LogoLogo
  • Welcome to Firefly Documentation
  • Introduction
    • What is Firefly?
    • Who is Firefly for?
    • Why use Firefly?
    • Terminology (Glossary)
  • Key Features
    • Infrastructure-as-Code Automation
    • Cloud Asset Inventory
    • Drift Detection & Remediation
    • Policy-as-Code for Compliance & Governance
    • Cost Visibility & Optimization
    • AI Assistant
    • ChatOps Integration
  • Getting Started
    • Account Setup & Onboarding
    • Connecting Additional Integrations
    • UI Walkthrough & Navigation
    • First Steps in Firefly
  • Detailed Guides
    • Dashboard Overview
    • Cloud Asset Inventory
      • Remediating Drifts
      • Deleting Assets
      • Creating IaC-Ignore Rules
      • Creating Exclude-Drift Rules
    • Policy & Governance
      • Creating Policy-as-Code Governance Rules
      • Remediating Policy Violations
    • Workflows & Guardrails
      • Creating Workflows
      • Creating Guardrail Rules
    • Codification
    • Self-Service
    • IaC Explorer
    • Event Center
    • Backup and Disaster Recovery
    • Notifications
    • User Management
    • SSO Configuration
  • Integrations
    • Integrations Overview
    • Integrating Data Sources
      • AWS
      • Azure
      • Google Cloud
      • Kubernetes
      • Akamai
      • Datadog
      • New Relic
      • Okta
      • GitHub
      • Cloudflare
      • NS1
      • PagerDuty
      • MongoDB Atlas
      • HashiCorp Vault
    • Integrating IaC Remote State
      • Terraform Cloud
      • Google Cloud Storage
      • env0
      • HashiCorp Consul
      • Firefly States Redactor
    • Integrating Version Control
      • GitHub
      • GitLab
      • Azure DevOps
      • CodeCommit
      • Bitbucket
    • Integrating Notifications
      • Slack
      • Microsoft Teams
      • PagerDuty
      • Opsgenie
      • Torq
      • Webex
      • Google Chat
      • Webhook
    • Integrating Project Management
      • Jira
      • ServiceNow
    • Integrating Workflows with CI/CD
    • Integrating Backstage
    • Integrating MCP
  • Use Cases & Best Practices
    • Cloud Governance & Visibility
    • Cost Optimization Strategies
    • Compliance and Security Best Practices
    • Infrastructure Automation & Self-Service
    • Best Practices and Implementation Tips
  • Analytics & Reporting
    • Analytics Dashboard Overview
    • Using Analytics for Improvement
    • Exporting and Sharing Reports
    • Analytics Security and Privacy
  • Code Snippets & Examples
    • Terraform Snippet for an AWS EC2 Instance (Codified via Firefly)
    • Example Rego Policy (OPA) for a Custom Rule
    • GitHub Actions Workflow YAML for Firefly Integration
    • JSON Output Example: Exporting Inventory
  • Troubleshooting & FAQs
    • Common Issues and Solutions
    • FAQs
  • General Information
    • Firefly API
      • Authentication
      • Inventory
      • Codification
      • Workflows
      • Self-Service
      • Policy & Governance
      • IaC Explorer
      • Event Center
      • Backup & Disaster Recovery
      • Notifications
      • Integrations
      • Identity & Access Management
    • Security & Compliance
    • Pricing Tiers & Add-ons
    • Contacting Support
Powered by GitBook
On this page

Was this helpful?

  1. General Information
  2. Firefly API

Workflows

PreviousCodificationNextSelf-Service

Last updated 2 months ago

Was this helpful?

