Download OpenAPI specification:Download
Styra DAS is entirely API-driven.
Access to the APIs requires authentication that should be provided as an Authorization HTTP header including a Styra DAS-issued token:
Authorization: Bearer <YOURTOKENHERE>
To request a token you need to have an Styra account, and create a token via the API Tokens menu.
Returns at most 256 entries by default, unless Count is provided (max: 4096). If only start_time or end_time is provided by the caller then the request defaults to 1 hour range
class_type | string audit or activity |
count | integer <int32> Default: 256 max count of records to return: max(4096) |
end_time | string <date-time> filter time range end_time |
forward | boolean Default: false search from start(true) or end(false) of table |
request_id | string filter on matching request_id |
start_time | string <date-time> filter time range start_time |
{- "class_type": "string",
- "count": 256,
- "end_time": "2019-08-24T14:15:22Z",
- "forward": false,
- "request_id": "string",
- "start_time": "2019-08-24T14:15:22Z"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "decision": {
- "input": {
- "body": { },
- "method": "string",
- "path": "string",
- "user": "string",
- "user_claims": { }
}, - "output": {
- "allow": true,
- "status": {
- "reason": "string"
}
}
}, - "duration": 0,
- "request": {
- "class": "string",
- "errors": {
- "evaluation": "string"
}, - "host": "string",
- "id": "string",
- "method": "string",
- "path": "string",
- "request_body": "string",
- "requested_by": "string",
- "requested_through": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "response": {
- "errors": {
- "processing": "string"
}, - "status_code": 0,
- "timestamp": "2019-08-24T14:15:22Z"
}
}
]
}
}
cursor | string continue from cursor position of previous query |
start_time | string minimum request time |
end_time | string maximum request time |
query | string search query |
limit | integer maximum number of activity records to return |
class | string filter response to given activity class |
outcome | string filter by outcome type. One of (all, allowed, denied, error) |
order | string ASC, DESC (default) |
default_timezone | string client time zone offset e.g. -07:00, +3:00, Z. Local time expressions in query are adjusted with this offset |
compact | boolean return only essential decision fields |
{- "cursor": "string",
- "request_id": "string",
- "results": [
- {
- "decision": {
- "input": {
- "body": { },
- "method": "string",
- "path": "string",
- "user": "string",
- "user_claims": { }
}, - "output": {
- "allow": true,
- "status": {
- "reason": "string"
}
}
}, - "duration": 0,
- "request": {
- "class": "string",
- "errors": {
- "evaluation": "string"
}, - "host": "string",
- "id": "string",
- "method": "string",
- "path": "string",
- "request_body": "string",
- "requested_by": "string",
- "requested_through": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "response": {
- "errors": {
- "processing": "string"
}, - "status_code": 0,
- "timestamp": "2019-08-24T14:15:22Z"
}
}
]
}
id required | string.* request ID |
{- "request_id": "string",
- "results": {
- "decision": {
- "input": {
- "body": { },
- "method": "string",
- "path": "string",
- "user": "string",
- "user_claims": { }
}, - "output": {
- "allow": true,
- "status": {
- "reason": "string"
}
}
}, - "duration": 0,
- "request": {
- "class": "string",
- "errors": {
- "evaluation": "string"
}, - "host": "string",
- "id": "string",
- "method": "string",
- "path": "string",
- "request_body": "string",
- "requested_by": "string",
- "requested_through": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}, - "response": {
- "errors": {
- "processing": "string"
}, - "status_code": 0,
- "timestamp": "2019-08-24T14:15:22Z"
}
}
}
kind required | string agent kind such as "agents", "datasources", "datasources-agents", "slps", "exporters" |
system | string return only statuses for one or more system ID |
id | string return only statuses for one or more agent ID |
excludes | string filters keys from agent statuses (separate keys by comma, nest keys using dot notation (e.g. parentKey.nestedKey,parentKey2). lists unsupported |
{- "request_id": "string",
- "result": {
- "property1": { },
- "property2": { }
}
}
kind required | string agent kind such as "agents", "datasources", "datasources-agents", "slps", "exporters" |
{ }
{- "request_id": "string"
}
kind required | string agent kind such as "agents", "datasources", "datasources-agents", "slps", "exporters" |
id required | string.* agent id |
{ }
{- "request_id": "string"
}
action required | string |
body required | object |
check_option required | string |
operation required | string |
path required | string |
[- {
- "action": "string",
- "body": { },
- "check_option": "string",
- "operation": "string",
- "path": "string"
}
]
{- "request_id": "string",
- "result": [
- {
- "allowed": true,
- "body": { },
- "check_option": "string",
- "eval_error": true,
- "operation": "string",
- "path": "string"
}
]
}
{- "request_id": "string",
- "result": {
- "property1": {
- "property1": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
], - "property2": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}, - "property2": {
- "property1": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
], - "property2": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}
}
}
resourcetype required | string.* resource type |
resource required | string.* resource id |
{- "request_id": "string",
- "result": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
]
}
resourcetype required | string.* resource type |
resource required | string.* resource id |
rolebinding required | string.* role binding id |
recursive | string if set to 'false', only deletes the role binding configuration and does not delete associated objects |
{- "request_id": "string"
}
resourcetype required | string.* resource type |
resource required | string.* resource id |
rolebinding required | string.* role binding id |
{- "request_id": "string",
- "result": {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "role_name": "string",
- "subjects": [
- "string"
]
}
}
resourcetype required | string.* resource type |
resource required | string.* resource id |
rolebinding required | string.* role binding id |
description required | string |
id required | string |
role_name required | string |
subjects required | Array of strings |
{- "description": "string",
- "id": "string",
- "role_name": "string",
- "subjects": [
- "string"
]
}
{- "request_id": "string"
}
resource_kind | string if set returns only rolebindings involving the specified resource kind (if supplied multiple times will return rolebindings that match any of the specified resource kinds) |
resource_id | string if set returns only rolebindings involving the specified resource id (if supplied multiple times will return rolebindings that match any of the specified resource ids) |
role_id | string if set returns only rolebindings involving the specified role id (if supplied multiple times will return rolebindings that match any of the specified role ids) |
subject_kind | string if set returns only rolebindings involving the specified subject kind (if supplied multiple times will return rolebindings that match any of the specified subject kinds) |
subject_id | string if set returns only rolebindings involving the specified subject id (if supplied multiple times will return rolebindings that match any of the specified subject ids) |
internal | boolean if set to 'true', returns only internal rolebindings |
limit | integer maximum number of items to return. If no limit is specified, the default is to return all results. |
offset | integer controls the starting point within the list of items. Note that the first item is retrieved by setting a zero offset. |
{- "Offset": 0,
- "request_id": "string",
- "rolebindings": [
- {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
]
}
If-None-Match | string if set to '*', will not update existing rolebinding |
id | string if present, implies updating existing rolebinding in its entirety, otherwise create new |
required | object (authz.v2.ResourceFilter) |
role_id required | string role ID e.g., SystemOwner |
required | Array of objects (authz.v2.Subject) list of subjects |
{- "id": "string",
- "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
id required | string.* rolebinding ID |
required | Array of objects (authz.v2.Subject) | ||||||
Array
|
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
id required | string.* rolebinding ID |
required | Array of objects (authz.v2.Subject) | ||||||
Array
|
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
id required | string.* rolebinding ID |
required | Array of objects (authz.v2.Subject) | ||||||
Array
|
{- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
{- "request_id": "string",
- "rolebinding": {
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_filter": {
- "id": "string",
- "kind": "string"
}, - "role_id": "string",
- "subjects": [
- {
- "claim_config": {
- "identity_provider": "string",
- "key": "string",
- "value": "string"
}, - "id": "string",
- "kind": "string"
}
]
}
}
resource_kind | string if set returns only roles applicable to specific resource kind |
{- "request_id": "string",
- "roles": [
- {
- "description": "string",
- "id": "string",
- "inherit_roles": [
- {
- "action": "string",
- "resource_kind": "string",
- "role": "string"
}
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resource_kind": "string"
}
]
}
name required | string.* The blueprint name. |
{- "request_id": "string",
- "result": {
- "blueprint": "string",
- "resources": [
- {
- "id": "string",
- "type": "string"
}
]
}
}
policy | string policy name |
eval_path | string path to partial evaluation |
kind | string Default: "Plain" Enum: "Plain" "BJson" Kind of a bundle |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
policy required | string.* policy name |
eval_path | string path to partial evaluation |
kind | string Default: "Plain" Enum: "Plain" "BJson" Kind of a bundle |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
Data (whether the result of evaluating policy or the data gathered by datasources) is arranged into a tree. List the locations within the tree that data exists.
rego | string Rego query to be executed for the documents |
jsonpath | string Json Path expression to extract portions of documents |
sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
strict | boolean Enable strict Rego compilation mode |
data | string Initial data object in JSON format |
download | boolean Default: false Download data as data.json file |
limit | string Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": null,
- "type_env": null
}
rego | string Rego query to be executed for the documents |
jsonpath | string Json Path expression to extract portions of documents |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
{- "code": "string",
- "errors": [
- "string"
], - "message": "string",
- "request_id": "string"
}
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
data | object Initial data object |
input | object |
jsonpath | string Json Path expression to extract portions of documents |
object (data.v1.BuiltinMocks) | |
object Cache containing results of non-deterministic built-in functions | |
query_package | string The package name to be used with query in case of multiple rego modules |
rego | string Rego query to be executed for the documents |
object List of rego modules to be loaded and executed for the documents | |
replay | boolean Inject STYRA_DAS_REPLAY environment variable into opa.runtime().env |
sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
strict | boolean Enable strict Rego compilation mode |
{- "data": { },
- "input": { },
- "jsonpath": "string",
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "data": [
- {
- "parameters": { },
- "query": "string",
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "redis.query": {
- "data": [
- {
- "addr": "string",
- "args": [
- null
], - "command": "string",
- "db": 0,
- "result": { }
}
]
}, - "sql.send": {
- "data": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}, - "vault.send": {
- "data": [
- {
- "mount_path": "string",
- "path": "string",
- "result": { }
}
]
}
}, - "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "query_package": "string",
- "rego": "string",
- "rego_modules": {
- "property1": "string",
- "property2": "string"
}, - "replay": true,
- "sandbox": true,
- "strict": true
}
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": null,
- "type_env": null
}
Show data at the given name
. The name
must be an extension of one of the locations of data as returned by GET v1/data
name required | string.* Data name |
rego | string Rego query to be executed for the documents |
jsonpath | string JSONPath expression to extract portions of documents |
sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
strict | boolean Enable strict Rego compilation mode |
data | string Initial data object in JSON format |
download | boolean Default: false Download data as |
limit | string Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": null,
- "type_env": null
}
name required | string.* data name |
rego | string Rego query to be executed for the documents |
jsonpath | string Json Path expression to extract portions of documents |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
{- "code": "string",
- "errors": [
- "string"
], - "message": "string",
- "request_id": "string"
}
Modify the data of the push datasource registered at <path>
by applying a JSON patch to the JSON document. The content type for the patch is application/json-patch+json
. The operation returns the modified data.
name required | string.* data name |
If-Match | string etag |
{ }
{- "request_id": "string",
- "result": null
}
Show data at the given name
. The name
must be an extension of one of the locations of data as returned by GET v1/data
.
