Documentation

PolicyCortex Policies API: Manage Cloud Governance Policies

Create, manage, and deploy governance policies using the PolicyCortex REST API. Programmatically control your policy-as-code infrastructure.

Policies API Documentation & Quick Start Guide

Quick Start

Create Your First Policy

Use the Policies API to create and deploy governance policies across your cloud infrastructure.

Create Policybash

curl -X POST https://api.policycortex.com/v1/policies \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "require-s3-encryption",
    "description": "Ensure all S3 buckets have encryption enabled",
    "resource_type": "AWS::S3::Bucket",
    "rules": [{
      "condition": "resource.encryption.enabled != true",
      "effect": "DENY",
      "message": "S3 bucket must have encryption enabled"
    }],
    "auto_remediation": true
  }'

API Endpoints

GET/v1/policies

List all policies with filtering and pagination support.

List Policiesbash

curl -X GET "https://api.policycortex.com/v1/policies?limit=10&offset=0&resource_type=AWS::S3::Bucket" \
  -H "Authorization: Bearer YOUR_API_KEY"

POST/v1/policies

Create a new governance policy.

Create Policyjson

{
  "name": "require-vpc-flow-logs",
  "description": "Ensure VPC Flow Logs are enabled",
  "resource_type": "AWS::EC2::VPC",
  "severity": "HIGH",
  "rules": [{
    "condition": "resource.flow_logs.enabled != true",
    "effect": "DENY",
    "message": "VPC must have flow logs enabled"
  }],
  "compliance_frameworks": ["SOC2", "HIPAA"],
  "auto_remediation": false,
  "tags": ["security", "networking"]
}

GET/v1/policies/:id

Retrieve details of a specific policy by ID.

Get Policybash

curl -X GET "https://api.policycortex.com/v1/policies/pol_abc123" \
  -H "Authorization: Bearer YOUR_API_KEY"

PUT/v1/policies/:id

Update an existing policy.

Update Policybash

curl -X PUT "https://api.policycortex.com/v1/policies/pol_abc123" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "severity": "CRITICAL",
    "auto_remediation": true
  }'

DELETE/v1/policies/:id

Delete a policy permanently.

Delete Policybash

curl -X DELETE "https://api.policycortex.com/v1/policies/pol_abc123" \
  -H "Authorization: Bearer YOUR_API_KEY"

Policy Structure

Policy Object Schema

Understanding the structure of a policy object for creation and updates.

Policy Schemajson

{
  "id": "pol_abc123",
  "name": "require-s3-encryption",
  "description": "Ensure all S3 buckets have encryption enabled",
  "resource_type": "AWS::S3::Bucket",
  "severity": "HIGH",
  "enabled": true,
  "rules": [{
    "condition": "resource.encryption.enabled != true",
    "effect": "DENY",
    "message": "S3 bucket must have encryption enabled"
  }],
  "compliance_frameworks": ["SOC2", "HIPAA", "PCI-DSS"],
  "auto_remediation": true,
  "remediation_action": "enable_default_encryption",
  "tags": ["security", "encryption"],
  "created_at": "2025-01-15T10:00:00Z",
  "updated_at": "2025-01-15T10:00:00Z",
  "created_by": "user_xyz789"
}

Required Fields

name: Policy identifier
resource_type: Target resource
rules: Array of rule conditions
effect: ALLOW or DENY

Optional Fields

description: Policy details
severity: LOW, MEDIUM, HIGH, CRITICAL
auto_remediation: Enable auto-fix
tags: Organizational labels

Query Parameters

Filtering

resource_type

severity

enabled

Pagination

limit: Results per page

offset: Starting position

cursor: Cursor-based paging

Sorting

sort_by: Field name

order: asc or desc

created_at

updated_at

Response Codes

Success Codes

200 OK: Request successful
201 Created: Resource created
204 No Content: Delete successful

Error Codes

400 Bad Request: Invalid input
401 Unauthorized: Invalid auth
404 Not Found: Policy not found
429 Rate Limited: Too many requests