Workspaces

Guardrails

Delete a Guardrail Rule

delete

Deletes a Guardrail Rule and its Associated Notification

Authorizations
Path parameters
ruleIdstringRequired

Unique identifier of the Guardrail Rule

Example: 0e01b22c-7f4b-5e0f-b1c1-faff031977f8Pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$
Responses
200
Guardrail Rule Deleted Successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
403
Insufficient permissions
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
delete
DELETE /v2/guardrails/{ruleId} HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Accept: */*
{
  "status": 200,
  "message": "Guardrail rule and notification deleted successfully"
}
  • Workspaces
  • POSTList Workspaces
  • DELETEDelete a workspace
  • PUTUpdate Workspace Labels
  • POSTList Workspace Runs
  • Guardrails
  • POSTList Guardrail Rules
  • POSTCreate a new Guardrail Rule
  • PATCHUpdate a Guardrail Rule
  • DELETEDelete a Guardrail Rule

Delete a workspace

delete

Deletes a specific workspace and its associated data

Authorizations
Path parameters
workspaceIdstringRequired

Unique identifier of the workspace

Example: 0e01b22c-7f4b-5e0f-b1c1-faff031977f8Pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$
Responses
200
Workspace deleted successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
delete
DELETE /v2/workspaces/{workspaceId} HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Accept: */*
{
  "status": 200,
  "data": {
    "message": "Workspace deleted successfully"
  }
}

List Workspaces

post

Lists all Workspaces with Filtering and Sorting Options. Supports VCS Providers Integration.

Authorizations
Query parameters
pageintegerOptionalDefault: 0
pageSizeinteger · min: 1OptionalDefault: 25
Body
all ofOptional
Responses
200
List of Workspaces Retrieved Successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
403
Insufficient permissions
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
post
POST /v2/workspaces/search HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 616

{
  "projection": [
    "text"
  ],
  "searchValue": "text",
  "filters": {
    "workspaceName": [
      "production-infra"
    ],
    "repositories": [
      "org/repo-name"
    ],
    "ciTool": [
      "github-actions"
    ],
    "labels": [
      "text"
    ],
    "status": [
      "plan_success"
    ],
    "isManagedWorkflow": true,
    "vcsType": [
      "github"
    ],
    "$or": {
      "workspaceName": [
        "production-infra"
      ],
      "repositories": [
        "org/repo-name"
      ],
      "ciTool": [
        "github-actions"
      ],
      "labels": [
        "text"
      ],
      "status": [
        "plan_success"
      ],
      "isManagedWorkflow": true,
      "vcsType": [
        "github"
      ]
    }
  },
  "sort": [
    {
      "lastRunTime": {
        "order": -1
      },
      "workspaceName": {
        "order": -1
      },
      "repository": {
        "order": -1
      },
      "terraformVersion": {
        "order": -1
      },
      "lastRunStatus": {
        "order": -1
      },
      "ciTool": {
        "order": -1
      }
    }
  ]
}
[
  {
    "id": "507f1f77bcf86cd799439011",
    "accountId": "507f1f77bcf86cd799439011",
    "createdAt": "2025-06-05T09:51:09.305Z",
    "updatedAt": "2025-06-05T09:51:09.305Z",
    "workspaceId": "507f1f77bcf86cd799439012",
    "workspaceName": "production-infra",
    "repo": "org/repo-name",
    "repoUrl": "https://github.com/org/repo-name",
    "vcsType": "github",
    "runnerType": "github-actions",
    "lastRunStatus": {
      "description": "text"
    },
    "lastApplyTime": "2025-06-05T09:51:09.305Z",
    "lastPlanTime": "2025-06-05T09:51:09.305Z",
    "lastRunTime": "2025-06-05T09:51:09.305Z",
    "iacType": "terraform",
    "iacTypeVersion": "1.0.11",
    "backendSummary": {
      "backendType": "s3",
      "backendConfig": {
        "bucket": "terraform-state",
        "key": "prod/terraform.tfstate"
      },
      "iacStackId": "stack-123",
      "managedResourceCount": 42
    },
    "labels": [
      "prod",
      "terraform"
    ],
    "runsCount": 5,
    "isWorkflowManaged": true,
    "guardrails": [
      "cost",
      "security"
    ]
  }
]