name required | string.* data name |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
data | object Initial data object |
input | object |
jsonpath | string Json Path expression to extract portions of documents |
object (data.v1.BuiltinMocks) | |
object Cache containing results of non-deterministic built-in functions | |
query_package | string The package name to be used with query in case of multiple rego modules |
rego | string Rego query to be executed for the documents |
object List of rego modules to be loaded and executed for the documents | |
replay | boolean Inject STYRA_DAS_REPLAY environment variable into opa.runtime().env |
sandbox | boolean Only used explicitly provided policies and data. Do not load anything from DAS |
strict | boolean Enable strict Rego compilation mode |
{- "data": { },
- "input": { },
- "jsonpath": "string",
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "data": [
- {
- "parameters": { },
- "query": "string",
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "redis.query": {
- "data": [
- {
- "addr": "string",
- "args": [
- null
], - "command": "string",
- "db": 0,
- "result": { }
}
]
}, - "sql.send": {
- "data": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}, - "vault.send": {
- "data": [
- {
- "mount_path": "string",
- "path": "string",
- "result": { }
}
]
}
}, - "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "query_package": "string",
- "rego": "string",
- "rego_modules": {
- "property1": "string",
- "property2": "string"
}, - "replay": true,
- "sandbox": true,
- "strict": true
}
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": null,
- "type_env": null
}
Set the data for the datasource registered at <name>
to an arbitrary JSON document. This data can be read by doing GET v1/data/<path>
name required | string.* data name |
If-Match | string etag |
{ }
{- "request_id": "string"
}
datasource required | string.* Data source ID |
execute | boolean Execute data source |
preview | boolean Preview data source |
download | boolean Default: false This is part of preview workflow. Download preview data as data.json file. |
limit | string This is part of preview workflow. Returns '413 Payload Too Large' response if the body size is greater than given limit. The units KB, MB and etc can be used. Example: 10 MB; 28 kilobytes; 2000 |
category required | string Must be |
description | string |
enabled | boolean Default: true |
on_premises | boolean Default: false |
rate_limit | number Default: 3 requests per second |
polling_interval | string Default: "30s" |
policy_filter | string Policy Filter (if set, then policy_query must be set as well) |
policy_query | string Policy Query (if set, then policy_filter must be set as well) |
credentials required | string Secret ID with AWS credentials |
region required | string AWS region |
RegistryId | string Registry ID |
{- "request_id": "string",
- "result": null
}
datasource required | string.* Data source ID |
If-None-Match | string The server will return the requested resource, with a 200 status, only if it doesn't have an ETag matching the given ones. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/If-None-Match documentation. |
category required | string Must be |
description | string |
enabled | boolean Default: true |
on_premises | boolean Default: false |
rate_limit | number Default: 3 requests per second |
polling_interval | string Default: "30s" |
policy_filter | string Policy Filter (if set, then policy_query must be set as well) |
policy_query | string Policy Query (if set, then policy_filter must be set as well) |
credentials required | string Secret ID with AWS credentials |
region required | string AWS region |
RegistryId | string Registry ID |
{- "request_id": "string",
- "result": {
- "category": "aws/ecr",
- "credentials": "aws_creds",
- "on_premises": false,
- "region": "us-east-1",
- "executed": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "resources": [
- { }
], - "status": { }
}
}
input_max_size | string input_max_size will remove specified subfield from response if it exceeds the size specified |
result_max_size | string result_max_size will remove specified subfield from response if it exceeds the size specified |
cursor | string continue from cursor position of previous query |
start_time | string <date-time> minimum decision time |
end_time | string <date-time> maximum decision time |
search | string search query |
system | string system ID |
stack | string stack ID |
limit | integer Default: 100 maximum number of decisions to return |
result_kind | string Default: "ALL" comma-separated list of ALL, UNKNOWN, ADVICE, ALLOWED, DENIED, ERROR |
order | string Default: "DESC" ASC, DESC |
default_timezone | string client time zone offset e.g. -07:00, +3:00, Z. Local time expressions in query are adjusted with this offset |
compact | boolean return only essential decision fields |
{- "request_id": "string",
- "result": {
- "cursor": "string",
- "items": [
- {
- "agent_id": "string",
- "allowed": {
- "error": "string",
- "value": true
}, - "batch_decision_id": "string",
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "columns": [
- {
- "error": "string",
- "key": "string",
- "type": "string",
- "value": null
}
], - "cursor": "string",
- "decision_id": "string",
- "decision_type": 0,
- "erased": [
- "string"
], - "error": null,
- "filtered_fields": [
- "string"
], - "input": null,
- "kafka_topic": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "path": "string",
- "policy_type": "string",
- "processed": "2019-08-24T14:15:22Z",
- "query": "string",
- "reason": {
- "error": "string",
- "value": "string"
}, - "received": "2019-08-24T14:15:22Z",
- "req_id": 0,
- "request_context": {
- "http": {
- "headers": {
- "property1": [
- "string"
], - "property2": [
- "string"
]
}
}
}, - "requested_by": "string",
- "result": null,
- "revision": "string",
- "stacks": [
- "string"
], - "system_id": "string",
- "system_type": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
input_max_size | string input_max_size will remove specified subfield from response if it exceeds the size specified |
result_max_size | string result_max_size will remove specified subfield from response if it exceeds the size specified |
compact | boolean Default: false return only essential decision fields |
cursor | string continue from cursor position of previous query |
default_timezone | string client time zone offset. Local time expressions in query are adjusted with this offset |
end_time | string <date-time> maximum decision time |
limit | integer <int64> Default: 100 maximum number of decisions to return |
order | string Default: "DESC" ASC, DESC |
result_kind | string Default: "ALL" comma-separated list of ALL, UNKNOWN, ADVICE, ALLOWED, DENIED, ERROR |
search | string search query |
stack | string stack ID |
start_time | string <date-time> minimum decision time |
system | string system ID |
{- "compact": false,
- "cursor": "string",
- "default_timezone": "-07:00, +3:00, Z",
- "end_time": "2019-08-24T14:15:22Z",
- "limit": 100,
- "order": "DESC",
- "result_kind": "ALL",
- "search": "string",
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "cursor": "string",
- "items": [
- {
- "agent_id": "string",
- "allowed": {
- "error": "string",
- "value": true
}, - "batch_decision_id": "string",
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "columns": [
- {
- "error": "string",
- "key": "string",
- "type": "string",
- "value": null
}
], - "cursor": "string",
- "decision_id": "string",
- "decision_type": 0,
- "erased": [
- "string"
], - "error": null,
- "filtered_fields": [
- "string"
], - "input": null,
- "kafka_topic": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "path": "string",
- "policy_type": "string",
- "processed": "2019-08-24T14:15:22Z",
- "query": "string",
- "reason": {
- "error": "string",
- "value": "string"
}, - "received": "2019-08-24T14:15:22Z",
- "req_id": 0,
- "request_context": {
- "http": {
- "headers": {
- "property1": [
- "string"
], - "property2": [
- "string"
]
}
}
}, - "requested_by": "string",
- "result": null,
- "revision": "string",
- "stacks": [
- "string"
], - "system_id": "string",
- "system_type": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
cursor required | string decision cursor value |
input_max_size | string input_max_size will remove specified subfield from response if it exceeds the size specified |
result_max_size | string result_max_size will remove specified subfield from response if it exceeds the size specified |
{- "request_id": "string",
- "result": {
- "agent_id": "string",
- "allowed": {
- "error": "string",
- "value": true
}, - "batch_decision_id": "string",
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "columns": [
- {
- "error": "string",
- "key": "string",
- "type": "string",
- "value": null
}
], - "cursor": "string",
- "decision_id": "string",
- "decision_type": 0,
- "erased": [
- "string"
], - "error": null,
- "filtered_fields": [
- "string"
], - "input": null,
- "kafka_topic": "string",
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "path": "string",
- "policy_type": "string",
- "processed": "2019-08-24T14:15:22Z",
- "query": "string",
- "reason": {
- "error": "string",
- "value": "string"
}, - "received": "2019-08-24T14:15:22Z",
- "req_id": 0,
- "request_context": {
- "http": {
- "headers": {
- "property1": [
- "string"
], - "property2": [
- "string"
]
}
}
}, - "requested_by": "string",
- "result": null,
- "revision": "string",
- "stacks": [
- "string"
], - "system_id": "string",
- "system_type": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
{- "request_id": "string",
- "result": [
- {
- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "certificate": "string",
- "client_id": "string",
- "client_secret": "string",
- "effective_client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "private_key": "string",
- "proxy_url": "string",
- "redirect_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}
]
}
allow_idp_initiated required | boolean |
allowed_domains required | Array of strings allow users from domains |
auth_url required | string |
certificate required | string send instead of KeyCertificate for new configs |
client_id required | string |
client_secret required | string |
effective_client_secret required | string send instead of ClientSecret for new configs |
email_attribute required | string |
enabled required | boolean whether it can be used as a provider or not |
id required | string |
issuer_url required | string |
jit required | boolean True, if users are provisioned on-demand |
key_certificate required | string |
metadata required | string |
override_discovery_issuer_url | string |
private_key required | string send instead of KeyCertificate for new configs |
proxy_url required | string |
redirect_url required | string |
response_mode required | string |
scopes required | Array of strings |
skip_token_issuer_check | boolean |
token_url required | string |
type required | string OIDC (default) or SAML |
unique_claim required | string claim to be used as the unique id for users |
user_info_url required | string |
{- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "certificate": "string",
- "client_id": "string",
- "client_secret": "string",
- "effective_client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "private_key": "string",
- "proxy_url": "string",
- "redirect_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}
{- "request_id": "string"
}
allow_idp_initiated required | boolean |
allowed_domains required | Array of strings allow users from domains |
auth_url required | string |
certificate required | string send instead of KeyCertificate for new configs |
client_id required | string |
client_secret required | string |
effective_client_secret required | string send instead of ClientSecret for new configs |
email_attribute required | string |
enabled required | boolean whether it can be used as a provider or not |
id required | string |
issuer_url required | string |
jit required | boolean True, if users are provisioned on-demand |
key_certificate required | string |
metadata required | string |
override_discovery_issuer_url | string |
private_key required | string send instead of KeyCertificate for new configs |
proxy_url required | string |
redirect_url required | string |
response_mode required | string |
scopes required | Array of strings |
skip_token_issuer_check | boolean |
token_url required | string |
type required | string OIDC (default) or SAML |
unique_claim required | string claim to be used as the unique id for users |
user_info_url required | string |
{- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "certificate": "string",
- "client_id": "string",
- "client_secret": "string",
- "effective_client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "private_key": "string",
- "proxy_url": "string",
- "redirect_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}
{- "request_id": "string",
- "result": {
- "redirect_url": "string"
}
}
{- "request_id": "string",
- "result": {
- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "certificate": "string",
- "client_id": "string",
- "client_secret": "string",
- "effective_client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "private_key": "string",
- "proxy_url": "string",
- "redirect_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}
}
providerId required | string.+ provider ID |
If-None-Match | string if set to '*' then creates a new provider with type-specific related objects |
allow_idp_initiated required | boolean |
allowed_domains required | Array of strings allow users from domains |
auth_url required | string |
certificate required | string send instead of KeyCertificate for new configs |
client_id required | string |
client_secret required | string |
effective_client_secret required | string send instead of ClientSecret for new configs |
email_attribute required | string |
enabled required | boolean whether it can be used as a provider or not |
id required | string |
issuer_url required | string |
jit required | boolean True, if users are provisioned on-demand |
key_certificate required | string |
metadata required | string |
override_discovery_issuer_url | string |
private_key required | string send instead of KeyCertificate for new configs |
proxy_url required | string |
redirect_url required | string |
response_mode required | string |
scopes required | Array of strings |
skip_token_issuer_check | boolean |
token_url required | string |
type required | string OIDC (default) or SAML |
unique_claim required | string claim to be used as the unique id for users |
user_info_url required | string |
{- "allow_idp_initiated": true,
- "allowed_domains": [
- "string"
], - "auth_url": "string",
- "certificate": "string",
- "client_id": "string",
- "client_secret": "string",
- "effective_client_secret": "string",
- "email_attribute": "string",
- "enabled": true,
- "id": "string",
- "issuer_url": "string",
- "jit": true,
- "key_certificate": "string",
- "metadata": "string",
- "override_discovery_issuer_url": "string",
- "private_key": "string",
- "proxy_url": "string",
- "redirect_url": "string",
- "response_mode": "string",
- "scopes": [
- "string"
], - "skip_token_issuer_check": true,
- "token_url": "string",
- "type": "string",
- "unique_claim": "string",
- "user_info_url": "string"
}
{- "request_id": "string"
}
boolean set to false to avoid sending an email |
roles required | Array of strings list of roles for the invited user |
user_id required | string user ID to create invitation for |
{- "roles": [
- "string"
], - "user_id": "string"
}
{- "request_id": "string",
- "result": {
- "url": "string"
}
}
token required | string.+ token from the invitation URL |
password required | string new user password |
user_id required | string new user ID |
{- "password": "string",
- "user_id": "string"
}
{- "request_id": "string"
}
{- "request_id": "string",
- "result": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}
}
]
}
Verifies that the repository can be accessed with the provided credentials
commit required | string Commit SHA. Only one of reference or commit can be set at any time |
credentials required | string Credentials are looked under the key |
id required | string id of the entity so that the config can be checked for duplicates |
path required | string Path to limit the import to |
reference required | string Remote reference. Only one of reference or commit can be set at any time |
object (git.v1.SSHCredentials) | |
url required | string Repository URL |
{- "commit": "string",
- "credentials": "string",
- "id": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
{- "request_id": "string",
- "result": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "sha": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}
id required | string.* id |
policies | boolean set to 'false' to omit policies from the output |
modules | boolean set to 'false' to omit modules from the output |
datasources | boolean set to 'false' to omit datasources from the output |
rule_counts | boolean set to 'false' to omit policy rule counts in the output |
dependant_bundles | string level of report for bundles depending on the library. One of (none, active, all). "active" is the default |
{- "result": {
- "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "used_by": [
- {
- "bundles": [
- {
- "bundle_id": "string",
- "version": 0
}
], - "system_id": "string"
}
]
}
}
id required | string.* id |
description required | string |
read_only required | boolean |
object (libraries.v1.SourceControlConfig) |
{- "description": "string",
- "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}
}
{- "result": {
- "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "library_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "used_by": [
- {
- "bundles": [
- {
- "bundle_id": "string",
- "version": 0
}
], - "system_id": "string"
}
]
}
}
Gets the list of files for the branch that the Styra DAS creates when modifying rego in the Styra DAS UI and pushing the changes to GitHub in a branch for review.
