Validate Building Blocks
  • 03 Nov 2024
  • 3 Minutes to read
  • Dark
    Light
  • PDF

Validate Building Blocks

  • Dark
    Light
  • PDF

Article summary

Post
/api/2.0/building-blocks/{envId}/validation

Validate Building Blocks.

Notice

Accessing the Policy Management APIs is through a dedicated domain/URL, according to your PlainID Tenant Location
  • United States (US) - https://api.us1.plainid.io
  • Canada (CA) - https://api.ca1.plainid.io
  • Europe (EU) - https://api.eu1.plainid.io
  • Local PAA - https://api.plainid.local

  • Using HTML Encoded Special Characters

    Use HTML encoded patterns when working with values that contain special characters like spaces, dashes, etc. Refer to this HTML URL Encoding Reference for a full list.


    Important note about headers

    Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.

    Headers

    *Required

    HeaderValuecURL Line
    Content-Typetext/plain;language=rego-H "Content-Type:text/plain;language=rego"

    cURL Sample Guidelines

    In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right. They will then appear in the cURL sample on the bottom of the page in the correct format.

    Security
    HTTP
    Type bearer

    For more details about Administration API Authentication, check out the Authentication APIs documentation. Provide your bearer token in the Authorization header when making requests to protected resources. Example: Authorization: Bearer 123

    Path parameters
    envId
    string (uuid) Required

    The Environment ID can be found under the Details tab in the Environment Settings.

    Query parameters
    filter[authWsId]
    string (uuid)

    Authorization Workspace ID. *Required if identityWsId is not provided.

    filter[identityWsId]
    string (uuid)

    Identity Workspace ID. *Required if authWsId is not provided.

    extendedSchema
    boolean

    Toggle to either enable or disable additional metadata, like the Policy id and description, in the response.

    Defaulttrue
    Body parameters
    Dynamic Groups
    "package building_blocks\nimport future.keywords\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: dg1\n#     id: f28c17c2-caeb-4cf2-a549-02bf03fe4e17\n#     description: dg1\ndynamic_group(identity){\n  identity.template == \"idWs1\"\n  identity[\"idAttr1\"] == \"test\"\n  identity[\"idAttr1\"] != \"prod\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: dg2\n#     id: 0a738db8-b669-4e33-a8db-97eee5d856d1\n#     description: dg2\ndynamic_group(identity){\n  identity.template == \"idWs1\"\n  contains(identity[\"idAttr1\"], \"admin\")\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: dg3\n#     id: 2539fb2b-c238-49cd-b6f0-65cf1aa65feb\n#     description: dg3\ndynamic_group(identity){\n  identity.template == \"idWs1\"\n  identity[\"idAttr1\"] != \"stage\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: idWs1 All Users\n#     id: 6de6071c-4d30-4a77-9e40-106dded2194e\n#     description: default dg\ndynamic_group(identity){\n  identity.template == \"idWs1\"\n}\n"
    RuleSets and Conditions
    "package building_blocks\nimport future.keywords\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Ruleset\n#     name: All Assets\n#     id: 69fedeb9-1a36-4e57-bd6c-3d22ccff1d06\n#     description: \"Predefined Ruleset. All Assets contains all created assets defined in the Asset Type\"\nruleset(asset, identity, requestParams){\n  asset.template == \"at1\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Ruleset\n#     name: rs1\n#     id: e9bc705a-cbdc-4f6f-9e4d-d7063bf9a791\n#     description: \"RuleSet 1\"\nruleset(asset, identity, requestParams){\n  asset.template == \"at1\"\n  asset[\"attr1\"] == \"doc\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Ruleset\n#     name: rs2\n#     id: 43129fab-da16-423e-a267-9385a8610f51\n#     description: \"Rule Set 2\"\nruleset(asset, identity, requestParams){\n  asset.template == \"at1\"\n  identity.template == \"idWs1\"\n  contains(asset[\"attr1\"], identity[\"idAttr1\"])\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Ruleset\n#     name: rs3\n#     id: 5969938d-d579-409b-bae8-467281db8545\n#     description: \"RuleSet 3\"\nruleset(asset, identity, requestParams){\n  asset.template == \"at1\"\n  asset[\"attr1\"] == \"foo3\"\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Condition IP\n#     name: c1\n#     id: fdee702c-2406-4608-bf58-a6d0791b6ed3\n#     description: \"Cond 1\"\ncondition_ip(env){\n  net.cidr_contains(\"10.0.0.0/10\", env.sourceIp)\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Condition Identity\n#     name: c2\n#     id: 133875fb-bff2-46b1-b9ea-a6c25225ba6f\n#     description: \"Cond 2\"\ncondition_identity(identity){\n  identity.template == \"idWs1\"\n  startswith(identity[\"idAttr1\"], \"qa\")\n}\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: Condition Request\n#     name: c3\n#     id: 2b37e468-a7ea-4039-ac35-5195da9f0b8a\n#     description: \"Cond 3\"\ncondition_request(requestParams, identity){\n  identity.template == \"idWs1\"\n  requestParams[\"role\"] == identity[\"idAttr1\"]\n}\n"
    string

    Building Blocks as Rego code

    Responses
    200

    successful operation

    Headers
    x-request-id
    string
    Invalid
    {
      "data": {
        "validationErrors": [
          {
            "args": {
              "0": "at1",
              "1": "ceef5853-1491-4d1c-ae52-2f2a1729b3a4",
              "2": "Claims"
            },
            "code": "PACV-001",
            "id": "ERHCQC",
            "line": 1,
            "message": "Template: [at1] not found in Environment: [ceef5853-1491-4d1c-ae52-2f2a1729b3a4], Hint: did yo  mean [Claims]?",
            "name": "TemplateNotFound"
          }
        ]
      }
    }
    Valid
    {
      "data": {
        "code": "package building_blocks\nimport future.keywords\n\n# METADATA\n# custom:\n#   plainid:\n#     kind: DynamicGroup\n#     name: dg1\ndynamic_group(identity){\n  identity.template == \"idWs1\"\n  identity[\"idAttr1\"] == \"test\"\n}\n",
        "validationErrors": null
      }
    }
    Expand All
    object
    data
    object
    code
    string

    Code

    validationErrors
    Array of object | null
    object
    code
    string
    id
    string
    line
    integer
    message
    string
    name
    string
    401

    Unauthorized

    Headers
    x-request-id
    string
    422

    Validation Failed - Invalid UUID

    Headers
    x-request-id
    string
    Invalid ID Format
    {
      "errors": [
        {
          "args": {
            "0": "ed252aa5-9d0c-4193-838-60bf20b13109",
            "1": "uuid"
          },
          "code": "V-032",
          "id": "EEJQMA",
          "message": "$: test is an invalid uuid",
          "name": "UnprocessableEntityError",
          "status": 422
        }
      ]
    }
    Expand All
    object
    errors
    Array of object (Error)
    object
    args
    object
    path
    string
    code
    string
    id
    string
    message
    string
    name
    string
    status
    integer

    Was this article helpful?