credentials": "aws_creds",
- "on_premises": false,
- "region": "us-east-1",
- "executed": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resources": [
- { }
], - "status": { }
}
}Search decision logs
query Parameters
| input_max_size | string input_max_size will remove specified subfield from response if it exceeds the size specified |
| result_max_size | string result_max_size will remove specified subfield from response if it exceeds the size specified |
| cursor | string continue from cursor position of previous query |
| start_time | string <date-time> minimum decision time |
| end_time | string <date-time> maximum decision time |
| search | string search query |
| system | string system ID |
| stack | string stack ID |
| limit | integer Default: 100 maximum number of decisions to return |
| result_kind | string Default: "ALL" comma-separated list of ALL, UNKNOWN, ADVICE, ALLOWED, DENIED, ERROR |
| order | string Default: "DESC" ASC, DESC |
| default_timezone | string client time zone offset e.g. -07:00, +3:00, Z. Local time expressions in query are adjusted with this offset |
| compact | boolean return only essential decision fields |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": {
- "cursor": "string",
- "items": [
- {
- "Decision": "string",
- "processed": "2019-08-24T14:15:22Z"
}
]
}
}Search decision logs
query Parameters
| input_max_size | string input_max_size will remove specified subfield from response if it exceeds the size specified |
| result_max_size | string result_max_size will remove specified subfield from response if it exceeds the size specified |
Request Body schema: application/jsonrequired
| compact | boolean Default: false return only essential decision fields |
| cursor | string continue from cursor position of previous query |
| default_timezone | string client time zone offset. Local time expressions in query are adjusted with this offset |
| end_time | string <date-time> maximum decision time |
| limit | integer <int64> Default: 100 maximum number of decisions to return |
| order | string Default: "DESC" ASC, DESC |
| result_kind | string Default: "ALL" comma-separated list of ALL, UNKNOWN, ADVICE, ALLOWED, DENIED, ERROR |
| search | string search query |
| stack | string stack ID |
| start_time | string <date-time> minimum decision time |
| system | string system ID |
Responses
Request samples
- Payload
{- "compact": false,
- "cursor": "string",
- "default_timezone": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "limit": 100,
- "order": "DESC",
- "result_kind": "ALL",
- "search": "string",
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}Response samples
- 200
{- "request_id": "string",
- "result": {
- "cursor": "string",
- "items": [
- {
- "Decision": "string",
- "processed": "2019-08-24T14:15:22Z"
}
]
}
}Get a single decision
path Parameters
| cursor required | string decision cursor value |
query Parameters
| input_max_size | string input_max_size will remove specified subfield from response if it exceeds the size specified |
| result_max_size | string result_max_size will remove specified subfield from response if it exceeds the size specified |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": {
- "Decision": "string",
- "processed": "2019-08-24T14:15:22Z"
}
}Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}
]
}Create provider
Request Body schema: application/jsonrequired
| allow_idp_initiated required | boolean |
| allowed_domains required | Array of strings allow users from domains |
| auth_url required | string |
| client_id required | string |
| client_secret required | string |
| email_attribute required | string |
| enabled required | boolean whether it can be used as a provider or not |
| id required | string |
| issuer_url required | string |
| jit required | boolean True, if users are provisioned on-demand |
| key_certificate required | string |
| metadata required | string |
| override_discovery_issuer_url | string |
| proxy_url required | string |
| response_mode required | string |
| scopes required | Array of strings |
| skip_token_issuer_check | boolean |
| token_url required | string |
| type required | string OIDC (default) or SAML |
| unique_claim required | string claim to be used as the unique id for users |
| user_info_url required | string |
Responses
Request samples
- Payload
{- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}Response samples
- 200
- 404
{- "request_id": "string"
}Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}
}Create or update provider
path Parameters
| providerId required | string.+ provider ID |
header Parameters
| If-None-Match | string if set to '*' then creates a new provider with type-specific related objects |
Request Body schema: application/jsonrequired
| allow_idp_initiated required | boolean |
| allowed_domains required | Array of strings allow users from domains |
| auth_url required | string |
| client_id required | string |
| client_secret required | string |
| email_attribute required | string |
| enabled required | boolean whether it can be used as a provider or not |
| id required | string |
| issuer_url required | string |
| jit required | boolean True, if users are provisioned on-demand |
