Knowledge Base Community Release Notes Request Demo

Policies

REST API operations for policies

Overview

The /policies REST API operations are in open beta starting with Panther version 1.98, and is available to all customers. Please share any bug reports and feature requests with your Panther support team.

Use these API operations to interact with in Panther.

To call the API, see the instructions—including .

Required permissions

For GET operations, your API token must have the View Policies permission.
For POST, PUT, and DELETE operations, your API token must have the Manage Policies permission.

Operations

PreviousSimple Rules NextUsers

Last updated 2 months ago

Was this helpful?

get policy

get

Authorizations

Path parameters

idstringRequired

the id of the policy to fetch

Responses

200

OK response.

application/json

404

not_found: Not Found response.

application/json

get

GET /policies/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

{
  "body": "text",
  "createdAt": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "lastModified": "text",
  "managed": true,
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

delete policy

delete

Authorizations

Path parameters

idstringRequired

ID of the policy to delete

Responses

204

No Content response.

400

bad_request: Bad Request response.

application/json

404

not_found: Not Found response.

application/json

delete

DELETE /policies/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

No content

list policies

get

Authorizations

Query parameters

cursorstringOptional

the pagination token

limitinteger · int64Optional

the maximum results to return

Default: 100

Responses

200

OK response.

application/json

get

GET /policies HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Accept: */*

200

OK response.

{
  "next": "text",
  "results": [
    {
      "body": "text",
      "createdAt": "text",
      "description": "text",
      "displayName": "text",
      "enabled": true,
      "id": "text",
      "lastModified": "text",
      "managed": true,
      "reports": {
        "ANY_ADDITIONAL_PROPERTY": [
          "text"
        ]
      },
      "resourceTypes": [
        "text"
      ],
      "severity": "INFO",
      "suppressions": [
        "aws::s3::*"
      ],
      "tags": [
        "text"
      ],
      "tests": [
        {
          "expectedResult": true,
          "mocks": [
            {
              "ANY_ADDITIONAL_PROPERTY": "text"
            }
          ],
          "name": "text",
          "resource": "text"
        }
      ]
    }
  ]
}

put policy

put

put creates or updates a policy

Authorizations

Path parameters

idstringRequired

the id of the policy

Query parameters

run-tests-firstbooleanOptional

set this field to false to exclude running tests prior to saving

Default: true

run-tests-onlybooleanOptional

set this field to true if you want to run tests without saving

Default: false

Body

bodystringRequired

The python body of the policy

descriptionstringOptional

The description of the policy

displayNamestringOptional

The display name of the policy

enabledbooleanOptional

Determines whether or not the policy is active

idstringRequired

The id of the policy

managedbooleanOptional

Determines if the policy is managed by panther

resourceTypesstring[]Optional

Resource types

severitystring · enumRequiredPossible values:

suppressionsstring[]Optional

Resources to ignore via a pattern that matches the resource id

Example: ["aws::s3::*"]

tagsstring[]Optional

The tags for the policy

Responses

200

200 returned if the item already existed

application/json

201

201 returned if the item was created

application/json

204

No Content response.

400

bad_request: Bad Request response.

application/json

put

PUT /policies/{id} HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 346

{
  "body": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "managed": true,
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

{
  "body": "text",
  "createdAt": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "lastModified": "text",
  "managed": true,
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

create policy

post

Authorizations

Query parameters

run-tests-firstbooleanOptional

set this field to false to exclude running tests prior to saving

Default: true

run-tests-onlybooleanOptional

set this field to true if you want to run tests without saving

Default: false

Body

bodystringRequired

The python body of the policy

descriptionstringOptional

The description of the policy

displayNamestringOptional

The display name of the policy

enabledbooleanOptional

Determines whether or not the policy is active

idstringRequired

The id of the policy

managedbooleanOptional

Determines if the policy is managed by panther

resourceTypesstring[]Optional

Resource types

severitystring · enumRequiredPossible values:

suppressionsstring[]Optional

Resources to ignore via a pattern that matches the resource id

Example: ["aws::s3::*"]

tagsstring[]Optional

The tags for the policy

Responses

200

OK response.

application/json

204

No Content response.

400

bad_request: Bad Request response.

application/json

409

exists: Conflict response.

application/json

post

POST /policies HTTP/1.1
Host: your-api-host
X-API-Key: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 346

{
  "body": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "managed": true,
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}

{
  "body": "text",
  "createdAt": "text",
  "description": "text",
  "displayName": "text",
  "enabled": true,
  "id": "text",
  "lastModified": "text",
  "managed": true,
  "reports": {
    "ANY_ADDITIONAL_PROPERTY": [
      "text"
    ]
  },
  "resourceTypes": [
    "text"
  ],
  "severity": "INFO",
  "suppressions": [
    "aws::s3::*"
  ],
  "tags": [
    "text"
  ],
  "tests": [
    {
      "expectedResult": true,
      "mocks": [
        {
          "ANY_ADDITIONAL_PROPERTY": "text"
        }
      ],
      "name": "text",
      "resource": "text"
    }
  ]
}