id required | string.* library id |
{- "request_id": "string",
- "result": {
- "branch": "string",
- "changed_files": [
- "string"
], - "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}
Commit files to source control associated with a library
id required | string.* library id |
author required | string |
email required | string |
required | object Map of filenames to file contents |
files_to_delete required | Array of strings List of filenames to delete from the repo |
message required | string |
{- "author": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
{- "request_id": "string",
- "result": {
- "author": "string",
- "branch": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
}
Gets the list of files in the currently chosen branch.
id required | string.* library id |
{- "request_id": "string",
- "result": {
- "branch": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}
}
}
id required | string.* id |
object draft policies to be used for 'new' violations computation (path => rego) | |
mode | string Default: "delta" validation mode. One of (delta, all, delta-count, all-count) |
policy_type | string policy type to narrow the monitor policy search (e.g. validating, mutating). Default (empty string or missing) is to run all monitoring policies |
{- "drafts": {
- "property1": "string",
- "property2": "string"
}, - "mode": "delta",
- "policy_type": "string"
}
{- "request_id": "string",
- "result": {
- "property1": {
- "all": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "all_count": 0,
- "all_errors_count": 0,
- "all_failed_count": 0,
- "new": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "new_count": 0,
- "new_errors_count": 0,
- "new_failed_count": 0,
- "resolved": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "resolved_count": 0,
- "resolved_errors_count": 0,
- "resolved_failed_count": 0,
- "unchanged": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "unchanged_count": 0,
- "unchanged_errors_count": 0,
- "unchanged_failed_count": 0
}, - "property2": {
- "all": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "all_count": 0,
- "all_errors_count": 0,
- "all_failed_count": 0,
- "new": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "new_count": 0,
- "new_errors_count": 0,
- "new_failed_count": 0,
- "resolved": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "resolved_count": 0,
- "resolved_errors_count": 0,
- "resolved_failed_count": 0,
- "unchanged": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "unchanged_count": 0,
- "unchanged_errors_count": 0,
- "unchanged_failed_count": 0
}
}
}
log-replay
is a service that re-evaluates past decision logs in order to estimate what would change if one of the policies
would be different. log-replay
is used as an analysis tool to analyze the impact of a policy change.
compare_full_results | boolean Default: false do not compare decisions by system-type-dependent significant fields |
data_patches | Array of objects (logreplay.v1.ReplayRequest.data_patches) [ items ] list of JSON Patches to apply to the data namespace |
decision_patches | Array of objects (logreplay.v1.ReplayRequest.decision_patches) [ items ] list of JSON Patches to apply to the decisions before they evaluated |
deterministic_policies | boolean Default: true signals that decisions having the same inputs, data and revision always evaluate to the same result and therefore can be cached |
duration | string maximum replay duration (e.g. "20s") |
max_samples | integer <int32> maximum number of samples to return |
object (data.v1.BuiltinMocks) | |
object modified rego policies (path => rego content) | |
Array of objects (logreplay.v1.ReplayScope) list of scopes to narrow the decision search | |
skip_batches | Array of strings list of batch IDs to skip |
{- "compare_full_results": false,
- "data_patches": [
- [
- { }
]
], - "decision_patches": [
- [
- { }
]
], - "deterministic_policies": true,
- "duration": "string",
- "max_samples": 0,
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "data": [
- {
- "parameters": { },
- "query": "string",
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "redis.query": {
- "data": [
- {
- "addr": "string",
- "args": [
- null
], - "command": "string",
- "db": 0,
- "result": { }
}
]
}, - "sql.send": {
- "data": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}, - "vault.send": {
- "data": [
- {
- "mount_path": "string",
- "path": "string",
- "result": { }
}
]
}
}, - "policies": {
- "property1": "string",
- "property2": "string"
}, - "scope": [
- {
- "max_age": "string",
- "max_revisions": 1,
- "min_age": "string",
- "path": "string"
}
], - "skip_batches": [
- "string"
]
}
{- "analyzed_batches": [
- "string"
], - "duration": 0,
- "samples": [
- {
- "batch_decision_id": "string",
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "count": 0,
- "decision_id": "string",
- "erased": [
- "string"
], - "error": "string",
- "input": null,
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "new_result": null,
- "path": "string",
- "query": "string",
- "req_id": 0,
- "request_context": {
- "http": {
- "headers": {
- "property1": [
- "string"
], - "property2": [
- "string"
]
}
}
}, - "requested_by": "string",
- "result": null,
- "revision": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "started": "2019-08-24T14:15:22Z",
- "stats": {
- "analysis_errors": 0,
- "batches_analyzed": 0,
- "batches_download_errors": 0,
- "batches_downloaded": 0,
- "batches_from_cache": 0,
- "batches_observed": 0,
- "batches_scheduled": 0,
- "batches_skipped": 0,
- "entries_evaluated": 0,
- "entries_failed": 0,
- "entries_observed": 0,
- "entries_scheduled": 0,
- "results_changed": 0
}
}
object system ID -> bundle filter mapping specifying which bundles to consider for each system. Use empty string or '*' to provide default filter | |
compare_full_results | boolean Default: false do not compare decisions by system-type-dependent significant fields |
decision_patches | Array of objects (logreplay.v2.ReplayRequest.decision_patches) [ items ] list of JSON Patches to apply to the decisions before they evaluated |
object modifications to make to policies or data | |
duration | string maximum replay duration (e.g. "20s") |
max_samples | integer <int32> maximum number of samples to return |
object (data.v1.BuiltinMocks) | |
path_filters | Array of strings list of path filters. Each entry is either a path prefix that the decision path must begin with or the decision path must be prefix of the entry |
skip_batches | Array of strings list of batch IDs to skip |
systems | Array of strings list of system IDs. If provided, systems that are not in the list won't be replayed even if affected by one of the drafts' |
{- "bundle_filters": {
- "property1": {
- "active_from": 0,
- "active_to": 0,
- "bundle_id": "string",
- "created_from": "2019-08-24T14:15:22Z",
- "created_to": "2019-08-24T14:15:22Z",
- "last_deployed_from": "2019-08-24T14:15:22Z",
- "last_deployed_to": "2019-08-24T14:15:22Z",
- "reverse_versioning": true,
- "version_from": 0,
- "version_to": 0
}, - "property2": {
- "active_from": 0,
- "active_to": 0,
- "bundle_id": "string",
- "created_from": "2019-08-24T14:15:22Z",
- "created_to": "2019-08-24T14:15:22Z",
- "last_deployed_from": "2019-08-24T14:15:22Z",
- "last_deployed_to": "2019-08-24T14:15:22Z",
- "reverse_versioning": true,
- "version_from": 0,
- "version_to": 0
}
}, - "compare_full_results": false,
- "decision_patches": [
- [
- { }
]
], - "drafts": {
- "property1": {
- "contents": null,
- "datasources": true,
- "patches": [
- [
- { }
]
], - "policy": {
- "context": "string",
- "overlays": [
- "string"
]
}
}, - "property2": {
- "contents": null,
- "datasources": true,
- "patches": [
- [
- { }
]
], - "policy": {
- "context": "string",
- "overlays": [
- "string"
]
}
}
}, - "duration": "string",
- "max_samples": 0,
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "data": [
- {
- "parameters": { },
- "query": "string",
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "redis.query": {
- "data": [
- {
- "addr": "string",
- "args": [
- null
], - "command": "string",
- "db": 0,
- "result": { }
}
]
}, - "sql.send": {
- "data": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}, - "vault.send": {
- "data": [
- {
- "mount_path": "string",
- "path": "string",
- "result": { }
}
]
}
}, - "path_filters": [
- "string"
], - "skip_batches": [
- "string"
], - "systems": [
- "string"
]
}
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": {
- "analyzed_batches": [
- "string"
], - "duration": 0,
- "samples": [
- {
- "batch_decision_id": "string",
- "bundles": {
- "property1": {
- "revision": "string"
}, - "property2": {
- "revision": "string"
}
}, - "count": 0,
- "decision_id": "string",
- "erased": [
- "string"
], - "error": "string",
- "input": null,
- "labels": {
- "property1": "string",
- "property2": "string"
}, - "metrics": { },
- "nd_builtin_cache": {
- "property1": { },
- "property2": { }
}, - "new_result": null,
- "path": "string",
- "query": "string",
- "req_id": 0,
- "request_context": {
- "http": {
- "headers": {
- "property1": [
- "string"
], - "property2": [
- "string"
]
}
}
}, - "requested_by": "string",
- "result": null,
- "revision": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "started": "2019-08-24T14:15:22Z",
- "stats": {
- "analysis_errors": 0,
- "batches_analyzed": 0,
- "batches_download_errors": 0,
- "batches_downloaded": 0,
- "batches_from_cache": 0,
- "batches_observed": 0,
- "batches_scheduled": 0,
- "batches_skipped": 0,
- "entries_evaluated": 0,
- "entries_failed": 0,
- "entries_observed": 0,
- "entries_scheduled": 0,
- "results_changed": 0
}
}
}
partition required | string.* partition name. Currently not used |
[- { }
]
{- "request_id": "string"
}
{- "request_id": "string",
- "result": [
- {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
]
}
duration required | string |
system_id required | string |
{- "duration": "string",
- "system_id": "string"
}
{- "request_id": "string",
- "result": {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
}
{- "request_id": "string",
- "result": {
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "system_id": "string"
}
}
type required | string.* notification type |
code | string authorization code from notification tool |
state | string unique identification code |
{- "request_id": "string",
- "response_url": "string"
}
type required | string.* notification type |
token required | string |
{- "token": "string"
}
{- "request_id": "string"
}
token required | string.+ Token ID |
password required | string |
user_id required | string |
{- "password": "string",
- "user_id": "string"
}
{- "url": "string"
}
password required | string |
{- "password": "string"
}
{- "request_id": "string",
- "result": {
- "cracktime": 0.1,
- "cracktime_display": "string",
- "feedback": {
- "suggestions": [
- "string"
], - "warning": "string"
}, - "max": 0,
- "min": 0,
- "pass": 0,
- "score": 0
}
}
metadata | string return rego metadata of specified type or all if no type provided |
modules | boolean return rego metadata for each module separately |
drafts | boolean return rego metadata for draft policies (when metadata flag is used) |
prefix | string return only the policies having the prefix |
{- "metadata": [
- {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}
], - "request_id": "string",
- "result": null
}
metadata | string return rego metadata of specified type or all if no type provided |
drafts | boolean return rego metadata for draft policies (when metadata flag is used) |
{- "metadata": [
- {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}
], - "request_id": "string",
- "result": null
}
system required | string system id |
metadata | string return rego metadata of specified type or all if no type provided |
drafts | boolean return rego metadata for draft policies (when metadata flag is used) |
{- "metadata": [
- {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}
], - "request_id": "string",
- "result": null
}
policy required | string.+ policy name |
If-None-Match | string etag |
required | object module file name to rego (and also data.json/data.yaml if enabled for the tenant) contents dictionary |
object (crypto.Signature) |
{- "modules": {
- "property1": "string",
- "property2": "string"
}, - "signature": {
- "excluded": {
- "digest": "string",
- "nodes": {
- "property1": { },
- "property2": { }
}
}, - "signatures": [
- {
- "property1": "string",
- "property2": "string"
}
]
}
}
{- "request_id": "string"
}
v1 | boolean Enable formatting to comply with both the RegoV0 and RegoV1 syntax |
required | object | ||
|
{- "input": {
- "property1": "string",
- "property2": "string"
}
}
{- "errors": {
- "property1": [
- { }
], - "property2": [
- { }
]
}, - "metadata": [
- {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}
], - "output": {
- "property1": "string",
- "property2": "string"
}, - "request_id": "string"
}
key required | string[a-zA-Z0-9-_]+ key that the relay client registered with |
id | string id of a specific relay client |
{- "request_id": "string",
- "result": [
- {
- "client_id": "string",
- "client_key": "string",
- "remote_address": "string",
- "version": "string"
}
]
}
{- "request_id": "string",
- "result": [
- {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "name": "string"
}
]
}
{- "request_id": "string",
- "result": {
- "description": "string",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "name": "string"
}
}
secretId required | string.* secret ID |
If-None-Match | string if set to '*' then the request fill fail if the secret already exists |
description required | string |
name required | string |
secret required | string |
{- "description": "string",
- "name": "string",
- "secret": "string"
}
{- "request_id": "string"
}
password required | string |
{- "password": "string"
}
{- "request_id": "string",
- "result": {
- "cracktime": 0.1,
- "cracktime_display": "string",
- "feedback": {
- "suggestions": [
- "string"
], - "warning": "string"
}, - "max": 0,
- "min": 0,
- "pass": 0,
- "score": 0
}
}
policies | boolean set to 'false' to omit policies from the output |
modules | boolean set to 'false' to omit modules from the output |
datasources | boolean set to 'false' to omit datasources from the output |
errors | boolean set to 'false' to omit errors/warnings from the output |
metadata | boolean set to 'false' to omit metadata from the output |
rule_counts | boolean set to 'false' to omit policy rule counts in the output |
matching_systems | boolean set to 'false' to omit list of matching systems in the output |
minimum_opa_version | boolean set to 'false' to omit minimum OPA version for systems using stack |
{- "request_id": "string",
- "result": [
- {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "errors": {
- "property1": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}, - "property2": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}
}, - "id": "string",
- "info": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "matching_systems": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "migration_history": [
- {
- "from": "string",
- "initiated_by": "string",
- "initiating_user": "string",
- "migrated_at": "2019-08-24T14:15:22Z",
- "recovered": true,
- "to": "string"
}
], - "minimum_opa_version": "string",
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "status": "string",
- "type": "string",
- "type_parameters": { },
- "warnings": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
]
}
description required | string |
name required | string |
read_only required | boolean |
object (stacks.v1.SourceControlConfig) | |
type required | string |
type_parameters | object stack type parameter values (for template.* types) |
{- "description": "string",
- "name": "string",
- "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "type": "string",
- "type_parameters": { }
}
{- "request_id": "string",
- "result": {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "errors": {
- "property1": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}, - "property2": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}
}, - "id": "string",
- "info": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "matching_systems": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "migration_history": [
- {
- "from": "string",
- "initiated_by": "string",
- "initiating_user": "string",
- "migrated_at": "2019-08-24T14:15:22Z",
- "recovered": true,
- "to": "string"
}
], - "minimum_opa_version": "string",
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "status": "string",
- "type": "string",
- "type_parameters": { },
- "warnings": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
}
Verifies that the repository can be accessed with the provided credentials
commit required | string Commit SHA. Only one of reference or commit can be set at any time |
credentials required | string Credentials are looked under the key |
id required | string id of the entity so that the config can be checked for duplicates |
path required | string Path to limit the import to |
reference required | string Remote reference. Only one of reference or commit can be set at any time |
object (git.v1.SSHCredentials) | |
url required | string Repository URL |
{- "commit": "string",
- "credentials": "string",
- "id": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
{- "request_id": "string",
- "result": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "sha": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}
Gets the list of files for the branch that the Styra DAS creates when modifying rego in the Styra DAS UI and pushing the changes to GitHub in a branch for review.
