diff --git a/static/api-specs/idn/sailpoint-api.v3.yaml b/static/api-specs/idn/sailpoint-api.v3.yaml index 2190f39c2..5b6aa0677 100644 --- a/static/api-specs/idn/sailpoint-api.v3.yaml +++ b/static/api-specs/idn/sailpoint-api.v3.yaml @@ -579,6 +579,8 @@ tags: - [Zendesk Service Desk](https://documentation.sailpoint.com/connectors/zendesk/help/integrating_zendesk_sd/introduction.html) - name: SOD Policy description: Operations for Creating & Executing SOD (Seperation of Duties) policies + - name: SOD Violations + description: Operations for Predicting SOD (Seperation of Duties) violations - name: Sources description: | Use this API to implement and customize source functionality. @@ -858,6 +860,12 @@ paths: $ref: './v3/paths/sod-policy.yaml' /sod-policies/{id}/schedule: $ref: './v3/paths/sod-schedule.yaml' + /sod-policies/{id}/violation-report/run: + $ref: './v3/paths/sod-report-run.yaml' + /sod-policies/{id}/violation-report: + $ref: './v3/paths/sod-violation-report.yaml' + /sod-violation-report-status/{reportResultId}: + $ref: './v3/paths/sod-violation-report-status.yaml' /sources: $ref: "./v3/paths/sources.yaml" /sources/{id}: diff --git a/static/api-specs/idn/v3/paths/sod-policy.yaml b/static/api-specs/idn/v3/paths/sod-policy.yaml index c1f9e9cf0..05413f05c 100644 --- a/static/api-specs/idn/v3/paths/sod-policy.yaml +++ b/static/api-specs/idn/v3/paths/sod-policy.yaml @@ -114,17 +114,17 @@ get: "modified": "2020-05-12T19:47:38Z" } '400': - $ref: '../../v3/responses/400.yaml' + $ref: '../responses/400.yaml' '401': - $ref: '../../v3/responses/401.yaml' + $ref: '../responses/401.yaml' '403': - $ref: '../../v3/responses/403.yaml' + $ref: '../responses/403.yaml' '404': - $ref: '../../v3/responses/404.yaml' + $ref: '../responses/404.yaml' '429': - $ref: '../../v3/responses/429.yaml' + $ref: '../responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' + $ref: '../responses/500.yaml' put: security: - oauth2: [idn:sod-policy:write] @@ -326,17 +326,17 @@ put: "modified": "2020-05-12T19:47:38Z" } '400': - $ref: '../../v3/responses/400.yaml' + $ref: '../responses/400.yaml' '401': - $ref: '../../v3/responses/401.yaml' + $ref: '../responses/401.yaml' '403': - $ref: '../../v3/responses/403.yaml' + $ref: '../responses/403.yaml' '404': - $ref: '../../v3/responses/404.yaml' + $ref: '../responses/404.yaml' '429': - $ref: '../../v3/responses/429.yaml' + $ref: '../responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' + $ref: '../responses/500.yaml' delete: security: - oauth2: [idn:sod-policy:write] @@ -371,17 +371,17 @@ delete: '204': description: No content. '400': - $ref: '../../v3/responses/400.yaml' + $ref: '../responses/400.yaml' '401': - $ref: '../../v3/responses/401.yaml' + $ref: '../responses/401.yaml' '403': - $ref: '../../v3/responses/403.yaml' + $ref: '../responses/403.yaml' '404': - $ref: '../../v3/responses/404.yaml' + $ref: '../responses/404.yaml' '429': - $ref: '../../v3/responses/429.yaml' + $ref: '../responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' + $ref: '../responses/500.yaml' patch: security: - oauth2: [idn:sod-policy:write] @@ -547,14 +547,14 @@ patch: "modified": "2020-05-12T19:47:38Z" } '400': - $ref: '../../v3/responses/400.yaml' + $ref: '../responses/400.yaml' '401': - $ref: '../../v3/responses/401.yaml' + $ref: '../responses/401.yaml' '403': - $ref: '../../v3/responses/403.yaml' + $ref: '../responses/403.yaml' '404': - $ref: '../../v3/responses/404.yaml' + $ref: '../responses/404.yaml' '429': - $ref: '../../v3/responses/429.yaml' + $ref: '../responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' + $ref: '../responses/500.yaml' diff --git a/static/api-specs/idn/v3/paths/sod-report-run.yaml b/static/api-specs/idn/v3/paths/sod-report-run.yaml new file mode 100644 index 000000000..8128a5579 --- /dev/null +++ b/static/api-specs/idn/v3/paths/sod-report-run.yaml @@ -0,0 +1,43 @@ +post: + security: + - oauth2: [idn:sod-violation:write] + operationId: startSodPolicy + tags: + - SOD Policy + summary: Runs SOD policy violation report + description: >- + This invokes processing of violation report for given SOD policy. If the policy reports more than 5000 violations, the report returns with + violation limit exceeded message. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The SOD policy ID to run. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '200': + description: Reference to the violation report run task. + content: + application/json: + schema: + $ref: '../schemas/ReportResultReference.yaml' + example: { + "status": "PENDING", + "type": "REPORT_RESULT", + "id": "2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "name": "policy-xyz" + } + '400': + $ref: '../responses/400.yaml' + '401': + $ref: '../responses/401.yaml' + '403': + $ref: '../responses/403.yaml' + '404': + $ref: '../responses/404.yaml' + '429': + $ref: '../responses/429.yaml' + '500': + $ref: '../responses/500.yaml' diff --git a/static/api-specs/idn/v3/paths/sod-schedule.yaml b/static/api-specs/idn/v3/paths/sod-schedule.yaml index 8cc7f0a0f..f8a199bab 100644 --- a/static/api-specs/idn/v3/paths/sod-schedule.yaml +++ b/static/api-specs/idn/v3/paths/sod-schedule.yaml @@ -23,15 +23,15 @@ get: schema: $ref: '../schemas/SodPolicySchedule.yaml' '400': - $ref: '../../v3/responses/400.yaml' + $ref: '../responses/400.yaml' '401': - $ref: '../../v3/responses/401.yaml' + $ref: '../responses/401.yaml' '403': - $ref: '../../v3/responses/403.yaml' + $ref: '../responses/403.yaml' '429': - $ref: '../../v3/responses/429.yaml' + $ref: '../responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' + $ref: '../responses/500.yaml' put: security: - oauth2: [idn:sod-policy:write] @@ -63,15 +63,15 @@ put: schema: $ref: '../schemas/SodPolicySchedule.yaml' '400': - $ref: '../../v3/responses/400.yaml' + $ref: '../responses/400.yaml' '401': - $ref: '../../v3/responses/401.yaml' + $ref: '../responses/401.yaml' '403': - $ref: '../../v3/responses/403.yaml' + $ref: '../responses/403.yaml' '429': - $ref: '../../v3/responses/429.yaml' + $ref: '../responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' + $ref: '../responses/500.yaml' delete: security: - oauth2: [idn:sod-policy:write] @@ -93,14 +93,14 @@ delete: '204': description: No content response. '400': - $ref: '../../v3/responses/400.yaml' + $ref: '../responses/400.yaml' '401': - $ref: '../../v3/responses/401.yaml' + $ref: '../responses/401.yaml' '403': - $ref: '../../v3/responses/403.yaml' + $ref: '../responses/403.yaml' '404': - $ref: '../../v3/responses/404.yaml' + $ref: '../responses/404.yaml' '429': - $ref: '../../v3/responses/429.yaml' + $ref: '../responses/429.yaml' '500': - $ref: '../../v3/responses/500.yaml' + $ref: '../responses/500.yaml' diff --git a/static/api-specs/idn/v3/paths/sod-violation-report-status.yaml b/static/api-specs/idn/v3/paths/sod-violation-report-status.yaml new file mode 100644 index 000000000..e7d038c07 --- /dev/null +++ b/static/api-specs/idn/v3/paths/sod-violation-report-status.yaml @@ -0,0 +1,42 @@ +get: + security: + - oauth2: [idn:sod-violation:read] + operationId: getSodViolationReportRunStatus + tags: + - SOD Policy + summary: Get violation report run status + description: >- + This gets the status for a violation report run task that has already been invoked. + parameters: + - in: path + name: reportResultId + schema: + type: string + required: true + description: The ID of the report reference to retrieve. + example: 2e8d8180-24bc-4d21-91c6-7affdb473b0d + responses: + '200': + description: Status of the violation report run task. + content: + application/json: + schema: + $ref: '../schemas/ReportResultReference.yaml' + example: { + "status": "SUCCESS", + "type": "REPORT_RESULT", + "id": "2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "name": "policy-xyz" + } + '400': + $ref: '../responses/400.yaml' + '401': + $ref: '../responses/401.yaml' + '403': + $ref: '../responses/403.yaml' + '404': + $ref: '../responses/404.yaml' + '429': + $ref: '../responses/429.yaml' + '500': + $ref: '../responses/500.yaml' diff --git a/static/api-specs/idn/v3/paths/sod-violation-report.yaml b/static/api-specs/idn/v3/paths/sod-violation-report.yaml new file mode 100644 index 000000000..4550114a0 --- /dev/null +++ b/static/api-specs/idn/v3/paths/sod-violation-report.yaml @@ -0,0 +1,42 @@ +get: + security: + - oauth2: [idn:sod-violation:read] + operationId: getSodViolationReportStatus + tags: + - SOD Policy + summary: Get SOD violation report status + description: >- + This gets the status for a violation report run task that has already been invoked. + parameters: + - in: path + name: id + schema: + type: string + required: true + description: The ID of the violation report to retrieve status for. + example: ef38f943-47e9-4562-b5bb-8424a56397d8 + responses: + '200': + description: Status of the violation report run task. + content: + application/json: + schema: + $ref: '../schemas/ReportResultReference.yaml' + example: { + "status": "SUCCESS", + "type": "REPORT_RESULT", + "id": "2e8d8180-24bc-4d21-91c6-7affdb473b0d", + "name": "policy-xyz" + } + '400': + $ref: '../responses/400.yaml' + '401': + $ref: '../responses/401.yaml' + '403': + $ref: '../responses/403.yaml' + '404': + $ref: '../responses/404.yaml' + '429': + $ref: '../responses/429.yaml' + '500': + $ref: '../responses/500.yaml' diff --git a/static/api-specs/idn/v3/schemas/ReportResultReference.yaml b/static/api-specs/idn/v3/schemas/ReportResultReference.yaml new file mode 100644 index 000000000..a2d9d2916 --- /dev/null +++ b/static/api-specs/idn/v3/schemas/ReportResultReference.yaml @@ -0,0 +1,15 @@ +allOf: +- $ref: '../schemas/BaseReferenceDto.yaml' +- type : object + properties: + status: + type: string + description: Status of a violation report + enum: + - SUCCESS + - WARNING + - ERROR + - TERMINATED + - TEMP_ERROR + - PENDING + example: PENDING