Edits an existing access policy. You can't edit a global-level policy, as these are managed by Dynatrace.
If the specified policy doesn't exist, a new policy is created instead.
The request consumes and produces an application/json payload.
PUT |
|
To execute this request, you need the Allow IAM policy configuration for environments (iam-policies-management) permission assigned to your token. To learn how to obtain and use it, see OAuth clients.
The ID of the required policy.
The ID of the policy level. Use one of the following values, depending on the level type:
The type of the policy level. The following values are available:
account: An account policy applies to all environments of an account.environment: An environment policy applies to a specific environment.Each level inherits the policies of the higher level and extends them with its own policies.
The JSON body of the request. Contains the updated configuration of a policy.
CreateOrUpdateLevelPolicyRequestDto objectThe display name of the policy.
A short description of the policy.
A list of tags.
The category of the policy.
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
{"name": "string","description": "string","tags": ["string"],"statementQuery": "string","category": "string"}
Success. The policy has been created. The response contains the configuration of the policy.
Success. The policy has been updated. The response doesn't have a body.
LevelPolicyDto objectThe ID of the policy.
The display name of the policy.
A list of tags.
A short description of the policy.
Statement objectThe effect of the policy (for example, allow something).
The service to which the policy applies.
A list of granted permissions.
Condition objectThe name of the condition.
It indicates which part of the services is checked by the condition.
The operator of the condition.
A list of reference values of the condition.
{"uuid": "string","name": "string","tags": ["string"],"description": "string","statementQuery": "string","statements": [{"effect": "string","service": "string","permissions": ["string"],"conditions": [{"name": "string","operator": "string","values": ["string"]}]}]}
We recommend that you validate the payload before submitting it with an actual request. A response code of 200 indicates a valid payload.
The request consumes an application/json payload.
POST |
|
To execute this request, you need the Allow IAM policy configuration for environments (iam-policies-management) permission assigned to your token. To learn how to obtain and use it, see OAuth clients.
The ID of the policy to be validated.
The ID of the policy level. Use one of the following values, depending on the level type:
The type of the policy level. The following values are available:
account: An account policy applies to all environments of an account.environment: An environment policy applies to a specific environment.Each level inherits the policies of the higher level and extends them with its own policies.
The JSON body of the request. Contains the configuration of a policy to be validated.
CreateOrUpdateLevelPolicyRequestDto objectThe display name of the policy.
A short description of the policy.
A list of tags.
The category of the policy.
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
{"name": "string","description": "string","tags": ["string"],"statementQuery": "string","category": "string"}
In this example, the request updates the apiExample policy from the POST request example. It changes the name and adds permission to read objects (settings:objects:read in the value of the statementQuery parameter) based on the anomaly detection for services (builtin:anomaly-detection.services) schema from the Settings 2.0 framework. The response code of 204 indicates successful modification.
curl --request PUT \--url https://api.dynatrace.com/iam/v1/repo/environment/mySampleEnv/policies/0c621587-f978-4c7b-89ee-d2045f611b03 \--header 'Authorization: Bearer abcdefjhij1234567890' \--header 'Content-Type: application/json' \--data '{"name": "apiExample - updated","description": "Example of an API request","tags": [],"statementQuery": "ALLOW settings:schemas:read, settings:objects:write, settings:objects:read WHERE settings:schemaId = \"builtin:anomaly-detection.services\";"}'
https://api.dynatrace.com/iam/v1/repo/environment/mySampleEnv/policies/0c621587-f978-4c7b-89ee-d2045f611b03
{"name": "apiExample - updated","description": "Example of an API request","tags": [],"statementQuery": "ALLOW settings:schemas:read, settings:objects:write, settings:objects:read WHERE settings:schemaId = \"builtin:anomaly-detection.services\";"}
204