id required | string.* stack id |
{- "request_id": "string",
- "result": {
- "branch": "string",
- "changed_files": [
- "string"
], - "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}
Commit files to source control associated with a stack
id required | string.* stack id |
author required | string |
email required | string |
required | object Map of filenames to file contents |
files_to_delete required | Array of strings List of filenames to delete from the repo |
message required | string |
{- "author": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
{- "request_id": "string",
- "result": {
- "author": "string",
- "branch": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
}
stack required | string.* stack id |
policies | boolean set to 'false' to omit policies from the output |
modules | boolean set to 'false' to omit modules from the output |
datasources | boolean set to 'false' to omit datasources from the output |
errors | boolean set to 'false' to omit errors/warnings from the output |
metadata | boolean set to 'false' to omit metadata from the output |
rule_counts | boolean set to 'false' to omit policy rule counts in the output |
matching_systems | boolean set to 'false' to omit list of matching systems in the output |
minimum_opa_version | boolean set to 'false' to omit minimum OPA version for systems using stack |
{- "request_id": "string",
- "result": {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "description": "string",
- "errors": {
- "property1": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}, - "property2": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}
}, - "id": "string",
- "info": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "matching_systems": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "migration_history": [
- {
- "from": "string",
- "initiated_by": "string",
- "initiating_user": "string",
- "migrated_at": "2019-08-24T14:15:22Z",
- "recovered": true,
- "to": "string"
}
], - "minimum_opa_version": "string",
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "status": "string",
- "type": "string",
- "type_parameters": { },
- "warnings": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
}
stack required | string.* stack id |
description required | string |
name required | string |
read_only required | boolean |
object (stacks.v1.SourceControlConfig) | |
type required | string |
type_parameters | object stack type parameter values (for template.* types) |
{- "description": "string",
- "name": "string",
- "read_only": true,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "stack_origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}, - "use_workspace_settings": true
}, - "type": "string",
- "type_parameters": { }
}
{- "request_id": "string"
}
stack required | string.* stack id |
type required | string The system type ID to migrate the current system to |
{- "type": "string"
}
{- "request_id": "string"
}
stack required | string.* stack id |
asyncdelay | string set delay of asynchronous response HTTP(202); range [1s - compliance-api-timeout]. |
asyncresponse | string get asynchronous response; see HTTP(202) Location parameter |
interval | string if set to 'latest', get most recent cached results for specified stack. |
object draft policies to be used for 'new' violations computation (path => rego) | |
extended | boolean run extended compliance validation that is specific for the system/stack type |
filter | object filter violations with this selector (dot.path => value) |
group_by | Array of strings[ items ] group results by dot.path values (list of group levels with list of fields at each level) |
limit | integer <int32> maximum number of violations to return per monitor |
object (data.v1.BuiltinMocks) | |
mode | string Default: "delta" validation mode. One of (delta, all, delta-count, all-count) |
policy_type | string policy type to narrow the monitor policy search (e.g. validating, mutating). Default (empty string or missing) is to run all monitoring policies |
Array of objects (systems.v1.SortField) list of fields to sort by |
{- "drafts": {
- "property1": "string",
- "property2": "string"
}, - "extended": true,
- "filter": { },
- "group_by": [
- [
- "string"
]
], - "limit": 0,
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "data": [
- {
- "parameters": { },
- "query": "string",
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "redis.query": {
- "data": [
- {
- "addr": "string",
- "args": [
- null
], - "command": "string",
- "db": 0,
- "result": { }
}
]
}, - "sql.send": {
- "data": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}, - "vault.send": {
- "data": [
- {
- "mount_path": "string",
- "path": "string",
- "result": { }
}
]
}
}, - "mode": "delta",
- "policy_type": "string",
- "sort": [
- {
- "descending": true,
- "field": "string"
}
]
}
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": {
- "property1": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}, - "property2": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}
}
}
stack required | string.* stack id |
cursor required | string.* paging cursor obtained from previous calls |
limit | integer maximum number of violations to return |
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": {
- "property1": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}, - "property2": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}
}
}
stack required | string.* stack id |
object draft policies to be used for 'new' violations computation (path => rego) | |
mode | string Default: "delta" validation mode. One of (delta, all, delta-count, all-count) |
policy_type | string policy type to narrow the monitor policy search (e.g. validating, mutating). Default (empty string or missing) is to run all monitoring policies |
{- "drafts": {
- "property1": "string",
- "property2": "string"
}, - "mode": "delta",
- "policy_type": "string"
}
{- "request_id": "string",
- "result": {
- "property1": {
- "all": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "all_count": 0,
- "all_errors_count": 0,
- "all_failed_count": 0,
- "new": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "new_count": 0,
- "new_errors_count": 0,
- "new_failed_count": 0,
- "resolved": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "resolved_count": 0,
- "resolved_errors_count": 0,
- "resolved_failed_count": 0,
- "unchanged": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "unchanged_count": 0,
- "unchanged_errors_count": 0,
- "unchanged_failed_count": 0
}, - "property2": {
- "all": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "all_count": 0,
- "all_errors_count": 0,
- "all_failed_count": 0,
- "new": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "new_count": 0,
- "new_errors_count": 0,
- "new_failed_count": 0,
- "resolved": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "resolved_count": 0,
- "resolved_errors_count": 0,
- "resolved_failed_count": 0,
- "unchanged": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "unchanged_count": 0,
- "unchanged_errors_count": 0,
- "unchanged_failed_count": 0
}
}
}
partition required | string.* partition name. Currently not used |
{ }
{- "request_id": "string"
}
compact | boolean if set to 'true', returns only minimal configuration information for each system |
policies | boolean set to 'false' to omit policies from the output |
modules | boolean set to 'false' to omit modules from the output |
rule_counts | boolean set to 'false' to omit policy rule counts in the output |
datasources | boolean set to 'false' to omit datasources from the output |
errors | boolean set to 'false' to omit errors/warnings from the output |
authz | boolean set to 'false' to omit authz info from the output |
metadata | boolean set to 'false' to omit metadata from the output |
minimum_opa_version | boolean set to 'false' to omit minimum_opa_version from the output |
stacks | boolean set to 'false' to omit matching_stacks from the output |
migration_history | boolean set to 'false' to omit migration_history from the output |
tokens | boolean set to 'false' to omit tokens from the output |
info | boolean set to 'false' to omit info from the output |
type | string if set returns only systems of the specified type |
name | string if set returns only systems with a name matching the given regex |
search | string if set returns only systems with a name,ID,type, or description matching the given pattern |
limit | integer maximum number of items to return. If no limit is specified, the default is to return all results. |
offset | integer controls the starting point within the list of items. Note that the first item is retrieved by setting a zero offset. |
{- "offset": 0,
- "request_id": "string",
- "result": [
- {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "bundle_download": {
- "delta_bundles": false
}, - "bundle_registry": {
- "disable_bundle_compatibility_check": true,
- "distribution_s3": {
- "access_keys": "string",
- "bucket": "string",
- "context_path": "context-{policy_path}",
- "discovery_path": "discovery.tgz",
- "endpoint": "string",
- "opa_credentials": {
- "environment_credentials": { },
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}, - "policy_path": "bundle.tgz",
- "region": "string",
- "role_arn": "string"
}, - "entrypoints": [
- "string"
], - "manual_deployment": true,
- "manual_deployment_overrides": {
- "property1": true,
- "property2": true
}, - "max_bundles": 0,
- "max_deployed_bundles": 0,
- "optimization_level": 0
}, - "context_bundle_data_only": true,
- "context_bundle_roots": [
- "string"
], - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "decision_mappings": {
- "property1": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}, - "property2": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "deployment_parameters": {
- "deny_on_opa_fail": false,
- "discovery": { },
- "extra": { },
- "http_proxy": "string",
- "https_proxy": "string",
- "kubernetes_version": "string",
- "mutating_webhook_name": "string",
- "namespace": "string",
- "no_proxy": "string",
- "timeout_seconds": 0,
- "trusted_ca_certs": [
- "string"
], - "trusted_container_registry": "string"
}, - "description": "string",
- "error_setting": "string",
- "errors": {
- "property1": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}, - "property2": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}
}, - "external_bundles": {
- "bundles": {
- "property1": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}, - "property2": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}
}, - "services": [
- {
- "allow_insecure_tls": true,
- "credentials": {
- "azure_managed_identity": {
- "api_version": "string",
- "client_id": "string",
- "endpoint": "string",
- "mi_res_id": "string",
- "object_id": "string",
- "resource": "string"
}, - "bearer": {
- "scheme": "string",
- "token": "string",
- "token_path": "string"
}, - "client_tls": {
- "cert": "string",
- "private_key": "string",
- "private_key_passphrase": "string"
}, - "gcp_metadata": {
- "access_token_path": "string",
- "audience": "string",
- "endpoint": "string",
- "id_token_path": "string",
- "scopes": [
- "string"
]
}, - "oauth2": {
- "additional_claims": { },
- "additional_headers": {
- "property1": "string",
- "property2": "string"
}, - "additional_parameters": {
- "property1": "string",
- "property2": "string"
}, - "client_id": "string",
- "client_secret": "string",
- "grant_type": "string",
- "include_jti_claim": true,
- "scopes": [
- "string"
], - "signing_key": "string",
- "thumbprint": "string",
- "token_url": "string"
}, - "plugin": "string",
- "s3_signing": {
- "environment_credentials": null,
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "profile_credentials": {
- "aws_region": "string",
- "path": "string",
- "profile": "string"
}, - "service": "string",
- "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}
}, - "headers": {
- "property1": "string",
- "property2": "string"
}, - "keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "name": "string",
- "response_header_timeout_seconds": 0,
- "tls": {
- "ca_cert": "string",
- "system_ca_required": true
}, - "type": "string",
- "url": "string"
}
]
}, - "external_id": "string",
- "filter_stacks": true,
- "id": "string",
- "info": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "install": {
- "property1": {
- "property1": "string",
- "property2": "string"
}, - "property2": {
- "property1": "string",
- "property2": "string"
}
}, - "kafka_topic": "string",
- "matching_stacks": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "migration_history": [
- {
- "from": "string",
- "initiated_by": "string",
- "initiating_user": "string",
- "migrated_at": "2019-08-24T14:15:22Z",
- "recovered": true,
- "to": "string"
}
], - "minimum_opa_version": "string",
- "mock_opa_enabled": true,
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": false,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}, - "status": "string",
- "tokens": [
- {
- "allow_path_patterns": [
- "string"
], - "description": "string",
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "token": "string",
- "ttl": "string",
- "uses": 0
}
], - "type": "string",
- "type_parameters": { },
- "uninstall": {
- "property1": "string",
- "property2": "string"
}, - "warnings": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
]
}
object (systems.v1.BundleDownloadConfig) | |
object (systems.v1.BundleRegistryConfig) | |
context_bundle_data_only | boolean only put data in the context bundle |
context_bundle_roots | Array of strings list of path prefixes for policies/datasources that go into the second (context) bundle |
object location of key attributes and additional columns in the decisions grouped by policy entry point path | |
object (workspace.v1.DecisionExporterConfig) | |
object (systems.v1.SystemDeploymentParameters) | |
description | string description for the system |
error_setting | string error/warning configuration: one of "all", "errors", "none" |
object (systems.v1.ExternalBundleConfig) | |
external_id | string optional parameter to map Styra DAS system ID to external IDs used by a customer. (mapping can be retrieved with TranslateExternalIds operation) |
filter_stacks | boolean when set, stacks that are not linked to this system will be filtered out of its bundles |
kafka_topic | string optional parameter to specify the Kafka topic where the decision logs for this system should be published if exported through the workspace level configuration (ignored if Kafka is not configured for the workspace for decision export) |
mock_opa_enabled | boolean enable mock OPAs for this system |
name required | string system name |
read_only | boolean Default: false prevents users from modifying policies using Styra UIs |
object (git.v1.SourceControlConfig) | |
type required | string system type e.g. kubernetes |
type_parameters | object system type parameter values (for template.* types) |
{- "bundle_download": {
- "delta_bundles": false
}, - "bundle_registry": {
- "disable_bundle_compatibility_check": true,
- "distribution_s3": {
- "access_keys": "string",
- "bucket": "string",
- "context_path": "context-{policy_path}",
- "discovery_path": "discovery.tgz",
- "endpoint": "string",
- "opa_credentials": {
- "environment_credentials": { },
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}, - "policy_path": "bundle.tgz",
- "region": "string",
