Create Compliance Report Configuration

Create a compliance report configuration.

application/json

Request Body

description string
The user-provided description of the compliance report configuration.
name string required
The user-provided name of the compliance report configuration.
notification object
Notification channels to send the generated report runs.
email_list string[]
Email list to send a generated report run.
parameter object required
Filter and control parameters of compliance report.
controls object required
Compliance controls to evaluate policy or assets for compliance.
asset_backup object
The control evaluating whether assets have at least one backup within each window of the specified look back period, with retention meeting the minimum required duration. For example, a look_back_period of 7 days, window_size of 1 day, and retention_duration of 1 month means that there should be a backup every day for the past week and that the retention of that backup should be at least 1 month.
look_back_period object required
The duration prior to the compliance evaluation point to look back.
unit string required
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32 required
Value indicates the value for time unit param.
minimum_retention_duration object required
The minimum required retention duration for a backup to be considered compliant.
unit string required
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32 required
Value indicates the value for time unit param.
window_size object required
The size of each evaluation window within the look back period in which at least one compliant backup must exist.
unit string required
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32 required
Value indicates the value for time unit param.
asset_protection object
The control evaluating if all assets are protected with a policy or not.
should_ignore_deactivated_policy boolean required
Treat deactivated policies as compliant if true.
policy object
The control evaluating if policies have a minimum backup retention and frequency.
minimum_retention_duration object required
The minimum retention duration for policy control.
unit string required
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32 required
Value indicates the value for time unit param.
minimum_rpo_frequency object required
The minimum RPO duration for policy control.
unit string required
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32 required
Value indicates the value for time unit param.
filters object
The set of filters supported in compliance report.
asset object
The filter for asset. This will be applied to asset backup and asset protection controls.
groups object[]
The asset groups to be filtered.
id string
The id of asset group.
region string
The region of asset group. For example, us-west-2. This is supported for AWS asset groups only.
type string required
Possible values: [aws, microsoft365, vmware]
The type of asset group.
tag_op_mode string
Possible values: [equal, or, and]
The tag filter operation to be applied to the given tags. This is supported for AWS assets only.
tags object[]
The asset tags to be filtered. This is supported for AWS assets only.
key string required
The key of tag to filter.
value string required
The value of tag to filter.
common object
The common filter which will be applied to all controls.
asset_types string[]
The asset types to be included in the report. For example, ["aws_ec2_instance", "aws_s3_bucket"].
data_sources string[]
The data sources to be included in the report. Possible values include aws, microsoft365.
organizational_units string[]
The organizational units to be included in the report.
schedule object
When the report will be generated and sent. If the schedule is not provided then a default value will be used.
day_of_month int64
The day of the month when the report will be sent out. This is required for the 'monthly' report frequency. It has to be >= 1 and <= 28, or '-1', which signifies end of month. If the day_of_month is set to -1 then the report will be sent out at the end of every month.
day_of_week string
Possible values: [sunday, monday, tuesday, wednesday, thursday, friday, saturday]
Which day the report will be sent out. This is required for 'weekly' report frequency.
frequency string
Possible values: [daily, weekly, monthly]
The unit of frequency in which the report is generated.
start_time string required
When the report will be sent out. This field should follow the format "HH:MM" based on a 24-hour clock. Only values where HH ranges from 0 to 23 and MM ranges from 0 to 59 are allowed.
timezone string
The timezone for the report schedule. The timezone must be a valid location name from the IANA Time Zone database. For instance, it can be "America/New_York", "US/Central", "UTC", or similar. If empty, then the timezone is considered as UTC.

Responses

200
default

Success

application/api.clumio.report-compliance=v1+json

Schema
Example (from schema)

