Policy & Governance

Get Insights by Account

post

Retrieves insights for a specific account with optional filtering and field projection

Authorizations
Query parameters
fieldsstringOptional

Comma-separated list of fields to include in the response

Example: id,name,description,status
Body
querystringOptional

Search query string

labelsone ofOptional

Labels for filtering insights

stringOptional

Comma-separated labels

Example: security,compliance
or
string[]Optional

Array of labels

Example: ["security","compliance"]
frameworksstring[]Optional

Array of framework filters

categorystringOptional

Category filter

isDefaultboolean | nullableOptional

Default filter flag

onlySubscribedbooleanOptional

Filter for subscribed insights only

Example: false
onlyProductionbooleanOptional

Filter for production insights only

Example: false
onlyMatchingAssetsbooleanOptional

Filter for insights with matching assets

Example: false
onlyEnabledbooleanOptional

Filter for enabled insights only

Example: false
onlyAvailableProvidersbooleanOptional

Filter for available providers only

Example: true
showExclusionbooleanOptional

Show exclusion rules

Example: false
typestring[]Optional

Array of type filters

providersstring[]Optional

Array of provider filters

integrationsstring[]Optional

Array of integration filters

severitystring[]Optional

Array of severity filters

idone ofOptional

Array of specific insight ID filters or null

string[]Optional

Array of specific insight ID filters

Example: ["665088e83438d32bdda77193","661bf411f3a3638decfea721"]
or
nullOptional

No ID filter applied

pageinteger · min: 1Optional

Page number for pagination

Example: 1
page_sizeinteger · min: 1Optional

Number of items per page

Example: 50
sortingstring[]Optional

Array of sorting criteria

providersAcoountsstring[]Optional

Array of provider account filters

Example: ["awsobjects","k8sobjects","akamaiobjects","datadogobjects","oktaobjects","githubobjects","newrelicobjects","cloudflareobjects","gcpobjects","pagerdutyobjects","mongodbatlasobjects","azurermobjects","aws","kubernetes","akamai","datadog","okta","github","newrelic","cloudflare","google","pagerduty","mongodbatlas","azurerm"]
Responses
200

Insights retrieved successfully

application/json
post
POST /v2/governance/insights HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 734

{
  "query": "",
  "labels": "security,compliance",
  "frameworks": [],
  "category": "",
  "isDefault": null,
  "onlySubscribed": false,
  "onlyProduction": false,
  "onlyMatchingAssets": false,
  "onlyEnabled": false,
  "onlyAvailableProviders": true,
  "showExclusion": false,
  "type": [],
  "providers": [],
  "integrations": [],
  "severity": [],
  "id": [
    "665088e83438d32bdda77193",
    "661bf411f3a3638decfea721"
  ],
  "page": 1,
  "page_size": 50,
  "sorting": [],
  "providersAcoounts": [
    "awsobjects",
    "k8sobjects",
    "akamaiobjects",
    "datadogobjects",
    "oktaobjects",
    "githubobjects",
    "newrelicobjects",
    "cloudflareobjects",
    "gcpobjects",
    "pagerdutyobjects",
    "mongodbatlasobjects",
    "azurermobjects",
    "aws",
    "kubernetes",
    "akamai",
    "datadog",
    "okta",
    "github",
    "newrelic",
    "cloudflare",
    "google",
    "pagerduty",
    "mongodbatlas",
    "azurerm"
  ]
}
{
  "data": [
    {}
  ],
  "total": 1,
  "page": 1,
  "page_size": 1
}

Create a new Insight

post

Creates a new insight with the provided configuration. The endpoint validates required fields (name, code, type, providerIds) and tests the Rego code for validity before creation.

