Styra API (2.0.0)
Download OpenAPI specification:Download
Styra DAS is entirely API-driven.
Access to the APIs requires authentication that should be provided as an Authorization HTTP header including a Styra DAS-issued token:
Authorization: Bearer <YOURTOKENHERE>
To request a token you need to have an Styra account, and create a token via the API Tokens menu.
Retrieve activity log
At most 256 entries returned per request. If only start_time or end_time is provided by the caller then the request defaults to 1 hour range
Request Body schema: application/json
class_type | string audit or activity |
count | integer <int32> Default: 256 max count of records to return: max(4096) |
end_time | string <date-time> filter time range end_time |
forward | boolean Default: false search from start(true) or end(false) of table |
request_id | string filter on matching request_id |
start_time | string <date-time> filter time range start_time |
Responses
Request samples
- Payload
{- "class_type": "string",
- "count": 256,
- "end_time": "2019-08-24T14:15:22Z",
- "forward": false,
- "request_id": "string",
- "start_time": "2019-08-24T14:15:22Z"
}
Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "data": [
- {
- "decision": {
- "input": {
- "body": { },
- "method": "string",
- "path": "string",
- "user": "string",
- "user_claims": { }
}, - "output": {
- "allow": true,
- "status": {
- "reason": "string"
}
}
}, - "duration": 0,
- "request": {
- "body": "string",
- "errors": {
- "evaluation": "string"
}, - "host": "string",
- "id": "string",
- "method": "string",
- "path": "string",
- "request_body": "string",
- "requested_by": "string",
- "requested_through": "string",
- "tenant": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "response": {
- "body": "string",
- "errors": {
- "processing": "string"
}, - "status_code": 0,
- "timestamp": "2019-08-24T14:15:22Z"
}
}
]
}
}
Get current agent statuses
path Parameters
kind required | string agent kind such as "agents", "datasources", "slps", "exporters" |
query Parameters
system | string return only statuses for one or more system ID |
id | string return only statuses for one or more agent ID |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": {
- "property1": { },
- "property2": { }
}
}
Post agent status
path Parameters
kind required | string agent kind such as "agents", "datasources", "slps", "exporters" |
Request Body schema: application/json
Responses
Request samples
- Payload
{ }
Response samples
- 200
{- "request_id": "string"
}
Update agent status
path Parameters
kind required | string agent kind such as "agents", "datasources", "slps", "exporters" |
id required | string.* agent id |
Request Body schema: application/json
Responses
Request samples
- Payload
{ }
Response samples
- 200
{- "request_id": "string"
}
Evaluate a list of permissions
Request Body schema: application/json
action required | string |
body required | object |
check_option required | string |
operation required | string |
path required | string |
Responses
Request samples
- Payload
[- {
- "action": "string",
- "body": { },
- "check_option": "string",
- "operation": "string",
- "path": "string"
}
]
Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "allowed": true,
- "body": { },
- "check_option": "string",
- "eval_error": true,
- "operation": "string",
- "path": "string"
}
]
}
Response samples
- 200
{- "request_id": "string",
- "result": {
- "property1": {
- "property1": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
], - "property2": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}, - "property2": {
- "property1": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
], - "property2": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}
}
}
List role bindings
path Parameters
resourcetype required | string.* resource type |
resource required | string.* resource id |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}
Delete a resource role binding
path Parameters
resourcetype required | string.* resource type |
resource required | string.* resource id |
rolebinding required | string.* role binding id |
query Parameters
recursive | string if set to 'false', only deletes the role binding configuration and does not delete associated objects |
Responses
Response samples
- 200
- 404
{- "request_id": "string"
}
Get a role binding
path Parameters
resourcetype required | string.* resource type |
resource required | string.* resource id |
rolebinding required | string.* role binding id |
Responses
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
}
Update a role binding
path Parameters
resourcetype required | string.* resource type |
resource required | string.* resource id |
rolebinding required | string.* role binding id |
Request Body schema: application/json
description required | string |
id required | string |
role_name required | string |
subjects required | Array of strings |
Responses
Request samples
- Payload
{- "description": "string",
- "id": "string",
- "role_name": "string",
- "subjects": [
- "string"
]
}
Response samples
- 200
- 404
{- "request_id": "string"
}
List role bindings
query Parameters
resource_kind | string if set returns only rolebindings involving the specified resource kind (if supplied multiple times will return rolebindings that match any of the specified resource kinds) |
resource_id | string if set returns only rolebindings involving the specified resource id (if supplied multiple times will return rolebindings that match any of the specified resource ids) |
role_id | string if set returns only rolebindings involving the specified role id (if supplied multiple times will return rolebindings that match any of the specified role ids) |