Update Workspace Labels

put

Updates Labels for a specific Workspace

Authorizations
Path parameters
workspaceIdstringRequired

Unique identifier of the workspace

Example: 0e01b22c-7f4b-5e0f-b1c1-faff031977f8Pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$
Body
labelsstring[]Required

List of labels to assign to the workspace

Responses
200
Workspace Labels Updated Successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
403
Insufficient permissions
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
put
PUT /v2/workspaces/{workspaceId}/labels HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 19

{
  "labels": [
    "text"
  ]
}
{
  "id": "507f1f77bcf86cd799439015",
  "workspaceName": "production-infra",
  "labels": [
    "production",
    "terraform",
    "critical"
  ],
  "updatedAt": "2025-06-05T09:51:09.305Z"
}

List Workspace Runs

post

Lists all Runs for a specific Workspace

Authorizations
Path parameters
workspaceIdstringRequired

Unique identifier of the workspace

Example: 0e01b22c-7f4b-5e0f-b1c1-faff031977f8Pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$
Query parameters
pageintegerOptionalDefault: 0
pageSizeinteger · min: 1OptionalDefault: 25
Body
all ofOptional
Responses
200
List of Workspace Runs Retrieved Successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
403
Insufficient permissions
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
post
POST /v2/workspaces/{workspaceId}/runs/search HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 1368

