Skip to main content

List rules

Returns a list of policy rules.

Query Parameters
  • limit int64

    Limits the size of the response on each page to the specified number of items.

  • start string

    Sets the page token used to browse the collection. Leave this parameter empty to get the first page. Other pages can be traversed using HATEOAS links.

  • organizational_unit_id string

    The Clumio-assigned ID of the organizational unit (OU) for which to retrieve rules. Only ancestor OU IDs or OU IDs accessible to the current OU or the current OU ID itself are allowed.

  • sort string

    Returns the list of rules in the order specified. Set sort to the name of the sort field by which to sort in ascending order. To sort the list in reverse order, prefix the field name with a minus sign (-). Only one field may be sorted at a time.

    The following table lists the supported sort fields for this resource:

    Sort FieldDescription
    prioritySorts the rules in ascending priority (lowest first) order. For example, ?sort=priority
    If a sort order is not specified, the individual rules are sorted by "priority" in descending priority (highest first) order.
  • filter string

    Narrows down the results to only the items that satisfy the filter criteria. The following table lists the supported filter fields for this resource and the filter conditions that can be applied on those fields:

    FieldFilter ConditionDescription
    id$inDenotes the specific Rule IDs to retrieve, up to 100 ids {"rule_id":{"$in":["1", "2"]}}
    For more information about filtering, refer to the Filtering section of this guide.
Responses

Success

Schema
  • _embedded object

    An array of embedded resources related to this resource.

  • items object[]

    A collection of requested items.

  • _embedded object

    Embedded responses related to the resource.

  • read-policy-definition Embeds the associated policy of a protected resource in the response if requested using the `embed` query parameter. Unprotected resources will not have an associated policy.

    Embeds the associated policy of a protected resource in the response if requested using the embed query parameter. Unprotected resources will not have an associated policy.

  • _links object

    URLs to pages related to the resource.

  • _self object

    The HATEOAS link to this resource.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • delete-policy-rule object

    A resource-specific HATEOAS link.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • read-policy-definition object

    A HATEOAS link to the policy protecting this resource. Will be omitted for unprotected entities.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • update-policy-rule object

    A resource-specific HATEOAS link.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • action object

    An action to be applied subject to the rule criteria.

  • assign_policy object

    Apply a policy to assets.

  • policy_id string

    The policy to be applied to the assets.

  • condition string

    The following table describes the possible conditions for a rule.

    FieldRule ConditionDescription
    aws_account_native_id$eq, $inDenotes the AWS account to conditionalize on {"aws_account_native_id":{"$eq":"111111111111"}} {"aws_account_native_id":{"$in":["111111111111", "222222222222"]}}
    aws_region$eq, $inDenotes the AWS region to conditionalize on {"aws_region":{"$eq":"us-west-2"}} {"aws_region":{"$in":["us-west-2", "us-east-1"]}}
    aws_tag$eq, $in, $all, $contains, $not_eq, $not_in, $not_all, $not_containsDenotes the AWS tag(s) to conditionalize on. Max 100 tags allowed in each rule and tag key can be upto 128 characters and value can be upto 256 characters long. {"aws_tag":{"$eq":{"key":"Environment", "value":"Prod"}}} {"aws_tag":{"$in":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}} {"aws_tag":{"$all":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}} {"aws_tag":{"$contains":{"key":"Environment", "value":"Prod"}}} {"aws_tag":{"$not_eq":{"key":"Environment", "value":"Prod"}}} {"aws_tag":{"$not_in":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}} {"aws_tag":{"$not_all":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}} {"aws_tag":{"$not_contains":{"key":"Environment", "value":"Prod"}}}
    entity_type$eq, $inDenotes the AWS entity type to conditionalize on. (Required) {"entity_type":{"$eq":"aws_rds_instance"}} {"entity_type":{"$in":["aws_rds_instance", "aws_ebs_volume", "aws_ec2_instance","aws_dynamodb_table", "aws_rds_cluster"]}}
  • id string

    The Clumio-assigned ID of the policy rule.

  • name string

    Name of the rule. Max 100 characters.

  • organizational_unit_id string

    The Clumio-assigned ID of the organizational unit (OU) to which the policy rule belongs.

  • priority object

    A priority relative to other rules.

  • before_rule_id string

    The rule ID before which this rule should be inserted.

  • _links object

    URLs to pages related to the resource.

  • _first object

    The HATEOAS link to the first page of results.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • _next object

    The HATEOAS link to the next page of results.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • _self object

    The HATEOAS link to this resource.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • create-policy-rule object

    A resource-specific HATEOAS link.

  • href string

    The URI for the referenced operation.

  • templated boolean

    Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

  • type string

    The HTTP method to be used with the "href" link for the referenced operation.

  • current_count int64

    The number of items listed on the current page.

  • limit int64

    The maximum number of items displayed per page in the response.

  • start string

    The page token used to get this response.

GET /policies/rules

Authorization

Request

Click Edit to configure Base URL
https://us-west-2.api.clumio.com
Bearer Token
limit — query
start — query
organizational_unit_id — query
sort — query
filter — query
curl -L -X GET 'https://us-west-2.api.clumio.com/policies/rules' \
-H 'Accept: application/api.clumio.policy-rules=v1+json' \
-H 'Authorization: Bearer <TOKEN>'