Rule

This contains APIs related to Governance Rule Management

List of Regions for Aws/Azure

List Aws/Azure Regions for filtering resources.

Securityx-api-key

Request

query Parameters

accountIdentifier required	string Account Identifier for the Entity.
cloudProvider required	string Cloud Provider Enum: "AWS" "AZURE" "GCP"

Responses

400

Bad Request

500

Internal server error

default

Return List of Aws/Azure Regions

get/ccm/api/governance/regions

Request samples

curl
Java
Go

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Clone a rule

Clone a Rule with the given ID.

Securityx-api-key

Request

query Parameters

accountIdentifier

required

string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule uuid

object (RuleClone)

This is the view of Rule Clone as defined in Cloud asset Governance Harness.

Responses

400

Bad Request

500

Internal server error

default

Newly Created Cloned Rule

post/ccm/api/governance/ruleClone

Request samples

Payload
curl
Java
Go

application/json

{"ruleClone": {"uuid": "string"
}
}

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Update a Rule

Securityx-api-key

Request

query Parameters

accountIdentifier

required

string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing rule object

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses

400

Bad Request

500

Internal server error

default

Updated Rule.

put/ccm/api/governance/rule

Request samples

Payload
curl
Java
Go

application/json

{"rule": {"uuid": "string",
"accountId": "string",
"name": "string",
"description": "string",
"rulesYaml": "string",
"tags": ["string"
],
"orgIdentifier": "string",
"projectIdentifier": "string",
"cloudProvider": "AWS",
"versionLabel": "string",
"isStablePolicy": true,
"storeType": "INLINE",
"isOOTB": true,
"deleted": true,
"forRecommendation": true,
"resourceType": "string",
"isMultiPolicyRule": false,
"subRulePolicyDetails": [{"name": "string",
"yaml": "string",
"resourceType": "string"
}
],
"createdAt": 0,
"lastUpdatedAt": 0,
"createdBy": {"uuid": "string",
"name": "string",
"email": "string",
"externalUserId": "string"
},
"lastUpdatedBy": {"uuid": "string",
"name": "string",
"email": "string",
"externalUserId": "string"
}
}
}

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Add a rule

Create a new governance rule.

Securityx-api-key

Request

query Parameters

accountIdentifier

required

string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule object

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses

400

Bad Request

500

Internal server error

default

Returns newly created rule

post/ccm/api/governance/rule

Request samples

Payload
curl
Java
Go

application/json

{"rule": {"uuid": "string",
"accountId": "string",
"name": "string",
"description": "string",
"rulesYaml": "string",
"tags": ["string"
],
"orgIdentifier": "string",
"projectIdentifier": "string",
"cloudProvider": "AWS",
"versionLabel": "string",
"isStablePolicy": true,
"storeType": "INLINE",
"isOOTB": true,
"deleted": true,
"forRecommendation": true,
"resourceType": "string",
"isMultiPolicyRule": false,
"subRulePolicyDetails": [{"name": "string",
"yaml": "string",
"resourceType": "string"
}
],
"createdAt": 0,
"lastUpdatedAt": 0,
"createdBy": {"uuid": "string",
"name": "string",
"email": "string",
"externalUserId": "string"
},
"lastUpdatedBy": {"uuid": "string",
"name": "string",
"email": "string",
"externalUserId": "string"
}
}
}

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Delete a rule

Delete a Rule with the given ID.

Securityx-api-key

Request

path Parameters

ruleID

required

string

Unique identifier for the rule

query Parameters

accountIdentifier

required

string

Account Identifier for the Entity.

Responses

400

Bad Request

500

Internal server error

default

A boolean whether the delete was successful or not

delete/ccm/api/governance/rule/{ruleID}

Request samples

curl
Java
Go

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Enqueue rule for execution

Securityx-api-key

Request

query Parameters

accountIdentifier

string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body for queuing the governance rule for execution

required	object Target details
targetAccounts	Array of strings
targetRegions	Array of strings Target region required for AWS/AZURE
ruleId required	string Rule id/uuid
policy required	string Policy yaml
isDryRun	boolean Default: true Set to true for dry run or false for actual run
isOOTB	boolean
ruleCloudProviderType required	string Cloud provider Enum: "AWS" "AZURE" "GCP"

Responses

202

Enqueued governance rule for evaluation and return list evaluation ids

400

Bad Request

500

Internal server error

post/ccm/api/governance/enqueueAdhoc

Request samples

Payload
curl
Java
Go

application/json

{"targetAccountDetails": {"property1": {"roleInfo": "string",
"roleId": "string",
"tenantInfo": "string",
"cloudConnectorId": "string",
"targetInfo": "string",
"type": "string"
},
"property2": {"roleInfo": "string",
"roleId": "string",
"tenantInfo": "string",
"cloudConnectorId": "string",
"targetInfo": "string",
"type": "string"
}
},
"targetAccounts": ["string"
],
"targetRegions": ["string"
],
"ruleId": "string",
"policy": "string",
"isDryRun": true,
"isOOTB": true,
"ruleCloudProviderType": "AWS"
}

Response samples

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Simple Request to enqueue rule for execution

Securityx-api-key

Request

query Parameters

accountIdentifier

string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body for queuing the governance rule for execution

targetAccounts required	Array of strings Target account_id/subscription_id/project_id
targetRegions	Array of strings Target region required for AWS/AZURE
ruleId required	string Rule id/uuid
isDryRun	boolean Default: true Set to true for dry run or false for actual run

