PolicyExternalDTO
Individual Access Policy
Name of the Entity
Possible values: non-empty and <= 128 characters
Description of the Entity
True/False value that determines if this entity is Active or Disabled
tags object[]nullable
Tag Key
Possible values: non-empty
Tag Key Value
Possible values: non-empty
ID of the Resource Set in which this Access Entity exists
clientWorkload object
Name of the Entity
Possible values: non-empty and <= 128 characters
Description of the Entity
True/False value that determines if this entity is Active or Disabled
tags object[]nullable
Tag Key
Possible values: non-empty
Tag Key Value
Possible values: non-empty
ID of the Resource Set in which this Access Entity exists
identities object[]nullable
Possible values: <= 255 characters
Possible values: non-empty and <= 255 characters
Standalone Certificate Authority associated with this Client Workload
Access Policies associated with this Client Workload
trustProviders object[]nullable
Details of the Trust Providers associated with this Access Policy
Name of the Entity
Possible values: non-empty and <= 128 characters
Description of the Entity
True/False value that determines if this entity is Active or Disabled
tags object[]nullable
Tag Key
Possible values: non-empty
Tag Key Value
Possible values: non-empty
ID of the Resource Set in which this Access Entity exists
Trust Provider Id
Trust Provider Type
Possible values: non-empty
matchRules object[]nullable
Trust Provider Match Rules
Match Rule Attribute
Possible values: non-empty
Match Rule Attribute Value
Possible values: non-empty
Trust Provider Certificate or Public Key for cryptographic attestation
publicKeyValidation object
Response to a request for Public Key Validation
True if the Public Key was valid, False otherwise
Thumbprint of the Public Key
Expiration of the Public Key Certificate
Subject of the Public Key Certificate
Message describing why the Public Key was not valid if IsValidContent is False
OIDC URL to use for retrieving JWKS Public Keys
PEM Input Type
Access Policies associated with this Trust Provider
Agent Controllers associated with this Trust Provider
Agent Controller IDs associated with this Trust Provider
accessConditions object[]nullable
Details of the Access Conditions associated with this Access Policy
Name of the Entity
Possible values: non-empty and <= 128 characters
Description of the Entity
True/False value that determines if this entity is Active or Disabled
tags object[]nullable
Tag Key
Possible values: non-empty
Tag Key Value
Possible values: non-empty
ID of the Resource Set in which this Access Entity exists
ID of the Integration Entity used by this Access Condition
integration object
Integration details for 3rd party data used by Access Conditions
Name of the Entity
Possible values: non-empty and <= 128 characters
Description of the Entity
True/False value that determines if this entity is Active or Disabled
tags object[]nullable
Tag Key
Possible values: non-empty
Tag Key Value
Possible values: non-empty
ID of the Resource Set in which this Access Entity exists
Possible values: non-empty
Possible values: >= 300 and <= 3600
Possible values: non-empty
integrationJSON objectrequired
property name* JsonNode
options object
conditions objectrequired
Rules which are enforced by the Access Condition
property name* JsonNode
options object
Access Policies associated with this Access Condition
credentialProvider object
Individual Credential Provider
Name of the Entity
Possible values: non-empty and <= 128 characters
Description of the Entity
True/False value that determines if this entity is Active or Disabled
tags object[]nullable
Tag Key
Possible values: non-empty
Tag Key Value
Possible values: non-empty
ID of the Resource Set in which this Access Entity exists
Credential Provider Type (e.g. oauth-client-credential, username-password, etc.)