{
  "projection": [
    "text"
  ],
  "searchValue": "text",
  "filters": {
    "runId": [
      "run-123456"
    ],
    "runName": [
      "Deploy to Production"
    ],
    "status": [
      "plan_success"
    ],
    "pullRequestUrl": [
      "https://github.com/org/repo/pull/123"
    ],
    "branch": [
      "main"
    ],
    "commitId": [
      "abc123def456"
    ],
    "ciTool": [
      "github-actions"
    ],
    "buildId": [
      "build-789012"
    ],
    "buildName": [
      "CI Build"
    ],
    "buildUrl": [
      "https://github.com/org/repo/actions/runs/789012"
    ],
    "vcsType": [
      "github"
    ],
    "repository": [
      "org/repo"
    ],
    "repositoryUrl": [
      "https://github.com/org/repo"
    ],
    "title": [
      "Update infrastructure for new feature"
    ],
    "createdAt": "2025-06-05T09:51:09.305Z",
    "updatedAt": "2025-06-05T09:51:09.305Z",
    "$or": {
      "runId": [
        "run-123456"
      ],
      "runName": [
        "Deploy to Production"
      ],
      "status": [
        "plan_success"
      ],
      "pullRequestUrl": [
        "https://github.com/org/repo/pull/123"
      ],
      "branch": [
        "main"
      ],
      "commitId": [
        "abc123def456"
      ],
      "ciTool": [
        "github-actions"
      ],
      "buildId": [
        "build-789012"
      ],
      "buildName": [
        "CI Build"
      ],
      "buildUrl": [
        "https://github.com/org/repo/actions/runs/789012"
      ],
      "vcsType": [
        "github"
      ],
      "repository": [
        "org/repo"
      ],
      "repositoryUrl": [
        "https://github.com/org/repo"
      ],
      "title": [
        "Update infrastructure for new feature"
      ],
      "createdAt": "2025-06-05T09:51:09.305Z",
      "updatedAt": "2025-06-05T09:51:09.305Z"
    }
  },
  "sort": [
    {
      "updatedAt": {
        "order": -1
      },
      "title": {
        "order": -1
      },
      "commitId": {
        "order": -1
      },
      "branch": {
        "order": -1
      },
      "status": {
        "order": -1
      },
      "ciTool": {
        "order": -1
      },
      "vcsType": {
        "order": -1
      },
      "repository": {
        "order": -1
      }
    }
  ]
}
[
  {
    "id": "507f1f77bcf86cd799439011",
    "accountId": "507f1f77bcf86cd799439011",
    "createdAt": "2025-06-05T09:51:09.305Z",
    "updatedAt": "2025-06-05T09:51:09.305Z",
    "workspaceId": "507f1f77bcf86cd799439012",
    "workspaceName": "production-infra",
    "runId": "run-123456",
    "runName": "Deploy to Production",
    "status": "plan_success",
    "pullRequestId": "123",
    "pullRequestUrl": "https://github.com/org/repo/pull/123",
    "branch": "main",
    "commitId": "abc123def456",
    "commitUrl": "https://github.com/org/repo/commit/abc123def456",
    "runnerType": "github-actions",
    "buildId": "build-789012",
    "buildUrl": "https://github.com/org/repo/actions/runs/789012",
    "buildName": "CI Build",
    "vcsType": "github",
    "repo": "org/repo",
    "repoUrl": "https://github.com/org/repo",
    "ownerSummary": {
      "email": "john.doe@example.com",
      "name": "John Doe",
      "initials": "JD",
      "customColor": "#00000F"
    },
    "title": "Update infrastructure for new feature",
    "terraformVersion": "1.0.11",
    "iacType": "terraform",
    "backendSummary": {
      "backendType": "s3",
      "backendConfig": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "iacStackId": "text",
      "managedResourceCount": 1
    },
    "planTaskId": "507f1f77bcf86cd799439013",
    "applyTaskId": "507f1f77bcf86cd799439014",
    "plan": [
      {
        "id": "507f1f77bcf86cd799439011",
        "accountId": "507f1f77bcf86cd799439011",
        "createdAt": "2025-06-05T09:51:09.305Z",
        "updatedAt": "2025-06-05T09:51:09.305Z",
        "contentKeys": {
          "ANY_ADDITIONAL_PROPERTY": "text"
        },
        "status": "completed",
        "resultStatus": "success",
        "type": {
          "description": "text"
        },
        "guardrailsSummary": {
          "total": 10,
          "passed": 8,
          "failed": 2,
          "violations": [
            {
              "id": "v1",
              "severity": "high",
              "message": "Resource does not have required tags"
            }
          ],
          "description": "text"
        },
        "backendSummary": {
          "type": "s3",
          "config": {
            "bucket": "terraform-state",
            "key": "prod/terraform.tfstate"
          },
          "resources": 42,
          "description": "text"
        },
        "changedFilesCodeSummary": {
          "total": 5,
          "added": 2,
          "modified": 3,
          "deleted": 0,
          "files": [
            {
              "path": "main.tf",
              "type": "modified"
            }
          ],
          "description": "text"
        },
        "vcsType": {
          "description": "text"
        },
        "runnerType": {
          "description": "text"
        }
      }
    ],
    "apply": [
      {
        "id": "507f1f77bcf86cd799439011",
        "accountId": "507f1f77bcf86cd799439011",
        "createdAt": "2025-06-05T09:51:09.305Z",
        "updatedAt": "2025-06-05T09:51:09.305Z",
        "contentKeys": {
          "ANY_ADDITIONAL_PROPERTY": "text"
        },
        "status": "completed",
        "resultStatus": "success",
        "type": {
          "description": "text"
        },
        "guardrailsSummary": {
          "total": 10,
          "passed": 8,
          "failed": 2,
          "violations": [
            {
              "id": "v1",
              "severity": "high",
              "message": "Resource does not have required tags"
            }
          ],
          "description": "text"
        },
        "backendSummary": {
          "type": "s3",
          "config": {
            "bucket": "terraform-state",
            "key": "prod/terraform.tfstate"
          },
          "resources": 42,
          "description": "text"
        },
        "changedFilesCodeSummary": {
          "total": 5,
          "added": 2,
          "modified": 3,
          "deleted": 0,
          "files": [
            {
              "path": "main.tf",
              "type": "modified"
            }
          ],
          "description": "text"
        },
        "vcsType": {
          "description": "text"
        },
        "runnerType": {
          "description": "text"
        }
      }
    ]
  }
]