- "role_arn": "string"
}, - "entrypoints": [
- "string"
], - "manual_deployment": true,
- "manual_deployment_overrides": {
- "property1": true,
- "property2": true
}, - "max_bundles": 0,
- "max_deployed_bundles": 0,
- "optimization_level": 0
}, - "context_bundle_data_only": true,
- "context_bundle_roots": [
- "string"
], - "decision_mappings": {
- "property1": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}, - "property2": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "deployment_parameters": {
- "deny_on_opa_fail": false,
- "discovery": { },
- "extra": { },
- "http_proxy": "string",
- "https_proxy": "string",
- "kubernetes_version": "string",
- "mutating_webhook_name": "string",
- "namespace": "string",
- "no_proxy": "string",
- "timeout_seconds": 0,
- "trusted_ca_certs": [
- "string"
], - "trusted_container_registry": "string"
}, - "description": "string",
- "error_setting": "string",
- "external_bundles": {
- "bundles": {
- "property1": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}, - "property2": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}
}, - "services": [
- {
- "allow_insecure_tls": true,
- "credentials": {
- "azure_managed_identity": {
- "api_version": "string",
- "client_id": "string",
- "endpoint": "string",
- "mi_res_id": "string",
- "object_id": "string",
- "resource": "string"
}, - "bearer": {
- "scheme": "string",
- "token": "string",
- "token_path": "string"
}, - "client_tls": {
- "cert": "string",
- "private_key": "string",
- "private_key_passphrase": "string"
}, - "gcp_metadata": {
- "access_token_path": "string",
- "audience": "string",
- "endpoint": "string",
- "id_token_path": "string",
- "scopes": [
- "string"
]
}, - "oauth2": {
- "additional_claims": { },
- "additional_headers": {
- "property1": "string",
- "property2": "string"
}, - "additional_parameters": {
- "property1": "string",
- "property2": "string"
}, - "client_id": "string",
- "client_secret": "string",
- "grant_type": "string",
- "include_jti_claim": true,
- "scopes": [
- "string"
], - "signing_key": "string",
- "thumbprint": "string",
- "token_url": "string"
}, - "plugin": "string",
- "s3_signing": {
- "environment_credentials": null,
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "profile_credentials": {
- "aws_region": "string",
- "path": "string",
- "profile": "string"
}, - "service": "string",
- "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}
}, - "headers": {
- "property1": "string",
- "property2": "string"
}, - "keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "name": "string",
- "response_header_timeout_seconds": 0,
- "tls": {
- "ca_cert": "string",
- "system_ca_required": true
}, - "type": "string",
- "url": "string"
}
]
}, - "external_id": "string",
- "filter_stacks": true,
- "kafka_topic": "string",
- "mock_opa_enabled": true,
- "name": "string",
- "read_only": false,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}, - "type": "string",
- "type_parameters": { }
}
{- "request_id": "string",
- "result": {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "bundle_download": {
- "delta_bundles": false
}, - "bundle_registry": {
- "disable_bundle_compatibility_check": true,
- "distribution_s3": {
- "access_keys": "string",
- "bucket": "string",
- "context_path": "context-{policy_path}",
- "discovery_path": "discovery.tgz",
- "endpoint": "string",
- "opa_credentials": {
- "environment_credentials": { },
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}, - "policy_path": "bundle.tgz",
- "region": "string",
- "role_arn": "string"
}, - "entrypoints": [
- "string"
], - "manual_deployment": true,
- "manual_deployment_overrides": {
- "property1": true,
- "property2": true
}, - "max_bundles": 0,
- "max_deployed_bundles": 0,
- "optimization_level": 0
}, - "context_bundle_data_only": true,
- "context_bundle_roots": [
- "string"
], - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "decision_mappings": {
- "property1": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}, - "property2": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "deployment_parameters": {
- "deny_on_opa_fail": false,
- "discovery": { },
- "extra": { },
- "http_proxy": "string",
- "https_proxy": "string",
- "kubernetes_version": "string",
- "mutating_webhook_name": "string",
- "namespace": "string",
- "no_proxy": "string",
- "timeout_seconds": 0,
- "trusted_ca_certs": [
- "string"
], - "trusted_container_registry": "string"
}, - "description": "string",
- "error_setting": "string",
- "errors": {
- "property1": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}, - "property2": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}
}, - "external_bundles": {
- "bundles": {
- "property1": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}, - "property2": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}
}, - "services": [
- {
- "allow_insecure_tls": true,
- "credentials": {
- "azure_managed_identity": {
- "api_version": "string",
- "client_id": "string",
- "endpoint": "string",
- "mi_res_id": "string",
- "object_id": "string",
- "resource": "string"
}, - "bearer": {
- "scheme": "string",
- "token": "string",
- "token_path": "string"
}, - "client_tls": {
- "cert": "string",
- "private_key": "string",
- "private_key_passphrase": "string"
}, - "gcp_metadata": {
- "access_token_path": "string",
- "audience": "string",
- "endpoint": "string",
- "id_token_path": "string",
- "scopes": [
- "string"
]
}, - "oauth2": {
- "additional_claims": { },
- "additional_headers": {
- "property1": "string",
- "property2": "string"
}, - "additional_parameters": {
- "property1": "string",
- "property2": "string"
}, - "client_id": "string",
- "client_secret": "string",
- "grant_type": "string",
- "include_jti_claim": true,
- "scopes": [
- "string"
], - "signing_key": "string",
- "thumbprint": "string",
- "token_url": "string"
}, - "plugin": "string",
- "s3_signing": {
- "environment_credentials": null,
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "profile_credentials": {
- "aws_region": "string",
- "path": "string",
- "profile": "string"
}, - "service": "string",
- "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}
}, - "headers": {
- "property1": "string",
- "property2": "string"
}, - "keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "name": "string",
- "response_header_timeout_seconds": 0,
- "tls": {
- "ca_cert": "string",
- "system_ca_required": true
}, - "type": "string",
- "url": "string"
}
]
}, - "external_id": "string",
- "filter_stacks": true,
- "id": "string",
- "info": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "install": {
- "property1": {
- "property1": "string",
- "property2": "string"
}, - "property2": {
- "property1": "string",
- "property2": "string"
}
}, - "kafka_topic": "string",
- "matching_stacks": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "migration_history": [
- {
- "from": "string",
- "initiated_by": "string",
- "initiating_user": "string",
- "migrated_at": "2019-08-24T14:15:22Z",
- "recovered": true,
- "to": "string"
}
], - "minimum_opa_version": "string",
- "mock_opa_enabled": true,
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": false,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}, - "status": "string",
- "tokens": [
- {
- "allow_path_patterns": [
- "string"
], - "description": "string",
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "token": "string",
- "ttl": "string",
- "uses": 0
}
], - "type": "string",
- "type_parameters": { },
- "uninstall": {
- "property1": "string",
- "property2": "string"
}, - "warnings": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
}
Translate external identifiers to Styra DAS system identifiers
external_ids required | Array of strings |
{- "external_ids": [
- "string"
]
}
{- "request_id": "string",
- "result": {
- "property1": [
- "string"
], - "property2": [
- "string"
]
}
}
Verifies that the repository can be accessed with the provided credentials
commit required | string Commit SHA. Only one of reference or commit can be set at any time |
credentials required | string Credentials are looked under the key |
id required | string id of the entity so that the config can be checked for duplicates |
path required | string Path to limit the import to |
reference required | string Remote reference. Only one of reference or commit can be set at any time |
object (git.v1.SSHCredentials) | |
url required | string Repository URL |
{- "commit": "string",
- "credentials": "string",
- "id": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
{- "request_id": "string",
- "result": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "sha": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}
Gets the list of files for the branch that the Styra DAS creates when modifying rego in the Styra DAS UI and pushing the changes to GitHub in a branch for review.
id required | string.* system id |
{- "request_id": "string",
- "result": {
- "branch": "string",
- "changed_files": [
- "string"
], - "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}
Commit files to source control associated with a system
id required | string.* system id |
author required | string |
email required | string |
required | object Map of filenames to file contents |
files_to_delete required | Array of strings List of filenames to delete from the repo |
message required | string |
{- "author": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
{- "request_id": "string",
- "result": {
- "author": "string",
- "branch": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
}
Gets the list of files in the currently chosen branch.
id required | string.* system id |
{- "request_id": "string",
- "result": {
- "branch": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}
}
}
system required | string.* system ID |
policies | boolean set to 'false' to omit policies from the output |
modules | boolean set to 'false' to omit modules from the output |
rule_counts | boolean set to 'false' to omit policy rule counts in the output |
datasources | boolean set to 'false' to omit datasources from the output |
errors | boolean set to 'false' to omit errors/warnings from the output |
authz | boolean set to 'false' to omit authz info from the output |
metadata | boolean set to 'false' to omit metadata from the output |
minimum_opa_version | boolean set to 'false' to omit minimum_opa_version from the output |
stacks | boolean set to 'false' to omit matching_stacks from the output |
migration_history | boolean set to 'false' to omit migration_history from the output |
tokens | boolean set to 'false' to omit tokens from the output |
info | boolean set to 'false' to omit info from the output |
{- "request_id": "string",
- "result": {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "bundle_download": {
- "delta_bundles": false
}, - "bundle_registry": {
- "disable_bundle_compatibility_check": true,
- "distribution_s3": {
- "access_keys": "string",
- "bucket": "string",
- "context_path": "context-{policy_path}",
- "discovery_path": "discovery.tgz",
- "endpoint": "string",
- "opa_credentials": {
- "environment_credentials": { },
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}, - "policy_path": "bundle.tgz",
- "region": "string",
- "role_arn": "string"
}, - "entrypoints": [
- "string"
], - "manual_deployment": true,
- "manual_deployment_overrides": {
- "property1": true,
- "property2": true
}, - "max_bundles": 0,
- "max_deployed_bundles": 0,
- "optimization_level": 0
}, - "context_bundle_data_only": true,
- "context_bundle_roots": [
- "string"
], - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "decision_mappings": {
- "property1": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}, - "property2": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "deployment_parameters": {
- "deny_on_opa_fail": false,
- "discovery": { },
- "extra": { },
- "http_proxy": "string",
- "https_proxy": "string",
- "kubernetes_version": "string",
- "mutating_webhook_name": "string",
- "namespace": "string",
- "no_proxy": "string",
- "timeout_seconds": 0,
- "trusted_ca_certs": [
- "string"
], - "trusted_container_registry": "string"
}, - "description": "string",
- "error_setting": "string",
- "errors": {
- "property1": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}, - "property2": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}
}, - "external_bundles": {
- "bundles": {
- "property1": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}, - "property2": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}
}, - "services": [
- {
- "allow_insecure_tls": true,
- "credentials": {
- "azure_managed_identity": {
- "api_version": "string",
- "client_id": "string",
- "endpoint": "string",
- "mi_res_id": "string",
- "object_id": "string",
- "resource": "string"
}, - "bearer": {
- "scheme": "string",
- "token": "string",
- "token_path": "string"
}, - "client_tls": {
- "cert": "string",
- "private_key": "string",
- "private_key_passphrase": "string"
}, - "gcp_metadata": {
- "access_token_path": "string",
- "audience": "string",
- "endpoint": "string",
- "id_token_path": "string",
- "scopes": [
- "string"
]
}, - "oauth2": {
- "additional_claims": { },
- "additional_headers": {
- "property1": "string",
- "property2": "string"
}, - "additional_parameters": {
- "property1": "string",
- "property2": "string"
}, - "client_id": "string",
- "client_secret": "string",
- "grant_type": "string",
- "include_jti_claim": true,
- "scopes": [
- "string"
], - "signing_key": "string",
- "thumbprint": "string",
- "token_url": "string"
}, - "plugin": "string",
- "s3_signing": {
- "environment_credentials": null,
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "profile_credentials": {
- "aws_region": "string",
- "path": "string",
- "profile": "string"
}, - "service": "string",
- "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}
}, - "headers": {
- "property1": "string",
- "property2": "string"
}, - "keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "name": "string",
- "response_header_timeout_seconds": 0,
- "tls": {
- "ca_cert": "string",
- "system_ca_required": true
}, - "type": "string",
- "url": "string"
}
]
}, - "external_id": "string",
- "filter_stacks": true,
- "id": "string",
- "info": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "install": {
- "property1": {
- "property1": "string",
- "property2": "string"
}, - "property2": {
- "property1": "string",
- "property2": "string"
}
}, - "kafka_topic": "string",
- "matching_stacks": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "migration_history": [
- {
- "from": "string",
- "initiated_by": "string",
- "initiating_user": "string",
- "migrated_at": "2019-08-24T14:15:22Z",
- "recovered": true,
- "to": "string"
}
], - "minimum_opa_version": "string",
- "mock_opa_enabled": true,
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": false,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}, - "status": "string",
- "tokens": [
- {
- "allow_path_patterns": [
- "string"
], - "description": "string",
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "token": "string",
- "ttl": "string",
- "uses": 0
}
], - "type": "string",
- "type_parameters": { },
- "uninstall": {
- "property1": "string",
- "property2": "string"
}, - "warnings": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
}
Updating the given system with type-specific related objects, except changing the system's type.