Possible values: non-empty
Credential Provider Role for use with Aembit Access Token type Credential Providers
The Lifetime of a Credential Provider's credential value
The expiration timestamp for a Credential Provider's credential value
JSON representation of the Credential Provider configuration details
Access Policies associated with this Credential Provider
serverWorkload object
Individual Server Workload
Name of the Entity
Possible values: non-empty and <= 128 characters
Description of the Entity
True/False value that determines if this entity is Active or Disabled
tags object[]nullable
Tag Key
Possible values: non-empty
Tag Key Value
Possible values: non-empty
ID of the Resource Set in which this Access Entity exists
serviceEndpoint objectrequired
Service Endpoint for a Server Workload
External ID of the Service Endpoint
ID of the Service Endpoint
Hostname or IP Address
Possible values: non-empty
Application Protocol
Possible values: non-empty
Transport Protocol (e.g. TCP)
Possible values: <= 3 characters
The target port as specified by the Client Workload
Possible values: >= 1 and <= 65535
The TLS encryption configuration of the Client Workload
The target port to which the Agent/Proxy will communicate
Possible values: >= 1 and <= 65535
The TLS encryption configuration which will be used by the Agent/Proxy
workloadServiceAuthentication object
Authentication configuration for a Server Workload
Authentication Method
Possible values: non-empty
Authentication Scheme
Possible values: non-empty
Authentication Configuration
TLS Verification configuration for the Agent/Proxy to Server Workload connection
Possible values: non-empty
httpHeaders object[]nullable
Static HTTP Headers to include for transmission to the Server Workload
Type of Server Workload
Access Policies associated with this Server Workload
policyNotes object[]nullable
Policy Notes for this Access Policy
Note added to an Access Policy by a User
Possible values: non-empty and <= 1024 characters
Timestamp the Note was created
Email address of the User who created the Access Policy Note
{
"externalId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"description": "string",
"isActive": true,
"tags": [
{
"key": "string",
"value": "string"
}
],
"createdAt": "2024-07-29T15:51:28.071Z",
"modifiedAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string",
"modifiedBy": "string",
"resourceSet": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"clientWorkload": {
"externalId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"description": "string",
"isActive": true,
"tags": [
{
"key": "string",
"value": "string"
}
],
"createdAt": "2024-07-29T15:51:28.071Z",
"modifiedAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string",
"modifiedBy": "string",
"resourceSet": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"identities": [
{
"type": "string",
"value": "string"
}
],
"standaloneCertificateAuthority": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"type": "string",
"accessPolicyCount": 0
},
"trustProviders": [
{
"externalId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"description": "string",
"isActive": true,
"tags": [
{
"key": "string",
"value": "string"
}
],
"createdAt": "2024-07-29T15:51:28.071Z",
"modifiedAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string",
"modifiedBy": "string",
"resourceSet": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"id": 0,
"provider": "string",
"matchRules": [
{
"attribute": "string",
"value": "string"
}
],
"certificate": "string",
"publicKeyValidation": {
"isValidContent": true,
"thumbprint": "string",
"expirationDate": "string",
"certificateSubject": "string",
"message": "string"
},
"oidcUrl": "string",
"pemType": "string",
"accessPolicyCount": 0,
"agentControllersCount": 0,
"agentControllerIds": [
"3fa85f64-5717-4562-b3fc-2c963f66afa6"
]
}
],
"accessConditions": [
{
"externalId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"description": "string",
"isActive": true,
"tags": [
{
"key": "string",
"value": "string"
}
],
"createdAt": "2024-07-29T15:51:28.071Z",
"modifiedAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string",
"modifiedBy": "string",
"resourceSet": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"integrationID": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"integration": {
"externalId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"description": "string",
"isActive": true,
"tags": [
{
"key": "string",
"value": "string"
}
],
"createdAt": "2024-07-29T15:51:28.071Z",
"modifiedAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string",
"modifiedBy": "string",
"resourceSet": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"type": "string",
"syncFrequencySeconds": 0,
"lastSync": "2024-07-29T15:51:28.071Z",
"lastSyncStatus": "string",
"endpoint": "string",
"integrationJSON": {},
"accessConditionsCount": 0
},
"conditions": {},
"accessPolicyCount": 0
}
],
"credentialProvider": {
"externalId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"description": "string",
"isActive": true,
"tags": [
{
"key": "string",
"value": "string"
}
],
"createdAt": "2024-07-29T15:51:28.071Z",
"modifiedAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string",
"modifiedBy": "string",
"resourceSet": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"type": "string",
"roleId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"lifetimeTimeSpanSeconds": 0,
"lifetimeExpiration": "2024-07-29T15:51:28.071Z",
"providerDetailJSON": "string",
"accessPolicyCount": 0
},
"serverWorkload": {
"externalId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"name": "string",
"description": "string",
"isActive": true,
"tags": [
{
"key": "string",
"value": "string"
}
],
"createdAt": "2024-07-29T15:51:28.071Z",
"modifiedAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string",
"modifiedBy": "string",
"resourceSet": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
"serviceEndpoint": {
"externalId": "string",
"id": 0,
"host": "string",
"appProtocol": "string",
"transportProtocol": "string",
"requestedPort": 0,
"requestedTls": true,
"port": 0,
"tls": true,
"workloadServiceAuthentication": {
"method": "string",
"scheme": "string",
"config": "string"
},
"tlsVerification": "string",
"httpHeaders": [
{
"key": "string",
"value": "string"
}
]
},
"type": "string",
"accessPolicyCount": 0
},
"policyNotes": [
{
"note": "string",
"createdAt": "2024-07-29T15:51:28.071Z",
"createdBy": "string"
}
]
}