subject_kind | string if set returns only rolebindings involving the specified subject kind (if supplied multiple times will return rolebindings that match any of the specified subject kinds) |
subject_id | string if set returns only rolebindings involving the specified subject id (if supplied multiple times will return rolebindings that match any of the specified subject ids) |
internal | boolean if set to 'true', returns only internal rolebindings |
Responses
Response samples
- 200
{- "request_id": "string",
- "rolebindings": [
- {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
]
}
Create or update rolebinding
header Parameters
If-None-Match | string if set to '*', will not update existing rolebinding |
Request Body schema: application/json
id required | string |
required | object (authz.v2.ResourceFilter) |
role_id required | string |
required | Array of objects (authz.v2.Subject) |
Responses
Request samples
- Payload
{- "id": "string",
- "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
Response samples
- 200
- 400
- 404
- 409
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
Response samples
- 200
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
Delete rolebinding subjects
path Parameters
id required | string.* rolebinding ID |
Request Body schema: application/json
required | Array of objects (authz.v2.Subject) | ||||||
Array
|
Responses
Request samples
- Payload
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
Response samples
- 200
- 400
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
Update rolebinding subjects
path Parameters
id required | string.* rolebinding ID |
Request Body schema: application/json
required | Array of objects (authz.v2.Subject) | ||||||
Array
|
Responses
Request samples
- Payload
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
Response samples
- 200
- 400
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
Merge rolebinding subjects
path Parameters
id required | string.* rolebinding ID |
Request Body schema: application/json
required | Array of objects (authz.v2.Subject) | ||||||
Array
|
Responses
Request samples
- Payload
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
Response samples
- 200
- 400
- 404
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
List roles
query Parameters
resource_kind | string if set returns only roles applicable to specific resource kind |
Responses
Response samples
- 200
{- "request_id": "string",
- "roles": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_kind": "string"
}
]
}
Execute a blueprint.
path Parameters
name required | string.* The blueprint name. |
Request Body schema: */*
Responses
Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "blueprint": "string",
- "resources": [
- {
- "id": "string",
- "type": "string"
}
]
}
}
List data
Data (whether the result of evaluating policy or the data gathered by datasources) is arranged into a tree. List the locations within the tree that data exists.
query Parameters
rego | string Rego query to be executed for the documents |
jsonpath | string Json Path expression to extract portions of documents |
download | boolean Default: false Download data as data.json file |
limit | string Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
header Parameters
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 200
- 404
- 413
{- "mocks": {
- "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}
Check size of data
query Parameters
rego | string Rego query to be executed for the documents |
jsonpath | string Json Path expression to extract portions of documents |
header Parameters
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 404
{- "code": "string",
- "errors": [
- "string"
], - "message": "string",
- "request_id": "string"
}
Show all data
header Parameters
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Request Body schema:
input | object |
jsonpath | string Json Path expression to extract portions of documents |
object (systems.v1.BuiltinMocks) | |
query_package | string The package name to be used with query in case of multiple rego modules |
rego | string Rego query to be executed for the documents |
object List of rego modules to be loaded and executed for the documents |
Responses
Request samples
- Payload
{- "input": { },
- "jsonpath": "string",
- "mocks": {
- "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}
}, - "query_package": "string",
- "rego": "string",
- "rego_modules": {
- "property1": "string",
- "property2": "string"
}
}
Response samples
- 200
- 404
{- "mocks": {
- "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}
Get data
Show data at the given name
. The name
must be an extension of one of the locations of data as returned by GET v1/data
path Parameters
name required | string.* data name |
query Parameters
rego | string Rego query to be executed for the documents |
jsonpath | string Json Path expression to extract portions of documents |
download | boolean Default: false Download data as |
limit | string Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
header Parameters
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 200
- 404
- 413
{- "mocks": {
- "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}
Check the size of the data
path Parameters
name required | string.* data name |
query Parameters
rego | string Rego query to be executed for the documents |
jsonpath | string Json Path expression to extract portions of documents |
header Parameters
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Responses
Response samples
- 404
{- "code": "string",
- "errors": [
- "string"
], - "message": "string",
- "request_id": "string"
}
Patch data
Modify the data of the push datasource registered at <path>
by applying a JSON patch to the JSON document. The content type for the patch is application/json-patch+json
. The operation returns the modified data.