List Guardrail Rules

post

Returns a list of guardrails rules based on filter criteria

Authorizations
Query parameters
pageintegerOptionalDefault: 0
pageSizeinteger · min: 1OptionalDefault: 25
Body
all ofOptional
Responses
200
List of guardrail rules retrieved successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
403
Insufficient permissions
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
post
POST /v2/guardrails/search HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 496

{
  "projection": [
    "text"
  ],
  "searchValue": "text",
  "filters": {
    "createdBy": [
      "John Doe"
    ],
    "type": [
      "policy",
      "cost"
    ],
    "labels": [
      "production"
    ],
    "repositories": [
      "my-repo"
    ],
    "workspaces": [
      "my-workspace"
    ],
    "branches": [
      "main"
    ],
    "$or": {
      "createdBy": [
        "John Doe"
      ],
      "type": [
        "policy",
        "cost"
      ],
      "labels": [
        "production"
      ],
      "repositories": [
        "my-repo"
      ],
      "workspaces": [
        "my-workspace"
      ],
      "branches": [
        "main"
      ]
    }
  },
  "sort": [
    {
      "createdAt": {
        "order": -1
      },
      "accountId": {
        "order": -1
      },
      "createdBy": {
        "order": -1
      },
      "name": {
        "order": -1
      },
      "severity": {
        "order": -1
      }
    }
  ]
}
[
  {
    "id": "507f1f77bcf86cd799439012",
    "accountId": "507f1f77bcf86cd799439012",
    "createdBy": "507f1f77bcf86cd799439012",
    "name": "text",
    "type": "policy",
    "scope": {
      "workspaces": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      },
      "repositories": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      },
      "branches": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      },
      "labels": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      }
    },
    "criteria": {
      "cost": {
        "thresholdAmount": 1,
        "thresholdPercentage": 1
      },
      "policy": {
        "severity": "text",
        "policies": {
          "include": [
            "text"
          ],
          "exclude": [
            "text"
          ]
        }
      },
      "resource": {
        "actions": [
          "create"
        ],
        "regions": {
          "include": [
            "text"
          ],
          "exclude": [
            "text"
          ]
        },
        "assetTypes": {
          "include": [
            "text"
          ],
          "exclude": [
            "text"
          ]
        },
        "specificResources": [
          "text"
        ]
      },
      "tag": {
        "tagEnforcementMode": "requiredTags",
        "requiredTags": [
          "text"
        ],
        "requiredValues": {
          "ANY_ADDITIONAL_PROPERTY": [
            "text"
          ]
        }
      }
    },
    "isEnabled": true,
    "createdAt": "2025-06-05T09:51:09.305Z",
    "updatedAt": "2025-06-05T09:51:09.305Z",
    "notificationId": "507f1f77bcf86cd799439012",
    "severity": 0
  }
]

Create a new Guardrail Rule

post

Creates a new guardrail rule with optional notification setup

Authorizations
Body
all ofOptional
Responses
200
Guardrail Rule Created Successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
403
Insufficient permissions
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
post
POST /v2/guardrails HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 913

{
  "accountId": "507f1f77bcf86cd799439012",
  "createdBy": "507f1f77bcf86cd799439012",
  "name": "text",
  "type": "policy",
  "scope": {
    "workspaces": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    },
    "repositories": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    },
    "branches": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    },
    "labels": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    }
  },
  "criteria": {
    "cost": {
      "thresholdAmount": 1,
      "thresholdPercentage": 1
    },
    "policy": {
      "severity": "text",
      "policies": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      }
    },
    "resource": {
      "actions": [
        "create"
      ],
      "regions": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      },
      "assetTypes": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      },
      "specificResources": [
        "text"
      ]
    },
    "tag": {
      "tagEnforcementMode": "requiredTags",
      "requiredTags": [
        "text"
      ],
      "requiredValues": {
        "ANY_ADDITIONAL_PROPERTY": [
          "text"
        ]
      }
    }
  },
  "isEnabled": true,
  "createdAt": "2025-06-05T09:51:09.305Z",
  "updatedAt": "2025-06-05T09:51:09.305Z",
  "notificationId": "507f1f77bcf86cd799439012",
  "severity": 0
}
{
  "ruleId": "507f1f77bcf86cd799439011",
  "notificationId": "507f1f77bcf86cd799439012"
}

