Policy Group Environments¶
The PolicyGroup resource¶
A policy group represents the collection of OPA policies stored in a VCS repository.
When linked to an environment, the policy group will participate in the policy check phase of every run in that environment.
Key path
Description
type* (string)
Available values:policy-groups
id (string)
attributes.error-message (string)
This field contains the error description when the group’s status is
errored
.attributes.name* (string)
The policy group name must be unique within the account and contain only letters, numbers, dashes
attributes.opa-version (string)
The version of Open Policy Agent to use for the policy evaluation.
If omitted, the system default version is assigned.
attributes.status (string)
Policy group current status.
fetching
- waiting for policies to be synchronized with VCS.
active
- synchronization completed, policy group is ready.
errored
- synchronization has failed. Attributeerror-message
contains the details.attributes.vcs-repo.branch (string)
Branch of a repository the policy group is associated with. If omitted, the repository default branch will be used.
attributes.vcs-repo.identifier* (string)
A reference to your VCS repository.
For GitHub, GitHub Enterprise and GitLab the format is
<org>/<repo>
. For Azure DevOps Services the format is<org>/<project>/<repo>
.attributes.vcs-repo.path (string)
The sub-directory of the VCS repository where OPA policies are stored. The
scalr-policy.hcl
file must exist in this directory. Files and directories outside this directory will be ignored during a sync from VCS, and changing them won’t trigger a policy group update.If omitted or submitted as an empty string, this defaults to the repository’s root.
relationships.account* (object)
The account this policy group belongs to.
relationships.account.data.type* (string)
Available values:accounts
relationships.account.data.id* (string)
relationships.environments (object)
List of environments this policy group is linked to.
relationships.environments.data* (array)
relationships.policies (object)
List of OPA policies this group contains.
relationships.policies.data* (array)
relationships.vcs-provider* (object)
The policy group’s VCS provider.
relationships.vcs-provider.data.type* (string)
Available values:vcs-providers
relationships.vcs-provider.data.id* (string)
relationships.vcs-revision (object)
The Git commit information when the policy group was fetched from VCS.
relationships.vcs-revision.data.type* (string)
Available values:vcs-revisions
relationships.vcs-revision.data.id* (string)
relationships.workspaces (object)
List of workspaces affected by this policy group.
relationships.workspaces.data* (array)
links.self (string)
Update policy group environments relationships¶
-
PATCH
/api/iacp/v3/policy-groups/{policy_group}/relationships/environments
¶ - Parameters
policy_group (string) – The ID of the policy_group to update.
Update policy group environment relationships:
PATCH /api/iacp/v3/policy-groups/{policy_group}/relationships/environments HTTP/1.1 Host: my.scalr.io Content-Type: application/json Prefer: profile=preview { "data": [ { "id": "env-svrcnchebt61e30", "type": "environments" } ] }
- Status Codes
204 No Content – Successfully updated the policy group environments relationships.
404 Not Found – Environments or policy group not found, or user unauthorized to perform action.
4XX – Client error.
5XX – Server error.
Create policy group environments relationships¶
-
POST
/api/iacp/v3/policy-groups/{policy_group}/relationships/environments
¶ - Parameters
policy_group (string) – The ID of the policy_group to update.
Create policy group environment relationships:
POST /api/iacp/v3/policy-groups/{policy_group}/relationships/environments HTTP/1.1 Host: my.scalr.io Content-Type: application/json Prefer: profile=preview { "data": [ { "id": "env-svrcnchebt61e30", "type": "environments" } ] }
- Status Codes
204 No Content – Successfully created the policy group environments relationships.
404 Not Found – Environments or policy group not found, or user unauthorized to perform action.
4XX – Client error.
5XX – Server error.
Delete policy group’s environment relationship¶
-
DELETE
/api/iacp/v3/policy-groups/{policy_group}/relationships/environments/{environment}
¶ - Parameters
policy_group (string) – The ID of the policy group.
environment (string) – The ID of the environment to be unlinked from policy group.
- Status Codes
204 No Content – Successfully deleted the policy group’s environment relationship.
404 Not Found – Environment or policy group not found, or user unauthorized to perform action.
4XX – Client error.
5XX – Server error.