LukeParke/developer.sailpoint.com
1
0
Fork 0
mirror of https://github.com/LukeHagar/developer.sailpoint.com.git synced 2025-12-09 12:27:47 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update to powershell SDK docs: 13122455471

Browse Source
This commit is contained in:
developer-relations-sp
2025-02-03 20:42:04 +00:00
parent aeda961e54
commit bdb088c15d
207 changed files with 3520 additions and 8694 deletions
Download Patch File Download Diff File Expand all files Collapse all files

126
docs/tools/sdk/powershell/Reference/V3/Methods/SODPoliciesApi.md
View File

@@ -1,3 +1,4 @@
---
id: sod-policies
title: SODPolicies
@@ -9,7 +10,6 @@ slug: /tools/sdk/powershell/v3/methods/sod-policies
tags: ['SDK', 'Software Development Kit', 'SODPolicies', 'SODPolicies']
---
# SODPolicies
Use this API to implement and manage "separation of duties" (SOD) policies.
With SOD policy functionality in place, administrators can organize the access in their tenants to prevent individuals from gaining conflicting or excessive access.
@@ -62,9 +62,7 @@ Method | HTTP request | Description
[**Start-SodAllPoliciesForOrg**](#start-sod-all-policies-for-org) | **POST** `/sod-violation-report/run` | Runs all policies for org
[**Start-SodPolicy**](#start-sod-policy) | **POST** `/sod-policies/{id}/violation-report/run` | Runs SOD policy violation report
## create-sod-policy
This creates both General and Conflicting Access Based policy, with a limit of 50 entitlements for each (left & right) criteria for Conflicting Access Based SOD policy.
Requires role of ORG_ADMIN.
@@ -74,7 +72,6 @@ Param Type | Name | Data Type | Required | Description
Body | SodPolicy | [**SodPolicy**](../models/sod-policy) | True |
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
@@ -88,7 +85,6 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
@@ -150,7 +146,9 @@ $SodPolicy = @"{
"state" : "ENFORCED",
"externalPolicyReference" : "XYZ policy"
}"@
# Create SOD policy
try {
$Result = ConvertFrom-JsonToSodPolicy -Json $SodPolicy
New-SodPolicy-SodPolicy $Result
@@ -162,11 +160,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-sod-policy
This deletes a specified SOD policy.
Requires role of ORG_ADMIN.
@@ -177,7 +172,6 @@ Path | Id | **String** | True | The ID of the SOD Policy to delete.
Query | Logical | **Boolean** | (optional) (default to $true) | Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call.
### Return type
(empty response body)
### Responses
@@ -192,7 +186,6 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
@@ -200,7 +193,9 @@ Code | Description | Data Type
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD Policy to delete.
$Logical = $true # Boolean | Indicates whether this is a soft delete (logical true) or a hard delete. Soft delete marks the policy as deleted and just save it with this status. It could be fully deleted or recovered further. Hard delete vise versa permanently delete SOD request during this call. (optional) (default to $true)
# Delete SOD policy by ID
try {
Remove-SodPolicy-Id $Id
@@ -211,11 +206,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## delete-sod-policy-schedule
This deletes schedule for a specified SOD policy by ID.
### Parameters
@@ -224,7 +216,6 @@ Param Type | Name | Data Type | Required | Description
Path | Id | **String** | True | The ID of the SOD policy the schedule must be deleted for.
### Return type
(empty response body)
### Responses
@@ -239,14 +230,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD policy the schedule must be deleted for.
# Delete SOD policy schedule
try {
Remove-SodPolicySchedule-Id $Id
@@ -257,11 +249,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-custom-violation-report
This allows to download a specified named violation report for a given report reference.
### Parameters
@@ -271,7 +260,6 @@ Path | ReportResultId | **String** | True | The ID of the report reference to
Path | FileName | **String** | True | Custom Name for the file.
### Return type
**System.IO.FileInfo**
### Responses
@@ -286,7 +274,6 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/zip, application/json
@@ -294,7 +281,9 @@ Code | Description | Data Type
```powershell
$ReportResultId = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the report reference to download.
$FileName = "custom-name" # String | Custom Name for the file.
# Download custom violation report
try {
Get-CustomViolationReport-ReportResultId $ReportResultId -FileName $FileName
@@ -305,11 +294,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-default-violation-report
This allows to download a violation report for a given report reference.
### Parameters
@@ -318,7 +304,6 @@ Param Type | Name | Data Type | Required | Description
Path | ReportResultId | **String** | True | The ID of the report reference to download.
### Return type
**System.IO.FileInfo**
### Responses
@@ -333,14 +318,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/zip, application/json
### Example
```powershell
$ReportResultId = "ef38f94347e94562b5bb8424a56397d8" # String | The ID of the report reference to download.
# Download violation report
try {
Get-DefaultViolationReport-ReportResultId $ReportResultId
@@ -351,11 +337,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-all-report-run-status
This endpoint gets the status for a violation report for all policy run.