Authorizations
Body
namestringRequired

Name of the insight

descriptionstringOptional

Description of the insight

codestringRequired

Rego code for the insight rule (can be base64 encoded)

Example: ZmlyZWZseSB7CiAgICBtYXRjaAp9CgptYXRjaCB7CiAgICBpbnB1dC5iYXRjaF90YXJnZXQgPT0gInRlc3QiCn0=
typestring[]Required

Array of insight types

Example: ["aws_cloudwatch_event_target"]
providerIdsstring[]Required

Array of provider IDs this insight applies to

Example: ["aws_all","6616a2dbf4992fc0bab0463f"]
labelsone ofOptional

Labels for the insight

stringOptional

Comma-separated labels

Example: security,compliance
or
string[]Optional

Array of labels

Example: ["security","compliance"]
severityintegerOptional

Severity level of the insight

categorystringOptional

Category of the insight

Example: Misconfiguration
frameworksstring[]Optional

Array of compliance frameworks this insight relates to

Example: ["SOC2","ISO27001"]
Responses
200

Insight created successfully

application/json
post
POST /v2/governance/insights/create HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 333

{
  "name": "text",
  "description": "text",
  "code": "ZmlyZWZseSB7CiAgICBtYXRjaAp9CgptYXRjaCB7CiAgICBpbnB1dC5iYXRjaF90YXJnZXQgPT0gInRlc3QiCn0=",
  "type": [
    "aws_cloudwatch_event_target"
  ],
  "providerIds": [
    "aws_all",
    "6616a2dbf4992fc0bab0463f"
  ],
  "labels": "security,compliance",
  "severity": 1,
  "category": "Misconfiguration",
  "frameworks": [
    "SOC2",
    "ISO27001"
  ]
}
{
  "id": "text",
  "name": "text",
  "description": "text",
  "code": "text",
  "type": [
    "text"
  ],
  "providerIds": [
    "text"
  ],
  "labels": "security,compliance",
  "severity": "text",
  "category": "text",
  "frameworks": [
    "text"
  ]
}

Update an Insight

put

Updates an existing insight with the provided configuration. The endpoint validates required fields (name, code, type, providerIds) and tests the Rego code for validity before updating.

Authorizations
Path parameters
idstringRequired

The ID of the insight to update

Body
namestringRequired

Name of the insight

descriptionstringOptional

Description of the insight

codestringRequired

Rego code for the insight rule (can be base64 encoded)

Example: ZmlyZWZseSB7CiAgICBtYXRjaAp9CgptYXRjaCB7CiAgICBpbnB1dC5iYXRjaF90YXJnZXQgPT0gInRlc3QiCn0=
typestring[]Required

Array of insight types

Example: ["aws_cloudwatch_event_target"]
providerIdsstring[]Required

Array of provider IDs this insight applies to

Example: ["aws_all","6616a2dbf4992fc0bab0463f"]
labelsone ofOptional

Labels for the insight

stringOptional

Comma-separated labels

Example: security,compliance
or
string[]Optional

Array of labels

Example: ["security","compliance"]
severityintegerOptional

Severity level of the insight

categorystringOptional

Category of the insight

Example: Misconfiguration
frameworksstring[]Optional

Array of compliance frameworks this insight relates to

Example: ["SOC2","ISO27001"]
Responses
200

Insight updated successfully

application/json
put
PUT /v2/governance/insights/{id} HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 333

{
  "name": "text",
  "description": "text",
  "code": "ZmlyZWZseSB7CiAgICBtYXRjaAp9CgptYXRjaCB7CiAgICBpbnB1dC5iYXRjaF90YXJnZXQgPT0gInRlc3QiCn0=",
  "type": [
    "aws_cloudwatch_event_target"
  ],
  "providerIds": [
    "aws_all",
    "6616a2dbf4992fc0bab0463f"
  ],
  "labels": "security,compliance",
  "severity": 1,
  "category": "Misconfiguration",
  "frameworks": [
    "SOC2",
    "ISO27001"
  ]
}
{
  "id": "text",
  "name": "text",
  "description": "text",
  "code": "text",
  "type": [
    "text"
  ],
  "providerIds": [
    "text"
  ],
  "labels": "security,compliance",
  "severity": "text",
  "category": "text",
  "frameworks": [
    "text"
  ]
}

Delete a Classification

delete

Deletes a specific classification by ID

Authorizations
Path parameters
idstringRequired

The ID of the classification to delete

Responses
204

Classification deleted successfully

No content

delete
DELETE /v2/governance/classifications/{id} HTTP/1.1
Host: api.firefly.ai
Authorization: Bearer JWT
Accept: */*

No content

Last updated

Was this helpful?