| key_certificate required | string |
| metadata required | string |
| override_discovery_issuer_url | string |
| proxy_url required | string |
| response_mode required | string |
| scopes required | Array of strings |
| skip_token_issuer_check | boolean |
| token_url required | string |
| type required | string OIDC (default) or SAML |
| unique_claim required | string claim to be used as the unique id for users |
| user_info_url required | string |
Responses
Request samples
- Payload
{- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}Response samples
- 200
- 404
{- "request_id": "string"
}Invite user
query Parameters
boolean set to false to avoid sending an email |
Request Body schema: application/jsonrequired
| roles required | Array of strings list of roles for the invited user |
| user_id required | string user ID to create invitation for |
Responses
Request samples
- Payload
{- "roles": [
- "string"
], - "user_id": "string"
}Response samples
- 200
{- "request_id": "string",
- "result": {
- "url": "string"
}
}Accept invitation
path Parameters
| token required | string.+ token from the invitation URL |
Request Body schema: application/jsonrequired
| password required | string new user password |
| user_id required | string new user ID |
Responses
Request samples
- Payload
{- "password": "string",
- "user_id": "string"
}Response samples
- 200
- 404
{- "request_id": "string"
}Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}
}
]
}Verify git access
Verifies that the repository can be accessed with the provided credentials
Request Body schema: application/jsonrequired
| commit required | string Commit SHA. Only one of reference or commit can be set at any time |
| credentials required | string Credentials are looked under the key |
| id required | string id of the entity so that the config can be checked for duplicates |
| path required | string Path to limit the import to |
| reference required | string Remote reference. Only one of reference or commit can be set at any time |
object (git.v1.SSHCredentials) | |
| url required | string Repository URL |
Responses
Request samples
- Payload
{- "commit": "string",
- "credentials": "string",
- "id": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "sha": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}Response samples
- 200
{- "result": {
- "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}
}
}Upsert a new library
path Parameters
| id required | string.* id |
Request Body schema: application/jsonrequired
| description required | string |
| read_only required | boolean |
object (libraries.v1.SourceControlConfig) |
Responses
Request samples
- Payload
{- "description": "string",
- "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}
}Response samples
- 200
{- "result": {
- "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}
}
}List files in Styra DAS-created branch.
Gets the list of files for the branch that the Styra DAS creates when modifying rego in the Styra DAS UI and pushing the changes to GitHub in a branch for review.
path Parameters
| id required | string.* library id |
Responses
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}Commit files to library source control
Commit files to source control associated with a library
path Parameters
| id required | string.* library id |
Request Body schema: application/jsonrequired
| author required | string |
| email required | string |
required | object Map of filenames to file contents |
| files_to_delete required | Array of strings List of filenames to delete from the repo |
| message required | string |
Responses
Request samples
- Payload
{- "author": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "author": "string",
- "branch": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
}List files in current branch.
Gets the list of files in the currently chosen branch.
path Parameters
| id required | string.* library id |
Responses
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}log-replay is a service that re-evaluates past decision logs in order to estimate what would change if one of the policies
would be different. log-replay is used as an analysis tool to analyze the impact of a policy change.
Run log-replay
Request Body schema: application/jsonrequired
| compare_full_results | boolean Default: false do not compare decisions by system-type-dependent significant fields |
| data_patches | Array of objects (json.JsonPatchSpec) list of JSON Patches to apply to the data namespace |
| decision_patches | Array of objects (json.JsonPatchSpec) list of JSON Patches to apply to the decisions before they evaluated |
| deterministic_policies | boolean Default: true signals that decisions having the same inputs, data and revision always evaluate to the same result and therefore can be cached |
| duration | string maximum replay duration (e.g. "20s") |
| max_samples | integer <int32> maximum number of samples to return |
object (data.v1.BuiltinMocks) | |
object modified rego policies (path => rego content) | |
Array of objects (logreplay.v1.ReplayScope) list of scopes to narrow the decision search | |
| skip_batches | Array of strings list of batch IDs to skip |
Responses
Request samples
