- 07 May 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Export Building Blocks
- Updated on 07 May 2024
- 2 Minutes to read
- Print
- DarkLight
- PDF
Export Building Blocks by Environment ID and Workspace ID.
Notice
Accessing the Policy Management APIs is through a dedicated domain/URL, according to your PlainID Tenant Locationhttps://api.us1.plainid.io
https://api.ca1.plainid.io
https://api.eu1.plainid.io
https://api.plainid.local
Headers
*RequiredName | Value |
---|---|
Accept | text/plain;language=rego |
For more details about Administration API Authentication, check out the Authentication APIs documentation
Provide your bearer token in the Authorization header when making requests to protected resources.
Example: Authorization: Bearer 123
The Environment ID can be found under the Details tab in the Environment Settings.
Authorization Workspace ID. *Required if identityWsId
is not provided.
Identity Workspace ID. *Required if authWsId
is not provided.
Kinds of Building Block Filters. *Required if at least one of the following filters are provided:filter[id]
, filter[name]
,filter[templateId]
.
Building Block ID Filter
Filter for multiple Building Block IDs. *Required if filter[id]
is not provided.
Building Block Name Filter
Building Block Template ID Filter
Toggle to either enable or disable additional metadata, like the Policy id
and description
, in the response.
successful operation
"package building_blocks\nimport future.keywords\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg1\n# id: f28c17c2-caeb-4cf2-a549-02bf03fe4e17\n# description: dg1\ndynamic_group(identity){\n identity.template == \"idWs1\"\n identity[\"idAttr1\"] == \"test\"\n identity[\"idAttr1\"] != \"prod\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg2\n# id: 0a738db8-b669-4e33-a8db-97eee5d856d1\n# description: dg2\ndynamic_group(identity){\n identity.template == \"idWs1\"\n contains(identity[\"idAttr1\"], \"admin\")\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: dg3\n# id: 2539fb2b-c238-49cd-b6f0-65cf1aa65feb\n# description: dg3\ndynamic_group(identity){\n identity.template == \"idWs1\"\n identity[\"idAttr1\"] != \"stage\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: DynamicGroup\n# name: idWs1 All Users\n# id: 6de6071c-4d30-4a77-9e40-106dded2194e\n# description: default dg\ndynamic_group(identity){\n identity.template == \"idWs1\"\n}\n"
"package building_blocks\nimport future.keywords\n\n# METADATA\n# custom:\n# plainid:\n# kind: Ruleset\n# name: All Assets\n# id: 69fedeb9-1a36-4e57-bd6c-3d22ccff1d06\n# description: \"Predefined Ruleset. All Assets contains all created assets defined in the Asset Type\"\nruleset(asset, identity, requestParams){\n asset.template == \"at1\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Ruleset\n# name: rs1\n# id: e9bc705a-cbdc-4f6f-9e4d-d7063bf9a791\n# description: \"RuleSet 1\"\nruleset(asset, identity, requestParams){\n asset.template == \"at1\"\n asset[\"attr1\"] == \"doc\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Ruleset\n# name: rs2\n# id: 43129fab-da16-423e-a267-9385a8610f51\n# description: \"Rule Set 2\"\nruleset(asset, identity, requestParams){\n asset.template == \"at1\"\n identity.template == \"idWs1\"\n contains(asset[\"attr1\"], identity[\"idAttr1\"])\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Ruleset\n# name: rs3\n# id: 5969938d-d579-409b-bae8-467281db8545\n# description: \"RuleSet 3\"\nruleset(asset, identity, requestParams){\n asset.template == \"at1\"\n asset[\"attr1\"] == \"foo3\"\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Condition IP\n# name: c1\n# id: fdee702c-2406-4608-bf58-a6d0791b6ed3\n# description: \"Cond 1\"\ncondition_ip(env){\n net.cidr_contains(\"10.0.0.0/10\", env.sourceIp)\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Condition Identity\n# name: c2\n# id: 133875fb-bff2-46b1-b9ea-a6c25225ba6f\n# description: \"Cond 2\"\ncondition_identity(identity){\n identity.template == \"idWs1\"\n startswith(identity[\"idAttr1\"], \"qa\")\n}\n\n# METADATA\n# custom:\n# plainid:\n# kind: Condition Request\n# name: c3\n# id: 2b37e468-a7ea-4039-ac35-5195da9f0b8a\n# description: \"Cond 3\"\ncondition_request(requestParams, identity){\n identity.template == \"idWs1\"\n requestParams[\"role\"] == identity[\"idAttr1\"]\n}\n"
Building Blocks as Rego code
bad request
{
"errors": [
{
"args": {
"0": "67c1ffe0-a540-4662-b894-0813abcc04ec"
},
"code": "PAC-005",
"id": "ERHCQC",
"message": "IdentityWs: [67c1ffe0-a540-4662-b894-0813abcc04ec] not found",
"name": "IdentityWsNotFound",
"status": 400
}
]
}
Unauthorized
not found
{
"errors": [
{
"args": {
"0": "67c1ffe0-a540-4662-b894-0813abcc04ec"
},
"code": "PAC-005",
"id": "ERHCQC",
"message": "Building Blocks not found",
"name": "BuildingBlocksNotFound",
"status": 404
}
]
}
Validation Failed - Invalid UUID
{
"errors": [
{
"args": {
"0": "ed252aa5-9d0c-4193-838-60bf20b13109",
"1": "uuid"
},
"code": "V-032",
"id": "EEJQMA",
"message": "$: test is an invalid uuid",
"name": "UnprocessableEntityError",
"status": 422
}
]
}