path Parameters
name required | string.* data name |
header Parameters
If-Match | string etag |
Request Body schema:
Responses
Request samples
- Payload
{ }
Response samples
- 200
- 404
- 413
{- "request_id": "string",
- "result": null
}
Show data
Show data at the given name
. The name
must be an extension of one of the locations of data as returned by GET v1/data
.
path Parameters
name required | string.* data name |
header Parameters
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Request Body schema:
input | object |
jsonpath | string Json Path expression to extract portions of documents |
object (systems.v1.BuiltinMocks) | |
query_package | string The package name to be used with query in case of multiple rego modules |
rego | string Rego query to be executed for the documents |
object List of rego modules to be loaded and executed for the documents |
Responses
Request samples
- Payload
{- "input": { },
- "jsonpath": "string",
- "mocks": {
- "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}
}, - "query_package": "string",
- "rego": "string",
- "rego_modules": {
- "property1": "string",
- "property2": "string"
}
}
Response samples
- 200
- 404
{- "mocks": {
- "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}
}, - "request_id": "string",
- "result": null
}
Publish data
Set the data for the datasource registered at <name>
to an arbitrary JSON document. This data can be read by doing GET v1/data/<path>
path Parameters
name required | string.* data name |
header Parameters
If-Match | string etag |
Request Body schema:
Responses
Request samples
- Payload
{ }
Response samples
- 200
- 404
- 413
{- "request_id": "string"
}
Execute a data source
path Parameters
datasource required | string.* Data source ID |
query Parameters
execute | boolean Execute data source |
preview | boolean Preview data source |
Request Body schema: */*
category required | string Must be |
description | string |
enabled | boolean Default: true |
on_premises | boolean Default: false |
rate_limit | number Default: 3 requests per second |
polling_interval | string Default: "30s" |
policy_filter | string Policy Filter (if set, then policy_query must be set as well) |
policy_query | string Policy Query (if set, then policy_filter must be set as well) |
credentials required | string Secret ID with AWS credentials |
region required | string AWS region |
RegistryId | string Registry ID |
Responses
Request samples
- Payload
{ "category": "aws/ecr", "credentials": "aws_creds", "on_premises": false, "region": "us-east-1" }
Response samples
- 200
- 404
{- "request_id": "string",
- "result": null
}
Upsert a data source
path Parameters
datasource required | string.* Data source ID |
header Parameters
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Request Body schema: */*
category required | string Must be |
description | string |
enabled | boolean Default: true |
on_premises | boolean Default: false |
rate_limit | number Default: 3 requests per second |
polling_interval | string Default: "30s" |
policy_filter | string Policy Filter (if set, then policy_query must be set as well) |
policy_query | string Policy Query (if set, then policy_filter must be set as well) |
credentials required | string Secret ID with AWS credentials |
region required | string AWS region |
RegistryId | string Registry ID |
Responses
Request samples
- Payload
{ "category": "aws/ecr", "credentials": "aws_creds", "on_premises": false, "region": "us-east-1" }
Response samples
- 200
{- "request_id": "string",
- "result": {
- "category": "aws/ecr",
- "credentials": "aws_creds",
- "on_premises": false,
- "region": "us-east-1",
- "executed": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resources": [
- { }
], - "status": { }
}
}
Search decision logs
query Parameters
cursor | string continue from cursor position of previous query |
start_time | string minimum decision time |
end_time | string maximum decision time |
search | string search query |
system | string system ID |
stack | string stack ID |
limit | integer maximum number of decisions to return |
result_kind | string comma-separated list of ALL, UNKNOWN, ADVICE, ALLOWED, DENIED, ERROR |
order | string ASC, DESC (default) |
default_timezone | string client time zone offset e.g. -07:00, +3:00, Z. Local time expressions in query are adjusted with this offset |
compact | boolean return only essential decision fields |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": {
- "cursor": "string",
- "items": [
- {
- "Decision": "string",
- "processed": "2019-08-24T14:15:22Z"
}
]
}
}
Search decision logs