Creating a system with given ID with type-specific related objects, only, if the If-None-Match
header is set to *
Example:
curl -H "Authorization: Bearer <token>" \
-H "Styra-Tenant: <tenant>" \
-H "If-None-Match: *" \
-X PUT https://<das-id>.styra.com
-d '{<request body>}'
system required | string.* system ID |
If-None-Match | string if set to '*' then creates a new system with type-specific related objects |
object (systems.v1.BundleDownloadConfig) | |
object (systems.v1.BundleRegistryConfig) | |
context_bundle_data_only | boolean only put data in the context bundle |
context_bundle_roots | Array of strings list of path prefixes for policies/datasources that go into the second (context) bundle |
object location of key attributes and additional columns in the decisions grouped by policy entry point path | |
object (workspace.v1.DecisionExporterConfig) | |
object (systems.v1.SystemDeploymentParameters) | |
description | string description for the system |
error_setting | string error/warning configuration: one of "all", "errors", "none" |
object (systems.v1.ExternalBundleConfig) | |
external_id | string optional parameter to map Styra DAS system ID to external IDs used by a customer. (mapping can be retrieved with TranslateExternalIds operation) |
filter_stacks | boolean when set, stacks that are not linked to this system will be filtered out of its bundles |
kafka_topic | string optional parameter to specify the Kafka topic where the decision logs for this system should be published if exported through the workspace level configuration (ignored if Kafka is not configured for the workspace for decision export) |
mock_opa_enabled | boolean enable mock OPAs for this system |
name required | string system name |
read_only | boolean Default: false prevents users from modifying policies using Styra UIs |
object (git.v1.SourceControlConfig) | |
type required | string system type e.g. kubernetes |
type_parameters | object system type parameter values (for template.* types) |
{- "bundle_download": {
- "delta_bundles": false
}, - "bundle_registry": {
- "disable_bundle_compatibility_check": true,
- "distribution_s3": {
- "access_keys": "string",
- "bucket": "string",
- "context_path": "context-{policy_path}",
- "discovery_path": "discovery.tgz",
- "endpoint": "string",
- "opa_credentials": {
- "environment_credentials": { },
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}, - "policy_path": "bundle.tgz",
- "region": "string",
- "role_arn": "string"
}, - "entrypoints": [
- "string"
], - "manual_deployment": true,
- "manual_deployment_overrides": {
- "property1": true,
- "property2": true
}, - "max_bundles": 0,
- "max_deployed_bundles": 0,
- "optimization_level": 0
}, - "context_bundle_data_only": true,
- "context_bundle_roots": [
- "string"
], - "decision_mappings": {
- "property1": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}, - "property2": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "deployment_parameters": {
- "deny_on_opa_fail": false,
- "discovery": { },
- "extra": { },
- "http_proxy": "string",
- "https_proxy": "string",
- "kubernetes_version": "string",
- "mutating_webhook_name": "string",
- "namespace": "string",
- "no_proxy": "string",
- "timeout_seconds": 0,
- "trusted_ca_certs": [
- "string"
], - "trusted_container_registry": "string"
}, - "description": "string",
- "error_setting": "string",
- "external_bundles": {
- "bundles": {
- "property1": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}, - "property2": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}
}, - "services": [
- {
- "allow_insecure_tls": true,
- "credentials": {
- "azure_managed_identity": {
- "api_version": "string",
- "client_id": "string",
- "endpoint": "string",
- "mi_res_id": "string",
- "object_id": "string",
- "resource": "string"
}, - "bearer": {
- "scheme": "string",
- "token": "string",
- "token_path": "string"
}, - "client_tls": {
- "cert": "string",
- "private_key": "string",
- "private_key_passphrase": "string"
}, - "gcp_metadata": {
- "access_token_path": "string",
- "audience": "string",
- "endpoint": "string",
- "id_token_path": "string",
- "scopes": [
- "string"
]
}, - "oauth2": {
- "additional_claims": { },
- "additional_headers": {
- "property1": "string",
- "property2": "string"
}, - "additional_parameters": {
- "property1": "string",
- "property2": "string"
}, - "client_id": "string",
- "client_secret": "string",
- "grant_type": "string",
- "include_jti_claim": true,
- "scopes": [
- "string"
], - "signing_key": "string",
- "thumbprint": "string",
- "token_url": "string"
}, - "plugin": "string",
- "s3_signing": {
- "environment_credentials": null,
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "profile_credentials": {
- "aws_region": "string",
- "path": "string",
- "profile": "string"
}, - "service": "string",
- "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}
}, - "headers": {
- "property1": "string",
- "property2": "string"
}, - "keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "name": "string",
- "response_header_timeout_seconds": 0,
- "tls": {
- "ca_cert": "string",
- "system_ca_required": true
}, - "type": "string",
- "url": "string"
}
]
}, - "external_id": "string",
- "filter_stacks": true,
- "kafka_topic": "string",
- "mock_opa_enabled": true,
- "name": "string",
- "read_only": false,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}, - "type": "string",
- "type_parameters": { }
}
{- "request_id": "string",
- "result": {
- "authz": {
- "role_bindings": [
- {
- "id": "string",
- "role_name": "string"
}
]
}, - "bundle_download": {
- "delta_bundles": false
}, - "bundle_registry": {
- "disable_bundle_compatibility_check": true,
- "distribution_s3": {
- "access_keys": "string",
- "bucket": "string",
- "context_path": "context-{policy_path}",
- "discovery_path": "discovery.tgz",
- "endpoint": "string",
- "opa_credentials": {
- "environment_credentials": { },
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}, - "policy_path": "bundle.tgz",
- "region": "string",
- "role_arn": "string"
}, - "entrypoints": [
- "string"
], - "manual_deployment": true,
- "manual_deployment_overrides": {
- "property1": true,
- "property2": true
}, - "max_bundles": 0,
- "max_deployed_bundles": 0,
- "optimization_level": 0
}, - "context_bundle_data_only": true,
- "context_bundle_roots": [
- "string"
], - "datasources": [
- {
- "category": "string",
- "id": "string",
- "optional": true,
- "status": {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
}
], - "decision_mappings": {
- "property1": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}, - "property2": {
- "allowed": {
- "expected": null,
- "negated": false,
- "path": "string"
}, - "columns": [
- {
- "key": "string",
- "path": "string",
- "type": "string"
}
], - "reason": {
- "path": "string"
}
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "deployment_parameters": {
- "deny_on_opa_fail": false,
- "discovery": { },
- "extra": { },
- "http_proxy": "string",
- "https_proxy": "string",
- "kubernetes_version": "string",
- "mutating_webhook_name": "string",
- "namespace": "string",
- "no_proxy": "string",
- "timeout_seconds": 0,
- "trusted_ca_certs": [
- "string"
], - "trusted_container_registry": "string"
}, - "description": "string",
- "error_setting": "string",
- "errors": {
- "property1": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}, - "property2": {
- "errors": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "waiting": true
}
}, - "external_bundles": {
- "bundles": {
- "property1": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}, - "property2": {
- "persist": true,
- "polling": {
- "long_polling_timeout_seconds": 0,
- "max_delay_seconds": 0,
- "min_delay_seconds": 0
}, - "resource": "string",
- "service": "string",
- "signing": {
- "exclude_files": [
- "string"
], - "keyid": "string",
- "public_keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "scope": "string"
}, - "size_limit_bytes": 0
}
}, - "services": [
- {
- "allow_insecure_tls": true,
- "credentials": {
- "azure_managed_identity": {
- "api_version": "string",
- "client_id": "string",
- "endpoint": "string",
- "mi_res_id": "string",
- "object_id": "string",
- "resource": "string"
}, - "bearer": {
- "scheme": "string",
- "token": "string",
- "token_path": "string"
}, - "client_tls": {
- "cert": "string",
- "private_key": "string",
- "private_key_passphrase": "string"
}, - "gcp_metadata": {
- "access_token_path": "string",
- "audience": "string",
- "endpoint": "string",
- "id_token_path": "string",
- "scopes": [
- "string"
]
}, - "oauth2": {
- "additional_claims": { },
- "additional_headers": {
- "property1": "string",
- "property2": "string"
}, - "additional_parameters": {
- "property1": "string",
- "property2": "string"
}, - "client_id": "string",
- "client_secret": "string",
- "grant_type": "string",
- "include_jti_claim": true,
- "scopes": [
- "string"
], - "signing_key": "string",
- "thumbprint": "string",
- "token_url": "string"
}, - "plugin": "string",
- "s3_signing": {
- "environment_credentials": null,
- "metadata_credentials": {
- "aws_region": "string",
- "iam_role": "string"
}, - "profile_credentials": {
- "aws_region": "string",
- "path": "string",
- "profile": "string"
}, - "service": "string",
- "web_identity_credentials": {
- "aws_region": "string",
- "session_name": "string"
}
}
}, - "headers": {
- "property1": "string",
- "property2": "string"
}, - "keys": {
- "property1": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}, - "property2": {
- "algorithm": "string",
- "key": "string",
- "private_key": "string",
- "scope": "string"
}
}, - "name": "string",
- "response_header_timeout_seconds": 0,
- "tls": {
- "ca_cert": "string",
- "system_ca_required": true
}, - "type": "string",
- "url": "string"
}
]
}, - "external_id": "string",
- "filter_stacks": true,
- "id": "string",
- "info": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "install": {
- "property1": {
- "property1": "string",
- "property2": "string"
}, - "property2": {
- "property1": "string",
- "property2": "string"
}
}, - "kafka_topic": "string",
- "matching_stacks": [
- "string"
], - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "migration_history": [
- {
- "from": "string",
- "initiated_by": "string",
- "initiating_user": "string",
- "migrated_at": "2019-08-24T14:15:22Z",
- "recovered": true,
- "to": "string"
}
], - "minimum_opa_version": "string",
- "mock_opa_enabled": true,
- "name": "string",
- "policies": [
- {
- "created": "string",
- "enforcement": {
- "enforced": true,
- "type": "string"
}, - "id": "string",
- "modules": [
- {
- "name": "string",
- "placeholder": false,
- "read_only": true,
- "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}
}
], - "rules": {
- "allow": 0,
- "deny": 0,
- "enforce": 0,
- "ignore": 0,
- "monitor": 0,
- "notify": 0,
- "other": 0,
- "test": 0,
- "total": 0
}, - "type": "string"
}
], - "read_only": false,
- "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}, - "status": "string",
- "tokens": [
- {
- "allow_path_patterns": [
- "string"
], - "description": "string",
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "token": "string",
- "ttl": "string",
- "uses": 0
}
], - "type": "string",
- "type_parameters": { },
- "uninstall": {
- "property1": "string",
- "property2": "string"
}, - "warnings": {
- "property1": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
], - "property2": [
- {
- "code": "string",
- "message": "string",
- "timestamp": "2019-08-24T14:15:22Z"
}
]
}
}
}
system required | string.* system ID |
bundle_id | string optional bundle ID: 'policy' or 'context' |
{- "bundle_id": "string"
}
{- "result": {
- "active": 0,
- "contents_digest": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "dependencies": [
- "string"
], - "digest": "string",
- "download_url": "string",
- "id": "string",
- "kinds": {
- "property1": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}, - "property2": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}
}, - "last_deployed_at": "2019-08-24T14:15:22Z",
- "minimum_opa_version": "string",
- "origin": "string",
- "revision": "string",
- "revision_digest": "string",
- "sbom": {
- "origins": [
- {
- "commit": "string",
- "id": "string",
- "path": "string",
- "ref": "string",
- "repo": "string",
- "roots": [
- "string"
], - "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "size": 0,
- "system_data": true,
- "version": 0
}
}
system required | string.* system ID |
{- "request_id": "string",
- "result": {
- "additional_bundles": [
- {
- "id": "string",
- "revision": "string",
- "version": 0
}
], - "build_errors": {
- "property1": "string",
- "property2": "string"
}, - "primary": {
- "id": "string",
- "revision": "string",
- "version": 0
}
}
}
system required | string.* system ID |
force required | boolean activate even if bundle is not compatible with running agents |
required | object (systems.v1.BundleActivation) |
{- "force": true,
- "primary": {
- "id": "string",
- "revision": "string",
- "version": 0
}
}
{- "request_id": "string"
}
List system bundles, starting from the newest towards the oldest
system required | string.* system ID |
past | boolean if set to 'true', returns only bundles deployed in the past |
version | integer if set, the newest version to return |
type | string return only bundles of given type (policy, context) |
{- "request_id": "string",
- "result": [
- {
- "active": 0,
