Policies | Nitride

Nitride

Documentation Tutorials

List all policies

get

Retrieves a list of all policy configurations

Query parameters

liststring · enumRequired

Must be set to 'true' to retrieve the list

Possible values:

Responses

200

Policy list retrieved successfully

application/json

get

GET /v1/auth/ratls/policies/ HTTP/1.1
Host: localhost:8200
Accept: */*

200

Policy list retrieved successfully

{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "keys": [
      "text"
    ]
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Get policy details

get

Retrieves detailed information about a specific policy

Path parameters

namestringRequired

Policy name

Responses

200

Policy details retrieved successfully

application/json

400

Policy not found

get

GET /v1/auth/ratls/policies/{name} HTTP/1.1
Host: localhost:8200
Accept: */*

{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {
    "created": 1,
    "identities": {
      "firmware": [
        {
          "name": "text",
          "policy": {
            "ANY_ADDITIONAL_PROPERTY": true
          }
        }
      ],
      "metadata": {
        "name": "text",
        "policy": null
      },
      "platform": null,
      "provider": "text",
      "workload": {
        "name": "text",
        "policy": {
          "ANY_ADDITIONAL_PROPERTY": true
        }
      }
    },
    "name": "text"
  },
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Delete policy

delete

Removes a specific policy configuration

Path parameters

namestringRequired

Policy name

Responses

200

Policy deleted successfully

application/json

400

Policy not found or invalid request

application/json

delete

DELETE /v1/auth/ratls/policies/{name} HTTP/1.1
Host: localhost:8200
Accept: */*

{
  "request_id": "text",
  "lease_id": "text",
  "renewable": true,
  "lease_duration": 1,
  "data": {},
  "wrap_info": null,
  "warnings": null,
  "auth": null
}

Update policy

post

Updates an existing policy configuration

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

identitiesobject · mapRequired

A map of all identity types with their respective selector

Default:

{"provider":"azure-sev-snp-vtpm","platform":null,"firmware":[{"name":"azure-dc2asv5","policy":null},{"name":"azure-dc4asv5","policy":null}],"workload":{"name":"azure-ubuntu","policy":{"pcrs.0":false}},"metadata":null}

namestringRequired

Name of the policy

Responses

200

Policy updated successfully

application/json

400

Invalid request body or policy not found

application/json

post

POST /v1/auth/ratls/policies HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 43

{
  "created": 1,
  "identities": {},
  "name": "text"
}

{
  "auth": {},
  "data": {
    "created": 1,
    "identities": {},
    "name": "text"
  }
}

Create policy

put

Creates a new policy configuration

Body

createdinteger · int64Required

Creation timestamp, set by the plugin

identitiesobject · mapRequired

A map of all identity types with their respective selector

Default:

{"provider":"azure-sev-snp-vtpm","platform":null,"firmware":[{"name":"azure-dc2asv5","policy":null},{"name":"azure-dc4asv5","policy":null}],"workload":{"name":"azure-ubuntu","policy":{"pcrs.0":false}},"metadata":null}

namestringRequired

Name of the policy

Responses

200

Policy created successfully

application/json

400

Invalid request body

put

PUT /v1/auth/ratls/policies HTTP/1.1
Host: localhost:8200
Content-Type: application/json
Accept: */*
Content-Length: 43

{
  "created": 1,
  "identities": {},
  "name": "text"
}

{
  "auth": {},
  "data": {
    "created": 1,
    "identities": {},
    "name": "text"
  }
}