Request Body schema: application/json
compact required | boolean return only essential decision fields |
cursor required | string continue from cursor position of previous query |
default_timezone required | string client time zone offset. Local time expressions in query are adjusted with this offset |
end_time required | string <date-time> maximum decision time |
limit required | integer <int64> maximum number of decisions to return |
order required | string Default: "DESC" ASC, DESC |
result_kind required | string comma-separated list of ALL, UNKNOWN, ADVICE, ALLOWED, DENIED, ERROR |
search required | string search query |
stack required | string stack ID |
start_time required | string <date-time> minimum decision time |
system required | string system ID |
Responses
Request samples
- Payload
{- "compact": true,
- "cursor": "string",
- "default_timezone": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "limit": 0,
- "order": "DESC",
- "result_kind": "string",
- "search": "string",
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
Response samples
- 200
{- "request_id": "string",
- "result": {
- "cursor": "string",
- "items": [
- {
- "Decision": "string",
- "processed": "2019-08-24T14:15:22Z"
}
]
}
}
Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "user_info_url": "string"
}
]
}
Create provider
Request Body schema: application/json
allow_idp_initiated required | boolean |
allowed_domains required | Array of strings |
auth_url required | string |
client_id required | string |
client_secret required | string |
email_attribute required | string |
enabled required | boolean |
id required | string |
issuer_url required | string |
jit required | boolean |
key_certificate required | string |
metadata required | string |
override_discovery_issuer_url | string |
proxy_url required | string |
response_mode required | string |
scopes required | Array of strings |
skip_token_issuer_check | boolean |
token_url required | string |
type required | string |
user_info_url required | string |
Responses
Request samples
- Payload
{- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "user_info_url": "string"
}
Response samples
- 200
- 404
{- "request_id": "string"
}
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "user_info_url": "string"
}
}
Create or update provider
path Parameters
providerId required | string.+ provider ID |
header Parameters
If-None-Match | string if set to '*' then creates a new provider with type-specific related objects |
Request Body schema: application/json
allow_idp_initiated required | boolean |
allowed_domains required | Array of strings |
auth_url required | string |
client_id required | string |
client_secret required | string |
email_attribute required | string |
enabled required | boolean |
id required | string |
issuer_url required | string |
jit required | boolean |
key_certificate required | string |
metadata required | string |
override_discovery_issuer_url | string |
proxy_url required | string |
response_mode required | string |
scopes required | Array of strings |
skip_token_issuer_check | boolean |
token_url required | string |
type required | string |
user_info_url required | string |
Responses
Request samples
- Payload
{- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "client_id": "string",
- "client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "proxy_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "user_info_url": "string"
}
Response samples
- 200
- 404
{- "request_id": "string"
}
Invite user
query Parameters
boolean set to false to avoid sending an email |
Request Body schema: application/json
roles required | Array of strings list of roles for the invited user |
user_id required | string user ID to create invitation for |
Responses
Request samples
- Payload
{- "roles": [
- "string"
], - "user_id": "string"
}
Response samples
- 200
{- "request_id": "string",
- "result": {
- "url": "string"
}
}
Accept invitation
path Parameters
token required | string.+ token from the invitation URL |
Request Body schema: application/json
password required | string new user password |
tos_checked required | boolean terms of service were accepted |
user_id required | string new user ID |
Responses
Request samples
- Payload
{- "password": "string",
- "tos_checked": true,
- "user_id": "string"
}
Response samples
- 200
- 404
{- "request_id": "string"
}
log-replay
is a service that re-evaluates past decision logs in order to estimate what would change if one of the policies
would be different. log-replay
is used as an analysis tool to analyze the impact of a policy change.