### Parameters
@@ -363,7 +346,6 @@ Param Type | Name | Data Type | Required | Description
------------- | ------------- | ------------- | ------------- | -------------
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
@@ -377,13 +359,14 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
# Get multi-report run task status
try {
Get-SodAllReportRunStatus
@@ -394,11 +377,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-policy
This gets specified SOD policy.
Requires role of ORG_ADMIN.
@@ -408,7 +388,6 @@ Param Type | Name | Data Type | Required | Description
Path | Id | **String** | True | The ID of the SOD Policy to retrieve.
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
@@ -423,14 +402,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD Policy to retrieve.
# Get SOD policy by ID
try {
Get-SodPolicy-Id $Id
@@ -441,11 +421,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-policy-schedule
This endpoint gets a specified SOD policy's schedule.
### Parameters
@@ -454,7 +431,6 @@ Param Type | Name | Data Type | Required | Description
Path | Id | **String** | True | The ID of the SOD policy schedule to retrieve.
### Return type
[**SodPolicySchedule**](../models/sod-policy-schedule)
### Responses
@@ -468,14 +444,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the SOD policy schedule to retrieve.
# Get SOD policy schedule
try {
Get-SodPolicySchedule-Id $Id
@@ -486,11 +463,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-violation-report-run-status
This gets the status for a violation report run task that has already been invoked.
### Parameters
@@ -499,7 +473,6 @@ Param Type | Name | Data Type | Required | Description
Path | ReportResultId | **String** | True | The ID of the report reference to retrieve.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
@@ -514,14 +487,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$ReportResultId = "2e8d8180-24bc-4d21-91c6-7affdb473b0d" # String | The ID of the report reference to retrieve.
# Get violation report run status
try {
Get-SodViolationReportRunStatus-ReportResultId $ReportResultId
@@ -532,11 +506,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## get-sod-violation-report-status
This gets the status for a violation report run task that has already been invoked.
### Parameters
@@ -545,7 +516,6 @@ Param Type | Name | Data Type | Required | Description
Path | Id | **String** | True | The ID of the violation report to retrieve status for.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
@@ -560,14 +530,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The ID of the violation report to retrieve status for.
# Get SOD violation report status
try {
Get-SodViolationReportStatus-Id $Id
@@ -578,11 +549,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## list-sod-policies
This gets list of all SOD policies.
Requires role of ORG_ADMIN
@@ -596,7 +564,6 @@ Param Type | Name | Data Type | Required | Description
Query | Sorters | **String** | (optional) | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, description**
### Return type
[**SodPolicy[]**](../models/sod-policy)
### Responses
@@ -610,7 +577,6 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
@@ -621,7 +587,9 @@ $Offset = 0 # Int32 | Offset into the full result set. Usually specified with *l
$Count = $true # Boolean | If *true* it will populate the *X-Total-Count* response header with the number of results that would be returned if *limit* and *offset* were ignored. Since requesting a total count can have a performance impact, it is recommended not to send **count=true** if that value will not be used. See [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters) for more information. (optional) (default to $false)
$Filters = 'id eq "bc693f07e7b645539626c25954c58554"' # String | Filter results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#filtering-results) Filtering is supported for the following fields and operators: **id**: *eq, in* **name**: *eq, in* **state**: *eq, in* (optional)
$Sorters = "id,name" # String | Sort results using the standard syntax described in [V3 API Standard Collection Parameters](https://developer.sailpoint.com/idn/api/standard-collection-parameters#sorting-results) Sorting is supported for the following fields: **id, name, created, modified, description** (optional)
# List SOD policies
try {
Get-SodPolicies
@@ -632,11 +600,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## patch-sod-policy
Allows updating SOD Policy fields other than ["id","created","creatorId","policyQuery","type"] using the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard.
Requires role of ORG_ADMIN.
This endpoint can only patch CONFLICTING_ACCESS_BASED type policies. Do not use this endpoint to patch general policies - doing so will build an API exception.
@@ -648,7 +613,6 @@ Path | Id | **String** | True | The ID of the SOD policy being modified.
Body | JsonPatchOperation | [**[]JsonPatchOperation**](../models/json-patch-operation) | True | A list of SOD Policy update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * ownerRef * externalPolicyReference * compensatingControls * correctionAdvice * state * tags * violationOwnerAssignmentConfig * scheduled * conflictingAccessCriteria
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
@@ -663,21 +627,21 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json-patch+json
- **Accept**: application/json
### Example
```powershell
$Id = "2c918083-5d19-1a86-015d-28455b4a2329" # String | The ID of the SOD policy being modified.
