Harness

Rule

This contains APIs related to Governance Rule Management

Clone a rule

Clone a Rule with the given ID.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule uuid

object (RuleClone)

This is the view of Rule Clone as defined in Cloud asset Governance Harness.

Responses
400

Bad Request

500

Internal server error

default

Newly Created Cloned Rule

post/ccm/api/governance/ruleClone
Request samples
application/json
{
  • "ruleClone": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Update a Rule

Update a Rule

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing rule object

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses
400

Bad Request

500

Internal server error

default

Updated Rule.

put/ccm/api/governance/rule
Request samples
application/json
{
  • "rule": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Add a rule

Create a new governance rule.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule object

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses
400

Bad Request

500

Internal server error

default

Returns newly created rule

post/ccm/api/governance/rule
Request samples
application/json
{
  • "rule": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Delete a rule

Delete a Rule with the given ID.

Securityx-api-key
Request
path Parameters
ruleID
required
string

Unique identifier for the rule

query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Responses
400

Bad Request

500

Internal server error

default

A boolean whether the delete was successful or not

delete/ccm/api/governance/rule/{ruleID}
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Enqueues job for execution
Enqueues job for execution.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
string
Account Identifier for the Entity.


 
Request Body schema: application/json
required
Request body for queuing the governance job


ruleEnforcementId
string
 
object (RecommendationAdhocDTO) 
 
ruleCloudProviderType
string
 Enum: "AWS" "AZURE" "GCP"  
ruleId
string
 
policy
string
 
targetRegion
string
 
isDryRun
boolean
 
isOOTB
boolean
 
executionType
string
 Enum: "INTERNAL" "EXTERNAL"  
isMultiPolicyRule
boolean
 
Array of objects (SubRulePolicyDetails) 
 
isGovCloudConnector
boolean
 
multiPolicyRule
boolean
 
govCloudConnector
boolean
 
Responses 
400
Bad Request


500
Internal server error


default
Returns success when job is enqueued


post/ccm/api/governance/enqueue
Request samples 
application/json
{
  • "ruleEnforcementId": "string",
  • "targetAccountDetails": {
    },
  • "ruleCloudProviderType": "AWS",
  • "ruleId": "string",
  • "policy": "string",
  • "targetRegion": "string",
  • "isDryRun": true,
  • "isOOTB": true,
  • "executionType": "INTERNAL",
  • "isMultiPolicyRule": true,
  • "subRulePolicyDetails": [
    ],
  • "isGovCloudConnector": true,
  • "multiPolicyRule": true,
  • "govCloudConnector": true
}
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Simple Request to enqueue rule for execution
Simple Request to enqueue rule for execution


Securityx-api-key 
Request 
query Parameters
accountIdentifier
string
Account Identifier for the Entity.


 
Request Body schema: application/json
required
Request body for queuing the governance rule for execution


targetAccounts
required
Array of strings
Target account_id/subscription_id/project_id


 
targetRegions
Array of strings
Target region required for AWS/AZURE


 
ruleId
required
string
Rule id/uuid


 
isDryRun
boolean
 Default:  true
Set to true for dry run or false for actual run


 
Responses 
202
Enqueued governance rule for evaluation and return list evaluation ids


400
Bad Request


500
Internal server error


post/ccm/api/governance/enqueueAdhocV2
Request samples 
application/json
{
  • "targetAccounts": [
    ],
  • "targetRegions": [
    ],
  • "ruleId": "string",
  • "isDryRun": true
}
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
List resources for which cost co-relation is supported.
List resources for which cost co-relation is supported.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Responses 
400
Bad Request


500
Internal server error


default
Return List of resources for which cost co-relation is supported.


get/ccm/api/governance/rule/costCoRelationSupportedResources
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Custodian Schema
Get custodian schema for governance rule validation


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
 
projectIdentifier
string
 
orgIdentifier
string
 
Responses 
400
Bad Request


500
Internal server error


default
Custodian Governance Rule Schema


get/ccm/api/governance/ruleSchema
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Fetch rules for account
Fetch rules 


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
RuleNamePattern
string
Search by Rule name pattern


 
Request Body schema: application/json
required
Request body containing rule object


object (RuleRequest) 
This has the query to list the policies


 
Responses 
400
Bad Request


500
Internal server error


default
Returns List of rules


post/ccm/api/governance/rule/list
Request samples 
application/json
{
  • "query": {
    }
}
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Governance Targets
Get targets with governance enabled and valid permission


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
view
boolean
View governance target list


 
cloudProvider
required
string
Cloud Provider


 Enum: "AWS" "AZURE" "GCP"  
onlyTargetIds
boolean
Only Target ids


 
Responses 
400
Bad Request


500
Internal server error


default
List of Governance Targets


get/ccm/api/governance/governanceTargetList
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
List of Regions for Aws/Azure
List Aws/Azure Regions for filtering resources.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
cloudProvider
required
string
Cloud Provider


 Enum: "AWS" "AZURE" "GCP"  
Responses 
400
Bad Request


500
Internal server error


default
Return List of Aws/Azure Regions


get/ccm/api/governance/regions
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Enable/Disable a custom Rule to be considered for recommendation
Toggle a Rule for Recommendation


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
ruleId
string
Rule Id


 
enableRuleForRecommendation
boolean
Enable rule for Recommendation


 
Responses 
400
Bad Request


500
Internal server error


default
True/false if toggle is successful


put/ccm/api/governance/rule/toggleForRecommendation
Request samples 
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
Validate Governance Rule
Validate governance rule for syntactical errors.


Securityx-api-key 
Request 
query Parameters
accountIdentifier
required
string
Account Identifier for the Entity.


 
Request Body schema: application/json
required
Request body containing Rule with set rulesYaml to validate


object (CcmRule) 
This object will contain the complete definition of a Cloud Cost Policies


 
Responses 
400
Bad Request


500
Internal server error


default
post/ccm/api/governance/ruleValidate
Request samples 
application/json
{
  • "rule": {
    }
}
Response samples 
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}
➔ Next to Rule Executions