Update a Guardrail Rule

patch

Updates an existing Guardrail Rule and its Notifications

Authorizations
Path parameters
ruleIdstringRequired

Unique identifier of the Guardrail Rule

Example: 0e01b22c-7f4b-5e0f-b1c1-faff031977f8Pattern: ^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$
Body
idstringRead-onlyOptional

Unique identifier of the guardrail rule

Example: 507f1f77bcf86cd799439012Pattern: ^[0-9a-fA-F]{24}$
accountIdstringOptional

Unique identifier of the associated account

Example: 507f1f77bcf86cd799439012Pattern: ^[0-9a-fA-F]{24}$
createdBystringOptional

Unique identifier of the user who created the rule

Example: 507f1f77bcf86cd799439012Pattern: ^[0-9a-fA-F]{24}$
namestringOptional

Name of the guardrail rule

typestring · enumOptional

Type of the guardrail rule

Possible values:
scopeall ofOptional
and
anyOptional

Scope of the guardrail rule

isEnabledbooleanOptional

Whether the rule is enabled

createdAtstring · date-timeOptional

Timestamp when the rule was created

updatedAtstring · date-timeOptional

Timestamp when the rule was last updated

notificationIdstringOptional

Unique identifier of the associated notification configuration

Example: 507f1f77bcf86cd799439012Pattern: ^[0-9a-fA-F]{24}$
severityinteger · enumOptional

Severity level of the guardrail rule

Possible values:
Responses
200
Guardrail Rule Updated Successfully
application/json
400
Bad Request Error
application/json
401
Unauthorized Error
application/json
403
Insufficient permissions
application/json
404
Not Found Error
application/json
500
Internal Server Error
application/json
patch
PATCH /v2/guardrails/{ruleId} HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 913

{
  "accountId": "507f1f77bcf86cd799439012",
  "createdBy": "507f1f77bcf86cd799439012",
  "name": "text",
  "type": "policy",
  "scope": {
    "workspaces": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    },
    "repositories": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    },
    "branches": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    },
    "labels": {
      "include": [
        "text"
      ],
      "exclude": [
        "text"
      ]
    }
  },
  "criteria": {
    "cost": {
      "thresholdAmount": 1,
      "thresholdPercentage": 1
    },
    "policy": {
      "severity": "text",
      "policies": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      }
    },
    "resource": {
      "actions": [
        "create"
      ],
      "regions": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      },
      "assetTypes": {
        "include": [
          "text"
        ],
        "exclude": [
          "text"
        ]
      },
      "specificResources": [
        "text"
      ]
    },
    "tag": {
      "tagEnforcementMode": "requiredTags",
      "requiredTags": [
        "text"
      ],
      "requiredValues": {
        "ANY_ADDITIONAL_PROPERTY": [
          "text"
        ]
      }
    }
  },
  "isEnabled": true,
  "createdAt": "2025-06-05T09:51:09.305Z",
  "updatedAt": "2025-06-05T09:51:09.305Z",
  "notificationId": "507f1f77bcf86cd799439012",
  "severity": 0
}
{
  "id": "507f1f77bcf86cd799439011",
  "name": "Enforce S3 Encryption",
  "enabled": true,
  "updatedAt": "2024-11-11T10:00:00Z"
}