Schema

created string
The RFC3339 format time when the report configuration was created.
description string
The user-provided description of the compliance report configuration.
id string
The unique identifier of the report configuration.
latest_run object
Most recent report run generated from the report configuration.
compliance_info object
The status per controls in the compliance report created by the report run.
compliance_status string
Possible values: [compliant, non_compliant, unknown]
The compliance status of the report run.
compliant_count int64
The count of compliant items of the report run.
controls object[]
The status per controls in the compliance report created by the report run.
compliant_count int64
The count of compliant items of the control.
control_status string
Possible values: [compliant, non_compliant, unknown]
The compliance status of the control.
name string
The name of the control.
non_compliant_count int64
The count of non-compliant items of the control.
unknown_count int64
The count of unknown items of the control.
items_covered object
The items covered in the compliance report created by the report run.
asset_count int64
The count of covered assets of the report run.
policy_count int64
The count of covered policies of the report run.
non_compliant_count int64
The count of non-compliant items of the report run.
unknown_count int64
The count of unknown items of the report run.
created string
The RFC3339 format time when the report run was created.
expired string
The RFC3339 format time when the report run was expired.
id string
The unique identifier of the report run.
name string
The name of the report run.
parameter object
Filter and control parameters of compliance report.
controls object
Compliance controls to evaluate policy or assets for compliance.
asset_backup object
The control evaluating whether assets have at least one backup within each window of the specified look back period, with retention meeting the minimum required duration. For example, a look_back_period of 7 days, window_size of 1 day, and retention_duration of 1 month means that there should be a backup every day for the past week and that the retention of that backup should be at least 1 month.
look_back_period object
The duration prior to the compliance evaluation point to look back.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
minimum_retention_duration object
The minimum required retention duration for a backup to be considered compliant.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
window_size object
The size of each evaluation window within the look back period in which at least one compliant backup must exist.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
asset_protection object
The control evaluating if all assets are protected with a policy or not.
should_ignore_deactivated_policy boolean
Treat deactivated policies as compliant if true.
policy object
The control evaluating if policies have a minimum backup retention and frequency.
minimum_retention_duration object
The minimum retention duration for policy control.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
minimum_rpo_frequency object
The minimum RPO duration for policy control.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
filters object
The set of filters supported in compliance report.
asset object
The filter for asset. This will be applied to asset backup and asset protection controls.
groups object[]
The asset groups to be filtered.
id string
The id of asset group.
region string
The region of asset group. For example, us-west-2. This is supported for AWS asset groups only.
type string
Possible values: [aws, microsoft365, vmware]
The type of asset group.
tag_op_mode string
Possible values: [equal, or, and]
The tag filter operation to be applied to the given tags. This is supported for AWS assets only.
tags object[]
The asset tags to be filtered. This is supported for AWS assets only.
key string
The key of tag to filter.
value string
The value of tag to filter.
common object
The common filter which will be applied to all controls.
asset_types string[]
The asset types to be included in the report. For example, ["aws_ec2_instance", "aws_s3_bucket"].
data_sources string[]
The data sources to be included in the report. Possible values include aws, microsoft365.
organizational_units string[]
The organizational units to be included in the report.
report_config_id string
The unique identifier of the report configuration from which the report run was generated.
report_download_link string
The link to download the report CSV.
status string
Possible values: [completed, failed, generating]
The generation status of the report run.
task_id string
The ID of the report run generation task.
updated string
The RFC3339 format time when the report run was updated.
name string
The user-provided name of the compliance report configuration.
notification object
Notification channels to send the generated report runs.
email_list string[]
Email list to send a generated report run.
parameter object
Filter and control parameters of compliance report.
controls object
Compliance controls to evaluate policy or assets for compliance.
asset_backup object
The control evaluating whether assets have at least one backup within each window of the specified look back period, with retention meeting the minimum required duration. For example, a look_back_period of 7 days, window_size of 1 day, and retention_duration of 1 month means that there should be a backup every day for the past week and that the retention of that backup should be at least 1 month.
look_back_period object
The duration prior to the compliance evaluation point to look back.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
minimum_retention_duration object
The minimum required retention duration for a backup to be considered compliant.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
window_size object
The size of each evaluation window within the look back period in which at least one compliant backup must exist.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
asset_protection object
The control evaluating if all assets are protected with a policy or not.
should_ignore_deactivated_policy boolean
Treat deactivated policies as compliant if true.
policy object
The control evaluating if policies have a minimum backup retention and frequency.
minimum_retention_duration object
The minimum retention duration for policy control.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
minimum_rpo_frequency object
The minimum RPO duration for policy control.
unit string
Possible values: [minutes, hours, days, weeks, months, years]
Unit indicates the unit for time unit param.
value int32
Value indicates the value for time unit param.
filters object
The set of filters supported in compliance report.
asset object
The filter for asset. This will be applied to asset backup and asset protection controls.
groups object[]
The asset groups to be filtered.
id string
The id of asset group.
region string
The region of asset group. For example, us-west-2. This is supported for AWS asset groups only.
type string
Possible values: [aws, microsoft365, vmware]
The type of asset group.
tag_op_mode string
Possible values: [equal, or, and]
The tag filter operation to be applied to the given tags. This is supported for AWS assets only.
tags object[]
The asset tags to be filtered. This is supported for AWS assets only.
key string
The key of tag to filter.
value string
The value of tag to filter.
common object
The common filter which will be applied to all controls.
asset_types string[]
The asset types to be included in the report. For example, ["aws_ec2_instance", "aws_s3_bucket"].
data_sources string[]
The data sources to be included in the report. Possible values include aws, microsoft365.
organizational_units string[]
The organizational units to be included in the report.
schedule object
When the report will be generated and sent. If the schedule is not provided then a default value will be used.
day_of_month int64
The day of the month when the report will be sent out. This is required for the 'monthly' report frequency. It has to be >= 1 and <= 28, or '-1', which signifies end of month. If the day_of_month is set to -1 then the report will be sent out at the end of every month.
day_of_week string
Possible values: [sunday, monday, tuesday, wednesday, thursday, friday, saturday]
Which day the report will be sent out. This is required for 'weekly' report frequency.
frequency string
Possible values: [daily, weekly, monthly]
The unit of frequency in which the report is generated.
start_time string
When the report will be sent out. This field should follow the format "HH:MM" based on a 24-hour clock. Only values where HH ranges from 0 to 23 and MM ranges from 0 to 59 are allowed.
timezone string
The timezone for the report schedule. The timezone must be a valid location name from the IANA Time Zone database. For instance, it can be "America/New_York", "US/Central", "UTC", or similar. If empty, then the timezone is considered as UTC.