Run log-replay
Request Body schema: application/json
compare_full_results | boolean Default: false do not compare decisions by system-type-dependent significant fields |
data_patches | Array of objects (json.JsonPatchSpec) list of JSON Patches to apply to the data namespace |
decision_patches | Array of objects (json.JsonPatchSpec) list of JSON Patches to apply to the decisions before they evaluated |
deterministic_policies | boolean Default: true signals that decisions having the same inputs, data and revision always evaluate to the same result and therefore can be cached |
duration | string maximum replay duration (e.g. "20s") |
max_samples | integer <int32> maximum number of samples to return |
object (systems.v1.BuiltinMocks) | |
object modified rego policies (path => rego content) | |
Array of objects (logreplay.v1.ReplayScope) list of scopes to narrow the decision search | |
skip_batches | Array of strings list of batch IDs to skip |
Responses
Request samples
- Payload
{- "compare_full_results": false,
- "data_patches": [
- { }
], - "decision_patches": [
- { }
], - "deterministic_policies": true,
- "duration": "string",
- "max_samples": 0,
- "mocks": {
- "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}
}, - "policies": {
- "property1": "string",
- "property2": "string"
}, - "scope": [
- {
- "max_age": "string",
- "max_revisions": 1,
- "min_age": "string",
- "path": "string"
}
], - "skip_batches": [
- "string"
]
}
Response samples
- 200
{- "analyzed_batches": [
- "string"
], - "duration": 0,
- "samples": [
- {
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "decision_id": "string",
- "erased": [
- "string"
], - "error": "string",
- "input": null,
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "new_result": null,
- "path": "string",
- "query": "string",
- "requested_by": "string",
- "result": null,
- "revision": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "started": "2019-08-24T14:15:22Z",
- "stats": {
- "analysis_errors": 0,
- "batches_analyzed": 0,
- "batches_download_errors": 0,
- "batches_downloaded": 0,
- "batches_from_cache": 0,
- "batches_observed": 0,
- "batches_scheduled": 0,
- "batches_skipped": 0,
- "entries_evaluated": 0,
- "entries_failed": 0,
- "entries_observed": 0,
- "entries_scheduled": 0,
- "results_changed": 0
}
}
Run log-replay
Request Body schema: application/json
object system ID -> bundle filter mapping specifying which bundles to consider for each system. Use empty string or '*' to provide default filter | |
compare_full_results | boolean Default: false do not compare decisions by system-type-dependent significant fields |
decision_patches | Array of objects (json.JsonPatchSpec) list of JSON Patches to apply to the decisions before they evaluated |
object modifications to make to policies or data | |
duration | string maximum replay duration (e.g. "20s") |
max_samples | integer <int32> maximum number of samples to return |
object (systems.v1.BuiltinMocks) | |
path_filters | Array of strings list of path filters. Each entry is either a path prefix that the decision path must begin with or the decision path must be prefix of the entry |
skip_batches | Array of strings list of batch IDs to skip |
Responses
Request samples
- Payload
{- "bundle_filters": {
- "property1": {
- "active_from": 0,
- "active_to": 0,
- "bundle_id": "string",
- "created_from": "2019-08-24T14:15:22Z",
- "created_to": "2019-08-24T14:15:22Z",
- "last_deployed_from": "2019-08-24T14:15:22Z",
- "last_deployed_to": "2019-08-24T14:15:22Z",
- "reverse_versioning": true,
- "version_from": 0,
- "version_to": 0
}, - "property2": {
- "active_from": 0,
- "active_to": 0,
- "bundle_id": "string",
- "created_from": "2019-08-24T14:15:22Z",
- "created_to": "2019-08-24T14:15:22Z",
- "last_deployed_from": "2019-08-24T14:15:22Z",
- "last_deployed_to": "2019-08-24T14:15:22Z",
- "reverse_versioning": true,
- "version_from": 0,
- "version_to": 0
}
}, - "compare_full_results": false,
- "decision_patches": [
- { }
], - "drafts": {
- "property1": {
- "contents": null,
- "datasources": true,
- "patches": [
- { }
], - "policy": {
- "context": "string",
- "overlays": [
- "string"
]
}
}, - "property2": {
- "contents": null,
- "datasources": true,
- "patches": [
- { }
], - "policy": {
- "context": "string",
- "overlays": [
- "string"
]
}
}
}, - "duration": "string",
- "max_samples": 0,
- "mocks": {
- "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}
}, - "path_filters": [
- "string"
], - "skip_batches": [
- "string"
]
}
Response samples
- 200
{- "mocks": {
- "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}
}, - "request_id": "string",
- "result": {
- "analyzed_batches": [
- "string"
], - "duration": 0,
- "samples": [
- {
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "decision_id": "string",
- "erased": [
- "string"
], - "error": "string",
- "input": null,
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "new_result": null,
- "path": "string",
- "query": "string",
- "requested_by": "string",
- "result": null,
- "revision": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "started": "2019-08-24T14:15:22Z",
- "stats": {
- "analysis_errors": 0,
- "batches_analyzed": 0,
- "batches_download_errors": 0,
- "batches_downloaded": 0,
- "batches_from_cache": 0,
- "batches_observed": 0,
- "batches_scheduled": 0,
- "batches_skipped": 0,
- "entries_evaluated": 0,
- "entries_failed": 0,
- "entries_observed": 0,
- "entries_scheduled": 0,
- "results_changed": 0
}
}
}
Post decision logs with partition
path Parameters
partition required | string.* partition name. Currently not used |
Request Body schema: application/json
Responses
Request samples
- Payload
[- { }
]
Response samples
- 200
{- "request_id": "string"
}
Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
]
}
Create a mock opa.
