정책

정책에 대한 REST API 작업

개요

이러한 API 작업을 사용하여 상호 작용합니다 정책 Panther에서.

API를 호출하려면, 다음을 참조하세요 Panther REST API 사용 방법 지침—포함하여 이 문서 페이지에서 직접 호출하는 방법에 대한 안내.

필수 권한

에 대해 GET 작업의 경우, 귀하의 API 토큰은 다음을 가져야 합니다 정책 보기 권한.
에 대해 POST, PUT, 그리고 DELETE 작업의 경우, 귀하의 API 토큰은 다음을 가져야 합니다 정책 관리 권한.

작업

아래 API 엔드포인트는 클라우드 정책 전용입니다. 다른 디택션 유형과 상호작용하려면 해당 페이지를 참조하세요: 파이썬 기반 룰, 예약된 룰, 그리고 단순 디텍션.

create policy

post

Authorizations

X-API-KeystringRequired

Query parameters

run-tests-firstbooleanOptional

set this field to false to exclude running tests prior to saving

Default: true

run-tests-onlybooleanOptional

set this field to true if you want to run tests without saving

Default: false

Body

bodystringRequired

The python body of the policy

descriptionstringOptional

The description of the policy

displayNamestringOptional

The display name of the policy

enabledbooleanOptional

Determines whether or not the policy is active

idstringRequired

The id of the policy

managedbooleanOptional

Determines if the policy is managed by panther

outputIDsstring[]Optional

Destination IDs that override default alert routing based on severity

resourceTypesstring[]Optional

Resource types

severitystring · enumRequiredPossible values:

suppressionsstring[]Optional

Resources to ignore via a pattern that matches the resource id

Example: ["aws::s3::*"]

tagsstring[]Optional

The tags for the policy

Responses

200

OK response.

application/json

bodystringOptional

The python body of the policy

createdAtstringOptional

createdByExternalstringOptional

The text of the user-provided CreatedBy field when uploaded via CI/CD

descriptionstringOptional

The description of the policy

displayNamestringOptional

The display name of the policy

enabledbooleanOptional

Determines whether or not the policy is active

idstringOptional

The id of the policy

lastModifiedstringOptional

managedbooleanOptional

Determines if the policy is managed by panther

outputIDsstring[]Optional

Destination IDs that override default alert routing based on severity

resourceTypesstring[]Optional

Resource types

severitystring · enumOptionalPossible values:

suppressionsstring[]Optional

Resources to ignore via a pattern that matches the resource id

Example: ["aws::s3::*"]

tagsstring[]Optional

The tags for the policy

204

No Content response.

400

bad_request: Bad Request response.

application/json

409

exists: Conflict response.

application/json

post

/policies

POST /policies HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 367

{
  "body": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "managed": true,
  "outputIDs": [
    "text"
  ],
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

{
  "body": "text",
  "createdAt": "text",
  "createdBy": {
    "id": "user",
    "type": "text"
  },
  "createdByExternal": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "lastModified": "text",
  "managed": true,
  "outputIDs": [
    "text"
  ],
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

get policy

get

Authorizations

X-API-KeystringRequired

Path parameters

idstringRequired

the id of the policy to fetch

Responses

200

OK response.

application/json

bodystringOptional

The python body of the policy

createdAtstringOptional

createdByExternalstringOptional

The text of the user-provided CreatedBy field when uploaded via CI/CD

descriptionstringOptional

The description of the policy

displayNamestringOptional

The display name of the policy

enabledbooleanOptional

Determines whether or not the policy is active

idstringOptional

The id of the policy

lastModifiedstringOptional

managedbooleanOptional

Determines if the policy is managed by panther

outputIDsstring[]Optional

Destination IDs that override default alert routing based on severity

resourceTypesstring[]Optional

Resource types

severitystring · enumOptionalPossible values:

suppressionsstring[]Optional

Resources to ignore via a pattern that matches the resource id

Example: ["aws::s3::*"]

tagsstring[]Optional

The tags for the policy

404

not_found: Not Found response.

