Policy management API - GET a policy
Gets parameters of an access policy.
The request produces an application/json payload.
GET |
|
Authentication
To execute this request, you need the Allow IAM policy configuration for environments (iam-policies-management) permission assigned to your token. To learn how to obtain and use it, see Authentication.
Parameters
| Parameter | Type | Description | In | Required |
|---|---|---|---|---|
| levelType | string | The type of the policy level. The following values are available:
Each level inherits the policies of the higher level and extends them with its own policies. | path | required |
| levelId | string | The ID of the policy level. Use one of the following values, depending on the level type:
| path | required |
| policyUuid | string | The ID of the required policy. | path | required |
Response
Response codes
| Code | Type | Description |
|---|---|---|
| 200 | LevelPolicyDto | Success. The response contains the configuration of the policy. |
| 404 | ErrorDto | Failed. The specified resource is not found. |
Response body objects
The LevelPolicyDto object
| Element | Type | Description |
|---|---|---|
| uuid | string | The ID of the policy. |
| name | string | The display name of the policy. |
| tags | string[] | A list of tags. |
| description | string | A short description of the policy. |
| statementQuery | string | The statement of the policy. |
| statements | Statement[] | The expanded form of the policy statement. |
The Statement object
| Element | Type | Description |
|---|---|---|
| effect | string | The effect of the policy (for example, allow something). |
| service | string | The service to which the policy applies. |
| permissions | string[] | A list of granted permissions. |
| conditions | Condition[] | A list of conditions limiting the granted permissions. |
The Condition object
| Element | Type | Description |
|---|---|---|
| name | string | The name of the condition. It indicates which part of the services is checked by the condition. |
| operator | string | The operator of the condition. |
| values | string[] | A list of reference values of the condition. |
Response body JSON model
1{2 "uuid": "string",3 "name": "string",4 "tags": [5 "string"6 ],7 "description": "string",8 "statementQuery": "string",9 "statements": [10 {11 "effect": "string",12 "service": "string",13 "permissions": [14 "string"15 ],16 "conditions": [17 {18 "name": "string",19 "operator": "string",20 "values": [21 "string"22 ]23 }24 ]25 }26 ]27}
Example
In this example, the request lists parameters of the Settings Writer global policy (UUID is d10eb8e0-875a-40c8-821c-6214c23ac0b3).
Curl
1curl --request GET \2 --url 'https://api.dynatrace.com/iam/v1/repo/global/global/policies/d10eb8e0-875a-40c8-821c-6214c23ac0b3' \3 --header 'Authorization: Bearer abcdefjhij1234567890'
Request URL
1https://api.dynatrace.com/iam/v1/repo/global/global/policies/d10eb8e0-875a-40c8-821c-6214c23ac0b3
Response body
1{2 "uuid": "d10eb8e0-875a-40c8-821c-6214c23ac0b3",3 "name": "Settings Writer",4 "description": "Settings Writer Policy",5 "tags": [],6 "statementQuery": "ALLOW settings:objects:read, settings:objects:write, settings:schemas:read;",7 "statements": [8 {9 "effect": "ALLOW",10 "permissions": [11 "settings:objects:read",12 "settings:objects:write",13 "settings:schemas:read"14 ],15 "conditions": null16 }17 ]18}
Response code
200