Request Body schema: application/json
duration required | string |
system_id required | string |
Responses
Request samples
- Payload
{- "duration": "string",
- "system_id": "string"
}
Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
}
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
}
Handle callbacks from notification applications.
path Parameters
type required | string.* notification type |
query Parameters
code | string authorization code from notification tool |
state | string unique identification code |
Responses
Response samples
- 307
{- "request_id": "string",
- "response_url": "string"
}
Insert an access token for the notification tool.
path Parameters
type required | string.* notification type |
Request Body schema: application/json
token required | string |
Responses
Request samples
- Payload
{- "token": "string"
}
Response samples
- 200
{- "request_id": "string"
}
Reset password
path Parameters
token required | string.+ Token ID |
Request Body schema: application/json
password required | string |
user_id required | string |
Responses
Request samples
- Payload
{- "password": "string",
- "user_id": "string"
}
Response samples
- 200
{- "url": "string"
}
Request samples
- Payload
{- "password": "string"
}
Response samples
- 200
{- "request_id": "string",
- "result": {
- "cracktime": 0,
- "cracktime_display": "string",
- "feedback": {
- "suggestions": [
- "string"
], - "warning": "string"
}, - "max": 0,
- "min": 0,
- "pass": 0,
- "score": 0
}
}
List policies
query Parameters
metadata | string return rego metadata of specified type or all if no type provided |
drafts | boolean return rego metadata for draft policies (when metadata flag is used) |
Responses
Response samples
- 200
{- "metadata": [
- {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}
], - "request_id": "string",
- "result": null
}
List playground policies
query Parameters
metadata | string return rego metadata of specified type or all if no type provided |
drafts | boolean return rego metadata for draft policies (when metadata flag is used) |
Responses
Response samples
- 200
{- "metadata": [
- {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}
], - "request_id": "string",
- "result": null
}
List system policies
path Parameters
system required | string system id |
query Parameters
metadata | string return rego metadata of specified type or all if no type provided |
drafts | boolean return rego metadata for draft policies (when metadata flag is used) |
Responses
Response samples
- 200
{- "metadata": [
- {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}
], - "request_id": "string",
- "result": null
}
Update a policy
path Parameters
policy required | string.+ policy name |
header Parameters
If-None-Match | string etag |
Request Body schema:
required | object |
required | object (crypto.Signature) |
Responses
Request samples
- Payload
{- "modules": {
- "property1": "string",
- "property2": "string"
}, - "signature": {
- "excluded": {
- "digest": "string",
- "nodes": {
- "property1": { },
- "property2": { }
}
}, - "signatures": [
- {
- "property1": "string",
- "property2": "string"
}
]
}
}
Response samples
- 200
{- "request_id": "string"
}
Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "name": "string"
}
]
}
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "name": "string"
}
}
Create/update secret
path Parameters
secretId required | string.* secret ID |
header Parameters
If-None-Match | string if set to '*' then the request fill fail if the secret already exists |
Request Body schema: application/json
description required | string |
name required | string |
secret required | string |
Responses
Request samples
- Payload
{- "description": "string",
- "name": "string",
- "secret": "string"
}
Response samples
- 200
- 409
{- "request_id": "string"
}
Response samples
- 200
{- "request_id": "string",
- "result": [
- {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "id": "string",
- "matching_systems": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "minimum_opa_version": "string",
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "status": "string",
- "type": "string",
- "type_parameters": { }
}
]
}
Create a stack
Request Body schema: application/json
description required | string |
name required | string |
read_only required | boolean |
object (stacks.v1.SourceControlConfig) | |
type required | string |
type_parameters | object stack type parameter values (for template.* types) |
Responses
Request samples
- Payload
{- "description": "string",
- "name": "string",
- "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "type": "string",
- "type_parameters": { }
}
Response samples
- 200
{- "request_id": "string",
- "result": {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "id": "string",