# JsonPatchOperation[] | A list of SOD Policy update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * ownerRef * externalPolicyReference * compensatingControls * correctionAdvice * state * tags * violationOwnerAssignmentConfig * scheduled * conflictingAccessCriteria
$JsonPatchOperation = @"{
"op" : "replace",
"path" : "/description",
"value" : "New description"
}"@
}"@ # JsonPatchOperation[] | A list of SOD Policy update operations according to the [JSON Patch](https://tools.ietf.org/html/rfc6902) standard. The following fields are patchable: * name * description * ownerRef * externalPolicyReference * compensatingControls * correctionAdvice * state * tags * violationOwnerAssignmentConfig * scheduled * conflictingAccessCriteria
# Patch SOD policy by ID
try {
$Result = ConvertFrom-JsonToJsonPatchOperation -Json $JsonPatchOperation
Update-SodPolicy-Id $Id -JsonPatchOperation $Result
@@ -689,11 +653,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-policy-schedule
This updates schedule for a specified SOD policy.
### Parameters
@@ -703,7 +664,6 @@ Path | Id | **String** | True | The ID of the SOD policy to update its schedu
Body | SodPolicySchedule | [**SodPolicySchedule**](../models/sod-policy-schedule) | True |
### Return type
[**SodPolicySchedule**](../models/sod-policy-schedule)
### Responses
@@ -717,7 +677,6 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
@@ -762,7 +721,9 @@ $SodPolicySchedule = @"{
"description" : "Schedule for policy xyz",
"emailEmptyResults" : false
}"@
# Update SOD Policy schedule
try {
$Result = ConvertFrom-JsonToSodPolicySchedule -Json $SodPolicySchedule
Send-PolicySchedule-Id $Id -SodPolicySchedule $Result
@@ -774,11 +735,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## put-sod-policy
This updates a specified SOD policy.
Requires role of ORG_ADMIN.
@@ -789,7 +747,6 @@ Path | Id | **String** | True | The ID of the SOD policy to update.
Body | SodPolicy | [**SodPolicy**](../models/sod-policy) | True |
### Return type
[**SodPolicy**](../models/sod-policy)
### Responses
@@ -804,7 +761,6 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
@@ -867,7 +823,9 @@ $SodPolicy = @"{
"state" : "ENFORCED",
"externalPolicyReference" : "XYZ policy"
}"@
# Update SOD policy by ID
try {
$Result = ConvertFrom-JsonToSodPolicy -Json $SodPolicy
Send-SodPolicy-Id $Id -SodPolicy $Result
@@ -879,11 +837,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-evaluate-sod-policy
Runs the scheduled report for the policy retrieved by passed policy ID. The report schedule is fetched from the policy retrieved by ID.
### Parameters
@@ -892,7 +847,6 @@ Param Type | Name | Data Type | Required | Description
Path | Id | **String** | True | The SOD policy ID to run.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
@@ -906,14 +860,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The SOD policy ID to run.
# Evaluate one policy by ID
try {
Start-EvaluateSodPolicy-Id $Id
@@ -924,11 +879,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-sod-all-policies-for-org
Runs multi-policy report for the org. If a policy reports more than 5000 violations, the report mentions that the violation limit was exceeded for that policy. If the request is empty, the report runs for all policies. Otherwise, the report runs for only the filtered policy list provided.
### Parameters
@@ -937,7 +889,6 @@ Param Type | Name | Data Type | Required | Description
Body | MultiPolicyRequest | [**MultiPolicyRequest**](../models/multi-policy-request) | (optional) |
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
@@ -951,7 +902,6 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: application/json
- **Accept**: application/json
@@ -960,7 +910,9 @@ Code | Description | Data Type
$MultiPolicyRequest = @"{
"filteredPolicyList" : [ "[b868cd40-ffa4-4337-9c07-1a51846cfa94, 63a07a7b-39a4-48aa-956d-50c827deba2a]", "[b868cd40-ffa4-4337-9c07-1a51846cfa94, 63a07a7b-39a4-48aa-956d-50c827deba2a]" ]
}"@
# Runs all policies for org
try {
Start-SodAllPoliciesForOrg
@@ -971,11 +923,8 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)
## start-sod-policy
This invokes processing of violation report for given SOD policy. If the policy reports more than 5000 violations, the report returns with violation limit exceeded message.
### Parameters
@@ -984,7 +933,6 @@ Param Type | Name | Data Type | Required | Description
Path | Id | **String** | True | The SOD policy ID to run.
### Return type
[**ReportResultReference**](../models/report-result-reference)
### Responses
@@ -999,14 +947,15 @@ Code | Description | Data Type
500 | Internal Server Error - Returned if there is an unexpected error. | ErrorResponseDto
### HTTP request headers
- **Content-Type**: Not defined
- **Accept**: application/json
### Example
```powershell
$Id = "ef38f943-47e9-4562-b5bb-8424a56397d8" # String | The SOD policy ID to run.
# Runs SOD policy violation report
try {
Start-SodPolicy-Id $Id
@@ -1017,7 +966,4 @@ try {
Write-Host $_.ErrorDetails
}
```
[[Back to top]](#)