Retrieve a rule

Returns a representation of the specified policy rule.

Path Parameters

rule_id string required
Performs the operation on the rule with the specified ID.

Responses

200
default

Success

application/api.clumio.policy-rules=v1+json

Schema
Example (from schema)

Schema

_embedded object
Embedded responses related to the resource.
read-policy-definition Embeds the associated policy of a protected resource in the response if requested using the `embed` query parameter. Unprotected resources will not have an associated policy.
Embeds the associated policy of a protected resource in the response if requested using the embed query parameter. Unprotected resources will not have an associated policy.
_links object
URLs to pages related to the resource.
_self object
The HATEOAS link to this resource.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
delete-policy-rule object
A resource-specific HATEOAS link.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
read-policy-definition object
A HATEOAS link to the policy protecting this resource. Will be omitted for unprotected entities.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
update-policy-rule object
A resource-specific HATEOAS link.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
action object
An action to be applied subject to the rule criteria.
assign_policy object
Apply a policy to assets.
policy_id string
The policy to be applied to the assets.

condition string

The following table describes the possible conditions for a rule.

Field	Rule Condition	Description
aws_account_native_id	$eq, $in	Denotes the AWS account to conditionalize on `{"aws_account_native_id":{"$eq":"111111111111"}}` `{"aws_account_native_id":{"$in":["111111111111", "222222222222"]}}`
aws_region	$eq, $in	Denotes the AWS region to conditionalize on `{"aws_region":{"$eq":"us-west-2"}}` `{"aws_region":{"$in":["us-west-2", "us-east-1"]}}`
aws_tag	$eq, $in, $all, $contains, $not_eq, $not_in, $not_all, $not_contains	Denotes the AWS tag(s) to conditionalize on. Max 100 tags allowed in each rule and tag key can be upto 128 characters and value can be upto 256 characters long. `{"aws_tag":{"$eq":{"key":"Environment", "value":"Prod"}}}` `{"aws_tag":{"$in":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$all":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$contains":{"key":"Environment", "value":"Prod"}}}` `{"aws_tag":{"$not_eq":{"key":"Environment", "value":"Prod"}}}` `{"aws_tag":{"$not_in":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$not_all":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$not_contains":{"key":"Environment", "value":"Prod"}}}`
entity_type	$eq, $in	Denotes the AWS entity type to conditionalize on. (Required) `{"entity_type":{"$eq":"aws_rds_instance"}}` `{"entity_type":{"$in":["aws_rds_instance", "aws_ebs_volume", "aws_ec2_instance","aws_dynamodb_table", "aws_rds_cluster"]}}`

id string
The Clumio-assigned ID of the policy rule.
name string
Name of the rule. Max 100 characters.
organizational_unit_id string
The Clumio-assigned ID of the organizational unit (OU) to which the policy rule belongs.
priority object
A priority relative to other rules.
before_rule_id string
The rule ID before which this rule should be inserted.

{
  "_embedded": {},
  "_links": {
    "_self": {
      "href": "string",
      "templated": true,
      "type": "string"
    },
    "delete-policy-rule": {
      "href": "string",
      "templated": true,
      "type": "string"
    },
    "read-policy-definition": {
      "href": "string",
      "templated": true,
      "type": "string"
    },
    "update-policy-rule": {
      "href": "string",
      "templated": true,
      "type": "string"
    }
  },
  "action": {
    "assign_policy": {
      "policy_id": "string"
    }
  },
  "condition": "string",
  "id": "string",
  "name": "string",
  "organizational_unit_id": "string",
  "priority": {
    "before_rule_id": "string"
  }
}

Error

application/json

Schema
Example (from schema)

Schema

errors object[]
A list of errors encountered during runtime.
error_code uint32
error_message string
The reason for the error.

{
  "errors": [
    {
      "error_code": 0,
      "error_message": "string"
    }
  ]
}

Retrieve a rule​

Retrieve a rule