List rules

Returns a list of policy rules.

Query Parameters

limit int64
Limits the size of the response on each page to the specified number of items.
start string
Sets the page token used to browse the collection. Leave this parameter empty to get the first page. Other pages can be traversed using HATEOAS links.
organizational_unit_id string
The Clumio-assigned ID of the organizational unit (OU) for which to retrieve rules. Only ancestor OU IDs or OU IDs accessible to the current OU or the current OU ID itself are allowed.
sort string
Returns the list of rules in the order specified. Set sort to the name of the sort field by which to sort in ascending order. To sort the list in reverse order, prefix the field name with a minus sign (-). Only one field may be sorted at a time.

The following table lists the supported sort fields for this resource:

Sort Field Description
priority Sorts the rules in ascending priority (lowest first) order. For example, ?sort=priority
If a sort order is not specified, the individual rules are sorted by "priority" in descending priority (highest first) order.
filter string
Narrows down the results to only the items that satisfy the filter criteria. The following table lists the supported filter fields for this resource and the filter conditions that can be applied on those fields:

Field Filter Condition Description
id $in Denotes the specific Rule IDs to retrieve, up to 100 ids {"rule_id":{"$in":["1", "2"]}}
For more information about filtering, refer to the Filtering section of this guide.

Sort Field	Description
priority	Sorts the rules in ascending priority (lowest first) order. For example, `?sort=priority`

Field	Filter Condition	Description
id	$in	Denotes the specific Rule IDs to retrieve, up to 100 ids `{"rule_id":{"$in":["1", "2"]}}`

Responses

200
default

Success

application/api.clumio.policy-rules=v1+json

Schema
Example (from schema)

Schema

_embedded object

An array of embedded resources related to this resource.

items object[]

A collection of requested items.

_embedded object

Embedded responses related to the resource.

read-policy-definition Embeds the associated policy of a protected resource in the response if requested using the `embed` query parameter. Unprotected resources will not have an associated policy.

Embeds the associated policy of a protected resource in the response if requested using the embed query parameter. Unprotected resources will not have an associated policy.

_links object

URLs to pages related to the resource.

_self object

The HATEOAS link to this resource.

href string

The URI for the referenced operation.

templated boolean

Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

type string

The HTTP method to be used with the "href" link for the referenced operation.

delete-policy-rule object

A resource-specific HATEOAS link.

href string

The URI for the referenced operation.

templated boolean

Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

type string

The HTTP method to be used with the "href" link for the referenced operation.

read-policy-definition object

A HATEOAS link to the policy protecting this resource. Will be omitted for unprotected entities.

href string

The URI for the referenced operation.

templated boolean

Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

type string

The HTTP method to be used with the "href" link for the referenced operation.

update-policy-rule object

A resource-specific HATEOAS link.

href string

The URI for the referenced operation.

templated boolean

Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.

type string

The HTTP method to be used with the "href" link for the referenced operation.

action object

An action to be applied subject to the rule criteria.

assign_policy object

Apply a policy to assets.

policy_id string

The policy to be applied to the assets.

condition string

The following table describes the possible conditions for a rule.

Field	Rule Condition	Description
aws_account_native_id	$eq, $in	Denotes the AWS account to conditionalize on `{"aws_account_native_id":{"$eq":"111111111111"}}` `{"aws_account_native_id":{"$in":["111111111111", "222222222222"]}}`
aws_region	$eq, $in	Denotes the AWS region to conditionalize on `{"aws_region":{"$eq":"us-west-2"}}` `{"aws_region":{"$in":["us-west-2", "us-east-1"]}}`
aws_tag	$eq, $in, $all, $contains, $not_eq, $not_in, $not_all, $not_contains	Denotes the AWS tag(s) to conditionalize on. Max 100 tags allowed in each rule and tag key can be upto 128 characters and value can be upto 256 characters long. `{"aws_tag":{"$eq":{"key":"Environment", "value":"Prod"}}}` `{"aws_tag":{"$in":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$all":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$contains":{"key":"Environment", "value":"Prod"}}}` `{"aws_tag":{"$not_eq":{"key":"Environment", "value":"Prod"}}}` `{"aws_tag":{"$not_in":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$not_all":[{"key":"Environment", "value":"Prod"}, {"key":"Hello", "value":"World"}]}}` `{"aws_tag":{"$not_contains":{"key":"Environment", "value":"Prod"}}}`
entity_type	$eq, $in	Denotes the AWS entity type to conditionalize on. (Required) `{"entity_type":{"$eq":"aws_rds_instance"}}` `{"entity_type":{"$in":["aws_rds_instance", "aws_ebs_volume", "aws_ec2_instance","aws_dynamodb_table", "aws_rds_cluster"]}}`

id string

The Clumio-assigned ID of the policy rule.

name string

Name of the rule. Max 100 characters.

organizational_unit_id string

The Clumio-assigned ID of the organizational unit (OU) to which the policy rule belongs.

priority object

A priority relative to other rules.

before_rule_id string

The rule ID before which this rule should be inserted.

_links object
URLs to pages related to the resource.
_first object
The HATEOAS link to the first page of results.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
_next object
The HATEOAS link to the next page of results.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
_self object
The HATEOAS link to this resource.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
create-policy-rule object
A resource-specific HATEOAS link.
href string
The URI for the referenced operation.
templated boolean
Determines whether the "href" link is a URI template. If set to true, the "href" link is a URI template.
type string
The HTTP method to be used with the "href" link for the referenced operation.
current_count int64
The number of items listed on the current page.
limit int64
The maximum number of items displayed per page in the response.
start string
The page token used to get this response.

{
  "_embedded": {
    "items": [
      {
        "_embedded": {},
        "_links": {
          "_self": {
            "href": "string",
            "templated": true,
            "type": "string"
          },
          "delete-policy-rule": {
            "href": "string",
            "templated": true,
            "type": "string"
          },
          "read-policy-definition": {
            "href": "string",
            "templated": true,
            "type": "string"
          },
          "update-policy-rule": {
            "href": "string",
            "templated": true,
            "type": "string"
          }
        },
        "action": {
          "assign_policy": {
            "policy_id": "string"
          }
        },
        "condition": "string",
        "id": "string",
        "name": "string",
        "organizational_unit_id": "string",
        "priority": {
          "before_rule_id": "string"
        }
      }
    ]
  },
  "_links": {
    "_first": {
      "href": "string",
      "templated": true,
      "type": "string"
    },
    "_next": {
      "href": "string",
      "templated": true,
      "type": "string"
    },
    "_self": {
      "href": "string",
      "templated": true,
      "type": "string"
    },
    "create-policy-rule": {
      "href": "string",
      "templated": true,
      "type": "string"
    }
  },
  "current_count": 0,
  "limit": 0,
  "start": "string"
}

Error

application/json

Schema
Example (from schema)

Schema

errors object[]
A list of errors encountered during runtime.
error_code uint32
error_message string
The reason for the error.

{
  "errors": [
    {
      "error_code": 0,
      "error_message": "string"
    }
  ]
}

List rules​

List rules