{
  "created": "string",
  "description": "string",
  "id": "string",
  "latest_run": {
    "compliance_info": {
      "compliance_status": "compliant",
      "compliant_count": 0,
      "controls": [
        {
          "compliant_count": 0,
          "control_status": "compliant",
          "name": "string",
          "non_compliant_count": 0,
          "unknown_count": 0
        }
      ],
      "items_covered": {
        "asset_count": 0,
        "policy_count": 0
      },
      "non_compliant_count": 0,
      "unknown_count": 0
    },
    "created": "string",
    "expired": "string",
    "id": "string",
    "name": "string",
    "parameter": {
      "controls": {
        "asset_backup": {
          "look_back_period": {
            "unit": "minutes",
            "value": 0
          },
          "minimum_retention_duration": {
            "unit": "minutes",
            "value": 0
          },
          "window_size": {
            "unit": "minutes",
            "value": 0
          }
        },
        "asset_protection": {
          "should_ignore_deactivated_policy": true
        },
        "policy": {
          "minimum_retention_duration": {
            "unit": "minutes",
            "value": 0
          },
          "minimum_rpo_frequency": {
            "unit": "minutes",
            "value": 0
          }
        }
      },
      "filters": {
        "asset": {
          "groups": [
            {
              "id": "string",
              "region": "string",
              "type": "aws"
            }
          ],
          "tag_op_mode": "equal",
          "tags": [
            {
              "key": "string",
              "value": "string"
            }
          ]
        },
        "common": {
          "asset_types": [
            "string"
          ],
          "data_sources": [
            "string"
          ],
          "organizational_units": [
            "string"
          ]
        }
      }
    },
    "report_config_id": "string",
    "report_download_link": "string",
    "status": "completed",
    "task_id": "string",
    "updated": "string"
  },
  "name": "string",
  "notification": {
    "email_list": [
      "string"
    ]
  },
  "parameter": {
    "controls": {
      "asset_backup": {
        "look_back_period": {
          "unit": "minutes",
          "value": 0
        },
        "minimum_retention_duration": {
          "unit": "minutes",
          "value": 0
        },
        "window_size": {
          "unit": "minutes",
          "value": 0
        }
      },
      "asset_protection": {
        "should_ignore_deactivated_policy": true
      },
      "policy": {
        "minimum_retention_duration": {
          "unit": "minutes",
          "value": 0
        },
        "minimum_rpo_frequency": {
          "unit": "minutes",
          "value": 0
        }
      }
    },
    "filters": {
      "asset": {
        "groups": [
          {
            "id": "string",
            "region": "string",
            "type": "aws"
          }
        ],
        "tag_op_mode": "equal",
        "tags": [
          {
            "key": "string",
            "value": "string"
          }
        ]
      },
      "common": {
        "asset_types": [
          "string"
        ],
        "data_sources": [
          "string"
        ],
        "organizational_units": [
          "string"
        ]
      }
    }
  },
  "schedule": {
    "day_of_month": 0,
    "day_of_week": "sunday",
    "frequency": "daily",
    "start_time": "string",
    "timezone": "string"
  }
}

Error

application/json

Schema
Example (from schema)

Schema

errors object[]
A list of errors encountered during runtime.
error_code uint32
error_message string
The reason for the error.

{
  "errors": [
    {
      "error_code": 0,
      "error_message": "string"
    }
  ]
}

Create Compliance Report Configuration​

Create Compliance Report Configuration