Rule

This contains APIs related to Governance Rule Management

Clone a rule

Clone a Rule with the given ID.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule uuid

object (RuleClone)

This is the view of Rule Clone as defined in Cloud asset Governance Harness.

Responses
400

Bad Request

500

Internal server error

default

Newly Created Cloned Rule

post/ccm/api/governance/ruleClone
Request samples
application/json
{
  • "ruleClone": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Update a Rule

Update a Rule

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing rule object

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses
400

Bad Request

500

Internal server error

default

Updated Rule.

put/ccm/api/governance/rule
Request samples
application/json
{
  • "rule": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Add a rule

Create a new governance rule.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule object

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses
400

Bad Request

500

Internal server error

default

Returns newly created rule

post/ccm/api/governance/rule
Request samples
application/json
{
  • "rule": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Delete a rule

Delete a Rule with the given ID.

Securityx-api-key
Request
path Parameters
ruleID
required
string

Unique identifier for the rule

query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Responses
400

Bad Request

500

Internal server error

default

A boolean whether the delete was successful or not

delete/ccm/api/governance/rule/{ruleID}
Request samples
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Enqueues job for execution

Enqueues job for execution.

Securityx-api-key
Request
query Parameters
accountIdentifier
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body for queuing the governance job

ruleEnforcementId
string
object (RecommendationAdhocDTO)
ruleCloudProviderType
string
Enum: "AWS" "AZURE" "GCP"
ruleId
string
policy
string
targetRegion
string
isDryRun
boolean
isOOTB
boolean
executionType
string
Enum: "INTERNAL" "EXTERNAL"
isMultiPolicyRule
boolean
Array of objects (SubRulePolicyDetails)
isGovCloudConnector
boolean
ruleExecutionId
string
multiPolicyRule
boolean
govCloudConnector
boolean
Responses
400

Bad Request

500

Internal server error

default

Returns success when job is enqueued

post/ccm/api/governance/enqueue
Request samples
application/json
{
  • "ruleEnforcementId": "string",
  • "targetAccountDetails": {
    },
  • "ruleCloudProviderType": "AWS",
  • "ruleId": "string",
  • "policy": "string",
  • "targetRegion": "string",
  • "isDryRun": true,
  • "isOOTB": true,
  • "executionType": "INTERNAL",
  • "isMultiPolicyRule": true,
  • "subRulePolicyDetails": [
    ],
  • "isGovCloudConnector": true,
  • "ruleExecutionId": "string",
  • "multiPolicyRule": true,
  • "govCloudConnector": true
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Simple Request to enqueue rule for execution

Simple Request to enqueue rule for execution

Securityx-api-key
Request
query Parameters
accountIdentifier
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body for queuing the governance rule for execution

targetAccounts
required
Array of strings

Target account_id/subscription_id/project_id

targetRegions
Array of strings

Target region required for AWS/AZURE

ruleId
required
string

Rule id/uuid

isDryRun
boolean
Default: true

Set to true for dry run or false for actual run

Responses
202

Enqueued governance rule for evaluation and return list evaluation ids

400

Bad Request

500

Internal server error

post/ccm/api/governance/enqueueAdhocV2
Request samples
application/json
{
  • "targetAccounts": [
    ],
  • "targetRegions": [
    ],
  • "ruleId": "string",
  • "isDryRun": true
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

List resources for which cost co-relation is supported.

List resources for which cost co-relation is supported.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Responses
400

Bad Request

500

Internal server error

default

Return List of resources for which cost co-relation is supported.

get/ccm/api/governance/rule/costCoRelationSupportedResources
Request samples
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Custodian Schema

Get custodian schema for governance rule validation

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string
projectIdentifier
string
orgIdentifier
string
Responses
400

Bad Request

500

Internal server error

default

Custodian Governance Rule Schema

get/ccm/api/governance/ruleSchema
Request samples
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Fetch rules for account

Fetch rules

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

RuleNamePattern
string

Search by Rule name pattern

Request Body schema: application/json
required

Request body containing rule object

object (RuleRequest)

This has the query to list the policies

Responses
400

Bad Request

500

Internal server error

default

Returns List of rules

post/ccm/api/governance/rule/list
Request samples
application/json
{
  • "query": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Governance Targets

Get targets with governance enabled and valid permission

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

view
boolean

View governance target list

cloudProvider
required
string

Cloud Provider

Enum: "AWS" "AZURE" "GCP"
onlyTargetIds
boolean

Only Target ids

Responses
400

Bad Request

500

Internal server error

default

List of Governance Targets

get/ccm/api/governance/governanceTargetList
Request samples
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

List of Regions for Aws/Azure

List Aws/Azure Regions for filtering resources.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

cloudProvider
required
string

Cloud Provider

Enum: "AWS" "AZURE" "GCP"
Responses
400

Bad Request

500

Internal server error

default

Return List of Aws/Azure Regions

get/ccm/api/governance/regions
Request samples
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Enable/Disable a custom Rule to be considered for recommendation

Toggle a Rule for Recommendation

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

ruleId
string

Rule Id

enableRuleForRecommendation
boolean

Enable rule for Recommendation

Responses
400

Bad Request

500

Internal server error

default

True/false if toggle is successful

put/ccm/api/governance/rule/toggleForRecommendation
Request samples
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}

Validate Governance Rule

Validate governance rule for syntactical errors.

Securityx-api-key
Request
query Parameters
accountIdentifier
required
string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule with set rulesYaml to validate

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses
400

Bad Request

500

Internal server error

default
post/ccm/api/governance/ruleValidate
Request samples
application/json
{
  • "rule": {
    }
}
Response samples
{
  • "status": "SUCCESS",
  • "code": "DEFAULT_ERROR_CODE",
  • "message": "string",
  • "correlationId": "string",
  • "errors": [
    ]
}