- "matching_systems": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "minimum_opa_version": "string",
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "status": "string",
- "type": "string",
- "type_parameters": { }
}
}
Verify git access
Verifies that the repository can be accessed with the provided credentials
Request Body schema: application/json
commit required | string Commit SHA. Only one of reference or commit can be set at any time |
credentials required | string Credentials are looked under the key |
id required | string id of the entity so that the config can be checked for duplicates |
path required | string Path to limit the import to |
reference required | string Remote reference. Only one of reference or commit can be set at any time |
object (git.v1.SSHCredentials) | |
url required | string Repository URL |
Responses
Request samples
- Payload
{- "commit": "string",
- "credentials": "string",
- "id": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
Response samples
- 200
- 400
{- "request_id": "string",
- "result": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "sha": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}
List files in Styra DAS-created branch.
Gets the list of files for the branch that the Styra DAS creates when modifying rego in the Styra DAS UI and pushing the changes to GitHub in a branch for review.
path Parameters
id required | string.* stack id |
Responses
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}
Commit files to stack source control
Commit files to source control associated with a stack
path Parameters
id required | string.* stack id |
Request Body schema: application/json
author required | string |
email required | string |
required | object Map of filenames to file contents |
files_to_delete required | Array of strings List of filenames to delete from the repo |
message required | string |
Responses
Request samples
- Payload
{- "author": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "author": "string",
- "branch": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
}
List files in current branch.
Gets the list of files in the currently chosen branch.
path Parameters
id required | string.* stack id |
Responses
Response samples
- 200
- 404
{- "request_id": "string",
- "result": {
- "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}
Get a stack configuration
path Parameters
stack required | string.* stack id |
query Parameters
datasources | boolean set to 'false' to omit datasources from the output |
Responses
Response samples
- 200
{- "request_id": "string",
- "result": {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "id": "string",
- "matching_systems": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "minimum_opa_version": "string",
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "status": "string",
- "type": "string",
- "type_parameters": { }
}
}
Create or update a stack
path Parameters
stack required | string.* stack id |
Request Body schema: application/json
description required | string |
name required | string |
read_only required | boolean |
object (stacks.v1.SourceControlConfig) | |
type required | string |
type_parameters | object stack type parameter values (for template.* types) |
Responses
Request samples
- Payload
{- "description": "string",
- "name": "string",
- "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "type": "string",
- "type_parameters": { }
}
Response samples
- 200
{- "request_id": "string"
}
Validate stack compliance
path Parameters
stack required | string.* stack id |
query Parameters
asyncdelay | string set delay of asynchronous response HTTP(202); range [1s - compliance-api-timeout]. |
asyncresponse | string get asynchronous response; see HTTP(202) Location parameter |
interval | string if set to 'latest', get most recent cached results for specified stack. |
Request Body schema: application/json
object draft policies to be used for 'new' violations computation (path => rego) | |
extended | boolean run extended compliance validation that is specific for the system/stack type |
filter | object filter violations with this selector (dot.path => value) |
group_by | Array of strings (stacks.v1.StacksComplianceRequest.group_by) [ items ] group results by dot.path values (list of group levels with list of fields at each level) |
object (systems.v1.BuiltinMocks) | |
mode | string Default: "delta" validation mode. One of (delta, all, delta-count, all-count) |
policy_type | string policy type to narrow the monitor policy search (e.g. validating, mutating). Default (empty string or missing) is to run all monitoring policies |
Array of objects (systems.v1.SortField) list of fields to sort by |
Responses
Request samples
- Payload
{- "drafts": {
- "property1": "string",
- "property2": "string"
}, - "extended": true,
- "filter": { }