» Policy Checks API
Note: Sentinel policies are a paid feature, available as part of the Team & Governance upgrade package. Learn more about Terraform Cloud pricing here.
» List Policy Checks
This endpoint lists the policy checks in a run.
Note: The sentinel hash in the result attribute structure represents low-level Sentinel details generated by the policy engine. The keys or structure may change over time. Use the data in this hash at your own risk.
GET /runs/:run_id/policy-checks
| Parameter | Description |
|---|---|
run_id |
The ID of the run to list policy checks for. |
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
https://app.terraform.io/api/v2/runs/run-CZcmD7eagjhyXavN/policy-checks
» Sample Response
{
"data": [
{
"id": "polchk-9VYRc9bpfJEsnwum",
"type": "policy-checks",
"attributes": {
"result": {
"result": false,
"passed": 0,
"total-failed": 1,
"hard-failed": 0,
"soft-failed": 1,
"advisory-failed": 0,
"duration-ms": 0,
"sentinel": {...}
},
"scope": "organization",
"status": "soft_failed",
"status-timestamps": {
"queued-at": "2017-11-29T20:02:17+00:00",
"soft-failed-at": "2017-11-29T20:02:20+00:00"
},
"actions": {
"is-overridable": true
},
"permissions": {
"can-override": false
}
},
"relationships": {
"run": {
"data": {
"id": "run-veDoQbv6xh6TbnJD",
"type": "runs"
}
}
},
"links": {
"output": "/api/v2/policy-checks/polchk-9VYRc9bpfJEsnwum/output"
}
}
]
}
» Show Policy Check
This endpoint gets information about a specific policy check ID. Policy check IDs can appear in audit logs.
Note: The sentinel hash in the result attribute structure represents low-level Sentinel details generated by the policy engine. The keys or structure may change over time. Use the data in this hash at your own risk.
GET /policy-checks/:id
| Parameter | Description |
|---|---|
id |
The ID of the policy check to show. |
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
https://app.terraform.io/api/v2/policy-checks/polchk-9VYRc9bpfJEsnwum
» Sample Response
{
"data": {
"id": "polchk-9VYRc9bpfJEsnwum",
"type": "policy-checks",
"attributes": {
"result": {
"result": false,
"passed": 0,
"total-failed": 1,
"hard-failed": 0,
"soft-failed": 1,
"advisory-failed": 0,
"duration-ms": 0,
"sentinel": {...}
},
"scope": "organization",
"status": "soft_failed",
"status-timestamps": {
"queued-at": "2017-11-29T20:02:17+00:00",
"soft-failed-at": "2017-11-29T20:02:20+00:00"
},
"actions": {
"is-overridable": true
},
"permissions": {
"can-override": false
}
},
"relationships": {
"run": {
"data": {
"id": "run-veDoQbv6xh6TbnJD",
"type": "runs"
}
}
},
"links": {
"output": "/api/v2/policy-checks/polchk-9VYRc9bpfJEsnwum/output"
}
}
}
» Override Policy
This endpoint overrides a soft-mandatory or warning policy.
Note: The sentinel hash in the result attribute structure represents low-level Sentinel details generated by the policy engine. The keys or structure may change over time. Use the data in this hash at your own risk.
POST /policy-checks/:id/actions/override
| Parameter | Description |
|---|---|
id |
The ID of the policy check to override. |
» Sample Request
curl \
--header "Authorization: Bearer $TOKEN" \
--header "Content-Type: application/vnd.api+json" \
--request POST \
https://app.terraform.io/api/v2/policy-checks/polchk-EasPB4Srx5NAiWAU/actions/override
» Sample Response
{
"data": {
"id": "polchk-EasPB4Srx5NAiWAU",
"type": "policy-checks",
"attributes": {
"result": {
"result": false,
"passed": 0,
"total-failed": 1,
"hard-failed": 0,
"soft-failed": 1,
"advisory-failed": 0,
"duration-ms": 0,
"sentinel": {...}
},
"scope": "organization",
"status": "overridden",
"status-timestamps": {
"queued-at": "2017-11-29T20:13:37+00:00",
"soft-failed-at": "2017-11-29T20:13:40+00:00",
"overridden-at": "2017-11-29T20:14:11+00:00"
},
"actions": {
"is-overridable": true
},
"permissions": {
"can-override": false
}
},
"links": {
"output": "/api/v2/policy-checks/polchk-EasPB4Srx5NAiWAU/output"
}
}
}