- "contents_digest": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "dependencies": [
- "string"
], - "digest": "string",
- "download_url": "string",
- "id": "string",
- "kinds": {
- "property1": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}, - "property2": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}
}, - "last_deployed_at": "2019-08-24T14:15:22Z",
- "minimum_opa_version": "string",
- "origin": "string",
- "revision": "string",
- "revision_digest": "string",
- "sbom": {
- "origins": [
- {
- "commit": "string",
- "id": "string",
- "path": "string",
- "ref": "string",
- "repo": "string",
- "roots": [
- "string"
], - "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "size": 0,
- "system_data": true,
- "version": 0
}
]
}
system required | string.* system ID |
source_system_id required | string ID of the system to copy bundle from |
version required | integer <int64> bundle version in source_system_id system |
{- "request_id": "string",
- "result": {
- "active": 0,
- "contents_digest": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "dependencies": [
- "string"
], - "digest": "string",
- "download_url": "string",
- "id": "string",
- "kinds": {
- "property1": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}, - "property2": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}
}, - "last_deployed_at": "2019-08-24T14:15:22Z",
- "minimum_opa_version": "string",
- "origin": "string",
- "revision": "string",
- "revision_digest": "string",
- "sbom": {
- "origins": [
- {
- "commit": "string",
- "id": "string",
- "path": "string",
- "ref": "string",
- "repo": "string",
- "roots": [
- "string"
], - "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "size": 0,
- "system_data": true,
- "version": 0
}
}
system required | string.* system ID |
bundle required | string.* bundle ID |
version required | integer version # |
{- "request_id": "string",
- "result": {
- "active": 0,
- "contents_digest": "string",
- "created_at": "2019-08-24T14:15:22Z",
- "dependencies": [
- "string"
], - "digest": "string",
- "download_url": "string",
- "id": "string",
- "kinds": {
- "property1": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}, - "property2": {
- "digest": "string",
- "download_url": "string",
- "size": 0
}
}, - "last_deployed_at": "2019-08-24T14:15:22Z",
- "minimum_opa_version": "string",
- "origin": "string",
- "revision": "string",
- "revision_digest": "string",
- "sbom": {
- "origins": [
- {
- "commit": "string",
- "id": "string",
- "path": "string",
- "ref": "string",
- "repo": "string",
- "roots": [
- "string"
], - "timestamp": "2019-08-24T14:15:22Z"
}
]
}, - "size": 0,
- "system_data": true,
- "version": 0
}
}
{- "request_id": "string",
- "result": {
- "install": [
- {
- "category": "string",
- "commands": [
- {
- "action": "string",
- "title": "string"
}
]
}
], - "uninstall": [
- {
- "category": "string",
- "commands": [
- {
- "action": "string",
- "title": "string"
}
]
}
]
}
}
system required | string.* system ID |
type required | string The system type ID to migrate the current system to |
{- "type": "string"
}
{- "request_id": "string"
}
system required | string.* system ID |
stateful | boolean true to get only the stateful suggestions, false for stateless, omit for both |
{- "request_id": "string",
- "result": {
- "stateful": {
- "property1": { },
- "property2": { }
}, - "stateless": {
- "property1": { },
- "property2": { }
}
}
}
system required | string.* system ID |
asyncdelay | string set delay of asynchronous response HTTP(202); range [1s - compliance-api-timeout]. |
asyncresponse | string get asynchronous response; see HTTP(202) Location parameter. |
interval | string if set to 'latest', get most recent cached results for specified system. |
object draft policies to be used for 'new' violations computation (path => rego) | |
extended | boolean run extended compliance validation that is specific for the system/stack type |
filter | object filter violations with this selector (dot.path => value) |
group_by | Array of strings[ items ] group results by dot.path values (list of group levels with list of fields at each level) |
limit | integer <int32> maximum number of violations to return per monitor |
object (data.v1.BuiltinMocks) | |
mode | string Default: "delta" validation mode. One of (delta, all, delta-count, all-count) |
policy_type | string policy type to narrow the monitor policy search (e.g. validating, mutating). Default (empty string or missing) is to run all monitoring policies |
Array of objects (systems.v1.SortField) list of fields to sort by |
{- "drafts": {
- "property1": "string",
- "property2": "string"
}, - "extended": true,
- "filter": { },
- "group_by": [
- [
- "string"
]
], - "limit": 0,
- "mocks": {
- "dynamodb.get": {
- "data": [
- {
- "key": { },
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "dynamodb.query": {
- "data": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "result": { },
- "table": "string"
}
]
}, - "http.send": {
- "data": [
- {
- "method": "string",
- "result": { },
- "url": "string"
}
]
}, - "mongodb.find": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "data": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "result": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "data": [
- {
- "parameters": { },
- "query": "string",
- "result": { },
- "uri": "string"
}
]
}, - "opa.runtime": {
- "result": { }
}, - "redis.query": {
- "data": [
- {
- "addr": "string",
- "args": [
- null
], - "command": "string",
- "db": 0,
- "result": { }
}
]
}, - "sql.send": {
- "data": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string",
- "result": { }
}
]
}, - "vault.send": {
- "data": [
- {
- "mount_path": "string",
- "path": "string",
- "result": { }
}
]
}
}, - "mode": "delta",
- "policy_type": "string",
- "sort": [
- {
- "descending": true,
- "field": "string"
}
]
}
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": {
- "property1": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}, - "property2": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}
}
}
system required | string.* system ID |
cursor required | string.* paging cursor obtained from previous calls |
limit | integer maximum number of violations to return |
{- "mocks": {
- "dynamodb.get": {
- "mocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key": { },
- "region": "string",
- "table": "string"
}
]
}, - "dynamodb.query": {
- "mocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
], - "unmocked": [
- {
- "key_condition_expression": "string",
- "region": "string",
- "table": "string"
}
]
}, - "http.send": {
- "mocked": [
- {
- "method": "string",
- "url": "string"
}
], - "unmocked": [
- {
- "method": "string",
- "url": "string"
}
]
}, - "mongodb.find": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "mongodb.find_one": {
- "mocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
], - "unmocked": [
- {
- "collection": "string",
- "database": "string",
- "filter": { },
- "options": { },
- "uri": "string"
}
]
}, - "neo4j.query": {
- "mocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
], - "unmocked": [
- {
- "parameters": { },
- "query": "string",
- "uri": "string"
}
]
}, - "redis.query": {
- "mocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
], - "unmocked": [
- {
- "addr": "string",
- "args": [
- null
], - "db": 0,
- "query": "string"
}
]
}, - "sql.send": {
- "mocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
], - "unmocked": [
- {
- "args": [
- null
], - "data_source_name": "string",
- "driver": "string",
- "query": "string"
}
]
}, - "vault.send": {
- "mocked": [
- {
- "mount_path": "string",
- "path": "string"
}
], - "unmocked": [
- {
- "mount_path": "string",
- "path": "string"
}
]
}
}, - "request_id": "string",
- "result": {
- "property1": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}, - "property2": {
- "all": [
- null
], - "all_count": 0,
- "metadata": null,
- "new": [
- null
], - "new_count": 0,
- "resolved": [
- null
], - "resolved_count": 0,
- "unchanged": [
- null
], - "unchanged_count": 0
}
}
}
system required | string.* system ID |
object draft policies to be used for 'new' violations computation (path => rego) | |
mode | string Default: "delta" validation mode. One of (delta, all, delta-count, all-count) |
policy_type | string policy type to narrow the monitor policy search (e.g. validating, mutating). Default (empty string or missing) is to run all monitoring policies |
{- "drafts": {
- "property1": "string",
- "property2": "string"
}, - "mode": "delta",
- "policy_type": "string"
}
{- "request_id": "string",
- "result": {
- "property1": {
- "all": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "all_count": 0,
- "all_errors_count": 0,
- "all_failed_count": 0,
- "new": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "new_count": 0,
- "new_errors_count": 0,
- "new_failed_count": 0,
- "resolved": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "resolved_count": 0,
- "resolved_errors_count": 0,
- "resolved_failed_count": 0,
- "unchanged": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "unchanged_count": 0,
- "unchanged_errors_count": 0,
- "unchanged_failed_count": 0
}, - "property2": {
- "all": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "all_count": 0,
- "all_errors_count": 0,
- "all_failed_count": 0,
- "new": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "new_count": 0,
- "new_errors_count": 0,
- "new_failed_count": 0,
- "resolved": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "resolved_count": 0,
- "resolved_errors_count": 0,
- "resolved_failed_count": 0,
- "unchanged": [
- {
- "duration": 0,
- "error": "string",
- "fail": true,
- "failed_at": { },
- "location": {
- "col": 0,
- "file": "string",
- "row": 0
}, - "name": "string",
- "package": "string",
- "presence_changed": true
}
], - "unchanged_count": 0,
- "unchanged_errors_count": 0,
- "unchanged_failed_count": 0
}
}
}
access_token | string |
is_speculative required | boolean |
organization_name | string |
payload_version | integer <int32> |
plan_json_api_url | string |
run_app_url | string |
run_created_at | string |
run_created_by | string |
run_id | string |
run_message | string |
stage | string |
task_result_callback_url | string |
task_result_enforcement_level | string |
task_result_id | string |
vcs_branch | string |
vcs_commit_url | string |
vcs_pull_request_url | string |
vcs_repo_url | string |
workspace_app_url | string |
workspace_id | string |
workspace_name | string |
{- "access_token": "string",
- "is_speculative": true,
- "organization_name": "string",
- "payload_version": 0,
- "plan_json_api_url": "string",
- "run_app_url": "string",
- "run_created_at": "string",
- "run_created_by": "string",
- "run_id": "string",
- "run_message": "string",
- "stage": "string",
- "task_result_callback_url": "string",
- "task_result_enforcement_level": "string",
- "task_result_id": "string",
- "vcs_branch": "string",
- "vcs_commit_url": "string",
- "vcs_pull_request_url": "string",
- "vcs_repo_url": "string",
- "workspace_app_url": "string",
- "workspace_id": "string",
- "workspace_name": "string"
}
terraform_org required | string |
terraform_run_task_domain required | string |
terraform_token required | string |
{- "terraform_org": "string",
- "terraform_run_task_domain": "string",
- "terraform_token": "string"
}
{- "data": {
- "attributes": {
- "message": "string",
- "status": "string",
- "url": "string"
}, - "type": "string"
}
}
required | Array of objects (integrations.v1.Mapping) | ||||
Array
|
{- "mappings": [
- {
- "das_system": "string",
- "terraform_workspaces": [
- "string"
]
}
]
}
{- "result": [
- {
- "das_system": "string",
- "terraform_workspaces": [
- "string"
]
}
]
}
data_kind required | string |
end_time required | string <date-time> |
policy required | string |
resolution required | integer <int64> resolution must be a multiple of minutes, this can be represented as a string or an integer e.g. '1m' or '60000000000'. Except when calling /violation then it must be a multiple of hours, e.g. '60m' or '3600000000000' |
stack required | string |
start_time required | string <date-time> |
system required | string |
{- "data_kind": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "policy": "string",
- "resolution": 0,
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "value": 0
}
]
}
}
filter | string Value: "billing" filter out decisions from aggregation (supported options: [billing]) |
data_kind required | string |
end_time required | string <date-time> |
policy required | string |
resolution required | integer <int64> resolution must be a multiple of minutes, this can be represented as a string or an integer e.g. '1m' or '60000000000'. Except when calling /violation then it must be a multiple of hours, e.g. '60m' or '3600000000000' |
stack required | string |
start_time required | string <date-time> |
system required | string |
{- "data_kind": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "policy": "string",
- "resolution": 0,
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "value": 0
}
]
}
}
data_kind required | string |
end_time required | string <date-time> |
policy required | string |
resolution required | integer <int64> resolution must be a multiple of minutes, this can be represented as a string or an integer e.g. '1m' or '60000000000'. Except when calling /violation then it must be a multiple of hours, e.g. '60m' or '3600000000000' |