- Payload
{- "compare_full_results": false,
- "data_patches": [
- { }
], - "decision_patches": [
- { }
], - "deterministic_policies": true,
- "duration": "string",
- "max_samples": 0,
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "sql.send": {
- "data": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}
}, - "policies": {
- "property1": "string",
- "property2": "string"
}, - "scope": [
- {
- "max_age": "string",
- "max_revisions": 1,
- "min_age": "string",
- "path": "string"
}
], - "skip_batches": [
- "string"
]
}Response samples
- 200
{- "analyzed_batches": [
- "string"
], - "duration": 0,
- "samples": [
- {
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "decision_id": "string",
- "erased": [
- "string"
], - "error": "string",
- "input": null,
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "new_result": null,
- "path": "string",
- "query": "string",
- "req_id": 0,
- "requested_by": "string",
- "result": null,
- "revision": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "started": "2019-08-24T14:15:22Z",
- "stats": {
- "analysis_errors": 0,
- "batches_analyzed": 0,
- "batches_download_errors": 0,
- "batches_downloaded": 0,
- "batches_from_cache": 0,
- "batches_observed": 0,
- "batches_scheduled": 0,
- "batches_skipped": 0,
- "entries_evaluated": 0,
- "entries_failed": 0,
- "entries_observed": 0,
- "entries_scheduled": 0,
- "results_changed": 0
}
}Run log-replay
Request Body schema: application/jsonrequired
object system ID -> bundle filter mapping specifying which bundles to consider for each system. Use empty string or '*' to provide default filter | |
| compare_full_results | boolean Default: false do not compare decisions by system-type-dependent significant fields |
| decision_patches | Array of objects (json.JsonPatchSpec) list of JSON Patches to apply to the decisions before they evaluated |
object modifications to make to policies or data | |
| duration | string maximum replay duration (e.g. "20s") |
| max_samples | integer <int32> maximum number of samples to return |
object (data.v1.BuiltinMocks) | |
| path_filters | Array of strings list of path filters. Each entry is either a path prefix that the decision path must begin with or the decision path must be prefix of the entry |
| skip_batches | Array of strings list of batch IDs to skip |
Responses
Request samples
- Payload
{- "bundle_filters": {
- "property1": {
- "active_from": 0,
- "active_to": 0,
- "bundle_id": "string",
- "created_from": "2019-08-24T14:15:22Z",
- "created_to": "2019-08-24T14:15:22Z",
- "last_deployed_from": "2019-08-24T14:15:22Z",
- "last_deployed_to": "2019-08-24T14:15:22Z",
- "reverse_versioning": true,
- "version_from": 0,
- "version_to": 0
}, - "property2": {
- "active_from": 0,
- "active_to": 0,
- "bundle_id": "string",
- "created_from": "2019-08-24T14:15:22Z",
- "created_to": "2019-08-24T14:15:22Z",
- "last_deployed_from": "2019-08-24T14:15:22Z",
- "last_deployed_to": "2019-08-24T14:15:22Z",
- "reverse_versioning": true,
- "version_from": 0,
- "version_to": 0
}
}, - "compare_full_results": false,
- "decision_patches": [
- { }
], - "drafts": {
- "property1": {
- "contents": null,
- "datasources": true,
- "patches": [
- { }
], - "policy": {
- "context": "string",
- "overlays": [
- "string"
]
}
}, - "property2": {
- "contents": null,
- "datasources": true,
- "patches": [
- { }
], - "policy": {
- "context": "string",
- "overlays": [
- "string"
]
}
}
}, - "duration": "string",
- "max_samples": 0,
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "sql.send": {
- "data": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}
}, - "path_filters": [
- "string"
], - "skip_batches": [
- "string"
]
}Response samples
- 200
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}
}, - "request_id": "string",
- "result": {
- "analyzed_batches": [
- "string"
], - "duration": 0,
- "samples": [
- {
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "decision_id": "string",
- "erased": [
- "string"
], - "error": "string",
- "input": null,
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "new_result": null,
- "path": "string",
- "query": "string",
- "req_id": 0,
- "requested_by": "string",
- "result": null,
- "revision": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "started": "2019-08-24T14:15:22Z",
- "stats": {
- "analysis_errors": 0,
- "batches_analyzed": 0,
- "batches_download_errors": 0,
- "batches_downloaded": 0,
- "batches_from_cache": 0,
- "batches_observed": 0,
- "batches_scheduled": 0,
- "batches_skipped": 0,
- "entries_evaluated": 0,
- "entries_failed": 0,
- "entries_observed": 0,
- "entries_scheduled": 0,
- "results_changed": 0
}
}
}Post decision logs with partition
path Parameters
| partition required | string.* partition name. Currently not used |
Request Body schema: application/jsonrequired
Responses
Request samples
- Payload
[- { }
]Response samples
- 200
{- "request_id": "string"
}Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
]
}Create a mock opa.
Request Body schema: application/jsonrequired
| duration required | string |
| system_id required | string |
Responses
Request samples
- Payload
{- "duration": "string",
- "system_id": "string"
}Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
}