application/json

get

/policies/{id}

GET /policies/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

{
  "body": "text",
  "createdAt": "text",
  "createdBy": {
    "id": "user",
    "type": "text"
  },
  "createdByExternal": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "lastModified": "text",
  "managed": true,
  "outputIDs": [
    "text"
  ],
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

put policy

put

put creates or updates a policy

Authorizations

X-API-KeystringRequired

Path parameters

idstringRequired

the id of the policy

Query parameters

run-tests-firstbooleanOptional

set this field to false to exclude running tests prior to saving

Default: true

run-tests-onlybooleanOptional

set this field to true if you want to run tests without saving

Default: false

Body

bodystringRequired

The python body of the policy

descriptionstringOptional

The description of the policy

displayNamestringOptional

The display name of the policy

enabledbooleanOptional

Determines whether or not the policy is active

idstringRequired

The id of the policy

managedbooleanOptional

Determines if the policy is managed by panther

outputIDsstring[]Optional

Destination IDs that override default alert routing based on severity

resourceTypesstring[]Optional

Resource types

severitystring · enumRequiredPossible values:

suppressionsstring[]Optional

Resources to ignore via a pattern that matches the resource id

Example: ["aws::s3::*"]

tagsstring[]Optional

The tags for the policy

Responses

200

200 returned if the item already existed

application/json

bodystringOptional

The python body of the policy

createdAtstringOptional

createdByExternalstringOptional

The text of the user-provided CreatedBy field when uploaded via CI/CD

descriptionstringOptional

The description of the policy

displayNamestringOptional

The display name of the policy

enabledbooleanOptional

Determines whether or not the policy is active

idstringOptional

The id of the policy

lastModifiedstringOptional

managedbooleanOptional

Determines if the policy is managed by panther

outputIDsstring[]Optional

Destination IDs that override default alert routing based on severity

resourceTypesstring[]Optional

Resource types

severitystring · enumOptionalPossible values:

suppressionsstring[]Optional

Resources to ignore via a pattern that matches the resource id

Example: ["aws::s3::*"]

tagsstring[]Optional

The tags for the policy

201

201 returned if the item was created

application/json

204

No Content response.

400

bad_request: Bad Request response.

application/json

put

/policies/{id}

PUT /policies/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 367

{
  "body": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "managed": true,
  "outputIDs": [
    "text"
  ],
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

{
  "body": "text",
  "createdAt": "text",
  "createdBy": {
    "id": "user",
    "type": "text"
  },
  "createdByExternal": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "lastModified": "text",
  "managed": true,
  "outputIDs": [
    "text"
  ],
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

delete policy

delete

Authorizations

X-API-KeystringRequired

Path parameters

idstringRequired

ID of the policy to delete

Responses

204

No Content response.

400

bad_request: Bad Request response.

application/json

404

not_found: Not Found response.

application/json

delete

/policies/{id}

DELETE /policies/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

No content

list policies

get

Authorizations

X-API-KeystringRequired

Query parameters

cursorstringOptional

the pagination token

limitinteger · int64Optional

the maximum results to return

Default: 100

compliance-statusstring · enumOptional

Only include policies with this compliance status

Possible values:

name-containsstringOptional

Substring search by name (case-insensitive)

statestring · enumOptional

Only include policies in the given state

Possible values:

resource-typestring[]Optional

Only include policies which apply to one of the given resource types

tagstring[]Optional

Only include policies with one of the given tags (case-insensitive)

created-bystringOptional

Only include policies whose creator matches this user ID or actor ID

last-modified-bystringOptional

Only include policies last modified by this user ID or actor ID

Responses

200

OK response.

application/json

nextstringOptional

pagination token for the next page of results

get

/policies

GET /policies HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

200

OK response.

{
  "next": "text",
  "results": [
    {
      "body": "text",
      "createdAt": "text",
      "createdBy": {
        "id": "user",
        "type": "text"
      },
      "createdByExternal": "text",
      "description": "text",
      "displayName": "text",
      "enabled": true,
      "id": "text",
      "lastModified": "text",
      "managed": true,
      "outputIDs": [
        "text"
      ],
      "reports": {
        "ANY_ADDITIONAL_PROPERTY": [
          "text"
        ]
      },
      "resourceTypes": [
        "text"
      ],
      "severity": "INFO",
      "suppressions": [
        "aws::s3::*"
      ],
      "tags": [
        "text"
      ],
      "tests": [
        {
          "expectedResult": true,
          "mocks": [
            {
              "ANY_ADDITIONAL_PROPERTY": "text"
            }
          ],
          "name": "text",
          "resource": "text"
        }
      ]
    }
  ]
}

이전간단한 룰 다음사용자

마지막 업데이트 11일 전

도움이 되었나요?

hashtag개요

hashtag필수 권한

hashtag작업

hashtagcreate policy

hashtagget policy

hashtagput policy

hashtagdelete policy

hashtaglist policies

개요

필수 권한

작업

create policy

get policy

put policy

delete policy

list policies