Obtaining a Specific Policy Instance
Function
This API is used to obtain a specific policy instance.
URI
GET /v1/policyinstances/{policyinstanceid}
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
policyinstanceid |
Yes |
String |
Policy instance ID |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
No |
String |
Identity authentication information. Requests for calling an API can be authenticated using either a token or AK/SK. If token-based authentication is used, this parameter is mandatory and must be set to a user token. |
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
kind |
String |
API type |
|
apiVersion |
String |
API version |
|
metadata |
ObjectMeta object |
Resource metadata |
|
spec |
UCSConstraintSpec object |
Constraint specification |
|
status |
UCSConstraintStatus object |
Current status of the constraint |
|
Parameter |
Type |
Description |
|---|---|---|
|
constraint |
Constraint object |
Constraint object |
|
constraintTemplateID |
String |
Constraint template ID |
|
domainID |
String |
Domain ID of a user |
|
targetScope |
String |
Policy instance delivery scope. The value can be cluster or fleet. |
|
targetID |
String |
Object that the policy instance is delivered to. The value can be clusterID or clustergroupID. |
|
Parameter |
Type |
Description |
|---|---|---|
|
kind |
String |
API type |
|
apiVersion |
String |
API version |
|
metadata |
ObjectMeta object |
Resource metadata |
|
spec |
ConstraintSpec object |
Specification details |
|
Parameter |
Type |
Description |
|---|---|---|
|
uid |
String |
Resource ID |
|
name |
String |
Resource name |
|
generateName |
String |
If no name is provided, the server uses the prefix to generate a unique name. |
|
namespace |
String |
Namespace |
|
labels |
Map<String,String> |
Label |
|
annotations |
Map<String,String> |
Annotation |
|
creationTimestamp |
String |
Creation time |
|
updateTimestamp |
String |
Update time |
|
resourceVersion |
String |
Internal version of a resource |
|
generation |
String |
Generation of the desired resource state |
|
managedFields |
Array of ManagedFieldsEntry objects |
Fields managed by workflows |
|
ownerReferences |
Array of OwnerReference objects |
Ownership, dependencies, and garbage collection mechanism of objects. It supports resource management by the controller. |
|
Parameter |
Type |
Description |
|---|---|---|
|
manager |
String |
Manager name |
|
operation |
String |
Operation type that causes this entry being created. The value can only be Apply or Update. |
|
apiVersion |
String |
Resource API version used by a manager for defining fields |
|
time |
String |
Timestamp when this entry was created or last updated |
|
fieldsType |
String |
Field structure format. The value is fixed at "FieldsV1". |
|
fieldsV1 |
Object |
Information about the managed fields |
|
Parameter |
Type |
Description |
|---|---|---|
|
apiVersion |
String |
API version of the referent |
|
kind |
String |
Type of the referent |
|
name |
String |
Name of the referent |
|
uid |
String |
UID of the referent |
|
controller |
Boolean |
If the value is true, this reference points to the controller that manages the resource. |
|
blockOwnerDeletion |
Boolean |
If the value is true and the owner has a finalizer named foregroundDeletion, the owner cannot be deleted until this reference is removed. |
|
Parameter |
Type |
Description |
|---|---|---|
|
enforcementAction |
String |
Policy enforcement action. The options are warn and deny. |
|
match |
Match object |
List of matched results |
|
parameters |
Object |
Variable parameters |
|
Parameter |
Type |
Description |
|---|---|---|
|
kinds |
Array of ResourceKinds objects |
How a resource is applied. The value is preset, and a custom value does not take effect. |
|
namespaces |
Array of strings |
Namespace |
|
Parameter |
Type |
Description |
|---|---|---|
|
apiGroups |
Array of strings |
API group to which the resource belongs. |
|
kinds |
Array of strings |
Resource Type |
|
Parameter |
Type |
Description |
|---|---|---|
|
violations |
Array of UCSStatusViolation objects |
- |
|
Parameter |
Type |
Description |
|---|---|---|
|
clusterID |
String |
ID of the cluster to be audited |
|
auditTimestamp |
String |
Audit time |
|
clusterViolations |
Array of StatusViolation objects |
Violation status list |
|
clusterEvents |
Array of StatusEvent objects |
Interception event list |
|
warnEvents |
Array of StatusEvent objects |
Warning event list |
|
Parameter |
Type |
Description |
|---|---|---|
|
kind |
String |
Non-compliant resource type |
|
name |
String |
Non-compliant resource name |
|
namespace |
String |
Namespace of the non-compliant resource |
|
message |
String |
Violation details |
|
enforcementAction |
String |
Enforcement action |
|
Parameter |
Type |
Description |
|---|---|---|
|
firstTimestamp |
String |
Time when there was an interception event for the first time |
|
resourceKind |
String |
Resource type of an interception event |
|
resourceName |
String |
Resource name of an interception event |
|
resourceNamespace |
String |
Resource namespace of an interception event. Leave this field empty if there is no namespace. |
|
message |
String |
Interception event details |
Status code: 400
|
Parameter |
Type |
Description |
|---|---|---|
|
- |
String |
- |
Status code: 500
|
Parameter |
Type |
Description |
|---|---|---|
|
- |
String |
- |
Example Requests
None
Example Responses
Status code: 200
Policy instance details obtained
{
"kind" : "K8sPSPVolumeTypes",
"apiVersion" : "constraints.gatekeeper.sh/v1beta1",
"metadata" : {
"name" : "k8spspvolumetypes-lmjw9v",
"uid" : "c38ecd83-b34d-11ee-a9a6-0255ac10004d",
"creationTimestamp" : "2024-01-15 02:28:26.986054 +0000 UTC",
"updateTimestamp" : "2024-01-15 02:28:26.986054 +0000 UTC"
},
"spec" : {
"constraint" : {
"kind" : "K8sPSPVolumeTypes",
"apiVersion" : "constraints.gatekeeper.sh/v1beta1",
"metadata" : {
"name" : "k8spspvolumetypes-lmjw9v"
},
"spec" : {
"enforcementAction" : "deny",
"match" : {
"kinds" : [ {
"kinds" : [ "Pod" ]
} ],
"namespaces" : [ "default" ]
},
"parameters" : {
"volumes" : [ "22" ]
}
}
},
"domainID" : "05495693d180d3c90f9ec0171879f760",
"targetID" : "9c819dca-9a81-11ee-b1ab-0255ac100040",
"targetScope" : "fleet",
"constraintTemplateID" : "26b13a89-cefa-11ed-9f2c-0255ac10003c"
},
"status" : { }
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Policy instance details obtained |
|
400 |
Client request error. The server could not execute the request. |
|
500 |
Internal server error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