Responses

202

Enqueued governance rule for evaluation and return list evaluation ids

400

Bad Request

500

Internal server error

post/ccm/api/governance/enqueueAdhocV2

Request samples

Payload
curl
Java
Go

application/json

{"targetAccounts": ["string"
],
"targetRegions": ["string"
],
"ruleId": "string",
"isDryRun": true
}

Response samples

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Custodian Schema

Get custodian schema for governance rule validation

Securityx-api-key

Request

query Parameters

accountIdentifier required	string
projectIdentifier	string
orgIdentifier	string

Responses

400

Bad Request

500

Internal server error

default

Custodian Governance Rule Schema

get/ccm/api/governance/ruleSchema

Request samples

curl
Java
Go

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Fetch rules for account

Fetch rules

Securityx-api-key

Request

query Parameters

accountIdentifier required	string Account Identifier for the Entity.
RuleNamePattern	string Search by Rule name pattern

Request Body schema: application/json
required

Request body containing rule object

object (RuleRequest)

This has the query to list the policies

Responses

400

Bad Request

500

Internal server error

default

Returns List of rules

post/ccm/api/governance/rule/list

Request samples

Payload
curl
Java
Go

application/json

{"query": {"accountId": "string",
"isOOTB": true,
"orgIdentifier": "string",
"projectIdentifier": "string",
"tags": "string",
"cloudProvider": "string",
"policyIds": ["string"
],
"isStablePolicy": true,
"search": "string",
"limit": 0,
"offset": 0,
"orderBy": [{"field": "PERSPECTIVE_ID",
"order": "ASCENDING"
}
],
"resourceType": "string"
}
}

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Governance Connectors

Get connectors with governance enabled and valid permission

Securityx-api-key

Request

query Parameters

accountIdentifier required	string Account Identifier for the Entity.
view	boolean View governance connector list
connectorType	string Enum: "K8sCluster" "Git" "Splunk" "AppDynamics" "Prometheus" "Dynatrace" "Vault" "AzureKeyVault" "DockerRegistry" "Local" "AwsKms" "GcpKms" "AwsSecretManager" "Gcp" "Aws" "Azure" "Artifactory" "Jira" "Nexus" "Github" "Gitlab" "Bitbucket" "Codecommit" "CEAws" "CEAzure" "GcpCloudCost" "CEK8sCluster" "HttpHelmRepo" "NewRelic" "Datadog" "SumoLogic" "PagerDuty" "CustomHealth" "ServiceNow" "ErrorTracking" "Pdc" "AzureRepo" "Jenkins" "OciHelmRepo" "CustomSecretManager" "ElasticSearch" "GcpSecretManager" "AzureArtifacts" "Tas" "Spot" "Bamboo" "TerraformCloud" "SignalFX" "Harness" "Rancher" "JDBC"

Responses

400

Bad Request

500

Internal server error

default

List of Governance Enabled Connectors

get/ccm/api/governance/connectorList

Request samples

curl
Java
Go

Response samples

400
500
default

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

Validate Governance Rule

Validate governance rule for syntactical errors.

Securityx-api-key

Request

query Parameters

accountIdentifier

required

string

Account Identifier for the Entity.

Request Body schema: application/json
required

Request body containing Rule with set rulesYaml to validate

object (CcmRule)

This object will contain the complete definition of a Cloud Cost Policies

Responses

400

Bad Request

500

Internal server error

default

post/ccm/api/governance/ruleValidate

Request samples

Payload
curl
Java
Go

application/json

{"rule": {"uuid": "string",
"accountId": "string",
"name": "string",
"description": "string",
"rulesYaml": "string",
"tags": ["string"
],
"orgIdentifier": "string",
"projectIdentifier": "string",
"cloudProvider": "AWS",
"versionLabel": "string",
"isStablePolicy": true,
"storeType": "INLINE",
"isOOTB": true,
"deleted": true,
"forRecommendation": true,
"resourceType": "string",
"isMultiPolicyRule": false,
"subRulePolicyDetails": [{"name": "string",
"yaml": "string",
"resourceType": "string"
}
],
"createdAt": 0,
"lastUpdatedAt": 0,
"createdBy": {"uuid": "string",
"name": "string",
"email": "string",
"externalUserId": "string"
},
"lastUpdatedBy": {"uuid": "string",
"name": "string",
"email": "string",
"externalUserId": "string"
}
}
}

Response samples

{"status": "SUCCESS",
"code": "DEFAULT_ERROR_CODE",
"message": "string",
"correlationId": "string",
"errors": [{"fieldId": "string",
"error": "string"
}
]
}

➔ Next to Rule Executions

Rule

List of Regions for Aws/Azure

query Parameters

Clone a rule

query Parameters

Request Body schema: application/jsonrequired

Update a Rule

query Parameters

Request Body schema: application/jsonrequired

Add a rule

query Parameters

Request Body schema: application/jsonrequired

Delete a rule

path Parameters

query Parameters

Enqueue rule for execution

query Parameters

Request Body schema: application/jsonrequired

Simple Request to enqueue rule for execution

query Parameters

Request Body schema: application/jsonrequired

Custodian Schema

query Parameters

Fetch rules for account

query Parameters

Request Body schema: application/jsonrequired

Governance Connectors

query Parameters

Validate Governance Rule

query Parameters

Request Body schema: application/jsonrequired

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required

Request Body schema: application/json
required