stack required | string |
start_time required | string <date-time> |
system required | string |
{- "data_kind": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "policy": "string",
- "resolution": 0,
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "value": 0
}
]
}
}
data_kind required | string |
end_time required | string <date-time> |
policy required | string |
resolution required | integer <int64> resolution must be a multiple of minutes, this can be represented as a string or an integer e.g. '1m' or '60000000000'. Except when calling /violation then it must be a multiple of hours, e.g. '60m' or '3600000000000' |
stack required | string |
start_time required | string <date-time> |
system required | string |
{- "data_kind": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "policy": "string",
- "resolution": 0,
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "value": 0
}
]
}
}
data_kind required | string |
end_time required | string <date-time> |
policy required | string |
resolution required | integer <int64> resolution must be a multiple of minutes, this can be represented as a string or an integer e.g. '1m' or '60000000000'. Except when calling /violation then it must be a multiple of hours, e.g. '60m' or '3600000000000' |
stack required | string |
start_time required | string <date-time> |
system required | string |
{- "data_kind": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "policy": "string",
- "resolution": 0,
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "value": 0
}
]
}
}
year | integer if set, a report is generated for a month in this year (month must be specified) |
month | integer if set, starts the report is generate for this month (year must be specified) |
system_id | string if set, only returns decision counts related to the system |
{- "data": [
- {
- "aggregations": {
- "decisions": {
- "advice": 0,
- "allow": 0,
- "decisions": 0,
- "deny": 0,
- "error": 0,
- "unknown": 0
}, - "nodes": {
- "node_count": 0
}
}, - "month": 0,
- "year": 0
}
]
}
year | integer if set, starts the yearly report in this year (month must be specified) |
month | integer if set, starts the yearly report on this month (year must be specified) |
system_id | string if set, only returns decision counts related to the system |
{- "data": [
- {
- "aggregations": {
- "decisions": {
- "advice": 0,
- "allow": 0,
- "decisions": 0,
- "deny": 0,
- "error": 0,
- "unknown": 0
}, - "nodes": {
- "node_count": 0
}
}, - "month": 0,
- "year": 0
}
]
}
data_kind required | string |
end_time required | string <date-time> |
policy required | string |
resolution required | integer <int64> resolution must be a multiple of minutes, this can be represented as a string or an integer e.g. '1m' or '60000000000'. Except when calling /violation then it must be a multiple of hours, e.g. '60m' or '3600000000000' |
stack required | string |
start_time required | string <date-time> |
system required | string |
{- "data_kind": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "policy": "string",
- "resolution": 0,
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "value": 0
}
]
}
}
end_time required | string <date-time> |
latest required | boolean |
resolution required | integer <int64> |
start_time required | string <date-time> |
system required | string |
{- "end_time": "2019-08-24T14:15:22Z",
- "latest": true,
- "resolution": 0,
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "decision_rate": 0,
- "node_count": 0
}
]
}
}
data_kind required | string |
end_time required | string <date-time> |
policy required | string |
resolution required | integer <int64> resolution must be a multiple of minutes, this can be represented as a string or an integer e.g. '1m' or '60000000000'. Except when calling /violation then it must be a multiple of hours, e.g. '60m' or '3600000000000' |
stack required | string |
start_time required | string <date-time> |
system required | string |
{- "data_kind": "string",
- "end_time": "2019-08-24T14:15:22Z",
- "policy": "string",
- "resolution": 0,
- "stack": "string",
- "start_time": "2019-08-24T14:15:22Z",
- "system": "string"
}
{- "request_id": "string",
- "result": {
- "data": [
- {
- "date": "string",
- "value": 0
}
]
}
}
{- "request_id": "string",
- "result": [
- {
- "allow_path_patterns": [
- "string"
], - "description": "string",
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "token": "string",
- "ttl": "string",
- "uses": 0
}
]
}
{- "request_id": "string",
- "result": {
- "allow_path_patterns": [
- "string"
], - "description": "string",
- "expires": "2019-08-24T14:15:22Z",
- "id": "string",
- "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "token": "string",
- "ttl": "string",
- "uses": 0
}
}
If If-None-Match header is set to *, tries to create a token, otherwise will try to either update or create depending on whether an unexpired token with that ID already exists. Token creation errors with a 409 code if an unexpired one already exists, on success returns the token secret (valid for the TTL whose default value is ~10 years). Token updates return nothing unless regenerate
is true, in which case it returns the new secret. WARNING: If allow_path_patterns is unset or an empty list, all paths are allowed.
tokenId required | string.+ token ID |
allow_path_patterns required | Array of strings |
description required | string |
regenerate required | boolean |
ttl | string |
{- "allow_path_patterns": [
- "string"
], - "description": "string",
- "regenerate": true,
- "ttl": "string"
}
{- "request_id": "string",
- "result": "string"
}
userId required | string.+ user ID |
If-None-Match | string if set to '*' then the request fill fail if the user already exists |
enabled required | boolean |
old_password | string |
password | string |
roles | Array of strings |
{- "enabled": true,
- "old_password": "string",
- "password": "string",
- "roles": [
- "string"
]
}
{- "request_id": "string"
}
{- "request_id": "string",
- "result": {
- "activity_exporter": {
- "interval": "5m",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_activity": {
- "access_keys": "string",
- "endpoint": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "github": {
- "organizations": [
- "string"
]
}, - "metadata": {
- "created_at": "2019-08-24T14:15:22Z",
- "created_by": "string",
- "created_through": "string",
- "last_modified_at": "2019-08-24T14:15:22Z",
- "last_modified_by": "string",
- "last_modified_through": "string"
}, - "metrics_exporter": {
- "targets": [
- {
- "interval": 60,
- "plugin": "string",
- "realm": "string",
- "token_id": "string",
- "url": "string"
}
]
}, - "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}, - "status": {
- "authz_migration": "string"
}
}
}
Patches workspace configuration
object (workspace.v1.ActivityExporterConfig) | |
object (workspace.v1.DecisionExporterConfig) | |
object (workspace.v1.GithubConfiguration) | |
object (workspace.v1.MetricsExporterConfig) | |
object (git.v1.SourceControlConfig) |
{- "activity_exporter": {
- "interval": "5m",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_activity": {
- "access_keys": "string",
- "endpoint": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "github": {
- "organizations": [
- "string"
]
}, - "metrics_exporter": {
- "targets": [
- {
- "interval": 60,
- "plugin": "string",
- "realm": "string",
- "token_id": "string",
- "url": "string"
}
]
}, - "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}
}
{- "request_id": "string"
}
Updates workspace configuration
object (workspace.v1.ActivityExporterConfig) | |
object (workspace.v1.DecisionExporterConfig) | |
object (workspace.v1.GithubConfiguration) | |
object (workspace.v1.MetricsExporterConfig) | |
object (git.v1.SourceControlConfig) |
{- "activity_exporter": {
- "interval": "5m",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_activity": {
- "access_keys": "string",
- "endpoint": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "decisions_exporter": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}, - "github": {
- "organizations": [
- "string"
]
}, - "metrics_exporter": {
- "targets": [
- {
- "interval": 60,
- "plugin": "string",
- "realm": "string",
- "token_id": "string",
- "url": "string"
}
]
}, - "source_control": {
- "origin": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}
}
{- "request_id": "string"
}
Verifies that the Kafka topic can be accessed with the provided credentials.
authentication required | string Kafka authentication mechanism: OPEN, PLAINTEXT, SASL, TLS |
brokers required | Array of strings Kafka brokers |
compression | string Compression mechanism: GZIP, SNAPPY, LZ4, ZSTD |
idempotent | boolean Enable Kafka idempotent exactly once reliability semantics |
max_message_size | integer <int32> Default: 1000000 Max message size |
max_retries | integer <int32> Default: 3 Max send retries |
object (workspace.v1.KafkaPlain) | |
required_acks required | string Required acks: WaitForLocal, WaitForAll replica ack(s) |
object (workspace.v1.KafkaSasl) | |
timeout | string Default: "10s" Message timeout duration |
object (workspace.v1.KafkaTls) | |
topic required | string Kafka topic |
version | string Kafka version: e.g. 2.0.0 |
{- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}
{- "kafka_code": "string",
- "kafka_message": "string",
- "request_id": "string"
}
{- "request_id": "string",
- "result": {
- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}
}
interval | string Default: "30s" S3 exporter interval: range [30s,1h] |
object (workspace.v1.KafkaConfig) | |
object (workspace.v1.S3DecisionConfig) |
{- "interval": "30s",
- "kafka": {
- "authentication": "string",
- "brokers": [
- "string"
], - "compression": "string",
- "idempotent": true,
- "max_message_size": 1000000,
- "max_retries": 3,
- "plain": {
- "user": "string"
}, - "required_acks": "string",
- "sasl": {
- "mechanism": "string",
- "oauth": {
- "client_credentials": {
- "client_id": "string",
- "scopes": "string",
- "token_endpoint": "string"
}, - "token_provider": "string",
- "user_managed": {
- "token": "string"
}
}, - "plain": {
- "user": "string"
}, - "version": 1
}, - "timeout": "10s",
- "tls": {
- "client_cert": "string",
- "insecure_skip_verify": true,
- "rootca": "string"
}, - "topic": "string",
- "version": "string"
}, - "s3_decisions": {
- "access_keys": "string",
- "decision_format": "string",
- "endpoint": "string",
- "file_format": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
}
{- "request_id": "string"
}
Verifies that the S3 bucket can be accessed with the provided credentials. Creates styra_test.json file
access_keys | string Access key ID and secret access key are stored at /v1/secrets/${access_keys} |
endpoint | string Custom endpoint or S3 compatible system endpoint (ie: https://storage.googleapis.com) |
region required | string S3 Region (ie: us-east-1 or auto) |
role_arn | string S3 RoleARN to assume access, as an alternative to access keys |
url required | string S3 Bucket URL (ie: s3://styra-storage or gs://styra-storage/folder) |
{- "access_keys": "string",
- "endpoint": "string",
- "region": "string",
- "role_arn": "string",
- "url": "string"
}
{- "request_id": "string",
- "s3_code": "string",
- "s3_message": "string"
}
Verifies that the repository can be accessed with the provided credentials
commit required | string Commit SHA. Only one of reference or commit can be set at any time |
credentials required | string Credentials are looked under the key |
id required | string id of the entity so that the config can be checked for duplicates |
path required | string Path to limit the import to |
reference required | string Remote reference. Only one of reference or commit can be set at any time |
object (git.v1.SSHCredentials) | |
url required | string Repository URL |
{- "commit": "string",
- "credentials": "string",
- "id": "string",
- "path": "string",
- "reference": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
{- "request_id": "string",
- "result": {
- "commit": "string",
- "credentials": "string",
- "path": "string",
- "reference": "string",
- "sha": "string",
- "ssh_credentials": {
- "passphrase": "string",
- "private_key": "string"
}, - "url": "string"
}
}
Gets the list of files for the branch that the Styra DAS creates when modifying rego in the Styra DAS UI and pushing the changes to GitHub in a branch for review.
id required | string.* workspace id |
{- "request_id": "string",
- "result": {
- "branch": "string",
- "changed_files": [
- "string"
], - "deleted_files": [
- "string"
], - "files": {
- "property1": "string",
- "property2": "string"
}
}
}
Commit files to source control associated with a workspace
id required | string.* workspace id |
author required | string |
email required | string |
required | object Map of filenames to file contents |
files_to_delete required | Array of strings List of filenames to delete from the repo |
message required | string |
{- "author": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
{- "request_id": "string",
- "result": {
- "author": "string",
- "branch": "string",
- "email": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}, - "files_to_delete": [
- "string"
], - "message": "string"
}
}
Gets the list of files in the currently chosen branch.
id required | string.* workspace id |
{- "request_id": "string",
- "result": {
- "branch": "string",
- "files": {
- "property1": "string",
- "property2": "string"
}
}
}